From 232cb85cb9021f496e5edb5cf84f126b98554356 Mon Sep 17 00:00:00 2001 From: Tim Burke Date: Mon, 7 Dec 2020 14:31:42 -0800 Subject: [PATCH] Pin Bandit on py2 ...and, since the previous tag didn't have the Bandit pin, make the rolling upgrade job non-voting. We should plan on backporting this so we can check that upgrades from stable branches are still OK. See also: https://github.com/PyCQA/bandit/issues/654 Change-Id: If7f3ad8b275271d748426133232ed06c2a1cd1de --- .zuul.yaml | 1 + py2-constraints.txt | 3 +++ 2 files changed, 4 insertions(+) diff --git a/.zuul.yaml b/.zuul.yaml index dab976520e..243e55064e 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -548,6 +548,7 @@ - ^(api-ref|doc|releasenotes)/.*$ - ^test/probe/.*$ - ^(.gitreview|.mailmap|AUTHORS|CHANGELOG|.*\.rst)$ + voting: false - tempest-integrated-object-storage: irrelevant-files: - ^(api-ref|doc|releasenotes)/.*$ diff --git a/py2-constraints.txt b/py2-constraints.txt index 137dc9f8d4..694c9ce343 100644 --- a/py2-constraints.txt +++ b/py2-constraints.txt @@ -70,4 +70,7 @@ greenlet===0.4.15 oslo.utils===3.42.1 gitdb===0.6.4 gitdb2===2.0.6 + +# Projects that are known to have had a final py2-supporting release +bandit===1.6.2 python-keystoneclient===3.22.0