From f5b88392a545c3efcda7015526d0701382b70220 Mon Sep 17 00:00:00 2001 From: Hunia Fatima Date: Wed, 9 Oct 2024 14:44:07 +0500 Subject: [PATCH] chore: cleanup constraint file and format it (#35601) * chore: cleanup constraint file and format it --- requirements/constraints.txt | 218 +++++++++++++++++++++-------------- 1 file changed, 134 insertions(+), 84 deletions(-) diff --git a/requirements/constraints.txt b/requirements/constraints.txt index 3809b753a5..996391b2be 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -7,7 +7,8 @@ # link to other information that will help people in the future to remove the # pin when possible. Writing an issue against the offending project and # linking to it here is good. - +# For further details on how to properly write constraints here please consult +# https://openedx.atlassian.net/wiki/spaces/COMM/pages/4400250883/Adding+pinned+dependencies+in+constraint+file # This file contains all common constraints for edx-repos -c common_constraints.txt @@ -18,127 +19,176 @@ # Ticket: https://github.com/openedx/edx-platform/issues/35334 algoliasearch<4.0.0 +# Date: 2024-03-14 +# Temporary to Support the python 3.11 Upgrade +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35281 +backports.zoneinfo;python_version<"3.9" # Newer versions have zoneinfo available in the standard library + +# Date: 2020-02-26 # As it is not clarified what exact breaking changes will be introduced as per # the next major release, ensure the installed version is within boundaries. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35280 celery>=5.2.2,<6.0.0 +# Date: 2021-05-17 +# greater version breaking upgrade builds +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35279 +click==8.1.6 +# Date: 2022-07-20 +# edx-enterprise, snowflake-connector-python require charset-normalizer==2.0.0 +# Can be removed once snowflake-connector-python>2.7.9 is released with the fix. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35278 +charset-normalizer<2.1.0 + +# Date: 2024-02-02 +# Stay on LTS version, remove once this is added to common constraint +Django<5.0 + +# Date: 2020-02-10 +# django-oauth-toolkit version >=2.0.0 has breaking changes. More details +# mentioned on this issue https://github.com/openedx/edx-platform/issues/32884 +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35277 +django-oauth-toolkit==1.7.1 + +# Date: 2024-02-02 +# incremental upgrade +django-simple-history==3.4.0 + +# Date: 2021-05-17 +# greater version has breaking changes and requires some migration steps. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35276 +django-webpack-loader==0.7.0 + +# Date: 2023-06-20 +# Adding pin to avoid any major upgrade +djangorestframework<3.15.0 + +# Date: 2023-07-19 +# The version of django-stubs we can use depends on which Django release we're using +# 1.16.0 works with Django 3.2 through 4.1 +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35275 +django-stubs==1.16.0 +djangorestframework-stubs==3.14.0 # Pinned to match django-stubs. Remove this when we can remove the above pin. + +# Date: 2024-07-23 +# django-storages==1.14.4 breaks course imports +# Two lines were added in 1.14.4 that make file_exists_in_storage function always return False, +# as the default value of AWS_S3_FILE_OVERWRITE is True +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35170 +django-storages<1.14.4 + +# Date: 2019-08-16 # The team that owns this package will manually bump this package rather than having it pulled in automatically. # This is to allow them to better control its deployment and to do it in a process that works better # for them. edx-enterprise==4.27.0 -# Stay on LTS version, remove once this is added to common constraint -Django<5.0 - -# django-oauth-toolkit version >=2.0.0 has breaking changes. More details -# mentioned on this issue https://github.com/openedx/edx-platform/issues/32884 -django-oauth-toolkit==1.7.1 - -# incremental upgrade -django-simple-history==3.4.0 - -# Adding pin to avoid any major upgrade -pymongo<4.4.1 +# Date: 2024-05-09 +# This has to be constrained as well because newer versions of edx-i18n-tools need the +# newer version of lxml but that requirement was not made expilict in the 1.6.0 version +# of the package. This can be un-pinned when we're upgrading lxml. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35274 +edx-i18n-tools<1.6.0 +# Date: 2024-07-26 # To override the constraint of edx-lint # This can be removed once https://github.com/openedx/edx-platform/issues/34586 is resolved # and the upstream constraint in edx-lint has been removed. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35273 event-tracking==3.0.0 -# greater version has breaking changes and requires some migration steps. -django-webpack-loader==0.7.0 - -# At the time of writing this comment, we do not know whether py2neo>=2022 -# will support our currently-deployed Neo4j version (3.5). -# Feel free to loosen this constraint if/when it is confirmed that a later -# version of py2neo will work with Neo4j 3.5. -py2neo<2022 - -# edx-enterprise, snowflake-connector-python require charset-normalizer==2.0.0 -# Can be removed once snowflake-connector-python>2.7.9 is released with the fix. -charset-normalizer<2.1.0 - -# markdown>=3.4.0 has failures due to internal refactorings which causes the tests to fail -# pinning the version untill the issue gets resolved in the package itself -markdown<3.4.0 - -# pycodestyle==2.9.0 generates false positive error E275. -# Constraint can be removed once the issue https://github.com/PyCQA/pycodestyle/issues/1090 is fixed. -pycodestyle<2.9.0 - -pylint<2.16.0 # greater version failing quality test. Fix them in seperate ticket. - -# urllib3>=2.0.0 conflicts with elastic search && snowflake-connector-python packages -# which require urllib3<2 for now. -# Issue for unpinning: https://github.com/openedx/edx-platform/issues/32222 -urllib3<2.0.0 - - -# Adding pin to avoid any major upgrade -djangorestframework<3.15.0 - -# The version of django-stubs we can use depends on which Django release we're using -# 1.16.0 works with Django 3.2 through 4.1 -django-stubs==1.16.0 -djangorestframework-stubs==3.14.0 # Pinned to match django-stubs. Remove this when we can remove the above pin. - +# Date: 2023-07-26 # Our legacy Sass code is incompatible with anything except this ancient libsass version. # Here is a ticket to upgrade, but it's of debatable importance given that we are rapidly moving # away from legacy LMS/CMS frontends: # https://github.com/openedx/edx-platform/issues/31616 libsass==0.10.0 -# greater version breaking upgrade builds -click==8.1.6 - -# pinning this version to avoid updates while the library is being developed -openedx-learning==0.13.1 - -# Open AI version 1.0.0 dropped support for openai.ChatCompletion which is currently in use in enterprise. -openai<=0.28.1 - -# optimizely-sdk 5.0.0 is breaking following test with segmentation fault -# common/djangoapps/third_party_auth/tests/test_views.py::SAMLMetadataTest::test_secure_key_configuration -# needs to be fixed in the follow up issue -# https://github.com/openedx/edx-platform/issues/34103 -optimizely-sdk<5.0 - +# Date: 2024-04-30 # lxml>=5.0 introduced breaking changes related to system dependencies # lxml==5.2.1 introduced new extra so we'll nee to rename lxml --> lxml[html-clean] # This constraint can be removed once we upgrade to Python 3.11 +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35272 lxml<5.0 -# This has to be constrained as well because newer versions of edx-i18n-tools need the -# newer version of lxml but that requirement was not made expilict in the 1.6.0 version -# of the package. This can be un-pinned when we're upgrading lxml. -edx-i18n-tools<1.6.0 -# xmlsec==1.3.14 breaking tests for all builds, can be removed once a fix is available -xmlsec<1.3.14 +# Date: 2018-12-14 +# markdown>=3.4.0 has failures due to internal refactorings which causes the tests to fail +# pinning the version untill the issue gets resolved in the package itself +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35271 +markdown<3.4.0 +# Date: 2024-04-24 # moto==5.0 contains breaking changes. Needs to be updated separately. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35270 moto<5.0 -# path==16.12.0 breaks the unit test collections check -# needs to be investigated and fixed separately -path<16.12.0 - -# Temporary to Support the python 3.11 Upgrade -backports.zoneinfo;python_version<"3.9" # Newer versions have zoneinfo available in the standard library - -# Relevant GitHub Issue: https://github.com/openedx/edx-platform/issues/35126 +# Date: 2024-07-16 # We need to upgrade the version of elasticsearch to atleast 7.15 before we can upgrade to Numpy 2.0.0 # Otherwise we see a failure while running the following command: # export DJANGO_SETTINGS_MODULE=cms.envs.test; python manage.py cms check_reserved_keywords --override_file db_keyword_overrides.yml --report_path reports/reserved_keywords --report_file cms_reserved_keyword_report.csv +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35126 numpy<2.0.0 -# django-storages==1.14.4 breaks course imports -# Two lines were added in 1.14.4 that make file_exists_in_storage function always return False, -# as the default value of AWS_S3_FILE_OVERWRITE is True -django-storages<1.14.4 +# Date: 2024-01-26 +# optimizely-sdk 5.0.0 is breaking following test with segmentation fault +# common/djangoapps/third_party_auth/tests/test_views.py::SAMLMetadataTest::test_secure_key_configuration +# needs to be fixed in the follow up issue +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/34103 +optimizely-sdk<5.0 +# Date: 2023-09-18 +# pinning this version to avoid updates while the library is being developed +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35269 +openedx-learning==0.13.1 + +# Date: 2023-11-29 +# Open AI version 1.0.0 dropped support for openai.ChatCompletion which is currently in use in enterprise. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35268 +openai<=0.28.1 + +# Date: 2024-04-26 +# path==16.12.0 breaks the unit test collections check +# needs to be investigated and fixed separately +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35267 +path<16.12.0 + +# Date: 2022-08-03 +# pycodestyle==2.9.0 generates false positive error E275. +# Constraint can be removed once the issue https://github.com/PyCQA/pycodestyle/issues/1090 is fixed. +pycodestyle<2.9.0 + +# Date: 2021-07-12 +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/33560 +pylint<2.16.0 # greater version failing quality test. Fix them in seperate ticket. + +# Date: 2021-08-25 +# At the time of writing this comment, we do not know whether py2neo>=2022 +# will support our currently-deployed Neo4j version (3.5). +# Feel free to loosen this constraint if/when it is confirmed that a later +# version of py2neo will work with Neo4j 3.5. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35266 +py2neo<2022 + +# Date: 2020-04-08 +# Adding pin to avoid any major upgrade +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35265 +pymongo<4.4.1 + +# Date: 2024-08-06 # social-auth-app-django 5.4.2 introduces a new migration that will not play nicely with large installations. This will touch # user tables, which are quite large, especially on instances like edx.org. # We are pinning this until after all the smaller migrations get handled and then we can migrate this all at once. -# Ticket to unpin: https://github.com/edx/edx-arch-experiments/issues/760 +# Issue for unpinning: https://github.com/edx/edx-arch-experiments/issues/760 social-auth-app-django<=5.4.1 + +# Date: 2023-11-05 +# urllib3>=2.0.0 conflicts with elastic search && snowflake-connector-python packages +# which require urllib3<2 for now. +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/32222 +urllib3<2.0.0 + +# Date: 2024-04-24 +# xmlsec==1.3.14 breaking tests or all builds, can be removed once a fix is available +# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35264 +xmlsec<1.3.14