You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Out of the box detect-secrets can be incompatible with Python 3.12 because the deprecated boxsdk being pulled in still uses six, an old compatibility library than needs to be at least 1.16.0 to be compatible with Python 3.12
Fails with stacktrace and error ModuleNotFoundError: No module named 'six.moves'
Expected behaviour
detect-secrets should continue to work on Python 3.12
Suggested fix
In the short term, adding an explicit dependency in setup.py on six>=1.6 should prevent the incompatibility
In the longer term, migrating plugin/box.py to use box/box-python-sdk-gen following the migration guide here would be a better option. Our sdk usage is minimal, just doing a login attempt with any encountered
Screenshots
If applicable, add screenshots to help explain your problem.
Impact
detect-secrets not remaining compatible with supported Python versions in the future
The text was updated successfully, but these errors were encountered:
Describe the bug
Out of the box detect-secrets can be incompatible with Python 3.12 because the deprecated boxsdk being pulled in still uses six, an old compatibility library than needs to be at least 1.16.0 to be compatible with Python 3.12
To Reproduce
Steps to reproduce the behaviour (using uv here, but any venv + py312 install would work):
uv venv --python 3.12 && source .venv/bin/activate
uv pip install six==1.15.0 "git+https://github.com/ibm/detect-secrets.git@master#egg=detect-secrets"
detect-secrets scan .
ModuleNotFoundError: No module named 'six.moves'
Expected behaviour
detect-secrets should continue to work on Python 3.12
Suggested fix
In the short term, adding an explicit dependency in setup.py on
six>=1.6
should prevent the incompatibilityIn the longer term, migrating plugin/box.py to use box/box-python-sdk-gen following the migration guide here would be a better option. Our sdk usage is minimal, just doing a login attempt with any encountered
Screenshots
If applicable, add screenshots to help explain your problem.
Impact
detect-secrets not remaining compatible with supported Python versions in the future
The text was updated successfully, but these errors were encountered: