Overview Repositories Revisions Requests Users Attributes Meta

Revisions of python-bandit

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1223777 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 15) 
- Add missing BRs and establish Requires according to pyproject.toml.
- Update to 1.7.10
  * Bump docker/build-push-action from 5.4.0 to 6.0.0
  * Suggested small refactors in assignments
  * Performance improvement in blacklist function
  * Add test for usage of FTP_TLS
  * New check: B113: TrojanSource - Bidirectional control characters
  * Bump docker/build-push-action from 6.0.0 to 6.1.0
  * feat(plugins): add support for httpx in B113
  * Nit: remove unused variable
  * Add recent releases to version choice in bug report
  * Bump docker/build-push-action from 6.1.0 to 6.2.0
  * Bump docker/build-push-action from 6.2.0 to 6.3.0
  * Bump docker/setup-buildx-action from 3.3.0 to 3.4.0
  * Bump docker/setup-buildx-action from 3.4.0 to 3.5.0
  * Bump docker/login-action from 3.2.0 to 3.3.0
  * Bump docker/build-push-action from 6.3.0 to 6.5.0
  * Bump docker/setup-buildx-action from 3.5.0 to 3.6.1
  * Bump docker/build-push-action from 6.5.0 to 6.6.1
  * Bump sigstore/cosign-installer from 3.5.0 to 3.6.0
  * Bump docker/build-push-action from 6.6.1 to 6.7.0
  * Use consistent file naming of docs
  * Pytorch Load / Save Plugin
- from version 1.7.9
  * Bump docker/build-push-action from 5.1.0 to 5.2.0
  * [pre-commit.ci] pre-commit autoupdate
  * New logo for Bandit based on raccoon
  * Start testing on Python 3.13
  * Bump docker/build-push-action from 5.2.0 to 5.3.0
  * Bump docker/setup-buildx-action from 3.1.0 to 3.2.0
  * Bump docker/login-action from 3.0.0 to 3.1.0
  * [pre-commit.ci] pre-commit autoupdate
  * [pre-commit.ci] pre-commit autoupdate
  * Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
  * [pre-commit.ci] pre-commit autoupdate
  * Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
  * [pre-commit.ci] pre-commit autoupdate
  * Updates banner logo so it renders well in dark mode
  * [pre-commit.ci] pre-commit autoupdate
  * Add a sponsor section to README
  * Ensure sarif extra is included as part of doc build
  * Bump docker/login-action from 3.1.0 to 3.2.0
  * [pre-commit.ci] pre-commit autoupdate
  * [pre-commit.ci] pre-commit autoupdate
  * Guard against empty call argument list
  * Bump docker/build-push-action from 5.3.0 to 5.4.0
  * Support configfile in .bandit file
- from version 1.7.8
  * Incorrect tag naming in readme
  * Utilize PyPI's trusted publishing
  * Bump sigstore/cosign-installer from 3.3.0 to 3.4.0
  * Add 1.7.7 to versions of bug template
  * Use datetime to avoid updating copyright year
  * filter data is safe for tarfile extractall
  * Bump docker/setup-buildx-action from 3.0.0 to 3.1.0
  * [B605] Add functions that are vulnerable to shell injection
  * Add a SARIF output formatter
- from version 1.7.7
  * Add the new release to bandit versions of bug template
  * Bump actions/setup-python from 4 to 5
  * Handle variant in how policy is passed in paramiko
  * Flag str.replace as possible sql injection
  * defusedxml: Show correct module name
  * Add tidelift to the sponsor funding list
  * Create a security policy
  * Fix up issues found running Bandit on itself
  * Add random.randbytes to blacklist calls
  * Prepend ./ for files specified as CLI args
  * Rework GitPython dependency to be an extra for bandit-baseline
  * Bump actions/dependency-review-action from 3 to 4
  * Introduce Official Bandit Images
  * Remove markdown formatting in reStructuredText formatted README
  * Downsize the org:repo name by
- Refresh remove-non-test-deps.patch
- Use Python 3.11 on SLE-15 by default
- Switch build system from setuptools to pyproject.toml
  * Add python-pip and python-wheel to BuildRequires
  * Replace %python_build with %pyproject_wheel
  * Replace %python_install with %pyproject_install
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1100808 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 13) 
- update to 1.7.5:
  * Added a bit more \`project\_urls\`
  * Check for github action updates monthly
  * Improve handling nosec for multi-line strings
  * Improve detecting SQL injections in f-strings
  * Correct build status badge in README
  * Fix breaking build due to new tox
  * DOC: Add explanation on how to use pre-commit with config
    file
  * Add official Python 3.11 support
  * remove py2 exec example in docs
  * Typo fix
  * [docs] Mention \`exclude\_dirs\` option available in TOML and
    YAML
  * Fix AttributeError on detect of tuple assign condition
  * Fix json and yaml formatters to respect num lines
  * Fixup some invalid pickle testing
  * Pass correct number of arguments to match the \`%s\`
    placeholders.
  * Remove python 2 reference in docs
  * Fix filename of B202 in docs
  * weak\_cryptographic\_key assumes positional arg
  * Check for deprecated TLS 1.1
  * Adding tarfile.extractall() plugin with examples
  * Fix issue #453 jinja2 template select\_autoescape when using
    jinja2.select\_autoescape
  * Fix a false positive condition yaml\_load
  * Add case for global exec
  * Docs for request without timeout has dead link
  * Blacklist pandas read\_pickle and add functional test for it
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1031533 from Daniel Garcia's avatar Daniel Garcia (dgarcia) (revision 12) 
- Remove not needed python-six dependency
- Use autosetup instead of setup + patch
- More specific sitelib package in %files
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 951974 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 10) 
- update to 1.7.2:
  * Correctly define extras in \`setup.cfg\` (#755)
  * Remove leftover openstack code (#778)
  * Added snmp\_security check plugin for various SNMP checks (#403)
  * Fix README.rst (#365)
  * Fixup typo (#769)
  * Drop end-of-life Python 3.6 (#777)
  * Drop end-of-life Python 3.5 (#746)
  * Start using auto-formatters (#754)
  * Create FUNDING.yml (#774)
  * test\_help\_arg: remove assert on 'optional arguments' (#752)
  * Fix broken reported URL link for B107 (#751)

- update to 1.7.1:
  * fix reading initial values from .bandit
  * Always use a Loader in yaml.load
  * PEP-518 support: configure bandit via pyproject.toml
  * document that random.choices() isn't secure either
  * Fix syntax errors in bug report
  * Update bug\_report.yaml
  * Fix syntax error in bug report
  * Use new issue template format
  * Update README.rst
  * Mock part of python 3.x
  * Add license to package installation metadata
  * #694 Bandit fails when using importlib with named arguments
  * Add string options for severity and confidence
  * Add support for Python 3.9
  * Create config.yml
  * Add default labels to issues
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 877896 from Steve Kowalik's avatar Steve Kowalik (StevenK) (revision 8) 
- Update to 1.7.0:
  * Remove blacklist call to input() (#662) @ericwb
  * Remove universal support on the wheel (#655) @ericwb
  * Give some tips on how to resolve B101 in the doc (#616) @xuhdev
  * Don't show progress information on --quiet (#641) @fniessink
  * Add skip configuration to assert_used (#633) @wilbertom
  * Drop Python2 build, test, and install (#615) @ericwb
  * [FIX] blacklist: fix typo in import_ftplib (#601) @Yenthe666
  * Resolve 'NoneType' object has no attribute 'id'Traceback in
    django_mark_safe (#598) @ehooo
  * Fix typo for activating venv (#590) @bavedarnow
  * Bump pyyaml (#588) @dosisod
  * Fix colorama not being disabled after being used (#586) @adambenali
  * Cleanup some typos in recent contributor guide (#585) @ericwb
  * [DOC] Support python3 venv creation (#583) @look4regev
  * Add sha1 to the list of insecure hashes (#561) @ericwb
  * Fix docs for B610,B611,B703 (#555) @amacfie
  * Add a section explaining "nosec" (#554) @exhuma
  * Add official support of Python 3.8 (#547) @ericwb
  * Ignore common directories by default (#544) @ericwb
  * Add shelve to the pickle blacklists (#542) @auscompgeek
  * Remove obsolete "sudo" keyword. (#538) @jugmac00
  * Update test requirements to latest versions (#535) @ericwb
  * Fix readme file on Extending Bandit on list things (#534) @Aurel10
  * fix the documentation file README.rst (#533) @Aurel10
  * Cleanup comments after #510 (#532) @florczakraf
  * Use SPDX license identifier instead of bulky headers (#530) @ericwb
  * fix B603 docstring (#524) @graingert
  * Add type checking to name node of hashlib_new (#516) @teeann
  * --exit-zero option (#510) @maciejstromich
  * Fix 3.8 errors (#509) @tylerwince
  * Add several ini options for .bandit file (#508) @vuolter
  * get_url returns different urls calling twice (bug #506) (#507) @ehooo
  * Replace setattr (#493) @tylerwince 
- Refresh remove-non-test-deps.patch
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 871632 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 7) 
- cli tool, don't build with multiple python versions
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 811559 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 6) 
- drop oslosphinx dependency
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 748705 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 5) 
- Skip out python2 build as the dependencies are unresolvable
Displaying all 15 revisions
openSUSE Build Service is sponsored by
Places