Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-bandit for openSUSE:Factory
checked in at 2025-09-02 17:58:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-bandit (Old)
and /work/SRC/openSUSE:Factory/.python-bandit.new.1977 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-bandit"
Tue Sep 2 17:58:21 2025 rev:18 rq:1302232 version:1.8.6
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-bandit/python-bandit.changes
2025-02-24 15:51:49.950941967 +0100
+++ /work/SRC/openSUSE:Factory/.python-bandit.new.1977/python-bandit.changes
2025-09-02 17:58:44.007534166 +0200
@@ -1,0 +2,56 @@
+Mon Sep 1 12:44:09 UTC 2025 - Markéta Machová <mmach...@suse.com>
+
+- Convert to libalternatives on SLE-16-based and newer systems only
+- Fix tests with libalternatives
+
+-------------------------------------------------------------------
+Wed Jul 23 07:18:53 UTC 2025 - John Paul Adrian Glaubitz
<adrian.glaub...@suse.com>
+
+- Update to 1.8.6
+ * Bump sigstore/cosign-installer from 3.8.2 to 3.9.0
+ by @dependabot in (#1279)
+ * Bump docker/setup-buildx-action from 3.10.0 to 3.11.1
+ by @dependabot in (#1278)
+ * Added hint to FreeBSD package in doc/source/integrations.rst
+ by @daniel-mohr in (#1282)
+ * Bump sigstore/cosign-installer from 3.9.0 to 3.9.1
+ by @dependabot in (#1284)
+ * Huggingface revision pinning by @lukehinds in (#1281)
+
+-------------------------------------------------------------------
+Wed Jun 25 10:03:33 UTC 2025 - John Paul Adrian Glaubitz
<adrian.glaub...@suse.com>
+
+- Update to 1.8.5
+ * Fix the rendering of the CI/CD doc (#1274)
+ * Fix for publish to PyPI failure (#1273)
+- from version 1.8.4
+ * Add more random functions to B311 check (#1235)
+ * Metadata: rename classifier to classifiers (#1237)
+ * Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 (#1239)
+ * Bump docker/build-push-action from 6.13.0 to 6.14.0 (#1238)
+ * Bump docker/build-push-action from 6.14.0 to 6.15.0 (#1240)
+ * Bump docker/setup-buildx-action from 3.9.0 to 3.10.0 (#1241)
+ * Bump docker/login-action from 3.3.0 to 3.4.0 (#1245)
+ * Bump bandit version in bug template (#1247)
+ * Fix traceback from trojansource plugin (#1248)
+ * Ensure the man page is built (#1257)
+ * Update documentation to cover `--severity-level` and `--confidence-level`
(#1254)
+ * Use license property in lieu of classifier (#1259)
+ * Fix up some of the warnings when building docs (#1258)
+ * Add a doc describing various integrations (#1253)
+ * Use ubuntu latest for readthedocs build (#1260)
+ * Bump docker/build-push-action from 6.15.0 to 6.16.0 (#1261)
+ * Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#1262)
+ * Remove etc from list of temp paths (#1263)
+ * Bump docker/build-push-action from 6.16.0 to 6.17.0 (#1265)
+ * [pre-commit.ci] pre-commit autoupdate (#1266)
+ * Bump docker/build-push-action from 6.17.0 to 6.18.0 (#1268)
+ * Add github-actions documentation (#1172)
+- Add bandit manpage to %files section
+
+-------------------------------------------------------------------
+Mon Jun 16 14:45:04 UTC 2025 - Markéta Machová <mmach...@suse.com>
+
+- Convert to libalternatives
+
+-------------------------------------------------------------------
Old:
----
bandit-1.8.3.tar.gz
New:
----
bandit-1.8.6.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-bandit.spec ++++++
--- /var/tmp/diff_new_pack.TqvEv6/_old 2025-09-02 17:58:44.695563119 +0200
+++ /var/tmp/diff_new_pack.TqvEv6/_new 2025-09-02 17:58:44.699563288 +0200
@@ -1,7 +1,7 @@
#
# spec file for package python-bandit
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,10 +26,15 @@
%endif
# CLI tool, no module
%define pythons python3
+%if 0%{?suse_version} > 1500
+%bcond_without libalternatives
+%else
+%bcond_with libalternatives
+%endif
%bcond_without builddocs
%{?sle15_python_module_pythons}
Name: python-bandit
-Version: 1.8.3
+Version: 1.8.6
Release: 0
Summary: Security oriented static analyser for Python code
License: Apache-2.0
@@ -42,9 +47,7 @@
BuildRequires: %{python_module wheel}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
-Requires: python-GitPython
Requires: python-GitPython >= 1.0.1
-Requires: python-PyYAML
Requires: python-PyYAML >= 5.3.1
Requires: python-jschema-to-python >= 1.2.3
Requires: python-rich
@@ -52,9 +55,14 @@
Requires: python-stestr >= 1.0.0
Requires: python-stevedore >= 1.20.0
Requires: (python-tomli >= 1.2.3 if python-base < 3.11)
+BuildArch: noarch
+%if %{with libalternatives}
+BuildRequires: alts
+Requires: alts
+%else
Requires(post): update-alternatives
Requires(postun): update-alternatives
-BuildArch: noarch
+%endif
%if %{python_version_nodots} < 311
Requires: python-tomli
%endif
@@ -102,6 +110,11 @@
%python_clone -a %{buildroot}%{_bindir}/bandit
%python_clone -a %{buildroot}%{_bindir}/bandit-config-generator
%python_clone -a %{buildroot}%{_bindir}/bandit-baseline
+%python_group_libalternatives bandit bandit-config-generator bandit-baseline
+# libalternatives binaries break the tests
+%if %{with libalternatives}
+sed -i 's/import sys/import sys; sys.argv[0] = "bandit"/'
%{buildroot}%{_bindir}/bandit-3*
+%endif
%endif
%if %{with test}
@@ -110,19 +123,24 @@
%endif
%if !%{with test}
-%post
-%{python_install_alternative bandit bandit-config-generator bandit-baseline }
%endif
%if !%{with test}
+%post
+%python_install_alternative bandit bandit.1 bandit-config-generator
bandit-baseline
+
%postun
%python_uninstall_alternative bandit
+
+%pre
+%python_libalternatives_reset_alternative bandit
%endif
%if !%{with test}
%files %{python_files}
%license LICENSE
%doc AUTHORS ChangeLog README.rst
+%{_mandir}/man1/bandit.1%{?ext_man}
%python_alternative %{_bindir}/bandit
%python_alternative %{_bindir}/bandit-config-generator
%python_alternative %{_bindir}/bandit-baseline
++++++ bandit-1.8.3.tar.gz -> bandit-1.8.6.tar.gz ++++++
++++ 1671 lines of diff (skipped)
