From 1edf7a2a2670affdb44baa6b8df091ff80b3fc9c Mon Sep 17 00:00:00 2001 From: Kenneth Giusti Date: Mon, 13 May 2019 10:55:23 -0400 Subject: Cap Bandit below 1.6.0 and update Sphinx requirement Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. NOTE(elod.illes): use upper-constraints.txt for docs tox target, to limit dulwich to the version that was used in stable/pike. Also install the content of requirements.txt otherwise those will be installed unconstrained during the test run. Conflicts: doc/requirements.txt Change-Id: Ie6b379f2c99862c37891ac03c52464e07bc2b2cc (cherry picked from commit 4f467fbd73092aadda8b42e517bb60a4782064ae) (cherry picked from commit 012cdcd03a65da90d8aa36b2afc51e778957cc12) --- doc/requirements.txt | 3 ++- test-requirements.txt | 5 +++-- tox.ini | 5 ++++- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/doc/requirements.txt b/doc/requirements.txt index aa0528e..ecf0c71 100644 --- a/doc/requirements.txt +++ b/doc/requirements.txt @@ -3,7 +3,8 @@ # process, which may cause wedges in the gate later. openstackdocstheme>=1.17.0 # Apache-2.0 -sphinx>=1.6.2 # BSD +sphinx>=1.6.2,!=1.6.6,<2.0.0;python_version=='2.7' # BSD +sphinx>=1.6.2,!=1.6.6;python_version>='3.4' # BSD reno>=2.5.0 # Apache-2.0 # imported when the source code is parsed for generating documentation: diff --git a/test-requirements.txt b/test-requirements.txt index 66d4b09..5b3c117 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -28,7 +28,8 @@ kafka-python>=1.3.1 # Apache-2.0 coverage!=4.4,>=4.0 # Apache-2.0 # this is required for the docs build jobs -sphinx>=1.6.2 # BSD +sphinx>=1.6.2,!=1.6.6,<2.0.0;python_version=='2.7' # BSD +sphinx>=1.6.2,!=1.6.6;python_version>='3.4' # BSD openstackdocstheme>=1.16.0 # Apache-2.0 reno!=2.3.1,>=1.8.0 # Apache-2.0 @@ -37,7 +38,7 @@ reno!=2.3.1,>=1.8.0 # Apache-2.0 pyngus>=2.0.2 # Apache-2.0 # Bandit security code scanner -bandit>=1.1.0 # Apache-2.0 +bandit>=1.1.0,<1.6.0 # Apache-2.0 eventlet!=0.18.3,!=0.20.1,<0.21.0,>=0.18.2 # MIT greenlet>=0.3.2 # MIT diff --git a/tox.ini b/tox.ini index 1924a61..b8c8af0 100644 --- a/tox.ini +++ b/tox.ini @@ -29,7 +29,10 @@ commands = {posargs} [testenv:docs] basepython = python2.7 commands = python setup.py build_sphinx -deps = -r{toxinidir}/doc/requirements.txt +deps = + -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=stable/pike} + -r{toxinidir}/doc/requirements.txt + -r{toxinidir}/requirements.txt [testenv:py27-func-rabbit] setenv = -- cgit v1.2.1