stable-only: Pin bandit
Since bandit 1.7.7, we have to install the basiline extra to use bandit-baseline. This was fixed in master, but for stable branches it may be better to use the known good version instead, to avoid updating stable branches when any breaking change is made in bandit. Change-Id: I07ff03007e4e7247ad4fcf0dba16b87a02e3179d (cherry picked from commit7a039ecb09
) (cherry picked from commit363c1df7c9
)
This commit is contained in:
parent
c8579f5143
commit
99c7a96667
|
@ -3,7 +3,7 @@
|
|||
# process, which may cause wedges in the gate later.
|
||||
# Hacking already pins down pep8, pyflakes and flake8
|
||||
hacking>=3.0.1,<3.1.0 # Apache-2.0
|
||||
bandit>=1.1.0 # Apache-2.0
|
||||
bandit>=1.1.0,<1.7.7 # Apache-2.0
|
||||
coverage!=4.4,>=4.0 # Apache-2.0
|
||||
nose>=1.3.7 # LGPL
|
||||
nosexcover>=1.0.10 # BSD
|
||||
|
|
Loading…
Reference in New Issue