Skip to content

Commit

Permalink
chore(deps-dev): bump bandit from 1.7.8 to 1.7.10 (#296)
Browse files Browse the repository at this point in the history 
Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.8 to 1.7.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/PyCQA/bandit/releases">bandit's
releases</a>.</em></p>
<blockquote>
<h2>1.7.10</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump docker/build-push-action from 5.4.0 to 6.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1147">PyCQA/bandit#1147</a></li>
<li>Suggested small refactors in assignments by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1150">PyCQA/bandit#1150</a></li>
<li>Performance improvement in blacklist function by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1148">PyCQA/bandit#1148</a></li>
<li>Add test for usage of FTP_TLS by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1149">PyCQA/bandit#1149</a></li>
<li>New check: B113: TrojanSource - Bidirectional control characters by
<a href="https://github.com/Lucas-C"><code>@​Lucas-C</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/757">PyCQA/bandit#757</a></li>
<li>Bump docker/build-push-action from 6.0.0 to 6.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1152">PyCQA/bandit#1152</a></li>
<li>feat(plugins): add support for <code>httpx</code> in
<code>B113</code> by <a
href="https://github.com/mkniewallner"><code>@​mkniewallner</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1060">PyCQA/bandit#1060</a></li>
<li>Nit: remove unused variable by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1153">PyCQA/bandit#1153</a></li>
<li>Add recent releases to version choice in bug report by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1151">PyCQA/bandit#1151</a></li>
<li>Bump docker/build-push-action from 6.1.0 to 6.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1155">PyCQA/bandit#1155</a></li>
<li>Bump docker/build-push-action from 6.2.0 to 6.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1157">PyCQA/bandit#1157</a></li>
<li>Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1156">PyCQA/bandit#1156</a></li>
<li>Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1158">PyCQA/bandit#1158</a></li>
<li>Bump docker/login-action from 3.2.0 to 3.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1159">PyCQA/bandit#1159</a></li>
<li>Bump docker/build-push-action from 6.3.0 to 6.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1160">PyCQA/bandit#1160</a></li>
<li>Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1163">PyCQA/bandit#1163</a></li>
<li>Bump docker/build-push-action from 6.5.0 to 6.6.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1166">PyCQA/bandit#1166</a></li>
<li>Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1165">PyCQA/bandit#1165</a></li>
<li>Bump docker/build-push-action from 6.6.1 to 6.7.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1168">PyCQA/bandit#1168</a></li>
<li>Use consistent file naming of docs by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1170">PyCQA/bandit#1170</a></li>
<li>Pytorch Load / Save Plugin by <a
href="https://github.com/lukehinds"><code>@​lukehinds</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1114">PyCQA/bandit#1114</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Lucas-C"><code>@​Lucas-C</code></a> made
their first contribution in <a
href="https://redirect.github.com/PyCQA/bandit/pull/757">PyCQA/bandit#757</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/PyCQA/bandit/compare/1.7.9...1.7.10">https://github.com/PyCQA/bandit/compare/1.7.9...1.7.10</a></p>
<h2>1.7.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump docker/build-push-action from 5.1.0 to 5.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1117">PyCQA/bandit#1117</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1119">PyCQA/bandit#1119</a></li>
<li>New logo for Bandit based on raccoon by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1121">PyCQA/bandit#1121</a></li>
<li>Start testing on Python 3.13 by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1122">PyCQA/bandit#1122</a></li>
<li>Bump docker/build-push-action from 5.2.0 to 5.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1123">PyCQA/bandit#1123</a></li>
<li>Bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1124">PyCQA/bandit#1124</a></li>
<li>Bump docker/login-action from 3.0.0 to 3.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1125">PyCQA/bandit#1125</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1126">PyCQA/bandit#1126</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1127">PyCQA/bandit#1127</a></li>
<li>Bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1130">PyCQA/bandit#1130</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1131">PyCQA/bandit#1131</a></li>
<li>Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1132">PyCQA/bandit#1132</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1133">PyCQA/bandit#1133</a></li>
<li>Updates banner logo so it renders well in dark mode by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1134">PyCQA/bandit#1134</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1135">PyCQA/bandit#1135</a></li>
<li>Add a sponsor section to README by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1137">PyCQA/bandit#1137</a></li>
<li>Ensure sarif extra is included as part of doc build by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1139">PyCQA/bandit#1139</a></li>
<li>Bump docker/login-action from 3.1.0 to 3.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1142">PyCQA/bandit#1142</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1143">PyCQA/bandit#1143</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PyCQA/bandit/commit/36fd65054fc8864b4037d0918904f9331512feb5"><code>36fd650</code></a>
Pytorch Load / Save Plugin (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1114">#1114</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/4ac55dfaaacf2083497831294b2dcd7e679f8428"><code>4ac55df</code></a>
Use consistent file naming of docs (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1170">#1170</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/68022aa1d626a7702e3154987f4be278484033fb"><code>68022aa</code></a>
Bump docker/build-push-action from 6.6.1 to 6.7.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1168">#1168</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/77566a00b6c2486049247acdf6dab327dc03845b"><code>77566a0</code></a>
Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1165">#1165</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/221ced660e04fe84d617e625114afa7fdbe173f3"><code>221ced6</code></a>
Bump docker/build-push-action from 6.5.0 to 6.6.1 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1166">#1166</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/701b7d541723f7543663f7798a5266f5141f3212"><code>701b7d5</code></a>
Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1163">#1163</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/320495c4cf0c14f1b376d5699b581b994f509af4"><code>320495c</code></a>
Bump docker/build-push-action from 6.3.0 to 6.5.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1160">#1160</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/90490c705926432df1922e5b73b94d0e21958c1a"><code>90490c7</code></a>
Bump docker/login-action from 3.2.0 to 3.3.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1159">#1159</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/708ab749502d79556eae5778561a7ae16b31be22"><code>708ab74</code></a>
Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1158">#1158</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/89d2345a8edbd6e1ade45e01919462910ed47ce3"><code>89d2345</code></a>
Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1156">#1156</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/PyCQA/bandit/compare/1.7.8...1.7.10">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit&package-manager=pip&previous-version=1.7.8&new-version=1.7.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Oct 9, 2024
1 parent d137607 commit 53b356a
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions poetry.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 53b356a

Please sign in to comment.