From 6a4c7b57b8383bef4a02fb485e781c4cbb2a03d8 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Mon, 13 Mar 2023 16:46:53 +0900
Subject: stable-only: Pin bandit to 1.7.4

bandit 1.7.5 introduced the new lint rule with which current heat code
is not compliant. This pins bandit so that any new lint rule does not
affect pep8 job in stable branches.

Change-Id: Ie552e6398c10797e4df4afe757760c48ca7f80af
---
 test-requirements.txt | 2 +-
 tox.ini               | 6 ++----
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index bd3032139..62872ccaa 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -9,7 +9,7 @@ hacking>=3.0.1,<3.1.0 # Apache-2.0
 # care of pyflakes version compatibilty.
 pyflakes>=2.1.1
 
-bandit!=1.6.0,>=1.1.0 # Apache-2.0
+bandit!=1.6.0,>=1.1.0,<1.7.5 # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0
 fixtures>=3.0.0 # Apache-2.0/BSD
 kombu!=4.0.2,>=5.0.1 # BSD
diff --git a/tox.ini b/tox.ini
index b3785897d..12343295c 100644
--- a/tox.ini
+++ b/tox.ini
@@ -30,7 +30,6 @@ commands =
     # B104: Test for binding to all interfaces
     # B107: Test for use of hard-coded password argument defaults
     # B110: Try, Except, Pass detected.
-    # B113: Requests call without timeout
     # B310: Audit url open for permitted schemes
     # B311: Standard pseudo-random generators are not suitable for security/cryptographic purposes
     # B404: Import of subprocess module
@@ -39,7 +38,7 @@ commands =
     # B506: Test for use of yaml load
     # B603: Test for use of subprocess with shell equals true
     # B607: Test for starting a process with a partial path
-    bandit -r heat -x tests --skip B101,B104,B107,B110,B113,B310,B311,B404,B410,B504,B506,B603,B607
+    bandit -r heat -x tests --skip B101,B104,B107,B110,B310,B311,B404,B410,B504,B506,B603,B607
     doc8 {posargs}
 
 [testenv:venv]
@@ -101,7 +100,6 @@ deps =
 # B104: Test for binding to all interfaces
 # B107: Test for use of hard-coded password argument defaults
 # B110: Try, Except, Pass detected.
-# B113: Requests call without timeout
 # B310: Audit url open for permitted schemes
 # B311: Standard pseudo-random generators are not suitable for security/cryptographic purposes
 # B404: Import of subprocess module
@@ -110,7 +108,7 @@ deps =
 # B506: Test for use of yaml load
 # B603: Test for use of subprocess with shell equals true
 # B607: Test for starting a process with a partial path
-commands = bandit -r heat -x tests --skip B101,B104,B107,B110,B113,B310,B311,B404,B410,B504,B506,B603,B607
+commands = bandit -r heat -x tests --skip B101,B104,B107,B110,B310,B311,B404,B410,B504,B506,B603,B607
 
 [flake8]
 show-source = true
-- 
cgit v1.2.1