From 26621ecfc60fd624a93eb19c2c6d3e378266901e Mon Sep 17 00:00:00 2001
From: Elod Illes <elod.illes@est.tech>
Date: Fri, 26 Feb 2021 21:29:33 +0100
Subject: [stable-only] Cap bandit to 1.6.2

The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] https://github.com/PyCQA/bandit/pull/615
[3] https://github.com/PyCQA/bandit/issues/663
[4] https://github.com/PyCQA/bandit/issues/665

Change-Id: Id39cd1f6ed61a3fa457f461fc8d399b550f3bb57
---
 test-requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index 9067d92..7f66470 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -7,10 +7,11 @@ hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0
 mock>=2.0.0 # BSD
 openstackdocstheme>=1.18.1 # Apache-2.0
 oslotest>=3.2.0 # Apache-2.0
-sphinx!=1.6.6,>=1.6.2 # BSD
+sphinx>=1.6.2,!=1.6.6,<2.0.0;python_version=='2.7'  # BSD
+sphinx>=1.6.2,!=1.6.6;python_version>='3.4'  # BSD
 testtools>=2.2.0 # MIT
 coverage!=4.4,>=4.0 # Apache-2.0
 reno>=2.5.0 # Apache-2.0
 oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<=1.6.2 # Apache-2.0
-- 
cgit v1.2.1