Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-bandit for openSUSE:Factory checked in at 2022-02-06 23:54:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-bandit (Old) and /work/SRC/openSUSE:Factory/.python-bandit.new.1898 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-bandit" Sun Feb 6 23:54:46 2022 rev:10 rq:951974 version:1.7.2 Changes: -------- --- /work/SRC/openSUSE:Factory/python-bandit/python-bandit.changes 2021-11-08 17:25:02.376727010 +0100 +++ /work/SRC/openSUSE:Factory/.python-bandit.new.1898/python-bandit.changes 2022-02-06 23:56:16.334014853 +0100 @@ -1,0 +2,47 @@ +Sun Feb 6 10:04:06 UTC 2022 - Dirk M??ller <[email protected]> + +- update to 1.7.2: + * Correctly define extras in \`setup.cfg\` (#755) + * Remove leftover openstack code (#778) + * Added snmp\_security check plugin for various SNMP checks (#403) + * Fix README.rst (#365) + * Fixup typo (#769) + * Drop end-of-life Python 3.6 (#777) + * Drop end-of-life Python 3.5 (#746) + * Start using auto-formatters (#754) + * Create FUNDING.yml (#774) + * test\_help\_arg: remove assert on 'optional arguments' (#752) + * Fix broken reported URL link for B107 (#751) + +------------------------------------------------------------------- +Sat Jan 15 16:40:26 UTC 2022 - Dirk M??ller <[email protected]> + +- update to 1.7.1: + * fix reading initial values from .bandit + * Always use a Loader in yaml.load + * PEP-518 support: configure bandit via pyproject.toml + * document that random.choices() isn't secure either + * Fix syntax errors in bug report + * Update bug\_report.yaml + * Fix syntax error in bug report + * Use new issue template format + * Update README.rst + * Mock part of python 3.x + * Add license to package installation metadata + * #694 Bandit fails when using importlib with named arguments + * Add string options for severity and confidence + * Add support for Python 3.9 + * Create config.yml + * Add default labels to issues + * Replace http with https URLs + * More cleanup of license headers + * Updates to address docstring code scan issues, add flake8 configuration + * Small syntax and formatting cleanup + * More complete removal of Python2 code + * Show column offset on all formatters + * Add the column offset to the issue model + * Clearer message for subprocess module use + * Specify language\_version in .pre-commit-hooks.yaml + * Specify output\_file encoding as utf-8 + +------------------------------------------------------------------- Old: ---- bandit-1.7.0.tar.gz New: ---- bandit-1.7.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-bandit.spec ++++++ --- /var/tmp/diff_new_pack.jObgaO/_old 2022-02-06 23:56:17.098009685 +0100 +++ /var/tmp/diff_new_pack.jObgaO/_new 2022-02-06 23:56:17.102009659 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-bandit # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,10 +27,9 @@ %endif # CLI tool, no module %define pythons python3 -# Tests require python-hacking, which isn't compatible with pycodestyle %bcond_without builddocs Name: python-bandit -Version: 1.7.0 +Version: 1.7.2 Release: 0 Summary: Security oriented static analyser for Python code License: Apache-2.0 @@ -44,6 +43,7 @@ Requires: python-six >= 1.10.0 Requires: python-stestr >= 1.0.0 Requires: python-stevedore >= 1.20.0 +Requires: python-toml Requires(post): update-alternatives Requires(postun):update-alternatives BuildArch: noarch ++++++ bandit-1.7.0.tar.gz -> bandit-1.7.2.tar.gz ++++++ ++++ 16661 lines of diff (skipped) ++++++ remove-non-test-deps.patch ++++++ --- /var/tmp/diff_new_pack.jObgaO/_old 2022-02-06 23:56:17.262008576 +0100 +++ /var/tmp/diff_new_pack.jObgaO/_new 2022-02-06 23:56:17.266008550 +0100 @@ -1,18 +1,18 @@ -Index: bandit-1.7.0/test-requirements.txt +Index: bandit-1.7.2/test-requirements.txt =================================================================== ---- bandit-1.7.0.orig/test-requirements.txt -+++ bandit-1.7.0/test-requirements.txt +--- bandit-1.7.2.orig/test-requirements.txt ++++ bandit-1.7.2/test-requirements.txt @@ -1,12 +1,9 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -coverage>=4.5.4 # Apache-2.0 fixtures>=3.0.0 # Apache-2.0/BSD --hacking>=2.0.0 # Apache-2.0 - mock>=3.0.5 # BSD +-flake8>=4.0.0 # Apache-2.0 stestr>=2.5.0 # Apache-2.0 testscenarios>=0.5.0 # Apache-2.0/BSD testtools>=2.3.0 # MIT + toml # MIT beautifulsoup4>=4.8.0 # MIT -pylint==1.9.4 # GPLv2
