From 21ddea2d58dcc8a6b2e86f63159a42c63d54823d Mon Sep 17 00:00:00 2001
From: Cédric Ollivier <cedric.ollivier@orange.com>
Date: Sat, 25 May 2019 11:03:40 +0200
Subject: Run bandit when verifying changes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It reports only MEDIUM issues or higher like nova [1].
It selects bandit 1.1.0 as defined in nova and neutron lower
constraints [2].

[1] https://github.com/openstack/nova/blob/master/tox.ini#L221
[2] https://github.com/openstack/nova/blob/master/lower-constraints.txt#L8

Change-Id: I52524df867d99fae75798475c762a5f8253dacfa
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
(cherry picked from commit c659caccbf1f55db4e6e3cb31bf088ac57751e86)
---
 test-requirements.txt | 1 +
 1 file changed, 1 insertion(+)

(limited to 'test-requirements.txt')

diff --git a/test-requirements.txt b/test-requirements.txt
index 0cfead31..bac66abe 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -12,3 +12,4 @@ yamllint
 doc8 # Apache-2.0
 bashate # Apache-2.0
 ansible-lint
+bandit
-- 
cgit 1.2.3-korg