Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ignore bandit's CVE reported by safety #2256

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Commits on Apr 14, 2024

  1. Ignore bandit's CVE reported by safety

    It is a dev-dependency and there's no real vulnerability.
    This is why a job in my CI fails: PyCQA#2241
    
    Link to CVE: https://data.safetycli.com/v/64484/f17
    
    Or you can bump `bandit` to 1.7.8: https://pypi.org/project/bandit/1.7.8/
    sobolevn authored Apr 14, 2024
    Configuration menu
    Copy the full SHA
    9f7b56e View commit details
    Browse the repository at this point in the history