Python Requirements Update

playbooks/roles/aws/templates/requirements.txt.j2

@@ -4,13 +4,13 @@
 #
 #    make upgrade
 #
-awscli==1.32.2
+awscli==1.32.88
     # via -r requirements/aws.in
 boto==2.49.0
     # via -r requirements/aws.in
-boto3==1.34.2
+boto3==1.34.88
     # via -r requirements/aws.in
-botocore==1.34.2
+botocore==1.34.88
     # via
     #   awscli
     #   boto3
@@ -23,9 +23,9 @@ jmespath==1.0.1
     # via
     #   boto3
     #   botocore
-pyasn1==0.5.1
+pyasn1==0.6.0
     # via rsa
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via
     #   botocore
     #   s3cmd
@@ -39,7 +39,7 @@ rsa==4.7.2
     # via awscli
 s3cmd==2.4.0
     # via -r requirements/aws.in
-s3transfer==0.9.0
+s3transfer==0.10.1
     # via
     #   awscli
     #   boto3

requirements.txt

@@ -8,22 +8,22 @@ ansible==2.10.7
     # via -r requirements/base.in
 ansible-base==2.10.17
     # via ansible
-awscli==1.32.2
+awscli==1.32.88
     # via -r requirements/base.in
 bcrypt==3.1.7
     # via
     #   -c requirements/constraints.txt
     #   paramiko
 boto==2.49.0
     # via -r requirements/base.in
-boto3==1.34.2
+boto3==1.34.88
     # via -r requirements/base.in
-botocore==1.34.2
+botocore==1.34.88
     # via
     #   awscli
     #   boto3
     #   s3transfer
-certifi==2023.11.17
+certifi==2024.2.2
     # via requests
 cffi==1.16.0
     # via
@@ -34,7 +34,7 @@ charset-normalizer==3.3.2
     # via requests
 colorama==0.4.4
     # via awscli
-cryptography==41.0.7
+cryptography==42.0.5
     # via
     #   ansible-base
     #   paramiko
@@ -50,7 +50,7 @@ docutils==0.16
     # via awscli
 ecdsa==0.13.3
     # via -r requirements/base.in
-idna==3.6
+idna==3.7
     # via requests
 jinja2==2.8
     # via
@@ -68,27 +68,27 @@ mysqlclient==1.4.6
     # via -r requirements/base.in
 networkx==1.11
     # via -r requirements/base.in
-packaging==23.2
+packaging==24.0
     # via ansible-base
 paramiko==2.4.2
     # via -r requirements/base.in
 pathlib2==2.3.0
     # via -r requirements/base.in
 prettytable==0.7.2
     # via -r requirements/base.in
-pyasn1==0.5.1
+pyasn1==0.6.0
     # via
     #   paramiko
     #   rsa
-pycparser==2.21
+pycparser==2.22
     # via cffi
-pycryptodome==3.19.0
+pycryptodome==3.20.0
     # via -r requirements/base.in
 pymongo==3.9.0
     # via -r requirements/base.in
 pynacl==1.5.0
     # via paramiko
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via botocore
 pyyaml==6.0.1
     # via
@@ -101,7 +101,7 @@ requests==2.31.0
     #   datadog
 rsa==4.7.2
     # via awscli
-s3transfer==0.9.0
+s3transfer==0.10.1
     # via
     #   awscli
     #   boto3

requirements/common_constraints.txt

@@ -13,11 +13,20 @@
 
 
 # using LTS django version
-Django<4.0
+Django<5.0
 
 # elasticsearch>=7.14.0 includes breaking changes in it which caused issues in discovery upgrade process.
 # elastic search changelog: https://www.elastic.co/guide/en/enterprise-search/master/release-notes-7.14.0.html
 elasticsearch<7.14.0
 
 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
 django-simple-history==3.0.0
+
+# opentelemetry requires version 6.x at the moment:
+# https://github.com/open-telemetry/opentelemetry-python/issues/3570
+# Normally this could be added as a constraint in edx-django-utils, where we're
+# adding the opentelemetry dependency. However, when we compile pip-tools.txt,
+# that uses version 7.x, and then there's no undoing that when compiling base.txt.
+# So we need to pin it globally, for now.
+# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407
+importlib-metadata<7

requirements/pip-tools.txt

@@ -4,26 +4,30 @@
 #
 #    make upgrade
 #
-build==1.0.3
+build==1.2.1
     # via pip-tools
 click==8.1.7
     # via pip-tools
-importlib-metadata==7.0.0
-    # via build
-packaging==23.2
+importlib-metadata==6.11.0
+    # via
+    #   -c requirements/common_constraints.txt
+    #   build
+packaging==24.0
     # via build
-pip-tools==7.3.0
+pip-tools==7.4.1
     # via -r requirements/pip-tools.in
 pyproject-hooks==1.0.0
-    # via build
+    # via
+    #   build
+    #   pip-tools
 tomli==2.0.1
     # via
     #   build
     #   pip-tools
     #   pyproject-hooks
-wheel==0.42.0
+wheel==0.43.0
     # via pip-tools
-zipp==3.17.0
+zipp==3.18.1
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:

requirements/pip.txt

@@ -4,11 +4,11 @@
 #
 #    make upgrade
 #
-wheel==0.42.0
+wheel==0.43.0
     # via -r requirements/pip.in
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==23.3.2
+pip==24.0
     # via -r requirements/pip.in
-setuptools==69.0.2
+setuptools==69.5.1
     # via -r requirements/pip.in

util/elasticsearch/requirements.txt

@@ -8,7 +8,7 @@ deepdiff==3.1.0
     # via -r requirements/elasticsearch.in
 elasticsearch==0.4.5
     # via -r requirements/elasticsearch.in
-jsonpickle==3.0.2
+jsonpickle==3.0.4
     # via deepdiff
 urllib3==1.26.18
     # via elasticsearch

util/jenkins/requirements-cloudflare.txt

@@ -4,15 +4,15 @@
 #
 #    make upgrade
 #
-certifi==2023.11.17
+certifi==2024.2.2
     # via requests
 charset-normalizer==3.3.2
     # via requests
 click==8.1.7
     # via -r requirements/cloudflare.in
-idna==3.6
+idna==3.7
     # via requests
 requests==2.31.0
     # via -r requirements/cloudflare.in
-urllib3==2.1.0
+urllib3==2.2.1
     # via requests

util/jenkins/requirements.txt

@@ -6,9 +6,9 @@
 #
 amqp==5.2.0
     # via kombu
-argcomplete==3.2.1
+argcomplete==3.3.0
     # via yq
-awscli==1.32.2
+awscli==1.32.88
     # via -r requirements/jenkins.in
 backoff==1.4.3
     # via -r requirements/jenkins.in
@@ -20,16 +20,16 @@ billiard==4.2.0
     # via celery
 boto==2.49.0
     # via -r requirements/jenkins.in
-boto3==1.34.2
+boto3==1.34.88
     # via -r requirements/jenkins.in
-botocore==1.34.2
+botocore==1.34.88
     # via
     #   awscli
     #   boto3
     #   s3transfer
-celery==5.3.6
+celery==5.4.0
     # via -r requirements/jenkins.in
-certifi==2023.11.17
+certifi==2024.2.2
     # via
     #   opsgenie-sdk
     #   requests
@@ -42,7 +42,7 @@ click==8.1.7
     #   click-didyoumean
     #   click-plugins
     #   click-repl
-click-didyoumean==0.3.0
+click-didyoumean==0.3.1
     # via celery
 click-plugins==1.1.1
     # via celery
@@ -52,25 +52,25 @@ colorama==0.4.4
     # via awscli
 docutils==0.16
     # via awscli
-idna==3.6
+idna==3.7
     # via requests
 jmespath==1.0.1
     # via
     #   boto3
     #   botocore
-jq==1.6.0
+jq==1.7.0
     # via -r requirements/jenkins.in
-kombu==5.3.4
+kombu==5.3.7
     # via celery
 opsgenie-sdk==0.3.1
     # via -r requirements/jenkins.in
 prompt-toolkit==3.0.43
     # via click-repl
-pyasn1==0.5.1
+pyasn1==0.6.0
     # via rsa
 pymysql==0.9.3
     # via -r requirements/jenkins.in
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via
     #   botocore
     #   celery
@@ -80,7 +80,7 @@ python-gnupg==0.5.2
     # via -r requirements/jenkins.in
 python-magic==0.4.27
     # via s3cmd
-pytz==2023.3.post1
+pytz==2024.1
     # via opsgenie-sdk
 pyyaml==6.0.1
     # via
@@ -95,7 +95,7 @@ rsa==4.7.2
     # via awscli
 s3cmd==2.4.0
     # via -r requirements/jenkins.in
-s3transfer==0.9.0
+s3transfer==0.10.1
     # via
     #   awscli
     #   boto3
@@ -105,11 +105,11 @@ six==1.16.0
     #   python-dateutil
 splunk-sdk==1.6.16
     # via -r requirements/jenkins.in
-tomlkit==0.12.3
+tomlkit==0.12.4
     # via yq
-typing-extensions==4.9.0
+typing-extensions==4.11.0
     # via kombu
-tzdata==2023.3
+tzdata==2024.1
     # via
     #   backports-zoneinfo
     #   celery
@@ -123,11 +123,11 @@ vine==5.1.0
     #   amqp
     #   celery
     #   kombu
-wcwidth==0.2.12
+wcwidth==0.2.13
     # via prompt-toolkit
 xmltodict==0.13.0
     # via yq
-yq==3.2.3
+yq==3.4.1
     # via -r requirements/jenkins.in
 
 # The following packages are considered to be unsafe in a requirements file:

util/pingdom/requirements.txt

@@ -4,19 +4,19 @@
 #
 #    make upgrade
 #
-certifi==2023.11.17
+certifi==2024.2.2
     # via requests
 charset-normalizer==3.3.2
     # via requests
 click==6.7
     # via -r requirements/pingdom.in
-idna==3.6
+idna==3.7
     # via requests
 pyyaml==6.0.1
     # via -r requirements/pingdom.in
 requests==2.31.0
     # via -r requirements/pingdom.in
 six==1.14.0
     # via -r requirements/pingdom.in
-urllib3==2.1.0
+urllib3==2.2.1
     # via requests

util/vpc-tools/requirements.txt

@@ -6,15 +6,15 @@
 #
 boto==2.49.0
     # via -r requirements/vpc-tools.in
-certifi==2023.11.17
+certifi==2024.2.2
     # via requests
 charset-normalizer==3.3.2
     # via requests
 docopt==0.6.2
     # via -r requirements/vpc-tools.in
-idna==3.6
+idna==3.7
     # via requests
 requests==2.31.0
     # via -r requirements/vpc-tools.in
-urllib3==2.1.0
+urllib3==2.2.1
     # via requests