From d076b7604c10cb107b6595e206062a63d6cdf0df Mon Sep 17 00:00:00 2001
From: Cal Corum <calcorum@users.noreply.github.com>
Date: Tue, 10 Mar 2026 00:32:41 -0500
Subject: [PATCH] chore: pin all Python dependency versions in requirements.txt
 (#62)

- Pin all direct dependencies to exact versions captured from production
  via `docker exec sba_db_api pip freeze`
- Explicitly pin starlette==0.52.1 (root cause of 2026-03-09 outage)
- Move pytest/pytest-asyncio to new requirements-dev.txt

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 requirements-dev.txt |  2 ++
 requirements.txt     | 19 +++++++++----------
 2 files changed, 11 insertions(+), 10 deletions(-)
 create mode 100644 requirements-dev.txt

diff --git a/requirements-dev.txt b/requirements-dev.txt
new file mode 100644
index 0000000..324f96e
--- /dev/null
+++ b/requirements-dev.txt
@@ -0,0 +1,2 @@
+pytest==9.0.2
+pytest-asyncio==1.3.0
diff --git a/requirements.txt b/requirements.txt
index e22917b..a3616a3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,11 +1,10 @@
-fastapi
-uvicorn
+fastapi==0.133.0
+uvicorn==0.41.0
+starlette==0.52.1
 peewee==3.13.3
-python-multipart
-numpy<2.0.0
-pandas
-psycopg2-binary>=2.9.0
-requests
-redis>=4.5.0
-pytest>=7.0.0
-pytest-asyncio>=0.21.0
+python-multipart==0.0.22
+numpy==1.26.4
+pandas==3.0.1
+psycopg2-binary==2.9.11
+requests==2.32.5
+redis==7.3.0