Log message:
py-bandit: updated to 1.8.0

1.8.0

* Remove more leftover OpenStack references
* Remove Sentry as a sponsor
* Add a JSON to seek funding from the FLOSS/fund
* [pre-commit.ci] pre-commit autoupdate
* Update project urls with added links
* Mark Python 3.13 as officially supported
* [pre-commit.ci] pre-commit autoupdate
* No need to check httpx client without timeout defined
* [pre-commit.ci] pre-commit autoupdate
* Bump sigstore/cosign-installer from 3.6.0 to 3.7.0
* Bump docker/setup-buildx-action from 3.6.1 to 3.7.1
* Add more insecure cryptography cipher algorithms
* Removal of Python 3.8 support
* Rename doc file to match proper bandit ID
* Bump docker/build-push-action from 6.7.0 to 6.9.0

Log message:
py-*: remove unused tool dependency

py-setuptools includes the py-wheel functionality nowadays

Log message:
*: clean-up after python38 removal

Log message:
py-bandit: updated to 1.7.10

1.7.10

* Pytorch Load / Save Plugin
* Use consistent file naming of docs
* Bump docker/build-push-action from 6.6.1 to 6.7.0
* Bump sigstore/cosign-installer from 3.5.0 to 3.6.0
* Bump docker/build-push-action from 6.5.0 to 6.6.1
* Bump docker/setup-buildx-action from 3.5.0 to 3.6.1
* Bump docker/build-push-action from 6.3.0 to 6.5.0
* Bump docker/login-action from 3.2.0 to 3.3.0
* Bump docker/setup-buildx-action from 3.4.0 to 3.5.0
* Bump docker/setup-buildx-action from 3.3.0 to 3.4.0
* Bump docker/build-push-action from 6.2.0 to 6.3.0
* Bump docker/build-push-action from 6.1.0 to 6.2.0
* Add recent releases to version choice in bug report
* Nit: remove unused variable
* feat(plugins): add support for \`httpx\` in \`B113\`
* Bump docker/build-push-action from 6.0.0 to 6.1.0
* New check: B113: TrojanSource - Bidirectional control characters
* Add test for usage of FTP\_TLS
* Performance improvement in blacklist function
* Suggested small refactors in assignments
* Bump docker/build-push-action from 5.4.0 to 6.0.0

Log message:
py-bandit: updated to 1.7.9

1.7.9
-----

* Support \`configfile\` in \`.bandit\` file
* Bump docker/build-push-action from 5.3.0 to 5.4.0
* Guard against empty call argument list
* [pre-commit.ci] pre-commit autoupdate
* [pre-commit.ci] pre-commit autoupdate
* Bump docker/login-action from 3.1.0 to 3.2.0
* Ensure sarif extra is included as part of doc build
* Add a sponsor section to README
* [pre-commit.ci] pre-commit autoupdate
* Updates banner logo so it renders well in dark mode
* [pre-commit.ci] pre-commit autoupdate
* Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
* [pre-commit.ci] pre-commit autoupdate
* Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
* [pre-commit.ci] pre-commit autoupdate
* [pre-commit.ci] pre-commit autoupdate
* Bump docker/login-action from 3.0.0 to 3.1.0
* Bump docker/setup-buildx-action from 3.1.0 to 3.2.0
* Bump docker/build-push-action from 5.2.0 to 5.3.0
* Start testing on Python 3.13
* New logo for Bandit based on raccoon
* [pre-commit.ci] pre-commit autoupdate
* Bump docker/build-push-action from 5.1.0 to 5.2.0

Log message:
py-bandit: updated to 1.7.8

1.7.8

* Add a SARIF output formatter
* [B605] Add functions that are vulnerable to shell injection.
* Bump docker/setup-buildx-action from 3.0.0 to 3.1.0
* filter data is safe for tarfile extractall
* Use datetime to avoid updating copyright year
* Add 1.7.7 to versions of bug template
* Bump sigstore/cosign-installer from 3.3.0 to 3.4.0
* Utilize PyPI's trusted publishing
* Incorrect tag naming in readme

Log message:
py-bandit: py-setuptools is also a tool dependency (fix builds)

Log message:
py-bandit: updated to 1.7.7

1.7.7

* Downsize the org:repo name
* Remove markdown formatting in reStructuredText formatted README
* Introduce Official Bandit Images
* Bump actions/dependency-review-action from 3 to 4
* Rework GitPython dependency to be an extra for bandit-baseline
* Prepend ./ for files specified as CLI args
* Add random.randbytes to blacklist calls
* Fix up issues found running Bandit on itself
* Create a security policy
* Add tidelift to the sponsor funding list
* defusedxml: Show correct module name
* Flag str.replace as possible sql injection
* Handle variant in how policy is passed in paramiko
* Bump actions/setup-python from 4 to 5
* Add the new release to bandit versions of bug template

Log message:
py-bandit: add missing tool

Log message:
py-bandit: updated to 1.7.6

1.7.6

* Fixes for sphinx build
* refactor: remove \`importlib-metadata\` fallback
* Fix crash on pyproject.toml without bandit config
* Add official support of Python 3.12
* Use mirror repository for black pre-commit hook
* fix(plugins/B507): also detect class instances
* Fix for ReadtheDocs build
* Bump actions/checkout from 3 to 4
* Fix dependabot to update github actions
* Support ignoring blacklists by name
* Update blacklist call documentation
* Avoid gitpyhon CVE-2022-24439
* django\_rawsql\_used: support keyword arguments used in \`RawSQL\`
* Simplify \`wrap\_file\_object\`
* Update asserts.py documentation
* Remove support for Python 3.7 due to end-of-life
* Make pre-commit run Bandit hook using a single process
* Switch from open collective to PSF
* Replace pbr in favor of importlib
* Add a copy button to all code snippets in docs
* Add \`random.Random\` to B311 checks
* Update pre-commit hooks
* Update versions of used GitHub Actions
* Skip unnecessary \`pip install\` commands in the pythonpackage.yml workflow
* Switch to tox 4
* Adds check for crypt module usage as weak hash
* language and linting updates
* xmlrpclib replaced with xmlrpc in Python3
* Improper detection of non-requests module
* Remove checks for Python2 urllib
* Render Python 3.10 in drop down correctly
* Update bug report to include version 1.7.5