From 458b338c15167bdc848c0494dc08c3f2ecde3b1c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 15 Jun 2026 01:08:34 +0000
Subject: [PATCH] deps(deps): bump bandit from 1.8.6 to 1.9.4 in the
 security-tools group

Bumps the security-tools group with 1 update: [bandit](https://github.com/PyCQA/bandit).


Updates `bandit` from 1.8.6 to 1.9.4
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.8.6...1.9.4)

---
updated-dependencies:
- dependency-name: bandit
  dependency-version: 1.9.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security-tools
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements/base.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 485bcf8..25c47e6 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -50,7 +50,7 @@ reportlab==4.5.1
 python-pptx==1.0.2
 
 # 安全扫描
-bandit==1.8.6
+bandit==1.9.4
 safety==3.8.1
 
 # WebSocket（通用）