diff options
| author | Elod Illes <elod.illes@est.tech> | 2021-01-15 19:32:16 +0100 |
|---|---|---|
| committer | Elod Illes <elod.illes@est.tech> | 2021-01-15 23:05:33 +0100 |
| commit | 86544150913bcd819b4ee8d77e83d2566142fb41 (patch) | |
| tree | 9f7e8e60a696970fbccac3c8d5de01856ea07102 | |
| parent | 6307c84e83530ab27124ab9e6a8117ee44069614 (diff) | |
| download | designate-86544150913bcd819b4ee8d77e83d2566142fb41.tar.gz | |
[stable-only] Cap bandit and fix lowwer-constraints
bandit 1.6.3 [1] release has dropped support for py2 [2] but the
release is faulty and pip still picks it up for py2 [3][4], so cap to
1.6.2 when using py2.
With the new pip dependency resolver (introduced in pip 20.3) the
lower-constraints job started to fail. Problem is here with the
'install_command' in tox.ini, which uses both the upper- and lower-
constraints files, causing the job to fail. This patch adds separate
install_command without the upper constraints, so that only the
lower-constraints.txt is used.
[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] https://github.com/PyCQA/bandit/pull/615
[3] https://github.com/PyCQA/bandit/issues/663
[4] https://github.com/PyCQA/bandit/issues/665
Change-Id: If8738f5005e60cf46ed93edbefa272bc2611b53f
| -rw-r--r-- | doc/requirements.txt | 3 | ||||
| -rw-r--r-- | requirements.txt | 3 | ||||
| -rw-r--r-- | test-requirements.txt | 3 | ||||
| -rw-r--r-- | tox.ini | 1 |
4 files changed, 7 insertions, 3 deletions
diff --git a/doc/requirements.txt b/doc/requirements.txt index 3ea5ffef..b4932834 100644 --- a/doc/requirements.txt +++ b/doc/requirements.txt @@ -1,7 +1,8 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD +sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD +sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD sphinxcontrib-httpdomain>=1.3.0 # BSD sphinxcontrib-blockdiag>=1.5.4 # BSD reno>=2.5.0 # Apache-2.0 diff --git a/requirements.txt b/requirements.txt index 0afcc00f..00472390 100644 --- a/requirements.txt +++ b/requirements.txt @@ -44,7 +44,8 @@ oslo.i18n>=3.15.3 # Apache-2.0 oslo.context>=2.19.2 # Apache-2.0 oslo.policy>=1.30.0 # Apache-2.0 Werkzeug>=0.9 # BSD License -python-memcached>=1.56 # PSF +python-memcached>=1.56;python_version=='2.7' # PSF +python-memcached>=1.56;python_version>='3.4' # PSF tooz>=1.58.0 # Apache-2.0 debtcollector>=1.2.0 # Apache-2.0 os-win>=3.0.0 # Apache-2.0 diff --git a/test-requirements.txt b/test-requirements.txt index 237bfa3a..94f05450 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -15,7 +15,8 @@ testscenarios>=0.4 # Apache-2.0/BSD WebTest>=2.0.27 # MIT tempest>=17.1.0 # Apache-2.0 # Bandit security code scanner -bandit>=1.1.0 # Apache-2.0 +bandit>=1.1.0,<1.6.3;python_version=='2.7' # Apache-2.0 +bandit>=1.1.0;python_version>='3.5' # Apache-2.0 zake>=0.1.6 # Apache-2.0 doc8>=0.6.0 # Apache-2.0 Pygments>=2.2.0 # BSD license @@ -190,6 +190,7 @@ import_exceptions = designate.i18n [testenv:lower-constraints] basepython = python3 +install_command = pip install {opts} {packages} deps = -c{toxinidir}/lower-constraints.txt -r{toxinidir}/test-requirements.txt |