[stable-only] Cap bandit to 1.6.2

The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2 when using py2. This change also raises hacking to 1.1.0 in lower-constraints.txt This also means that flake8 is bumped to 2.6.0 [1] https://github.com/PyCQA/bandit/releases/tag/1.6.3 [2] PyCQA/bandit#615 Change-Id: Ib4ecaf8398a54543d2d9f452681ca46a056d8dc5
openstack · Feb 26, 2021 · 293306e · 293306e
1 parent 97f424d
commit 293306e
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/lower-constraints.txt b/lower-constraints.txt
@@ -7,14 +7,14 @@ debtcollector==1.2.0
 docutils==0.11
 extras==1.0.0
 fixtures==3.0.0
-flake8==2.5.5
+flake8==2.6.0
 funcsigs==1.0.0
 future==0.16.0
 gevent==1.2.2
 gitdb==0.6.4
 GitPython==1.0.1
 greenlet==0.4.10
-hacking==0.12.0
+hacking==1.1.0
 iso8601==0.1.11
 Jinja2==2.10
 jira==1.0.3

diff --git a/test-requirements.txt b/test-requirements.txt
@@ -3,7 +3,7 @@
 # process, which may cause wedges in the gate later.
 # Hacking already pins down pep8, pyflakes and flake8
 
-bandit!=1.6.0,>=1.1.0 # Apache-2.0
+bandit!=1.6.0,>=1.1.0,<=1.6.2 # Apache-2.0
 Babel!=2.4.0,>=2.3.4 # BSD
 hacking>=1.1.0,<1.2.0 # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0