From 40b808647e46736e438aba5ee6a2006c37c491b1 Mon Sep 17 00:00:00 2001
From: Witek Bedyk <witold.bedyk@suse.com>
Date: Tue, 14 May 2019 16:55:01 +0200
Subject: [PATCH] Blacklist bandit 1.6.0

There's a regression[0] in bandit 1.6.0 which causes bandit to stop
respecting excluded directories, and our tests throw a bunch of
violations. Blacklist this version, but allow newer versions as there is
already a pull request[1] to fix it, and it is expected to be included
in the next release.

[0] https://github.com/PyCQA/bandit/issues/488
[1] https://github.com/PyCQA/bandit/pull/489

Change-Id: If2e5f82279981ced89da6fc134a238105be60d8b
Story: 2005676
Task: 30988
---
 test-requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test-requirements.txt b/test-requirements.txt
index 32857d68..a74545d1 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2,7 +2,7 @@
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
 # Hacking already pins down pep8, pyflakes and flake8
-bandit>=1.1.0 # Apache-2.0
+bandit!=1.6.0,>=1.1.0 # Apache-2.0
 hacking>=1.1.0,<1.2.0 # Apache-2.0
 Babel!=2.4.0,>=2.3.4 # BSD
 coverage!=4.4,>=4.0 # Apache-2.0