PyCQA/bandit issues and pull requests

#1153 - Nit: remove unused variable

Pull Request - State: closed - Opened by ericwb 1 day ago

#1152 - Bump docker/build-push-action from 6.0.0 to 6.1.0

Pull Request - State: closed - Opened by dependabot[bot] 4 days ago
Labels: dependencies

#1152 - Bump docker/build-push-action from 6.0.0 to 6.1.0

Pull Request - State: closed - Opened by dependabot[bot] 4 days ago
Labels: dependencies

#1152 - Bump docker/build-push-action from 6.0.0 to 6.1.0

Pull Request - State: closed - Opened by dependabot[bot] 4 days ago
Labels: dependencies

#1152 - Bump docker/build-push-action from 6.0.0 to 6.1.0

Pull Request - State: closed - Opened by dependabot[bot] 4 days ago
Labels: dependencies

#1151 - Add recent releases to version choice in bug report

Pull Request - State: open - Opened by ericwb 4 days ago

#1151 - Add recent releases to version choice in bug report

Pull Request - State: open - Opened by ericwb 4 days ago

#1151 - Add recent releases to version choice in bug report

Pull Request - State: open - Opened by ericwb 4 days ago

#1151 - Add recent releases to version choice in bug report

Pull Request - State: open - Opened by ericwb 4 days ago

#1150 - Suggested small refactors in assignments

Pull Request - State: closed - Opened by ericwb 5 days ago

#1149 - Add test for usage of FTP_TLS

Pull Request - State: closed - Opened by ericwb 5 days ago

#1148 - Performance improvement in blacklist function

Pull Request - State: open - Opened by ericwb 5 days ago - 1 comment

#1148 - Performance improvement in blacklist function

Pull Request - State: closed - Opened by ericwb 5 days ago - 2 comments

#1148 - Performance improvement in blacklist function

Pull Request - State: open - Opened by ericwb 5 days ago - 1 comment

#1148 - Performance improvement in blacklist function

Pull Request - State: open - Opened by ericwb 5 days ago - 1 comment

#1147 - Bump docker/build-push-action from 5.4.0 to 6.0.0

Pull Request - State: closed - Opened by dependabot[bot] 11 days ago
Labels: dependencies

#1146 - Guard against empty call argument list

Pull Request - State: closed - Opened by ericwb 16 days ago

#1145 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] 18 days ago

#1144 - Bump docker/build-push-action from 5.3.0 to 5.4.0

Pull Request - State: closed - Opened by dependabot[bot] 18 days ago
Labels: dependencies

#1143 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] 25 days ago

#1142 - Bump docker/login-action from 3.1.0 to 3.2.0

Pull Request - State: closed - Opened by dependabot[bot] 25 days ago
Labels: dependencies

#1142 - Bump docker/login-action from 3.1.0 to 3.2.0

Pull Request - State: closed - Opened by dependabot[bot] 25 days ago
Labels: dependencies

#1141 - IndexError: list index out of range while scanning cpython

Issue - State: closed - Opened by ericwb about 1 month ago
Labels: bug

#1140 - Do performance benchmark testing as part of build

Issue - State: open - Opened by ericwb about 1 month ago
Labels: enhancement

#1139 - Ensure sarif extra is included as part of doc build

Pull Request - State: closed - Opened by ericwb about 2 months ago - 1 comment

#1138 - SARIF docs are not rendered

Issue - State: closed - Opened by stephenpaulger about 2 months ago - 2 comments
Labels: bug

#1137 - Add a sponsor section to README

Pull Request - State: closed - Opened by ericwb about 2 months ago

#1136 - Add action to upload the wheel and tar-zipped distributions

Pull Request - State: closed - Opened by ericwb about 2 months ago - 3 comments

#1135 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] about 2 months ago

#1134 - Updates banner logo so it renders well in dark mode

Pull Request - State: closed - Opened by ericwb 2 months ago

#1133 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] 2 months ago

#1132 - Bump sigstore/cosign-installer from 3.4.0 to 3.5.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies

#1131 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] 3 months ago

#1130 - Bump docker/setup-buildx-action from 3.2.0 to 3.3.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#1127 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] 3 months ago

#1126 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] 3 months ago

#1125 - Bump docker/login-action from 3.0.0 to 3.1.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#1124 - Bump docker/setup-buildx-action from 3.1.0 to 3.2.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#1123 - Bump docker/build-push-action from 5.2.0 to 5.3.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#1122 - Start testing on Python 3.13

Pull Request - State: closed - Opened by ericwb 3 months ago

#1121 - New logo for Bandit based on raccoon

Pull Request - State: closed - Opened by ericwb 3 months ago - 4 comments

#1120 - update B405 rules

Pull Request - State: closed - Opened by kiraware 4 months ago - 1 comment

#1120 - update B405 rules

Pull Request - State: closed - Opened by kiraware 4 months ago

#1119 - [pre-commit.ci] pre-commit autoupdate

Pull Request - State: closed - Opened by pre-commit-ci[bot] 4 months ago

#1117 - Bump docker/build-push-action from 5.1.0 to 5.2.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#1116 - [B605] Add functions that are vulnerable to shell injection.

Pull Request - State: closed - Opened by shihai1991 4 months ago - 2 comments

#1115 - Bump docker/setup-buildx-action from 3.0.0 to 3.1.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies

#1114 - Pytorch Load / Save Plugin

Pull Request - State: open - Opened by lukehinds 4 months ago - 3 comments

#1113 - Add a SARIF output formatter

Pull Request - State: open - Opened by ericwb 4 months ago

#1113 - Add a SARIF output formatter

Pull Request - State: closed - Opened by ericwb 4 months ago - 7 comments

#1112 - Use datetime to avoid updating copyright year

Pull Request - State: closed - Opened by ericwb 4 months ago

#1111 - filter data is safe for tarfile extractall

Pull Request - State: closed - Opened by etienneschalk 4 months ago - 1 comment

#1110 - Add 1.7.7 to versions of bug template

Pull Request - State: closed - Opened by ericwb 5 months ago - 2 comments

#1109 - Bump sigstore/cosign-installer from 3.3.0 to 3.4.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies

#1107 - Utilize PyPI's trusted publishing

Pull Request - State: closed - Opened by ericwb 5 months ago

#1106 - assert_used skips change in 1.7.7

Issue - State: open - Opened by jonyscathe 5 months ago - 2 comments
Labels: bug

#1105 - Incorrect tag naming in readme

Pull Request - State: closed - Opened by lukehinds 5 months ago

#1104 - Downsize the org:repo name

Pull Request - State: closed - Opened by lukehinds 5 months ago

#1103 - Remove markdown formatting in reStructuredText formatted README

Pull Request - State: closed - Opened by ericwb 5 months ago - 1 comment

#1102 - Publish to Test PyPI fails

Issue - State: closed - Opened by ericwb 5 months ago
Labels: bug

#1101 - Bump actions/dependency-review-action from 3 to 4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies

#1100 - Can we add a json schema to complete pyproject.toml's [tool.bandit]?

Issue - State: open - Opened by Freed-Wu 5 months ago - 1 comment
Labels: enhancement

#1099 - Rework GitPython dependency to be an extra for bandit-baseline

Pull Request - State: closed - Opened by ericwb 5 months ago

#1098 - Official GitHub Action

Issue - State: open - Opened by lukehinds 5 months ago
Labels: enhancement

#1097 - security: cve-2024-22910

Pull Request - State: closed - Opened by misogihagi 5 months ago - 6 comments

#1096 - Add random.randbytes to blacklist calls

Pull Request - State: closed - Opened by ericwb 5 months ago

#1095 - More Info hyperlink is broken

Issue - State: closed - Opened by ssabzevari-antuit 5 months ago - 3 comments
Labels: bug

#1094 - Prepend ./ for files specified as CLI args

Pull Request - State: closed - Opened by ericwb 5 months ago

#1093 - Fix up issues found running Bandit on itself

Pull Request - State: closed - Opened by ericwb 6 months ago

#1092 - # nosec with bandit ID doesn't work properly sometimes

Issue - State: open - Opened by ericwb 6 months ago - 4 comments
Labels: bug

#1091 - Create a security policy

Pull Request - State: closed - Opened by ericwb 6 months ago

#1090 - Use .gitignore as part of the excluded file list

Pull Request - State: open - Opened by ericwb 6 months ago - 9 comments

#1089 - Add tidelift to the sponsor funding list

Pull Request - State: closed - Opened by ericwb 6 months ago

#1088 - Introduce Official Bandit Images

Pull Request - State: closed - Opened by lukehinds 6 months ago - 5 comments

#1087 - Bandit container image.

Issue - State: closed - Opened by lukehinds 6 months ago
Labels: enhancement

#1086 - Document adding a job to GitLab CICD

Pull Request - State: open - Opened by Bengt 6 months ago

#1083 - One test fails

Issue - State: closed - Opened by yurivict 6 months ago - 2 comments
Labels: bug

#1082 - B411 error can't be resolved by the suggested change

Issue - State: open - Opened by kajinamit 6 months ago
Labels: bug

#1081 - defusedxml: Show correct module name

Pull Request - State: closed - Opened by kajinamit 6 months ago

#1080 - Fix defusedxml lib name typo

Pull Request - State: closed - Opened by tkopecek 6 months ago - 1 comment

#1079 - OSSFuzz Integration

Issue - State: closed - Opened by capuanob 6 months ago - 1 comment
Labels: enhancement

#1078 - Handle variant in how policy is passed in paramiko

Pull Request - State: closed - Opened by ericwb 7 months ago

#1077 - ssh_no_host_key_verification is failing on Python 3.12

Issue - State: closed - Opened by dolfinus 7 months ago
Labels: bug

#1076 - Bump actions/setup-python from 4 to 5

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies

#1075 - Add the new release to bandit versions of bug template

Pull Request - State: closed - Opened by ericwb 7 months ago

#1074 - B314 since Python 3.6 is not valid

Issue - State: open - Opened by CyberKatze 7 months ago - 5 comments
Labels: bug

#1073 - Fix crash on pyproject.toml without bandit config

Pull Request - State: closed - Opened by javajawa 7 months ago

#1072 - Add Trunk Check Instructions

Pull Request - State: closed - Opened by joshmarinacci 7 months ago - 2 comments

#1071 - Mark use of `PKCS1v15` for encryption and decryption a vulnerability

Issue - State: open - Opened by tomato42 8 months ago - 3 comments
Labels: enhancement

#1070 - Use mirror repository for black pre-commit hook

Pull Request - State: closed - Opened by mportesdev 8 months ago

#1068 - Add official support of Python 3.12

Pull Request - State: closed - Opened by ericwb 9 months ago - 4 comments

#1067 - Flag `markupsafe.Markup` on non-literal content

Issue - State: open - Opened by xmo-odoo 9 months ago - 5 comments
Labels: enhancement

#1066 - refactor: remove `importlib-metadata` fallback

Pull Request - State: closed - Opened by mkniewallner 9 months ago - 2 comments

#1064 - fix(plugins/B507): also detect class instances

Pull Request - State: closed - Opened by mkniewallner 9 months ago

#1063 - Fixes for sphinx build

Pull Request - State: closed - Opened by ericwb 9 months ago - 7 comments

#1062 - Issue: [B113:request_without_timeout]

Issue - State: open - Opened by Rolstenhouse 9 months ago
Labels: bug

#1061 - Fix for ReadtheDocs build

Pull Request - State: closed - Opened by ericwb 9 months ago - 1 comment

#1060 - feat(plugins): add support for `httpx` in `B113`

Pull Request - State: closed - Opened by mkniewallner 9 months ago

#1059 - Add support for `httpx` in `B113` (`request_without_timeout`)

Issue - State: closed - Opened by mkniewallner 9 months ago
Labels: enhancement

#1058 - Bump actions/checkout from 3 to 4

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies

GitHub / PyCQA/bandit issues and pull requests