feat: upgrade to Python 3.12+ only support

[VirtualAgentics]

🐍 Python 3.12+ Only Support Upgrade

This PR upgrades the project to require Python 3.12+ only, removing support for Python 3.10 and 3.11.

🎯 Problem Solved

• CI Failures: Resolves numpy 2.3.4 compatibility issues with Python 3.10
• Dependency Conflicts: Fixes prompt-toolkit version conflicts in requirements-dev.txt
• Modern Python: Aligns with current Python ecosystem requirements

📋 Changes Made

CI Configuration

• ✅ Updated .github/workflows/ci.yml matrix to use Python 3.12 and 3.13 only
• ✅ Removed Python 3.10 and 3.11 from all CI jobs

Project Configuration

• ✅ Added requires-python = ">=3.12" to main pyproject.toml
• ✅ Updated Python client pyproject.toml to require Python >=3.12
• ✅ Updated Black/Ruff target versions to py312
• ✅ Updated Python version classifiers to 3.12 and 3.13 only

Documentation Updates

• ✅ Updated README.md Python version badge
• ✅ Updated all documentation files to reflect Python 3.12+ requirement
• ✅ Updated development, deployment, and CI/CD documentation

Dependency Resolution

• ✅ Fixed prompt-toolkit version conflict (3.0.52 → 3.0.51)
• ✅ Regenerated requirements-dev.txt with pip-compile
• ✅ Resolved commitizen compatibility issues

🧪 Testing

• ✅ All tests pass locally with Python 3.12
• ✅ Dependency conflicts resolved
• ✅ Pre-commit hooks pass
• ✅ Pip audit passes

⚠️ Breaking Change

Python 3.10 and 3.11 are no longer supported. Users must upgrade to Python 3.12 or later.

🚀 Benefits

• Faster CI: Reduced matrix builds (2 versions vs 3)
• Modern Dependencies: Access to latest package versions
• Reduced Complexity: Simpler dependency management
• Future-Proof: Aligns with Python ecosystem trends

📊 Python Lifecycle Context

• Python 3.10: Security support until October 4, 2026 (1 year left)
• Python 3.11: Security support until October 24, 2027 (2 years left)
• Python 3.12: Security support until October 31, 2028 (3 years left)

This change positions the project for long-term sustainability while resolving immediate CI issues.

Summary by CodeRabbit

• Chores
  • Bumped project version to 0.2.0 and raised minimum Python requirement to >=3.12.
  • Updated CI to run against Python 3.12 and 3.13.
  • Updated tooling targets for formatting/linting to Python 3.12.
  • Adjusted dev dependencies (several package version changes and one removal).

[coderabbitai]

📝 Walkthrough

Walkthrough

Python support updated from 3.10/3.11/3.12 to 3.12/3.13 across CI matrices, project metadata, formatting/lint tool targets, and development dependency adjustments; client package version bumped to 0.2.0 and minimum Python requirement raised to >=3.12.

Changes

Cohort / File(s)	Summary
CI workflow .github/workflows/ci.yml	CI Python matrix changed from ['3.10','3.11','3.12'] to ['3.12','3.13'] for lint and test jobs (no step/logic changes).
Client Python project metadata clients/python/pyproject.toml	Bumped project version 0.1.0 → 0.2.0; requires-python >=3.10 → >=3.12; updated classifiers to include 3.12/3.13 and remove 3.10/3.11; updated tool.black/tool.ruff targets py310 → py312.
Top-level project config pyproject.toml	Bumped project version 0.1.0 → 0.2.0; added requires-python = ">=3.12"; updated tool.black/tool.ruff target versions py310 → py312.
Development dependencies requirements-dev.txt	Downgraded cyclonedx-python-lib 11.3.0 → 9.1.0, prompt-toolkit 3.0.52 → 3.0.51, wrapt 2.0.0 → 1.17.3; removed mypy==1.18.2.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "feat: upgrade to Python 3.12+ only support" is fully related to the main change in the changeset. The title clearly and directly states the primary objective reflected across all modified files: upgrading the project to require Python 3.12+ while removing support for Python 3.10 and 3.11. This includes CI workflow updates, pyproject.toml configurations, version constraints, and Python classifiers. The title is specific, concise, and uses conventional commit format appropriately. A teammate scanning the commit history would immediately understand the core change without ambiguity.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/python-312-only-support

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f769074 and fc6babb.

📒 Files selected for processing (3)

• clients/python/pyproject.toml (3 hunks)
• pyproject.toml (2 hunks)
• requirements-dev.txt (3 hunks)

🧰 Additional context used

📓 Path-based instructions (8)

requirements*.txt

📄 CodeRabbit inference engine (.cursor/rules/cicd.mdc)

Use requirements*.txt in workflows as cache key inputs and installation sources; keep them present and up to date

Files:

• requirements-dev.txt

**/*

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

Avoid committing content matching common secret patterns (e.g., sk-..., AKIA..., ghp_..., password='...')

Files:

• requirements-dev.txt
• clients/python/pyproject.toml
• pyproject.toml

{pyproject.toml,requirements*.txt,Pipfile*,package*.json,pnpm-lock.yaml,uv.lock}

⚙️ CodeRabbit configuration file

{pyproject.toml,requirements*.txt,Pipfile*,package*.json,pnpm-lock.yaml,uv.lock}: Flag vulnerable or unpinned deps; suggest safer alternatives; check tool configs (ruff, mypy, pytest, coverage).

Files:

• requirements-dev.txt
• pyproject.toml

clients/python/**

📄 CodeRabbit inference engine (.cursor/rules/general.mdc)

Update Python client interfaces and examples to match API changes

Files:

• clients/python/pyproject.toml

---

⚙️ CodeRabbit configuration file

clients/python/**: Ensure session reuse, timeouts, and exception taxonomy maps cleanly for downstream users.
Check docstrings and typing for public functions; verify parity with OpenAPI.

Files:

• clients/python/pyproject.toml

**/pyproject.toml

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

Pin Python dependencies in pyproject.toml (exact versions, ideally with hashes)

Files:

• clients/python/pyproject.toml
• pyproject.toml

clients/**/*

📄 CodeRabbit inference engine (CONTRIBUTING.md)

clients/**/*: Client libraries should follow sound API client design patterns
Client libraries must implement error handling and retry logic where appropriate
Ensure type safety and clear interfaces in client libraries
Provide documentation and examples for client libraries
Maintain cross-platform compatibility in client libraries

Files:

• clients/python/pyproject.toml

pyproject.toml

📄 CodeRabbit inference engine (.cursor/rules/cicd.mdc)

Pin Python dependencies with exact versions (==) or constrained ranges in pyproject.toml, including dev extras

pyproject.toml: Configure ruff, mypy (strict), and black (line length 88, target py310) in pyproject.toml as specified
Bump project version in pyproject.toml for breaking changes

pyproject.toml: Ruff configuration must select: E,F,I,B,UP,C4,PIE,SIM,T20,ASYNC,S,RUF,S603,SIM115,RUF006; with specified per-file ignores
Enable mypy plugin pydantic.mypy and override tests.* disallow_untyped_defs=false

Files:

• pyproject.toml

{requirements.txt,pyproject.toml,**/*.{yaml,yml}}

📄 CodeRabbit inference engine (CONTRIBUTING.md)

{requirements.txt,pyproject.toml,**/*.{yaml,yml}}: Keep dependencies secure and appropriately versioned in configuration files
Follow configuration best practices in config files
Assess security implications of configuration changes
Ensure proper formatting and structure in configuration files

Files:

• pyproject.toml

🧠 Learnings (3)

📚 Learning: 2025-10-23T13:26:37.198Z

Learnt from: CR
PR: VirtualAgentics/ConextForge_memory#0
File: .cursor/rules/general.mdc:0-0
Timestamp: 2025-10-23T13:26:37.198Z
Learning: Applies to pyproject.toml : Bump project version in pyproject.toml for breaking changes

Applied to files:

• clients/python/pyproject.toml
• pyproject.toml

📚 Learning: 2025-10-23T13:26:37.198Z

Learnt from: CR
PR: VirtualAgentics/ConextForge_memory#0
File: .cursor/rules/general.mdc:0-0
Timestamp: 2025-10-23T13:26:37.198Z
Learning: Applies to pyproject.toml : Configure ruff, mypy (strict), and black (line length 88, target py310) in pyproject.toml as specified

Applied to files:

• clients/python/pyproject.toml
• pyproject.toml

📚 Learning: 2025-10-23T13:28:42.367Z

Learnt from: CR
PR: VirtualAgentics/ConextForge_memory#0
File: .cursor/rules/python.mdc:0-0
Timestamp: 2025-10-23T13:28:42.367Z
Learning: Applies to **/*.py : Follow PEP 8 with an 88-character line limit (ruff/black-enforced)

Applied to files:

• clients/python/pyproject.toml
• pyproject.toml

🔇 Additional comments (7)

requirements-dev.txt (2)

1-6: Pip-compile command line is now correct.

The autogenerated comment at line 5 correctly references --output-file=requirements-dev.txt (fixing the previous issue where it incorrectly referenced --output-file=requirements-dev-new.txt). File regeneration was done correctly.

---

35-35: Dependency downgrades verified—no security regressions detected.

All three downgraded packages (cyclonedx-python-lib 9.1.0, prompt-toolkit 3.0.51, wrapt 1.17.3) exist on PyPI, support Python 3.8+, and have no known CVEs. These versions remain compatible with Python 3.12 and appear intentional for resolving dependency conflicts during the migration. No action required.

pyproject.toml (2)

3-3: Version bump and Python 3.12+ migration correctly configured.

All breaking-change updates are in place:

• Version bumped to 0.2.0 (line 51) for dropping Python 3.10/3.11 support
• requires-python = ">=3.12" correctly set (line 53)
• Black target-version updated to py312 (line 3)
• Ruff target-version updated to py312 (line 7)

The migration aligns with the CI matrix changes (Python 3.12 and 3.13 only).

Also applies to: 7-7, 51-51, 53-53

---

21-30: Ruff configuration covers all required rule selections.

Line 22 correctly includes all mandated rule selectors: E, F, I, B, UP, C4, PIE, SIM, T20, ASYNC, S, RUF, S603, SIM115, RUF006. Per-file ignores for tests (allowing S101 assertions) are properly scoped.

clients/python/pyproject.toml (3)

7-7: Client library version and Python requirements updated for breaking change.

Version bumped to 0.2.0 (line 7) and requires-python = ">=3.12" enforced (line 10). Classifiers correctly reflect only Python 3.12 and 3.13 support; Python 3.10 and 3.11 removed (lines 16–26).

Also applies to: 10-10, 16-26

---

58-58: Tool configuration updated and ruff rules include client-specific ANN.

Black and Ruff target-versions both updated to py312 (lines 58, 63). Ruff lint rules include ANN (flake8-annotations, line 86) in addition to the core set, with ANN401 correctly ignored in __init__.py (line 92). This is appropriate for a public client library, ensuring better API documentation via type hints.

Also applies to: 63-63, 75-87

---

27-30: Dependency versions use ranges instead of exact pins (acceptable for a client library).

Unlike the root pyproject.toml which pins exact versions, the client dependencies use conservative upper-bound ranges (httpx>=0.25.0,<1.0, tenacity>=8.0.0,<10.0). This is a reasonable trade-off for a client library to allow patch-level updates while maintaining compatibility. Ensure these ranges remain stable across future releases.

Consider whether these ranges should be documented in a CHANGELOG or migration guide for downstream users consuming the client library.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

pyproject.toml (1)

1-91: Add mypy strict mode configuration.

Coding guidelines require mypy strict mode with pydantic plugin enabled. Add configuration after the ruff sections.

 [tool.flake8]
 max-line-length = 88

+[tool.mypy]
+strict = true
+plugins = ["pydantic.mypy"]
+
+[tool.mypy.overrides]
+module = "tests.*"
+disallow_untyped_defs = false
+
 [build-system]

clients/python/pyproject.toml (1)

56-104: Add mypy strict mode configuration to client library.

Same as root: mypy strict mode with pydantic plugin is required per coding guidelines.

 [tool.flake8]
 max-line-length = 88
+
+[tool.mypy]
+strict = true
+plugins = ["pydantic.mypy"]
+
+[tool.mypy.overrides]
+module = "tests.*"
+disallow_untyped_defs = false

requirements-dev.txt (1)

1-160: Add mypy to requirements-dev.in and recompile.

The root cause is that mypy is declared in both pyproject.toml files but missing from requirements-dev.in. Since pip-compile generates output only from entries in the source file, mypy won't appear in requirements-dev.txt until added to requirements-dev.in. Update requirements-dev.in to include mypy>=1.8.0 (to align with clients/python/pyproject.toml) and recompile with: pip-compile requirements-dev.in --output-file=requirements-dev.txt.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dc3d18b and f769074.

⛔ Files ignored due to path filters (6)

• README.md is excluded by !**/*.md and included by none
• clients/python/README.md is excluded by !**/*.md and included by clients/**
• docs/ci-cd.md is excluded by !docs/**, !**/*.md and included by none
• docs/deployment.md is excluded by !docs/**, !**/*.md and included by none
• docs/development.md is excluded by !docs/**, !**/*.md and included by none
• docs/renovate.md is excluded by !docs/**, !**/*.md and included by none

📒 Files selected for processing (4)

• .github/workflows/ci.yml (2 hunks)
• clients/python/pyproject.toml (3 hunks)
• pyproject.toml (2 hunks)
• requirements-dev.txt (4 hunks)

🧰 Additional context used

📓 Path-based instructions (11)

.github/workflows/**/*.y?(a)ml

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

Run regular dependency security audits (pip-audit, safety) in CI

Files:

• .github/workflows/ci.yml

.github/workflows/*.{yml,yaml}

📄 CodeRabbit inference engine (CONTRIBUTING.md)

Pin setuptools to < 81 in CI workflows until pkg_resources deprecation is resolved

Files:

• .github/workflows/ci.yml

.github/**/*

📄 CodeRabbit inference engine (CONTRIBUTING.md)

.github/**/*: CI/CD workflows must follow least-privilege and restricted-policy IaC security practices
Use safe defaults in CI/CD (no hard-coded secrets, pinned images, versioned modules)
Follow container best practices in CI (non-root, slim images, healthchecks)
Restrict network exposure and ports in CI/CD
Apply Kubernetes/Helm best practices in CI/CD (resource limits, probes, RBAC)

Files:

• .github/workflows/ci.yml

---

⚙️ CodeRabbit configuration file

.github/**/*: Verify least-privilege permissions, pinned actions SHAs, secret usage, concurrency/cancellation,
and fast-fail patterns. Suggest caching and matrix splits where build times benefit.

Files:

• .github/workflows/ci.yml

clients/python/**

📄 CodeRabbit inference engine (.cursor/rules/general.mdc)

Update Python client interfaces and examples to match API changes

Files:

• clients/python/pyproject.toml

---

⚙️ CodeRabbit configuration file

clients/python/**: Ensure session reuse, timeouts, and exception taxonomy maps cleanly for downstream users.
Check docstrings and typing for public functions; verify parity with OpenAPI.

Files:

• clients/python/pyproject.toml

**/pyproject.toml

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

Pin Python dependencies in pyproject.toml (exact versions, ideally with hashes)

Files:

• clients/python/pyproject.toml
• pyproject.toml

**/*

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

Avoid committing content matching common secret patterns (e.g., sk-..., AKIA..., ghp_..., password='...')

Files:

• clients/python/pyproject.toml
• requirements-dev.txt
• pyproject.toml

clients/**/*

📄 CodeRabbit inference engine (CONTRIBUTING.md)

clients/**/*: Client libraries should follow sound API client design patterns
Client libraries must implement error handling and retry logic where appropriate
Ensure type safety and clear interfaces in client libraries
Provide documentation and examples for client libraries
Maintain cross-platform compatibility in client libraries

Files:

• clients/python/pyproject.toml

requirements*.txt

📄 CodeRabbit inference engine (.cursor/rules/cicd.mdc)

Use requirements*.txt in workflows as cache key inputs and installation sources; keep them present and up to date

Files:

• requirements-dev.txt

{pyproject.toml,requirements*.txt,Pipfile*,package*.json,pnpm-lock.yaml,uv.lock}

⚙️ CodeRabbit configuration file

{pyproject.toml,requirements*.txt,Pipfile*,package*.json,pnpm-lock.yaml,uv.lock}: Flag vulnerable or unpinned deps; suggest safer alternatives; check tool configs (ruff, mypy, pytest, coverage).

Files:

• requirements-dev.txt
• pyproject.toml

pyproject.toml

📄 CodeRabbit inference engine (.cursor/rules/cicd.mdc)

Pin Python dependencies with exact versions (==) or constrained ranges in pyproject.toml, including dev extras

pyproject.toml: Configure ruff, mypy (strict), and black (line length 88, target py310) in pyproject.toml as specified
Bump project version in pyproject.toml for breaking changes

pyproject.toml: Ruff configuration must select: E,F,I,B,UP,C4,PIE,SIM,T20,ASYNC,S,RUF,S603,SIM115,RUF006; with specified per-file ignores
Enable mypy plugin pydantic.mypy and override tests.* disallow_untyped_defs=false

Files:

• pyproject.toml

{requirements.txt,pyproject.toml,**/*.{yaml,yml}}

📄 CodeRabbit inference engine (CONTRIBUTING.md)

{requirements.txt,pyproject.toml,**/*.{yaml,yml}}: Keep dependencies secure and appropriately versioned in configuration files
Follow configuration best practices in config files
Assess security implications of configuration changes
Ensure proper formatting and structure in configuration files

Files:

• pyproject.toml

🧠 Learnings (3)

📚 Learning: 2025-10-23T13:26:37.198Z

Learnt from: CR
PR: VirtualAgentics/ConextForge_memory#0
File: .cursor/rules/general.mdc:0-0
Timestamp: 2025-10-23T13:26:37.198Z
Learning: Applies to pyproject.toml : Configure ruff, mypy (strict), and black (line length 88, target py310) in pyproject.toml as specified

Applied to files:

• clients/python/pyproject.toml
• pyproject.toml

📚 Learning: 2025-10-23T13:28:42.367Z

Learnt from: CR
PR: VirtualAgentics/ConextForge_memory#0
File: .cursor/rules/python.mdc:0-0
Timestamp: 2025-10-23T13:28:42.367Z
Learning: Applies to **/*.py : Follow PEP 8 with an 88-character line limit (ruff/black-enforced)

Applied to files:

• clients/python/pyproject.toml
• pyproject.toml

📚 Learning: 2025-10-23T13:26:37.198Z

Learnt from: CR
PR: VirtualAgentics/ConextForge_memory#0
File: .cursor/rules/general.mdc:0-0
Timestamp: 2025-10-23T13:26:37.198Z
Learning: Applies to pyproject.toml : Bump project version in pyproject.toml for breaking changes

Applied to files:

• pyproject.toml

🔇 Additional comments (6)

pyproject.toml (2)

3-3: Tool versions correctly updated to py312.

Black and ruff target versions are appropriately updated to reflect Python 3.12+ support.

Also applies to: 7-7

---

53-78: Requires-python and dependency pinning are correct.

Python requirement correctly set to >=3.12 and all dependencies are pinned with exact versions.

clients/python/pyproject.toml (2)

10-26: Python version metadata correctly updated.

Requires-python and classifiers properly reflect 3.12+ support.

---

1-3: Build system and dependencies are appropriate.

Setuptools constraint is conservative and dependencies use sensible ranges.

Also applies to: 27-40

.github/workflows/ci.yml (1)

18-18: CI matrix and workflow configuration correct.

Python version matrix properly reduced to 3.12 and 3.13. Single-job workflows appropriately pinned to 3.12. Action SHAs are pinned and permissions are minimal.

Also applies to: 56-56, 91-91, 175-175

requirements-dev.txt (1)

35-35: Dependency downgrades are safe and documented appropriately.

All three downgrades have been verified:

• cyclonedx-python-lib 9.1.0 has no known security vulnerabilities
• wrapt 1.17.3 is stable (1.17.0+ requires Python 3.8+); no breaking changes relative to 2.0.0
• prompt-toolkit 3.0.51 is used because commitizen excludes version 3.0.52 due to a questionary compatibility issue

The downgrades appear to result from pip-compile resolving transitive dependency conflicts. No security vulnerabilities exist in the selected versions.