Eric Brown
Eric Brown
The FLOSS/fund is running a program to invest support in critical, impactful, and valuable open source projects. Adding this file doesn't guarantee funding, but raises awareness Bandit is seeking it....
The PyPI warehouse supports a number of custom links to display on the project page. Of interest to Bandit are the links to the docs, sponsors, and discord. https://github.com/pypi/warehouse/blob/main/warehouse/templates/packaging/detail.html
This change updates the unit testing to only use released versions of Python 3.13. It also updates the PyPI classifier to declare 3.13 support.
This change starts testing against the alpha versions of Python 3.14 to catch potential problems early before it is officially released. Python 3.14 has dropped the deprecated use of ast.Bytes,...
### Describe the bug ``` Erics-MacBook-Pro-2:precli ericwb$ cat tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_no_timeout.py | bandit - [main] INFO profile include tests: None [main] INFO profile exclude tests: None [main] INFO cli include tests: None...
This change introduces a new playground in the docs where a user can test out Bandit right within their browser. This code uses PyScript (and sphinx-pyscript) to generate an editor...
This is a follow-on to PR #5099 which added the dependency of tree-sitter to the packages. This change adds tree-sitter-java, tree-sitter-go, tree-sitter-python packages and respective unit tests. Java, Go, and...
Thanks for your work to produce this grammar. Any chance you can also publish the built wheel and tar.gz to PyPI? This makes it easier for other projects to use....
It would be nice if projects under the PyCQA org can request a CNAME record. For example, PyCQA already has a domain registered of pycqa.org to host docs for this...
**Describe the bug** Uptrain is currently licensed as Apache 2.0, but there is a dependency on python package `pymupdf` which is AGPL-3.0, a strong copyleft license. The two aren't compatible....