chore!: upgrade Django version to 4.2 (LTS) (#33969)

* chore!: upgrade Django version to 4.2 (LTS)

* feat: Upgrade Python dependency Django

chore!: upgrade Django version to 4.2

Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`

* chore: Update common.py

* chore: Update common.py

---------

Co-authored-by: Muhammad Soban Javed <iamsobanjaved@gmai.com>
Co-authored-by: iamsobanjaved <iamsobanjaved@users.noreply.github.com>
Co-authored-by: Awais Qureshi <awais.qureshi@arbisoft.com>

.github/workflows/migrations-check.yml

@@ -16,16 +16,11 @@ jobs:
         os: [ ubuntu-20.04 ]
         python-version: [ 3.8 ]
         # 'pinned' is used to install the latest patch version of Django
-        # within the global constraint i.e. Django==3.2.21 in current case
+        # within the global constraint i.e. Django==4.2.8 in current case
         # because we have global constraint of Django<4.2 
-        django-version: ["pinned", "4.2"]
+        django-version: ["pinned"]
         mongo-version: ["4"]
-        mysql-version: ["5.7", "8"]
-        # excluding mysql5.7 with Django 4.2 since Django 4.2 has 
-        # dropped support for MySQL<8
-        exclude:
-          - django-version: "4.2"
-            mysql-version: "5.7"
+        mysql-version: ["8"]
     services:
       mongo:
         image: mongo:${{ matrix.mongo-version }}

.github/workflows/unit-tests.yml

@@ -17,7 +17,6 @@ jobs:
           - "3.8"
         django-version:
           - "pinned"
-          - "4.2"
         # When updating the shards, remember to make the same changes in
         # .github/workflows/unit-tests-gh-hosted.yml
         shard_name:

Makefile

@@ -150,6 +150,8 @@ compile-requirements: pre-requirements $(COMMON_CONSTRAINTS_TXT) ## Re-compile *
 	@# time someone tries to use the outputs.
 	sed '/^django-simple-history==/d' requirements/common_constraints.txt > requirements/common_constraints.tmp
 	mv requirements/common_constraints.tmp requirements/common_constraints.txt
+	sed 's/Django<4.0//g' requirements/common_constraints.txt > requirements/common_constraints.tmp
+	mv requirements/common_constraints.tmp requirements/common_constraints.txt
 	pip-compile -v --allow-unsafe ${COMPILE_OPTS} -o requirements/pip.txt requirements/pip.in
 	pip install -r requirements/pip.txt
 

cms/envs/common.py

@@ -1105,8 +1105,8 @@ DATABASES = {
 }
 
 DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
-# This will be overridden through CMS config
-DEFAULT_HASHING_ALGORITHM = 'sha1'
+DEFAULT_HASHING_ALGORITHM = 'sha256'
+
 #################### Python sandbox ############################################
 
 CODE_JAIL = {

lms/envs/common.py

@@ -1762,8 +1762,8 @@ DATABASES = {
 
 
 DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
-# This will be overridden through LMS config
-DEFAULT_HASHING_ALGORITHM = 'sha1'
+DEFAULT_HASHING_ALGORITHM = 'sha256'
+
 #################### Python sandbox ############################################
 
 CODE_JAIL = {

openedx/core/djangoapps/safe_sessions/tests/test_safe_cookie_data.py

@@ -236,7 +236,7 @@ class TestSafeCookieData(TestSafeSessionsLogMixin, TestCase):
             "|HvGnjXf1b3jU"
             "|ImExZWZiNzVlZGFmM2FkZWZmYjM4YjI0ZmZkOWU4MzExODU0MTk4NmVlNGRiYzBlODdhYWUzOGM5MzVlNzk4NjUi"
             ":1m6Hve"
-            ":OMhY2FL2pudJjSSXChtI-zR8QVA"
+            ":Pra4iochviPvKUoIV33gdVZFDgG-cMDlIYfl8iFIMaY"
         )
 
     @pytest.mark.skipif(django.VERSION[0] < 4, reason="For django42 default algorithm is sha256. No need for django32.")

openedx/core/djangoapps/theming/storage.py

@@ -192,33 +192,41 @@ class ThemeManifestFilesMixin(ManifestFilesMixin):
             This requires figuring out which files the matched URL resolves
             to and calling the url() method of the storage.
             """
-            matched, url = matchobj.groups()
+            matches = matchobj.groupdict()
+            matched = matches["matched"]
+            url = matches["url"]
 
             # Ignore absolute/protocol-relative and data-uri URLs.
-            if re.match(r'^[a-z]+:', url):
+            if re.match(r"^[a-z]+:", url):
                 return matched
 
             # Ignore absolute URLs that don't point to a static file (dynamic
             # CSS / JS?). Note that STATIC_URL cannot be empty.
-            if url.startswith('/') and not url.startswith(settings.STATIC_URL):
+            if url.startswith("/") and not url.startswith(settings.STATIC_URL):
                 return matched
 
             # Strip off the fragment so a path-like fragment won't interfere.
             url_path, fragment = urldefrag(url)
 
-            if url_path.startswith('/'):
+            # Ignore URLs without a path
+            if not url_path:
+                return matched
+
+            if url_path.startswith("/"):
                 # Otherwise the condition above would have returned prematurely.
                 assert url_path.startswith(settings.STATIC_URL)
                 target_name = url_path[len(settings.STATIC_URL):]
             else:
                 # We're using the posixpath module to mix paths and URLs conveniently.
-                source_name = name if os.sep == '/' else name.replace(os.sep, '/')
+                source_name = name if os.sep == "/" else name.replace(os.sep, "/")
                 target_name = posixpath.join(posixpath.dirname(source_name), url_path)
 
             # Determine the hashed name of the target file with the storage backend.
             hashed_url = self._url(
-                self._stored_name, unquote(target_name),
-                force=True, hashed_files=hashed_files,
+                self._stored_name,
+                unquote(target_name),
+                force=True,
+                hashed_files=hashed_files,
             )
 
             # NOTE:
@@ -228,15 +236,19 @@ class ThemeManifestFilesMixin(ManifestFilesMixin):
             # The line is commented and not removed to make future django upgrade easier and show exactly what is
             # changed in this method override
             #
-            #transformed_url = '/'.join(url_path.split('/')[:-1] + hashed_url.split('/')[-1:])
+            # transformed_url = "/".join(
+            #  url_path.split("/")[:-1] + hashed_url.split("/")[-1:]
+            # )
+
             transformed_url = hashed_url  # This line was added.
 
             # Restore the fragment that was stripped off earlier.
             if fragment:
-                transformed_url += ('?#' if '?#' in url else '#') + fragment
+                transformed_url += ("?#" if "?#" in url else "#") + fragment
 
             # Return the hashed version to the file
-            return template % unquote(transformed_url)
+            matches["url"] = unquote(transformed_url)
+            return template % matches
 
         return converter
 

requirements/common_constraints.txt

@@ -17,7 +17,7 @@
 
 
 # using LTS django version
-Django<4.0
+
 
 # elasticsearch>=7.14.0 includes breaking changes in it which caused issues in discovery upgrade process.
 # elastic search changelog: https://www.elastic.co/guide/en/enterprise-search/master/release-notes-7.14.0.html

requirements/constraints.txt

@@ -25,10 +25,15 @@ click>=8.0,<9.0
 # for them.
 edx-enterprise==4.10.6
 
+# Stay on LTS version, remove once this is added to common constraint
+Django<5.0
+
 # django-oauth-toolkit version >=2.0.0 has breaking changes. More details
 # mentioned on this issue https://github.com/openedx/edx-platform/issues/32884
 django-oauth-toolkit==1.7.1
 
+# incremental upgrade
+django-simple-history==3.4.0
 
 # constrained in opaque_keys. migration guide here: https://pymongo.readthedocs.io/en/4.0/migrate-to-pymongo4.html
 # Major upgrade will be done in separate ticket.

requirements/edx/base.txt

@@ -56,6 +56,7 @@ backoff==1.10.0
 backports-zoneinfo[tzdata]==0.2.1
     # via
     #   celery
+    #   django
     #   icalendar
     #   kombu
 beautifulsoup4==4.12.2
@@ -173,9 +174,9 @@ defusedxml==0.7.1
     #   social-auth-core
 deprecated==1.2.14
     # via jwcrypto
-django==3.2.23
+django==4.2.8
     # via
-    #   -c requirements/edx/../common_constraints.txt
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/kernel.in
     #   django-appconf
     #   django-celery-results
@@ -337,6 +338,7 @@ django-ses==3.5.2
     # via -r requirements/edx/bundled.in
 django-simple-history==3.4.0
     # via
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/kernel.in
     #   edx-enterprise
     #   edx-name-affirmation
@@ -937,7 +939,6 @@ pytz==2023.3.post1
     # via
     #   -r requirements/edx/kernel.in
     #   babel
-    #   django
     #   django-ses
     #   djangorestframework
     #   drf-yasg

requirements/edx/development.txt

@@ -117,6 +117,7 @@ backports-zoneinfo[tzdata]==0.2.1
     #   -r requirements/edx/testing.txt
     #   backports-zoneinfo
     #   celery
+    #   django
     #   icalendar
     #   kombu
 beautifulsoup4==4.12.2
@@ -342,9 +343,9 @@ distlib==0.3.8
     # via
     #   -r requirements/edx/testing.txt
     #   virtualenv
-django==3.2.23
+django==4.2.8
     # via
-    #   -c requirements/edx/../common_constraints.txt
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/doc.txt
     #   -r requirements/edx/testing.txt
     #   django-appconf
@@ -559,6 +560,7 @@ django-ses==3.5.2
     #   -r requirements/edx/testing.txt
 django-simple-history==3.4.0
     # via
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/doc.txt
     #   -r requirements/edx/testing.txt
     #   edx-enterprise
@@ -1669,7 +1671,6 @@ pytz==2023.3.post1
     #   -r requirements/edx/doc.txt
     #   -r requirements/edx/testing.txt
     #   babel
-    #   django
     #   django-ses
     #   djangorestframework
     #   drf-yasg

requirements/edx/doc.txt

@@ -79,6 +79,7 @@ backports-zoneinfo[tzdata]==0.2.1
     #   -r requirements/edx/base.txt
     #   backports-zoneinfo
     #   celery
+    #   django
     #   icalendar
     #   kombu
 beautifulsoup4==4.12.2
@@ -223,9 +224,9 @@ deprecated==1.2.14
     # via
     #   -r requirements/edx/base.txt
     #   jwcrypto
-django==3.2.23
+django==4.2.8
     # via
-    #   -c requirements/edx/../common_constraints.txt
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/base.txt
     #   django-appconf
     #   django-celery-results
@@ -403,6 +404,7 @@ django-ses==3.5.2
     # via -r requirements/edx/base.txt
 django-simple-history==3.4.0
     # via
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/base.txt
     #   edx-enterprise
     #   edx-name-affirmation
@@ -1120,7 +1122,6 @@ pytz==2023.3.post1
     # via
     #   -r requirements/edx/base.txt
     #   babel
-    #   django
     #   django-ses
     #   djangorestframework
     #   drf-yasg

requirements/edx/testing.txt

@@ -83,6 +83,7 @@ backports-zoneinfo[tzdata]==0.2.1
     #   -r requirements/edx/base.txt
     #   backports-zoneinfo
     #   celery
+    #   django
     #   icalendar
     #   kombu
 beautifulsoup4==4.12.2
@@ -256,9 +257,9 @@ dill==0.3.7
     # via pylint
 distlib==0.3.8
     # via virtualenv
-django==3.2.23
+django==4.2.8
     # via
-    #   -c requirements/edx/../common_constraints.txt
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/base.txt
     #   django-appconf
     #   django-celery-results
@@ -436,6 +437,7 @@ django-ses==3.5.2
     # via -r requirements/edx/base.txt
 django-simple-history==3.4.0
     # via
+    #   -c requirements/edx/../constraints.txt
     #   -r requirements/edx/base.txt
     #   edx-enterprise
     #   edx-name-affirmation
@@ -1250,7 +1252,6 @@ pytz==2023.3.post1
     # via
     #   -r requirements/edx/base.txt
     #   babel
-    #   django
     #   django-ses
     #   djangorestframework
     #   drf-yasg