Restrict httpx version to <1.0.0

[Kludex]

No description provided.

[Kludex]

@claude please run uv sync and push the uv.lock.

[claude]

Claude encountered an error —— View job

---

I'll analyze this and get back to you.

[maxisbey]

@claude pls run uv sync and fix

[claude]

Claude finished @maxisbey's task in 23s —— View job

---

Working on your request

• Run uv lock to regenerate the lockfile
• Verify the lockfile was updated with the correct httpx specifier
• Commit and push the updated uv.lock to the PR branch

---

⚠️ Waiting for approval: The uv lock command requires user approval to execute. Once approved, I'll regenerate the lockfile and push the changes.

[maxisbey]

@claude what approval? I don't see an approval button anywhere, where do I go

[claude]

Claude finished @maxisbey's task in 30s —— View job

---

About the approval requirement

• Clarify the approval confusion
• Run uv lock to regenerate the lockfile
• Verify the lockfile was updated with the correct httpx specifier
• Commit and push the updated uv.lock to the PR branch

---

About the "approval": I apologize for the confusion! The approval system is actually part of Claude Code's permission model in GitHub Actions. When I try to run certain commands like uv lock, the system requires approval from a repository maintainer.

Where to approve: The approval happens in the GitHub Actions workflow run itself. You would need to:

1. Go to the workflow run page
2. Look for a pending approval request in the workflow logs

However, there's a simpler solution: A repository maintainer can run uv lock locally and push the updated lockfile, or update my --allowedTools configuration to allow me to run uv commands without approval.

Alternatively, you can run this locally:

git checkout Kludex-patch-1
uv lock
git add uv.lock
git commit -m "chore: regenerate lockfile after httpx constraint update"
git push

This will update the lockfile to reflect the new httpx>=0.27.1,<1.0.0 constraint from pyproject.toml.

---

[claude]

Lockfile issue has been fixed — both pyproject.toml and uv.lock are now in sync with the httpx>=0.27.1,<1.0.0 constraint.

Extended reasoning...

Overview

This PR adds an upper bound (<1.0.0) to the httpx dependency in pyproject.toml and updates the corresponding uv.lock specifier to match. Only two files are changed, each with a single-line modification.

Security risks

None. This is a defensive dependency constraint that reduces risk by preventing automatic adoption of a potentially breaking httpx 1.0 release.

Level of scrutiny

Minimal scrutiny required. This is a mechanical version-pinning change with no logic, no code, and no behavioral impact. The lockfile now matches the declared constraint.

Other factors

My previous review flagged that the uv.lock was out of sync with pyproject.toml. That issue has been resolved — commit 8a8695c updated the lockfile. The diff is now correct and complete. No bugs were found by the bug hunting system.