pre-commit: Resolve dependency conflicts

hacking 3.1.0 depended on 'flake8<3.8.0,>=3.6.0', while we were specifying flake 3.8.3. This resulted in an error when using the dependency resolver introduced in pip 20.3. Resolve this by bumping to hacking 3.2.0. We also remove bandit and pre-commit from test-requirements, since these are linters which are not managed by upper-constraints and are not necessary to run tests. oslo.context is also specified in both requirements.txt and test-requirements.txt, so we remove it from the latter. Change-Id: I829870c327b73b583877b9b969ee38f0bcaa1495 Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
2021-01-08 10:45:10 +00:00 · 2021-01-08 10:45:10 +00:00 · e103baa002
commit e103baa002
parent 0a228dea2e
4 changed files with 9 additions and 13 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,9 +1,9 @@
+---
 # We from the Oslo project decided to pin repos based on the
 # commit hash instead of the version tag to prevend arbitrary
 # code from running in developer's machines.  To update to a
 # newer version, run `pre-commit autoupdate` and then replace
 # the newer versions with their commit hash.
-
 default_language_version:
  python: python3

@ -28,8 +28,8 @@ repos:
      - id: check-yaml
        files: .*\.(yaml|yml)$
  - repo: https://gitlab.com/pycqa/flake8
-    rev: 181bb46098dddf7e2d45319ea654b4b4d58c2840 # 3.8.3
+    rev: 181bb46098dddf7e2d45319ea654b4b4d58c2840  # 3.8.3
    hooks:
      - id: flake8
        additional_dependencies:
-          - hacking>=3.0.1,<3.1.0
+          - hacking>=3.2.0,<3.3.0
--- a/lower-constraints.txt
+++ b/lower-constraints.txt
@ -4,7 +4,7 @@ Babel==2.3.4
 bandit==1.4.0
 coverage==4.0
 debtcollector==1.2.0
-docutils==0.11
+docutils==0.12
 dulwich==0.15.0
 extras==1.0.0
 fixtures==3.0.0
@ -38,6 +38,7 @@ requests==2.14.2
 requests-mock==1.2.0
 requestsexceptions==1.2.0
 rfc3986==0.3.1
+Sphinx==2.0.0
 stestr==2.0.0
 smmap==0.9.0
 snowballstemmer==1.2.1
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -1,16 +1,11 @@
 # The order of packages is significant, because pip processes them in the order
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
-hacking>=3.0.1,<3.1.0 # Apache-2.0
+
 oslotest>=3.2.0 # Apache-2.0
 requests-mock>=1.2.0 # Apache-2.0
 stestr>=2.0.0 # Apache-2.0
-oslo.context>=2.22.0 # Apache-2.0
+sphinx>=2.0.0,!=2.1.0 # BSD

 # computes code coverage percentages
 coverage!=4.4,>=4.0 # Apache-2.0
-
-# Bandit security code scanner
-bandit>=1.6.0,<1.7.0 # Apache-2.0
-
-pre-commit>=2.6.0 # MIT
--- a/tox.ini
+++ b/tox.ini
@ -14,7 +14,8 @@ commands = stestr run --slowest {posargs}

 [testenv:pep8]
 deps =
-  -r{toxinidir}/test-requirements.txt
+  pre-commit>=2.6.0 # MIT
+  bandit>=1.6.0,<1.7.0 # Apache-2.0
 commands =
  pre-commit run -a
  # Run security linter
@ -66,4 +67,3 @@ deps =
  -c{toxinidir}/lower-constraints.txt
  -r{toxinidir}/test-requirements.txt
  -r{toxinidir}/requirements.txt
-  -r{toxinidir}/doc/requirements.txt