Cap Bandit below 1.6.0 and update Sphinx and jsonschema requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Remove the jsonschema >3.0.0 version. Co-Authored-By: zhurong <aaronzhu1121@gmail.com> Change-Id: I34a53bf6b9389af8530f5806841814cc035eae99
2019-05-14 11:03:31 +02:00 · 2019-05-14 11:03:31 +02:00 · 6ec7a4ce45
parent 543b7cb3ea
commit 6ec7a4ce45
3 changed files with 4 additions and 3 deletions
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@ -1,5 +1,6 @@
 # doc build requirements
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
 sphinxcontrib-httpdomain>=1.3.0 # BSD
 reno>=2.5.0 # Apache-2.0
 openstackdocstheme>=1.18.1 # Apache-2.0
--- a/requirements.txt
+++ b/requirements.txt
@ -27,7 +27,7 @@ cryptography>=2.1 # BSD/Apache-2.0
 # For paste.util.template used in keystone.common.template
 Paste>=2.0.2 # MIT

-jsonschema<3.0.0,>=2.6.0 # MIT
+jsonschema>=2.6.0 # MIT
 python-keystoneclient>=3.8.0 # Apache-2.0
 python-heatclient>=1.10.0 # Apache-2.0
 python-neutronclient>=6.7.0 # Apache-2.0
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -17,7 +17,7 @@ pylint==1.4.5 # GPLv2
 requests>=2.14.2 # Apache-2.0
 stestr>=1.0.0 # Apache-2.0
 murano-pkg-check>=0.3.0 # Apache-2.0
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0

 # Some of the tests use real MySQL and Postgres databases
 PyMySQL>=0.7.6 # MIT License