Skip to content

Pin dependency versions in requirements.txt#12

Open
deacon-mp wants to merge 1 commit into
mainfrom
fix/pin-dependency-versions
Open

Pin dependency versions in requirements.txt#12
deacon-mp wants to merge 1 commit into
mainfrom
fix/pin-dependency-versions

Conversation

@deacon-mp

Copy link
Copy Markdown
Collaborator

Summary

  • Pin dspy, mcp, and mlflow to compatible version ranges (>=current,<next_major) in requirements.txt
  • These are fast-moving libraries and unpinned dependencies risk unexpected breakage from upstream changes
  • Uses >=min,<next_major style pins to allow patch/minor updates while preventing breaking major version bumps

Test plan

  • Verify pip install -r requirements.txt resolves and installs compatible versions
  • Run existing tests to confirm no regressions with pinned versions

🤖 Generated with Claude Code

dspy, mcp, and mlflow are fast-moving libraries. Pinning to compatible
version ranges prevents unexpected breakage from upstream changes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@devjerry0

devjerry0 commented Mar 25, 2026

Copy link
Copy Markdown

y'all are using unpinned versions of mlflow and dspy which both have been affected by the litellm compromise, if I can help in any way let me know!
@deacon-mp @xFaraday

@github-actions

Copy link
Copy Markdown

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants