Update python-safety and specify Python packages in requirements.txt

[derwent-m]

Description

• Used requirements.txt to specify Python package versions instead of hard-coding these in Dockerfile
• Upgraded the python-safety Python package from 1.8.4 to 1.9.0

Fixes #163

Type of change

• Bug fix (non-breaking change which fixes an issue)

Toolchain

• Python

How Has This Been Tested?

• Published the changes to my own docker image
• Used that image to scan my test repo

Test Configuration:

• Toolchain: Python
• SDK (incl. version): Python3? (from Dockerfile)
• OS version: alpine:3.10 docker image (from Dockerfile)
• Relevant links (e.g. a proof-of-concept repo to test-drive the changes): test repo

Notes for reviewer

git clone [email protected]:derwent-m/sample-flask-app.git
cd sample-flask-app
docker run --rm -v "$PWD/web:/target" derwentx/scanner-cli:latest

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code

[haohaolee]

Hi @derwent-m
Sorry I just found your PR, but I have already tried to fix this. Please take a look at the latest image and code to see if it works for you

[derwent-m]

Hi @derwent-m
Sorry I just found your PR, but I have already tried to fix this. Please take a look at the latest image and code to see if it works for you

The latest image doesn't work unfortunately.

Steps attempted to reproduce:

git clone https://github.com/ThoughtWorksInc/AS101-4-workshop.git
cd AS101-4-workshop
docker run --rm -v "$PWD/web:/target" hawkeyesec/scanner-cli:latest

Image downloaded:

Digest: sha256:6b3cfc584f1e34d065817ea2f8c5bf92b7247ce4e9d52912e60e41311d0b0ec9
Status: Downloaded newer image for hawkeyesec/scanner-cli:latest

Error still shows:

[error] python-safety returned an error! Unexpected end of JSON input