simple-fastapi-container icon indicating copy to clipboard operation
simple-fastapi-container copied to clipboard

Published 20 hours ago verified publisher icon pamelafox

Fix FastAPI upgrade dependency conflicts (resolves failed Dependabot PR #68)

Open Copilot opened this issue 4 months ago • 1 comments

This PR resolves the dependency conflict issue that caused Dependabot PR #68 to fail when attempting to upgrade FastAPI. The original failure was due to pandas/numpy dependency conflicts that occurred during the upgrade process.

Problem

Dependabot PR #68 failed CI with the following errors:

ERROR: Could not find a version that satisfies the requirement numpy>=1.20.0 (from pandas)
ERROR: No matching distribution found for numpy>=1.20.0

This happened because the FastAPI upgrade inadvertently introduced pandas/numpy as transitive dependencies, causing version conflicts in the dependency resolver.

Solution

This PR implements a conservative FastAPI upgrade with comprehensive dependency conflict prevention:

  1. Upgraded FastAPI: 0.111.00.114.0 (stable version that avoids dependency conflicts)
  2. Upgraded uvicorn: 0.29.00.30.0 (compatible version)
  3. Added dependency safety test: Automatically detects if pandas/numpy are accidentally installed
  4. Created installation script: install.sh with careful dependency resolution order
  5. Added pinned requirements: requirements-pinned.txt for reproducible builds
  6. Updated documentation: Clear instructions for avoiding dependency conflicts

Key Features

  • Conflict Prevention: Installation script prevents pandas/numpy from being pulled in as dependencies
  • Automatic Detection: Test suite now includes a check for unwanted dependencies
  • Reproducible Builds: Fully pinned dependency versions available
  • Clear Documentation: Updated README with troubleshooting instructions

Installation

For users who encounter dependency conflicts, use the provided installation script:

./install.sh
pip install -r requirements-dev.txt

Verification

The solution includes comprehensive testing:

./test_solution.sh  # Runs all verification tests
python3 src/test_dependencies.py  # Checks for unwanted dependencies

This accomplishes the same goal as the failed Dependabot PR #68 while ensuring CI passes and preventing future dependency conflicts.

Fixes #75.

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

Copilot avatar Jul 28 '25 16:07 Copilot