Safety vulnerability ID: 45736
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Bandit 1.6.3 updates its dependency 'pyyaml' to v5.3.1 to include security fixes.
Latest version: 1.7.8
Security oriented static analyser for python code.
<details open>
<summary><strong>Changelog</strong></summary>
* Add workflow to publish to PyPI (653) ericwb
* GitHub Action to publish to Test PyPI (652) ericwb
* Fix noqa rendering in docs (645) DrGFreeman
* Don't show progress information on --quiet (641) fniessink
* Add skip configuration to assert_used (633) wilbertom
* Drop Python2 build, test, and install (615) ericwb
* Add release notes project URL (610) scop
* [FIX] blacklist: fix typo in import_ftplib (601) Yenthe666
* Resolve 'NoneType' object has no attribute 'id'Traceback in django_mark_safe (598) ehooo
* Update CODE_OF_CONDUCT.md (591) ericwb
* Fix typo for activating venv (590) bavedarnow
* Bump pyyaml (588) dosisod
* Fix colorama not being disabled after being used (586) adambenali
* Cleanup some typos in recent contributor guide (585) ericwb
* [DOC] Support python3 venv creation (583) look4regev
* Fix contributing typo (582) Glyphack
* Add contributing file (572) Glyphack
* Add push and pull request to GH Action trigger (567) ericwb
* Use GitHub Actions to run CI (565) ericwb
* Add sha1 to the list of insecure hashes (561) ericwb
* replace 'then' with 'than' (557) pwoolvett
* Fix docs for B610,B611,B703 (555) amacfie
* Add a section explaining "nosec" (554) exhuma
* Add official support of Python 3.8 (547) ericwb
* Ignore common directories by default (544) ericwb
* Add shelve to the pickle blacklists (542) auscompgeek
* Add more missing ini options (541) ericwb
* Revert "Revert "Update python documentation links for version 3 counterparts"" (540) ericwb
* Remove unused bindep.txt file (539) ericwb
* Remove obsolete "sudo" keyword. (538) jugmac00
* Update test requirements to latest versions (535) ericwb
* Fix readme file on Extending Bandit on list things (534) Aurel10
* fix the documentation file README.rst (533) Aurel10
* Cleanup comments after 510 (532) florczakraf
* Use SPDX license identifier instead of bulky headers (530) ericwb
* fix B603 docstring (524) graingert
* Add type checking to name node of hashlib_new (516) teeann
* --exit-zero option (510) maciejstromich
* Fix 3.8 errors (509) tylerwince
* Add several ini options for .bandit file (508) vuolter
* get_url returns different urls calling twice (bug 506) (507) ehooo
* Replace setattr (493) tylerwince
</details>
[See full changelog](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application