Browse Source

[stable-only] Cap bandit and fix lower-constrains

bandit 1.6.3 [1] release has dropped support for py2 [2] but the
release is faulty and pip still picks it up for py2 [3][4], so cap to
1.6.2 when using py2.

With the new pip dependency resolver (introduced in pip 20.3) the
lower-constraints job started to timeout and fail. This patch fixes
package version constraint contradictions and add some new lower
constraints to speed up pip's dependency resolution.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] https://github.com/PyCQA/bandit/pull/615
[3] https://github.com/PyCQA/bandit/issues/663
[4] https://github.com/PyCQA/bandit/issues/665

Change-Id: Ib3ff3bd2df8954407e880a759082ef1eee3e76a1
changes/16/770816/1
Elod Illes 9 months ago
parent
commit
cff32e1189
  1. 13
      lower-constraints.txt
  2. 6
      requirements.txt
  3. 4
      test-requirements.txt

13
lower-constraints.txt

@ -15,7 +15,7 @@ cliff==2.11.0
cmd2==0.8.1
contextlib2==0.5.5
coverage==4.0
cryptography==2.1
cryptography==2.1.4
cursive==0.2.1
ddt==1.0.1
debtcollector==1.19.0
@ -57,7 +57,9 @@ MarkupSafe==1.0
mccabe==0.2.1
mock==2.0.0
monotonic==1.4
mox3==0.20.0
msgpack==0.5.6
msgpack-python==0.5.6
netaddr==0.7.19
netifaces==0.10.6
networkx==1.11
@ -70,7 +72,7 @@ os-win==3.0.0
oslo.cache==1.29.0
oslo.concurrency==3.26.0
oslo.config==5.2.0
oslo.context==2.19.2
oslo.context==2.22.0
oslo.db==4.27.0
oslo.i18n==3.15.3
oslo.log==3.36.0
@ -116,9 +118,9 @@ python-glanceclient==2.15.0
python-keystoneclient==3.15.0
python-mimeparse==1.6.0
python-novaclient==9.1.0
python-subunit==1.2.0
python-subunit==1.3.0
python-swiftclient==3.2.0
pytz==2013.6
pytz==2015.7
pyudev==0.21.0
PyYAML==3.12
reno==2.5.0
@ -130,6 +132,7 @@ rfc3986==1.1.0
Routes==2.3.1
rsa==3.4.2
rtslib-fb==2.1.65
simplejson==3.5.1
six==1.10.0
smmap2==2.0.3
snowballstemmer==1.2.1
@ -138,7 +141,7 @@ sphinx-feature-classification==0.1.0
sphinxcontrib-websupport==1.0.1
sqlalchemy-migrate==0.11.0
SQLAlchemy==1.0.10
SQLAlchemy-Utils==0.36.1
SQLAlchemy-Utils==0.33.11
sqlparse==0.2.4
statsd==3.2.2
stestr==2.2.0

6
requirements.txt

@ -18,7 +18,7 @@ lxml!=3.7.0,>=3.4.1 # BSD
oauth2client!=4.0.0,>=1.5.0 # Apache-2.0
oslo.config>=5.2.0 # Apache-2.0
oslo.concurrency>=3.26.0 # Apache-2.0
oslo.context>=2.19.2 # Apache-2.0
oslo.context>=2.22.0 # Apache-2.0
oslo.db>=4.27.0 # Apache-2.0
oslo.log>=3.36.0 # Apache-2.0
oslo.messaging>=6.4.0 # Apache-2.0
@ -44,7 +44,7 @@ python-glanceclient>=2.15.0 # Apache-2.0
python-keystoneclient>=3.15.0 # Apache-2.0
python-novaclient>=9.1.0 # Apache-2.0
python-swiftclient>=3.2.0 # Apache-2.0
pytz>=2013.6 # MIT
pytz>=2015.7 # MIT
requests>=2.14.2,!=2.20.0 # Apache-2.0
retrying!=1.3.0,>=1.2.3 # Apache-2.0
Routes>=2.3.1 # MIT
@ -63,5 +63,5 @@ os-win>=3.0.0 # Apache-2.0
tooz>=1.58.0 # Apache-2.0
google-api-python-client>=1.4.2 # Apache-2.0
castellan>=0.16.0 # Apache-2.0
cryptography>=2.1 # BSD/Apache-2.0
cryptography>=2.1.4 # BSD/Apache-2.0
cursive>=0.2.1 # Apache-2.0

4
test-requirements.txt

@ -13,11 +13,11 @@ os-api-ref>=1.4.0 # Apache-2.0
oslotest>=3.2.0 # Apache-2.0
PyMySQL>=0.7.6 # MIT License
psycopg2>=2.7 # LGPL/ZPL
SQLAlchemy-Utils>=0.36.1 # BSD License
SQLAlchemy-Utils>=0.33.11 # BSD License
testtools>=2.2.0 # MIT
testresources>=2.0.0 # Apache-2.0/BSD
testscenarios>=0.4 # Apache-2.0/BSD
oslo.versionedobjects[fixtures]>=1.31.2 # Apache-2.0
tempest>=17.1.0 # Apache-2.0
bandit>=1.1.0 # Apache-2.0
bandit>=1.1.0,<=1.6.2 # Apache-2.0
reno>=2.5.0 # Apache-2.0

Loading…
Cancel
Save