From 3ed4676f93996b9f1d81a2826020d0c8cead4425 Mon Sep 17 00:00:00 2001
From: Ben Nemec <bnemec@redhat.com>
Date: Wed, 15 May 2019 15:56:42 +0000
Subject: Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.

Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.

Change-Id: I719a8cff50dcc0dea62db14edf7b9ab35b72facd
Reference: https://github.com/PyCQA/bandit/pull/489
---
 test-requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test-requirements.txt')

diff --git a/test-requirements.txt b/test-requirements.txt
index 767c41b..ce63b70 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -24,4 +24,4 @@ mock>=2.0.0 # BSD
 oslo.config>=5.2.0 # Apache-2.0
 
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0
-- 
cgit v1.2.1