chore: Updating Python Requirements (#261)

Co-authored-by: Isaac Lee <[email protected]>

requirements/base.txt

@@ -6,10 +6,11 @@
 #
 appdirs==1.4.4
     # via fs
-asgiref==3.7.2
+asgiref==3.8.1
     # via
     #   django
     #   django-cors-headers
+    #   django-simple-history
 async-timeout==4.0.3
     # via redis
 attrs==23.2.0
@@ -18,12 +19,14 @@ attrs==23.2.0
     #   lti-consumer-xblock
     #   openedx-events
 backports-zoneinfo==0.2.1
-    # via django
+    # via
+    #   django
+    #   djangorestframework
 bleach==6.1.0
     # via lti-consumer-xblock
-boto3==1.34.45
+boto3==1.34.70
     # via fs-s3fs
-botocore==1.34.45
+botocore==1.34.70
     # via
     #   boto3
     #   s3transfer
@@ -39,15 +42,15 @@ click==8.1.7
     # via
     #   code-annotations
     #   edx-django-utils
-code-annotations==1.6.0
+code-annotations==1.7.0
     # via edx-toggles
 coreapi==2.3.3
     # via
     #   django-rest-swagger
     #   openapi-codec
 coreschema==0.0.4
     # via coreapi
-cryptography==42.0.3
+cryptography==42.0.5
     # via
     #   pyjwt
     #   social-auth-core
@@ -57,7 +60,7 @@ defusedxml==0.8.0rc2
     #   social-auth-core
 django==4.2.11
     # via
-    #   -c requirements/constraints.txt
+    #   -c requirements/common_constraints.txt
     #   -r requirements/base.in
     #   django-appconf
     #   django-config-models
@@ -98,13 +101,13 @@ django-crum==0.7.9
     #   edx-toggles
 django-extensions==3.2.3
     # via -r requirements/base.in
-django-filter==23.5
+django-filter==24.1
     # via lti-consumer-xblock
 django-model-utils==4.4.0
     # via -r requirements/base.in
 django-rest-swagger==2.2.0
     # via -r requirements/base.in
-django-simple-history==3.4.0
+django-simple-history==3.5.0
     # via -r requirements/base.in
 django-statici18n==2.4.0
     # via lti-consumer-xblock
@@ -114,7 +117,7 @@ django-waffle==4.1.0
     #   edx-django-utils
     #   edx-drf-extensions
     #   edx-toggles
-djangorestframework==3.14.0
+djangorestframework==3.15.1
     # via
     #   -r requirements/base.in
     #   django-config-models
@@ -135,7 +138,7 @@ edx-ccx-keys==1.2.1
     # via lti-consumer-xblock
 edx-django-release-util==1.3.0
     # via -r requirements/base.in
-edx-django-utils==5.10.1
+edx-django-utils==5.11.0
     # via
     #   -r requirements/base.in
     #   django-config-models
@@ -151,7 +154,7 @@ edx-drf-extensions==9.1.2
     #   -r requirements/base.in
 edx-event-bus-kafka==5.6.0
     # via -r requirements/base.in
-edx-event-bus-redis==0.3.3
+edx-event-bus-redis==0.4.0
     # via -r requirements/base.in
 edx-opaque-keys[django]==2.5.1
     # via
@@ -177,7 +180,7 @@ fs==2.4.16
     #   xblock
 fs-s3fs==1.1.1
     # via openedx-django-pyfs
-future==0.18.3
+future==1.0.0
     # via pyjwkest
 idna==3.6
     # via requests
@@ -214,7 +217,7 @@ markupsafe==2.1.5
     #   xblock
 mysqlclient==2.2.4
     # via -r requirements/base.in
-newrelic==9.6.0
+newrelic==9.7.1
     # via edx-django-utils
 oauthlib==3.2.2
     # via
@@ -232,7 +235,7 @@ openedx-events==9.5.2
     #   edx-event-bus-redis
 openedx-filters==1.6.0
     # via lti-consumer-xblock
-packaging==23.2
+packaging==24.0
     # via drf-yasg
 pbr==6.0.0
     # via stevedore
@@ -261,7 +264,7 @@ pymongo==3.13.0
     # via edx-opaque-keys
 pynacl==1.5.0
     # via edx-django-utils
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via
     #   botocore
     #   xblock
@@ -272,7 +275,6 @@ python3-openid==3.2.0
 pytz==2024.1
     # via
     #   -r requirements/base.in
-    #   djangorestframework
     #   drf-yasg
     #   xblock
 pyyaml==6.0.1
@@ -281,7 +283,7 @@ pyyaml==6.0.1
     #   drf-yasg
     #   edx-django-release-util
     #   xblock
-redis==5.0.1
+redis==5.0.3
     # via walrus
 requests==2.31.0
     # via
@@ -292,9 +294,9 @@ requests==2.31.0
     #   requests-oauthlib
     #   slumber
     #   social-auth-core
-requests-oauthlib==1.3.1
+requests-oauthlib==2.0.0
     # via social-auth-core
-s3transfer==0.10.0
+s3transfer==0.10.1
     # via boto3
 semantic-version==2.10.0
     # via edx-drf-extensions
@@ -322,14 +324,14 @@ social-auth-core==4.5.3
     #   social-auth-app-django
 sqlparse==0.4.4
     # via django
-stevedore==5.1.0
+stevedore==5.2.0
     # via
     #   code-annotations
     #   edx-django-utils
     #   edx-opaque-keys
 text-unidecode==1.3
     # via python-slugify
-typing-extensions==4.9.0
+typing-extensions==4.10.0
     # via
     #   asgiref
     #   edx-opaque-keys
@@ -349,7 +351,7 @@ webencodings==0.5.1
     # via bleach
 webob==1.8.7
     # via xblock
-xblock==1.10.0
+xblock==3.0.0
     # via lti-consumer-xblock
 
 # The following packages are considered to be unsafe in a requirements file:

requirements/ci.txt

@@ -4,19 +4,19 @@
 #
 #    make upgrade
 #
-cachetools==5.3.2
+cachetools==5.3.3
     # via tox
 chardet==5.2.0
     # via tox
 colorama==0.4.6
     # via tox
 distlib==0.3.8
     # via virtualenv
-filelock==3.13.1
+filelock==3.13.3
     # via
     #   tox
     #   virtualenv
-packaging==23.2
+packaging==24.0
     # via
     #   pyproject-api
     #   tox
@@ -32,7 +32,7 @@ tomli==2.0.1
     # via
     #   pyproject-api
     #   tox
-tox==4.13.0
+tox==4.14.2
     # via -r requirements/ci.in
-virtualenv==20.25.0
+virtualenv==20.25.1
     # via tox

requirements/common_constraints.txt

@@ -22,3 +22,12 @@ elasticsearch<7.14.0
 
 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
 
+
+# opentelemetry requires version 6.x at the moment:
+# https://github.com/open-telemetry/opentelemetry-python/issues/3570
+# Normally this could be added as a constraint in edx-django-utils, where we're
+# adding the opentelemetry dependency. However, when we compile pip-tools.txt,
+# that uses version 7.x, and then there's no undoing that when compiling base.txt.
+# So we need to pin it globally, for now.
+# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407
+importlib-metadata<7