aquasecurity · DmitriyLewen · Oct 13, 2025 · Oct 8, 2025 · Oct 9, 2025 · Oct 9, 2025
@@ -43,7 +43,9 @@ func (p *Parser) splitLine(line string) []string {
 	}
 	for _, sep := range separators {
 		if result := strings.Split(line, sep); len(result) == 2 {
-			return result
+			// Trim the end-of-range suffix. ">=2.31.0,<3" becomes ">=2.31.0"
+			version := strings.Split(result[1], ",")[0]
+			return []string{result[0], version}
 		}
 	}
 	return nil

diff --git a/pkg/dependency/parser/python/pip/parse_test.go b/pkg/dependency/parser/python/pip/parse_test.go
@@ -73,6 +73,11 @@ func TestParse(t *testing.T) {
 			useMinVersion: true,
 			want:          requirementsCompatibleVersions,
 		},
+		{
+			name:     "comma-separated version ranges",
+			filePath: "testdata/requirements_comma_ranges.txt",
+			want:     requirementsCommaRanges,
+		},
 	}
 
 	for _, tt := range tests {

diff --git a/pkg/dependency/parser/python/pip/parse_testcase.go b/pkg/dependency/parser/python/pip/parse_testcase.go
@@ -301,4 +301,17 @@ var (
 			},
 		},
 	}
+
+	requirementsCommaRanges = []ftypes.Package{
+		{
+			Name:    "requests",
+			Version: "2.31.0",
+			Locations: []ftypes.Location{
+				{
+					StartLine: 1,
+					EndLine:   1,
+				},
+			},
+		},
+	}
 )
diff --git a/pkg/dependency/parser/python/pip/testdata/requirements_comma_ranges.txt b/pkg/dependency/parser/python/pip/testdata/requirements_comma_ranges.txt
@@ -0,0 +1 @@
+requests>=2.31.0,<3
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		requests>=2.31.0,<3
raghur-orca marked this conversation as resolved. Outdated Show resolved Hide resolved