Bump virtualenv from 20.33.0 to 20.33.1

[dependabot]

Bumps virtualenv from 20.33.0 to 20.33.1.

Release notes

Sourced from virtualenv's releases.

20.33.1

What's Changed

• release 20.33.0 by @​gaborbernat in pypa/virtualenv#2929
• fix(test): Restore mtime of py_info.py in test by @​esafak in pypa/virtualenv#2938
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in pypa/virtualenv#2937
• fix: Correctly unpack _get_tcl_tk_libs() response in PythonInfo by @​esafak in pypa/virtualenv#2940
• chore: Request shell and python details in bug reports by @​esafak in pypa/virtualenv#2942

Full Changelog: pypa/virtualenv@20.33.0...20.33.1

Changelog

Sourced from virtualenv's changelog.

v20.33.1 (2025-08-05)

Bugfixes - 20.33.1

- Correctly unpack _get_tcl_tk_libs() response in PythonInfo.
  Contributed by :user:`esafak`. (:issue:`2930`)
- Restore `py_info.py` timestamp in `test_py_info_cache_invalidation_on_py_info_change`
  Contributed by :user:`esafak`. (:issue:`2933`)

Commits

• 8cea2c7 release 20.33.1
• cac4942 Merge pull request #2942 from esafak/bug_report_template
• 91d3618 chore: Request shell and python details in bug reports
• f528c19 Merge pull request #2940 from esafak/fix/2930-tcl-library-bug
• a7c6824 Merge branch 'main' into fix/2930-tcl-library-bug
• 034f717 [pre-commit.ci] auto fixes from pre-commit.com hooks
• 8c9e431 Iterate on quoting
• 59078c5 Remove investigation scripts, add changelog entry
• 7336c43 fix: Correctly unpack _get_tcl_tk_libs() response in PythonInfo
• 94004cc Merge pull request #2937 from pypa/pre-commit-ci-update-config
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 2 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	10	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
⚪ MEDIUM	Probable insecure usage of temp file/directory.	sz_tools/_tool_helpers.py	732	MEDIUM	More Info	B108
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	658	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	642	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[senzingdevops]

Automated: approving this pull request because it includes a patch update

[senzingdevops]

Automated: approving this pull request because it includes a patch update

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 2 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	10	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
⚪ MEDIUM	Probable insecure usage of temp file/directory.	sz_tools/_tool_helpers.py	732	MEDIUM	More Info	B108
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	658	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	642	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.