fedora-infra / datagrepper

HTTP API for datanommer and the fedmsg bus
https://apps.fedoraproject.org/datagrepper/
GNU General Public License v2.0
43 stars 34 forks source link

Update pre-commit hook PyCQA/bandit to v1.7.8 #684

Closed renovate[bot] closed 8 months ago

renovate[bot] commented 8 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
PyCQA/bandit repository patch 1.7.7 -> 1.7.8

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.


Release Notes

PyCQA/bandit (PyCQA/bandit) ### [`v1.7.8`](https://togithub.com/PyCQA/bandit/releases/tag/1.7.8) [Compare Source](https://togithub.com/PyCQA/bandit/compare/1.7.7...1.7.8) #### What's Changed - Incorrect tag naming in readme by [@​lukehinds](https://togithub.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1105](https://togithub.com/PyCQA/bandit/pull/1105) - Utilize PyPI's trusted publishing by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1107](https://togithub.com/PyCQA/bandit/pull/1107) - Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1109](https://togithub.com/PyCQA/bandit/pull/1109) - Add 1.7.7 to versions of bug template by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1110](https://togithub.com/PyCQA/bandit/pull/1110) - Use datetime to avoid updating copyright year by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1112](https://togithub.com/PyCQA/bandit/pull/1112) - filter data is safe for tarfile extractall by [@​etienneschalk](https://togithub.com/etienneschalk) in [https://github.com/PyCQA/bandit/pull/1111](https://togithub.com/PyCQA/bandit/pull/1111) - Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1115](https://togithub.com/PyCQA/bandit/pull/1115) - \[B605] Add functions that are vulnerable to shell injection. by [@​shihai1991](https://togithub.com/shihai1991) in [https://github.com/PyCQA/bandit/pull/1116](https://togithub.com/PyCQA/bandit/pull/1116) - Add a SARIF output formatter by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1113](https://togithub.com/PyCQA/bandit/pull/1113) #### New Contributors - [@​etienneschalk](https://togithub.com/etienneschalk) made their first contribution in [https://github.com/PyCQA/bandit/pull/1111](https://togithub.com/PyCQA/bandit/pull/1111) - [@​shihai1991](https://togithub.com/shihai1991) made their first contribution in [https://github.com/PyCQA/bandit/pull/1116](https://togithub.com/PyCQA/bandit/pull/1116) **Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.7...1.7.8

Configuration

📅 Schedule: Branch creation - "every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Mend Renovate. View repository job log here.