[stable-only] Cap bandit to 1.6.2

The 1.6.3 [1] release has dropped support for py2 [2] but the release is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2 when using py2. sphinx requirement needed to be updated to make requirements-check job pass. [1] https://github.com/PyCQA/bandit/releases/tag/1.6.3 [2] https://github.com/PyCQA/bandit/pull/615 [3] https://github.com/PyCQA/bandit/issues/663 [4] https://github.com/PyCQA/bandit/issues/665 Change-Id: I4cdc6d038911283f3eeedbdf70fc6c24933f4d28
2021-02-26 22:00:04 +01:00 · 2021-02-26 22:00:04 +01:00 · cae223bb31
parent 8481ce6795
commit cae223bb31
1 changed files with 3 additions and 2 deletions
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -9,11 +9,12 @@ oslotest>=1.10.0 # Apache-2.0

 # These are needed for docs generation/testing
 openstackdocstheme>=1.16.0 # Apache-2.0
-sphinx>=1.6.2 # BSD
+sphinx>=1.6.2,!=1.6.6,<2.0.0;python_version=='2.7'  # BSD
+sphinx>=1.6.2,!=1.6.6;python_version>='3.4'  # BSD
 doc8 # Apache-2.0
 reno!=2.3.1,>=1.8.0 # Apache-2.0

 coverage!=4.4,>=4.0 # Apache-2.0

 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<=1.6.2 # Apache-2.0