Bump bandit from 1.9.2 to 1.9.3 (#3208)

* Bump bandit from 1.9.2 to 1.9.3 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.9.2 to 1.9.3. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.9.2...1.9.3) --- updated-dependencies: - dependency-name: bandit dependency-version: 1.9.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Fixed issue --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alex Janousek <alex.janousek@gsa.gov>
2026-02-05 02:42:26 -05:00 · 2026-01-21 14:43:23 +00:00
parent 3c0e11ffbd
commit c5cbe1d0dd
2 changed files with 4 additions and 4 deletions
--- a/app/cloudfoundry_config.py
+++ b/app/cloudfoundry_config.py
@@ -10,7 +10,7 @@ class CloudfoundryConfig:
        self._empty_bucket_credentials = {
            "bucket": "",
            "access_key_id": "",
-            "secret_access_key": "",
+            "secret_access_key": "",  # nosec B105 - empty default, not a real password
            "region": "",
        }

--- a/poetry.lock
+++ b/poetry.lock
@@ -97,14 +97,14 @@ files = [

 [[package]]
 name = "bandit"
-version = "1.9.2"
+version = "1.9.3"
 description = "Security oriented static analyser for python code."
 optional = false
 python-versions = ">=3.10"
 groups = ["dev"]
 files = [
-    {file = "bandit-1.9.2-py3-none-any.whl", hash = "sha256:bda8d68610fc33a6e10b7a8f1d61d92c8f6c004051d5e946406be1fb1b16a868"},
-    {file = "bandit-1.9.2.tar.gz", hash = "sha256:32410415cd93bf9c8b91972159d5cf1e7f063a9146d70345641cd3877de348ce"},
+    {file = "bandit-1.9.3-py3-none-any.whl", hash = "sha256:4745917c88d2246def79748bde5e08b9d5e9b92f877863d43fab70cd8814ce6a"},
+    {file = "bandit-1.9.3.tar.gz", hash = "sha256:ade4b9b7786f89ef6fc7344a52b34558caec5da74cb90373aed01de88472f774"},
 ]

 [package.dependencies]