From 72958e606016a951ee7002d8da2baa5814b00e4f Mon Sep 17 00:00:00 2001
From: Elod Illes <elod.illes@est.tech>
Date: Thu, 25 Feb 2021 10:43:52 +0100
Subject: [stable-only] Cap bandit to 1.6.2

The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement updated to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] https://github.com/PyCQA/bandit/pull/615
[3] https://github.com/PyCQA/bandit/issues/663
[4] https://github.com/PyCQA/bandit/issues/665

Change-Id: Id412a175c8b2a9c8c62105f5a6205b1330a9883f
---
 test-requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index 1777ed4..c666dee 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -7,10 +7,11 @@ testrepository>=0.0.18 # Apache-2.0/BSD
 testtools>=2.2.0 # MIT
 
 openstackdocstheme>=1.18.1 # Apache-2.0
-sphinx>=1.6.2 # BSD
+sphinx>=1.6.2,!=1.6.6,!=1.6.7,<2.0.0;python_version=='2.7'  # BSD
+sphinx>=1.6.2,!=1.6.6,!=1.6.7;python_version>='3.4'  # BSD
 
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<=1.6.2 # Apache-2.0
 
 pymongo!=3.1,>=3.0.2 # Apache-2.0
 
-- 
cgit v1.2.1