Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: If86c82e0f4a519baca664af79352846c4af9a01c Reference: https://github.com/PyCQA/bandit/pull/489
2019-05-13 20:09:00 +00:00 · 2019-05-13 20:09:00 +00:00 · 925bb81c7f
parent aef64ea8ae
commit 925bb81c7f
2 changed files with 3 additions and 2 deletions
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@ -2,7 +2,8 @@
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
 openstackdocstheme>=1.18.1 # Apache-2.0
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
 doc8>=0.6.0 # Apache-2.0
 reno>=2.5.0 # Apache-2.0

--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -12,7 +12,7 @@ oslo.context>=2.19.2 # Apache-2.0
 stestr>=2.0.0 # Apache-2.0
 testtools>=2.2.0 # MIT
 os-testr>=1.0.0 # Apache-2.0
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0
 pifpaf>=0.10.0 # Apache-2.0
 PyMySQL>=0.7.6 # MIT License
 psycopg2>=2.7.0 # LGPL/ZPL