[flake8-bandit] Deprecate suspicious-xmle-tree-usage (S320) (#16680)

## Summary Deprecate `S320` because defusedxml has deprecated there `lxml` module and `lxml` has been hardened since. flake8-bandit has removed their implementation as well (https://github.com/PyCQA/bandit/pull/1212). Addresses https://github.com/astral-sh/ruff/issues/13707 ## Test Plan I verified that selecting `S320` prints a warning and fails if the preview mode is enabled.
2025-09-28 21:05:08 +00:00 · 2025-03-13 08:46:23 +01:00 · 2025-03-13 08:46:23 +01:00 · 1326d55c29
commit 1326d55c29
parent c19cd58670
3 changed files with 10 additions and 2 deletions
--- a/crates/ruff_linter/src/codes.rs
+++ b/crates/ruff_linter/src/codes.rs
@ -649,7 +649,7 @@ pub fn code_to_rule(linter: Linter, code: &str) -> Option<(RuleGroup, Rule)> {
        (Flake8Bandit, "317") => (RuleGroup::Stable, rules::flake8_bandit::rules::SuspiciousXMLSaxUsage),
        (Flake8Bandit, "318") => (RuleGroup::Stable, rules::flake8_bandit::rules::SuspiciousXMLMiniDOMUsage),
        (Flake8Bandit, "319") => (RuleGroup::Stable, rules::flake8_bandit::rules::SuspiciousXMLPullDOMUsage),
-        (Flake8Bandit, "320") => (RuleGroup::Stable, rules::flake8_bandit::rules::SuspiciousXMLETreeUsage),
+        (Flake8Bandit, "320") => (RuleGroup::Deprecated, rules::flake8_bandit::rules::SuspiciousXMLETreeUsage),
        (Flake8Bandit, "321") => (RuleGroup::Stable, rules::flake8_bandit::rules::SuspiciousFTPLibUsage),
        (Flake8Bandit, "323") => (RuleGroup::Stable, rules::flake8_bandit::rules::SuspiciousUnverifiedContextUsage),
        (Flake8Bandit, "324") => (RuleGroup::Stable, rules::flake8_bandit::rules::HashlibInsecureHashFunction),