py-bandit: updated to 1.7.6 1.7.6 * Fixes for sphinx build * refactor: remove \`importlib-metadata\` fallback * Fix crash on pyproject.toml without bandit config * Add official support of Python 3.12 * Use mirror repository for black pre-commit hook * fix(plugins/B507): also detect class instances * Fix for ReadtheDocs build * Bump actions/checkout from 3 to 4 * Fix dependabot to update github actions * Support ignoring blacklists by name * Update blacklist call documentation * Avoid gitpyhon CVE-2022-24439 * django\_rawsql\_used: support keyword arguments used in \`RawSQL\` * Simplify \`wrap\_file\_object\` * Update asserts.py documentation * Remove support for Python 3.7 due to end-of-life * Make pre-commit run Bandit hook using a single process * Switch from open collective to PSF * Replace pbr in favor of importlib * Add a copy button to all code snippets in docs * Add \`random.Random\` to B311 checks * Update pre-commit hooks * Update versions of used GitHub Actions * Skip unnecessary \`pip install\` commands in the pythonpackage.yml workflow * Switch to tox 4 * Adds check for crypt module usage as weak hash * language and linting updates * xmlrpclib replaced with xmlrpc in Python3 * Improper detection of non-requests module * Remove checks for Python2 urllib * Render Python 3.10 in drop down correctly * Update bug report to include version 1.7.5diff -r1.3 -r1.4 pkgsrc/security/py-bandit/Makefile
(adam)
@@ -1,38 +1,39 @@ | @@ -1,38 +1,39 @@ | |||
1 | # $NetBSD: Makefile,v 1.3 2023/11/07 22:38:03 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.4 2023/12/11 17:18:36 adam Exp $ | |
2 | 2 | |||
3 | DISTNAME= bandit-1.7.5 | 3 | DISTNAME= bandit-1.7.6 | |
4 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | 4 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | |
5 | CATEGORIES= security python | 5 | CATEGORIES= security python | |
6 | MASTER_SITES= ${MASTER_SITE_PYPI:=b/bandit/} | 6 | MASTER_SITES= ${MASTER_SITE_PYPI:=b/bandit/} | |
7 | 7 | |||
8 | MAINTAINER= pkgsrc-users@NetBSD.org | 8 | MAINTAINER= pkgsrc-users@NetBSD.org | |
9 | HOMEPAGE= https://github.com/PyCQA/bandit | 9 | HOMEPAGE= https://github.com/PyCQA/bandit | |
10 | COMMENT= Security oriented static analyser for Python code | 10 | COMMENT= Security oriented static analyser for Python code | |
11 | LICENSE= apache-2.0 | 11 | LICENSE= apache-2.0 | |
12 | 12 | |||
13 | TOOL_DEPENDS+= ${PYPKGPREFIX}-pbr>=2.0.0:../../devel/py-pbr | 13 | TOOL_DEPENDS+= ${PYPKGPREFIX}-pbr>=2.0.0:../../devel/py-pbr | |
14 | DEPENDS+= ${PYPKGPREFIX}-gitpython>=1.0.1:../../devel/py-gitpython | 14 | DEPENDS+= ${PYPKGPREFIX}-gitpython>=3.1.30:../../devel/py-gitpython | |
15 | DEPENDS+= ${PYPKGPREFIX}-rich-[0-9]*:../../comms/py-rich | 15 | DEPENDS+= ${PYPKGPREFIX}-rich-[0-9]*:../../comms/py-rich | |
16 | DEPENDS+= ${PYPKGPREFIX}-stevedore>=1.20.0:../../devel/py-stevedore | 16 | DEPENDS+= ${PYPKGPREFIX}-stevedore>=1.20.0:../../devel/py-stevedore | |
17 | DEPENDS+= ${PYPKGPREFIX}-yaml>=5.3.1:../../textproc/py-yaml | 17 | DEPENDS+= ${PYPKGPREFIX}-yaml>=5.3.1:../../textproc/py-yaml | |
18 | TEST_DEPENDS+= ${PYPKGPREFIX}-beautifulsoup4>=4.8.0:../../www/py-beautifulsoup4 | 18 | TEST_DEPENDS+= ${PYPKGPREFIX}-beautifulsoup4>=4.8.0:../../www/py-beautifulsoup4 | |
19 | TEST_DEPENDS+= ${PYPKGPREFIX}-fixtures>=3.0.0:../../devel/py-fixtures | |||
19 | TEST_DEPENDS+= ${PYPKGPREFIX}-testscenarios>=0.5.0:../../devel/py-testscenarios | 20 | TEST_DEPENDS+= ${PYPKGPREFIX}-testscenarios>=0.5.0:../../devel/py-testscenarios | |
20 | TEST_DEPENDS+= ${PYPKGPREFIX}-testtools>=2.3.0:../../devel/py-testtools | 21 | TEST_DEPENDS+= ${PYPKGPREFIX}-testtools>=2.3.0:../../devel/py-testtools | |
21 | 22 | |||
22 | USE_LANGUAGES= # none | 23 | USE_LANGUAGES= # none | |
23 | 24 | |||
24 | USE_PKG_RESOURCES= yes | |||
25 | ||||
26 | PYTHON_VERSIONS_INCOMPATIBLE= 27 38 | 25 | PYTHON_VERSIONS_INCOMPATIBLE= 27 38 | |
27 | 26 | |||
27 | .include "../../lang/python/pyversion.mk" | |||
28 | .if ${PYTHON_VERSION} < 311 | |||
29 | TEST_DEPENDS+= ${PYPKGPREFIX}-tomli>=1.1.0:../../textproc/py-tomli | |||
30 | .endif | |||
31 | ||||
28 | post-install: | 32 | post-install: | |
29 | .for bin in bandit bandit-baseline bandit-config-generator | 33 | .for bin in bandit bandit-baseline bandit-config-generator | |
30 | cd ${DESTDIR}${PREFIX}/bin && \ | 34 | cd ${DESTDIR}${PREFIX}/bin && \ | |
31 | ${MV} ${bin} ${bin}-${PYVERSSUFFIX} || ${TRUE} | 35 | ${MV} ${bin} ${bin}-${PYVERSSUFFIX} || ${TRUE} | |
32 | .endfor | 36 | .endfor | |
33 | 37 | |||
34 | do-test: | 38 | .include "../../lang/python/wheel.mk" | |
35 | cd ${WRKSRC} && ${SETENV} ${TEST_ENV} ${PYTHONBIN} -m unittest discover -v | |||
36 | ||||
37 | .include "../../lang/python/egg.mk" | |||
38 | .include "../../mk/bsd.pkg.mk" | 39 | .include "../../mk/bsd.pkg.mk" |
@@ -1,25 +1,25 @@ | @@ -1,25 +1,25 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.2 2023/03/29 10:47:50 adam Exp $ | 1 | @comment $NetBSD: PLIST,v 1.3 2023/12/11 17:18:36 adam Exp $ | |
2 | bin/bandit-${PYVERSSUFFIX} | 2 | bin/bandit-${PYVERSSUFFIX} | |
3 | bin/bandit-baseline-${PYVERSSUFFIX} | 3 | bin/bandit-baseline-${PYVERSSUFFIX} | |
4 | bin/bandit-config-generator-${PYVERSSUFFIX} | 4 | bin/bandit-config-generator-${PYVERSSUFFIX} | |
5 | ${PYSITELIB}/${EGG_INFODIR}/PKG-INFO | 5 | ${PYSITELIB}/${WHEEL_INFODIR}/AUTHORS | |
6 | ${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt | 6 | ${PYSITELIB}/${WHEEL_INFODIR}/LICENSE | |
7 | ${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt | 7 | ${PYSITELIB}/${WHEEL_INFODIR}/METADATA | |
8 | ${PYSITELIB}/${EGG_INFODIR}/entry_points.txt | 8 | ${PYSITELIB}/${WHEEL_INFODIR}/RECORD | |
9 | ${PYSITELIB}/${EGG_INFODIR}/not-zip-safe | 9 | ${PYSITELIB}/${WHEEL_INFODIR}/WHEEL | |
10 | ${PYSITELIB}/${EGG_INFODIR}/pbr.json | 10 | ${PYSITELIB}/${WHEEL_INFODIR}/entry_points.txt | |
11 | ${PYSITELIB}/${EGG_INFODIR}/requires.txt | 11 | ${PYSITELIB}/${WHEEL_INFODIR}/pbr.json | |
12 | ${PYSITELIB}/${EGG_INFODIR}/top_level.txt | 12 | ${PYSITELIB}/${WHEEL_INFODIR}/top_level.txt | |
13 | ${PYSITELIB}/bandit/__init__.py | 13 | ${PYSITELIB}/bandit/__init__.py | |
14 | ${PYSITELIB}/bandit/__init__.pyc | 14 | ${PYSITELIB}/bandit/__init__.pyc | |
15 | ${PYSITELIB}/bandit/__init__.pyo | 15 | ${PYSITELIB}/bandit/__init__.pyo | |
16 | ${PYSITELIB}/bandit/__main__.py | 16 | ${PYSITELIB}/bandit/__main__.py | |
17 | ${PYSITELIB}/bandit/__main__.pyc | 17 | ${PYSITELIB}/bandit/__main__.pyc | |
18 | ${PYSITELIB}/bandit/__main__.pyo | 18 | ${PYSITELIB}/bandit/__main__.pyo | |
19 | ${PYSITELIB}/bandit/blacklists/__init__.py | 19 | ${PYSITELIB}/bandit/blacklists/__init__.py | |
20 | ${PYSITELIB}/bandit/blacklists/__init__.pyc | 20 | ${PYSITELIB}/bandit/blacklists/__init__.pyc | |
21 | ${PYSITELIB}/bandit/blacklists/__init__.pyo | 21 | ${PYSITELIB}/bandit/blacklists/__init__.pyo | |
22 | ${PYSITELIB}/bandit/blacklists/calls.py | 22 | ${PYSITELIB}/bandit/blacklists/calls.py | |
23 | ${PYSITELIB}/bandit/blacklists/calls.pyc | 23 | ${PYSITELIB}/bandit/blacklists/calls.pyc | |
24 | ${PYSITELIB}/bandit/blacklists/calls.pyo | 24 | ${PYSITELIB}/bandit/blacklists/calls.pyo | |
25 | ${PYSITELIB}/bandit/blacklists/imports.py | 25 | ${PYSITELIB}/bandit/blacklists/imports.py |
@@ -1,5 +1,5 @@ | @@ -1,5 +1,5 @@ | |||
1 | $NetBSD: distinfo,v 1.2 2023/03/29 10:47:50 adam Exp $ | 1 | $NetBSD: distinfo,v 1.3 2023/12/11 17:18:36 adam Exp $ | |
2 | 2 | |||
3 | BLAKE2s (bandit-1.7.5.tar.gz) = 66fdf47d300264da1f2b5f836d5824edde3a216116714b2add79adf6af83718f | 3 | BLAKE2s (bandit-1.7.6.tar.gz) = 7a5149088fce6272fd16b6c4c4ca90692b2bdb45b51b7893be5f8c9e2eff4123 | |
4 | SHA512 (bandit-1.7.5.tar.gz) = 81b93654ba62e6d22e8c2d534b9f575979bad4f66acd90c221d214316cd1863e7c7e179b8e2a2a8fa80034db71ebda8636adb25b36e1827194bb4639e67ada09 | 4 | SHA512 (bandit-1.7.6.tar.gz) = 6635704e2e60e23f5d21de345152e13ef1bde5efb92ccc0e6dde46e8405c1e5dd9530830af4d2a3c5d6e0bb0eb106ccce4cde3a7be678cce499486e752a26428 | |
5 | Size (bandit-1.7.5.tar.gz) = 1970878 bytes | 5 | Size (bandit-1.7.6.tar.gz) = 1977532 bytes |