- Update to 1.7.0:

* Remove blacklist call to input() (#662) @ericwb * Remove universal support on the wheel (#655) @ericwb * Give some tips on how to resolve B101 in the doc (#616) @xuhdev * Don't show progress information on --quiet (#641) @fniessink * Add skip configuration to assert_used (#633) @wilbertom * Drop Python2 build, test, and install (#615) @ericwb * [FIX] blacklist: fix typo in import_ftplib (#601) @Yenthe666 * Resolve 'NoneType' object has no attribute 'id'Traceback in django_mark_safe (#598) @ehooo * Fix typo for activating venv (#590) @bavedarnow * Bump pyyaml (#588) @dosisod * Fix colorama not being disabled after being used (#586) @adambenali * Cleanup some typos in recent contributor guide (#585) @ericwb * [DOC] Support python3 venv creation (#583) @look4regev * Add sha1 to the list of insecure hashes (#561) @ericwb * Fix docs for B610,B611,B703 (#555) @amacfie * Add a section explaining "nosec" (#554) @exhuma * Add official support of Python 3.8 (#547) @ericwb * Ignore common directories by default (#544) @ericwb * Add shelve to the pickle blacklists (#542) @auscompgeek * Remove obsolete "sudo" keyword. (#538) @jugmac00 * Update test requirements to latest versions (#535) @ericwb * Fix readme file on Extending Bandit on list things (#534) @Aurel10 * fix the documentation file README.rst (#533) @Aurel10 * Cleanup comments after #510 (#532) @florczakraf * Use SPDX license identifier instead of bulky headers (#530) @ericwb * fix B603 docstring (#524) @graingert * Add type checking to name node of hashlib_new (#516) @teeann * --exit-zero option (#510) @maciejstromich * Fix 3.8 errors (#509) @tylerwince * Add several ini options for .bandit file (#508) @vuolter * get_url returns different urls calling twice (bug #506) (#507) @ehooo * Replace setattr (#493) @tylerwince - Refresh remove-non-test-deps.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bandit?expand=0&rev=16
2021-03-09 06:57:46 +00:00
parent 17ea9d898f
commit bd37878b18
5 changed files with 64 additions and 28 deletions
--- a/bandit-1.6.2.tar.gz
+++ b/bandit-1.6.2.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:41e75315853507aa145d62a78a2a6c5e3240fe14ee7c601459d0df9418196065
-size 498567
--- a/bandit-1.7.0.tar.gz
+++ b/bandit-1.7.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8a4c7415254d75df8ff3c3b15cfe9042ecee628a1e40b44c15a98890fbfc2608
+size 506225
--- a/python-bandit.changes
+++ b/python-bandit.changes
@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Tue Mar  9 06:13:09 UTC 2021 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Update to 1.7.0:
+  * Remove blacklist call to input() (#662) @ericwb
+  * Remove universal support on the wheel (#655) @ericwb
+  * Give some tips on how to resolve B101 in the doc (#616) @xuhdev
+  * Don't show progress information on --quiet (#641) @fniessink
+  * Add skip configuration to assert_used (#633) @wilbertom
+  * Drop Python2 build, test, and install (#615) @ericwb
+  * [FIX] blacklist: fix typo in import_ftplib (#601) @Yenthe666
+  * Resolve 'NoneType' object has no attribute 'id'Traceback in
+    django_mark_safe (#598) @ehooo
+  * Fix typo for activating venv (#590) @bavedarnow
+  * Bump pyyaml (#588) @dosisod
+  * Fix colorama not being disabled after being used (#586) @adambenali
+  * Cleanup some typos in recent contributor guide (#585) @ericwb
+  * [DOC] Support python3 venv creation (#583) @look4regev
+  * Add sha1 to the list of insecure hashes (#561) @ericwb
+  * Fix docs for B610,B611,B703 (#555) @amacfie
+  * Add a section explaining "nosec" (#554) @exhuma
+  * Add official support of Python 3.8 (#547) @ericwb
+  * Ignore common directories by default (#544) @ericwb
+  * Add shelve to the pickle blacklists (#542) @auscompgeek
+  * Remove obsolete "sudo" keyword. (#538) @jugmac00
+  * Update test requirements to latest versions (#535) @ericwb
+  * Fix readme file on Extending Bandit on list things (#534) @Aurel10
+  * fix the documentation file README.rst (#533) @Aurel10
+  * Cleanup comments after #510 (#532) @florczakraf
+  * Use SPDX license identifier instead of bulky headers (#530) @ericwb
+  * fix B603 docstring (#524) @graingert
+  * Add type checking to name node of hashlib_new (#516) @teeann
+  * --exit-zero option (#510) @maciejstromich
+  * Fix 3.8 errors (#509) @tylerwince
+  * Add several ini options for .bandit file (#508) @vuolter
+  * get_url returns different urls calling twice (bug #506) (#507) @ehooo
+  * Replace setattr (#493) @tylerwince 
+- Refresh remove-non-test-deps.patch
+
 -------------------------------------------------------------------
 Sat Feb 13 10:21:09 UTC 2021 - Dirk Müller <dmueller@suse.com>

--- a/python-bandit.spec
+++ b/python-bandit.spec
@@ -22,38 +22,36 @@
 # CLI tool, no module
 %define pythons python3
 Name:           python-bandit
-Version:        1.6.2
+Version:        1.7.0
 Release:        0
 Summary:        Security oriented static analyser for Python code
 License:        Apache-2.0
-Group:          Development/Languages/Python
 URL:            https://github.com/PyCQA/bandit
 Source:         https://files.pythonhosted.org/packages/source/b/bandit/bandit-%{version}.tar.gz
 Patch0:         remove-non-test-deps.patch
 BuildRequires:  %{python_module GitPython >= 1.0.1}
-BuildRequires:  %{python_module PyYAML >= 3.13}
-BuildRequires:  %{python_module beautifulsoup4 >= 4.6.0}
+BuildRequires:  %{python_module PyYAML >= 5.3.1}
+BuildRequires:  %{python_module beautifulsoup4 >= 4.8.0}
 BuildRequires:  %{python_module fixtures >= 3.0.0}
-BuildRequires:  %{python_module mock >= 2.0.0}
-BuildRequires:  %{python_module pbr >= 1.8}
+BuildRequires:  %{python_module mock >= 3.0.5}
+BuildRequires:  %{python_module pbr >= 2.0}
 BuildRequires:  %{python_module python-subunit >= 0.0.18}
 BuildRequires:  %{python_module setuptools}
 BuildRequires:  %{python_module six >= 1.10.0}
-BuildRequires:  %{python_module stestr >= 1.0.0}
+BuildRequires:  %{python_module stestr >= 2.5.0}
 BuildRequires:  %{python_module stevedore >= 1.20.0}
 BuildRequires:  %{python_module testrepository >= 0.0.18}
-BuildRequires:  %{python_module testscenarios >= 0.4}
-BuildRequires:  %{python_module testtools >= 2.2.0}
+BuildRequires:  %{python_module testscenarios >= 0.5.0}
+BuildRequires:  %{python_module testtools >= 2.3.0}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
 # doc requirements
 %if %{with builddocs}
 BuildRequires:  %{python_module Sphinx >= 1.2.1}
-BuildRequires:  %{python_module oslotest >= 3.2.0}
 BuildRequires:  %{python_module reno >= 1.8.0}
 %endif
 Requires:       python-GitPython >= 1.0.1
-Requires:       python-PyYAML >= 3.13
+Requires:       python-PyYAML >= 5.3.1
 Requires:       python-six >= 1.10.0
 Requires:       python-stestr >= 1.0.0
 Requires:       python-stevedore >= 1.20.0
--- a/remove-non-test-deps.patch
+++ b/remove-non-test-deps.patch
@@ -1,18 +1,17 @@
--- bandit-1.5.1.orig/test-requirements.txt	2018-05-03 03:31:37.000000000 +0700
-+++ bandit-1.5.1/test-requirements.txt	2019-02-11 13:59:52.547483165 +0700
-@@ -1,15 +1,10 @@
+Index: bandit-1.7.0/test-requirements.txt
+===================================================================
+--- bandit-1.7.0.orig/test-requirements.txt
+++ bandit-1.7.0/test-requirements.txt
+@@ -1,12 +1,9 @@
 # The order of packages is significant, because pip processes them in the order
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
-coverage!=4.4,>=4.0 # Apache-2.0
+-coverage>=4.5.4 # Apache-2.0
 fixtures>=3.0.0 # Apache-2.0/BSD
-hacking>=1.0.0 # Apache-2.0
- mock>=2.0.0 # BSD
- stestr>=1.0.0 # Apache-2.0
- testscenarios>=0.4 # Apache-2.0/BSD
- testtools>=2.2.0 # MIT
-oslotest>=3.2.0 # Apache-2.0
- 
- beautifulsoup4>=4.6.0 # MIT
-
-pylint==1.4.5 # GPLv2
+-hacking>=2.0.0 # Apache-2.0
+ mock>=3.0.5 # BSD
+ stestr>=2.5.0 # Apache-2.0
+ testscenarios>=0.5.0 # Apache-2.0/BSD
+ testtools>=2.3.0 # MIT
+ beautifulsoup4>=4.8.0 # MIT
+-pylint==1.9.4 # GPLv2