Sourced from coverage's changelog.
\n\n\nVersion 7.4.3 — 2024-02-23
\n\n
\n- Fix: in some cases, coverage could fail with a RuntimeError: "Set changed\nsize during iteration." This is now fixed, closing
\nissue 1733
_... _issue 1733: nedbat/coveragepy#1733
\n.. _changes_7-4-2:
\nVersion 7.4.2 — 2024-02-20
\n\n
\n- Fix: setting
\nCOVERAGE_CORE=sysmon
no longer errors on 3.11 and lower,\nthanksHugo van Kemenade <pull 1747_>
_. It now issues a warning that\nsys.monitoring is not available and falls back to the default core instead... _pull 1747: nedbat/coveragepy#1747
\n.. _changes_7-4-1:
\nVersion 7.4.1 — 2024-01-26
\n\n
\n- \n
\nPython 3.13.0a3 is supported.
\n- \n
\nFix: the JSON report now includes an explicit format version number, closing\n
\nissue 1732
_... _issue 1732: nedbat/coveragepy#1732
\n.. _changes_7-4-0:
\nVersion 7.4.0 — 2023-12-27
\n\n
\n- In Python 3.12 and above, you can try an experimental core based on the new\n:mod:
\nsys.monitoring <python:sys.monitoring>
module by defining a\nCOVERAGE_CORE=sysmon
environment variable. This should be faster for\nline coverage, but not for branch coverage, and plugins and dynamic contexts\nare not yet supported with it. I am very interested to hear how it works (or\ndoesn't!) for you... _changes_7-3-4:
\nVersion 7.3.4 — 2023-12-20
\n\n
... (truncated)
\n1af3624
docs: sample HTML for 7.4.3f06c5e4
docs: prep for 7.4.308fc997
fix: get atomic copies of iterables when flushing data. #17334e34571
build: put a time limit on the Python nightly testsa1d8d29
build: make targets should use underscores not dashesf7d40a0
build: tweak the release instructions0f19b82
build: bump version5d69334
test: if a test fails randomly, let it retry with @flaky
65d686c
docs: sample HTML for 7.4.2026dca7
docs: prep for 7.4.2Sourced from coverage's changelog.
\n\n\nVersion 7.4.3 — 2024-02-23
\n\n
\n- Fix: in some cases, coverage could fail with a RuntimeError: "Set changed\nsize during iteration." This is now fixed, closing
\nissue 1733
_... _issue 1733: nedbat/coveragepy#1733
\n.. _changes_7-4-2:
\nVersion 7.4.2 — 2024-02-20
\n\n
\n- Fix: setting
\nCOVERAGE_CORE=sysmon
no longer errors on 3.11 and lower,\nthanksHugo van Kemenade <pull 1747_>
_. It now issues a warning that\nsys.monitoring is not available and falls back to the default core instead... _pull 1747: nedbat/coveragepy#1747
\n.. _changes_7-4-1:
\nVersion 7.4.1 — 2024-01-26
\n\n
\n- \n
\nPython 3.13.0a3 is supported.
\n- \n
\nFix: the JSON report now includes an explicit format version number, closing\n
\nissue 1732
_... _issue 1732: nedbat/coveragepy#1732
\n.. _changes_7-4-0:
\nVersion 7.4.0 — 2023-12-27
\n\n
\n- In Python 3.12 and above, you can try an experimental core based on the new\n:mod:
\nsys.monitoring <python:sys.monitoring>
module by defining a\nCOVERAGE_CORE=sysmon
environment variable. This should be faster for\nline coverage, but not for branch coverage, and plugins and dynamic contexts\nare not yet supported with it. I am very interested to hear how it works (or\ndoesn't!) for you... _changes_7-3-4:
\nVersion 7.3.4 — 2023-12-20
\n\n
... (truncated)
\n1af3624
docs: sample HTML for 7.4.3f06c5e4
docs: prep for 7.4.308fc997
fix: get atomic copies of iterables when flushing data. #17334e34571
build: put a time limit on the Python nightly testsa1d8d29
build: make targets should use underscores not dashesf7d40a0
build: tweak the release instructions0f19b82
build: bump version5d69334
test: if a test fails randomly, let it retry with @flaky
65d686c
docs: sample HTML for 7.4.2026dca7
docs: prep for 7.4.2Sourced from coverage's changelog.
\n\n\nVersion 7.4.4 — 2024-03-14
\n\n
\n- \n
\nFix: in some cases, even with
\n[run] relative_files=True
, a data file\ncould be created with absolute path names. When combined with other relative\ndata files, it was random whether the absolute file names would be made\nrelative or not. If they weren't, then a file would be listed twice in\nreports, as detailed inissue 1752
_. This is now fixed: absolute file\nnames are always made relative when combining. Thanks to Bruno Rodrigues dos\nSantos for support.- \n
\nFix: the last case of a match/case statement had an incorrect message if the\nbranch was missed. It said the pattern never matched, when actually the\nbranch is missed if the last case always matched.
\n- \n
\nFix: clicking a line number in the HTML report now positions more accurately.
\n- \n
\nFix: the
\nreport:format
setting was defined as a boolean, but should be a\nstring. Thanks,Tanaydin Sirin <pull 1754_>
_. It is also now documented\non the :ref:configuration page <config_report_format>
... _issue 1752: nedbat/coveragepy#1752\n.. _pull 1754: nedbat/coveragepy#1754
\n.. _changes_7-4-3:
\nVersion 7.4.3 — 2024-02-23
\n\n
\n- Fix: in some cases, coverage could fail with a RuntimeError: "Set changed\nsize during iteration." This is now fixed, closing
\nissue 1733
_... _issue 1733: nedbat/coveragepy#1733
\n.. _changes_7-4-2:
\nVersion 7.4.2 — 2024-02-20
\n\n
\n- Fix: setting
\nCOVERAGE_CORE=sysmon
no longer errors on 3.11 and lower,\nthanksHugo van Kemenade <pull 1747_>
_. It now issues a warning that\nsys.monitoring is not available and falls back to the default core instead... _pull 1747: nedbat/coveragepy#1747
\n.. _changes_7-4-1:
\n\n
... (truncated)
\nbc5e2d7
docs: sample HTML for 7.4.49b0008b
docs: prep for 7.4.4a536161
docs: thanks, Bruno Rodrigues dos Santose06e4f9
chore: make doc_upgradef30818e
chore: make upgrade1b19799
fix: ensure absolute paths are relative when combined #17521ef020d
build: more cheats for convenient URLs3d57a07
docs: document the report:format setting8e30221
fix: correct the type of report:format in config.py (#1754)6289be8
refactor: use dataclasses, no namedtupleSourced from bandit's releases.
\n\n\n1.7.7
\nWhat's Changed
\n\n
\n- Add the new release to bandit versions of bug template by
\n@ericwb
in PyCQA/bandit#1075- Bump actions/setup-python from 4 to 5 by
\n@dependabot
in PyCQA/bandit#1076- Handle variant in how policy is passed in paramiko by
\n@ericwb
in PyCQA/bandit#1078- Flag str.replace as possible sql injection by
\n@costaparas
in PyCQA/bandit#1044- defusedxml: Show correct module name by
\n@kajinamit
in PyCQA/bandit#1081- Add tidelift to the sponsor funding list by
\n@ericwb
in PyCQA/bandit#1089- Create a security policy by
\n@ericwb
in PyCQA/bandit#1091- Fix up issues found running Bandit on itself by
\n@ericwb
in PyCQA/bandit#1093- Add random.randbytes to blacklist calls by
\n@ericwb
in PyCQA/bandit#1096- Prepend ./ for files specified as CLI args by
\n@ericwb
in PyCQA/bandit#1094- Rework GitPython dependency to be an extra for bandit-baseline by
\n@ericwb
in PyCQA/bandit#1099- Bump actions/dependency-review-action from 3 to 4 by
\n@dependabot
in PyCQA/bandit#1101- Introduce Official Bandit Images by
\n@lukehinds
in PyCQA/bandit#1088- Remove markdown formatting in reStructuredText formatted README by
\n@ericwb
in PyCQA/bandit#1103- Downsize the org:repo name by
\n@lukehinds
in PyCQA/bandit#1104New Contributors
\n\n
\n- \n
@kajinamit
made their first contribution in PyCQA/bandit#1081Full Changelog: https://github.com/PyCQA/bandit/compare/1.7.6...1.7.7
\n1.7.6
\nWhat's Changed
\n\n
\n\n- Update bug report to include version 1.7.5 by
\n@ericwb
in PyCQA/bandit#993- Render Python 3.10 in drop down correctly by
\n@ericwb
in PyCQA/bandit#997- Remove checks for Python2 urllib by
\n@ericwb
in PyCQA/bandit#999- Improper detection of non-requests module by
\n@ericwb
in PyCQA/bandit#1011- xmlrpclib replaced with xmlrpc in Python3 by
\n@ericwb
in PyCQA/bandit#1012- language and linting updates by
\n@marksmayo
in PyCQA/bandit#1015- Adds check for crypt module usage as weak hash by
\n@ericwb
in PyCQA/bandit#1018- Switch to tox 4 by
\n@mportesdev
in PyCQA/bandit#1020- Skip unnecessary
\npip install
commands in the pythonpackage.yml workflow by@mportesdev
in PyCQA/bandit#1021- Update versions of used GitHub Actions by
\n@mportesdev
in PyCQA/bandit#1024- Update pre-commit hooks by
\n@mportesdev
in PyCQA/bandit#1026- Add
\nrandom.Random
to B311 checks by@shiftinv
in PyCQA/bandit#940- Add a copy button to all code snippets in docs by
\n@ericwb
in PyCQA/bandit#1030- Replace pbr in favor of importlib by
\n@ericwb
in PyCQA/bandit#1016- Switch from open collective to PSF by
\n@ericwb
in PyCQA/bandit#1031- Make pre-commit run Bandit hook using a single process by
\n@Klavionik
in PyCQA/bandit#1029- Remove support for Python 3.7 due to end-of-life by
\n@ericwb
in PyCQA/bandit#1034- Update asserts.py documentation by
\n@deronnax
in PyCQA/bandit#1036- Simplify
\nwrap_file_object
by@mportesdev
in PyCQA/bandit#1037- django_rawsql_used: support keyword arguments used in
\nRawSQL
by@kevinmarsh
in PyCQA/bandit#765- Avoid gitpyhon CVE-2022-24439 by
\n@carlosduelo
in PyCQA/bandit#1048- Update blacklist call documentation by
\n@costaparas
in PyCQA/bandit#1045- Support ignoring blacklists by name by
\n@costaparas
in PyCQA/bandit#1046- Fix dependabot to update github actions by
\n@ericwb
in PyCQA/bandit#1057- Bump actions/checkout from 3 to 4 by
\n@dependabot
in PyCQA/bandit#1058
... (truncated)
\n4c5b3c8
Downsize the org:repo name (#1104)3f86e84
Remove markdown formatting in reStructuredText formatted README (#1103)ff7ed4b
Introduce Official Bandit Images (#1088)99ddf6b
Bump actions/dependency-review-action from 3 to 4 (#1101)22c75a8
Rework GitPython dependency to be an extra for bandit-baseline (#1099)12e14f6
Prepend ./ for files specified as CLI args (#1094)0779eb0
Add random.randbytes to blacklist calls (#1096)7129108
Fix up issues found running Bandit on itself (#1093)c2bd6d6
Create a security policy (#1091)a78cafe
Add tidelift to the sponsor funding list (#1089)Sourced from bandit's releases.
\n\n\n1.7.7
\nWhat's Changed
\n\n
\n- Add the new release to bandit versions of bug template by
\n@ericwb
in PyCQA/bandit#1075- Bump actions/setup-python from 4 to 5 by
\n@dependabot
in PyCQA/bandit#1076- Handle variant in how policy is passed in paramiko by
\n@ericwb
in PyCQA/bandit#1078- Flag str.replace as possible sql injection by
\n@costaparas
in PyCQA/bandit#1044- defusedxml: Show correct module name by
\n@kajinamit
in PyCQA/bandit#1081- Add tidelift to the sponsor funding list by
\n@ericwb
in PyCQA/bandit#1089- Create a security policy by
\n@ericwb
in PyCQA/bandit#1091- Fix up issues found running Bandit on itself by
\n@ericwb
in PyCQA/bandit#1093- Add random.randbytes to blacklist calls by
\n@ericwb
in PyCQA/bandit#1096- Prepend ./ for files specified as CLI args by
\n@ericwb
in PyCQA/bandit#1094- Rework GitPython dependency to be an extra for bandit-baseline by
\n@ericwb
in PyCQA/bandit#1099- Bump actions/dependency-review-action from 3 to 4 by
\n@dependabot
in PyCQA/bandit#1101- Introduce Official Bandit Images by
\n@lukehinds
in PyCQA/bandit#1088- Remove markdown formatting in reStructuredText formatted README by
\n@ericwb
in PyCQA/bandit#1103- Downsize the org:repo name by
\n@lukehinds
in PyCQA/bandit#1104New Contributors
\n\n
\n- \n
@kajinamit
made their first contribution in PyCQA/bandit#1081Full Changelog: https://github.com/PyCQA/bandit/compare/1.7.6...1.7.7
\n1.7.6
\nWhat's Changed
\n\n
\n\n- Update bug report to include version 1.7.5 by
\n@ericwb
in PyCQA/bandit#993- Render Python 3.10 in drop down correctly by
\n@ericwb
in PyCQA/bandit#997- Remove checks for Python2 urllib by
\n@ericwb
in PyCQA/bandit#999- Improper detection of non-requests module by
\n@ericwb
in PyCQA/bandit#1011- xmlrpclib replaced with xmlrpc in Python3 by
\n@ericwb
in PyCQA/bandit#1012- language and linting updates by
\n@marksmayo
in PyCQA/bandit#1015- Adds check for crypt module usage as weak hash by
\n@ericwb
in PyCQA/bandit#1018- Switch to tox 4 by
\n@mportesdev
in PyCQA/bandit#1020- Skip unnecessary
\npip install
commands in the pythonpackage.yml workflow by@mportesdev
in PyCQA/bandit#1021- Update versions of used GitHub Actions by
\n@mportesdev
in PyCQA/bandit#1024- Update pre-commit hooks by
\n@mportesdev
in PyCQA/bandit#1026- Add
\nrandom.Random
to B311 checks by@shiftinv
in PyCQA/bandit#940- Add a copy button to all code snippets in docs by
\n@ericwb
in PyCQA/bandit#1030- Replace pbr in favor of importlib by
\n@ericwb
in PyCQA/bandit#1016- Switch from open collective to PSF by
\n@ericwb
in PyCQA/bandit#1031- Make pre-commit run Bandit hook using a single process by
\n@Klavionik
in PyCQA/bandit#1029- Remove support for Python 3.7 due to end-of-life by
\n@ericwb
in PyCQA/bandit#1034- Update asserts.py documentation by
\n@deronnax
in PyCQA/bandit#1036- Simplify
\nwrap_file_object
by@mportesdev
in PyCQA/bandit#1037- django_rawsql_used: support keyword arguments used in
\nRawSQL
by@kevinmarsh
in PyCQA/bandit#765- Avoid gitpyhon CVE-2022-24439 by
\n@carlosduelo
in PyCQA/bandit#1048- Update blacklist call documentation by
\n@costaparas
in PyCQA/bandit#1045- Support ignoring blacklists by name by
\n@costaparas
in PyCQA/bandit#1046- Fix dependabot to update github actions by
\n@ericwb
in PyCQA/bandit#1057- Bump actions/checkout from 3 to 4 by
\n@dependabot
in PyCQA/bandit#1058
... (truncated)
\n4c5b3c8
Downsize the org:repo name (#1104)3f86e84
Remove markdown formatting in reStructuredText formatted README (#1103)ff7ed4b
Introduce Official Bandit Images (#1088)99ddf6b
Bump actions/dependency-review-action from 3 to 4 (#1101)22c75a8
Rework GitPython dependency to be an extra for bandit-baseline (#1099)12e14f6
Prepend ./ for files specified as CLI args (#1094)0779eb0
Add random.randbytes to blacklist calls (#1096)7129108
Fix up issues found running Bandit on itself (#1093)c2bd6d6
Create a security policy (#1091)a78cafe
Add tidelift to the sponsor funding list (#1089)