cap bandit in test-requirements.txt

bandit is a linter and is listed in the "blacklist" from the requirements repo, so it does not appear in the constraints lists. Project teams are expected to manage the verions(s) allowed on their own, to allow different teams to roll ahead to new versions as they can rather than having the entire community do it in lock-step. This change caps the version of bandit to the one available during the rocky development cycle to avoid introducing the new rules from newer releases into a stable branch. Change-Id: Ib6f1e8d19963a119ea6c8becbb29ed9a22af5ca8 Signed-off-by: Doug Hellmann <doug@doughellmann.com>
author: Doug Hellmann <doug@doughellmann.com> 2018-08-16 15:32:40 -0400
committer: Doug Hellmann <doug@doughellmann.com> 2018-08-16 15:34:14 -0400
commit: 732157259301667eb9432c092b48911a338c1fea (patch)
tree: 83c731545b5cbd13957bd89d976d6929395bdfa4
parent: 17cc1fae49fd5399e4f2d86404c97b1ddab1f784 (diff)
download: oslo-concurrency-732157259301667eb9432c092b48911a338c1fea.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/test-requirements.txt b/test-requirements.txt
index fb68ff2..94de582 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -17,4 +17,4 @@ reno>=2.5.0 # Apache-2.0
 eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
 
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.5.0 # Apache-2.0
author	Doug Hellmann <doug@doughellmann.com>	2018-08-16 15:32:40 -0400
committer	Doug Hellmann <doug@doughellmann.com>	2018-08-16 15:34:14 -0400
commit	732157259301667eb9432c092b48911a338c1fea (patch)
tree	83c731545b5cbd13957bd89d976d6929395bdfa4
parent	17cc1fae49fd5399e4f2d86404c97b1ddab1f784 (diff)
download	oslo-concurrency-732157259301667eb9432c092b48911a338c1fea.tar.gz