016904f816
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Ib7f8df3fc5b83520b179d0a260c54e015c042b17 Reference: https://github.com/PyCQA/bandit/pull/489
13 lines
434 B
Plaintext
13 lines
434 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
|
|
fixtures>=3.0.0 # Apache-2.0/BSD
|
|
hacking>=1.1.0,<1.2.0 # Apache-2.0
|
|
oslotest>=3.2.0 # Apache-2.0
|
|
coverage!=4.4,>=4.0 # Apache-2.0
|
|
stestr>=2.0.0 # Apache-2.0
|
|
|
|
# Bandit security code scanner
|
|
bandit>=1.1.0,<1.6.0 # Apache-2.0
|