Workflow

Bandit

Latest version: v1.8.0

Safety actively analyzes 688775 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 3 of 3

1.6.3

Not secure
What's Changed
* Replace setattr by tylerwince in https://github.com/PyCQA/bandit/pull/493
* Fix 3.8 errors by tylerwince in https://github.com/PyCQA/bandit/pull/509
* get_url returns different urls calling twice (bug 506) by ehooo in https://github.com/PyCQA/bandit/pull/507
* fix B603 docstring by graingert in https://github.com/PyCQA/bandit/pull/524
* --exit-zero option by maciejstromich in https://github.com/PyCQA/bandit/pull/510
* fix the documentation file README.rst by MrDolev in https://github.com/PyCQA/bandit/pull/533
* Cleanup comments after 510 by florczakraf in https://github.com/PyCQA/bandit/pull/532
* Update test requirements to latest versions by ericwb in https://github.com/PyCQA/bandit/pull/535
* Remove obsolete "sudo" keyword. by jugmac00 in https://github.com/PyCQA/bandit/pull/538
* Remove unused bindep.txt file by ericwb in https://github.com/PyCQA/bandit/pull/539
* Revert "Revert "Update python documentation links for version 3 counterparts"" by ericwb in https://github.com/PyCQA/bandit/pull/540
* Add several ini options for .bandit file by vuolter in https://github.com/PyCQA/bandit/pull/508
* Add type checking to name node of hashlib_new by teeann in https://github.com/PyCQA/bandit/pull/516
* Add more missing ini options by ericwb in https://github.com/PyCQA/bandit/pull/541
* Add shelve to the pickle blacklists by auscompgeek in https://github.com/PyCQA/bandit/pull/542
* Fix readme file on Extending Bandit on list things by MrDolev in https://github.com/PyCQA/bandit/pull/534
* Add official support of Python 3.8 by ericwb in https://github.com/PyCQA/bandit/pull/547
* update README to add info about badge by zachvalenta in https://github.com/PyCQA/bandit/pull/482
* Fix docs for B610,B611,B703 by amacfie in https://github.com/PyCQA/bandit/pull/555
* Use SPDX license identifier instead of bulky headers by ericwb in https://github.com/PyCQA/bandit/pull/530
* Add a section explaining "nosec" by exhuma in https://github.com/PyCQA/bandit/pull/554
* replace 'then' with 'than' by pwoolvett in https://github.com/PyCQA/bandit/pull/557
* Add sha1 to the list of insecure hashes by ericwb in https://github.com/PyCQA/bandit/pull/561
* Use GitHub Actions to run CI by ericwb in https://github.com/PyCQA/bandit/pull/565
* Ignore common directories by default by ericwb in https://github.com/PyCQA/bandit/pull/544
* Add push and pull request to GH Action trigger by ericwb in https://github.com/PyCQA/bandit/pull/567
* Add contributing file by Glyphack in https://github.com/PyCQA/bandit/pull/572
* Fix contributing typo by Glyphack in https://github.com/PyCQA/bandit/pull/582
* [DOC] Support python3 venv creation by look4regev in https://github.com/PyCQA/bandit/pull/583
* Cleanup some typos in recent contributor guide by ericwb in https://github.com/PyCQA/bandit/pull/585
* Fix colorama not being disabled after being used by adambenali in https://github.com/PyCQA/bandit/pull/586
* Fix typo for activating venv by bavedarnow in https://github.com/PyCQA/bandit/pull/590
* Bump pyyaml by dosisod in https://github.com/PyCQA/bandit/pull/588
* Update CODE_OF_CONDUCT.md by ericwb in https://github.com/PyCQA/bandit/pull/591
* Resolve 'NoneType' object has no attribute 'id'Traceback in django_mark_safe by ehooo in https://github.com/PyCQA/bandit/pull/598
* [FIX] blacklist: fix typo in import_ftplib by Yenthe666 in https://github.com/PyCQA/bandit/pull/601
* Add release notes project URL by scop in https://github.com/PyCQA/bandit/pull/610
* Drop Python2 build, test, and install by ericwb in https://github.com/PyCQA/bandit/pull/615
* Fix noqa rendering in docs by DrGFreeman in https://github.com/PyCQA/bandit/pull/645
* Don't show progress information on --quiet by fniessink in https://github.com/PyCQA/bandit/pull/641
* Add skip configuration to assert_used by wilbertom in https://github.com/PyCQA/bandit/pull/633
* GitHub Action to publish to Test PyPI by ericwb in https://github.com/PyCQA/bandit/pull/652
* Add workflow to publish to PyPI by ericwb in https://github.com/PyCQA/bandit/pull/653

New Contributors
* graingert made their first contribution in https://github.com/PyCQA/bandit/pull/524
* MrDolev made their first contribution in https://github.com/PyCQA/bandit/pull/533
* florczakraf made their first contribution in https://github.com/PyCQA/bandit/pull/532
* jugmac00 made their first contribution in https://github.com/PyCQA/bandit/pull/538
* vuolter made their first contribution in https://github.com/PyCQA/bandit/pull/508
* teeann made their first contribution in https://github.com/PyCQA/bandit/pull/516
* auscompgeek made their first contribution in https://github.com/PyCQA/bandit/pull/542
* zachvalenta made their first contribution in https://github.com/PyCQA/bandit/pull/482
* amacfie made their first contribution in https://github.com/PyCQA/bandit/pull/555
* exhuma made their first contribution in https://github.com/PyCQA/bandit/pull/554
* pwoolvett made their first contribution in https://github.com/PyCQA/bandit/pull/557
* Glyphack made their first contribution in https://github.com/PyCQA/bandit/pull/572
* look4regev made their first contribution in https://github.com/PyCQA/bandit/pull/583
* adambenali made their first contribution in https://github.com/PyCQA/bandit/pull/586
* bavedarnow made their first contribution in https://github.com/PyCQA/bandit/pull/590
* dosisod made their first contribution in https://github.com/PyCQA/bandit/pull/588
* Yenthe666 made their first contribution in https://github.com/PyCQA/bandit/pull/601
* scop made their first contribution in https://github.com/PyCQA/bandit/pull/610
* DrGFreeman made their first contribution in https://github.com/PyCQA/bandit/pull/645
* fniessink made their first contribution in https://github.com/PyCQA/bandit/pull/641
* wilbertom made their first contribution in https://github.com/PyCQA/bandit/pull/633

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3

1.6.2

Not secure
What's Changed
* Performance fix by tylerwince in https://github.com/PyCQA/bandit/pull/502


**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.6.1...1.6.2

1.6.1

Not secure
What's Changed
* add namespaces for parent attributes by tylerwince in https://github.com/PyCQA/bandit/pull/492
* add test for regression and fix directory exclusion without wildcards by mattjegan in https://github.com/PyCQA/bandit/pull/489

New Contributors
* mattjegan made their first contribution in https://github.com/PyCQA/bandit/pull/489

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.6.0...1.6.1

1.6.0

Not secure
What's Changed
* Fix custom format argument handling by evqna in https://github.com/PyCQA/bandit/pull/380
* Add release drafter template by evqna in https://github.com/PyCQA/bandit/pull/382
* Add option -q, --quiet, --silent to hide output by ericwb in https://github.com/PyCQA/bandit/pull/385
* No need to skip R0204: redefined-variable-type by ericwb in https://github.com/PyCQA/bandit/pull/390
* Allow failures on dev branch of Python 3.8 by ericwb in https://github.com/PyCQA/bandit/pull/392
* Fix Pylint warning W0612: use of unused variables by ericwb in https://github.com/PyCQA/bandit/pull/389
* Fix B611 doc title by paulopontesm in https://github.com/PyCQA/bandit/pull/414
* Add pre-commit config by KPilnacek in https://github.com/PyCQA/bandit/pull/411
* Remove unneeded trailing paren in link by ericwb in https://github.com/PyCQA/bandit/pull/416
* Fix more info line to be in color also by ericwb in https://github.com/PyCQA/bandit/pull/408
* Add missing custom formatter doc (406) by nixphix in https://github.com/PyCQA/bandit/pull/421
* Fix terminal colors not displaying properly on Windows by GhostofGoes in https://github.com/PyCQA/bandit/pull/424
* Fix sql injection check for f-strings by mikespallino in https://github.com/PyCQA/bandit/pull/434
* Bump PyYAML minimum version to 3.13 by ericwb in https://github.com/PyCQA/bandit/pull/432
* Remove paramiko invoke_shell and fix example by ericwb in https://github.com/PyCQA/bandit/pull/377
* Supporting CSafeLoader in yaml.load plugin by domanchi in https://github.com/PyCQA/bandit/pull/436
* Properly handle nosec strings in code by ericwb in https://github.com/PyCQA/bandit/pull/388
* Add a readthedocs build status badge by lukehinds in https://github.com/PyCQA/bandit/pull/440
* 394 Describe baseline and it's usage in README by BillBrower in https://github.com/PyCQA/bandit/pull/415
* Fix DeprecationWarning: invalid escape sequence by BoboTiG in https://github.com/PyCQA/bandit/pull/441
* Fix ResourceWarning: unclosed file by BoboTiG in https://github.com/PyCQA/bandit/pull/442
* Password by ehooo in https://github.com/PyCQA/bandit/pull/387
* check if ast.JoinedStr exists before using it by calvinli in https://github.com/PyCQA/bandit/pull/446
* Fix typo in README by bitcoinhodler in https://github.com/PyCQA/bandit/pull/451
* Fix context class by ehooo in https://github.com/PyCQA/bandit/pull/449
* Update python documentation links for version 3 counterparts by sgaist in https://github.com/PyCQA/bandit/pull/456
* Revert "Update python documentation links for version 3 counterparts" by ericwb in https://github.com/PyCQA/bandit/pull/461
* Redo logo on the README by ericwb in https://github.com/PyCQA/bandit/pull/463
* Interpret wildcards in the file exclusion list by thilp in https://github.com/PyCQA/bandit/pull/450
* updated readme links for werkzeug debugger by sfc-gh-spandey in https://github.com/PyCQA/bandit/pull/473
* Remove pycryptodome blacklist by mikespallino in https://github.com/PyCQA/bandit/pull/470

New Contributors
* paulopontesm made their first contribution in https://github.com/PyCQA/bandit/pull/414
* KPilnacek made their first contribution in https://github.com/PyCQA/bandit/pull/411
* nixphix made their first contribution in https://github.com/PyCQA/bandit/pull/421
* GhostofGoes made their first contribution in https://github.com/PyCQA/bandit/pull/424
* domanchi made their first contribution in https://github.com/PyCQA/bandit/pull/436
* BillBrower made their first contribution in https://github.com/PyCQA/bandit/pull/415
* BoboTiG made their first contribution in https://github.com/PyCQA/bandit/pull/441
* calvinli made their first contribution in https://github.com/PyCQA/bandit/pull/446
* bitcoinhodler made their first contribution in https://github.com/PyCQA/bandit/pull/451
* sgaist made their first contribution in https://github.com/PyCQA/bandit/pull/456
* thilp made their first contribution in https://github.com/PyCQA/bandit/pull/450
* sfc-gh-spandey made their first contribution in https://github.com/PyCQA/bandit/pull/473

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.5.1...1.6.0

1.5.1

Not secure
What's Changed
* Fixed crash on dynamic import traversal by evqna in https://github.com/PyCQA/bandit/pull/369
* New plugin to check for ignoring host keys by rajathagasthya in https://github.com/PyCQA/bandit/pull/374
* Adding test case for traversal crash by evqna in https://github.com/PyCQA/bandit/pull/378

New Contributors
* rajathagasthya made their first contribution in https://github.com/PyCQA/bandit/pull/374

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.5.0...1.5.1

1.5.0

Not secure
What's Changed
* Travis ci file by lukehinds in https://github.com/PyCQA/bandit/pull/282
* Changes OpenStack specifics to PyCQA by lukehinds in https://github.com/PyCQA/bandit/pull/1
* Migrate to new PyPI website by ericwb in https://github.com/PyCQA/bandit/pull/2
* Create a code of conduct by ericwb in https://github.com/PyCQA/bandit/pull/283
* Remove the unused integration tests by ericwb in https://github.com/PyCQA/bandit/pull/285
* Create an issue template for the project by ericwb in https://github.com/PyCQA/bandit/pull/284
* Add a build status badge to the README by ericwb in https://github.com/PyCQA/bandit/pull/289
* Show support for Python 3.6 by ericwb in https://github.com/PyCQA/bandit/pull/288
* Remove integration test playbooks by ericwb in https://github.com/PyCQA/bandit/pull/290
* Update issue templates to new GitHub format by ericwb in https://github.com/PyCQA/bandit/pull/301
* Logo design: Bandit by baranpirincal in https://github.com/PyCQA/bandit/pull/302
* Add a smaller logo that works with the README rst by ericwb in https://github.com/PyCQA/bandit/pull/304
* Update the doc links, remove openstack by ericwb in https://github.com/PyCQA/bandit/pull/305
* Add missing B413 import_pycrypto in README by ericwb in https://github.com/PyCQA/bandit/pull/308
* Add PyCryptodome to import blacklists by warthog9 in https://github.com/PyCQA/bandit/pull/307
* Django sql injection by ehooo in https://github.com/PyCQA/bandit/pull/292
* Use bandit.readthedocs.io in setup.cfg by ericwb in https://github.com/PyCQA/bandit/pull/312
* Add detection for Django XSS by ehooo in https://github.com/PyCQA/bandit/pull/295
* Add missing documentation link for B703 by ericwb in https://github.com/PyCQA/bandit/pull/314
* Remove OpenStack-specific plugins by nickthetait in https://github.com/PyCQA/bandit/pull/316
* Improve shell by ehooo in https://github.com/PyCQA/bandit/pull/298
* Fast fix for yaml import by ehooo in https://github.com/PyCQA/bandit/pull/303
* Django sql injection by ehooo in https://github.com/PyCQA/bandit/pull/310
* Enable travis to run pylint and pep8 tox env by ericwb in https://github.com/PyCQA/bandit/pull/325
* Add development status classifier by ericwb in https://github.com/PyCQA/bandit/pull/321
* Remove openstack specific utils.exec checks by ericwb in https://github.com/PyCQA/bandit/pull/328
* add os.tempnam() / os.tmpnam() to blacklist by chair6 in https://github.com/PyCQA/bandit/pull/330
* Add Python 3.7 support by ericwb in https://github.com/PyCQA/bandit/pull/327
* Add subprocess.run to B602 by ericwb in https://github.com/PyCQA/bandit/pull/334
* Repair some broken see also links in the doc by ericwb in https://github.com/PyCQA/bandit/pull/336
* Use html.escape() instead of cgi.escape() by ericwb in https://github.com/PyCQA/bandit/pull/339
* Re-enable functional tests as part of CI by ericwb in https://github.com/PyCQA/bandit/pull/348
* Add more_info URL to XML output by stannum-l in https://github.com/PyCQA/bandit/pull/354
* Report dill usage by calve in https://github.com/PyCQA/bandit/pull/347
* Add experimental Python 3.8-dev to test with by ericwb in https://github.com/PyCQA/bandit/pull/337
* Add emojis to issue types by ericwb in https://github.com/PyCQA/bandit/pull/358
* Add more_info URL to text output by stannum-l in https://github.com/PyCQA/bandit/pull/359
* Add more_info URL to screen formatter by stannum-l in https://github.com/PyCQA/bandit/pull/360
* Add support to run bandit as python -m bandit by rtfpessoa in https://github.com/PyCQA/bandit/pull/363
* Add more_info URL to csv formatter by stannum-l in https://github.com/PyCQA/bandit/pull/361
* Add external documentation references by evqna in https://github.com/PyCQA/bandit/pull/368
* Change ver 1.4.1 references to 1.5.0 by ericwb in https://github.com/PyCQA/bandit/pull/370

New Contributors
* baranpirincal made their first contribution in https://github.com/PyCQA/bandit/pull/302
* warthog9 made their first contribution in https://github.com/PyCQA/bandit/pull/307
* nickthetait made their first contribution in https://github.com/PyCQA/bandit/pull/316
* chair6 made their first contribution in https://github.com/PyCQA/bandit/pull/330
* calve made their first contribution in https://github.com/PyCQA/bandit/pull/347
* rtfpessoa made their first contribution in https://github.com/PyCQA/bandit/pull/363

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.4.0...1.5.0

Page 3 of 3

Links

Releases

Has known vulnerabilities

Previous

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.