Blacklist bandit 1.6.0 and cap Sphinx on Python2
There's a regression[0] in bandit 1.6.0 which causes bandit to stop
respecting excluded directories, and our tests throw a bunch of
violations. Blacklist this version, but allow newer versions as there is
already a pull request[1] to fix it, and I expect it will be included in
the next release.
Also fix the requirements job which was broken by
https://review.opendev.org/657890 adding a cap on Sphinx on Python 2.
[0] https://github.com/PyCQA/bandit/issues/488
[1] https://github.com/PyCQA/bandit/pull/489
Co-Authored-By: Jake Yip <jake.yip@unimelb.edu.au>
Task: 33401
Story: 2005740
Change-Id: I34dc36c5236debc42424073af2c2d2104e18179a
(cherry picked from commit 913636b6b1
)
This commit is contained in:
parent
9f06126be7
commit
eec7184fbc
|
@ -4,5 +4,6 @@
|
|||
openstackdocstheme>=1.18.1 # Apache-2.0
|
||||
osprofiler>=1.4.0 # Apache-2.0
|
||||
os-api-ref>=1.4.0 # Apache-2.0
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
|
||||
reno>=2.5.0 # Apache-2.0
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# Despite above warning added by global sync process, please use
|
||||
# ascii betical order.
|
||||
|
||||
bandit>=1.1.0 # Apache-2.0
|
||||
bandit!=1.6.0,>=1.1.0 # Apache-2.0
|
||||
bashate>=0.5.1 # Apache-2.0
|
||||
coverage!=4.4,>=4.0 # Apache-2.0
|
||||
doc8>=0.6.0 # Apache-2.0
|
||||
|
@ -17,7 +17,8 @@ osprofiler>=1.4.0 # Apache-2.0
|
|||
os-testr>=1.0.0 # Apache-2.0
|
||||
python-subunit>=1.0.0 # Apache-2.0/BSD
|
||||
pytz>=2013.6 # MIT
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
|
||||
testrepository>=0.0.18 # Apache-2.0/BSD
|
||||
stestr>=2.0.0 # Apache-2.0
|
||||
testscenarios>=0.4 # Apache-2.0/BSD
|
||||
|
|
Loading…
Reference in New Issue