diff --git a/requirements.txt b/requirements.txt
index 5e6dee0cd..6b1c32f2f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,11 +1,11 @@
 # The order of packages is significant, because pip processes them in the order
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
-pbr>=1.6
-PrettyTable<0.8,>=0.7
-python-keystoneclient!=1.8.0,>=1.6.0
-requests!=2.9.0,>=2.8.1
-simplejson>=2.2.0
-Babel>=1.3
-six>=1.9.0
-oslo.utils>=3.2.0 # Apache-2.0
+pbr>=1.6 # Apache-2.0
+PrettyTable<0.8,>=0.7 # BSD
+python-keystoneclient!=1.8.0,!=2.1.0,>=1.6.0 # Apache-2.0
+requests!=2.9.0,>=2.8.1 # Apache-2.0
+simplejson>=2.2.0 # MIT
+Babel>=1.3 # BSD
+six>=1.9.0 # MIT
+oslo.utils>=3.4.0 # Apache-2.0
diff --git a/test-requirements.txt b/test-requirements.txt
index 767fbcb79..2ed1556c1 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -3,15 +3,15 @@
 # process, which may cause wedges in the gate later.
 # Hacking already pins down pep8, pyflakes and flake8
 hacking<0.11,>=0.10.0
-coverage>=3.6
-discover
-fixtures>=1.3.1
-mock>=1.2
+coverage>=3.6 # Apache-2.0
+discover # BSD
+fixtures>=1.3.1 # Apache-2.0/BSD
+mock>=1.2 # BSD
 oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0
-python-subunit>=0.0.18
+python-subunit>=0.0.18 # Apache-2.0/BSD
 reno>=0.1.1 # Apache2
 requests-mock>=0.7.0 # Apache-2.0
-sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2
-tempest-lib>=0.12.0
-testtools>=1.4.0
-testrepository>=0.0.18
+sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 # BSD
+tempest-lib>=0.14.0 # Apache-2.0
+testtools>=1.4.0 # MIT
+testrepository>=0.0.18 # Apache-2.0/BSD