oslo.concurrency/test-requirements.txt
Ben Nemec fac974b1a0 Cap Bandit below 1.6.0 and update Sphinx requirement
Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.

Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.

Change-Id: Ib340f5822b124e78cd96ee12f9f033d5f313e238
Reference: https://github.com/PyCQA/bandit/pull/489
2019-05-13 17:41:41 +00:00

16 lines
544 B
Plaintext

# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
hacking>=1.1.0,<1.2.0 # Apache-2.0
oslotest>=3.2.0 # Apache-2.0
coverage!=4.4,>=4.0 # Apache-2.0
futures>=3.0.0;python_version=='2.7' or python_version=='2.6' # BSD
fixtures>=3.0.0 # Apache-2.0/BSD
stestr>=2.0.0 # Apache-2.0
eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
# Bandit security code scanner
bandit>=1.1.0,<1.6.0 # Apache-2.0