[stable-only] Cap bandit to 1.6.2

The 1.6.3 [1] release has dropped support for py2 [2] but the release is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2 when using py2. sphinx requirement updated to make requirements-check job pass. [1] https://github.com/PyCQA/bandit/releases/tag/1.6.3 [2] PyCQA/bandit#615 [3] PyCQA/bandit#663 [4] PyCQA/bandit#665 Change-Id: I95461280d11b14199ba64a2da5709a1e2f4531df
openstack · Feb 26, 2021 · 65df9fc · 65df9fc
1 parent bfe7873
commit 65df9fc
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/test-requirements.txt b/test-requirements.txt
@@ -8,10 +8,11 @@ testrepository>=0.0.18 # Apache-2.0/BSD
 testtools>=1.4.0 # MIT
 
 openstackdocstheme>=1.11.0 # Apache-2.0
-sphinx>=1.6.2 # BSD
+sphinx>=1.6.2,!=1.6.6,<2.0.0;python_version=='2.7'  # BSD
+sphinx>=1.6.2,!=1.6.6;python_version>='3.4'  # BSD
 
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<=1.6.2 # Apache-2.0
 
 python-ceilometerclient>=2.5.0 # Apache-2.0
 pymongo>=3.0.2,!=3.1 # Apache-2.0