Add 1.7.4 in issue template (PyCQA#846)

Add an option for version 1.7.4 in the bug report in preparation for a new release of 1.7.4 afterwards.

Build of artifact fails if raw directive used (PyCQA#831)

A recent change to center the logo made use of the html raw keyword
in the README. Apparently this fails when building the Bandit artifact.

Checking dist/bandit-1.7.3.dev33-py3-none-any.whl: FAILED
`long_description` has syntax errors in markup and would not be rendered on PyPI.

line 1: Warning: "raw" directive disabled.
warning: `long_description_content_type` missing. defaulting to `text/x-rst`.

This change reverts the centering, but keeps the updated link.

Signed-off-by: Eric Brown <[email protected]>

Correctly define extras in `setup.cfg` (PyCQA#755)

* Use `extras` to define extras in `setup.cfg`

* Go back to using `entry_points` in `setup.cfg`

Co-authored-by: Eric Brown <[email protected]>

Release v1.7.1

Create CODEOWNERS (PyCQA#661)

A codeowners file makes it so people are automatically suggested as reviewers for pull requests
based on path to the code in the PR.

More information can be found here: 
https://docs.github.com/en/free-pro-team@latest/github/creating-cloning-and-archiving-repositories/about-code-owners

Co-authored-by: Luke Hinds <[email protected]>

Add workflow to publish to PyPI

Along with the existing workflow that can publish to
Test PyPI, this change also adds official PyPI.

The difference is that this workflow will only publish
if the commit is tagged.

Signed-off-by: Eric Brown <[email protected]>

Performance fix (PyCQA#502)

* Fix PyCQA#490 -- Fix performance issue introduced in 1.6.0

The lines were introduced in 7c4b9fa
and have two effects. First they cause `get_issue_list` to run twice and before
the user receives feedback that bandit started running. Secondly it does not
display any output if no issues are found, which is an unintended behavior change.

* add namespaces for parent attributes

* pylint formatting changes

* made bandit_parent a private attr

* temporary fix; perf issue only on quiet

* update perf issue

add test for regression and fix directory exclusion without wildcards (…

…PyCQA#489)

* add test for regression and fix directory exclusion without wildcards
* fix pep8 errors
* add support for directory exclusion without trailing slashes
* extend exclusion test for backwards compat with 1.5.1 and add fix
* fix pep8 errors
* fix styling
* fix styling
* fix styling

Remove pycryptodome blacklist (PyCQA#470)

* Remove pycryptodome from import blacklist

pycryptodome appears to be actively maintained, as opposed to pycrypto.

Unless there is a noted security issue with not using it, this removes
the blanket blacklist on the library. Any insecure hashes/ciphers/etc.
that the library provides will still be reported as per other libraries.

* [functional-tests]
- repurpose blacklist test to verify that pycryptodome is no longer blacklisted

* - fix flake8 line too long

* [flake8]
- misunderstood what flake8 was complaining about.

Adding test case for traversal crash

Follow up for PyCQA#369

Signed-off-by: Antoine Salon <[email protected]>