From 925bb81c7f79f71050461e06b8cd3d9f0eb47042 Mon Sep 17 00:00:00 2001
From: Ben Nemec <bnemec@redhat.com>
Date: Mon, 13 May 2019 20:09:00 +0000
Subject: Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.

Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.

Change-Id: If86c82e0f4a519baca664af79352846c4af9a01c
Reference: https://github.com/PyCQA/bandit/pull/489
---
 test-requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test-requirements.txt')

diff --git a/test-requirements.txt b/test-requirements.txt
index 27a9e3f..26e7f56 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -12,7 +12,7 @@ oslo.context>=2.19.2 # Apache-2.0
 stestr>=2.0.0 # Apache-2.0
 testtools>=2.2.0 # MIT
 os-testr>=1.0.0 # Apache-2.0
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0
 pifpaf>=0.10.0 # Apache-2.0
 PyMySQL>=0.7.6 # MIT License
 psycopg2>=2.7.0 # LGPL/ZPL
-- 
cgit v1.2.1