Version 1.4.2 package has incorrect dependency configuration in setup.py

[sreelathasankaranarayanan]

Describe the bug A clear and concise description of what the bug is. Version 1.4.2 package has incorrect dependency configuration in setup.py, this is causing errors in projects that use pytenable as a dependency and with pip 24.0 dependency resolver this problem is hard to avoid as it seems to download older versions of dependencies to find the best compatibility match.

To Reproduce Steps to reproduce the behavior:

1. Go to '...'
2. Call '....'
3. Do '....'
4. See error

Run pip install pytenable==1.4.2

Expected behavior A clear and concise description of what you expected to happen. The package should install successfully without errors in setup.py

Screenshots If applicable, add screenshots to help explain your problem.

Collecting pytenable==1.4.2 Using cached https://na.artifactory.swg-devops.com/artifactory/api/pypi/wcp-auditree-pypi-virtual/packages/packages/8f/1e/96d67f77c8dd714e9194a766c9ea4784053a8d7370a2a8ed4b4e632b0585/pyTenable-1.4.2.tar.gz (161 kB) Preparing metadata (setup.py) ... error error: subprocess-exited-with-error

× python setup.py egg_info did not run successfully. │ exit code: 1 ╰─> [3 lines of output] error in pyTenable setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers; Expected end or semicolon (after version specifier) typing-extensions>=3.10.0.2dataclasses>=0.8;python_version=="3.6"

      [end of output]

  note: This error originates from a subprocess, and is likely not a problem with pip.
error: metadata-generation-failed

× Encountered error while generating package metadata.
╰─> See above for output.

note: This is an issue with the package mentioned above, not pip.
hint: See above for details.

**System Information (please complete the following information):**
 - OS: [e.g. MacOS]
 - Architecture [e.g. 64bit, 32bit]
 - Version [e.g. 2.7.9]
 - Memory [e.g. 4G]

MacOS, Ubuntu

**Additional context**
Add any other context about the problem here.

[nkeuning]

Python 3.6 isnt supported.
FYI - 3.7 support will be dropped in the next few months as well, it is EOL, but waiting on a few integration partners to upgrade. 3.8 will come shortly after that when it becomes EOL ~10/24. https://devguide.python.org/versions/

[sreelathasankaranarayanan]

@nkeuning can you check the setup.py for version 1.4.2 if it has a incorrect syntax as reported in the error?

error in pyTenable setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers; Expected end or semicolon (after version specifier)

Just checking if this is something that can be corrected.

Or can this version be yanked due to the incorrect setup.py?

[jftanner]

The config where the error occurs was unchanged for three years as of v1.4.2 (and is still the same today on master), so I think it's probably safe to assume that this package isn't the problem. If setup.py were wrong, the issue wouldn't have appeared only today.

Edit: This is incorrect.

[nkeuning]

This builds fine for me locally. What version of python are you using? Can you try building without your artifactory as a pip cache? What happens then?

[nkeuning]

Also confirmed with python 3.12.2 and pip==24 that pip install pytenable==1.4.22 works.

Actually are you trying to install 1.4.2 or 1.4.22(latests)? Just realized your title says 1.4.2 as well as cmd you posted.

[jftanner]

There was a minor syntax error introduced three years ago, just before v1.4.2: https://github.com/tenable/pyTenable/commit/a0e0d7ce409704001fc893d9a646e305d19eddf0

It appears that Python 3.12 w/ pip 24.0 seems to handle it gracefully, but Python versions older than that don't. Edit: Wrong again. Tanner can't read properly this early in the morning.

(I'm from the team that runs that Artifactory instance, which is why I'm involved here. I've ruled out any issue or corruption with Artifactory, but now I'm curious and trying to help.)

[nkeuning]

1.4.2 doesnt work and from 12/21. 1.4.22 is weeks old and works correctly. Please use latest version.

[jftanner]

Actually are you trying to install 1.4.2

Yes, 1.4.2. Though, the syntax error is present in every version since then as well. Newer versions of Python just don't seem to mind. Edit: Again, just straight up wrong.

[sreelathasankaranarayanan]

@nkeuning 1.4.22 does not have a problem, 1.4.2 has the problem. Due to pip 24.0's feature to backtrack dependency versions we see that 1.4.2 is attempted to be downloaded and this is causing an issue.

[sreelathasankaranarayanan]

The incorrect code was fixed in this commit - https://github.com/tenable/pyTenable/commit/c3a777d94c7b2e078ebea28712eef7fac6985981

and that was fixed in Dec 2021, so possibly all versions after 1.4.2 did not have the problem, which is why all versions download fine except for 1.4.2

[jftanner]

Ugh. You're absolutely right. Don't debug at 1:30am. 🤣 Please ignore everything I've said.

[nkeuning]

We've all been there! Have a good night!

[sreelathasankaranarayanan]

@nkeuning any thoughts on yanking version 1.4.2 or fixing the setup.py?

[nkeuning]

Personally see all these old versions on GitHub and pypi I'd like to yank a bunch of old stuff. I will need to chat with @SteveMcGrath about this when he is back.

[sreelathasankaranarayanan]

Thanks @nkeuning that would help if we could yank atleast the one version that has a know error.