Blacklist bandit 1.6.0 due to directory exclusion bug

Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. This commit also aligns Sphinx requirement with the requirements project [2]. This is required to pass requirements-check. The lower bound for sphinx was missing and requirements-check now requires it, so the lower bound sphinx >=1.6.2 was added. [0] https://github.com/PyCQA/bandit/issues/488 [1] https://github.com/PyCQA/bandit/pull/489 [2] https://review.opendev.org/#/c/657890/ Change-Id: I937cfa722f5234ca4d5506047001d9cb07728cd8
2019-05-28 11:49:52 +09:00 · 2019-05-28 11:49:52 +09:00 · e2ee92e2e1
commit e2ee92e2e1
parent 209e1801ac
2 changed files with 3 additions and 2 deletions
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@ -3,4 +3,5 @@
 # process, which may cause wedges in the gate later.
 openstackdocstheme>=1.18.1 # Apache-2.0
 reno>=2.5.0 # Apache-2.0
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7'  # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4'  # BSD
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -3,7 +3,7 @@
 # process, which may cause wedges in the gate later.
 hacking>=1.1.0 # Apache-2.0

-bandit>=1.1.0 # Apache-2.0
+bandit!=1.6.0,>=1.1.0 # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0
 fixtures>=3.0.0 # Apache-2.0/BSD
 flake8-import-order==0.12 # LGPLv3