Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update FastAPI version constraint #1954

Merged
merged 1 commit into from
Nov 12, 2024
Merged

Update FastAPI version constraint #1954

merged 1 commit into from
Nov 12, 2024

Conversation

sergioave
Copy link
Contributor

Adjusted the version range for FastAPI in pyproject.toml to "<0.116.0" to ensure compatibility with future releases. Updated the content hash in poetry.lock to reflect this change.

@sergioave
Update FastAPI version constraint
a943ab7 
Adjusted the version range for FastAPI in pyproject.toml to "<0.116.0" to ensure compatibility with future releases. Updated the content hash in poetry.lock to reflect this change.
@CLAassistant
Copy link

CLAassistant commented Nov 12, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

@sergioave
Copy link
Contributor Author

Pull Request

Description

The highest version of fastapi has been restricted to 115.2 in the pyproject.toml, it is not allowed to upload at least the patch version

Changes Made

We updated the constraint of the fastapi version in the toml to any version below 0.116.0
fastapi = ">=0.88.0,!=0.89.0,<0.116.0"

Related Issues

fixes #1953

Screenshots (if applicable)

N/A

Checklist

  • Code follows the project's style guidelines
  • All tests related to the changes pass successfully
  • Documentation is updated (if necessary)
  • Code is reviewed by at least one other team member
  • Any breaking changes are communicated and documented

Additional Notes

sakoush
sakoush approved these changes Nov 12, 2024
View reviewed changes
Copy link
Member

@sakoush sakoush left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for your contribution @sergioave

I have started the CI, once it is green will merge.

@sakoush sakoush merged commit c5cc74a into SeldonIO:master Nov 12, 2024
26 checks passed
@agjendem
Copy link

This upgrade would also indirectly resolve a security issue reported by Dependabot with Starlette < 0.40.0, that is a dependency of FastAPI. (https://nvd.nist.gov/vuln/detail/CVE-2024-47874)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sakoush sakoush sakoush approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sergioave @CLAassistant @agjendem @sakoush