Checkov uses deprecated object from the packaging module

[Roming22]

Describe the issue
Running checkov 2.2.124 fails on startup with ImportError: cannot import name 'LegacyVersion' from 'packaging.version' (/usr/local/lib/python3.11/site-packages/packaging/version.py)

The root cause is that LegacyVersion has recently been deprecated.

Examples

# Reproduce the issue
FROM quay.io/podman/stable:v4.3.0
RUN set -x \
    # Install dependencies
    && dnf install -y \
        gcc-c++-12.2.1 \
        python3-devel-3.11.0 \
        python3-pip-22.2.2 \
    && dnf clean all
RUN set -x \
    # Install checkov
    && pip3 install --no-cache-dir checkov=="2.2.124" \
    # Test checkov
    && checkov --version

Exception Trace

checkov --version
Traceback (most recent call last):
  File "/usr/local/bin/checkov", line 2, in <module>
    from checkov.main import run
  File "/usr/local/lib/python3.11/site-packages/checkov/main.py", line 20, in <module>
    from checkov.argo_workflows.runner import Runner as argo_workflows_runner
  File "/usr/local/lib/python3.11/site-packages/checkov/argo_workflows/runner.py", line 7, in <module>
    from checkov.common.images.image_referencer import ImageReferencer, Image
  File "/usr/local/lib/python3.11/site-packages/checkov/common/images/image_referencer.py", line 12, in <module>
    from checkov.common.bridgecrew.vulnerability_scanning.image_scanner import image_scanner
  File "/usr/local/lib/python3.11/site-packages/checkov/common/bridgecrew/vulnerability_scanning/image_scanner.py", line 15, in <module>
    from checkov.common.bridgecrew.vulnerability_scanning.integrations.docker_image_scanning import \
  File "/usr/local/lib/python3.11/site-packages/checkov/common/bridgecrew/vulnerability_scanning/integrations/docker_image_scanning.py", line 8, in <module>
    from checkov.common.bridgecrew.vulnerability_scanning.integrations.twistcli import TwistcliIntegration
  File "/usr/local/lib/python3.11/site-packages/checkov/common/bridgecrew/vulnerability_scanning/integrations/twistcli.py", line 11, in <module>
    from checkov.common.bridgecrew.platform_integration import bc_integration
  File "/usr/local/lib/python3.11/site-packages/checkov/common/bridgecrew/platform_integration.py", line 31, in <module>
    from checkov.common.bridgecrew.wrapper import reduce_scan_reports, persist_checks_results, \
  File "/usr/local/lib/python3.11/site-packages/checkov/common/bridgecrew/wrapper.py", line 14, in <module>
    from checkov.common.util.json_utils import CustomJSONEncoder
  File "/usr/local/lib/python3.11/site-packages/checkov/common/util/json_utils.py", line 6, in <module>
    from packaging.version import LegacyVersion, Version
ImportError: cannot import name 'LegacyVersion' from 'packaging.version' (/usr/local/lib/python3.11/site-packages/packaging/version.py)

Desktop (please complete the following information):

• OS: Fedora37
• Checkov Version: 2.2.124

Additional context
N/A

[JonZeolla]

I am also hitting this issue in my tests.

https://github.com/SeisoLLC/easy_infra/actions/runs/3650250973/jobs/6170713653

[nimrodkor]

This is a duplicate of #4011 , and was resolved in #4012 and released as version 2.2.125

[tspearconquest]

Hi, I'm getting this suddenly on MacOS Ventura as of this morning, and a colleague started seeing the issue last night.

Checkov was working fine yesterday before the evening, and I have not run pip or homebrew in a while on my Mac, so I tried to uninstall checkov and reinstall it.

Uninstalling /usr/local/Cellar/checkov/2.2.105... (6,885 files, 155MB)
...
==> Downloading https://ghcr.io/v2/homebrew/core/checkov/manifests/2.2.315

Yet I still get this issue. What can be the cause?

Please reopen this issue.

[tspearconquest]

Nevermind. I found the problem. If you use the checkov pre-commit hook, you need to update the hook version itself higher than 2.2.125:

- repo: https://github.com/bridgecrewio/checkov
  rev: '2.2.135'
  hooks:
  - id: checkov

Mine was on rev: 2.1.98