Merge "Move bandit requirements to tox.ini"

2022-07-11 18:28:48 +00:00 · 2022-07-11 18:28:48 +00:00 · b24de11cea
parent a2deecef89 befa5b5be8
commit b24de11cea
2 changed files with 2 additions and 3 deletions
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -17,9 +17,6 @@ psycopg2>=2.8.5 # LGPL/ZPL
 SQLAlchemy-Utils>=0.37.8 # BSD License
 testtools>=2.4.0 # MIT

-# bandit is not included in upper-constraints,
-# so we need to pin it here to a known working version
-bandit==1.6.0 # Apache-2.0
 doc8>=0.8.1 # Apache-2.0
 mypy>=0.942 # MIT
 moto>=1.3.15 # Apache-2.0
--- a/tox.ini
+++ b/tox.ini
@ -148,9 +148,11 @@ commands = python {toxinidir}/tools/generate_driver_list.py

 [testenv:bandit]
 deps = -r{toxinidir}/test-requirements.txt
+       bandit==1.6.0
 commands = bandit -r cinder -n5 -x cinder/tests/* -ll

 [testenv:bandit-baseline]
+deps = bandit==1.6.0
 envdir = {toxworkdir}/bandit
 commands = bandit-baseline -r cinder -n5 -x cinder/tests/* -ii -ll