Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Ib7f8df3fc5b83520b179d0a260c54e015c042b17 Reference: https://github.com/PyCQA/bandit/pull/489
2019-05-13 18:02:21 +00:00 · 2019-05-13 18:02:21 +00:00 · 016904f816
parent e86ad44a50
commit 016904f816
2 changed files with 3 additions and 2 deletions
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@ -3,6 +3,7 @@
 # process, which may cause wedges in the gate later.
 # These are needed for docs generation
 openstackdocstheme>=1.18.1 # Apache-2.0
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
 reno>=2.5.0 # Apache-2.0
 fixtures>=3.0.0 # Apache-2.0/BSD
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -9,4 +9,4 @@ coverage!=4.4,>=4.0 # Apache-2.0
 stestr>=2.0.0 # Apache-2.0

 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0