fix: add local django constraint (#44)

Makefile

@@ -74,7 +74,7 @@ lint: ## run Python code linting
 	pylint --rcfile=pylintrc sanctions *.py
 
 quality:
-	tox -e quality 
+	tox -e quality
 
 pii_check: ## check for PII annotations on all Django models
 	DJANGO_SETTINGS_MODULE=sanctions.settings.test \
@@ -94,8 +94,16 @@ html_coverage: ## generate and view HTML coverage report
 # Define PIP_COMPILE_OPTS=-v to get more information during make upgrade.
 PIP_COMPILE = pip-compile --upgrade $(PIP_COMPILE_OPTS)
 
+COMMON_CONSTRAINTS_TXT=requirements/common_constraints.txt
+.PHONY: $(COMMON_CONSTRAINTS_TXT)
+$(COMMON_CONSTRAINTS_TXT):
+	wget -O "$(@)" https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt || touch "$(@)"
+	echo "$(COMMON_CONSTRAINTS_TEMP_COMMENT)" | cat - $(@) > temp && mv temp $(@)
+
 upgrade: export CUSTOM_COMPILE_COMMAND=make upgrade
-upgrade: ## update the requirements/*.txt files with the latest packages satisfying requirements/*.in
+upgrade: $(COMMON_CONSTRAINTS_TXT) ## update the requirements/*.txt files satisfying requirements/*.in
+	sed 's/Django<4.0//g' requirements/common_constraints.txt > requirements/common_constraints.tmp
+	mv requirements/common_constraints.tmp requirements/common_constraints.txt
 	pip install -qr requirements/pip-tools.txt
 	# Make sure to compile files after any other files they include!
 	$(PIP_COMPILE) --allow-unsafe -o requirements/pip.txt requirements/pip.in

requirements/base.txt

@@ -5,8 +5,10 @@
 #    make upgrade
 #
 asgiref==3.7.2
-    # via django
-certifi==2023.7.22
+    # via
+    #   django
+    #   django-cors-headers
+certifi==2024.2.2
     # via
     #   opsgenie-sdk
     #   requests
@@ -24,17 +26,17 @@ coreapi==2.3.3
     #   openapi-codec
 coreschema==0.0.4
     # via coreapi
-cryptography==41.0.5
+cryptography==42.0.5
     # via
     #   pyjwt
     #   social-auth-core
 defusedxml==0.8.0rc2
     # via
     #   python3-openid
     #   social-auth-core
-django==3.2.23
+django==3.2.24
     # via
-    #   -c https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt
+    #   -c requirements/constraints.txt
     #   -r requirements/base.in
     #   django-cors-headers
     #   django-crum
@@ -47,7 +49,7 @@ django==3.2.23
     #   edx-django-utils
     #   edx-drf-extensions
     #   social-auth-app-django
-django-cors-headers==4.3.0
+django-cors-headers==4.3.1
     # via -r requirements/base.in
 django-crum==0.7.9
     # via edx-django-utils
@@ -57,9 +59,9 @@ django-rest-swagger==2.2.0
     # via -r requirements/base.in
 django-simple-history==3.0.0
     # via
-    #   -c https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt
+    #   -c requirements/common_constraints.txt
     #   -r requirements/base.in
-django-waffle==4.0.0
+django-waffle==4.1.0
     # via
     #   -r requirements/base.in
     #   edx-django-utils
@@ -76,28 +78,30 @@ edx-auth-backends==4.2.0
     # via -r requirements/base.in
 edx-django-release-util==1.3.0
     # via -r requirements/base.in
-edx-django-utils==5.8.0
+edx-django-utils==5.10.1
     # via
     #   -r requirements/base.in
     #   edx-drf-extensions
     #   edx-rest-api-client
-edx-drf-extensions==8.13.0
+edx-drf-extensions==10.2.0
     # via -r requirements/base.in
 edx-opaque-keys==2.5.1
     # via edx-drf-extensions
 edx-rest-api-client==5.6.1
     # via -r requirements/base.in
-idna==3.4
+idna==3.6
     # via requests
+importlib-resources==5.13.0
+    # via pycountry
 itypes==1.2.0
     # via coreapi
-jinja2==3.1.2
+jinja2==3.1.3
     # via coreschema
-markupsafe==2.1.3
+markupsafe==2.1.5
     # via jinja2
-mysqlclient==2.2.0
+mysqlclient==2.2.4
     # via -r requirements/base.in
-newrelic==9.1.1
+newrelic==9.7.0
     # via edx-django-utils
 oauthlib==3.2.2
     # via
@@ -107,11 +111,11 @@ openapi-codec==1.3.2
     # via django-rest-swagger
 opsgenie-sdk==2.1.5
     # via -r requirements/base.in
-pbr==5.11.1
+pbr==6.0.0
     # via stevedore
-psutil==5.9.6
+psutil==5.9.8
     # via edx-django-utils
-pycountry==22.3.5
+pycountry==23.12.11
     # via -r requirements/base.in
 pycparser==2.21
     # via cffi
@@ -121,7 +125,6 @@ pyjwt[crypto]==2.8.0
     #   edx-auth-backends
     #   edx-drf-extensions
     #   edx-rest-api-client
-    #   pyjwt
     #   social-auth-core
 pymongo==3.13.0
     # via edx-opaque-keys
@@ -131,7 +134,7 @@ python-dateutil==2.8.2
     # via opsgenie-sdk
 python3-openid==3.2.0
     # via social-auth-core
-pytz==2023.3.post1
+pytz==2024.1
     # via
     #   -r requirements/base.in
     #   django
@@ -151,7 +154,7 @@ requests==2.31.0
     #   social-auth-core
 requests-oauthlib==1.3.1
     # via social-auth-core
-responses==0.24.0
+responses==0.25.0
     # via -r requirements/base.in
 semantic-version==2.10.0
     # via edx-drf-extensions
@@ -167,31 +170,33 @@ slumber==0.7.1
     # via edx-rest-api-client
 social-auth-app-django==5.4.0
     # via edx-auth-backends
-social-auth-core==4.5.0
+social-auth-core==4.5.3
     # via
     #   edx-auth-backends
     #   social-auth-app-django
 sqlparse==0.4.4
     # via django
-stevedore==5.1.0
+stevedore==5.2.0
     # via
     #   edx-django-utils
     #   edx-opaque-keys
 tenacity==8.2.3
     # via opsgenie-sdk
-testfixtures==7.2.2
+testfixtures==8.0.0
     # via -r requirements/base.in
-typing-extensions==4.8.0
+typing-extensions==4.10.0
     # via
     #   asgiref
     #   edx-opaque-keys
 uritemplate==4.1.1
     # via coreapi
-urllib3==2.0.7
+urllib3==2.2.1
     # via
     #   opsgenie-sdk
     #   requests
     #   responses
+zipp==3.17.0
+    # via importlib-resources
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools

requirements/ci.txt

@@ -4,9 +4,9 @@
 #
 #    make upgrade
 #
-coverage==7.3.2
+coverage==7.4.3
     # via -r requirements/ci.in
-distlib==0.3.7
+distlib==0.3.8
     # via virtualenv
 filelock==3.13.1
     # via
@@ -16,12 +16,11 @@ packaging==23.2
     # via
     #   pyproject-api
     #   tox
-platformdirs==3.11.0
+platformdirs==4.2.0
     # via
-    #   -c https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt
     #   tox
     #   virtualenv
-pluggy==1.3.0
+pluggy==1.4.0
     # via tox
 py==1.11.0
     # via tox
@@ -37,5 +36,5 @@ tox==3.28.0
     #   tox-battery
 tox-battery==0.6.2
     # via -r requirements/ci.in
-virtualenv==20.24.6
+virtualenv==20.25.1
     # via tox

requirements/common_constraints.txt

@@ -0,0 +1,24 @@
+
+# A central location for most common version constraints
+# (across edx repos) for pip-installation.
+#
+# Similar to other constraint files this file doesn't install any packages.
+# It specifies version constraints that will be applied if a package is needed.
+# When pinning something here, please provide an explanation of why it is a good
+# idea to pin this package across all edx repos, Ideally, link to other information
+# that will help people in the future to remove the pin when possible.
+# Writing an issue against the offending project and linking to it here is good.
+#
+# Note: Changes to this file will automatically be used by other repos, referencing
+#  this file from Github directly. It does not require packaging in edx-lint.
+
+
+# using LTS django version
+
+
+# elasticsearch>=7.14.0 includes breaking changes in it which caused issues in discovery upgrade process.
+# elastic search changelog: https://www.elastic.co/guide/en/enterprise-search/master/release-notes-7.14.0.html
+elasticsearch<7.14.0
+
+# django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
+django-simple-history==3.0.0

requirements/constraints.txt

@@ -9,6 +9,7 @@
 # linking to it here is good.
 
 # Common constraints for edx repos
--c https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt
-
+-c common_constraints.txt
 
+# Stay on Django LTS release
+Django<4.0