Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: I24a66b454a28d00f96867fa1b24dd408591b41be Reference: https://github.com/PyCQA/bandit/pull/489
2019-05-15 15:49:54 +00:00 · 2019-05-15 15:49:54 +00:00 · 5abc1e2bf2
commit 5abc1e2bf2
parent 40519d380f
1 changed files with 3 additions and 2 deletions
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -10,8 +10,9 @@ stestr>=2.0.0 # Apache-2.0

 # These are needed for docs generation
 openstackdocstheme>=1.18.1 # Apache-2.0
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
 reno>=2.5.0 # Apache-2.0

 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0