43377ef7d1
There's a regression[0] in bandit 1.6.0 which causes bandit to stop
respecting excluded directories, and our tests throw a bunch of
violations. Blacklist this version, but allow newer versions as there is
already a pull request[1] to fix it, and I expect it will be included in
the next release.
Also fix the requirements job which was broken by
https://review.opendev.org/657890 adding a cap on Sphinx on Python 2.
[0] https://github.com/PyCQA/bandit/issues/488
[1] https://github.com/PyCQA/bandit/pull/489
Change-Id: Ieabcd4e8c5e5354125a63e89b9b60931c760858a
(cherry picked from commit 011fa22c42
)
12 lines
502 B
Plaintext
12 lines
502 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
|
|
openstackdocstheme>=1.18.1 # Apache-2.0
|
|
os-api-ref>=1.4.0 # Apache-2.0
|
|
sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
|
|
sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
|
|
reno>=2.5.0 # Apache-2.0
|
|
sphinxcontrib-apidoc>=0.2.0 # BSD
|
|
sphinxcontrib-httpdomain>=1.3.0 # BSD
|