Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PIP Detector: "The version specification 7.1.1 is not a valid python version" #833

Closed
RolandColored opened this issue Oct 6, 2023 · 1 comment
Closed

PIP Detector: "The version specification 7.1.1 is not a valid python version" #833

RolandColored opened this issue Oct 6, 2023 · 1 comment
Assignees
@jcfiorenzano
Labels
detector:pip The pip detector type:bug Bug fix of existing functionality

Comments

@RolandColored
Copy link

RolandColored commented Oct 6, 2023
edited by github-actions bot
Loading

During the scan in Azure DevOps I was confronted with this error message:

...
Getting Python data from "[https://files.pythonhosted.org/packages/96/7c/a81ef5ef10978dd073a854e0fa93b5d8021d0594b639cc8f6453c3c78a1d/strictyaml-1.7.3-py3-none-any.whl"](https://files.pythonhosted.org/packages/96/7c/a81ef5ef10978dd073a854e0fa93b5d8021d0594b639cc8f6453c3c78a1d/strictyaml-1.7.3-py3-none-any.whl%22)
Getting Python data from "[https://files.pythonhosted.org/packages/40/44/4a5f08c96eb108af5cb50b41f76142f0afa346dfa99d5296fe7202a11854/tabulate-0.9.0-py3-none-any.whl"](https://files.pythonhosted.org/packages/40/44/4a5f08c96eb108af5cb50b41f76142f0afa346dfa99d5296fe7202a11854/tabulate-0.9.0-py3-none-any.whl%22)
Getting Python data from "[https://files.pythonhosted.org/packages/81/12/fd4dea011af9d69e1cad05c75f3f7202cdcbeac9b712eea58ca779a72865/threadpoolctl-3.2.0-py3-none-any.whl"](https://files.pythonhosted.org/packages/81/12/fd4dea011af9d69e1cad05c75f3f7202cdcbeac9b712eea58ca779a72865/threadpoolctl-3.2.0-py3-none-any.whl%22)
Getting Python data from "[https://files.pythonhosted.org/packages/00/e5/f12a80907d0884e6dff9c16d0c0114d81b8cd07dc3ae54c5e962cc83037e/tqdm-4.66.1-py3-none-any.whl"](https://files.pythonhosted.org/packages/00/e5/f12a80907d0884e6dff9c16d0c0114d81b8cd07dc3ae54c5e962cc83037e/tqdm-4.66.1-py3-none-any.whl%22)
Getting Python data from "[https://files.pythonhosted.org/packages/bf/0e/c68adf10adda05f28a6ed7b9f4cd7b8e07f641b44af88ba72d9c89e4de7a/typer-0.9.0-py3-none-any.whl"](https://files.pythonhosted.org/packages/bf/0e/c68adf10adda05f28a6ed7b9f4cd7b8e07f641b44af88ba72d9c89e4de7a/typer-0.9.0-py3-none-any.whl%22)
##[error] Error while parsing pip components in /home/vsts/work/1/s/python/requirements.txt
System.ArgumentException: The version specification  7.1.1 is not a valid python version
   at Microsoft.ComponentDetection.Detectors.Pip.PythonVersionUtilities.VersionValidForSpec(String version, String spec) in D:\a\1\s\tasks\dependency-scanning\detection\src\component-detection\src\Microsoft.ComponentDetection.Detectors\pip\PythonVersionUtilities.cs:line 109
   at Microsoft.ComponentDetection.Detectors.Pip.PythonVersionUtilities.VersionValidForSpec(String version, IList`1 specs) in D:\a\1\s\tasks\dependency-scanning\detection\src\component-detection\src\Microsoft.ComponentDetection.Detectors\pip\PythonVersionUtilities.cs:line 20
   at Microsoft.ComponentDetection.Detectors.Pip.PythonResolver.ProcessQueueAsync(ISingleFileComponentRecorder singleFileComponentRecorder, PythonResolverState state) in D:\a\1\s\tasks\dependency-scanning\detection\src\component-detection\src\Microsoft.ComponentDetection.Detectors\pip\PythonResolver.cs:line 82
   at Microsoft.ComponentDetection.Detectors.Pip.PythonResolver.ResolveRootsAsync(ISingleFileComponentRecorder singleFileComponentRecorder, IList`1 initialPackages) in D:\a\1\s\tasks\dependency-scanning\detection\src\component-detection\src\Microsoft.ComponentDetection.Detectors\pip\PythonResolver.cs:line 67
   at Microsoft.ComponentDetection.Detectors.Pip.PipComponentDetector.OnFileFoundAsync(ProcessRequest processRequest, IDictionary`2 detectorArgs) in D:\a\1\s\tasks\dependency-scanning\detection\src\component-detection\src\Microsoft.ComponentDetection.Detectors\pip\PipComponentDetector.cs:line 71

Which is very weird, because we don't have the substring "7.1.1" at all in our requirements.txt

requirements.txt 
anyio==3.7.1 ; python_version >= "3.10" and python_version < "4.0"
attrs==23.1.0 ; python_version >= "3.10" and python_version < "4.0"
azure-ai-ml==1.6.0 ; python_version >= "3.10" and python_version < "4.0"
azure-common==1.1.28 ; python_version >= "3.10" and python_version < "4.0"
azure-core==1.29.3 ; python_version >= "3.10" and python_version < "4.0"
azure-identity==1.12.0 ; python_version >= "3.10" and python_version < "4.0"
azure-mgmt-core==1.4.0 ; python_version >= "3.10" and python_version < "4.0"
azure-storage-blob==12.13.0 ; python_version >= "3.10" and python_version < "4.0"
azure-storage-file-datalake==12.8.0 ; python_version >= "3.10" and python_version < "4.0"
azure-storage-file-share==12.13.0 ; python_version >= "3.10" and python_version < "4.0"
azureml-mlflow==1.50.0 ; python_version >= "3.10" and python_version < "4.0"
backoff==2.2.1 ; python_version >= "3.10" and python_version < "4.0"
cachetools==5.3.1 ; python_version >= "3.10" and python_version < "4.0"
certifi==2023.7.22 ; python_version >= "3.10" and python_version < "4.0"
cffi==1.15.1 ; python_version >= "3.10" and python_version < "4.0"
charset-normalizer==3.2.0 ; python_version >= "3.10" and python_version < "4.0"
click==8.1.7 ; python_version >= "3.10" and python_version < "4.0"
cloudpickle==2.2.1 ; python_version >= "3.10" and python_version < "4.0"
colorama==0.4.6 ; python_version >= "3.10" and python_version < "4.0"
contourpy==1.1.0 ; python_version >= "3.10" and python_version < "4.0"
cryptography==41.0.3 ; python_version >= "3.10" and python_version < "4.0"
cycler==0.11.0 ; python_version >= "3.10" and python_version < "4.0"
databricks-cli==0.17.6 ; python_version >= "3.10" and python_version < "4.0"
entrypoints==0.4 ; python_version >= "3.10" and python_version < "4.0"
exceptiongroup==1.1.3 ; python_version >= "3.10" and python_version < "3.11"
fastapi==0.95.1 ; python_version >= "3.10" and python_version < "4.0"
fonttools==4.42.1 ; python_version >= "3.10" and python_version < "4.0"
gitdb==4.0.10 ; python_version >= "3.10" and python_version < "4.0"
gitpython==3.1.32 ; python_version >= "3.10" and python_version < "4.0"
google-api-core==2.11.1 ; python_version >= "3.10" and python_version < "4.0"
google-auth==2.17.3 ; python_version >= "3.10" and python_version < "4.0"
googleapis-common-protos==1.60.0 ; python_version >= "3.10" and python_version < "4.0"
h11==0.14.0 ; python_version >= "3.10" and python_version < "4.0"
idna==3.4 ; python_version >= "3.10" and python_version < "4.0"
importlib-metadata==6.8.0 ; python_version >= "3.10" and python_version < "4.0"
isodate==0.6.1 ; python_version >= "3.10" and python_version < "4.0"
joblib==1.3.2 ; python_version >= "3.10" and python_version < "4.0"
jsonpickle==3.0.2 ; python_version >= "3.10" and python_version < "4.0"
jsonschema-specifications==2023.7.1 ; python_version >= "3.10" and python_version < "4.0"
jsonschema==4.19.0 ; python_version >= "3.10" and python_version < "4.0"
kiwisolver==1.4.5 ; python_version >= "3.10" and python_version < "4.0"
loguru==0.7.0 ; python_version >= "3.10" and python_version < "4.0"
marshmallow==3.20.1 ; python_version >= "3.10" and python_version < "4.0"
matplotlib==3.7.2 ; python_version >= "3.10" and python_version < "4.0"
mlflow-skinny==2.6.0 ; python_version >= "3.10" and python_version < "4.0"
msal-extensions==1.0.0 ; python_version >= "3.10" and python_version < "4.0"
msal==1.23.0 ; python_version >= "3.10" and python_version < "4.0"
msrest==0.7.1 ; python_version >= "3.10" and python_version < "4.0"
nltk==3.8.1 ; python_version >= "3.10" and python_version < "4.0"
numpy==1.25.2 ; python_version >= "3.10" and python_version < "4.0"
oauthlib==3.2.2 ; python_version >= "3.10" and python_version < "4.0"
opencensus-context==0.1.3 ; python_version >= "3.10" and python_version < "4.0"
opencensus-ext-azure==1.1.9 ; python_version >= "3.10" and python_version < "4.0"
opencensus==0.11.2 ; python_version >= "3.10" and python_version < "4.0"
packaging==23.1 ; python_version >= "3.10" and python_version < "4.0"
pandas==2.0.1 ; python_version >= "3.10" and python_version < "4.0"
pillow==10.0.0 ; python_version >= "3.10" and python_version < "4.0"
portalocker==2.7.0 ; python_version >= "3.10" and python_version < "4.0"
protobuf==4.24.1 ; python_version >= "3.10" and python_version < "4.0"
psutil==5.9.5 ; python_version >= "3.10" and python_version < "4.0"
pyarrow==12.0.1 ; python_version >= "3.10" and python_version < "4.0"
pyasn1-modules==0.3.0 ; python_version >= "3.10" and python_version < "4.0"
pyasn1==0.5.0 ; python_version >= "3.10" and python_version < "4.0"
pycparser==2.21 ; python_version >= "3.10" and python_version < "4.0"
pydantic==1.10.12 ; python_version >= "3.10" and python_version < "4.0"
pydash==5.1.2 ; python_version >= "3.10" and python_version < "4.0"
pyjwt==2.8.0 ; python_version >= "3.10" and python_version < "4.0"
pyjwt[crypto]==2.8.0 ; python_version >= "3.10" and python_version < "4.0"
pyparsing==3.0.9 ; python_version >= "3.10" and python_version < "4.0"
python-dateutil==2.8.2 ; python_version >= "3.10" and python_version < "4.0"
python-dotenv==1.0.0 ; python_version >= "3.10" and python_version < "4.0"
pytz==2023.3 ; python_version >= "3.10" and python_version < "4.0"
pywin32==306 ; python_version >= "3.10" and platform_system == "Windows" and python_version < "4.0"
pyyaml==6.0.1 ; python_version >= "3.10" and python_version < "4.0"
referencing==0.30.2 ; python_version >= "3.10" and python_version < "4.0"
regex==2023.8.8 ; python_version >= "3.10" and python_version < "4.0"
requests-oauthlib==1.3.1 ; python_version >= "3.10" and python_version < "4.0"
requests==2.31.0 ; python_version >= "3.10" and python_version < "4.0"
rpds-py==0.9.2 ; python_version >= "3.10" and python_version < "4.0"
rsa==4.9 ; python_version >= "3.10" and python_version < "4"
scikit-learn==1.2.2 ; python_version >= "3.10" and python_version < "4.0"
scipy==1.9.3 ; python_version >= "3.10" and python_version < "4.0"
six==1.16.0 ; python_version >= "3.10" and python_version < "4.0"
smmap==5.0.0 ; python_version >= "3.10" and python_version < "4.0"
sniffio==1.3.0 ; python_version >= "3.10" and python_version < "4.0"
sqlparse==0.4.4 ; python_version >= "3.10" and python_version < "4.0"
starlette==0.26.1 ; python_version >= "3.10" and python_version < "4.0"
strictyaml==1.7.3 ; python_version >= "3.10" and python_version < "4.0"
tabulate==0.9.0 ; python_version >= "3.10" and python_version < "4.0"
threadpoolctl==3.2.0 ; python_version >= "3.10" and python_version < "4.0"
tqdm==4.66.1 ; python_version >= "3.10" and python_version < "4.0"
typer==0.9.0 ; python_version >= "3.10" and python_version < "4.0"
typing-extensions==4.7.1 ; python_version >= "3.10" and python_version < "4.0"
tzdata==2023.3 ; python_version >= "3.10" and python_version < "4.0"
urllib3==2.0.4 ; python_version >= "3.10" and python_version < "4.0"
uvicorn==0.22.0 ; python_version >= "3.10" and python_version < "4.0"
win32-setctime==1.1.0 ; python_version >= "3.10" and python_version < "4.0" and sys_platform == "win32"
zipp==3.16.2 ; python_version >= "3.10" and python_version < "4.0"

I checked the wheel file for typer which it downloaded and the METADATA file indeed contains this version as minimum requirement for click. So it might be that the parser goes a wrong way in this case.

Metadata-Version: 2.1
Name: typer
Version: 0.9.0
Summary: Typer, build great CLIs. Easy to code. Based on Python type hints.
Home-page: https://github.com/tiangolo/typer
Author: Sebastián Ramírez
Author-email: tiangolo@gmail.com
Requires-Python: >=3.6
Description-Content-Type: text/markdown
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python
Classifier: Topic :: Software Development :: Libraries :: Application Frameworks
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Topic :: Software Development :: Libraries
Classifier: Topic :: Software Development
Classifier: Typing :: Typed
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: License :: OSI Approved :: MIT License
Requires-Dist: click >= 7.1.1, <9.0.0
Requires-Dist: typing-extensions >= 3.7.4.3
Requires-Dist: colorama >=0.4.3,<0.5.0 ; extra == "all"
Requires-Dist: shellingham >=1.3.0,<2.0.0 ; extra == "all"
Requires-Dist: rich >=10.11.0,<14.0.0 ; extra == "all"
Requires-Dist: autoflake >=1.3.1,<2.0.0 ; extra == "dev"
Requires-Dist: flake8 >=3.8.3,<4.0.0 ; extra == "dev"
Requires-Dist: pre-commit >=2.17.0,<3.0.0 ; extra == "dev"
Requires-Dist: mkdocs >=1.1.2,<2.0.0 ; extra == "doc"
Requires-Dist: mkdocs-material >=8.1.4,<9.0.0 ; extra == "doc"
Requires-Dist: mdx-include >=1.4.1,<2.0.0 ; extra == "doc"
Requires-Dist: pillow >=9.3.0,<10.0.0 ; extra == "doc"
Requires-Dist: cairosvg >=2.5.2,<3.0.0 ; extra == "doc"
Requires-Dist: shellingham >=1.3.0,<2.0.0 ; extra == "test"
Requires-Dist: pytest >=4.4.0,<8.0.0 ; extra == "test"
Requires-Dist: pytest-cov >=2.10.0,<5.0.0 ; extra == "test"
Requires-Dist: coverage >=6.2,<7.0 ; extra == "test"
Requires-Dist: pytest-xdist >=1.32.0,<4.0.0 ; extra == "test"
Requires-Dist: pytest-sugar >=0.9.4,<0.10.0 ; extra == "test"
Requires-Dist: mypy ==0.910 ; extra == "test"
Requires-Dist: black >=22.3.0,<23.0.0 ; extra == "test"
Requires-Dist: isort >=5.0.6,<6.0.0 ; extra == "test"
Requires-Dist: rich >=10.11.0,<14.0.0 ; extra == "test"
Project-URL: Documentation, https://typer.tiangolo.com/
Provides-Extra: all
Provides-Extra: dev
Provides-Extra: doc
Provides-Extra: test

AB#2111452
@cobya cobya added the bug label Oct 18, 2023
@cobya cobya added detector:pip The pip detector type:bug Bug fix of existing functionality and removed bug labels Nov 30, 2023
@jcfiorenzano jcfiorenzano self-assigned this Mar 6, 2024
@jcfiorenzano jcfiorenzano mentioned this issue Mar 6, 2024
Merged
@cobya
Copy link
Contributor

cobya commented May 15, 2024

Closed with #1025

@cobya cobya closed this as completed May 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jcfiorenzano jcfiorenzano

Labels
detector:pip The pip detector type:bug Bug fix of existing functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@RolandColored @jcfiorenzano @cobya