commit python-bandit for openSUSE:Factory

Source-Sync Wed, 10 Mar 2021 00:07:27 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-bandit for openSUSE:Factory 
checked in at 2021-03-10 08:57:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-bandit (Old)
 and      /work/SRC/openSUSE:Factory/.python-bandit.new.2378 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "python-bandit"

Wed Mar 10 08:57:14 2021 rev:8 rq:877896 version:1.7.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-bandit/python-bandit.changes      
2021-02-15 23:20:38.355784640 +0100
+++ /work/SRC/openSUSE:Factory/.python-bandit.new.2378/python-bandit.changes    
2021-03-10 08:58:36.934973228 +0100
@@ -1,0 +2,39 @@
+Tue Mar  9 06:13:09 UTC 2021 - Steve Kowalik <[email protected]>
+
+- Update to 1.7.0:
+  * Remove blacklist call to input() (#662) @ericwb
+  * Remove universal support on the wheel (#655) @ericwb
+  * Give some tips on how to resolve B101 in the doc (#616) @xuhdev
+  * Don't show progress information on --quiet (#641) @fniessink
+  * Add skip configuration to assert_used (#633) @wilbertom
+  * Drop Python2 build, test, and install (#615) @ericwb
+  * [FIX] blacklist: fix typo in import_ftplib (#601) @Yenthe666
+  * Resolve 'NoneType' object has no attribute 'id'Traceback in
+    django_mark_safe (#598) @ehooo
+  * Fix typo for activating venv (#590) @bavedarnow
+  * Bump pyyaml (#588) @dosisod
+  * Fix colorama not being disabled after being used (#586) @adambenali
+  * Cleanup some typos in recent contributor guide (#585) @ericwb
+  * [DOC] Support python3 venv creation (#583) @look4regev
+  * Add sha1 to the list of insecure hashes (#561) @ericwb
+  * Fix docs for B610,B611,B703 (#555) @amacfie
+  * Add a section explaining "nosec" (#554) @exhuma
+  * Add official support of Python 3.8 (#547) @ericwb
+  * Ignore common directories by default (#544) @ericwb
+  * Add shelve to the pickle blacklists (#542) @auscompgeek
+  * Remove obsolete "sudo" keyword. (#538) @jugmac00
+  * Update test requirements to latest versions (#535) @ericwb
+  * Fix readme file on Extending Bandit on list things (#534) @Aurel10
+  * fix the documentation file README.rst (#533) @Aurel10
+  * Cleanup comments after #510 (#532) @florczakraf
+  * Use SPDX license identifier instead of bulky headers (#530) @ericwb
+  * fix B603 docstring (#524) @graingert
+  * Add type checking to name node of hashlib_new (#516) @teeann
+  * --exit-zero option (#510) @maciejstromich
+  * Fix 3.8 errors (#509) @tylerwince
+  * Add several ini options for .bandit file (#508) @vuolter
+  * get_url returns different urls calling twice (bug #506) (#507) @ehooo
+  * Replace setattr (#493) @tylerwince 
+- Refresh remove-non-test-deps.patch
+
+-------------------------------------------------------------------

Old:
----
  bandit-1.6.2.tar.gz

New:
----
  bandit-1.7.0.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-bandit.spec ++++++
--- /var/tmp/diff_new_pack.P9Bidb/_old  2021-03-10 08:58:37.538973851 +0100
+++ /var/tmp/diff_new_pack.P9Bidb/_new  2021-03-10 08:58:37.538973851 +0100
@@ -22,38 +22,36 @@
 # CLI tool, no module
 %define pythons python3
 Name:           python-bandit
-Version:        1.6.2
+Version:        1.7.0
 Release:        0
 Summary:        Security oriented static analyser for Python code
 License:        Apache-2.0
-Group:          Development/Languages/Python
 URL:            https://github.com/PyCQA/bandit
 Source:         
https://files.pythonhosted.org/packages/source/b/bandit/bandit-%{version}.tar.gz
 Patch0:         remove-non-test-deps.patch
 BuildRequires:  %{python_module GitPython >= 1.0.1}
-BuildRequires:  %{python_module PyYAML >= 3.13}
-BuildRequires:  %{python_module beautifulsoup4 >= 4.6.0}
+BuildRequires:  %{python_module PyYAML >= 5.3.1}
+BuildRequires:  %{python_module beautifulsoup4 >= 4.8.0}
 BuildRequires:  %{python_module fixtures >= 3.0.0}
-BuildRequires:  %{python_module mock >= 2.0.0}
-BuildRequires:  %{python_module pbr >= 1.8}
+BuildRequires:  %{python_module mock >= 3.0.5}
+BuildRequires:  %{python_module pbr >= 2.0}
 BuildRequires:  %{python_module python-subunit >= 0.0.18}
 BuildRequires:  %{python_module setuptools}
 BuildRequires:  %{python_module six >= 1.10.0}
-BuildRequires:  %{python_module stestr >= 1.0.0}
+BuildRequires:  %{python_module stestr >= 2.5.0}
 BuildRequires:  %{python_module stevedore >= 1.20.0}
 BuildRequires:  %{python_module testrepository >= 0.0.18}
-BuildRequires:  %{python_module testscenarios >= 0.4}
-BuildRequires:  %{python_module testtools >= 2.2.0}
+BuildRequires:  %{python_module testscenarios >= 0.5.0}
+BuildRequires:  %{python_module testtools >= 2.3.0}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
 # doc requirements
 %if %{with builddocs}
 BuildRequires:  %{python_module Sphinx >= 1.2.1}
-BuildRequires:  %{python_module oslotest >= 3.2.0}
 BuildRequires:  %{python_module reno >= 1.8.0}
 %endif
 Requires:       python-GitPython >= 1.0.1
-Requires:       python-PyYAML >= 3.13
+Requires:       python-PyYAML >= 5.3.1
 Requires:       python-six >= 1.10.0
 Requires:       python-stestr >= 1.0.0
 Requires:       python-stevedore >= 1.20.0

++++++ bandit-1.6.2.tar.gz -> bandit-1.7.0.tar.gz ++++++
++++ 4671 lines of diff (skipped)

++++++ remove-non-test-deps.patch ++++++
--- /var/tmp/diff_new_pack.P9Bidb/_old  2021-03-10 08:58:37.702974020 +0100
+++ /var/tmp/diff_new_pack.P9Bidb/_new  2021-03-10 08:58:37.706974025 +0100
@@ -1,18 +1,17 @@
---- bandit-1.5.1.orig/test-requirements.txt    2018-05-03 03:31:37.000000000 
+0700
-+++ bandit-1.5.1/test-requirements.txt 2019-02-11 13:59:52.547483165 +0700
-@@ -1,15 +1,10 @@
+Index: bandit-1.7.0/test-requirements.txt
+===================================================================
+--- bandit-1.7.0.orig/test-requirements.txt
++++ bandit-1.7.0/test-requirements.txt
+@@ -1,12 +1,9 @@
  # The order of packages is significant, because pip processes them in the 
order
  # of appearance. Changing the order has an impact on the overall integration
  # process, which may cause wedges in the gate later.
--coverage!=4.4,>=4.0 # Apache-2.0
+-coverage>=4.5.4 # Apache-2.0
  fixtures>=3.0.0 # Apache-2.0/BSD
--hacking>=1.0.0 # Apache-2.0
- mock>=2.0.0 # BSD
- stestr>=1.0.0 # Apache-2.0
- testscenarios>=0.4 # Apache-2.0/BSD
- testtools>=2.2.0 # MIT
--oslotest>=3.2.0 # Apache-2.0
- 
- beautifulsoup4>=4.6.0 # MIT
--
--pylint==1.4.5 # GPLv2
+-hacking>=2.0.0 # Apache-2.0
+ mock>=3.0.5 # BSD
+ stestr>=2.5.0 # Apache-2.0
+ testscenarios>=0.5.0 # Apache-2.0/BSD
+ testtools>=2.3.0 # MIT
+ beautifulsoup4>=4.8.0 # MIT
+-pylint==1.9.4 # GPLv2

commit python-bandit for openSUSE:Factory

Reply via email to