Skip to content

Commit 612083a

Browse files
dependabot[bot]dependabot[bot]
authored
Bump bandit[toml] from 1.7.4 to 1.7.5 (#27)
Bumps [bandit[toml]](https://github.com/PyCQA/bandit) from 1.7.4 to 1.7.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/PyCQA/bandit/releases">bandit[toml]'s releases</a>.</em></p> <blockquote> <h2>1.7.5</h2> <h2>What's Changed</h2> <ul> <li>Add an example screen shot of Bandit to README by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/847">PyCQA/bandit#847</a></li> <li>Bad link to screen shot by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/848">PyCQA/bandit#848</a></li> <li>Use a constant for weak hashes by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/850">PyCQA/bandit#850</a></li> <li>Group location line with code output by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/822">PyCQA/bandit#822</a></li> <li>Fix line range using Python 3.8 end_lineno by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/821">PyCQA/bandit#821</a></li> <li>Add classifier to indicate Py3 only by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/853">PyCQA/bandit#853</a></li> <li>Removal of blacklist call B309 httpsconnection by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/858">PyCQA/bandit#858</a></li> <li>Remove blacklist call check for os.tempnam by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/859">PyCQA/bandit#859</a></li> <li>Indiciate hash type in message by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/860">PyCQA/bandit#860</a></li> <li>Add the httpx module check for verify by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/861">PyCQA/bandit#861</a></li> <li>Add doc for hashlib plugin by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/862">PyCQA/bandit#862</a></li> <li>Make use of rich for progress bar by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/863">PyCQA/bandit#863</a></li> <li>Replace <code>toml</code> with <code>tomli</code> by <a href="https://github.com/mkniewallner"><code>@​mkniewallner</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/829">PyCQA/bandit#829</a></li> <li>Fix up B109 and B111 removed plugins docs by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/864">PyCQA/bandit#864</a></li> <li>add check for &quot;requests&quot; calls without timeout by <a href="https://github.com/mschfh"><code>@​mschfh</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/743">PyCQA/bandit#743</a></li> <li>Fix for build breaks in format job by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/869">PyCQA/bandit#869</a></li> <li>Add license and contributing links to docs by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/867">PyCQA/bandit#867</a></li> <li>Remove redundant word Bandit in titles of sections by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/873">PyCQA/bandit#873</a></li> <li>Add request for feedback via 👍 by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/871">PyCQA/bandit#871</a></li> <li>Add a Discord link to the docs by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/870">PyCQA/bandit#870</a></li> <li>Adding logging.config.listen() plugin with examples by <a href="https://github.com/raj3shp"><code>@​raj3shp</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/874">PyCQA/bandit#874</a></li> <li>Removal of ghugo by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/881">PyCQA/bandit#881</a></li> <li>Remove redundant pip line by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/884">PyCQA/bandit#884</a></li> <li>Corrected documentation on configuration by <a href="https://github.com/a-takahashi223"><code>@​a-takahashi223</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/868">PyCQA/bandit#868</a></li> <li>Start testing against Python 3.11 by <a href="https://github.com/mkniewallner"><code>@​mkniewallner</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/887">PyCQA/bandit#887</a></li> <li>Add myself to sponsor list by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/885">PyCQA/bandit#885</a></li> <li>Add Discord link to README by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/875">PyCQA/bandit#875</a></li> <li>Update action versions in Actions workflows (<a href="https://redirect.github.com/PyCQA/bandit/issues/890">#890</a>) by <a href="https://github.com/mportesdev"><code>@​mportesdev</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/893">PyCQA/bandit#893</a></li> <li>Add dependency review action by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/891">PyCQA/bandit#891</a></li> <li>Fix an unclosed <!-- raw HTML omitted --> tag in HTML formatter by <a href="https://github.com/mportesdev"><code>@​mportesdev</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/896">PyCQA/bandit#896</a></li> <li>'Test plugin listing' in docs incorrectly pointing B612 to plugin ref of B102 by <a href="https://github.com/rajaramsrn"><code>@​rajaramsrn</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/897">PyCQA/bandit#897</a></li> <li>Make small fixes in docs by <a href="https://github.com/mportesdev"><code>@​mportesdev</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/899">PyCQA/bandit#899</a></li> <li>Specify semver range for Python 3.11 by <a href="https://github.com/mportesdev"><code>@​mportesdev</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/901">PyCQA/bandit#901</a></li> <li>Add another bad example of yaml load by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/905">PyCQA/bandit#905</a></li> <li>Add releases link in &quot;Version control integration&quot; by <a href="https://github.com/travisjungroth"><code>@​travisjungroth</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/909">PyCQA/bandit#909</a></li> <li>Update version of dependency-review-action by <a href="https://github.com/mportesdev"><code>@​mportesdev</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/911">PyCQA/bandit#911</a></li> <li>Avoid redundant message if debug on by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/913">PyCQA/bandit#913</a></li> <li>Remove invalid checking on hashlib by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/914">PyCQA/bandit#914</a></li> <li>Add some missing curve types by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/920">PyCQA/bandit#920</a></li> <li>add jsonpickle deserialization blacklist by <a href="https://github.com/SugarP1g"><code>@​SugarP1g</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/707">PyCQA/bandit#707</a></li> <li>Fix reading the number argument from config file by <a href="https://github.com/KAUTH"><code>@​KAUTH</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/923">PyCQA/bandit#923</a></li> <li>Add end_col_offset if available by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/851">PyCQA/bandit#851</a></li> <li>Enhancement Proposal: Plugin &quot;assert_used&quot; config-skip snippet by <a href="https://github.com/marianomartinelli"><code>@​marianomartinelli</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/695">PyCQA/bandit#695</a></li> <li>Blacklist pandas read_pickle and add functional test for it by <a href="https://github.com/jaspersival"><code>@​jaspersival</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/710">PyCQA/bandit#710</a></li> <li>Docs for request without timeout has dead link by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/925">PyCQA/bandit#925</a></li> <li>Add case for global exec by <a href="https://github.com/tonybaloney"><code>@​tonybaloney</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/570">PyCQA/bandit#570</a></li> <li>Fix a false positive condition yaml_load by <a href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/927">PyCQA/bandit#927</a></li> <li>Fix issue <a href="https://redirect.github.com/PyCQA/bandit/issues/453">#453</a> jinja2 template select_autoescape when using jinja2.select_autoescape by <a href="https://github.com/kinow"><code>@​kinow</code></a> in <a href="https://redirect.github.com/PyCQA/bandit/pull/454">PyCQA/bandit#454</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PyCQA/bandit/commit/ca4faf2f82a7c68a088100f8ba2b8e56f9bdcfe3"><code>ca4faf2</code></a> Added a bit more <code>project_urls</code> (<a href="https://redirect.github.com/PyCQA/bandit/issues/985">#985</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/d87faedd61c7d2107db9990036ecf7014579de2f"><code>d87faed</code></a> Check for github action updates monthly (<a href="https://redirect.github.com/PyCQA/bandit/issues/989">#989</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/72fa5a7496caa89f21ace353d038754dbddf9a91"><code>72fa5a7</code></a> Improve handling nosec for multi-line strings (<a href="https://redirect.github.com/PyCQA/bandit/issues/915">#915</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/7e6f580d6ad1b35be91046e591526602327a388d"><code>7e6f580</code></a> Improve detecting SQL injections in f-strings (<a href="https://redirect.github.com/PyCQA/bandit/issues/917">#917</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/fe1361fdcc274850d4099885a802f2c9f28aca08"><code>fe1361f</code></a> Correct build status badge in README (<a href="https://redirect.github.com/PyCQA/bandit/issues/980">#980</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/a76299303f15268e97a6bacb1cb32a804893c584"><code>a762993</code></a> Fix breaking build due to new tox (<a href="https://redirect.github.com/PyCQA/bandit/issues/983">#983</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/91c4d979550888c8d190898279bfdb0af732791e"><code>91c4d97</code></a> DOC: Add explanation on how to use pre-commit with config file (<a href="https://redirect.github.com/PyCQA/bandit/issues/968">#968</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/d9fe642e01866e460454641bcd14b9de9d2b1478"><code>d9fe642</code></a> Add official Python 3.11 support (<a href="https://redirect.github.com/PyCQA/bandit/issues/964">#964</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/3aaa2b07be47090344d89e5532bcde15127c2909"><code>3aaa2b0</code></a> remove py2 exec example in docs (<a href="https://redirect.github.com/PyCQA/bandit/issues/947">#947</a>)</li> <li><a href="https://github.com/PyCQA/bandit/commit/a74385886432e37211f88d5caf135be4bbfdad57"><code>a743858</code></a> Typo fix (<a href="https://redirect.github.com/PyCQA/bandit/issues/945">#945</a>)</li> <li>Additional commits viewable in <a href="https://github.com/PyCQA/bandit/compare/1.7.4...1.7.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit[toml]&package-manager=pip&previous-version=1.7.4&new-version=1.7.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 3506193 commit 612083a

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ Source = "https://github.com/mygithubuser/mycli"
3434

3535
[project.optional-dependencies]
3636
dev = [
37-
"bandit[toml]==1.7.4",
37+
"bandit[toml]==1.7.5",
3838
"black==23.3.0",
3939
"flake8-bugbear==23.5.9",
4040
"flake8-builtins==2.1.0",

0 commit comments

Comments
 (0)