8e527de430
Because XML handling modules in xml Python standard library are vulnerable[1], we should use defusedxml[2] for parsing XML. [1] https://docs.python.org/3/library/xml.html#xml-vulnerabilities [2] https://pypi.org/project/defusedxml/ Change-Id: I8ff057ee64c04c4cd5c92abf3e31b52c6225ed76
13 lines
470 B
Plaintext
13 lines
470 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
pbr!=2.1.0,>=2.0.0 # Apache-2.0
|
|
Babel!=2.4.0,>=2.3.4 # BSD
|
|
pyghmi>=1.0.24 # Apache-2.0
|
|
pysnmp>=4.2.3 # BSD
|
|
requests>=2.14.2 # Apache-2.0
|
|
defusedxml>=0.7.0 # PSF
|
|
six>=1.10.0 # MIT
|
|
oslo.utils>=3.33.0 # Apache-2.0
|
|
oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
|