From 30ffa278735aa0f14e80c703ccfb4252e0a4a879 Mon Sep 17 00:00:00 2001
From: Elod Illes <elod.illes@est.tech>
Date: Fri, 8 Jan 2021 22:52:35 +0100
Subject: [stable-only] Cap bandit to 1.6.2

The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] https://github.com/PyCQA/bandit/pull/615
[3] https://github.com/PyCQA/bandit/issues/663
[4] https://github.com/PyCQA/bandit/issues/665

Change-Id: I8762bad8821868c97af8114e49f51b6383df3e5c
---
 test-requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index 9153e9e..18109b9 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -7,10 +7,11 @@ stestr>=2.0.0 # Apache-2.0
 testtools>=2.2.0 # MIT
 
 openstackdocstheme>=1.18.1 # Apache-2.0
-sphinx>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7'  # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4'  # BSD
 
 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<=1.6.2 # Apache-2.0
 
 pymongo!=3.1,>=3.0.2 # Apache-2.0
 
-- 
cgit v1.2.1