Blacklist bandit 1.6.0

There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] https://github.com/PyCQA/bandit/issues/488 [1] https://github.com/PyCQA/bandit/pull/489 Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2
2019-05-09 14:22:12 +00:00 · 2019-05-09 14:22:12 +00:00 · ebac8330d8
commit ebac8330d8
parent ed5b8bc6a7
1 changed files with 1 additions and 1 deletions
--- a/setup.cfg
+++ b/setup.cfg
@ -35,7 +35,7 @@ memcache =
 mongodb =
  pymongo!=3.1,>=3.0.2 # Apache-2.0
 bandit =
-  bandit>=1.1.0 # Apache-2.0
+  bandit!=1.6.0,>=1.1.0 # Apache-2.0

 [global]
 setup-hooks =