fedora-infra / datagrepper

HTTP API for datanommer and the fedmsg bus
https://apps.fedoraproject.org/datagrepper/
GNU General Public License v2.0
43 stars 34 forks source link

Update pre-commit hook PyCQA/bandit to v1.7.7 #677

Closed renovate[bot] closed 10 months ago

renovate[bot] commented 10 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
PyCQA/bandit repository patch 1.7.6 -> 1.7.7

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.


Release Notes

PyCQA/bandit (PyCQA/bandit) ### [`v1.7.7`](https://togithub.com/PyCQA/bandit/releases/tag/1.7.7) [Compare Source](https://togithub.com/PyCQA/bandit/compare/1.7.6...1.7.7) ##### What's Changed - Add the new release to bandit versions of bug template by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1075](https://togithub.com/PyCQA/bandit/pull/1075) - Bump actions/setup-python from 4 to 5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1076](https://togithub.com/PyCQA/bandit/pull/1076) - Handle variant in how policy is passed in paramiko by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1078](https://togithub.com/PyCQA/bandit/pull/1078) - Flag str.replace as possible sql injection by [@​costaparas](https://togithub.com/costaparas) in [https://github.com/PyCQA/bandit/pull/1044](https://togithub.com/PyCQA/bandit/pull/1044) - defusedxml: Show correct module name by [@​kajinamit](https://togithub.com/kajinamit) in [https://github.com/PyCQA/bandit/pull/1081](https://togithub.com/PyCQA/bandit/pull/1081) - Add tidelift to the sponsor funding list by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1089](https://togithub.com/PyCQA/bandit/pull/1089) - Create a security policy by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1091](https://togithub.com/PyCQA/bandit/pull/1091) - Fix up issues found running Bandit on itself by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1093](https://togithub.com/PyCQA/bandit/pull/1093) - Add random.randbytes to blacklist calls by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1096](https://togithub.com/PyCQA/bandit/pull/1096) - Prepend ./ for files specified as CLI args by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1094](https://togithub.com/PyCQA/bandit/pull/1094) - Rework GitPython dependency to be an extra for bandit-baseline by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1099](https://togithub.com/PyCQA/bandit/pull/1099) - Bump actions/dependency-review-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1101](https://togithub.com/PyCQA/bandit/pull/1101) - Introduce Official Bandit Images by [@​lukehinds](https://togithub.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1088](https://togithub.com/PyCQA/bandit/pull/1088) - Remove markdown formatting in reStructuredText formatted README by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1103](https://togithub.com/PyCQA/bandit/pull/1103) - Downsize the org:repo name by [@​lukehinds](https://togithub.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1104](https://togithub.com/PyCQA/bandit/pull/1104) ##### New Contributors - [@​kajinamit](https://togithub.com/kajinamit) made their first contribution in [https://github.com/PyCQA/bandit/pull/1081](https://togithub.com/PyCQA/bandit/pull/1081) **Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.6...1.7.7

Configuration

📅 Schedule: Branch creation - "every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Mend Renovate. View repository job log here.