add test for regression and fix directory exclusion without wildcards #489
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openstack-gerrit
pushed a commit
to openstack/python-openstackclient
that referenced
this pull request
May 10, 2019
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: I110829ef960e3ee146f47871ef076491244bf4fa Signed-off-by: Dean Troyer <dtroyer@gmail.com>
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 10, 2019
* Update python-openstackclient from branch 'master'
- Blacklist Bandit 1.6.0 due to directory exclusion bug
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix
is expected to be included in 1.6.1 soon.
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
Change-Id: I110829ef960e3ee146f47871ef076491244bf4fa
Signed-off-by: Dean Troyer <dtroyer@gmail.com>
|
I tested locally, and unfortunately this isn't restoring the exclude behavior that was available on 1.5.1. 1.5.1: 1.6.0+PR489 |
|
However, it I prepend |
|
Thanks for the review, when I get the chance I'll add more tests and fix for this. |
openstack-gerrit
pushed a commit
to openstack/neutron
that referenced
this pull request
May 10, 2019
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Id944054deedd545c34fc28ccf043dd72e5f31220
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 10, 2019
* Update neutron from branch 'master'
- Blacklist bandit 1.6.0 due to directory exclusion bug
Bandit 1.6.0 introduces a regression[0] with the -x option,
a fix is expected to be included in 1.6.1 soon.
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
Change-Id: Id944054deedd545c34fc28ccf043dd72e5f31220
openstack-gerrit
pushed a commit
to openstack/neutron-lib
that referenced
this pull request
May 10, 2019
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Id29f06b68a95f53ad62bdc597bbb0f12bc4d6a60
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 10, 2019
* Update neutron-lib from branch 'master'
- Blacklist bandit 1.6.0 due to directory exclusion bug
Bandit 1.6.0 introduces a regression[0] with the -x option,
a fix is expected to be included in 1.6.1 soon.
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
Change-Id: Id29f06b68a95f53ad62bdc597bbb0f12bc4d6a60
openstack-gerrit
pushed a commit
to openstack/keystone
that referenced
this pull request
May 11, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 11, 2019
* Update keystone from branch 'master'
- Blacklist bandit 1.6.0
There's a regression[0] in bandit 1.6.0 which causes bandit to stop
respecting excluded directories, and our tests throw a bunch of
violations. Blacklist this version, but allow newer versions as there is
already a pull request[1] to fix it, and I expect it will be included in
the next release.
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2
openstack-gerrit
pushed a commit
to openstack/keystone
that referenced
this pull request
May 13, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2 (cherry picked from commit ebac833)
openstack-gerrit
pushed a commit
to openstack/oslo.policy
that referenced
this pull request
May 14, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Idead9b4198c6b05d72bae60dee06e5aebc223822 Reference: PyCQA/bandit#489
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 14, 2019
* Update oslo.policy from branch 'master'
- Cap Bandit below 1.6.0 and update Sphinx requirement
Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.
Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.
Change-Id: Idead9b4198c6b05d72bae60dee06e5aebc223822
Reference: PyCQA/bandit#489
openstack-gerrit
pushed a commit
to openstack/keystone
that referenced
this pull request
May 14, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2 (cherry picked from commit ebac833)
openstack-gerrit
pushed a commit
to openstack/keystone
that referenced
this pull request
May 14, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2 (cherry picked from commit ebac833)
openstack-gerrit
pushed a commit
to openstack/keystone
that referenced
this pull request
May 14, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2 (cherry picked from commit ebac833)
openstack-gerrit
pushed a commit
to openstack/oslo.cache
that referenced
this pull request
May 14, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: I4ee88377e7123c165434765a73f27cabec8c8177 Reference: PyCQA/bandit#489
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 14, 2019
* Update oslo.cache from branch 'master'
- Cap Bandit below 1.6.0 and update Sphinx requirement
Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.
Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.
Change-Id: I4ee88377e7123c165434765a73f27cabec8c8177
Reference: PyCQA/bandit#489
openstack-gerrit
pushed a commit
to openstack/keystone
that referenced
this pull request
May 14, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ie4dbfb3f54e4aac00e0537d5760b7a8fc81b35a2 (cherry picked from commit ebac833)
|
@ericwb This PR is ready for a re-review |
ericwb
requested changes
May 14, 2019
There was a problem hiding this comment.
Sorry, this change still isn't excluding files that Bandit would have exclude in 1.5.1. I ran your patch again and got this result:
browne-a02:workspace browne$ bandit/.tox/py36/bin/bandit -r column/ -x tests
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.6.7
Run started:2019-05-14 17:59:55.499331
Test results:
No issues identified.
Code scanned:
Total lines of code: 1395
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
In 1.5.1, the total scanned lines comes out to 1100 instead of 1395.
bandit/core/manager.py
Outdated
| @@ -363,7 +366,8 @@ def _is_file_included(path, included_globs, excluded_path_strings, | |||
| # if this is matches a glob of files we look at, and it isn't in an | |||
| # excluded path | |||
| if _matches_glob_list(path, included_globs) or not enforce_glob: | |||
| if not _matches_glob_list(path, excluded_path_strings): | |||
| if not _matches_glob_list(path, excluded_path_strings) and \ | |||
There was a problem hiding this comment.
Nit: It's preferable to use ( ) instead of \
openstack-gerrit
pushed a commit
to openstack/oslo.db
that referenced
this pull request
May 14, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: If86c82e0f4a519baca664af79352846c4af9a01c Reference: PyCQA/bandit#489
openstack-gerrit
pushed a commit
to openstack-archive/networking-ovn
that referenced
this pull request
May 20, 2019
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 This also reverts 7a1de10 which changed tox.ini to use the incorrect argument. Change-Id: Ifc2cc9c15ccc93ce947f8bfefce83d58fd06f5a1
openstack-gerrit
pushed a commit
to openstack/magnum
that referenced
this pull request
May 21, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. Also fix the requirements job which was broken by https://review.opendev.org/657890 adding a cap on Sphinx on Python 2. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Co-Authored-By: Jake Yip <jake.yip@unimelb.edu.au> Task: 33401 Story: 2005740 Change-Id: I34dc36c5236debc42424073af2c2d2104e18179a
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 21, 2019
* Update magnum from branch 'master'
- Blacklist bandit 1.6.0 and cap Sphinx on Python2
There's a regression[0] in bandit 1.6.0 which causes bandit to stop
respecting excluded directories, and our tests throw a bunch of
violations. Blacklist this version, but allow newer versions as there is
already a pull request[1] to fix it, and I expect it will be included in
the next release.
Also fix the requirements job which was broken by
https://review.opendev.org/657890 adding a cap on Sphinx on Python 2.
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
Co-Authored-By: Jake Yip <jake.yip@unimelb.edu.au>
Task: 33401
Story: 2005740
Change-Id: I34dc36c5236debc42424073af2c2d2104e18179a
openstack-gerrit
pushed a commit
to openstack/oslo.cache
that referenced
this pull request
May 21, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: I4ee88377e7123c165434765a73f27cabec8c8177 Reference: PyCQA/bandit#489 (cherry picked from commit 3e06753)
|
@mattjegan Sorry for my late reply. It does look like you're testing the same way as me. Let me retry again. |
ericwb
reviewed
May 22, 2019
bandit/core/manager.py
Outdated
| @@ -363,7 +366,8 @@ def _is_file_included(path, included_globs, excluded_path_strings, | |||
| # if this is matches a glob of files we look at, and it isn't in an | |||
| # excluded path | |||
| if _matches_glob_list(path, included_globs) or not enforce_glob: | |||
| if not _matches_glob_list(path, excluded_path_strings): | |||
| if (not _matches_glob_list(path, excluded_path_strings) | |||
| and not any(x in path for x in excluded_path_strings)): | |||
There was a problem hiding this comment.
Can you please move the and up on the previous line? This gets flagged as pep8 W503 in my IDE (yeah, we should probably be checking in pep8 in tox.ini)
|
I tried this again, in Linux env instead of Mac and it checks out. |
openstack-gerrit
pushed a commit
to openstack/python-neutronclient
that referenced
this pull request
May 28, 2019
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. This commit also aligns Sphinx requirement with the requirements project [2]. This is required to pass requirements-check. The lower bound for sphinx was missing and requirements-check now requires it, so the lower bound sphinx >=1.6.2 was added. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 [2] https://review.opendev.org/#/c/657890/ Change-Id: I937cfa722f5234ca4d5506047001d9cb07728cd8
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
May 28, 2019
* Update python-neutronclient from branch 'master'
- Blacklist bandit 1.6.0 due to directory exclusion bug
Bandit 1.6.0 introduces a regression[0] with the -x option,
a fix is expected to be included in 1.6.1 soon.
This commit also aligns Sphinx requirement with the requirements
project [2]. This is required to pass requirements-check.
The lower bound for sphinx was missing and requirements-check
now requires it, so the lower bound sphinx >=1.6.2 was added.
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
[2] https://review.opendev.org/#/c/657890/
Change-Id: I937cfa722f5234ca4d5506047001d9cb07728cd8
nectar-gerrit
pushed a commit
to NeCTAR-RC/magnum
that referenced
this pull request
May 29, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. Also fix the requirements job which was broken by https://review.opendev.org/657890 adding a cap on Sphinx on Python 2. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: I34dc36c5236debc42424073af2c2d2104e18179a
openstack-gerrit
pushed a commit
to openstack/oslo.cache
that referenced
this pull request
May 29, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: I4ee88377e7123c165434765a73f27cabec8c8177 Reference: PyCQA/bandit#489 (cherry picked from commit 03f1840)
openstack-gerrit
pushed a commit
to openstack/heat
that referenced
this pull request
May 30, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. Also fix the requirements job which was broken by https://review.opendev.org/657890 adding a cap on Sphinx on Python 2. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ieabcd4e8c5e5354125a63e89b9b60931c760858a (cherry picked from commit 011fa22)
openstack-gerrit
pushed a commit
to openstack/magnum
that referenced
this pull request
Jun 4, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. Also fix the requirements job which was broken by https://review.opendev.org/657890 adding a cap on Sphinx on Python 2. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Co-Authored-By: Jake Yip <jake.yip@unimelb.edu.au> Task: 33401 Story: 2005740 Change-Id: I34dc36c5236debc42424073af2c2d2104e18179a (cherry picked from commit 913636b)
openstack-gerrit
pushed a commit
to openstack/heat
that referenced
this pull request
Jun 5, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. Ignore the bandit check B413, which was added in bandit 1.5.0 and prevents importing PyCrypto. PyCrypto wasn't removed from Heat until Queens. Also fix the requirements job which was broken by https://review.opendev.org/657890 adding a cap on Sphinx on Python 2. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: Ieabcd4e8c5e5354125a63e89b9b60931c760858a Co-Authored-By: Zane Bitter <zbitter@redhat.com> Depends-On: https://review.opendev.org/662335 (cherry picked from commit 011fa22)
openstack-gerrit
pushed a commit
to openstack/kolla
that referenced
this pull request
Jun 6, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Change-Id: I4429614a57fb512fe2bfdf0686c3eff0adc2a2f4
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
Jun 6, 2019
* Update kolla from branch 'master'
- Merge "Blacklist bandit 1.6.0"
- Blacklist bandit 1.6.0
There's a regression[0] in bandit 1.6.0 which causes bandit to stop
respecting excluded directories, and our tests throw a bunch of
violations. Blacklist this version, but allow newer versions as there is
already a pull request[1] to fix it, and I expect it will be included in
the next release.
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
Change-Id: I4429614a57fb512fe2bfdf0686c3eff0adc2a2f4
|
An ever-increasing number of projects are needing to add and backport 1.6.0 exclusions until this fix appears in a new release. Any chance of tagging something along the lines of a 1.6.1 hotfix release in the near future? |
openstack-gerrit
pushed a commit
to openstack/magnum
that referenced
this pull request
Jun 12, 2019
There's a regression[0] in bandit 1.6.0 which causes bandit to stop respecting excluded directories, and our tests throw a bunch of violations. Blacklist this version, but allow newer versions as there is already a pull request[1] to fix it, and I expect it will be included in the next release. Also fix the requirements job which was broken by https://review.opendev.org/657890 adding a cap on Sphinx on Python 2. [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 Co-Authored-By: Jake Yip <jake.yip@unimelb.edu.au> Task: 33401 Story: 2005740 Change-Id: I34dc36c5236debc42424073af2c2d2104e18179a (cherry picked from commit 913636b) (cherry picked from commit eec7184)
openstack-gerrit
pushed a commit
to openstack/networking-odl
that referenced
this pull request
Jul 1, 2019
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. (Original commit is based on Id944054deedd545c34fc28ccf043dd72e5f31220) neutron-lbaas is retired [2], so networking-odl dependencies must be removed. Trunk constants were moved to neutron-lib from neutron with [3] from 1.25.0, and were removed from neutron with [4], thus lower-constraints must point to at least 1.25.0. To pass the gate fix sphinx requirements for python>3.4 (Original Change-Id: I6e709385fefe12123ecab150237956297cc7e09f) [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 [2] http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006158.html [3] https://review.opendev.org/636989 [4] https://review.opendev.org/649672 Change-Id: I698caa93a188f7be206c18d79152dd81eb4029d3
openstack-gerrit
pushed a commit
to openstack/openstack
that referenced
this pull request
Jul 1, 2019
* Update networking-odl from branch 'master'
- Blacklist bandit, bump neutron-lib and retire neutron-lbaas
Bandit 1.6.0 introduces a regression[0] with the -x option,
a fix is expected to be included in 1.6.1 soon. (Original commit is
based on Id944054deedd545c34fc28ccf043dd72e5f31220)
neutron-lbaas is retired [2], so networking-odl dependencies must be
removed.
Trunk constants were moved to neutron-lib from neutron with [3] from
1.25.0, and were removed from neutron with [4], thus lower-constraints
must point to at least 1.25.0.
To pass the gate fix sphinx requirements for python>3.4
(Original Change-Id: I6e709385fefe12123ecab150237956297cc7e09f)
[0] PyCQA/bandit#488
[1] PyCQA/bandit#489
[2] http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006158.html
[3] https://review.opendev.org/636989
[4] https://review.opendev.org/649672
Change-Id: I698caa93a188f7be206c18d79152dd81eb4029d3
openstack-gerrit
pushed a commit
to openstack/oslo.context
that referenced
this pull request
Sep 17, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Ib7f8df3fc5b83520b179d0a260c54e015c042b17 Reference: PyCQA/bandit#489 (cherry picked from commit 016904f) (cherry picked from commit 85df332)
openstack-gerrit
pushed a commit
to openstack/oslo.context
that referenced
this pull request
Sep 17, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Ib7f8df3fc5b83520b179d0a260c54e015c042b17 Reference: PyCQA/bandit#489 (cherry picked from commit 016904f)
openstack-gerrit
pushed a commit
to openstack/oslo.policy
that referenced
this pull request
Sep 24, 2019
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Idead9b4198c6b05d72bae60dee06e5aebc223822 Reference: PyCQA/bandit#489 (cherry picked from commit 1d7ca8a)
openstack-mirroring
pushed a commit
to openstack/oslo.cache
that referenced
this pull request
Feb 3, 2021
Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.
Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.
Conflicts:
doc/requirements.txt
test-requirements.txt
Change-Id: I4ee88377e7123c165434765a73f27cabec8c8177
Reference: PyCQA/bandit#489
(cherry picked from commit 03f1840)
(cherry picked from commit 7704635)
openstack-mirroring
pushed a commit
to openstack/oslo.policy
that referenced
this pull request
Mar 22, 2021
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Idead9b4198c6b05d72bae60dee06e5aebc223822 Reference: PyCQA/bandit#489 (cherry picked from commit 1d7ca8a) (cherry picked from commit 3a22403)
openstack-mirroring
pushed a commit
to openstack/castellan
that referenced
this pull request
Mar 22, 2021
Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Note(elod.illes): lower constraint of 'requests' needed to be upgraded to make lower-constraints job pass, which involves a lower version of idna as it is upper constrained in that version of requests. Change-Id: I659571d084247a6a180d5b665921791d3647038f Reference: PyCQA/bandit#489 (cherry picked from commit 3e5a18c)
openstack-mirroring
pushed a commit
to openstack/networking-odl
that referenced
this pull request
Nov 22, 2021
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. (Original commit is based on Id944054deedd545c34fc28ccf043dd72e5f31220) neutron-lbaas is retired [2], so networking-odl dependencies must be removed. Trunk constants were moved to neutron-lib from neutron with [3] from 1.25.0, and were removed from neutron with [4], thus lower-constraints must point to at least 1.25.0. To pass the gate fix sphinx requirements for python>3.4 (Original Change-Id: I6e709385fefe12123ecab150237956297cc7e09f) Conflicts: .zuul.d/project.yaml doc/requirements.txt lower-constraints.txt networking_odl/tests/unit/journal/test_full_sync.py requirements.txt test-requirements.txt [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 [2] http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006158.html [3] https://review.opendev.org/636989 [4] https://review.opendev.org/649672 Change-Id: I698caa93a188f7be206c18d79152dd81eb4029d3
openstack-mirroring
pushed a commit
to openstack/networking-odl
that referenced
this pull request
Jan 3, 2022
Bandit 1.6.0 introduces a regression[0] with the -x option, a fix is expected to be included in 1.6.1 soon. (Original commit is based on Id944054deedd545c34fc28ccf043dd72e5f31220) neutron-lbaas is retired [2], so networking-odl dependencies must be removed. Trunk constants were moved to neutron-lib from neutron with [3] from 1.25.0, and were removed from neutron with [4], thus lower-constraints must point to at least 1.25.0. To pass the gate fix sphinx requirements for python>3.4 (Original Change-Id: I6e709385fefe12123ecab150237956297cc7e09f) Conflicts: .zuul.d/project.yaml .zuul.d/jobs.yaml doc/requirements.txt requirements.txt [0] PyCQA/bandit#488 [1] PyCQA/bandit#489 [2] http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006158.html [3] https://review.opendev.org/636989 [4] https://review.opendev.org/649672 Change-Id: I698caa93a188f7be206c18d79152dd81eb4029d3
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #488
I've added a test to make sure that both wildcard directory exclusion and the
1.5.1version of directory exclusion work.