From 9213ae8ad8da61bf81f63bc9f52c3550db166a7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Piotr=20Gr=C3=B3dek?= <grodekpiotr+gh@gmail.com>
Date: Fri, 3 Nov 2023 09:58:43 +0100
Subject: [PATCH 1/2] Fix bandit in pre-commit hook

* switch provider to PyCQA
* update bandit version
* fix issue with incorrect pyproject.toml support in bandit
* relax bandit check to disable B101 - asserts are okay in code
---
 {{ cookiecutter.repo_name }}/.pre-commit-config.yaml | 9 +++++----
 {{ cookiecutter.repo_name }}/pyproject.toml          | 3 +++
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml b/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml
index aea70c9..10f8af7 100644
--- a/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml	
+++ b/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml	
@@ -84,8 +84,9 @@ repos:
             #   ["--extension-pkg-whitelist=pydantic"]
 
       # Finds common security issues in Python code.
-    - repo: https://github.com/Lucas-C/pre-commit-hooks-bandit
-      rev: v1.0.6
+    - repo: https://github.com/PyCQA/bandit
+      rev: 1.7.5
       hooks:
-          - id: python-bandit-vulnerability-check
-            args: [-c, pyproject.toml, --recursive, src, -ll]
+          - id: bandit
+            args: [-c, pyproject.toml, --recursive, src]
+            additional_dependencies: [".[toml]"] # required for pyproject.toml support
diff --git a/{{ cookiecutter.repo_name }}/pyproject.toml b/{{ cookiecutter.repo_name }}/pyproject.toml
index 3819bad..4f99fd5 100644
--- a/{{ cookiecutter.repo_name }}/pyproject.toml	
+++ b/{{ cookiecutter.repo_name }}/pyproject.toml	
@@ -140,3 +140,6 @@ min-similarity-lines=10
 
 [tool.bandit]
 exclude_dirs = ["venv",]
+# B101 disables errors for asserts in the code
+# remember to not use asserts for security and control flows
+skips = ["B101"]
\ No newline at end of file

From 9564e997c13974b836e77502db54c925fa3281df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Piotr=20Gr=C3=B3dek?= <grodekpiotr+gh@gmail.com>
Date: Fri, 3 Nov 2023 10:00:32 +0100
Subject: [PATCH 2/2] Updates linters: run  pre-commit autoupdate

---
 {{ cookiecutter.repo_name }}/.pre-commit-config.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml b/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml
index 10f8af7..0bdcb47 100644
--- a/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml	
+++ b/{{ cookiecutter.repo_name }}/.pre-commit-config.yaml	
@@ -14,7 +14,7 @@ repos:
 
       # PEP 8 compliant opinionated formatter.
     - repo: https://github.com/psf/black
-      rev: 23.9.1
+      rev: 23.10.1
       hooks:
           - id: black
             exclude: (docs/)
@@ -23,7 +23,7 @@ repos:
 
       # Cleaning unused imports.
     - repo: https://github.com/hadialqattan/pycln
-      rev: v2.2.2
+      rev: v2.3.0
       hooks:
           - id: pycln
             args: ["-a"]