search

aws-ia / taskcat

Test all the CloudFormation things! (with TaskCat)
https://aws-ia.github.io/taskcat/
Apache License 2.0
1.16k stars 213 forks source link

Manual Installation of v0.9.39 is installing v0.9.38 #803

Closed kgrvamsi closed 3 weeks ago

kgrvamsi commented 1 year ago

Describe the bug Based on the issue https://github.com/aws-ia/taskcat/issues/802 i tried to install the package manually and i see that the package is installing the v0.9.38 version instead installing v0.9.39.

To Reproduce Steps to reproduce the behavior:

  1. Download the v0.9.39 source zip file
  2. run python setup.py install

Via taskcat: taskcat -V - version 0.9.38\

Via pip3: pip3 show taskcat

Name: taskcat Version: 0.9.38 Summary: An OpenSource Cloudformation Deployment Framework Home-page: https://aws-ia.github.io/taskcat/ Author: Tony Vattathil, Jay McConnell, Andrew Glenn, Santiago Cardenas, Shivansh Singh Author-email: tonynv@amazon.com, jmmccon@amazon.com, andglenn@amazon.com, sshvans@amazon.com License: Apache License 2.0 Location: /Users/vamsikgr/Python-Envs/python3.8-venv2/lib/python3.8/site-packages/taskcat-0.9.38-py3.8.egg Requires: boto3, botocore, cfn_lint, dataclasses-jsonschema, docker, dulwich, jinja2, jsonschema, markupsafe, pathspec, pip, PyYAML, reprint, requests, setuptools, tabulate, yattag Required-by:

gersonsosa commented 1 year ago

A temporary workaround was to adjust this suggestion

pip install "cython<3.0.0" wheel && pip install pyyaml==5.4.1 --no-build-isolation
pip3 install taskcat

this allows to install a version without the vulnerability