From 2921297ccdca79fef46caaa354272bfc7b629456 Mon Sep 17 00:00:00 2001
From: John Hensley <john@freedom.press>
Date: Tue, 15 Dec 2020 10:03:03 -0500
Subject: [PATCH] Update bandit to 1.7.0

The 322 test was not yet deprecated in our last pinned version (1.4.0)
so removing it from the skip list in #5670 broke in local environments
in which bandit wasn't upgraded (as is done each run in CI).

Also, 1.4.0 didn't yet support glob patterns in bandit's --exclude
option, so running it locally would take forever as the .venv
directory was scanned.
---
 securedrop/requirements/python3/develop-requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/securedrop/requirements/python3/develop-requirements.txt b/securedrop/requirements/python3/develop-requirements.txt
index d3e29b4d23..3e1c32ec0a 100644
--- a/securedrop/requirements/python3/develop-requirements.txt
+++ b/securedrop/requirements/python3/develop-requirements.txt
@@ -48,9 +48,9 @@ attrs==20.2.0 \
     --hash=sha256:26b54ddbbb9ee1d34d5d3668dd37d6cf74990ab23c828c2888dccdceee395594 \
     --hash=sha256:fce7fc47dfc976152e82d53ff92fa0407700c21acd20886a13777a0d20e655dc \
     # via pytest
-bandit==1.4.0 \
-    --hash=sha256:cb977045497f83ec3a02616973ab845c829cdab8144ce2e757fe031104a9abd4 \
-    --hash=sha256:de4cc19d6ba32d6f542c6a1ddadb4404571347d83ef1ed1e7afb7d0b38e0c25b \
+bandit==1.7.0 \
+    --hash=sha256:216be4d044209fa06cf2a3e51b319769a51be8318140659719aa7a115c35ed07 \
+    --hash=sha256:8a4c7415254d75df8ff3c3b15cfe9042ecee628a1e40b44c15a98890fbfc2608 \
     # via -r requirements/python3/develop-requirements.in
 bcrypt==3.1.3 \
     --hash=sha256:05b35b9842b009b44496fa5433ce462f69966291e50fbd471dbb427f399f748f \