bridgecrewio
Outdated package requirement: "networkx<2.7" - Is this intended?
Describe the feature
According to pipy, checkov (in it's current version) requires networkx<2.7. Would it be possible to update that dependency to a newer version of networkx? networkx==2.6, for example, was released in Summer 2021 and is pretty outdated.
Examples
(None)
Additional context
Could it be that this is not an intended dependency? networkx==2.6 does not even support Python 3.10 🙂
Originally it was introduced here: https://github.com/bridgecrewio/checkov/pull/2563 The reason was backward compatibility to lower python versions. Checkov has since moved to higher python versions so I see no reason it should be bound to networkx 2.6, especially since by default it uses rustworkx.
Thanks for contributing to Checkov! We've automatically marked this issue as stale to keep our issues list tidy, because it has not had any activity for 6 months. It will be closed in 14 days if no further activity occurs. Commenting on this issue will remove the stale tag. If you want to talk through the issue or help us understand the priority and context, feel free to add a comment or join us in the Checkov slack channel at codifiedsecurity.slack.com Thanks!
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
