From cd6bac5739abe0ec3eef864f7990ff30594de633 Mon Sep 17 00:00:00 2001 From: Haydn Greatnews Date: Thu, 8 Dec 2022 15:15:45 +1300 Subject: [PATCH] Set maximum version for packaging, which has removed LegacyVersion (#427) * Set maximum version for packaging, which has removed LegacyVersion pip-audit uses `packaging.version.LegacyVersion` to parse some version numbers, and this is removed in packaging 22.0 (https://github.com/pypa/packaging/pull/407) Closes #426 * test: Remove `pyparsing` as this is no longer a dependency of `packaging` Co-authored-by: Alex Cameron --- pyproject.toml | 2 +- test/dependency_source/resolvelib/test_resolvelib.py | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 275a5723..397c7597 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -32,7 +32,7 @@ dependencies = [ # See: https://github.com/CycloneDX/cyclonedx-python-lib/issues/245 "cyclonedx-python-lib>=2.0.0,!=2.5.0", "html5lib>=1.1", - "packaging>=21.0.0", + "packaging>=21.0.0,<22.0.0", "pip-api>=0.0.28", "pip-requirements-parser>=31.2.0", "resolvelib>=0.8.0", diff --git a/test/dependency_source/resolvelib/test_resolvelib.py b/test/dependency_source/resolvelib/test_resolvelib.py index 167b777a..8f8214b0 100644 --- a/test/dependency_source/resolvelib/test_resolvelib.py +++ b/test/dependency_source/resolvelib/test_resolvelib.py @@ -109,7 +109,6 @@ def test_resolvelib_sdist(): assert len(resolved_deps) == 1 expected_deps = [ ResolvedDependency("ansible-core", Version("2.11.5")), - ResolvedDependency("pyparsing", Version("2.4.7")), ResolvedDependency("jinja2", Version("3.0.1")), ResolvedDependency("pycparser", Version("2.20")), ResolvedDependency("pyyaml", Version("5.4.1")),