ee13e53614
- Apply a timeout to requests calls to avoid uncontrolled resource consumption (CWE-400) [1]. - Ignore CWE 377 [1] https://cwe.mitre.org/data/definitions/400.html [2] https://cwe.mitre.org/data/definitions/377.html Change-Id: Ic558ad392424a25b5fd9a10749163d8427159eda
33 lines
928 B
Plaintext
33 lines
928 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
|
|
# Hacking already pins down pep8, pyflakes and flake8
|
|
hacking>=3.0.1,<=4.1.0 # Apache-2.0
|
|
|
|
fixtures>=3.0.0 # Apache-2.0/BSD
|
|
stestr>=2.0.0 # Apache-2.0
|
|
pre-commit>=2.6.0 # MIT
|
|
testscenarios>=0.4 # Apache-2.0/BSD
|
|
testtools>=2.2.0 # MIT
|
|
oslotest>=3.2.0 # Apache-2.0
|
|
pifpaf>=2.2.0 # Apache-2.0
|
|
|
|
# for test_impl_kafka
|
|
confluent-kafka>=1.3.0 # Apache-2.0
|
|
|
|
# when we can require tox>= 1.4, this can go into tox.ini:
|
|
# [testenv:cover]
|
|
# deps = {[testenv]deps} coverage
|
|
coverage!=4.4,>=4.0 # Apache-2.0
|
|
|
|
# AMQP 1.0 support depends on the Qpid Proton AMQP 1.0
|
|
# development libraries.
|
|
pyngus>=2.2.0 # Apache-2.0
|
|
|
|
# Bandit security code scanner
|
|
bandit>=1.7.0,<1.8.0 # Apache-2.0
|
|
|
|
eventlet>=0.23.0 # MIT
|
|
greenlet>=0.4.15 # MIT
|