Cap bandit for stein and bump lower-constraints
The bandit package no longer supports python 2.7 in the latest version. This patch caps the version of bandit to < 1.6.3. Then we cannot allow >=1.6.3 as it requires a newer version of pyyaml than the stein upper-constraints will allow. Update tox config for new bandit release. Change-Id: Iee2cdc7c149eedb3d62007e4815b3b94c1b0c49e
This commit is contained in:
parent
c256806660
commit
981157d09f
|
@ -3,10 +3,10 @@ alembic==0.8.10
|
|||
amqp==2.2.2
|
||||
appdirs==1.4.3
|
||||
asn1crypto==0.24.0
|
||||
astroid==1.3.8
|
||||
astroid==1.6.0
|
||||
automaton==1.14.0
|
||||
Babel==2.3.4
|
||||
bandit==1.4.0
|
||||
bandit==1.1.0
|
||||
bcrypt==3.1.4
|
||||
beautifulsoup4==4.6.0
|
||||
cachetools==2.0.1
|
||||
|
@ -34,7 +34,7 @@ eventlet==0.20.0
|
|||
extras==1.0.0
|
||||
fasteners==0.14.1
|
||||
fixtures==3.0.0
|
||||
flake8==2.5.5
|
||||
flake8==2.6.2
|
||||
flake8-import-order==0.12
|
||||
Flask==0.10
|
||||
future==0.16.0
|
||||
|
@ -44,7 +44,7 @@ gitdb2==2.0.3
|
|||
GitPython==2.1.8
|
||||
greenlet==0.4.13
|
||||
gunicorn==19.0.0
|
||||
hacking==0.12.0
|
||||
hacking==1.1.0
|
||||
idna==2.6
|
||||
imagesize==1.0.0
|
||||
ipaddress==1.0.17
|
||||
|
@ -62,7 +62,7 @@ linecache2==1.0.0
|
|||
logilab-common==1.4.1
|
||||
logutils==0.3.5
|
||||
Mako==1.0.7
|
||||
MarkupSafe==1.0
|
||||
MarkupSafe==1.1.0
|
||||
mccabe==0.4.0
|
||||
mock==2.0.0
|
||||
monotonic==1.4
|
||||
|
@ -88,7 +88,7 @@ oslo.messaging==6.3.0
|
|||
oslo.middleware==3.31.0
|
||||
oslo.policy==1.30.0
|
||||
oslo.reports==1.18.0
|
||||
oslo.serialization==2.18.0
|
||||
oslo.serialization==2.28.1
|
||||
oslo.service==1.30.0
|
||||
oslo.upgradecheck==0.1.0
|
||||
oslo.utils==3.33.0
|
||||
|
@ -107,7 +107,7 @@ psutil==5.4.3
|
|||
pyasn1==0.1.8
|
||||
pyasn1-modules==0.0.6
|
||||
pycadf==2.7.0
|
||||
pycodestyle==2.3.1
|
||||
pycodestyle==2.0.0
|
||||
pycparser==2.18
|
||||
pydot==1.2.4
|
||||
pyflakes==1.0.0
|
||||
|
@ -166,7 +166,7 @@ urllib3==1.22
|
|||
vine==1.1.4
|
||||
voluptuous==0.11.1
|
||||
waitress==1.1.0
|
||||
warlock==1.3.0
|
||||
warlock==1.3.1
|
||||
WebOb==1.7.1
|
||||
WebTest==2.0.29
|
||||
Werkzeug==0.14.1
|
||||
|
|
|
@ -25,7 +25,7 @@ oslo.messaging>=6.3.0 # Apache-2.0
|
|||
oslo.middleware>=3.31.0 # Apache-2.0
|
||||
oslo.policy>=1.30.0 # Apache-2.0
|
||||
oslo.reports>=1.18.0 # Apache-2.0
|
||||
oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
|
||||
oslo.serialization>=2.28.1 # Apache-2.0
|
||||
oslo.upgradecheck>=0.1.0 # Apache-2.0
|
||||
oslo.utils>=3.33.0 # Apache-2.0
|
||||
pyasn1!=0.2.3,>=0.1.8 # BSD
|
||||
|
@ -38,7 +38,8 @@ pyOpenSSL>=17.1.0 # Apache-2.0
|
|||
WSME>=0.8.0 # MIT
|
||||
Jinja2>=2.10 # BSD License (3 clause)
|
||||
taskflow>=2.16.0 # Apache-2.0
|
||||
diskimage-builder!=1.6.0,!=1.7.0,!=1.7.1,>=1.1.2 # Apache-2.0
|
||||
diskimage-builder!=1.6.0,!=1.7.0,!=1.7.1,>=1.1.2,<3.0.0;python_version=='2.7' # Apache-2.0
|
||||
diskimage-builder!=1.6.0,!=1.7.0,!=1.7.1,>=1.1.2;python_version>='3.0' # Apache-2.0
|
||||
futures>=3.0.0;python_version=='2.7' or python_version=='2.6' # BSD
|
||||
castellan>=0.16.0 # Apache-2.0
|
||||
tenacity>=4.9.0 # Apache-2.0
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# The order of packages is significant, because pip processes them in the order
|
||||
# of appearance. Changing the order has an impact on the overall integration
|
||||
# process, which may cause wedges in the gate later.
|
||||
hacking!=0.13.0,<0.14,>=0.12.0,<2 # Apache-2.0
|
||||
hacking>=1.1.0,<1.2.0 # Apache-2.0
|
||||
requests-mock>=1.2.0 # Apache-2.0
|
||||
coverage!=4.4,>=4.0 # Apache-2.0
|
||||
flake8-import-order==0.12 # LGPLv3
|
||||
|
@ -14,7 +14,7 @@ testtools>=2.2.0 # MIT
|
|||
testresources>=2.0.0 # Apache-2.0/BSD
|
||||
testscenarios>=0.4 # Apache-2.0/BSD
|
||||
doc8>=0.6.0 # Apache-2.0
|
||||
bandit>=1.1.0 # Apache-2.0
|
||||
bandit>=1.1.0,<1.6.0 # Apache-2.0
|
||||
tempest>=17.1.0 # Apache-2.0
|
||||
# Required for pep8 - doc8 tests
|
||||
sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
|
||||
|
|
4
tox.ini
4
tox.ini
|
@ -78,7 +78,7 @@ commands = flake8
|
|||
doc/source octavia CONSTITUTION.rst HACKING.rst README.rst \
|
||||
TESTING.rst
|
||||
# Run security linter
|
||||
bandit -r octavia -ll -ii -x 'octavia/tests/*'
|
||||
{[testenv:bandit]commands}
|
||||
# Make sure specs follow our template
|
||||
find . -type f -name "*.pyc" -delete
|
||||
python -m unittest specs-tests.test_titles
|
||||
|
@ -137,7 +137,7 @@ commands =
|
|||
|
||||
[testenv:bandit]
|
||||
basepython = python3
|
||||
commands = bandit -r octavia -ll -ii -x octavia/tests {posargs}
|
||||
commands = bandit -r octavia -ll -ii -x tests
|
||||
|
||||
[flake8]
|
||||
ignore = H104
|
||||
|
|
Loading…
Reference in New Issue