openstack/murano
Code Issues Proposed changes
Files
train-eol
murano/requirements.txt
Elod Illes 43997de7bd [stable-only] Cap bandit and fix constraints 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

With the introduction of the new dependency resolver in 20.3 pip the
lower-constraints job starts to fail as now the constraints are working
as they should. Multiple fixes needed:
* lower-constraints job uses the [testenv]install_command, so it gives
  both the upper-constraints and lower-constraints, which causes the
  job to fail. As an easy fix install_command is added to this target
  without the upper constraints.
* duplicate stestr constraint removed
* cryptography lower constraint is bumped as with version 2.1 the
  new resolver of pip takes hours to install the packages
* contradicting hacking version replaced (in lower-constraints.txt to
  match with test-requirements.txt), which pulls in newer flake8, too
* lower-constraints test job failed with error message:
  "[..] unexpected keyword argument 'barbican_endpoint_type'"
  which is due to old version of castellan.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] https://github.com/PyCQA/bandit/pull/615
[3] https://github.com/PyCQA/bandit/issues/663
[4] https://github.com/PyCQA/bandit/issues/665

Change-Id: I4b33c2544c911bd68ed8af4c754c9f5dc0c93be8
2021-03-20 17:35:51 +01:00

52 lines
1.7 KiB
Plaintext
Raw Permalink Blame History

# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
pbr!=2.1.0,>=2.0.0 # Apache-2.0
Babel!=2.4.0,>=2.3.4 # BSD
SQLAlchemy!=1.1.5,!=1.1.6,!=1.1.7,!=1.1.8,>=1.0.10 # MIT
stevedore>=1.20.0 # Apache-2.0
alembic>=0.8.10 # MIT
eventlet!=0.18.3,!=0.20.1,!=0.21.0,!=0.23.0,!=0.25.0,>=0.18.2 # MIT
PasteDeploy>=1.5.0 # MIT
Routes>=2.3.1 # MIT
tenacity>=4.4.0 # Apache-2.0
WebOb>=1.7.1 # MIT
kombu!=4.0.2,>=4.0.0 # BSD
psutil>=3.2.2 # BSD
six>=1.10.0 # MIT
netaddr>=0.7.18 # BSD
PyYAML>=3.12 # MIT
jsonpatch!=1.20,>=1.16 # BSD
keystoneauth1>=3.4.0 # Apache-2.0
keystonemiddleware>=4.17.0 # Apache-2.0
testtools>=2.2.0 # MIT
yaql>=1.1.3 # Apache 2.0 License
debtcollector>=1.2.0 # Apache-2.0
cryptography>=2.1.4 # BSD/Apache-2.0
# For paste.util.template used in keystone.common.template
Paste>=2.0.2 # MIT
jsonschema>=2.6.0 # MIT
python-keystoneclient>=3.8.0 # Apache-2.0
python-heatclient>=1.10.0 # Apache-2.0
python-neutronclient>=6.7.0 # Apache-2.0
python-muranoclient>=0.8.2 # Apache-2.0
python-congressclient<2000,>=1.9.0 # Apache-2.0
python-mistralclient!=3.2.0,>=3.1.0 # Apache-2.0
oslo.db>=4.27.0 # Apache-2.0
oslo.config>=5.2.0 # Apache-2.0
oslo.concurrency>=3.26.0 # Apache-2.0
oslo.context>=2.19.2 # Apache-2.0
oslo.policy>=1.30.0 # Apache-2.0
oslo.messaging>=5.29.0 # Apache-2.0
oslo.middleware>=3.31.0 # Apache-2.0
oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
oslo.service!=1.28.1,>=1.24.0 # Apache-2.0
oslo.utils>=3.33.0 # Apache-2.0
oslo.i18n>=3.15.3 # Apache-2.0
oslo.log>=3.36.0 # Apache-2.0
oslo.upgradecheck>=0.1.0 # Apache-2.0
semantic-version>=2.8.2 # BSD
castellan>=0.18.0 # Apache-2.0
View Git Blame Copy Permalink