[Bug] Please upgrade the dependencies for canopy-sdk

NB-123 commented 3 weeks ago

Is this a new bug?

[X] I believe this is a new bug
[X] I have searched the existing issues, and I could not find an existing issue for this bug

Current Behavior

Since your last release was in March, a bunch of canopy-idk dependencies are pinned to very old versions. Many users have raised issues with package conflicts + security vulnerabilities. Please fix.

Expected Behavior

That a company like Pinecone actively maintains what it ships out to the open source world...

Steps To Reproduce

Try installing canopy-idk with any modern version of tokenizer/gunicorn etc, you will likely face issues.

Relevant log output

No response

Environment

- **OS**:
- **Language version**:
- **Canopy version**:

Additional Context

No response

NB-123 commented 3 weeks ago

@miararoy

miararoy commented 3 weeks ago

fixing gunicorn rn, #354

NB-123 commented 3 weeks ago

Could you do tokenizer as well please? @miararoy @izellevy

NB-123 commented 3 weeks ago

And tiktoken (and any other commonly used AIML library)? Just run a poetry update - doesn't take long... @miararoy @izellevy

miararoy commented 2 weeks ago

@NB-123 poetry update only updates poetry.lock which is not committed, I will run update and commit lock file, which is less of a best practice for a lib like Canopy and will likely break some people. I will wait for feedback on this in the future but will unblock you.

I am also fixing some failing, outdated tests.

NB-123 commented 2 weeks ago

Thanks. When can we expect the release such that we can upgrade poetry via our package manager? @miararoy

NB-123 commented 2 weeks ago

Just checking in again, thanks @miararoy @izellevy

NB-123 commented 2 weeks ago

Just checking in again, thanks @miararoy @izellevy

pinecone-io / canopy