bandit fails to build with Python 3.14.0a5. ==================================== ERRORS ==================================== ___________ ERROR collecting tests/unit/cli/test_config_generator.py ___________ tests/unit/cli/test_config_generator.py:22: in <module> @test.checks("Str") bandit/core/test_properties.py:22: in wrapper func._checks.append(utils.check_ast_node(arg)) bandit/core/utils.py:370: in check_ast_node raise TypeError(f"Error: {name} is not a valid node type in AST") E TypeError: Error: Str is not a valid node type in AST ______________ ERROR collecting tests/unit/core/test_test_set.py _______________ tests/unit/core/test_test_set.py:17: in <module> @test.checks("Str") bandit/core/test_properties.py:22: in wrapper func._checks.append(utils.check_ast_node(arg)) bandit/core/utils.py:370: in check_ast_node raise TypeError(f"Error: {name} is not a valid node type in AST") E TypeError: Error: Str is not a valid node type in AST https://docs.python.org/3.14/whatsnew/3.14.html For the build logs, see: https://copr-be.cloud.fedoraproject.org/results/@python/python3.14/fedora-rawhide-x86_64/08750269-bandit/ For all our attempts to build bandit with Python 3.14, see: https://copr.fedorainfracloud.org/coprs/g/python/python3.14/package/bandit/ Testing and mass rebuild of packages is happening in copr. You can follow these instructions to test locally in mock if your package builds with Python 3.14: https://copr.fedorainfracloud.org/coprs/g/python/python3.14/ Let us know here if you have any questions. Python 3.14 is planned to be included in Fedora 43. To make that update smoother, we're building Fedora packages with all pre-releases of Python 3.14. A build failure prevents us from testing all dependent packages (transitive [Build]Requires), so if this package is required a lot, it's important for us to get it fixed soon. We'd appreciate help from the people who know this package best, but if you don't want to work on this now, let us know so we can try to work around it on our side.
*** Bug 2371680 has been marked as a duplicate of this bug. ***
Mikel, you ASSIGNED this Bugzilla in March. What is the plan? The Beta Freeze of Fedora 43 starts tomorrow.
Upstream hasn't fixed the issue and I don't time to check it by myself at the moment. https://github.com/PyCQA/bandit/issues/1219 The only option would be to retire the package, right?
You can probably postpone the decision to later (near final freeze). Or orphan the package and ask for new maintainers.
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
This package has been orphaned. You can pick it up at https://src.fedoraproject.org/rpms/bandit by clicking button "Take". If nobody picks it up, it will be retired and removed from a distribution.
This is a placeholder reminder
Automation has figured out the package is retired in rawhide. If you like it to be unretired, please open a ticket at https://pagure.io/releng/new_issue?template=package_unretirement