quant/galaxis-po
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
galaxis-po/docs/plans/2026-02-07-dependency-upgrade-design.md
zephyrdark 642514b227 chore: upgrade dependencies to latest compatible versions 
- Node.js: 22 → 24 (Active LTS)
- PostgreSQL: 15 → 18
- FastAPI: 0.115.6 → 0.128.2
- Uvicorn: 0.34.0 → 0.40.0
- SQLAlchemy: 2.0.36 → 2.0.46
- Alembic: 1.14.0 → 1.18.3
- Pydantic: 2.10.4 → 2.12.5
- pandas: 2.2.3 → 2.3.3
- pykrx: 1.0.45 → 1.2.3
- React: 19.2.3 → 19.2.4

Breaking changes:
- Migrate from python-jose to PyJWT for JWT handling
- numpy downgraded to 1.26.4 for pykrx compatibility

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-07 11:12:16 +09:00

115 lines
3.2 KiB
Markdown
Raw Blame History

# Dependency Upgrade Design
## Overview
프로젝트의 모든 종속성을 최신 LTS/Stable 버전으로 업그레이드합니다.
## Runtime Environment
| Component | Before | After | Note |
|-----------|--------|-------|------|
| Node.js | 22-alpine | 24-alpine | Active LTS |
| Python | 3.12-slim | 3.12-slim | 유지 (pykrx numpy 호환성) |
| PostgreSQL | 15-alpine | 18-alpine | 5년 지원 |
## Backend Python Packages
### Core Framework
| Package | Before | After |
|---------|--------|-------|
| fastapi | 0.115.6 | 0.128.2 |
| uvicorn[standard] | 0.34.0 | 0.40.0 |
| sqlalchemy | 2.0.36 | 2.0.46 |
| alembic | 1.14.0 | 1.18.3 |
| pydantic[email] | 2.10.4 | 2.12.5 |
| pydantic-settings | 2.7.1 | 2.12.0 |
### Authentication (Breaking Change)
| Package | Before | After | Note |
|---------|--------|-------|------|
| python-jose[cryptography] | 3.3.0 | REMOVED | Deprecated |
| PyJWT[crypto] | - | 2.11.0 | Replacement |
| passlib[bcrypt] | 1.7.4 | 1.7.4 | 유지 |
| bcrypt | 4.0.1 | 4.2.1 | |
### Data Processing
| Package | Before | After | Note |
|---------|--------|-------|------|
| pandas | 2.2.3 | 2.3.3 | 2.x 최신 |
| numpy | 2.2.1 | 1.26.4 | pykrx 호환성 |
| pykrx | 1.0.45 | 1.2.3 | |
### HTTP & Parsing
| Package | Before | After |
|---------|--------|-------|
| httpx | 0.28.1 | 0.28.1 |
| requests | 2.32.3 | 2.32.5 |
| beautifulsoup4 | 4.12.3 | 4.14.3 |
| lxml | 5.3.0 | 6.0.2 |
### Other
| Package | Before | After |
|---------|--------|-------|
| python-multipart | 0.0.20 | 0.0.22 |
| apscheduler | 3.10.4 | 3.11.2 |
### Dev Dependencies
| Package | Before | After |
|---------|--------|-------|
| pytest | 8.3.4 | 8.3.4 |
| pytest-asyncio | 0.25.2 | 1.1.0 |
## Frontend Node.js Packages
### Dependencies
| Package | Before | After |
|---------|--------|-------|
| next | 16.1.6 | 16.1.6 |
| react | 19.2.3 | 19.2.4 |
| react-dom | 19.2.3 | 19.2.4 |
### DevDependencies
| Package | Before | After |
|---------|--------|-------|
| @types/node | ^20 | ^22 |
## Files Modified
1. `backend/Dockerfile` - Python version (unchanged)
2. `frontend/Dockerfile` - Node.js 22 → 24
3. `docker-compose.yml` - PostgreSQL 15 → 18
4. `docker-compose.prod.yml` - PostgreSQL 15 → 18
5. `backend/pyproject.toml` - Python packages
6. `backend/requirements.txt` - Python packages
7. `frontend/package.json` - Node.js packages
8. `backend/app/core/security.py` - JWT code migration
## Migration Notes
### python-jose → PyJWT
```python
# Before
from jose import jwt, JWTError
token = jwt.encode(payload, secret, algorithm="HS256")
decoded = jwt.decode(token, secret, algorithms=["HS256"])
# After
import jwt
from jwt.exceptions import PyJWTError
token = jwt.encode(payload, secret, algorithm="HS256")
decoded = jwt.decode(token, secret, algorithms=["HS256"])
```
### Constraints
- **pykrx**: requires numpy<2.0, limiting numpy to 1.26.4
- **pytest-asyncio**: requires pytest<9, limiting pytest to 8.x
## References
- [Node.js Releases](https://nodejs.org/en/about/previous-releases)
- [PostgreSQL Versioning](https://www.postgresql.org/support/versioning/)
- [FastAPI PyJWT Migration](https://fastapi.tiangolo.com/tutorial/security/oauth2-jwt/)
- [PyJWT Documentation](https://pyjwt.readthedocs.io/)
Reference in New Issue View Git Blame Copy Permalink