Skip to content

Fix sqlite #505

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
moshemorad wants to merge 3 commits into from
Closed

Fix sqlite #505

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8adf66f
Enforcer version 0.3.5
moshemorad Nov 24, 2025
7df64d8
Update requirements
moshemorad Nov 24, 2025
91268d6
Enforcer - fix sql dependency
moshemorad Feb 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion enforcer/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ ENV PATH="/app/venv/bin:$PATH"

# Patching CVE-2025-6965
RUN apk update && apk add --no-cache --upgrade \
sqlite-libs=3.49.2-r1 sqlite=3.49.2-r1
sqlite-libs=3.51.2-r0 sqlite=3.51.2-r0

# Set the working directory
WORKDIR /app/enforcer
Expand Down
2 changes: 1 addition & 1 deletion enforcer/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
fastapi==0.115.12
fastapi==0.121.3
Copy link

@coderabbitai coderabbitai bot Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

find . -name "requirements.txt" -type f | head -20

Repository: robusta-dev/krr

Length of output: 105

🌐 Web query:

FastAPI 0.121.3 release notes breaking changes

💡 Result:

FastAPI 0.121.3 does not list any “Breaking Changes” in the official release notes (it’s a refactor/upgrade/docs patch release). The changes recorded are:

  • Refactor: make the result of Depends() and Security() hashable (workaround for other tools interacting with internals). [1]
  • Dependency upgrade constraint: bump Starlette requirement to <0.51.0 (so environments using Starlette >=0.51.0 may hit a version-resolution conflict when upgrading FastAPI). [1]
  • Docs-only updates (missing hash in docs, typos, FastAPI Cloud docs). [1]

Sources: [1]

🏁 Script executed:

cat enforcer/requirements.txt

Repository: robusta-dev/krr

Length of output: 198

🌐 Web query:

uvicorn 0.27.1 Starlette version dependency

💡 Result:

uvicorn==0.27.1 has no dependency on Starlette (no starlette version constraint at all). Its core dependencies are click>=7.0, h11>=0.8, and typing-extensions>=4.0 (only for Python < 3.11). The optional standard extra adds packages like httptools, uvloop, watchfiles, and websockets, but still not Starlette. [1]

Starlette is an ASGI framework that you run on an ASGI server like Uvicorn, but it’s not required by Uvicorn itself. [2]

Sources: [1] [2]

🌐 Web query:

FastAPI 0.121.3 pydantic 2.6.1 compatibility

💡 Result:

FastAPI 0.121.3 is compatible with Pydantic 2.6.1.

  • FastAPI 0.121.3 declares pydantic>=1.7.4,<3.0.0 with exclusions for a few older/early releases (e.g. !=2.0.0, !=2.1.0), and Pydantic 2.6.1 is not excluded, so it satisfies FastAPI’s declared requirement. [1]
  • FastAPI’s docs also state that newer Pydantic versions are tested for compatibility with FastAPI. [2]

Note: there was at least one reported behavior change/bug around datetime parsing in path params after upgrading to Pydantic 2.6 in FastAPI apps; if you rely on strict datetime path validation, run your test suite carefully. [3]

Sources: [1] [2] [3]

Test datetime path parameter validation with Pydantic 2.6.1.

FastAPI 0.121.3 is compatible with your pinned Pydantic 2.6.1 and Uvicorn 0.27.1 (no breaking changes). However, Pydantic 2.6 introduced a behavior change in datetime parsing for path parameters. If your code relies on datetime path validation, run tests to confirm the behavior matches your expectations.

🤖 Prompt for AI Agents 
In `@enforcer/requirements.txt` at line 1, The pinned FastAPI dependency
(fastapi==0.121.3) is compatible with Pydantic 2.6.1 but Pydantic 2.6 changed
datetime path parameter parsing; run the test suite that covers any route
handlers taking datetime path params and validate behavior, then if tests fail
update the route parameter handling to explicitly parse/validate datetimes
(e.g., convert from str using datetime.fromisoformat or use pydantic.BaseModel
request validation) in the affected endpoint functions or add explicit type
conversion middleware; search for handlers that accept datetime/path parameters
(routes or functions that declare parameter type datetime) and adjust them to
normalize input or add tests asserting the expected parsing behavior.

uvicorn==0.27.1
pydantic==2.6.1
supabase==2.5
Expand Down
4 changes: 2 additions & 2 deletions helm/krr-enforcer/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@ name: krr-enforcer
description: KRR enforcer - auto apply KRR recommendations
type: application

version: 0.3.4
appVersion: 0.3.4
version: 0.3.5
appVersion: 0.3.5
2 changes: 1 addition & 1 deletion helm/krr-enforcer/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ certJob:
image:
repository: us-central1-docker.pkg.dev/genuine-flight-317411/devel
name: krr-enforcer
tag: 0.3.4
tag: 0.3.5
imagePullPolicy: IfNotPresent
resources:
requests:
Expand Down