Changelogs » Bandit

PyUp Safety actively tracks 232,000 Python packages for vulnerabilities and notifies you when to upgrade.

Bandit

1.6.2

<details open>
  <summary><strong>Changelog</strong></summary>
  
  * Performance fix (502) tylerwince
  
  </details>
  
  [See full changelog](https://github.com/PyCQA/bandit/compare/1.6.1...1.6.2)

1.6.1

<details open>
  <summary><strong>Changelog</strong></summary>
  
  * add test for regression and fix directory exclusion without wildcards (489) mattjegan
  * add namespaces for parent attributes (492) tylerwince
  
  </details>
  
  [See full changelog](https://github.com/PyCQA/bandit/compare/1.6.0...1.6.1)

1.6.0

<details open>
  <summary><strong>Changelog</strong></summary>
  
  * Remove paramiko invoke_shell and fix example (377) ericwb
  * Fix custom format argument handling (380) evqna
  * Add release drafter template (382) evqna
  * Add option -q, --quiet, --silent to hide output (385) ericwb
  * Password (387) ehooo
  * Properly handle nosec strings in code (388) ericwb
  * Fix Pylint warning W0612: use of unused variables (389) ericwb
  * No need to skip R0204: redefined-variable-type (390) ericwb
  * Allow failures on dev branch of Python 3.8 (392) ericwb
  * Fix more info line to be in color also (408) ericwb
  * Add pre-commit config (411) KPilnacek
  * Fix B611 doc title (414) paulopontesm
  * Describe baseline and it's usage in README (415) BillBrower
  * Remove unneeded trailing paren in link (416) ericwb
  * Add missing custom formatter doc (406) (421) nixphix
  * Fix terminal colors not displaying properly on Windows (424) GhostofGoes
  * Fix sql injection check for f-strings (434) mikespallino
  * Bump PyYAML minimum version to 3.13 (432) ericwb
  * Supporting CSafeLoader in yaml.load plugin (436) domanchi
  * Add a readthedocs build status badge (440) lukehinds
  * Fix DeprecationWarning: invalid escape sequence (441) BoboTiG
  * Fix ResourceWarning: unclosed file (442) BoboTiG
  * check if ast.JoinedStr exists before using it (446) calvinli
  * Fix context class (449) ehooo
  * Interpret wildcards in the file exclusion list (450) thilp
  * Fix typo in README (451) bitcoinhodler
  * Redo logo on the README (463) ericwb
  * Remove pycryptodome blacklist (470) mikespallino
  * updated readme links for werkzeug debugger (473) soumitr-snowflake
  
  </details>
  
  [See full changelog](https://github.com/PyCQA/bandit/compare/1.5.1...1.6.0)

1.5.1

<details open>
  <summary><strong>Changelog</strong></summary>
  
  * Fixed crash on dynamic import traversal (369) evqna
  * New plugin to check for ignoring host keys (374) rajathagasthya
  * Adding test case for traversal crash (378) ericwb
  </details>
  
  [See full changelog](https://github.com/PyCQA/bandit/compare/1.5.0...1.5.1)

1.5.0

<details open>
  <summary><strong>Changelog</strong></summary>
  
  * Changes OpenStack specifics to PyCQA (1) lukehinds
  * Travis ci file (282) lukehinds
  * Migrate to new PyPI website (2) ericwb
  * Create a code of conduct (283) ericwb
  * Remove the unused integration tests (285) ericwb
  * Create an issue template for the project (284) ericwb
  * Add a build status badge to the README (289) ericwb
  * Show support for Python 3.6 (288) ericwb
  * Remove integration test playbooks (290) ericwb
  * Django sql injection (292) ehooo
  * Add detection for Django XSS (295) ehooo
  * Logo design: Bandit (302) baranpirincal
  * Update issue templates to new GitHub format (301) ericwb
  * Fast fix for yaml import (303) ehooo
  * Add a smaller logo that works with the README rst (304) ericwb
  * Update the doc links, remove openstack (305) ericwb
  * Add missing B413 import_pycrypto in README (308) ericwb
  * Add PyCryptodome to import blacklists (307) warthog9
  * Django sql injection (292) ehooo
  * Use bandit.readthedocs.io in setup.cfg (312) ericwb
  * Add detection for Django XSS (295) ehooo
  * Add missing documentation link for B703 (314) ericwb
  * Remove OpenStack-specific plugins (316) nickthetait
  * Improve shell (298) ehooo
  * Enable travis to run pylint and pep8 tox env (325) ericwb
  * Add development status classifier (321) ericwb
  * Remove openstack specific utils.exec checks (328) ericwb
  * add os.tempnam() / os.tmpnam() to blacklist (330) chair6
  * Add Python 3.7 support (327) ericwb
  * Add subprocess.run to B602 (334) ericwb
  * Repair some broken see also links in the doc (336) ericwb
  * Use html.escape() instead of cgi.escape() (339) ericwb
  * Re-enable functional tests as part of CI (348) ericwb
  * Add more_info URL to XML output (354) stannum-l
  * Report dill usage (347) calve
  * Add experimental Python 3.8-dev to test with (337) ericwb
  * Add emojis to issue types (358) ericwb
  * Add more_info URL to text output (359) stannum-l
  * Add more_info URL to screen formatter (360) stannum-l
  * Add support to run bandit as python -m bandit (363) rtfpessoa
  * Add more_info URL to csv formatter (361) stannum-l
  * Add external documentation references (368) evqna
  * Change ver 1.4.1 references to 1.5.0 (370) ericwb
  </details>
  
  [See full changelog](https://github.com/PyCQA/bandit/compare/1.4.0...1.5.0)