diff --git a/requirements/constraints.txt b/requirements/constraints.txt index 0b13916476..43efc6043e 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -188,11 +188,9 @@ pymongo<4.4.1 # Issue for unpinning: https://github.com/edx/edx-arch-experiments/issues/760 social-auth-app-django<=5.4.1 -# Date: 2023-11-05 -# urllib3>=2.0.0 conflicts with elastic search && snowflake-connector-python packages -# which require urllib3<2 for now. -# Issue for unpinning: https://github.com/openedx/edx-platform/issues/32222 -urllib3<2.0.0 +# # Date: 2024-10-14 +# # The edx-enterprise is currently using edx-rest-api-client==5.7.1, which needs to be updated first. +# edx-rest-api-client==5.7.1 # Date: 2024-04-24 # xmlsec==1.3.14 breaking tests or all builds, can be removed once a fix is available diff --git a/requirements/edx-sandbox/base.txt b/requirements/edx-sandbox/base.txt index ad75d4564b..de6fec3789 100644 --- a/requirements/edx-sandbox/base.txt +++ b/requirements/edx-sandbox/base.txt @@ -57,7 +57,7 @@ openedx-calc==3.1.2 # via -r requirements/edx-sandbox/base.in packaging==24.1 # via matplotlib -pillow==10.4.0 +pillow==11.0.0 # via matplotlib pycparser==2.22 # via cffi diff --git a/requirements/edx/base.txt b/requirements/edx/base.txt index a988b290d7..9f4a8f33e2 100644 --- a/requirements/edx/base.txt +++ b/requirements/edx/base.txt @@ -70,13 +70,13 @@ bleach[css]==6.1.0 # xblock-poll boto==2.49.0 # via -r requirements/edx/kernel.in -boto3==1.35.40 +boto3==1.35.42 # via # -r requirements/edx/kernel.in # django-ses # fs-s3fs # ora2 -botocore==1.35.40 +botocore==1.35.42 # via # -r requirements/edx/kernel.in # boto3 @@ -438,7 +438,7 @@ edx-django-release-util==1.4.0 # edxval edx-django-sites-extensions==4.2.0 # via -r requirements/edx/kernel.in -edx-django-utils==6.0.0 +edx-django-utils==6.1.0 # via # -r requirements/edx/kernel.in # django-config-models @@ -543,7 +543,7 @@ edx-when==2.5.0 # edx-proctoring edxval==2.6.0 # via -r requirements/edx/kernel.in -elasticsearch==7.13.4 +elasticsearch==7.9.1 # via # -c requirements/edx/../common_constraints.txt # edx-search @@ -621,11 +621,11 @@ googleapis-common-protos==1.65.0 # via # google-api-core # grpcio-status -grpcio==1.66.2 +grpcio==1.67.0 # via # google-api-core # grpcio-status -grpcio-status==1.66.2 +grpcio-status==1.67.0 # via google-api-core gunicorn==23.0.0 # via -r requirements/edx/kernel.in @@ -769,7 +769,7 @@ multidict==6.1.0 # yarl mysqlclient==2.2.4 # via -r requirements/edx/kernel.in -newrelic==10.1.0 +newrelic==10.2.0 # via # -r requirements/edx/bundled.in # edx-django-utils @@ -869,7 +869,7 @@ pgpy==0.6.0 # via edx-enterprise piexif==1.1.3 # via -r requirements/edx/kernel.in -pillow==10.4.0 +pillow==11.0.0 # via # -r requirements/edx/kernel.in # edx-enterprise @@ -1219,9 +1219,8 @@ uritemplate==4.1.1 # drf-spectacular # drf-yasg # google-api-python-client -urllib3==1.26.20 +urllib3==2.2.3 # via - # -c requirements/edx/../constraints.txt # -r requirements/edx/paver.txt # botocore # elasticsearch @@ -1292,7 +1291,7 @@ xmlsec==1.3.13 # python3-saml xss-utils==0.6.0 # via -r requirements/edx/kernel.in -yarl==1.15.2 +yarl==1.15.4 # via aiohttp zipp==3.20.2 # via importlib-metadata diff --git a/requirements/edx/development.txt b/requirements/edx/development.txt index 83560a93d1..46f985cba5 100644 --- a/requirements/edx/development.txt +++ b/requirements/edx/development.txt @@ -140,14 +140,14 @@ boto==2.49.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -boto3==1.35.40 +boto3==1.35.42 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt # django-ses # fs-s3fs # ora2 -botocore==1.35.40 +botocore==1.35.42 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt @@ -710,7 +710,7 @@ edx-django-sites-extensions==4.2.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -edx-django-utils==6.0.0 +edx-django-utils==6.1.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt @@ -850,7 +850,7 @@ edxval==2.6.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -elasticsearch==7.13.4 +elasticsearch==7.9.1 # via # -c requirements/edx/../common_constraints.txt # -r requirements/edx/doc.txt @@ -879,7 +879,7 @@ execnet==2.1.1 # pytest-xdist factory-boy==3.3.1 # via -r requirements/edx/testing.txt -faker==30.3.0 +faker==30.6.0 # via # -r requirements/edx/testing.txt # factory-boy @@ -1009,13 +1009,13 @@ grimp==3.5 # via # -r requirements/edx/testing.txt # import-linter -grpcio==1.66.2 +grpcio==1.67.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt # google-api-core # grpcio-status -grpcio-status==1.66.2 +grpcio-status==1.67.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt @@ -1291,7 +1291,7 @@ mysqlclient==2.2.4 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -newrelic==10.1.0 +newrelic==10.2.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt @@ -1456,7 +1456,7 @@ piexif==1.1.3 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -pillow==10.4.0 +pillow==11.0.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt @@ -2053,7 +2053,7 @@ staff-graded-xblock==2.3.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -starlette==0.39.2 +starlette==0.40.0 # via # -r requirements/edx/testing.txt # fastapi @@ -2099,7 +2099,7 @@ tomlkit==0.13.2 # -r requirements/edx/testing.txt # pylint # snowflake-connector-python -tox==4.21.2 +tox==4.23.0 # via -r requirements/edx/testing.txt tqdm==4.66.5 # via @@ -2113,10 +2113,8 @@ types-pyyaml==6.0.12.20240917 # via # django-stubs # djangorestframework-stubs -types-requests==2.31.0.6 +types-requests==2.32.0.20241016 # via djangorestframework-stubs -types-urllib3==1.26.25.14 - # via types-requests typing-extensions==4.12.2 # via # -r requirements/edx/doc.txt @@ -2158,20 +2156,20 @@ uritemplate==4.1.1 # drf-spectacular # drf-yasg # google-api-python-client -urllib3==1.26.20 +urllib3==2.2.3 # via - # -c requirements/edx/../constraints.txt # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt # botocore # elasticsearch # py2neo # requests + # types-requests user-util==1.1.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -uvicorn==0.31.1 +uvicorn==0.32.0 # via # -r requirements/edx/testing.txt # pact-python @@ -2282,7 +2280,7 @@ xss-utils==0.6.0 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt -yarl==1.15.2 +yarl==1.15.4 # via # -r requirements/edx/doc.txt # -r requirements/edx/testing.txt diff --git a/requirements/edx/doc.txt b/requirements/edx/doc.txt index a5c41ab10c..7dfd085a77 100644 --- a/requirements/edx/doc.txt +++ b/requirements/edx/doc.txt @@ -102,13 +102,13 @@ bleach[css]==6.1.0 # xblock-poll boto==2.49.0 # via -r requirements/edx/base.txt -boto3==1.35.40 +boto3==1.35.42 # via # -r requirements/edx/base.txt # django-ses # fs-s3fs # ora2 -botocore==1.35.40 +botocore==1.35.42 # via # -r requirements/edx/base.txt # boto3 @@ -518,7 +518,7 @@ edx-django-release-util==1.4.0 # edxval edx-django-sites-extensions==4.2.0 # via -r requirements/edx/base.txt -edx-django-utils==6.0.0 +edx-django-utils==6.1.0 # via # -r requirements/edx/base.txt # django-config-models @@ -626,7 +626,7 @@ edx-when==2.5.0 # edx-proctoring edxval==2.6.0 # via -r requirements/edx/base.txt -elasticsearch==7.13.4 +elasticsearch==7.9.1 # via # -c requirements/edx/../common_constraints.txt # -r requirements/edx/base.txt @@ -735,12 +735,12 @@ googleapis-common-protos==1.65.0 # -r requirements/edx/base.txt # google-api-core # grpcio-status -grpcio==1.66.2 +grpcio==1.67.0 # via # -r requirements/edx/base.txt # google-api-core # grpcio-status -grpcio-status==1.66.2 +grpcio-status==1.67.0 # via # -r requirements/edx/base.txt # google-api-core @@ -923,7 +923,7 @@ multidict==6.1.0 # yarl mysqlclient==2.2.4 # via -r requirements/edx/base.txt -newrelic==10.1.0 +newrelic==10.2.0 # via # -r requirements/edx/base.txt # edx-django-utils @@ -1039,7 +1039,7 @@ picobox==4.0.0 # via sphinxcontrib-openapi piexif==1.1.3 # via -r requirements/edx/base.txt -pillow==10.4.0 +pillow==11.0.0 # via # -r requirements/edx/base.txt # edx-enterprise @@ -1503,9 +1503,8 @@ uritemplate==4.1.1 # drf-spectacular # drf-yasg # google-api-python-client -urllib3==1.26.20 +urllib3==2.2.3 # via - # -c requirements/edx/../constraints.txt # -r requirements/edx/base.txt # botocore # elasticsearch @@ -1586,7 +1585,7 @@ xmlsec==1.3.13 # python3-saml xss-utils==0.6.0 # via -r requirements/edx/base.txt -yarl==1.15.2 +yarl==1.15.4 # via # -r requirements/edx/base.txt # aiohttp diff --git a/requirements/edx/paver.txt b/requirements/edx/paver.txt index 2d8f510e03..736ae91e91 100644 --- a/requirements/edx/paver.txt +++ b/requirements/edx/paver.txt @@ -57,10 +57,8 @@ stevedore==5.3.0 # edx-opaque-keys typing-extensions==4.12.2 # via edx-opaque-keys -urllib3==1.26.20 - # via - # -c requirements/edx/../constraints.txt - # requests +urllib3==2.2.3 + # via requests watchdog==5.0.3 # via -r requirements/edx/paver.in wrapt==1.16.0 diff --git a/requirements/edx/semgrep.txt b/requirements/edx/semgrep.txt index 174fa87d08..d49494b633 100644 --- a/requirements/edx/semgrep.txt +++ b/requirements/edx/semgrep.txt @@ -34,12 +34,22 @@ colorama==0.4.6 # via semgrep defusedxml==0.7.1 # via semgrep +deprecated==1.2.14 + # via + # opentelemetry-api + # opentelemetry-exporter-otlp-proto-http +exceptiongroup==1.2.2 + # via semgrep face==22.0.0 # via glom glom==22.1.0 # via semgrep +googleapis-common-protos==1.65.0 + # via opentelemetry-exporter-otlp-proto-http idna==3.10 # via requests +importlib-metadata==7.1.0 + # via opentelemetry-api jsonschema==4.23.0 # via semgrep jsonschema-specifications==2024.10.1 @@ -48,10 +58,44 @@ markdown-it-py==3.0.0 # via rich mdurl==0.1.2 # via markdown-it-py +opentelemetry-api==1.25.0 + # via + # opentelemetry-exporter-otlp-proto-http + # opentelemetry-instrumentation + # opentelemetry-instrumentation-requests + # opentelemetry-sdk + # opentelemetry-semantic-conventions + # semgrep +opentelemetry-exporter-otlp-proto-common==1.25.0 + # via opentelemetry-exporter-otlp-proto-http +opentelemetry-exporter-otlp-proto-http==1.25.0 + # via semgrep +opentelemetry-instrumentation==0.46b0 + # via opentelemetry-instrumentation-requests +opentelemetry-instrumentation-requests==0.46b0 + # via semgrep +opentelemetry-proto==1.25.0 + # via + # opentelemetry-exporter-otlp-proto-common + # opentelemetry-exporter-otlp-proto-http +opentelemetry-sdk==1.25.0 + # via + # opentelemetry-exporter-otlp-proto-http + # semgrep +opentelemetry-semantic-conventions==0.46b0 + # via + # opentelemetry-instrumentation-requests + # opentelemetry-sdk +opentelemetry-util-http==0.46b0 + # via opentelemetry-instrumentation-requests packaging==24.1 # via semgrep -peewee==3.17.6 +peewee==3.17.7 # via semgrep +protobuf==4.25.5 + # via + # googleapis-common-protos + # opentelemetry-proto pygments==2.18.0 # via rich referencing==0.35.1 @@ -59,8 +103,10 @@ referencing==0.35.1 # jsonschema # jsonschema-specifications requests==2.32.3 - # via semgrep -rich==13.9.2 + # via + # opentelemetry-exporter-otlp-proto-http + # semgrep +rich==13.5.3 # via semgrep rpds-py==0.20.0 # via @@ -70,16 +116,26 @@ ruamel-yaml==0.17.40 # via semgrep ruamel-yaml-clib==0.2.8 # via ruamel-yaml -semgrep==1.52.0 +semgrep==1.91.0 # via -r requirements/edx/semgrep.in tomli==2.0.2 # via semgrep typing-extensions==4.12.2 - # via semgrep -urllib3==1.26.20 # via - # -c requirements/edx/../constraints.txt + # opentelemetry-sdk + # semgrep +urllib3==2.2.3 + # via # requests # semgrep wcmatch==8.5.2 # via semgrep +wrapt==1.16.0 + # via + # deprecated + # opentelemetry-instrumentation +zipp==3.20.2 + # via importlib-metadata + +# The following packages are considered to be unsafe in a requirements file: +# setuptools diff --git a/requirements/edx/testing.txt b/requirements/edx/testing.txt index 090d7300b8..6a981e82ef 100644 --- a/requirements/edx/testing.txt +++ b/requirements/edx/testing.txt @@ -102,13 +102,13 @@ bleach[css]==6.1.0 # xblock-poll boto==2.49.0 # via -r requirements/edx/base.txt -boto3==1.35.40 +boto3==1.35.42 # via # -r requirements/edx/base.txt # django-ses # fs-s3fs # ora2 -botocore==1.35.40 +botocore==1.35.42 # via # -r requirements/edx/base.txt # boto3 @@ -542,7 +542,7 @@ edx-django-release-util==1.4.0 # edxval edx-django-sites-extensions==4.2.0 # via -r requirements/edx/base.txt -edx-django-utils==6.0.0 +edx-django-utils==6.1.0 # via # -r requirements/edx/base.txt # django-config-models @@ -652,7 +652,7 @@ edx-when==2.5.0 # edx-proctoring edxval==2.6.0 # via -r requirements/edx/base.txt -elasticsearch==7.13.4 +elasticsearch==7.9.1 # via # -c requirements/edx/../common_constraints.txt # -r requirements/edx/base.txt @@ -674,7 +674,7 @@ execnet==2.1.1 # via pytest-xdist factory-boy==3.3.1 # via -r requirements/edx/testing.in -faker==30.3.0 +faker==30.6.0 # via factory-boy fastapi==0.115.2 # via pact-python @@ -771,12 +771,12 @@ googleapis-common-protos==1.65.0 # grpcio-status grimp==3.5 # via import-linter -grpcio==1.66.2 +grpcio==1.67.0 # via # -r requirements/edx/base.txt # google-api-core # grpcio-status -grpcio-status==1.66.2 +grpcio-status==1.67.0 # via # -r requirements/edx/base.txt # google-api-core @@ -974,7 +974,7 @@ multidict==6.1.0 # yarl mysqlclient==2.2.4 # via -r requirements/edx/base.txt -newrelic==10.1.0 +newrelic==10.2.0 # via # -r requirements/edx/base.txt # edx-django-utils @@ -1091,7 +1091,7 @@ pgpy==0.6.0 # edx-enterprise piexif==1.1.3 # via -r requirements/edx/base.txt -pillow==10.4.0 +pillow==11.0.0 # via # -r requirements/edx/base.txt # edx-enterprise @@ -1520,7 +1520,7 @@ sqlparse==0.5.1 # django staff-graded-xblock==2.3.0 # via -r requirements/edx/base.txt -starlette==0.39.2 +starlette==0.40.0 # via fastapi stevedore==5.3.0 # via @@ -1556,7 +1556,7 @@ tomlkit==0.13.2 # -r requirements/edx/base.txt # pylint # snowflake-connector-python -tox==4.21.2 +tox==4.23.0 # via -r requirements/edx/testing.in tqdm==4.66.5 # via @@ -1595,9 +1595,8 @@ uritemplate==4.1.1 # drf-spectacular # drf-yasg # google-api-python-client -urllib3==1.26.20 +urllib3==2.2.3 # via - # -c requirements/edx/../constraints.txt # -r requirements/edx/base.txt # botocore # elasticsearch @@ -1605,7 +1604,7 @@ urllib3==1.26.20 # requests user-util==1.1.0 # via -r requirements/edx/base.txt -uvicorn==0.31.1 +uvicorn==0.32.0 # via pact-python vine==5.1.0 # via @@ -1684,7 +1683,7 @@ xmlsec==1.3.13 # python3-saml xss-utils==0.6.0 # via -r requirements/edx/base.txt -yarl==1.15.2 +yarl==1.15.4 # via # -r requirements/edx/base.txt # aiohttp diff --git a/requirements/pip.txt b/requirements/pip.txt index 36c777e216..346a0611f0 100644 --- a/requirements/pip.txt +++ b/requirements/pip.txt @@ -10,5 +10,5 @@ wheel==0.44.0 # The following packages are considered to be unsafe in a requirements file: pip==24.2 # via -r requirements/pip.in -setuptools==75.1.0 +setuptools==75.2.0 # via -r requirements/pip.in diff --git a/scripts/user_retirement/requirements/base.txt b/scripts/user_retirement/requirements/base.txt index 1ae503010f..d66cb7b7a0 100644 --- a/scripts/user_retirement/requirements/base.txt +++ b/scripts/user_retirement/requirements/base.txt @@ -10,9 +10,9 @@ attrs==24.2.0 # via zeep backoff==2.2.1 # via -r scripts/user_retirement/requirements/base.in -boto3==1.35.40 +boto3==1.35.42 # via -r scripts/user_retirement/requirements/base.in -botocore==1.35.40 +botocore==1.35.42 # via # boto3 # s3transfer @@ -46,7 +46,7 @@ django-crum==0.7.9 # via edx-django-utils django-waffle==4.1.0 # via edx-django-utils -edx-django-utils==6.0.0 +edx-django-utils==6.1.0 # via edx-rest-api-client edx-rest-api-client==6.0.0 # via -r scripts/user_retirement/requirements/base.in @@ -83,7 +83,7 @@ lxml==4.9.4 # zeep more-itertools==10.5.0 # via simple-salesforce -newrelic==10.1.0 +newrelic==10.2.0 # via edx-django-utils pbr==6.1.0 # via stevedore @@ -158,10 +158,9 @@ unicodecsv==0.14.1 # via -r scripts/user_retirement/requirements/base.in uritemplate==4.1.1 # via google-api-python-client -urllib3==1.26.20 +urllib3==2.2.3 # via - # -c scripts/user_retirement/requirements/../../../requirements/constraints.txt # botocore # requests -zeep==4.3.0 +zeep==4.3.1 # via simple-salesforce diff --git a/scripts/user_retirement/requirements/testing.txt b/scripts/user_retirement/requirements/testing.txt index d14082cf23..a1844000a5 100644 --- a/scripts/user_retirement/requirements/testing.txt +++ b/scripts/user_retirement/requirements/testing.txt @@ -14,11 +14,11 @@ attrs==24.2.0 # zeep backoff==2.2.1 # via -r scripts/user_retirement/requirements/base.txt -boto3==1.35.40 +boto3==1.35.42 # via # -r scripts/user_retirement/requirements/base.txt # moto -botocore==1.35.40 +botocore==1.35.42 # via # -r scripts/user_retirement/requirements/base.txt # boto3 @@ -66,7 +66,7 @@ django-waffle==4.1.0 # via # -r scripts/user_retirement/requirements/base.txt # edx-django-utils -edx-django-utils==6.0.0 +edx-django-utils==6.1.0 # via # -r scripts/user_retirement/requirements/base.txt # edx-rest-api-client @@ -132,7 +132,7 @@ more-itertools==10.5.0 # simple-salesforce moto==4.2.14 # via -r scripts/user_retirement/requirements/testing.in -newrelic==10.1.0 +newrelic==10.2.0 # via # -r scripts/user_retirement/requirements/base.txt # edx-django-utils @@ -266,7 +266,7 @@ uritemplate==4.1.1 # via # -r scripts/user_retirement/requirements/base.txt # google-api-python-client -urllib3==1.26.20 +urllib3==2.2.3 # via # -r scripts/user_retirement/requirements/base.txt # botocore @@ -274,9 +274,9 @@ urllib3==1.26.20 # responses werkzeug==3.0.4 # via moto -xmltodict==0.14.1 +xmltodict==0.14.2 # via moto -zeep==4.3.0 +zeep==4.3.1 # via # -r scripts/user_retirement/requirements/base.txt # simple-salesforce diff --git a/scripts/xblock/requirements.txt b/scripts/xblock/requirements.txt index 81ed56ea69..920cf0cf6a 100644 --- a/scripts/xblock/requirements.txt +++ b/scripts/xblock/requirements.txt @@ -14,7 +14,5 @@ idna==3.10 # via requests requests==2.32.3 # via -r scripts/xblock/requirements.in -urllib3==1.26.20 - # via - # -c scripts/xblock/../../requirements/constraints.txt - # requests +urllib3==2.2.3 + # via requests