From 99c7a9666738bb897e2bd5009c92b5c8ba2746cd Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Tue, 30 Jan 2024 11:13:20 +0900
Subject: [PATCH] stable-only: Pin bandit

Since bandit 1.7.7, we have to install the basiline extra to use
bandit-baseline.

This was fixed in master, but for stable branches it may be better to
use the known good version instead, to avoid updating stable branches
when any breaking change is made in bandit.

Change-Id: I07ff03007e4e7247ad4fcf0dba16b87a02e3179d
(cherry picked from commit 7a039ecb09769771dff45d767f129a3ea4b53669)
(cherry picked from commit 363c1df7c94defb21e59eb6796d353b88987a2d6)
---
 test-requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index ba437f3365..e08aa3768e 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -3,7 +3,7 @@
 # process, which may cause wedges in the gate later.
 # Hacking already pins down pep8, pyflakes and flake8
 hacking>=3.0.1,<3.1.0 # Apache-2.0
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.7.7 # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0
 nose>=1.3.7 # LGPL
 nosexcover>=1.0.10 # BSD