⬆️ Bump bandit from 1.7.4 to 1.7.5

[dependabot]

Bumps bandit from 1.7.4 to 1.7.5.

Release notes

Sourced from bandit's releases.

1.7.5

What's Changed

• Add an example screen shot of Bandit to README by @​ericwb in PyCQA/bandit#847
• Bad link to screen shot by @​ericwb in PyCQA/bandit#848
• Use a constant for weak hashes by @​ericwb in PyCQA/bandit#850
• Group location line with code output by @​ericwb in PyCQA/bandit#822
• Fix line range using Python 3.8 end_lineno by @​ericwb in PyCQA/bandit#821
• Add classifier to indicate Py3 only by @​ericwb in PyCQA/bandit#853
• Removal of blacklist call B309 httpsconnection by @​ericwb in PyCQA/bandit#858
• Remove blacklist call check for os.tempnam by @​ericwb in PyCQA/bandit#859
• Indiciate hash type in message by @​ericwb in PyCQA/bandit#860
• Add the httpx module check for verify by @​ericwb in PyCQA/bandit#861
• Add doc for hashlib plugin by @​ericwb in PyCQA/bandit#862
• Make use of rich for progress bar by @​ericwb in PyCQA/bandit#863
• Replace toml with tomli by @​mkniewallner in PyCQA/bandit#829
• Fix up B109 and B111 removed plugins docs by @​ericwb in PyCQA/bandit#864
• add check for "requests" calls without timeout by @​mschfh in PyCQA/bandit#743
• Fix for build breaks in format job by @​ericwb in PyCQA/bandit#869
• Add license and contributing links to docs by @​ericwb in PyCQA/bandit#867
• Remove redundant word Bandit in titles of sections by @​ericwb in PyCQA/bandit#873
• Add request for feedback via 👍 by @​ericwb in PyCQA/bandit#871
• Add a Discord link to the docs by @​ericwb in PyCQA/bandit#870
• Adding logging.config.listen() plugin with examples by @​raj3shp in PyCQA/bandit#874
• Removal of ghugo by @​ericwb in PyCQA/bandit#881
• Remove redundant pip line by @​ericwb in PyCQA/bandit#884
• Corrected documentation on configuration by @​a-takahashi223 in PyCQA/bandit#868
• Start testing against Python 3.11 by @​mkniewallner in PyCQA/bandit#887
• Add myself to sponsor list by @​ericwb in PyCQA/bandit#885
• Add Discord link to README by @​ericwb in PyCQA/bandit#875
• Update action versions in Actions workflows (#890) by @​mportesdev in PyCQA/bandit#893
• Add dependency review action by @​ericwb in PyCQA/bandit#891
• Fix an unclosed tag in HTML formatter by @​mportesdev in PyCQA/bandit#896
• 'Test plugin listing' in docs incorrectly pointing B612 to plugin ref of B102 by @​rajaramsrn in PyCQA/bandit#897
• Make small fixes in docs by @​mportesdev in PyCQA/bandit#899
• Specify semver range for Python 3.11 by @​mportesdev in PyCQA/bandit#901
• Add another bad example of yaml load by @​ericwb in PyCQA/bandit#905
• Add releases link in "Version control integration" by @​travisjungroth in PyCQA/bandit#909
• Update version of dependency-review-action by @​mportesdev in PyCQA/bandit#911
• Avoid redundant message if debug on by @​ericwb in PyCQA/bandit#913
• Remove invalid checking on hashlib by @​ericwb in PyCQA/bandit#914
• Add some missing curve types by @​ericwb in PyCQA/bandit#920
• add jsonpickle deserialization blacklist by @​SugarP1g in PyCQA/bandit#707
• Fix reading the number argument from config file by @​KAUTH in PyCQA/bandit#923
• Add end_col_offset if available by @​ericwb in PyCQA/bandit#851
• Enhancement Proposal: Plugin "assert_used" config-skip snippet by @​marianomartinelli in PyCQA/bandit#695
• Blacklist pandas read_pickle and add functional test for it by @​jaspersival in PyCQA/bandit#710
• Docs for request without timeout has dead link by @​ericwb in PyCQA/bandit#925
• Add case for global exec by @​tonybaloney in PyCQA/bandit#570
• Fix a false positive condition yaml_load by @​ericwb in PyCQA/bandit#927
• Fix issue #453 jinja2 template select_autoescape when using jinja2.select_autoescape by @​kinow in PyCQA/bandit#454

... (truncated)

Commits

• ca4faf2 Added a bit more project_urls (#985)
• d87faed Check for github action updates monthly (#989)
• 72fa5a7 Improve handling nosec for multi-line strings (#915)
• 7e6f580 Improve detecting SQL injections in f-strings (#917)
• fe1361f Correct build status badge in README (#980)
• a762993 Fix breaking build due to new tox (#983)
• 91c4d97 DOC: Add explanation on how to use pre-commit with config file (#968)
• d9fe642 Add official Python 3.11 support (#964)
• 3aaa2b0 remove py2 exec example in docs (#947)
• a743858 Typo fix (#945)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)