e789f92eb9
bandit is a linter and is listed in the "blacklist" from the requirements repo, so it does not appear in the constraints lists. Project teams are expected to manage the verions(s) allowed on their own, to allow different teams to roll ahead to new versions as they can rather than having the entire community do it in lock-step. This change caps the version of bandit to the one available during the rocky development cycle to avoid introducing the new rules from newer releases into a stable branch. Change-Id: Ia59de069b29f584cce21163a77812ec0ed243e65
24 lines
771 B
Plaintext
24 lines
771 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
hacking>=1.1.0 # Apache-2.0
|
|
|
|
bandit>=1.1.0,<1.5.0 # Apache-2.0
|
|
coverage!=4.4,>=4.0 # Apache-2.0
|
|
fixtures>=3.0.0 # Apache-2.0/BSD
|
|
flake8-import-order==0.12 # LGPLv3
|
|
mock>=2.0.0 # BSD
|
|
python-subunit>=1.0.0 # Apache-2.0/BSD
|
|
testtools>=2.2.0 # MIT
|
|
testresources>=2.0.0 # Apache-2.0/BSD
|
|
testscenarios>=0.4 # Apache-2.0/BSD
|
|
WebTest>=2.0.27 # MIT
|
|
oslotest>=3.2.0 # Apache-2.0
|
|
stestr>=1.0.0 # Apache-2.0
|
|
reno>=2.5.0 # Apache-2.0
|
|
ddt>=1.0.1 # MIT
|
|
pylint==1.4.5 # GPLv2
|
|
# Needed to run DB commands in virtualenvs
|
|
PyMySQL>=0.7.6 # MIT License
|
|
bashate>=0.5.1 # Apache-2.0
|