Skip to content

fix: relax openai version#4303

Open
bittoby wants to merge 1 commit intocrewAIInc:mainfrom
bittoby:fix-relax-openai-version
Open

fix: relax openai version#4303
bittoby wants to merge 1 commit intocrewAIInc:mainfrom
bittoby:fix-relax-openai-version

Conversation

@bittoby
Copy link

@bittoby bittoby commented Jan 29, 2026
edited by cursor bot
Loading

Fix OpenAI dependency constraint for ecosystem compatibility

CrewAI's strict OpenAI dependency constraint openai~=1.83.0 (equivalent to >=1.83.0,<1.84.0) was causing dependency conflicts with popular AI ecosystem packages:

LangChain ecosystem requires openai>=1.109.1
LiteLLM requires openai>=1.50.0
Observability tools like LangFuse require openai>=1.100.0
Modern AI applications commonly use newer OpenAI SDK versions
This prevented CrewAI from being used in comprehensive AI stacks and caused installation failures when combining with other AI libraries.

✅ Solution
Current OpenAI version is 2.16.0.
Changed OpenAI dependency constraint from:

  • " - openai~=1.83.0"
  • "+ openai>=1.83.0,<3.0.0" for the future use.
  • I think "openai<2" is incompatible in the future.

📁 Files Changed

  • pyproject.toml
  • uv.lock - Regenerated lock file with new constraint

Close #4300

Note

Medium Risk
Relaxing the openai version range can introduce runtime incompatibilities if CrewAI relies on behaviors that changed in newer SDK releases. The change is limited to dependency metadata/lockfile updates but affects all downstream installations.

Overview
Relaxes the core openai dependency constraint from a narrow ~= pin to a wider >=1.83.0,<3.0.0 range to reduce conflicts with other AI ecosystem packages.

Updates uv.lock to reflect the new constraint for resolved dependencies.

Written by Cursor Bugbot for commit 6e84197. This will update automatically on new commits. Configure here.

cursor[bot]
cursor bot reviewed Jan 29, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

This PR is being reviewed by Cursor Bugbot

Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

lib/crewai/pyproject.toml
# Core Dependencies
"pydantic~=2.11.9",
"openai~=1.83.0",
"openai>=1.83.0,<3.0.0",
Copy link

@cursor cursor bot Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Version constraint allows incompatible OpenAI SDK v1.x

High Severity

The new openai>=1.83.0,<3.0.0 constraint allows installation of OpenAI SDK v1.x versions, but the codebase imports from openai.types.responses import Response which only exists in v2.x. Installing any v1.x version will cause an ImportError or ModuleNotFoundError at runtime. The lower bound needs to be >=2.0.0 (or the specific v2 version that introduced the Responses API) to match the code's actual requirements.

Fix in Cursor Fix in Web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] Title: Dependency constraints in pyproject.toml are overly strict

1 participant

@bittoby