Bump of packaging-21.3 to packaging-22.0 breaks cyclonedx-python
See original GitHub issueTraceback (most recent call last):
File "sources/env/bin/cyclonedx-py", line 5, in <module>
from cyclonedx_py.client import main
File "sources/env/lib/python3.10/site-packages/cyclonedx_py/client.py", line 37, in <module>
from .parser.requirements import RequirementsParser
File "sources/env/lib/python3.10/site-packages/cyclonedx_py/parser/requirements.py", line 31, in <module>
from pip_requirements_parser import RequirementsFile # type: ignore
File "sources/env/lib/python3.10/site-packages/pip_requirements_parser.py", line 73, in <module>
from packaging.version import LegacyVersion
ImportError: cannot import name 'LegacyVersion' from 'packaging.version' (sources/env/lib/python3.10/site-packages/packaging/version.py)
Issue Analytics
- State:
- Created 9 months ago
- Reactions:5
- Comments:8 (4 by maintainers)
Top Results From Across the Web
cyclonedx-python/pyproject.toml at master - GitHub
Creates CycloneDX Software Bill of Materials (SBOM) from Python projects ... https://packaging.python.org/specifications/core-metadata/#metadata-classifier.
Read more >Software Bill of Materials for next Python release
CycloneDx by OWASP provides excellent tools to construct SBOMs for wide ... Initially, I meant it for Python packaging but since SBOM is ......
Read more >conda-forge - :: Anaconda.org
A software package for algebraic, geometric and combinatorial problems... 7za, 9.20, LGPL, X, A file archiver with a high compression ratio. 7zip, 19.00 ......
Read more >cyclonedx-python-lib 0.5.0 - PyPI
A library for producing CycloneDX SBOM (Software Bill of Materials) files. ... Looks at the packaged installed in your current Python environment.
Read more >NixOS - DistroWatch.com
Nix stores all packages in isolation from each other; as a result there are no /bin, ... activate-linux-unstable-2022-05-22 ... cyclonedx-python-0.4.3
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
thank you all for the input and your work.
a fix was released via v3.7.3
re: https://github.com/CycloneDX/cyclonedx-python/issues/449#issuecomment-1345420178
why upgrade
pip-requirements-parser==32.0.0
? This project clearly defines:This package here is one of many downstream users of
pip-requirements-parser
. Ifpip-requirements-parser
had errors, then they need to fix their own dependencies in a31.X.Y
release - where they missed their dependency goals. Go to https://github.com/nexB/pip-requirements-parser/issues and ask to the needed backport of the pinning to a new patched version31.2.1
.anyways, i will try to prep a version that works with
pip-requirements-parser: ^32