Merge "Bump bandit version"

2 files changed, 8 insertions, 3 deletions

diff --git a/oslo_messaging/_drivers/impl_rabbit.py b/oslo_messaging/_drivers/impl_rabbit.py
index 8ef04e7..3a233d4 100644
--- a/oslo_messaging/_drivers/impl_rabbit.py
+++ b/oslo_messaging/_drivers/impl_rabbit.py
@@ -525,7 +525,10 @@ class Connection(object):
                 self._url += url.virtual_host
         elif not url.hosts:
             host = oslo_messaging.transport.TransportHost('')
-            self._url = self._transform_transport_url(
+            # NOTE(moguimar): default_password in this function's context is
+            #                 a fallback option, not a hardcoded password.
+            #                 username and password are read from host.
+            self._url = self._transform_transport_url(  # nosec
                 url, host, default_username='guest', default_password='guest',
                 default_hostname='localhost')
 
@@ -655,7 +658,9 @@ class Connection(object):
         except KeyError:
             raise RuntimeError("Invalid SSL version : %s" % version)
 
-    def _transform_transport_url(self, url, host, default_username='',
+    # NOTE(moguimar): default_password in this function's context is just
+    #                 a fallback option, not a hardcoded password.
+    def _transform_transport_url(self, url, host, default_username='',  # nosec
                                  default_password='', default_hostname=''):
         transport = url.transport.replace('kombu+', '')
         transport = transport.replace('rabbit', 'amqp')
diff --git a/test-requirements.txt b/test-requirements.txt
index d1cbfde..42a086a 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -25,7 +25,7 @@ coverage!=4.4,>=4.0 # Apache-2.0
 pyngus>=2.2.0 # Apache-2.0
 
 # Bandit security code scanner
-bandit>=1.1.0,<1.6.0 # Apache-2.0
+bandit>=1.6.0,<1.7.0 # Apache-2.0
 
 eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
 greenlet>=0.4.10 # MIT