Blacklist bandit 1.6.0 and cap Sphinx on Python2
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. Also fix the requirements job which was broken by https://review.opendev.org/657890 adding a cap on Sphinx on Python 2. [0] https://github.com/PyCQA/bandit/issues/488 [1] https://github.com/PyCQA/bandit/pull/489 Change-Id: Ieabcd4e8c5e5354125a63e89b9b60931c760858a
This commit is contained in:
parent
563616967d
commit
011fa22c42
|
@ -4,7 +4,8 @@
|
|||
|
||||
openstackdocstheme>=1.18.1 # Apache-2.0
|
||||
os-api-ref>=1.4.0 # Apache-2.0
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
|
||||
reno>=2.5.0 # Apache-2.0
|
||||
sphinxcontrib-apidoc>=0.2.0 # BSD
|
||||
sphinxcontrib-httpdomain>=1.3.0 # BSD
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
# Hacking already pins down pep8, pyflakes and flake8
|
||||
hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0
|
||||
bandit>=1.1.0 # Apache-2.0
|
||||
bandit!=1.6.0,>=1.1.0 # Apache-2.0
|
||||
coverage!=4.4,>=4.0 # Apache-2.0
|
||||
fixtures>=3.0.0 # Apache-2.0/BSD
|
||||
kombu!=4.0.2,>=4.0.0 # BSD
|
||||
|
|
Loading…
Reference in New Issue