3ed4676f93
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: I719a8cff50dcc0dea62db14edf7b9ab35b72facd Reference: https://github.com/PyCQA/bandit/pull/489
28 lines
798 B
Plaintext
28 lines
798 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
|
|
hacking>=1.1.0,<1.2.0 # Apache-2.0
|
|
|
|
eventlet>=0.18.2,!=0.18.3,!=0.20.1,!=0.21.0,!=0.23.0 # MIT
|
|
fixtures>=3.0.0 # Apache-2.0/BSD
|
|
testscenarios>=0.4 # Apache-2.0/BSD
|
|
testtools>=2.2.0 # MIT
|
|
oslotest>=3.2.0 # Apache-2.0
|
|
ddt>=1.0.1 # MIT
|
|
stestr>=2.0.0 # Apache-2.0
|
|
|
|
# when we can require tox>= 1.4, this can go into tox.ini:
|
|
# [testenv:cover]
|
|
# deps = {[testenv]deps} coverage
|
|
coverage!=4.4,>=4.0 # Apache-2.0
|
|
|
|
# mocking framework
|
|
mock>=2.0.0 # BSD
|
|
|
|
# used for oslotest cross-testing scripts
|
|
oslo.config>=5.2.0 # Apache-2.0
|
|
|
|
# Bandit security code scanner
|
|
bandit>=1.1.0,<1.6.0 # Apache-2.0
|