Thx, I just did similar patches for stable/rocky [1] and stable/queens [2] in Neutron repo: [1] https://review.openstack.org/#/c/593075/ [2] https://review.openstack.org/#/c/593078/ > Wiadomość napisana przez Doug Hellmann <doug at doughellmann.com> w dniu 17.08.2018, o godz. 16:34: > > Excerpts from Slawomir Kaplonski's message of 2018-08-17 10:16:35 +0200: >> Hi, >> >> It looks that pep8 job in Neutron is currently broken because of new version of bandit (1.5.0). >> If You have in Your patch failure of pep8 job with error like [1] please don’t recheck as it will not help. >> I did some patch which should fix it [2]. Will let You know when it will be fixed and You will be able to rebase You patches. >> >> [1] http://logs.openstack.org/37/382037/67/check/openstack-tox-pep8/e2bbd84/job-output.txt.gz#_2018-08-16_21_45_55_366148 >> [2] https://review.openstack.org/#/c/592884/ >> >> — >> Slawek Kaplonski >> Senior software engineer >> Red Hat >> > > We had this problem in oslo.concurrency, too. > > Because bandit is considered to be a linter and different teams may > want to use different versions, it is not managed through the > constraints list (there is no co-installability requirement for > linters). Some of the projects using it do not have it capped, so > new releases that introduce breaking changes like this can cause > gate issues. > > In the oslo.concurrency stable branch we capped the version of > bandit to avoid having to backport changes just to fix the linter > errors. We made code changes in master to address them and left > bandit uncapped there, for now. > > Doug > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev — Slawek Kaplonski Senior software engineer Red Hat