Describe the bug
When running using python 2.7, a pip install bandit picks up 1.6.3.
To Reproduce
$ docker run -it --rm -v $PWD:$PWD -w $PWD python:2.7-buster sh
# python -m pip install -U pip setuptools wheel
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
Collecting pip
Downloading pip-20.3.1-py2.py3-none-any.whl (1.5 MB)
|████████████████████████████████| 1.5 MB 3.2 MB/s
Collecting setuptools
Downloading setuptools-44.1.1-py2.py3-none-any.whl (583 kB)
|████████████████████████████████| 583 kB 15.2 MB/s
Collecting wheel
Downloading wheel-0.36.1-py2.py3-none-any.whl (34 kB)
Installing collected packages: pip, setuptools, wheel
Attempting uninstall: pip
Found existing installation: pip 20.0.2
Uninstalling pip-20.0.2:
Successfully uninstalled pip-20.0.2
Attempting uninstall: setuptools
Found existing installation: setuptools 44.1.0
Uninstalling setuptools-44.1.0:
Successfully uninstalled setuptools-44.1.0
Attempting uninstall: wheel
Found existing installation: wheel 0.34.2
Uninstalling wheel-0.34.2:
Successfully uninstalled wheel-0.34.2
Successfully installed pip-20.3.1 setuptools-44.1.1 wheel-0.36.1
# python -m pip install bandit
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.
Collecting bandit
Downloading bandit-1.6.3-py2.py3-none-any.whl (115 kB)
|████████████████████████████████| 115 kB 3.9 MB/s
ERROR: Package 'bandit' requires a different Python: 2.7.18 not in '>=3.5'
It's been uploaded as a "universal wheel" which I think is the issue.
Expected behavior
An older version of bandit is picked up.
Describe the bug
When running using python 2.7, a
pip install banditpicks up 1.6.3.To Reproduce
It's been uploaded as a "universal wheel" which I think is the issue.
Expected behavior
An older version of bandit is picked up.