6cddec7db9
This change adds a basic bandit config for Cinder. It can be invoked
by running the tox environment for bandit;
tox -e bandit
This is intended as a starting point for using bandit with Cinder
and it should be revisited to improve the testing as more is learned
about the specific needs of the Cinder code base.
Tox is configured to only show results for high and medium severity
results.
https://wiki.openstack.org/wiki/Security/Projects/Bandit
Change-Id: I0247e0ccaed6faacacb2b8d2f8b141a8edc704af
25 lines
615 B
Plaintext
25 lines
615 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
|
|
# Install bounded pep8/pyflakes first, then let flake8 install
|
|
hacking<0.11,>=0.10.0
|
|
|
|
coverage>=3.6
|
|
ddt>=0.7.0
|
|
discover
|
|
fixtures>=1.3.1
|
|
mock>=1.2
|
|
mox3>=0.7.0
|
|
PyMySQL>=0.6.2 # MIT License
|
|
psycopg2
|
|
oslotest>=1.7.0 # Apache-2.0
|
|
sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2
|
|
python-subunit>=0.0.18
|
|
testtools>=1.4.0
|
|
testrepository>=0.0.18
|
|
oslosphinx>=2.5.0 # Apache-2.0
|
|
os-testr>=0.1.0
|
|
tempest-lib>=0.6.1
|
|
bandit>=0.10.1
|