- Update to 1.7.10
* Bump docker/build-push-action from 5.4.0 to 6.0.0
* Suggested small refactors in assignments
* Performance improvement in blacklist function
* Add test for usage of FTP_TLS
* New check: B113: TrojanSource - Bidirectional control characters
* Bump docker/build-push-action from 6.0.0 to 6.1.0
* feat(plugins): add support for httpx in B113
* Nit: remove unused variable
* Add recent releases to version choice in bug report
* Bump docker/build-push-action from 6.1.0 to 6.2.0
* Bump docker/build-push-action from 6.2.0 to 6.3.0
* Bump docker/setup-buildx-action from 3.3.0 to 3.4.0
* Bump docker/setup-buildx-action from 3.4.0 to 3.5.0
* Bump docker/login-action from 3.2.0 to 3.3.0
* Bump docker/build-push-action from 6.3.0 to 6.5.0
* Bump docker/setup-buildx-action from 3.5.0 to 3.6.1
* Bump docker/build-push-action from 6.5.0 to 6.6.1
* Bump sigstore/cosign-installer from 3.5.0 to 3.6.0
* Bump docker/build-push-action from 6.6.1 to 6.7.0
* Use consistent file naming of docs
* Pytorch Load / Save Plugin
- from version 1.7.9
* Bump docker/build-push-action from 5.1.0 to 5.2.0
* [pre-commit.ci] pre-commit autoupdate
* New logo for Bandit based on raccoon
* Start testing on Python 3.13
* Bump docker/build-push-action from 5.2.0 to 5.3.0
* Bump docker/setup-buildx-action from 3.1.0 to 3.2.0
* Bump docker/login-action from 3.0.0 to 3.1.0
OBS-URL: https://build.opensuse.org/request/show/1222690
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bandit?expand=0&rev=31
* Added a bit more \`project\_urls\`
* Check for github action updates monthly
* Improve handling nosec for multi-line strings
* Improve detecting SQL injections in f-strings
* Correct build status badge in README
* Fix breaking build due to new tox
* DOC: Add explanation on how to use pre-commit with config
file
* Add official Python 3.11 support
* remove py2 exec example in docs
* Typo fix
* [docs] Mention \`exclude\_dirs\` option available in TOML and
YAML
* Fix AttributeError on detect of tuple assign condition
* Fix json and yaml formatters to respect num lines
* Fixup some invalid pickle testing
* Pass correct number of arguments to match the \`%s\`
placeholders.
* Remove python 2 reference in docs
* Fix filename of B202 in docs
* weak\_cryptographic\_key assumes positional arg
* Check for deprecated TLS 1.1
* Adding tarfile.extractall() plugin with examples
* Fix issue #453 jinja2 template select\_autoescape when using
jinja2.select\_autoescape
* Fix a false positive condition yaml\_load
* Add case for global exec
* Docs for request without timeout has dead link
* Blacklist pandas read\_pickle and add functional test for it
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bandit?expand=0&rev=25
- version update to 1.7.4
1.7.4
-----
* Add 1.7.4 in issue template (#846)
* core/config: Fix ConfigError missing argument if toml is missing (#845)
* Add version 1.7.3 to dropdown (#833)
* Fix traceback in hashlib\_insecure\_functions (#834)
1.7.3
-----
* Build of artifact fails if raw directive used (#831)
* Center the bandit logo in readme (#823)
* Target Python >= 3.7 in pre-commit hooks (#830)
* Inaccurate message in hashlib check (#827)
* Improve performance of linerange (#629)
* Use CWE link in HTML formatter (#825)
* Use versioned links to docs (#819)
* Fix root doc for readthedocs (#818)
* Fix up some warnings and errors in docs (#817)
* Test on operating systems we can support (#804)
* Cannot seek stdin on pipe (#496)
* Respect color environment variables if set (#813)
* Show usage with no arguments (#814)
* Cleanup the README
* Fix references to the default branch name (#810)
* Better hashlib check for Python 3.9 (#805)
* Check for hardcoded passwords in class attributes (#766)
* Add new plugin to check use of pyghmi (#803)
* Remove redundant Python 3.6 code (#802)
* Check value of usedforsecurity for hashlib (#798)
* Change up how CWE is formatted (#788)
OBS-URL: https://build.opensuse.org/request/show/962061
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bandit?expand=0&rev=21
* Remove blacklist call to input() (#662) @ericwb
* Remove universal support on the wheel (#655) @ericwb
* Give some tips on how to resolve B101 in the doc (#616) @xuhdev
* Don't show progress information on --quiet (#641) @fniessink
* Add skip configuration to assert_used (#633) @wilbertom
* Drop Python2 build, test, and install (#615) @ericwb
* [FIX] blacklist: fix typo in import_ftplib (#601) @Yenthe666
* Resolve 'NoneType' object has no attribute 'id'Traceback in
django_mark_safe (#598) @ehooo
* Fix typo for activating venv (#590) @bavedarnow
* Bump pyyaml (#588) @dosisod
* Fix colorama not being disabled after being used (#586) @adambenali
* Cleanup some typos in recent contributor guide (#585) @ericwb
* [DOC] Support python3 venv creation (#583) @look4regev
* Add sha1 to the list of insecure hashes (#561) @ericwb
* Fix docs for B610,B611,B703 (#555) @amacfie
* Add a section explaining "nosec" (#554) @exhuma
* Add official support of Python 3.8 (#547) @ericwb
* Ignore common directories by default (#544) @ericwb
* Add shelve to the pickle blacklists (#542) @auscompgeek
* Remove obsolete "sudo" keyword. (#538) @jugmac00
* Update test requirements to latest versions (#535) @ericwb
* Fix readme file on Extending Bandit on list things (#534) @Aurel10
* fix the documentation file README.rst (#533) @Aurel10
* Cleanup comments after #510 (#532) @florczakraf
* Use SPDX license identifier instead of bulky headers (#530) @ericwb
* fix B603 docstring (#524) @graingert
* Add type checking to name node of hashlib_new (#516) @teeann
* --exit-zero option (#510) @maciejstromich
* Fix 3.8 errors (#509) @tylerwince
* Add several ini options for .bandit file (#508) @vuolter
* get_url returns different urls calling twice (bug #506) (#507) @ehooo
* Replace setattr (#493) @tylerwince
- Refresh remove-non-test-deps.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bandit?expand=0&rev=16
