some non-PEP440 version constraints for GHSA python packages in grype-db

Hello, 
I'm facing the same issue with grype 0.83.0
`[0222] ERROR failed to inflate vulnerability record (by language): failed to parse constraint='>=1.7.0,<1.9.0ubuntu1.2' format='Python': unable to parse pep440 constrain phrase failed to create comparator for '&{< 1.9.0ubuntu1.2}': unable to parse`

_Originally posted by @de4Ru in https://github.com/anchore/grype/issues/2195#issuecomment-2450307509_

edit: here's an example of the records that can't be inflated:

``` sql
SELECT 
    id, namespace, version_constraint 
FROM vulnerability 
WHERE
     version_constraint like "%0ubuntu1%" and namespace like "%python%";'
```
against a current grype db produces:

id|namespace|version_constraint
----|------|--------
GHSA-pj65-3pf6-c5q4|github:language:python|>=1.7.0,<1.9.0ubuntu1.2
GHSA-rp8m-h266-53jh|github:language:python|>=1.7.0,<1.9.0ubuntu1.2
            

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

some non-PEP440 version constraints for GHSA python packages in grype-db #2229

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

id	namespace	version_constraint
GHSA-pj65-3pf6-c5q4	github:language:python	>=1.7.0,<1.9.0ubuntu1.2
GHSA-rp8m-h266-53jh	github:language:python	>=1.7.0,<1.9.0ubuntu1.2

some non-PEP440 version constraints for GHSA python packages in grype-db #2229

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions