Older RHEL-compatible targets seem to be unable to find dependencies

[patrick-stephens]

Trying this out on a few different RHEL-compatible targets seems to show issues installing the dependencies, e.g.

$ docker run --rm -it rockylinux:8 sh -c 'yum install -y python3 python3-pip;pip3 install lib4sbom'
...
Installed:
  platform-python-pip-9.0.3-22.el8.rocky.0.noarch      python3-pip-9.0.3-22.el8.rocky.0.noarch      python3-setuptools-39.2.0-6.el8.noarch      python36-3.6.8-38.module+el8.5.0+671+195e4563.x86_64     

Complete!
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting lib4sbom
  Could not find a version that satisfies the requirement lib4sbom (from versions: )
No matching distribution found for lib4sbom
...

The same error is seen on:

• centos:7
• centos:8

However the following work fine:

• quay.io/centos/centos:stream9
• amazonlinux:2023
• amazonlinux:2

The failing targets all seem to be Python 3.6 whereas the others are more recent and generally already come with Python 3. Do I need to reconfigure pip to look at a particular index?

[anthonyharrison]

@patrick-stephens The tool and dependenceis are only supported on currently supported versions of Python (3.7+). To get the tool to work on earlier versions of Python would require that all of the dependencies support the earlier versions.

[patrick-stephens]

Ah ok, that makes sense then.