edx · edx-requirements-bot · Jun 24, 2024
@@ -4,11 +4,13 @@
 #
 #    make upgrade
 #
-asgiref==3.7.2
+asgiref==3.8.1
     # via
     #   django
     #   django-cors-headers
-certifi==2024.2.2
+backports-zoneinfo==0.2.1
+    # via djangorestframework
+certifi==2024.6.2
     # via
     #   opsgenie-sdk
     #   requests
@@ -26,16 +28,17 @@ coreapi==2.3.3
     #   openapi-codec
 coreschema==0.0.4
     # via coreapi
-cryptography==42.0.5
+cryptography==42.0.8
     # via
     #   pyjwt
     #   social-auth-core
 defusedxml==0.8.0rc2
     # via
     #   python3-openid
     #   social-auth-core
-django==3.2.24
+django==3.2.25
     # via
+    #   -c requirements/common_constraints.txt
     #   -c requirements/constraints.txt
     #   -r requirements/base.in
     #   django-cors-headers
@@ -49,7 +52,7 @@ django==3.2.24
     #   edx-django-utils
     #   edx-drf-extensions
     #   social-auth-app-django
-django-cors-headers==4.3.1
+django-cors-headers==4.4.0
     # via -r requirements/base.in
 django-crum==0.7.9
     # via edx-django-utils
@@ -66,42 +69,44 @@ django-waffle==4.1.0
     #   -r requirements/base.in
     #   edx-django-utils
     #   edx-drf-extensions
-djangorestframework==3.14.0
+djangorestframework==3.15.1
     # via
     #   -r requirements/base.in
     #   django-rest-swagger
     #   drf-jwt
     #   edx-drf-extensions
+dnspython==2.6.1
+    # via pymongo
 drf-jwt==1.19.2
     # via edx-drf-extensions
-edx-auth-backends==4.2.0
+edx-auth-backends==4.3.0
     # via -r requirements/base.in
-edx-django-release-util==1.3.0
+edx-django-release-util==1.4.0
     # via -r requirements/base.in
-edx-django-utils==5.10.1
+edx-django-utils==5.14.2
     # via
     #   -r requirements/base.in
     #   edx-drf-extensions
     #   edx-rest-api-client
-edx-drf-extensions==10.2.0
+edx-drf-extensions==10.3.0
     # via -r requirements/base.in
-edx-opaque-keys==2.5.1
+edx-opaque-keys==2.10.0
     # via edx-drf-extensions
-edx-rest-api-client==5.6.1
+edx-rest-api-client==5.7.0
     # via -r requirements/base.in
-idna==3.6
+idna==3.7
     # via requests
-importlib-resources==5.13.0
+importlib-resources==6.4.0
     # via pycountry
 itypes==1.2.0
     # via coreapi
-jinja2==3.1.3
+jinja2==3.1.4
     # via coreschema
 markupsafe==2.1.5
     # via jinja2
 mysqlclient==2.2.4
     # via -r requirements/base.in
-newrelic==9.7.0
+newrelic==9.11.0
     # via edx-django-utils
 oauthlib==3.2.2
     # via
@@ -113,11 +118,11 @@ opsgenie-sdk==2.1.5
     # via -r requirements/base.in
 pbr==6.0.0
     # via stevedore
-psutil==5.9.8
+psutil==6.0.0
     # via edx-django-utils
-pycountry==23.12.11
+pycountry==24.6.1
     # via -r requirements/base.in
-pycparser==2.21
+pycparser==2.22
     # via cffi
 pyjwt[crypto]==2.8.0
     # via
@@ -126,19 +131,18 @@ pyjwt[crypto]==2.8.0
     #   edx-drf-extensions
     #   edx-rest-api-client
     #   social-auth-core
-pymongo==3.13.0
+pymongo==4.7.3
     # via edx-opaque-keys
 pynacl==1.5.0
     # via edx-django-utils
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via opsgenie-sdk
 python3-openid==3.2.0
     # via social-auth-core
 pytz==2024.1
     # via
     #   -r requirements/base.in
     #   django
-    #   djangorestframework
 pyyaml==6.0.1
     # via
     #   edx-django-release-util
@@ -152,9 +156,9 @@ requests==2.31.0
     #   responses
     #   slumber
     #   social-auth-core
-requests-oauthlib==1.3.1
+requests-oauthlib==2.0.0
     # via social-auth-core
-responses==0.25.0
+responses==0.25.3
     # via -r requirements/base.in
 semantic-version==2.10.0
     # via edx-drf-extensions
@@ -168,34 +172,34 @@ six==1.16.0
     #   python-dateutil
 slumber==0.7.1
     # via edx-rest-api-client
-social-auth-app-django==5.4.0
+social-auth-app-django==5.4.1
     # via edx-auth-backends
-social-auth-core==4.5.3
+social-auth-core==4.5.4
     # via
     #   edx-auth-backends
     #   social-auth-app-django
-sqlparse==0.4.4
+sqlparse==0.5.0
     # via django
 stevedore==5.2.0
     # via
     #   edx-django-utils
     #   edx-opaque-keys
-tenacity==8.2.3
+tenacity==8.4.1
     # via opsgenie-sdk
-testfixtures==8.0.0
+testfixtures==8.3.0
     # via -r requirements/base.in
-typing-extensions==4.10.0
+typing-extensions==4.12.2
     # via
     #   asgiref
     #   edx-opaque-keys
 uritemplate==4.1.1
     # via coreapi
-urllib3==2.2.1
+urllib3==2.2.2
     # via
     #   opsgenie-sdk
     #   requests
     #   responses
-zipp==3.17.0
+zipp==3.19.2
     # via importlib-resources
 
 # The following packages are considered to be unsafe in a requirements file:

@@ -4,23 +4,23 @@
 #
 #    make upgrade
 #
-coverage==7.4.3
+coverage==7.5.4
     # via -r requirements/ci.in
 distlib==0.3.8
     # via virtualenv
-filelock==3.13.1
+filelock==3.15.4
     # via
     #   tox
     #   virtualenv
-packaging==23.2
+packaging==24.1
     # via
     #   pyproject-api
     #   tox
-platformdirs==4.2.0
+platformdirs==4.2.2
     # via
     #   tox
     #   virtualenv
-pluggy==1.4.0
+pluggy==1.5.0
     # via tox
 py==1.11.0
     # via tox
@@ -36,5 +36,5 @@ tox==3.28.0
     #   tox-battery
 tox-battery==0.6.2
     # via -r requirements/ci.in
-virtualenv==20.25.1
+virtualenv==20.26.3
     # via tox
@@ -14,11 +14,20 @@
 
 
 # using LTS django version
-
+Django<5.0
 
 # elasticsearch>=7.14.0 includes breaking changes in it which caused issues in discovery upgrade process.
 # elastic search changelog: https://www.elastic.co/guide/en/enterprise-search/master/release-notes-7.14.0.html
 elasticsearch<7.14.0
 
 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
 django-simple-history==3.0.0
+
+# opentelemetry requires version 6.x at the moment:
+# https://github.com/open-telemetry/opentelemetry-python/issues/3570
+# Normally this could be added as a constraint in edx-django-utils, where we're
+# adding the opentelemetry dependency. However, when we compile pip-tools.txt,
+# that uses version 7.x, and then there's no undoing that when compiling base.txt.
+# So we need to pin it globally, for now.
+# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407
+importlib-metadata<7