Update FastAPI version to 0.120.1 in pyproject.toml and requirements.txt

[WilberC]

User description

Pull Request Title

deps: Upgrade FastAPI from 0.115.12 to 0.120.1

Related Issue

Related to #543

Description

This PR upgrades the fastapi dependency from version 0.115.12 to 0.120.1. This is intended to bring in the latest features, bug fixes, and security patches from the FastAPI project.

Type

• Bug Fix
• Feature Enhancement
• Documentation Update
• Code Refactoring
• Other (please specify): Dependency Update

Proposed Changes

• Updated fastapi version in apps/backend/pyproject.toml to 0.120.1.
• Updated fastapi version in apps/backend/requirements.txt to 0.120.1.

Screenshots / Code Snippets (if applicable)

N/A

How to Test

1. Pull this branch.
2. Navigate to the apps/backend directory.
3. Install/update the dependencies.
4. Run the backend server.
5. Verify that the application starts successfully and basic API endpoints function as expected.
6. (If applicable) Run the automated test suite and ensure all tests pass.

Checklist

• The code compiles successfully without any errors or warnings
• The changes have been tested and verified
• The documentation has been updated (if applicable)
• The changes follow the project's coding guidelines and best practices
• The commit messages are descriptive and follow the project's guidelines
• All tests (if applicable) pass successfully
• This pull request has been linked to the related issue (if applicable)

Additional Information

Reviewers may want to consult the FastAPI Release Notes for details on the changes between versions 0.115.12 and 0.120.1.

---

PR Type

Enhancement

---

Description

• Upgrade FastAPI dependency from 0.115.12 to 0.120.1

• Update version in both pyproject.toml and requirements.txt

• Brings latest features, bug fixes, and security patches

---

Diagram Walkthrough

flowchart LR
  A["FastAPI 0.115.12"] -- "upgrade" --> B["FastAPI 0.120.1"]
  C["pyproject.toml"] -- "updated" --> B
  D["requirements.txt"] -- "updated" --> B

Loading

File Walkthrough

	Relevant files
Dependencies	pyproject.toml Update FastAPI version in pyproject.toml                                  apps/backend/pyproject.toml Updated fastapi dependency version from 0.115.12 to 0.120.1 +1/-1      requirements.txt Update FastAPI version in requirements.txt                              apps/backend/requirements.txt Updated fastapi dependency version from 0.115.12 to 0.120.1 +1/-1

---

---

Summary by cubic

Upgraded FastAPI from 0.115.12 to 0.120.1 to match the Starlette version and bring in recent bug and security fixes. Updated backend dependency files; no runtime changes expected.

• Dependencies
  • Set fastapi==0.120.1 in apps/backend/pyproject.toml and apps/backend/requirements.txt.
  • Aligns FastAPI with Starlette to prevent compatibility issues.

^{Written for commit 87f3298. Summary will update automatically on new commits.}

Summary by CodeRabbit

• Chores
  • Updated backend framework dependency to latest stable version.

[coderabbitai]

Walkthrough

FastAPI dependency upgraded from version 0.115.12 to 0.120.1 across both Python dependency files (pyproject.toml and requirements.txt) in the backend application. No functional, logic, or control flow modifications.

Changes

Cohort / File(s)	Summary
FastAPI version bump apps/backend/pyproject.toml, apps/backend/requirements.txt	Updated FastAPI dependency from 0.115.12 to 0.120.1

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• Fix dependency conflict between starlette==0.47.2 and fastapi version #530 — Downgrades Starlette to 0.46.2 to address FastAPI–Starlette compatibility, directly related to this FastAPI upgrade.
• Fixed Dependency Issue while running setup #493 — Earlier backend dependency version modifications affecting the FastAPI–Starlette dependency chain.

Suggested labels

Review effort 1/5

Suggested reviewers

• srbhr

Poem

🐰 A hop, a skip, FastAPI flies high,
Version bumped to 0.120, reaching for the sky,
Dependencies aligned with grace,
Backend racing at a faster pace! 🚀

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title accurately describes the main change: updating FastAPI version to 0.120.1 across two configuration files (pyproject.toml and requirements.txt).

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bbc82ab and 87f3298.

📒 Files selected for processing (2)

• apps/backend/pyproject.toml (1 hunks)
• apps/backend/requirements.txt (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: CR
Repo: srbhr/Resume-Matcher PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2025-07-31T13:44:21.007Z
Learning: Applies to apps/backend/app/**/*.{py} : Use Python 3.12+ with type hints for all backend code

📚 Learning: 2025-07-31T13:44:21.007Z

Learnt from: CR
Repo: srbhr/Resume-Matcher PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2025-07-31T13:44:21.007Z
Learning: Applies to apps/backend/app/**/*.{py} : Use Python 3.12+ with type hints for all backend code

Applied to files:

• apps/backend/requirements.txt
• apps/backend/pyproject.toml

🔇 Additional comments (2)

apps/backend/requirements.txt (1)

15-15: Verify compatibility and test OpenAPI endpoints—potential known issues with this version combination.

FastAPI 0.120.1 has no major nor breaking changes, however users upgrading to fastapi==0.120.1 and starlette==0.49.1 have reported KeyError: '$ref' in OpenAPI generation, though API routes work. The issue appears schema-dependent and may not affect all applications.

Additionally, FastAPI 0.120.0+ adds a new (very small) dependency on annotated-doc. Verify this is installed as a transitive dependency or add it explicitly if needed.

Test the backend thoroughly:

• Start the server and verify /docs and /redoc endpoints load without errors
• Check for any OpenAPI schema generation issues in logs
• Confirm all API endpoints function correctly

If you encounter the OpenAPI error, it may require a Pydantic version adjustment or rolling back Starlette to <0.49.0 temporarily.

apps/backend/pyproject.toml (1)

21-21: Consistent version bump—same verification needed as requirements.txt.

The version change mirrors the one in requirements.txt. Both files now pin to fastapi==0.120.1, which is consistent. However, the same compatibility concerns and testing requirements apply (see requirements.txt review for details on potential OpenAPI issues and the new annotated-doc dependency).

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
🟡	🎫 #543 🟢 Update dependency specifications (e.g., pyproject.toml and/or requirements.txt) accordingly. 🔴 Align backend dependency versions so that FastAPI’s Starlette requirement is compatible with pinned Starlette version (starlette==0.49.1). ⚪ Ensure ./setup.sh completes successfully by resolving FastAPI and Starlette version conflict in backend dependencies. Verify that installation succeeds on Python 3.13.9 without dependency resolution errors.
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: No audit scope: The PR only updates dependency versions and does not add or change application logic related to audit trails, so compliance cannot be determined from the diff. Referred Code "fastapi==0.120.1", "flatbuffers==25.2.10",
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: No code changes: Only dependency versions were updated with no new identifiers added, so naming compliance cannot be assessed from the diff. Referred Code "fastapi==0.120.1", "flatbuffers==25.2.10",
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: No error paths: The diff only updates a dependency version and contains no executable code changes, so error handling cannot be evaluated. Referred Code fastapi==0.120.1 flatbuffers==25.2.10
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: No user errors: No user-facing error handling logic was added or modified in this dependency update, so security of error messages cannot be assessed. Referred Code fastapi==0.120.1 flatbuffers==25.2.10
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Logging unchanged: The PR introduces no logging changes; secure logging compliance cannot be determined from this diff. Referred Code "fastapi==0.120.1", "flatbuffers==25.2.10",
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Dependency risk: Updating FastAPI to 0.120.1 may change validation or security behavior, but no application code changes are present to assess input handling. Referred Code fastapi==0.120.1 flatbuffers==25.2.10

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Prevent critical runtime errors from breaking changes Downgrade fastapi to a version below 0.120.0 to avoid a breaking change affecting the Request object. Alternatively, audit the codebase to replace usage of internal attributes with the public API. apps/backend/pyproject.toml [21] -"fastapi==0.120.1", +"fastapi<0.120.0", Apply / Chat Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies a significant and documented breaking change in the updated fastapi version, which could cause critical runtime errors if the application relies on internal request attributes.	High
More

[cubic-dev-ai]

No issues found across 2 files

[jayatheerthkulkarni]

Hi everyone,

Very new to the code base,
Will it be an issue if we do just

starlette >=0.40.0,<0.47.0

??

I can run the ./setup.sh without any issues.
If I am missing something do let me know, would like to learn more from here.

[WilberC]

@jayatheerthkulkarni this error appears if the starlette version you have is 0.49.1
That version was introduced by this PR #541 . Probably you're not at the last version at main.

[albertocalderari]

Remove starlette from the dependencies in pyproject.toml, that should fix everything

[samfallible]

Remove starlette from the dependencies in pyproject.toml, that should fix everything

This fix worked for me