Bump bandit from 1.8.3 to 1.8.5#288
Conversation
Bumps [bandit](https://github.com/PyCQA/bandit) from 1.8.3 to 1.8.5. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](PyCQA/bandit@1.8.3...1.8.5) --- updated-dependencies: - dependency-name: bandit dependency-version: 1.8.5 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
dependabot
Bot
added
dependencies
🛡️ Bandit Scan Results SummaryWe found 0 High, 0 Medium, and 0 Low severity issues. Detailed Findings
✨ About this ReportThis report was generated by the official Bandit GitHub Action to ensure our codebase stays secure. 📕 What is Bandit?Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation. 👥 Community SupportGot questions or need help with Bandit Action?
|
senzingdevops
left a comment
senzingdevops
left a comment
There was a problem hiding this comment.
Automated: approving this pull request because it includes a patch update
Coverage report
This PR does not seem to contain any modification to coverable code. |
🛡️ Bandit Scan Results SummaryWe found 0 High, 0 Medium, and 0 Low severity issues. Detailed Findings
✨ About this ReportThis report was generated by the official Bandit GitHub Action to ensure our codebase stays secure. 📕 What is Bandit?Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation. 👥 Community SupportGot questions or need help with Bandit Action?
|
2 participants
Bumps bandit from 1.8.3 to 1.8.5.
Release notes
Sourced from bandit's releases.
Commits
23d269aFix for publish to PyPI failure (#1273)e3ff8b5Fix the rendering of the CI/CD doc (#1274)61d1667add github-actions documentation (#1172)cea2b1cBump docker/build-push-action from 6.17.0 to 6.18.0 (#1268)2d577a6[pre-commit.ci] pre-commit autoupdate (#1266)fa557ccBump docker/build-push-action from 6.16.0 to 6.17.0 (#1265)2f0ab8bRemove etc from list of temp paths (#1263)d8feadeBump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#1262)7979676Bump docker/build-push-action from 6.15.0 to 6.16.0 (#1261)6c92732Use ubuntu latest for readthedocs build (#1260)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)