CVS commit: pkgsrc/security/py-bandit

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/py-bandit
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Wed, 29 Mar 2023 10:47:50 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Wed Mar 29 10:47:50 UTC 2023

Modified Files:
        pkgsrc/security/py-bandit: Makefile PLIST distinfo

Log Message:
py-bandit: updated to 1.7.5

1.7.5
-----

* Added a bit more \`project\_urls\`
* Check for github action updates monthly
* Improve handling nosec for multi-line strings
* Improve detecting SQL injections in f-strings
* Correct build status badge in README
* Fix breaking build due to new tox
* DOC: Add explanation on how to use pre-commit with config file
* Add official Python 3.11 support
* remove py2 exec example in docs
* Typo fix
* [docs] Mention \`exclude\_dirs\` option available in TOML and YAML
* Fix AttributeError on detect of tuple assign condition
* Fix json and yaml formatters to respect num lines
* Fixup some invalid pickle testing
* Pass correct number of arguments to match the \`%s\` placeholders.
* Remove python 2 reference in docs
* Fix filename of B202 in docs
* weak\_cryptographic\_key assumes positional arg
* Check for deprecated TLS 1.1
* Adding tarfile.extractall() plugin with examples
* Fix issue: jinja2 template select\_autoescape when using jinja2.select\_autoescape
* Fix a false positive condition yaml\_load
* Add case for global exec
* Docs for request without timeout has dead link
* Blacklist pandas read\_pickle and add functional test for it
* Enhancement Proposal: Plugin "assert\_used" config-skip snippet
* Add end\_col\_offset if available
* Fix reading the number argument from config file
* add jsonpickle deserialization blacklist
* Add some missing curve types
* Remove invalid checking on hashlib
* Avoid redundant message if debug on
* Update version of dependency-review-action
* Add releases link in "Version control integration"
* Add another bad example of yaml load
* Specify semver range for Python 3.11
* Make small fixes in docs
* Test plugin listing incorrectly pointing b612 to plugin ref of b1022
* Close the <b> tag in HTML formatter
* Add dependency review action
* Update action versions in Actions workflows
* Add Discord link to README
* Add myself to sponsor list
* Test against Python 3.11
* Corrected documentation on configuration
* Remove redundant pip line
* Removal of ghugo
* Adding logging.config.listen() plugin with examples
* Add a Discord link to the docs
* Add request for feedback via 👍
* Remove redundant word Bandit in titles of sections
* Add license and contributing links to docs
* Fix for build breaks in format job
* add check for "requests" calls without timeout
* Fix up B109 and B111 removed plugins docs
* Replace \`toml\` with \`tomli\`
* Make use of rich for the progress bar
* Add doc for hashlib plugin
* Add the httpx module check for verify
* Indiciate hash type in message
* Remove blacklist call check for os.tempnam
* Removal of blacklist call B309 httpsconnection
* Add classifier to indicate Py3 only
* Fix line range using Python 3.8 end\_lineno
* Group location line with code output
* Use a constant for weak hashes
* Bad link to screen shot
* Add an example screen shot of Bandit to README


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/py-bandit/Makefile \
    pkgsrc/security/py-bandit/PLIST pkgsrc/security/py-bandit/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/py-bandit/Makefile
diff -u pkgsrc/security/py-bandit/Makefile:1.1 pkgsrc/security/py-bandit/Makefile:1.2
--- pkgsrc/security/py-bandit/Makefile:1.1      Wed Mar  1 18:20:23 2023
+++ pkgsrc/security/py-bandit/Makefile  Wed Mar 29 10:47:50 2023
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.1 2023/03/01 18:20:23 adam Exp $
+# $NetBSD: Makefile,v 1.2 2023/03/29 10:47:50 adam Exp $
 
-DISTNAME=      bandit-1.7.4
+DISTNAME=      bandit-1.7.5
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=    security python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=b/bandit/}
@@ -12,8 +12,10 @@ LICENSE=     apache-2.0
 
 TOOL_DEPENDS+= ${PYPKGPREFIX}-pbr>=2.0.0:../../devel/py-pbr
 DEPENDS+=      ${PYPKGPREFIX}-gitpython>=1.0.1:../../devel/py-gitpython
+DEPENDS+=      ${PYPKGPREFIX}-rich-[0-9]*:../../comms/py-rich
 DEPENDS+=      ${PYPKGPREFIX}-stevedore>=1.20.0:../../devel/py-stevedore
 DEPENDS+=      ${PYPKGPREFIX}-yaml>=5.3.1:../../textproc/py-yaml
+TEST_DEPENDS+= ${PYPKGPREFIX}-beautifulsoup4>=4.8.0:../../www/py-beautifulsoup4
 TEST_DEPENDS+= ${PYPKGPREFIX}-testscenarios>=0.5.0:../../devel/py-testscenarios
 TEST_DEPENDS+= ${PYPKGPREFIX}-testtools>=2.3.0:../../devel/py-testtools
 
Index: pkgsrc/security/py-bandit/PLIST
diff -u pkgsrc/security/py-bandit/PLIST:1.1 pkgsrc/security/py-bandit/PLIST:1.2
--- pkgsrc/security/py-bandit/PLIST:1.1 Wed Mar  1 18:20:23 2023
+++ pkgsrc/security/py-bandit/PLIST     Wed Mar 29 10:47:50 2023
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1 2023/03/01 18:20:23 adam Exp $
+@comment $NetBSD: PLIST,v 1.2 2023/03/29 10:47:50 adam Exp $
 bin/bandit-${PYVERSSUFFIX}
 bin/bandit-baseline-${PYVERSSUFFIX}
 bin/bandit-config-generator-${PYVERSSUFFIX}
@@ -172,15 +172,24 @@ ${PYSITELIB}/bandit/plugins/insecure_ssl
 ${PYSITELIB}/bandit/plugins/jinja2_templates.py
 ${PYSITELIB}/bandit/plugins/jinja2_templates.pyc
 ${PYSITELIB}/bandit/plugins/jinja2_templates.pyo
+${PYSITELIB}/bandit/plugins/logging_config_insecure_listen.py
+${PYSITELIB}/bandit/plugins/logging_config_insecure_listen.pyc
+${PYSITELIB}/bandit/plugins/logging_config_insecure_listen.pyo
 ${PYSITELIB}/bandit/plugins/mako_templates.py
 ${PYSITELIB}/bandit/plugins/mako_templates.pyc
 ${PYSITELIB}/bandit/plugins/mako_templates.pyo
+${PYSITELIB}/bandit/plugins/request_without_timeout.py
+${PYSITELIB}/bandit/plugins/request_without_timeout.pyc
+${PYSITELIB}/bandit/plugins/request_without_timeout.pyo
 ${PYSITELIB}/bandit/plugins/snmp_security_check.py
 ${PYSITELIB}/bandit/plugins/snmp_security_check.pyc
 ${PYSITELIB}/bandit/plugins/snmp_security_check.pyo
 ${PYSITELIB}/bandit/plugins/ssh_no_host_key_verification.py
 ${PYSITELIB}/bandit/plugins/ssh_no_host_key_verification.pyc
 ${PYSITELIB}/bandit/plugins/ssh_no_host_key_verification.pyo
+${PYSITELIB}/bandit/plugins/tarfile_unsafe_members.py
+${PYSITELIB}/bandit/plugins/tarfile_unsafe_members.pyc
+${PYSITELIB}/bandit/plugins/tarfile_unsafe_members.pyo
 ${PYSITELIB}/bandit/plugins/try_except_continue.py
 ${PYSITELIB}/bandit/plugins/try_except_continue.pyc
 ${PYSITELIB}/bandit/plugins/try_except_continue.pyo
Index: pkgsrc/security/py-bandit/distinfo
diff -u pkgsrc/security/py-bandit/distinfo:1.1 pkgsrc/security/py-bandit/distinfo:1.2
--- pkgsrc/security/py-bandit/distinfo:1.1      Wed Mar  1 18:20:23 2023
+++ pkgsrc/security/py-bandit/distinfo  Wed Mar 29 10:47:50 2023
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.1 2023/03/01 18:20:23 adam Exp $
+$NetBSD: distinfo,v 1.2 2023/03/29 10:47:50 adam Exp $
 
-BLAKE2s (bandit-1.7.4.tar.gz) = f8f379ae1f855cbdcd062c10a0c973c231672fc70718ceff3f10a77438ef70e2
-SHA512 (bandit-1.7.4.tar.gz) = 93e1a25fd41e9409971f4cbac2ff73971ba270936a6b2aeecb3e0a2aa2015bcefd5eaab3cc94b2d9d96e4604d1a39c5ca1150c9eadd073357a90c5265c592407
-Size (bandit-1.7.4.tar.gz) = 495104 bytes
+BLAKE2s (bandit-1.7.5.tar.gz) = 66fdf47d300264da1f2b5f836d5824edde3a216116714b2add79adf6af83718f
+SHA512 (bandit-1.7.5.tar.gz) = 81b93654ba62e6d22e8c2d534b9f575979bad4f66acd90c221d214316cd1863e7c7e179b8e2a2a8fa80034db71ebda8636adb25b36e1827194bb4639e67ada09
+Size (bandit-1.7.5.tar.gz) = 1970878 bytes

Prev by Date: CVS commit: pkgsrc/net
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/net
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index