Update bandit requirement from >=1.5.1 to >=1.9.4#22
Conversation
Updates the requirements on [bandit](https://github.com/PyCQA/bandit) to permit the latest version. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](PyCQA/bandit@1.5.1...1.9.4) --- updated-dependencies: - dependency-name: bandit dependency-version: 1.9.4 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
AssigneesThe following users could not be added as assignees: Please fix the above issues or remove invalid values from |
Up to standards ✅🟢 Issues
|
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Updates the requirements on bandit to permit the latest version.
Release notes
Sourced from bandit's releases.
Commits
92ae8b8Fix B106 reporting wrong line number on multiline function calls (#1360)c8c8a55Lower version guard in check_ast_node to Python 3.12 (#1355)8f2f928Fix B615 false positive when revision is set via variable (#1358)e27493fInclude filename in nosec 'no failed test' warning (#1363)b69b336Fix B613 crash when reading from stdin (#1361)e418b79Bump docker/build-push-action from 6.18.0 to 6.19.2 (#1357)ff646fdBump docker/login-action from 3.6.0 to 3.7.0 (#1353)c0def6cchore: fixed some typos in comments (#1351)765f00dLimit B614 to torch.load deserializers (#1348)06fbbabBump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#1347)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)