Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: I4ee88377e7123c165434765a73f27cabec8c8177 Reference: https://github.com/PyCQA/bandit/pull/489
2019-05-13 17:55:09 +00:00 · 2019-05-13 17:55:09 +00:00 · 3e06753078
parent fcce95b66f
commit 3e06753078
2 changed files with 3 additions and 2 deletions
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@ -4,7 +4,8 @@

 # For generating sphinx documentation
 openstackdocstheme>=1.18.1 # Apache-2.0
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
 reno>=2.5.0 # Apache-2.0
 sphinxcontrib-apidoc>=0.2.0  # BSD

--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -6,7 +6,7 @@ mock>=2.0.0 # BSD
 oslotest>=3.2.0 # Apache-2.0
 pifpaf>=0.10.0 # Apache-2.0
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0
 stestr>=2.0.0 # Apache-2.0
 python-memcached>=1.56 # PSF
 pymongo!=3.1,>=3.0.2 # Apache-2.0