Fix requirements.txt conflicts and regenerate poetry.lock to sync with pyproject.toml

[mithun50]

Closes #120

📝 Description

This PR addresses the following issues:

Resolved dependency conflicts in requirements.txt to ensure compatibility with the overall project.

Regenerated poetry.lock using poetry lock to reflect the updated dependencies in pyproject.toml.

Ensures all environments (Poetry + pip-based) are consistent and reproducible.

🔧 Changes Made

Fixed dependency conflicts in requirements.txt:

Manually resolved version mismatches or incompatible packages.

Cleaned up or reordered lines (if applicable) for clarity.

Regenerated poetry.lock file:

Ran poetry lock to sync the lockfile with the current pyproject.toml.

Ensures reproducible installs and proper resolution of transitive dependencies.

Verified consistency between:

pyproject.toml

poetry.lock

Ensured no unintended version upgrades/downgrades by reviewing diffs in poetry.lock.

✅ Checklist

• I have read the contributing guidelines.
• I have added tests that prove my fix is effective or that my feature works.
• I have added necessary documentation (if applicable).
• Any dependent changes have been merged and published in downstream modules.

Summary by CodeRabbit

• Chores

  • Updated several backend dependency version constraints for improved compatibility and consistency.
  • Normalized formatting in the dependency list.

• Documentation

  • Updated the installation guide to include an additional step for refreshing the dependency lock file before installation.

[coderabbitai]

Walkthrough

The pull request updates the backend/requirements.txt by adjusting version constraints for several dependencies, notably the protobuf and opentelemetry packages, to resolve version conflicts. Additionally, the installation guide (docs/INSTALL_GUIDE.md) is updated to include a poetry lock --no-update step, ensuring the lock file is consistent before dependency installation.

Changes

Cohort / File(s)	Change Summary
Dependency Version Adjustments backend/requirements.txt	Updated version constraints for multiple packages, especially protobuf and opentelemetry related packages, to resolve conflicts and normalize formatting. No packages added or removed.
Documentation Update docs/INSTALL_GUIDE.md	Added a poetry lock --no-update command to the installation steps to ensure the lock file is refreshed before installing dependencies.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Poetry
    participant System

    User->>Poetry: poetry env use 3.10
    User->>Poetry: poetry lock --no-update
    Poetry->>System: Generate/refresh poetry.lock without updating dependencies
    User->>Poetry: poetry install --with dev
    Poetry->>System: Install dependencies as per poetry.lock

Loading

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Resolve dependency conflict with protobuf in requirements.txt (#120)	✅
Ensure poetry.lock is synced with pyproject.toml and installation instructions are updated (#120)	✅

Assessment against linked issues: Out-of-scope changes

No out-of-scope changes detected.

Poem

A bunny hopped through lines of code,
Adjusting versions on its road.
Protobuf tamed, the lock file neat,
Now installs are smooth and sweet!
With every hop, dependencies align—
This rabbit’s work is simply divine.
🐇✨

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8bbf33c and 1d59e63.

📒 Files selected for processing (1)

• backend/requirements.txt (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• backend/requirements.txt

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[mithun50]

@smokeyScraper review required

[mithun50]

#121

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

docs/INSTALL_GUIDE.md (1)

32-37: poetry lock --no-update may be redundant / brittle for first-time clones

Poetry automatically creates a lock file on poetry install when none exists. For contributors who clone after the lock was committed, running poetry lock --no-update adds an extra minute with no benefit and will fail if the lock and pyproject.toml diverge.
Consider moving the command to a “Troubleshooting” section or prefixing with a note:

Run this only if you edited pyproject.toml and need to regenerate the lock without refreshing versions.

Small UX win for newcomers.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a1159d7 and 8bbf33c.

⛔ Files ignored due to path filters (1)

• poetry.lock is excluded by !**/*.lock

📒 Files selected for processing (2)

• backend/requirements.txt (1 hunks)
• docs/INSTALL_GUIDE.md (1 hunks)

🔇 Additional comments (2)

backend/requirements.txt (2)

126-136: Inconsistent OpenTelemetry versioning – risk of subtle runtime breaks

opentelemetry-api/sdk==1.22.0 pairs with opentelemetry-proto==1.22.0, but the file currently allows any <1.31.0. If PyPI happens to resolve to 1.30.x you’ll run an unsupported matrix (API 1.22 ↔ Proto 1.30). Pin proto to the same minor:

-opentelemetry-proto<1.31.0
+opentelemetry-proto==1.22.0

Same principle applies whenever we curate cross-cutting OTEL deps.

Also applies to: 133-134

---

181-182: Verify requests==2.32.4 vs security advisories

2.32.4 is only hours old; double-check no CVEs were published post-release before we lock it in.

[smokeyScraper]

Hey @mithun50, have you tried instantiating the system using these dependencies?

[mithun50]

Yes! but the packages in requirement.txt is too old and can't be resolvable. My Suggestion is the requirements.txt is not used in any installation process so we can remove this

…

On Sun, Aug 10, 2025, 8:14 PM Kartik Bhatt ***@***.***> wrote: *smokeyScraper* left a comment (AOSSIE-Org/Devr.AI#122) <#122 (comment)> Hey @mithun50 <https://github.com/mithun50>, have you tried instantiating the system using these dependencies? — Reply to this email directly, view it on GitHub <#122 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AXTP5BMUXX5F27KJ3EPYNAD3M5LEFAVCNFSM6AAAAACDH4REPGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTCNZSGY4DENZWHA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[smokeyScraper]

Merged!!!
Cheers @mithun50

Thanks a lot for your contribution :)