[stable-only] Cap bandit to 1.6.2

The 1.6.3 [1] release has dropped support for py2 [2] but the release is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2 when using py2. Sphinx requirements also fixed to make requirements-check job pass. [1] https://github.com/PyCQA/bandit/releases/tag/1.6.3 [2] PyCQA/bandit#615 [3] PyCQA/bandit#663 [4] PyCQA/bandit#665 Change-Id: I543337fc3d6b6815de9b0bffe10ba09cda6b1821
openstack · Mar 5, 2021 · 7ba241f · 7ba241f
1 parent fdb3209
commit 7ba241f
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/doc/requirements.txt b/doc/requirements.txt
@@ -3,7 +3,8 @@
 # process, which may cause wedges in the gate later.
 # These are needed for docs generation
 openstackdocstheme>=1.18.1 # Apache-2.0
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7'  # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4'  # BSD
 reno>=2.5.0 # Apache-2.0
 
 mock>=2.0.0 # BSD

diff --git a/test-requirements.txt b/test-requirements.txt
@@ -9,7 +9,8 @@ testrepository>=0.0.18 # Apache-2.0/BSD
 testtools>=2.2.0 # MIT
 
 # this is required for the docs build jobs
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7'  # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4'  # BSD
 openstackdocstheme>=1.18.1 # Apache-2.0
 oslotest>=3.2.0 # Apache-2.0
 
@@ -23,4 +24,5 @@ eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
 reno>=2.5.0 # Apache-2.0
 
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.3;python_version=='2.7' # Apache-2.0
+bandit>=1.1.0;python_version>='3.5' # Apache-2.0