From 014c1eb61d33ff9b8a53ab88a987fe37447d9f213c31009de95d9e070a6a277c Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 6 Feb 2022 10:12:57 +0000 Subject: [PATCH] - update to 1.7.2: * Correctly define extras in \`setup.cfg\` (#755) * Remove leftover openstack code (#778) * Added snmp\_security check plugin for various SNMP checks (#403) * Fix README.rst (#365) * Fixup typo (#769) * Drop end-of-life Python 3.6 (#777) * Drop end-of-life Python 3.5 (#746) * Start using auto-formatters (#754) * Create FUNDING.yml (#774) * test\_help\_arg: remove assert on 'optional arguments' (#752) * Fix broken reported URL link for B107 (#751) - update to 1.7.1: * fix reading initial values from .bandit * Always use a Loader in yaml.load * PEP-518 support: configure bandit via pyproject.toml * document that random.choices() isn't secure either * Fix syntax errors in bug report * Update bug\_report.yaml * Fix syntax error in bug report * Use new issue template format * Update README.rst * Mock part of python 3.x * Add license to package installation metadata * #694 Bandit fails when using importlib with named arguments * Add string options for severity and confidence * Add support for Python 3.9 * Create config.yml * Add default labels to issues OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bandit?expand=0&rev=19 --- bandit-1.7.0.tar.gz | 3 --- bandit-1.7.2.tar.gz | 3 +++ python-bandit.changes | 47 ++++++++++++++++++++++++++++++++++++++ python-bandit.spec | 5 ++-- remove-non-test-deps.patch | 10 ++++---- 5 files changed, 57 insertions(+), 11 deletions(-) delete mode 100644 bandit-1.7.0.tar.gz create mode 100644 bandit-1.7.2.tar.gz diff --git a/bandit-1.7.0.tar.gz b/bandit-1.7.0.tar.gz deleted file mode 100644 index 3c68b19..0000000 --- a/bandit-1.7.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8a4c7415254d75df8ff3c3b15cfe9042ecee628a1e40b44c15a98890fbfc2608 -size 506225 diff --git a/bandit-1.7.2.tar.gz b/bandit-1.7.2.tar.gz new file mode 100644 index 0000000..7cf0e4d --- /dev/null +++ b/bandit-1.7.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6d11adea0214a43813887bfe71a377b5a9955e4c826c8ffd341b494e3ab25260 +size 497104 diff --git a/python-bandit.changes b/python-bandit.changes index fa3ece6..e984ab4 100644 --- a/python-bandit.changes +++ b/python-bandit.changes @@ -1,3 +1,50 @@ +------------------------------------------------------------------- +Sun Feb 6 10:04:06 UTC 2022 - Dirk Müller + +- update to 1.7.2: + * Correctly define extras in \`setup.cfg\` (#755) + * Remove leftover openstack code (#778) + * Added snmp\_security check plugin for various SNMP checks (#403) + * Fix README.rst (#365) + * Fixup typo (#769) + * Drop end-of-life Python 3.6 (#777) + * Drop end-of-life Python 3.5 (#746) + * Start using auto-formatters (#754) + * Create FUNDING.yml (#774) + * test\_help\_arg: remove assert on 'optional arguments' (#752) + * Fix broken reported URL link for B107 (#751) + +------------------------------------------------------------------- +Sat Jan 15 16:40:26 UTC 2022 - Dirk Müller + +- update to 1.7.1: + * fix reading initial values from .bandit + * Always use a Loader in yaml.load + * PEP-518 support: configure bandit via pyproject.toml + * document that random.choices() isn't secure either + * Fix syntax errors in bug report + * Update bug\_report.yaml + * Fix syntax error in bug report + * Use new issue template format + * Update README.rst + * Mock part of python 3.x + * Add license to package installation metadata + * #694 Bandit fails when using importlib with named arguments + * Add string options for severity and confidence + * Add support for Python 3.9 + * Create config.yml + * Add default labels to issues + * Replace http with https URLs + * More cleanup of license headers + * Updates to address docstring code scan issues, add flake8 configuration + * Small syntax and formatting cleanup + * More complete removal of Python2 code + * Show column offset on all formatters + * Add the column offset to the issue model + * Clearer message for subprocess module use + * Specify language\_version in .pre-commit-hooks.yaml + * Specify output\_file encoding as utf-8 + ------------------------------------------------------------------- Wed Oct 27 12:05:40 UTC 2021 - pgajdos@suse.com diff --git a/python-bandit.spec b/python-bandit.spec index ce90315..39f9485 100644 --- a/python-bandit.spec +++ b/python-bandit.spec @@ -1,7 +1,7 @@ # # spec file for package python-bandit # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,10 +27,9 @@ %endif # CLI tool, no module %define pythons python3 -# Tests require python-hacking, which isn't compatible with pycodestyle %bcond_without builddocs Name: python-bandit -Version: 1.7.0 +Version: 1.7.2 Release: 0 Summary: Security oriented static analyser for Python code License: Apache-2.0 diff --git a/remove-non-test-deps.patch b/remove-non-test-deps.patch index 6860d69..cda9c58 100644 --- a/remove-non-test-deps.patch +++ b/remove-non-test-deps.patch @@ -1,17 +1,17 @@ -Index: bandit-1.7.0/test-requirements.txt +Index: bandit-1.7.2/test-requirements.txt =================================================================== ---- bandit-1.7.0.orig/test-requirements.txt -+++ bandit-1.7.0/test-requirements.txt +--- bandit-1.7.2.orig/test-requirements.txt ++++ bandit-1.7.2/test-requirements.txt @@ -1,12 +1,9 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -coverage>=4.5.4 # Apache-2.0 fixtures>=3.0.0 # Apache-2.0/BSD --hacking>=2.0.0 # Apache-2.0 - mock>=3.0.5 # BSD +-flake8>=4.0.0 # Apache-2.0 stestr>=2.5.0 # Apache-2.0 testscenarios>=0.5.0 # Apache-2.0/BSD testtools>=2.3.0 # MIT + toml # MIT beautifulsoup4>=4.8.0 # MIT -pylint==1.9.4 # GPLv2