4f58211e7a
- Move from lxml lib direct usage to defusedxml lib [1] to fix B320 [2] [1] https://pypi.org/project/defusedxml/0.7.1/ [2] https://bandit.readthedocs.io/en/1.7.5/blacklists/blacklist_calls.html#b313-b320-xml Change-Id: Id1faa9227415884d15c737ace5a0e0e5de3afa81
21 lines
641 B
Plaintext
21 lines
641 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
|
|
# Hacking already pins down pep8, pyflakes and flake8
|
|
hacking>=3.0.1,<3.1.0 # Apache-2.0
|
|
|
|
fixtures>=3.0.0 # Apache-2.0/BSD
|
|
testtools>=2.2.0 # MIT
|
|
stestr>=2.0.0 # Apache-2.0
|
|
|
|
# when we can require tox>= 1.4, this can go into tox.ini:
|
|
# [testenv:cover]
|
|
# deps = {[testenv]deps} coverage
|
|
coverage!=4.4,>=4.0 # Apache-2.0
|
|
bandit>=1.7.0,<1.8.0 # Apache-2.0
|
|
ddt>=1.0.1 # MIT
|
|
oslo.context>=2.19.2 # Apache-2.0
|
|
|
|
pre-commit>=2.6.0 # MIT
|