Merge branch 'main' into dependabot/pip/virtualenv-20.35.4

docktermj · web-flow · commit fb4830364df2 · 2025-10-29T15:12:32.000-04:00
diff --git a/.github/workflows/bandit.yaml b/.github/workflows/bandit.yaml
@@ -11,29 +11,16 @@ permissions: {}
 jobs:
   bandit:
     permissions:
-      contents: read
-      pull-requests: write
+      security-events: write
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         python-version: ["3.12"]
 
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v5
-        with:
-          persist-credentials: false
-
-      - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v6
-        with:
-          python-version: ${{ matrix.python-version }}
-
       - name: Run Bandit Scan
-        uses: lukehinds/bandit-action@new-action
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        uses: PyCQA/bandit-action@v1
         with:
-          path: "python"
-          recursive: "true"
+          python-version: ${{ matrix.python-version }}
+          targets: python
diff --git a/java/pom.xml b/java/pom.xml
@@ -165,7 +165,7 @@
           <plugin>
             <groupId>com.github.spotbugs</groupId>
             <artifactId>spotbugs-maven-plugin</artifactId>
-            <version>4.9.7.0</version>
+            <version>4.9.8.1</version>
             <configuration>
               <plugins>
                 <plugin>
