64fc24516b
Bandit is an OpenStack security linter that uses python AST modules to perform static code analysis of a project. It can help identify low, medium, and high security "hotspots" in a project codebase. This change provides an initial Bandit config based on the existing one used by Sahara. Change-Id: Idcfb5641007bb27de8df262b236b9a46d7e11d5d Closes-Bug: 1547730
29 lines
952 B
Plaintext
29 lines
952 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
# Hacking already pins down pep8, pyflakes and flake8
|
|
hacking<0.11,>=0.10.0
|
|
bandit>=1.0.1 # Apache-2.0
|
|
sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 # BSD
|
|
oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0
|
|
reno>=1.6.2 # Apache2
|
|
coverage>=3.6 # Apache-2.0
|
|
nose # LGPL
|
|
nosexcover # BSD
|
|
openstack-doc-tools>=0.23 # Apache-2.0
|
|
openstack.nose-plugin>=0.7 # Apache-2.0
|
|
WebTest>=2.0 # MIT
|
|
wsgi-intercept>=0.6.1 # MIT License
|
|
proboscis>=1.2.5.3 # Apache-2.0
|
|
python-troveclient>=2.2.0 # Apache-2.0
|
|
mock>=1.2 # BSD
|
|
mox3>=0.7.0 # Apache-2.0
|
|
testtools>=1.4.0 # MIT
|
|
testrepository>=0.0.18 # Apache-2.0/BSD
|
|
pymongo!=3.1,>=3.0.2 # Apache-2.0
|
|
redis>=2.10.0 # MIT
|
|
psycopg2>=2.5 # LGPL/ZPL
|
|
cassandra-driver>=2.1.4 # Apache-2.0
|
|
pycrypto>=2.6 # Public Domain
|
|
couchdb>=0.8 # Apache-2.0
|