feat: upgrade Python from 3.10 to 3.11

[abhizipstack]

What

• Upgrade Python version constraint from >=3.10,<3.11.1 to >=3.10,<3.13
• Add .python-version file to pin Python 3.11
• Update CI backend tests workflow to use Python 3.11
• Update uv.lock for new Python version range

Why

Python 3.10 reaches EOL Oct 2026. google.api_core already emits a FutureWarning and will stop supporting 3.10 after that date. The original <3.11.1 constraint was set in the initial commit with no documented incompatibility.

How

• Changed requires-python in pyproject.toml
• Added .python-version at repo root (read by pyenv, uv, IDEs)
• Updated CI matrix from 3.10 to 3.11
• Regenerated uv.lock to reflect new version range

Can this PR break any existing features. If yes, please list possible items. If no, please explain why. (PS: Admins do not merge the PR without this section filled)

Low risk. Tested thoroughly:

• All 290+ pip packages install cleanly on Python 3.11
• Django boots successfully (dev + prod settings)
• No new test failures (pre-existing collection errors are the same on 3.10)
• Ibis 11.0.0 + DuckDB work correctly
• visitran-ai tested separately: 41 passed, 4 skipped

Database Migrations

None

Env Config

Developers need Python 3.11 installed locally. python3.11 is available via pyenv or system package managers.

Relevant Docs

• google.api_core Python 3.10 EOL notice

Related Issues or PRs

• Jira: OR-1134
• visitran-ai PR: https://github.com/Zipstack/visitran-ai/pull/264

Dependencies Versions

No dependency version changes — only the Python version constraint was widened.

Notes on Testing

• Tested locally with Python 3.11.6
• Django dev + prod settings boot without errors
• Ibis + DuckDB backend verified
• All pre-existing test collection errors are identical on 3.10 and 3.11

Checklist

I have read and understood the Contribution Guidelines.

🤖 Generated with Claude Code

[greptile-apps]

Greptile Summary

This PR upgrades the dev and CI Python runtime from 3.10 to 3.11 by pinning .python-version, updating the CI matrix, widening requires-python to >=3.10,<3.13, and regenerating uv.lock. The four changed files are correct and consistent with each other, but several files outside the PR scope still reference Python 3.10 and should be updated as part of this upgrade:

• docker/dockerfiles/backend.Dockerfile still uses FROM python:3.10.14-slim, so production container deployments will run a different Python version than dev and CI.
• .pre-commit-config.yaml still forces pre-commit hooks to python3.10.
• sonar-project.properties still sets sonar.python.version=3.10.

Confidence Score: 4/5

Safe to merge after updating the Dockerfile base image from Python 3.10 to 3.11; without that fix, production containers will diverge from dev and CI.

The four changed files are internally consistent and correct. However, docker/dockerfiles/backend.Dockerfile still pins Python 3.10, which means containerised production deployments will run a different Python version than the dev and CI environments — a real environment mismatch introduced by this PR. That P1 finding drops the score to 4.

docker/dockerfiles/backend.Dockerfile — still references Python 3.10.14, creating a dev/CI vs. production mismatch.

Vulnerabilities

No security concerns identified. This PR only changes Python version metadata and the lock file.

Important Files Changed

Filename	Overview
.github/workflows/core-backend-tests.yaml	Matrix python-version updated from "3.10" to "3.11" — consistent with the new .python-version pin and pyproject.toml constraint.
.python-version	New file pinning the dev environment to Python 3.11 for uv and pyenv-compatible tooling.
backend/pyproject.toml	requires-python widened from >=3.10,<3.11.1 to >=3.10,<3.13; change is intentional and the lock file was regenerated accordingly.
backend/uv.lock	Lock file regenerated with revision=3 and the updated Python range; resolution markers now split on 3.11.* / >=3.12 / <3.11, which is correct for the new range.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Developer Workstation] -->|.python-version| B[Python 3.11 ✅]
    C[GitHub Actions CI] -->|core-backend-tests.yaml matrix| D[Python 3.11 ✅]
    E[uv lock resolution] -->|backend/pyproject.toml requires-python| F[>=3.10,<3.13 ✅]
    G[Docker Production Image] -->|backend.Dockerfile FROM| H[Python 3.10.14 ⚠️]
    I[Pre-commit Hooks] -->|.pre-commit-config.yaml default_language_version| J[python3.10 ⚠️]
    K[SonarCloud Analysis] -->|sonar-project.properties| L[sonar.python.version=3.10 ⚠️]

Loading

Comments Outside Diff (1)

1. docker/dockerfiles/backend.Dockerfile, line 1 (link)

   Dockerfile still pins Python 3.10 after the upgrade

   The production Docker image still uses python:3.10.14-slim, so containerized deployments will run Python 3.10 while .python-version, CI, and pyproject.toml all target 3.11. Any behavior differences between 3.10 and 3.11 (e.g. google.api_core warnings, exception group handling, tomllib stdlib availability) will be invisible in dev/CI but live in production containers.

   Prompt To Fix With AI

   This is a comment left during a code review.
   Path: docker/dockerfiles/backend.Dockerfile
   Line: 1
   
   Comment:
   **Dockerfile still pins Python 3.10 after the upgrade**
   
   The production Docker image still uses `python:3.10.14-slim`, so containerized deployments will run Python 3.10 while `.python-version`, CI, and `pyproject.toml` all target 3.11. Any behavior differences between 3.10 and 3.11 (e.g. `google.api_core` warnings, exception group handling, `tomllib` stdlib availability) will be invisible in dev/CI but live in production containers.
   
   
   
   How can I resolve this? If you propose a fix, please make it concise.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: docker/dockerfiles/backend.Dockerfile
Line: 1

Comment:
**Dockerfile still pins Python 3.10 after the upgrade**

The production Docker image still uses `python:3.10.14-slim`, so containerized deployments will run Python 3.10 while `.python-version`, CI, and `pyproject.toml` all target 3.11. Any behavior differences between 3.10 and 3.11 (e.g. `google.api_core` warnings, exception group handling, `tomllib` stdlib availability) will be invisible in dev/CI but live in production containers.

```suggestion
FROM python:3.11-slim
```

How can I resolve this? If you propose a fix, please make it concise.

---

This is a comment left during a code review.
Path: .pre-commit-config.yaml
Line: 25

Comment:
**Pre-commit default Python version not updated**

`default_language_version` still forces hooks to run under `python3.10`, even though the repo now targets 3.11. This means linters/formatters (black, mypy, etc.) run under a different interpreter than the codebase, which can produce slightly different results or mask 3.11-specific type errors.

```suggestion
  python: python3.11
```

How can I resolve this? If you propose a fix, please make it concise.

---

This is a comment left during a code review.
Path: sonar-project.properties
Line: 3

Comment:
**SonarCloud Python version not updated**

`sonar.python.version=3.10` tells SonarCloud to analyse the code under Python 3.10 semantics. After the upgrade, this should point to 3.11 so static-analysis rules and coverage reporting reflect the actual runtime.

```suggestion
sonar.python.version=3.11
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (2): Last reviewed commit: "fix: move .python-version to repo root" | Re-trigger Greptile}

[tahierhussain]

LGTM