edx-platform/requirements/constraints.txt

# Version constraints for pip-installation.
#
# This file doesn't install any packages. It specifies version constraints
# that will be applied if a package is needed.
#
# When pinning something here, please provide an explanation of why.  Ideally,
# link to other information that will help people in the future to remove the
# pin when possible.  Writing an issue against the offending project and
# linking to it here is good.
# For further details on how to properly write constraints here please consult
# https://openedx.atlassian.net/wiki/spaces/COMM/pages/4400250883/Adding+pinned+dependencies+in+constraint+file

# This file contains all common constraints for edx-repos
-c common_constraints.txt

# Date: 2024-08-21
# Description: This is the major upgrade of algoliasearch python client and it will
# break one of the edX' platform plugin, so we need to make that compatible first.
# Ticket: https://github.com/openedx/edx-platform/issues/35334
algoliasearch<4.0.0


# Date: 2020-02-26
# As it is not clarified what exact breaking changes will be introduced as per
# the next major release, ensure the installed version is within boundaries.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35280
celery>=5.2.2,<6.0.0

# Date: 2021-05-17
# greater version breaking upgrade builds
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35279
click==8.1.6

# Date: 2022-07-20
# edx-enterprise, snowflake-connector-python require charset-normalizer==2.0.0
# Can be removed once snowflake-connector-python>2.7.9 is released with the fix.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35278
charset-normalizer<2.1.0

# Date: 2024-02-02
# Stay on LTS version, remove once this is added to common constraint
Django<5.0

# Date: 2020-02-10
# django-oauth-toolkit version >=2.0.0 has breaking changes. More details
# mentioned on this issue https://github.com/openedx/edx-platform/issues/32884
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35277
django-oauth-toolkit==1.7.1

# Date: 2024-02-02
# incremental upgrade
django-simple-history==3.4.0

# Date: 2021-05-17
# greater version has breaking changes and requires some migration steps.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35276
django-webpack-loader==0.7.0

# Date: 2023-06-20
# Adding pin to avoid any major upgrade
djangorestframework<3.15.0

# Date: 2023-07-19
# The version of django-stubs we can use depends on which Django release we're using
# 1.16.0 works with Django 3.2 through 4.1
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35275
django-stubs==1.16.0
djangorestframework-stubs==3.14.0  # Pinned to match django-stubs. Remove this when we can remove the above pin.

# Date: 2024-07-23
# django-storages==1.14.4 breaks course imports
# Two lines were added in 1.14.4 that make file_exists_in_storage function always return False,
# as the default value of AWS_S3_FILE_OVERWRITE is True
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35170
django-storages<1.14.4

# Date: 2019-08-16
# The team that owns this package will manually bump this package rather than having it pulled in automatically.
# This is to allow them to better control its deployment and to do it in a process that works better
# for them.
edx-enterprise==5.4.1

# Date: 2024-05-09
# This has to be constrained as well because newer versions of edx-i18n-tools need the
# newer version of lxml but that requirement was not made expilict in the 1.6.0 version
# of the package.  This can be un-pinned when we're upgrading lxml.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35274
edx-i18n-tools<1.6.0

# Date: 2024-07-26
# To override the constraint of edx-lint
# This can be removed once https://github.com/openedx/edx-platform/issues/34586 is resolved
# and the upstream constraint in edx-lint has been removed.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35273
event-tracking==3.0.0

# Date: 2023-07-26
# Our legacy Sass code is incompatible with anything except this ancient libsass version.
# Here is a ticket to upgrade, but it's of debatable importance given that we are rapidly moving
# away from legacy LMS/CMS frontends:
# https://github.com/openedx/edx-platform/issues/31616
libsass==0.10.0

# Date: 2018-12-14
# markdown>=3.4.0 has failures due to internal refactorings which causes the tests to fail
# pinning the version untill the issue gets resolved in the package itself
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35271
markdown<3.4.0

# Date: 2024-04-24
# moto==5.0 contains breaking changes. Needs to be updated separately.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35270
moto<5.0

# Date: 2024-10-16
# MyPY 1.12.0 fails on all PRs with the following error:
# openedx/core/djangoapps/content_libraries/api.py:732: error: INTERNAL ERROR
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35667
mypy<1.12.0

# Date: 2024-07-16
# We need to upgrade the version of elasticsearch to atleast 7.15 before we can upgrade to Numpy 2.0.0
# Otherwise we see a failure while running the following command:
# export DJANGO_SETTINGS_MODULE=cms.envs.test; python manage.py cms check_reserved_keywords --override_file db_keyword_overrides.yml --report_path reports/reserved_keywords --report_file cms_reserved_keyword_report.csv
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35126
numpy<2.0.0

# Date: 2024-01-26
# optimizely-sdk 5.0.0 is breaking following test with segmentation fault
# common/djangoapps/third_party_auth/tests/test_views.py::SAMLMetadataTest::test_secure_key_configuration
# needs to be fixed in the follow up issue
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/34103
optimizely-sdk<5.0

# Date: 2023-09-18
# pinning this version to avoid updates while the library is being developed
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35269
openedx-learning==0.18.1

# Date: 2023-11-29
# Open AI version 1.0.0 dropped support for openai.ChatCompletion which is currently in use in enterprise.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35268
openai<=0.28.1

# Date: 2024-04-26
# path==16.12.0 breaks the unit test collections check
# needs to be investigated and fixed separately
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35267
path<16.12.0

# Date: 2022-08-03
# pycodestyle==2.9.0 generates false positive error E275.
# Constraint can be removed once the issue https://github.com/PyCQA/pycodestyle/issues/1090 is fixed.
pycodestyle<2.9.0

# Date: 2021-07-12
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/33560
pylint<2.16.0 # greater version failing quality test. Fix them in seperate ticket.
astroid<2.14.0

# Date: 2021-08-25
# At the time of writing this comment, we do not know whether py2neo>=2022
# will support our currently-deployed Neo4j version (3.5).
# Feel free to loosen this constraint if/when it is confirmed that a later
# version of py2neo will work with Neo4j 3.5.
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35266
py2neo<2022

# Date: 2020-04-08
# Adding pin to avoid any major upgrade
# Issue for unpinning: https://github.com/openedx/edx-platform/issues/35265
pymongo<4.4.1

# Date: 2024-08-06
# social-auth-app-django 5.4.2 introduces a new migration that will not play nicely with large installations. This will touch
# user tables, which are quite large, especially on instances like edx.org.
# We are pinning this until after all the smaller migrations get handled and then we can migrate this all at once.
# Issue for unpinning: https://github.com/edx/edx-arch-experiments/issues/760
social-auth-app-django<=5.4.1

# # Date: 2024-10-14
# # The edx-enterprise is currently using edx-rest-api-client==5.7.1, which needs to be updated first.
# edx-rest-api-client==5.7.1