chore: Upgrade Python requirements

Makefile

@@ -130,10 +130,6 @@ upgrade: $(COMMON_CONSTRAINTS_TXT) ## update the requirements/*.txt files with t
 	$(PIP_COMPILE) -o requirements/ci.txt requirements/ci.in
 	$(PIP_COMPILE) -o requirements/dev.txt requirements/dev.in
 	$(PIP_COMPILE) -o requirements/production.txt requirements/production.in
-	# Let tox control the Django version for tests
-	grep -e "^django==" requirements/base.txt > requirements/django.txt
-	sed '/^[dD]jango==/d' requirements/test.txt > requirements/test.tmp
-	mv requirements/test.tmp requirements/test.txt
 
 extract_translations: ## extract strings to be translated, outputting .mo files
 	python manage.py makemessages -l en -v1 -d django

requirements/base.txt

@@ -8,16 +8,16 @@ asgiref==3.8.1
     # via
     #   django
     #   django-cors-headers
-attrs==24.1.0
+attrs==24.2.0
     # via
     #   jsonschema
     #   openedx-events
     #   referencing
-avro==1.11.3
+avro==1.12.0
     # via confluent-kafka
 certifi==2024.7.4
     # via requests
-cffi==1.16.0
+cffi==1.17.0
     # via
     #   cryptography
     #   pynacl
@@ -39,7 +39,7 @@ defusedxml==0.8.0rc2
     # via
     #   python3-openid
     #   social-auth-core
-django==4.2.14
+django==4.2.15
     # via
     #   -c requirements/common_constraints.txt
     #   -r requirements/base.in
@@ -144,7 +144,7 @@ edx-drf-extensions==10.3.0
     # via
     #   -r requirements/base.in
     #   edx-rbac
-edx-event-bus-kafka==5.8.0
+edx-event-bus-kafka==5.8.1
     # via -r requirements/base.in
 edx-opaque-keys[django]==2.10.0
     # via
@@ -187,7 +187,7 @@ mysqlclient==2.2.4
     # via
     #   -r requirements/base.in
     #   openedx-ledger
-newrelic==9.12.0
+newrelic==9.13.0
     # via edx-django-utils
 oauthlib==3.2.2
     # via
@@ -199,7 +199,7 @@ openedx-events==9.11.0
     #   -r requirements/base.in
     #   edx-event-bus-kafka
     #   openedx-ledger
-openedx-ledger==1.5.4
+openedx-ledger==1.5.5
     # via -r requirements/base.in
 packaging==24.1
     # via drf-yasg
@@ -235,7 +235,7 @@ pytz==2024.1
     #   drf-yasg
     #   getsmarter-api-clients
     #   openedx-ledger
-pyyaml==6.0.1
+pyyaml==6.0.2
     # via
     #   code-annotations
     #   drf-spectacular
@@ -259,7 +259,7 @@ requests-oauthlib==2.0.0
     # via
     #   getsmarter-api-clients
     #   social-auth-core
-rpds-py==0.19.1
+rpds-py==0.20.0
     # via
     #   jsonschema
     #   referencing

requirements/ci.txt

@@ -28,7 +28,7 @@ pluggy==1.5.0
     # via tox
 pyproject-api==1.7.1
     # via tox
-tox==4.16.0
+tox==4.17.1
     # via -r requirements/ci.in
 virtualenv==20.26.3
     # via tox

requirements/common_constraints.txt

@@ -3,6 +3,11 @@
 # See BOM-2721 for more details.
 # Below is the copied and edited version of common_constraints
 
+# This is a temporary solution to override the real common_constraints.txt
+# In edx-lint, until the pyjwt constraint in edx-lint has been removed.
+# See BOM-2721 for more details.
+# Below is the copied and edited version of common_constraints
+
 # A central location for most common version constraints
 # (across edx repos) for pip-installation.
 #
@@ -28,15 +33,6 @@ elasticsearch<7.14.0
 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
 3.0.0
 
-# opentelemetry requires version 6.x at the moment:
-# https://github.com/open-telemetry/opentelemetry-python/issues/3570
-# Normally this could be added as a constraint in edx-django-utils, where we're
-# adding the opentelemetry dependency. However, when we compile pip-tools.txt,
-# that uses version 7.x, and then there's no undoing that when compiling base.txt.
-# So we need to pin it globally, for now.
-# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407
-importlib-metadata<7
-
 # Cause: https://github.com/openedx/event-tracking/pull/290
 # event-tracking 2.4.1 upgrades to pymongo 4.4.0 which is not supported on edx-platform.
 # We will pin event-tracking to do not break existing installations

requirements/dev.txt

@@ -14,13 +14,13 @@ astroid==3.2.4
     #   -r requirements/validation.txt
     #   pylint
     #   pylint-celery
-attrs==24.1.0
+attrs==24.2.0
     # via
     #   -r requirements/validation.txt
     #   jsonschema
     #   openedx-events
     #   referencing
-avro==1.11.3
+avro==1.12.0
     # via
     #   -r requirements/validation.txt
     #   confluent-kafka
@@ -36,7 +36,7 @@ certifi==2024.7.4
     # via
     #   -r requirements/validation.txt
     #   requests
-cffi==1.16.0
+cffi==1.17.0
     # via
     #   -r requirements/validation.txt
     #   cryptography
@@ -103,7 +103,7 @@ distlib==0.3.8
     # via
     #   -r requirements/validation.txt
     #   virtualenv
-django==4.2.14
+django==4.2.15
     # via
     #   -r requirements/validation.txt
     #   django-clearcache
@@ -228,7 +228,7 @@ edx-drf-extensions==10.3.0
     # via
     #   -r requirements/validation.txt
     #   edx-rbac
-edx-event-bus-kafka==5.8.0
+edx-event-bus-kafka==5.8.1
     # via -r requirements/validation.txt
 edx-i18n-tools==1.6.2
     # via -r requirements/dev.in
@@ -252,7 +252,7 @@ edx-toggles==5.2.0
     #   edx-event-bus-kafka
 factory-boy==3.3.0
     # via -r requirements/validation.txt
-faker==26.1.0
+faker==26.3.0
     # via
     #   -r requirements/validation.txt
     #   factory-boy
@@ -272,7 +272,7 @@ idna==3.7
     # via
     #   -r requirements/validation.txt
     #   requests
-importlib-metadata==6.11.0
+importlib-metadata==8.2.0
     # via
     #   -r requirements/validation.txt
     #   twine
@@ -327,7 +327,7 @@ keyring==25.3.0
     # via
     #   -r requirements/validation.txt
     #   twine
-lxml==5.2.2
+lxml==5.3.0
     # via edx-i18n-tools
 markdown-it-py==3.0.0
     # via
@@ -347,7 +347,7 @@ mdurl==0.1.2
     #   markdown-it-py
 mock==5.1.0
     # via -r requirements/validation.txt
-more-itertools==10.3.0
+more-itertools==10.4.0
     # via
     #   -r requirements/validation.txt
     #   jaraco-classes
@@ -356,7 +356,7 @@ mysqlclient==2.2.4
     # via
     #   -r requirements/validation.txt
     #   openedx-ledger
-newrelic==9.12.0
+newrelic==9.13.0
     # via
     #   -r requirements/validation.txt
     #   edx-django-utils
@@ -375,7 +375,7 @@ openedx-events==9.11.0
     #   -r requirements/validation.txt
     #   edx-event-bus-kafka
     #   openedx-ledger
-openedx-ledger==1.5.4
+openedx-ledger==1.5.5
     # via -r requirements/validation.txt
 packaging==24.1
     # via
@@ -509,7 +509,7 @@ pytz==2024.1
     #   drf-yasg
     #   getsmarter-api-clients
     #   openedx-ledger
-pyyaml==6.0.1
+pyyaml==6.0.2
     # via
     #   -r requirements/validation.txt
     #   code-annotations
@@ -562,7 +562,7 @@ rich==13.7.1
     # via
     #   -r requirements/validation.txt
     #   twine
-rpds-py==0.19.1
+rpds-py==0.20.0
     # via
     #   -r requirements/validation.txt
     #   jsonschema
@@ -624,7 +624,7 @@ tomlkit==0.13.0
     # via
     #   -r requirements/validation.txt
     #   pylint
-tox==4.16.0
+tox==4.17.1
     # via -r requirements/validation.txt
 twine==5.1.1
     # via -r requirements/validation.txt
@@ -652,7 +652,7 @@ wheel==0.44.0
     # via
     #   -r requirements/pip-tools.txt
     #   pip-tools
-zipp==3.19.2
+zipp==3.20.0
     # via
     #   -r requirements/validation.txt
     #   importlib-metadata

requirements/doc.txt

@@ -18,17 +18,17 @@ astroid==3.2.4
     #   -r requirements/test.txt
     #   pylint
     #   pylint-celery
-attrs==24.1.0
+attrs==24.2.0
     # via
     #   -r requirements/test.txt
     #   jsonschema
     #   openedx-events
     #   referencing
-avro==1.11.3
+avro==1.12.0
     # via
     #   -r requirements/test.txt
     #   confluent-kafka
-babel==2.15.0
+babel==2.16.0
     # via
     #   pydata-sphinx-theme
     #   sphinx
@@ -44,7 +44,7 @@ certifi==2024.7.4
     # via
     #   -r requirements/test.txt
     #   requests
-cffi==1.16.0
+cffi==1.17.0
     # via
     #   -r requirements/test.txt
     #   cryptography
@@ -104,7 +104,7 @@ distlib==0.3.8
     # via
     #   -r requirements/test.txt
     #   virtualenv
-django==4.2.14
+django==4.2.15
     # via
     #   -c requirements/common_constraints.txt
     #   -r requirements/test.txt
@@ -231,7 +231,7 @@ edx-drf-extensions==10.3.0
     # via
     #   -r requirements/test.txt
     #   edx-rbac
-edx-event-bus-kafka==5.8.0
+edx-event-bus-kafka==5.8.1
     # via -r requirements/test.txt
 edx-lint==5.3.7
     # via -r requirements/test.txt
@@ -253,7 +253,7 @@ edx-toggles==5.2.0
     #   edx-event-bus-kafka
 factory-boy==3.3.0
     # via -r requirements/test.txt
-faker==26.1.0
+faker==26.3.0
     # via
     #   -r requirements/test.txt
     #   factory-boy
@@ -275,10 +275,8 @@ idna==3.7
     #   requests
 imagesize==1.4.1
     # via sphinx
-importlib-metadata==6.11.0
-    # via
-    #   -c requirements/common_constraints.txt
-    #   twine
+importlib-metadata==8.2.0
+    # via twine
 inflection==0.5.1
     # via
     #   -r requirements/test.txt
@@ -335,15 +333,15 @@ mdurl==0.1.2
     # via markdown-it-py
 mock==5.1.0
     # via -r requirements/test.txt
-more-itertools==10.3.0
+more-itertools==10.4.0
     # via
     #   jaraco-classes
     #   jaraco-functools
 mysqlclient==2.2.4
     # via
     #   -r requirements/test.txt
     #   openedx-ledger
-newrelic==9.12.0
+newrelic==9.13.0
     # via
     #   -r requirements/test.txt
     #   edx-django-utils
@@ -360,7 +358,7 @@ openedx-events==9.11.0
     #   -r requirements/test.txt
     #   edx-event-bus-kafka
     #   openedx-ledger
-openedx-ledger==1.5.4
+openedx-ledger==1.5.5
     # via -r requirements/test.txt
 packaging==24.1
     # via
@@ -483,7 +481,7 @@ pytz==2024.1
     #   drf-yasg
     #   getsmarter-api-clients
     #   openedx-ledger
-pyyaml==6.0.1
+pyyaml==6.0.2
     # via
     #   -r requirements/test.txt
     #   code-annotations
@@ -530,7 +528,7 @@ rfc3986==2.0.0
     # via twine
 rich==13.7.1
     # via twine
-rpds-py==0.19.1
+rpds-py==0.20.0
     # via
     #   -r requirements/test.txt
     #   jsonschema
@@ -609,7 +607,7 @@ tomlkit==0.13.0
     # via
     #   -r requirements/test.txt
     #   pylint
-tox==4.16.0
+tox==4.17.1
     # via -r requirements/test.txt
 twine==5.1.1
     # via -r requirements/doc.in
@@ -634,7 +632,7 @@ virtualenv==20.26.3
     # via
     #   -r requirements/test.txt
     #   tox
-zipp==3.19.2
+zipp==3.20.0
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file: