mem0 icon indicating copy to clipboard operation
mem0 copied to clipboard
verified publisher icon mem0ai

CI Pipeline Failing with Dependency Resolution Error

Open ron-42 opened this issue 2 months ago • 0 comments

Issue Description

The CI pipeline is consistently failing during the dependency installation step with a resolution-too-deep error. This affects all PRs and prevents successful CI runs.

Error Details

Error Message:

error: resolution-too-deep

× Dependency resolution exceeded maximum depth
╰─> Pip cannot resolve the current dependencies as the dependency graph is too complex for pip to solve efficiently.

hint: Try adding lower bounds to constrain your dependencies, for example: 'package>=2.0.0' instead of just 'package'.

Link: https://pip.pypa.io/en/stable/topics/dependency-resolution/#handling-resolution-too-deep-errors
Error: Process completed with exit code 1.

Affected CI Run: https://github.com/mem0ai/mem0/actions/runs/18752888397/job/53497122676

Root Cause

The dependency specifications in pyproject.toml are too loose, causing pip's dependency resolver to explore an excessive number of version combinations:

  1. langchain-community>=0.0.0 - Allows ANY version from 0.0.0 onwards (hundreds of versions to try)
  2. langchain-memgraph>=0.1.0 - Too loose, depends on heavy packages like deepeval>=3.5.2 and torch>=2.8.0
  3. litellm>=1.74.0 - No upper bound, many versions to explore
  4. Other packages without upper bounds - Creating complex transitive dependencies

During resolution, pip tried exploring:

  • Multiple versions of langchain-community (0.0.1 through 0.4.x)
  • Multiple versions of langchain-memgraph (0.1.0 through 0.1.9)
  • Multiple versions of grpcio, grpcio-tools, grpcio-health-checking, grpcio-status
  • Various combinations of marshmallow, jinja2, importlib-metadata, and many others

Eventually hitting the complexity limit after trying hundreds of combinations.

Impact

  • ✗ All CI builds fail during dependency installation
  • ✗ Cannot verify code quality through automated tests
  • ✗ Blocks PR merges that require passing CI
  • ✗ Affects contributor experience

Proposed Solution

Add upper bound version constraints to dependencies in pyproject.toml to limit the search space:

Changes Required

[project.optional-dependencies]
graph = [
    "langchain-neo4j>=0.4.0,<1.0.0",
    "langchain-aws>=0.2.23,<1.0.0",
    "langchain-memgraph>=0.1.0,<1.0.0",
    "neo4j>=5.23.1,<6.0.0",
    "rank-bm25>=0.2.2",
    "kuzu>=0.11.0",
]

llms = [
    "groq>=0.3.0",
    "together>=0.2.10",
    "litellm>=1.74.0,<2.0.0",        # Add upper bound
    "openai>=1.90.0",
    "ollama>=0.1.0",
    "vertexai>=0.1.0",
    "google-generativeai>=0.3.0,<1.0.0",  # Add upper bound
    "google-genai>=1.0.0,<2.0.0",         # Add upper bound
]

extras = [
    "boto3>=1.34.0",
    "langchain-community>=0.3.0,<1.0.0",     # Change from >=0.0.0
    "sentence-transformers>=5.0.0,<6.0.0",   # Add upper bound
    "elasticsearch>=8.0.0,<9.0.0",
    "opensearch-py>=2.0.0,<4.0.0",           # Add upper bound
    "fastembed>=0.3.1,<1.0.0",               # Add upper bound
]

vector_stores = [
    # ... existing entries with upper bounds where missing
    "langchain-aws>=0.2.23,<1.0.0",
]

Key Changes

  1. langchain-community>=0.0.0>=0.3.0,<1.0.0

    • Eliminates hundreds of old version combinations
    • Uses recent stable versions

  2. Add <1.0.0 or <2.0.0 upper bounds to packages without them:

    • litellm>=1.74.0,<2.0.0
    • google-generativeai>=0.3.0,<1.0.0
    • google-genai>=1.0.0,<2.0.0
    • sentence-transformers>=5.0.0,<6.0.0
    • opensearch-py>=2.0.0,<4.0.0
    • fastembed>=0.3.1,<1.0.0

  3. Graph dependencies - Add upper bounds to langchain packages

Benefits

✓ Faster dependency resolution (seconds instead of minutes/timeout) ✓ More predictable builds ✓ Prevents accidental upgrades to incompatible major versions ✓ Follows semantic versioning best practices ✓ Fixes CI pipeline immediately

Testing

After applying the fix, test locally:

# Create fresh virtual environment
python -m venv test_env
source test_env/bin/activate  # or `test_env\Scripts\activate` on Windows

# Install with all extras
pip install -e ".[test,graph,vector_stores,llms,extras]"

# Should complete successfully without resolution errors

Alternative Solutions

If the above doesn't fully resolve the issue, consider:

  1. Separate optional dependencies further - Split graph into graph_neo4j, graph_memgraph, etc.
  2. Pin known-working versions - Use exact versions that are tested together
  3. Use constraints file - Create constraints.txt with tested version combinations

References

Related Issues

This is blocking:

  • All new PRs requiring CI validation
  • Feature development
  • Bug fixes

Environment

  • Python: 3.12.11
  • pip: 25.2
  • Platform: GitHub Actions (ubuntu-latest)
  • Affected extras: test,graph,vector_stores,llms,extras

Priority: High - Blocks all CI runs Type: Bug - Infrastructure Labels: ci, dependencies, bug, high-priority

ron-42 avatar Oct 23 '25 18:10 ron-42