From e103baa002e54303b08630c436dfc7b0b8a013de Mon Sep 17 00:00:00 2001 From: Stephen Finucane Date: Fri, 8 Jan 2021 10:45:10 +0000 Subject: [PATCH] pre-commit: Resolve dependency conflicts hacking 3.1.0 depended on 'flake8<3.8.0,>=3.6.0', while we were specifying flake 3.8.3. This resulted in an error when using the dependency resolver introduced in pip 20.3. Resolve this by bumping to hacking 3.2.0. We also remove bandit and pre-commit from test-requirements, since these are linters which are not managed by upper-constraints and are not necessary to run tests. oslo.context is also specified in both requirements.txt and test-requirements.txt, so we remove it from the latter. Change-Id: I829870c327b73b583877b9b969ee38f0bcaa1495 Signed-off-by: Stephen Finucane --- .pre-commit-config.yaml | 6 +++--- lower-constraints.txt | 3 ++- test-requirements.txt | 9 ++------- tox.ini | 4 ++-- 4 files changed, 9 insertions(+), 13 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9d945567..e56ba979 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,9 +1,9 @@ +--- # We from the Oslo project decided to pin repos based on the # commit hash instead of the version tag to prevend arbitrary # code from running in developer's machines. To update to a # newer version, run `pre-commit autoupdate` and then replace # the newer versions with their commit hash. - default_language_version: python: python3 @@ -28,8 +28,8 @@ repos: - id: check-yaml files: .*\.(yaml|yml)$ - repo: https://gitlab.com/pycqa/flake8 - rev: 181bb46098dddf7e2d45319ea654b4b4d58c2840 # 3.8.3 + rev: 181bb46098dddf7e2d45319ea654b4b4d58c2840 # 3.8.3 hooks: - id: flake8 additional_dependencies: - - hacking>=3.0.1,<3.1.0 + - hacking>=3.2.0,<3.3.0 diff --git a/lower-constraints.txt b/lower-constraints.txt index c83f09bf..2d9d8efb 100644 --- a/lower-constraints.txt +++ b/lower-constraints.txt @@ -4,7 +4,7 @@ Babel==2.3.4 bandit==1.4.0 coverage==4.0 debtcollector==1.2.0 -docutils==0.11 +docutils==0.12 dulwich==0.15.0 extras==1.0.0 fixtures==3.0.0 @@ -38,6 +38,7 @@ requests==2.14.2 requests-mock==1.2.0 requestsexceptions==1.2.0 rfc3986==0.3.1 +Sphinx==2.0.0 stestr==2.0.0 smmap==0.9.0 snowballstemmer==1.2.1 diff --git a/test-requirements.txt b/test-requirements.txt index fb0d03a7..3717b438 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,16 +1,11 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -hacking>=3.0.1,<3.1.0 # Apache-2.0 + oslotest>=3.2.0 # Apache-2.0 requests-mock>=1.2.0 # Apache-2.0 stestr>=2.0.0 # Apache-2.0 -oslo.context>=2.22.0 # Apache-2.0 +sphinx>=2.0.0,!=2.1.0 # BSD # computes code coverage percentages coverage!=4.4,>=4.0 # Apache-2.0 - -# Bandit security code scanner -bandit>=1.6.0,<1.7.0 # Apache-2.0 - -pre-commit>=2.6.0 # MIT diff --git a/tox.ini b/tox.ini index 0d545065..aed93174 100644 --- a/tox.ini +++ b/tox.ini @@ -14,7 +14,8 @@ commands = stestr run --slowest {posargs} [testenv:pep8] deps = - -r{toxinidir}/test-requirements.txt + pre-commit>=2.6.0 # MIT + bandit>=1.6.0,<1.7.0 # Apache-2.0 commands = pre-commit run -a # Run security linter @@ -66,4 +67,3 @@ deps = -c{toxinidir}/lower-constraints.txt -r{toxinidir}/test-requirements.txt -r{toxinidir}/requirements.txt - -r{toxinidir}/doc/requirements.txt