Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Ib8da5b64084d5c9b7b7d896d6b7bb7844c0b9e90 Reference: https://github.com/PyCQA/bandit/pull/489
author: Ben Nemec <bnemec@redhat.com> 2019-05-13 18:00:50 +0000
committer: Ben Nemec <bnemec@redhat.com> 2019-05-13 19:58:03 +0000
commit: a6313baf656cc7dc96783489613027c9f6c1958a (patch)
tree: e700da0badf7bc744622d25394760f8fb5d03bda /test-requirements.txt
parent: 053243445c42a0b8c28295cb80b6c4886208aa07 (diff)
download: oslo-config-a6313baf656cc7dc96783489613027c9f6c1958a.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/test-requirements.txt b/test-requirements.txt
index ffbe9cc..dab06dd 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -20,13 +20,14 @@ oslo.log>=3.36.0  # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0
 
 # this is required for the sphinx extension
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
 
 # mocking framework
 mock>=2.0.0 # BSD
 requests_mock>=1.5.0 # Apache-2.0
 
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0
 
 reno>=2.5.0 # Apache-2.0
author	Ben Nemec <bnemec@redhat.com>	2019-05-13 18:00:50 +0000
committer	Ben Nemec <bnemec@redhat.com>	2019-05-13 19:58:03 +0000
commit	a6313baf656cc7dc96783489613027c9f6c1958a (patch)
tree	e700da0badf7bc744622d25394760f8fb5d03bda /test-requirements.txt
parent	053243445c42a0b8c28295cb80b6c4886208aa07 (diff)
download	oslo-config-a6313baf656cc7dc96783489613027c9f6c1958a.tar.gz