Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency bandit to v1.8.3 #217

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

chore(deps): update dependency bandit to v1.8.3 #217

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 10, 2023
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
bandit (source, changelog) 1.7.4 -> 1.8.3 age adoption passing confidence

Release Notes

PyCQA/bandit (bandit)

v1.8.3

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.8.2...1.8.3

v1.8.2

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.8.1...1.8.2

v1.8.1

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.8.0...1.8.1

v1.8.0

Compare Source

What's Changed

Full Changelog: PyCQA/bandit@1.7.10...1.8.0

v1.7.10

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.9...1.7.10

v1.7.9

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.8...1.7.9

v1.7.8

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.7...1.7.8

v1.7.7

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.6...1.7.7

v1.7.6

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.5...1.7.6

v1.7.5

Compare Source

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.4...1.7.5

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Mar 10, 2023
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from b4603f0 to 7e344e8 Compare July 3, 2023 11:49
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from 7e344e8 to d53435a Compare December 9, 2023 03:55
@renovate renovate bot changed the title Update dependency bandit to v1.7.5 Update dependency bandit to v1.7.6 Dec 9, 2023
@renovate renovate bot changed the title Update dependency bandit to v1.7.6 Update dependency bandit to v1.7.7 Jan 23, 2024
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from d53435a to 76644a9 Compare February 1, 2024 14:22
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from 76644a9 to fc85830 Compare March 9, 2024 00:12
@renovate renovate bot changed the title Update dependency bandit to v1.7.7 Update dependency bandit to v1.7.8 Mar 9, 2024
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from fc85830 to 00d7c11 Compare June 12, 2024 23:10
@renovate renovate bot changed the title Update dependency bandit to v1.7.8 Update dependency bandit to v1.7.9 Jun 12, 2024
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from 00d7c11 to bb3f2b2 Compare July 23, 2024 09:57
@renovate renovate bot changed the title Update dependency bandit to v1.7.9 chore(deps): update dependency bandit to v1.7.9 Jul 23, 2024
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from bb3f2b2 to e7bd14a Compare September 23, 2024 20:28
@renovate renovate bot changed the title chore(deps): update dependency bandit to v1.7.9 chore(deps): update dependency bandit to v1.7.10 Sep 23, 2024
@renovate renovate bot changed the title chore(deps): update dependency bandit to v1.7.10 chore(deps): update dependency bandit to v1.8.0 Nov 27, 2024
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from e7bd14a to 1e7e9ab Compare November 27, 2024 04:20
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from 1e7e9ab to a983fe9 Compare December 19, 2024 10:28
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from a983fe9 to 11aff15 Compare January 13, 2025 09:02
@renovate renovate bot changed the title chore(deps): update dependency bandit to v1.8.0 chore(deps): update dependency bandit to v1.8.2 Jan 13, 2025
@renovate renovate bot force-pushed the renovate/bandit-1.x-lockfile branch from 11aff15 to 132e058 Compare February 17, 2025 05:28
@renovate renovate bot changed the title chore(deps): update dependency bandit to v1.8.2 chore(deps): update dependency bandit to v1.8.3 Feb 17, 2025
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Feb 17, 2025

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock
[05:28:26.282] INFO (1129): Installing pip [email protected]...
[05:28:30.182] WARN (1129): Pip error:
Collecting poetry==2.1.1
  Downloading poetry-2.1.1-py3-none-any.whl.metadata (7.1 kB)
Collecting poetry-plugin-pypi-mirror
  Downloading poetry_plugin_pypi_mirror-0.5.0-py3-none-any.whl.metadata (6.6 kB)
Collecting build<2.0.0,>=1.2.1 (from poetry==2.1.1)
  Downloading build-1.2.2.post1-py3-none-any.whl.metadata (6.5 kB)
Collecting cachecontrol<0.15.0,>=0.14.0 (from cachecontrol[filecache]<0.15.0,>=0.14.0->poetry==2.1.1)
  Downloading cachecontrol-0.14.2-py3-none-any.whl.metadata (3.1 kB)
Collecting cleo<3.0.0,>=2.1.0 (from poetry==2.1.1)
  Downloading cleo-2.1.0-py3-none-any.whl.metadata (12 kB)
Collecting dulwich<0.23.0,>=0.22.6 (from poetry==2.1.1)
  Downloading dulwich-0.22.7-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (4.4 kB)
Collecting fastjsonschema<3.0.0,>=2.18.0 (from poetry==2.1.1)
  Downloading fastjsonschema-2.21.1-py3-none-any.whl.metadata (2.2 kB)
Collecting findpython<0.7.0,>=0.6.2 (from poetry==2.1.1)
  Downloading findpython-0.6.2-py3-none-any.whl.metadata (5.3 kB)
Collecting installer<0.8.0,>=0.7.0 (from poetry==2.1.1)
  Downloading installer-0.7.0-py3-none-any.whl.metadata (936 bytes)
Collecting keyring<26.0.0,>=25.1.0 (from poetry==2.1.1)
  Downloading keyring-25.6.0-py3-none-any.whl.metadata (20 kB)
Collecting packaging>=24.0 (from poetry==2.1.1)
  Downloading packaging-24.2-py3-none-any.whl.metadata (3.2 kB)
Collecting pbs-installer<2026.0.0,>=2025.1.6 (from pbs-installer[download,install]<2026.0.0,>=2025.1.6->poetry==2.1.1)
  Downloading pbs_installer-2025.2.12-py3-none-any.whl.metadata (991 bytes)
Collecting pkginfo<2.0,>=1.12 (from poetry==2.1.1)
  Downloading pkginfo-1.12.0-py3-none-any.whl.metadata (12 kB)
Collecting platformdirs<5,>=3.0.0 (from poetry==2.1.1)
  Downloading platformdirs-4.3.6-py3-none-any.whl.metadata (11 kB)
Collecting poetry-core==2.1.1 (from poetry==2.1.1)
  Downloading poetry_core-2.1.1-py3-none-any.whl.metadata (3.5 kB)
Collecting pyproject-hooks<2.0.0,>=1.0.0 (from poetry==2.1.1)
  Downloading pyproject_hooks-1.2.0-py3-none-any.whl.metadata (1.3 kB)
Collecting requests<3.0,>=2.26 (from poetry==2.1.1)
  Downloading requests-2.32.3-py3-none-any.whl.metadata (4.6 kB)
Collecting requests-toolbelt<2.0.0,>=1.0.0 (from poetry==2.1.1)
  Downloading requests_toolbelt-1.0.0-py2.py3-none-any.whl.metadata (14 kB)
Collecting shellingham<2.0,>=1.5 (from poetry==2.1.1)
  Downloading shellingham-1.5.4-py2.py3-none-any.whl.metadata (3.5 kB)
Collecting tomlkit<1.0.0,>=0.11.4 (from poetry==2.1.1)
  Downloading tomlkit-0.13.2-py3-none-any.whl.metadata (2.7 kB)
Collecting trove-classifiers>=2022.5.19 (from poetry==2.1.1)
  Downloading trove_classifiers-2025.1.15.22-py3-none-any.whl.metadata (2.3 kB)
Collecting virtualenv<21.0.0,>=20.26.6 (from poetry==2.1.1)
  Downloading virtualenv-20.29.2-py3-none-any.whl.metadata (4.5 kB)
INFO: pip is looking at multiple versions of poetry-plugin-pypi-mirror to determine which version is compatible with other requirements. This could take a while.
Collecting poetry-plugin-pypi-mirror
  Downloading poetry_plugin_pypi_mirror-0.4.2-py3-none-any.whl.metadata (6.5 kB)
  Downloading poetry_plugin_pypi_mirror-0.4.1-py3-none-any.whl.metadata (6.5 kB)
  Downloading poetry_plugin_pypi_mirror-0.4.0-py3-none-any.whl.metadata (6.5 kB)
  Downloading poetry_plugin_pypi_mirror-0.3.3-py3-none-any.whl.metadata (6.1 kB)
  Downloading poetry_plugin_pypi_mirror-0.3.2-py3-none-any.whl.metadata (4.0 kB)
  Downloading poetry_plugin_pypi_mirror-0.3.1-py3-none-any.whl.metadata (4.0 kB)
  Downloading poetry_plugin_pypi_mirror-0.3.0-py3-none-any.whl.metadata (4.0 kB)
INFO: pip is still looking at multiple versions of poetry-plugin-pypi-mirror to determine which version is compatible with other requirements. This could take a while.
  Downloading poetry_plugin_pypi_mirror-0.2.0-py3-none-any.whl.metadata (680 bytes)
  Downloading poetry_plugin_pypi_mirror-0.1.0-py3-none-any.whl.metadata (629 bytes)
ERROR: Cannot install poetry-plugin-pypi-mirror==0.1.0, poetry-plugin-pypi-mirror==0.2.0, poetry-plugin-pypi-mirror==0.3.0, poetry-plugin-pypi-mirror==0.3.1, poetry-plugin-pypi-mirror==0.3.2, poetry-plugin-pypi-mirror==0.3.3, poetry-plugin-pypi-mirror==0.4.0, poetry-plugin-pypi-mirror==0.4.1, poetry-plugin-pypi-mirror==0.4.2, poetry-plugin-pypi-mirror==0.5.0 and poetry==2.1.1 because these package versions have conflicting dependencies.

The conflict is caused by:
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.5.0 depends on poetry<2.1 and >=2.0
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.4.2 depends on poetry<1.9 and >=1.3
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.4.1 depends on poetry<1.8 and >=1.3
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.4.0 depends on poetry<1.7 and >=1.3
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.3.3 depends on poetry<1.7 and >=1.3
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.3.2 depends on poetry<1.6 and >=1.3
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.3.1 depends on poetry<1.5 and >=1.3
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.3.0 depends on poetry<1.4.0 and >=1.3.0
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.2.0 depends on poetry<1.3.0 and >=1.2.1
    The user requested poetry==2.1.1
    poetry-plugin-pypi-mirror 0.1.0 depends on poetry<2.0.0 and >=1.2.1

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip to attempt to solve the dependency conflict

ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts
[05:28:30.265] ERROR (1129): pip install command failed
[05:28:30.265] FATAL (1129): Install tool poetry failed in 4s.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@glennmatthews glennmatthews Awaiting requested review from glennmatthews glennmatthews is a code owner

@Kircheneer Kircheneer Awaiting requested review from Kircheneer Kircheneer is a code owner

@chadell chadell Awaiting requested review from chadell chadell is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants