From 2138f3c40b5e9c28cd8af018eccc7ab109d276a0 Mon Sep 17 00:00:00 2001
From: mickael e <mickael@freedom.press>
Date: Tue, 18 Jun 2019 11:49:25 -0400
Subject: [PATCH 1/2] Unpin bandit and fix exclude path

---
 Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index d07c480a7..77274ad74 100644
--- a/Makefile
+++ b/Makefile
@@ -56,8 +56,8 @@ safety: ## Runs `safety check` to check python dependencies for vulnerabilities
 .PHONY: bandit
 bandit: ## Run bandit with medium level excluding test-related folders
 	pip install --upgrade pip && \
-        pip install --upgrade bandit==1.5.1 && \
-	bandit -ll --recursive . --exclude tests,.venv
+        pip install --upgrade bandit && \
+	bandit -ll --recursive . --exclude ./tests,.venv
 
 .PHONY: check
 check: clean lint mypy test ## Run the full CI test suite

From 835ec576e17ddd865f27208803380ad8605d72b0 Mon Sep 17 00:00:00 2001
From: redshiftzero <jen@freedom.press>
Date: Wed, 26 Jun 2019 12:24:36 -0700
Subject: [PATCH 2/2] bandit: fix path to .venv

---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 77274ad74..85c04e4a4 100644
--- a/Makefile
+++ b/Makefile
@@ -57,7 +57,7 @@ safety: ## Runs `safety check` to check python dependencies for vulnerabilities
 bandit: ## Run bandit with medium level excluding test-related folders
 	pip install --upgrade pip && \
         pip install --upgrade bandit && \
-	bandit -ll --recursive . --exclude ./tests,.venv
+	bandit -ll --recursive . --exclude ./tests,./.venv
 
 .PHONY: check
 check: clean lint mypy test ## Run the full CI test suite