fyi; It seems the new release of bandit (1.7.5) just came out and this introduces a new lint rule to require defining the timeout parameter for all "requests" calls. https://github.com/PyCQA/bandit/commit/5ff73ff8ff956df7d63fde49c3bd671db8e821eb This is currently affecting heat and quick search shows some of the other projects contain some code not compliant with this rule(barbican, ceilometer, cinder, glance, manila, nova, ...). Also, it seems we do not pin bandit by u-c for some reason this likely affects all stable branches. Actually I first noticed this when I tried to backport one fix to 2023.1 branch of heat... Thank you, Takashi -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20230310/fffca54c/attachment.htm>