sslyze version 5.1.0 not compatible with pydantic version 1.8.2

Question

sslyze version 5.1.0 not compatible with pydantic version 1.8.2

robsan00 opened this issue a year ago · comments

The current sslyze version 5.1.0 is not compatible with pydantic version 1.8.2. The minimum current requirement for pydantic is (accoring to the setup.py file) >1.7 and < 1.11. However, 1.8.2 is not okay.

To Reproduce
Steps to reproduce the behavior:

Create a new, empty venv (I am using Python 3.8).
Install the latest ssylze (pip install sslyze==5.1.0)
Downgrade pydantic (pip install pydantic==1.8.2)
Try to execute "from sslyze import CipherSuite" withing python -> you get the following error:

Python 3.8.5 (tags/v3.8.5:580fbb0, Jul 20 2020, 15:57:54) [MSC v.1924 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> from sslyze import CipherSuite
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "C:\dev\venv\sslyze_check\lib\site-packages\sslyze\__init__.py", line 23, in <module>
    from sslyze.plugins.scan_commands import ScanCommand
  File "C:\dev\venv\sslyze_check\lib\site-packages\sslyze\plugins\scan_commands.py", line 8, in <module>
    from sslyze.plugins.compression_plugin import CompressionImplementation
  File "C:\dev\venv\sslyze_check\lib\site-packages\sslyze\plugins\compression_plugin.py", line 35, in <module>
    CompressionScanResultAsJson = pydantic.dataclasses.dataclass(CompressionScanResult)
  File "pydantic\dataclasses.py", line 255, in pydantic.dataclasses.dataclass
    if metadata is None else
  File "pydantic\dataclasses.py", line 250, in pydantic.dataclasses.dataclass.wrap
    self.init = init
  File "pydantic\dataclasses.py", line 158, in pydantic.dataclasses._process_class
    # factory will be used.  This is given a nice repr() which will appear
  File "C:\Python38\lib\dataclasses.py", line 1019, in dataclass
    return wrap(cls)
  File "C:\Python38\lib\dataclasses.py", line 1011, in wrap
    return _process_class(cls, init, repr, eq, order, unsafe_hash, frozen)
  File "C:\Python38\lib\dataclasses.py", line 891, in _process_class
    raise TypeError('cannot inherit non-frozen dataclass from a '
TypeError: cannot inherit non-frozen dataclass from a frozen one

If you try upgrade back to pydantic 1.10.4, this works fine.

Expected behavior
sslyze defines a proper minimum required pydantic version.

Python environment (please complete the following information):

OS: Windows 10
Python version: 3.8

Alban Diquet · Answer 1 · Thu Jan 19 2023 04:10:42 GMT+0800 (China Standard Time)

Fixed released in v5.1.1.

Robert Sandholzer · Answer 2 · Fri Jan 20 2023 15:38:09 GMT+0800 (China Standard Time)

Thanks for the quick fix!

FallenHero66 · Answer 3 · Tue Jan 31 2023 16:36:39 GMT+0800 (China Standard Time)

I have a similar problem (in "SupportedEllipticCurvesImplementation") with the following setup:
python version: 3.10
OS: Kali 2022.4
pydantic version: 1.10.4
sslyze version: 5.1.1

Python 3.10.9 (main, Dec  7 2022, 13:47:07) [GCC 12.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from sslyze.plugins.elliptic_curves_plugin import SupportedEllipticCurvesImplementation
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/csaudit/sslyze-5.1.1/sslyze/__init__.py", line 23, in <module>
    from sslyze.plugins.scan_commands import ScanCommand
  File "/home/csaudit/sslyze-5.1.1/sslyze/plugins/scan_commands.py", line 4, in <module>
    from sslyze.plugins.elliptic_curves_plugin import SupportedEllipticCurvesImplementation
  File "/home/csaudit/sslyze-5.1.1/sslyze/plugins/elliptic_curves_plugin.py", line 5, in <module>
    import pydantic
  File "pydantic/__init__.py", line 2, in init pydantic.__init__
  File "pydantic/dataclasses.py", line 39, in init pydantic.dataclasses
    # Key:
ImportError: cannot import name dataclass_transform