zephyrdark 642514b227 chore: upgrade dependencies to latest compatible versions

- Node.js: 22 → 24 (Active LTS)
- PostgreSQL: 15 → 18
- FastAPI: 0.115.6 → 0.128.2
- Uvicorn: 0.34.0 → 0.40.0
- SQLAlchemy: 2.0.36 → 2.0.46
- Alembic: 1.14.0 → 1.18.3
- Pydantic: 2.10.4 → 2.12.5
- pandas: 2.2.3 → 2.3.3
- pykrx: 1.0.45 → 1.2.3
- React: 19.2.3 → 19.2.4

Breaking changes:
- Migrate from python-jose to PyJWT for JWT handling
- numpy downgraded to 1.26.4 for pykrx compatibility

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-07 11:12:16 +09:00

3.2 KiB

Raw Blame History

Dependency Upgrade Design

Overview

프로젝트의 모든 종속성을 최신 LTS/Stable 버전으로 업그레이드합니다.

Runtime Environment

Component	Before	After	Note
Node.js	22-alpine	24-alpine	Active LTS
Python	3.12-slim	3.12-slim	유지 (pykrx numpy 호환성)
PostgreSQL	15-alpine	18-alpine	5년 지원

Backend Python Packages

Core Framework

Package	Before	After
fastapi	0.115.6	0.128.2
uvicorn[standard]	0.34.0	0.40.0
sqlalchemy	2.0.36	2.0.46
alembic	1.14.0	1.18.3
pydantic[email]	2.10.4	2.12.5
pydantic-settings	2.7.1	2.12.0

Authentication (Breaking Change)

Package	Before	After	Note
python-jose[cryptography]	3.3.0	REMOVED	Deprecated
PyJWT[crypto]	-	2.11.0	Replacement
passlib[bcrypt]	1.7.4	1.7.4	유지
bcrypt	4.0.1	4.2.1

Data Processing

Package	Before	After	Note
pandas	2.2.3	2.3.3	2.x 최신
numpy	2.2.1	1.26.4	pykrx 호환성
pykrx	1.0.45	1.2.3

HTTP & Parsing

Package	Before	After
httpx	0.28.1	0.28.1
requests	2.32.3	2.32.5
beautifulsoup4	4.12.3	4.14.3
lxml	5.3.0	6.0.2

Other

Package	Before	After
python-multipart	0.0.20	0.0.22
apscheduler	3.10.4	3.11.2

Dev Dependencies

Package	Before	After
pytest	8.3.4	8.3.4
pytest-asyncio	0.25.2	1.1.0

Frontend Node.js Packages

Dependencies

Package	Before	After
next	16.1.6	16.1.6
react	19.2.3	19.2.4
react-dom	19.2.3	19.2.4

DevDependencies

Package	Before	After
@types/node	^20	^22

Files Modified

backend/Dockerfile - Python version (unchanged)
frontend/Dockerfile - Node.js 22 → 24
docker-compose.yml - PostgreSQL 15 → 18
docker-compose.prod.yml - PostgreSQL 15 → 18
backend/pyproject.toml - Python packages
backend/requirements.txt - Python packages
frontend/package.json - Node.js packages
backend/app/core/security.py - JWT code migration

Migration Notes

python-jose → PyJWT

# Before
from jose import jwt, JWTError
token = jwt.encode(payload, secret, algorithm="HS256")
decoded = jwt.decode(token, secret, algorithms=["HS256"])

# After
import jwt
from jwt.exceptions import PyJWTError
token = jwt.encode(payload, secret, algorithm="HS256")
decoded = jwt.decode(token, secret, algorithms=["HS256"])

Constraints

pykrx: requires numpy<2.0, limiting numpy to 1.26.4
pytest-asyncio: requires pytest<9, limiting pytest to 8.x

3.2 KiB Raw Blame History

Dependency Upgrade Design

Overview

Runtime Environment

Backend Python Packages

Core Framework

Authentication (Breaking Change)

Data Processing

HTTP & Parsing

Other

Dev Dependencies

Frontend Node.js Packages

Dependencies

DevDependencies

Files Modified

Migration Notes

python-jose → PyJWT

Constraints

References

3.2 KiB

Raw Blame History