chore: Upgrade Python requirements

requirements/base.txt

@@ -6,28 +6,28 @@
 #
 appdirs==1.4.4
     # via fs
-asgiref==3.7.2
+asgiref==3.8.1
     # via django
-django==3.2.24
+backports-zoneinfo==0.2.1
+    # via django
+django==4.2.13
     # via
     #   -c requirements/common_constraints.txt
     #   -r requirements/base.in
 fs==2.4.16
     # via xblock
-lxml==5.1.0
+lxml==5.2.2
     # via xblock
-mako==1.3.2
+mako==1.3.5
     # via xblock
 markupsafe==2.1.5
     # via
     #   mako
     #   xblock
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via xblock
 pytz==2024.1
-    # via
-    #   django
-    #   xblock
+    # via xblock
 pyyaml==6.0.1
     # via xblock
 simplejson==3.19.2
@@ -37,15 +37,15 @@ six==1.16.0
     #   -r requirements/base.in
     #   fs
     #   python-dateutil
-sqlparse==0.4.4
+sqlparse==0.5.0
     # via django
-typing-extensions==4.10.0
+typing-extensions==4.12.2
     # via asgiref
-web-fragments==2.1.0
+web-fragments==2.2.0
     # via xblock
 webob==1.8.7
     # via xblock
-xblock==1.10.0
+xblock==4.0.1
     # via -r requirements/base.in
 
 # The following packages are considered to be unsafe in a requirements file:

requirements/ci.txt

@@ -8,7 +8,7 @@ cachetools==5.3.3
     # via
     #   -r requirements/tox.txt
     #   tox
-certifi==2024.2.2
+certifi==2024.6.2
     # via requests
 chardet==5.2.0
     # via
@@ -20,53 +20,54 @@ colorama==0.4.6
     # via
     #   -r requirements/tox.txt
     #   tox
-coverage==6.5.0
+coverage[toml]==7.5.3
     # via coveralls
-coveralls==3.3.1
+coveralls==4.0.1
     # via -r requirements/ci.in
 distlib==0.3.8
     # via
     #   -r requirements/tox.txt
     #   virtualenv
 docopt==0.6.2
     # via coveralls
-filelock==3.13.1
+filelock==3.15.3
     # via
     #   -r requirements/tox.txt
     #   tox
     #   virtualenv
-idna==3.6
+idna==3.7
     # via requests
-packaging==23.2
+packaging==24.1
     # via
     #   -r requirements/tox.txt
     #   pyproject-api
     #   tox
-platformdirs==4.2.0
+platformdirs==4.2.2
     # via
     #   -r requirements/tox.txt
     #   tox
     #   virtualenv
-pluggy==1.4.0
+pluggy==1.5.0
     # via
     #   -r requirements/tox.txt
     #   tox
 pyproject-api==1.6.1
     # via
     #   -r requirements/tox.txt
     #   tox
-requests==2.31.0
+requests==2.32.3
     # via coveralls
 tomli==2.0.1
     # via
     #   -r requirements/tox.txt
+    #   coverage
     #   pyproject-api
     #   tox
-tox==4.13.0
+tox==4.15.1
     # via -r requirements/tox.txt
-urllib3==2.2.1
+urllib3==2.2.2
     # via requests
-virtualenv==20.25.1
+virtualenv==20.26.2
     # via
     #   -r requirements/tox.txt
     #   tox

requirements/common_constraints.txt

@@ -13,11 +13,20 @@
 
 
 # using LTS django version
-Django<4.0
+Django<5.0
 
 # elasticsearch>=7.14.0 includes breaking changes in it which caused issues in discovery upgrade process.
 # elastic search changelog: https://www.elastic.co/guide/en/enterprise-search/master/release-notes-7.14.0.html
 elasticsearch<7.14.0
 
 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
 django-simple-history==3.0.0
+
+# opentelemetry requires version 6.x at the moment:
+# https://github.com/open-telemetry/opentelemetry-python/issues/3570
+# Normally this could be added as a constraint in edx-django-utils, where we're
+# adding the opentelemetry dependency. However, when we compile pip-tools.txt,
+# that uses version 7.x, and then there's no undoing that when compiling base.txt.
+# So we need to pin it globally, for now.
+# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407
+importlib-metadata<7

requirements/pip.txt

@@ -4,11 +4,11 @@
 #
 #    make upgrade
 #
-wheel==0.42.0
+wheel==0.43.0
     # via -r requirements/pip.in
 
 # The following packages are considered to be unsafe in a requirements file:
 pip==24.0
     # via -r requirements/pip.in
-setuptools==69.1.1
+setuptools==70.1.0
     # via -r requirements/pip.in

requirements/pip_tools.txt

@@ -4,28 +4,29 @@
 #
 #    make upgrade
 #
-build==1.0.3
+build==1.2.1
     # via pip-tools
 click==8.1.7
     # via pip-tools
-importlib-metadata==7.0.1
-    # via build
-packaging==23.2
+importlib-metadata==6.11.0
+    # via
+    #   -c requirements/common_constraints.txt
+    #   build
+packaging==24.1
     # via build
-pip-tools==7.4.0
+pip-tools==7.4.1
     # via -r requirements/pip_tools.in
-pyproject-hooks==1.0.0
+pyproject-hooks==1.1.0
     # via
     #   build
     #   pip-tools
 tomli==2.0.1
     # via
     #   build
     #   pip-tools
-    #   pyproject-hooks
-wheel==0.42.0
+wheel==0.43.0
     # via pip-tools
-zipp==3.17.0
+zipp==3.19.2
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:

requirements/quality.txt

@@ -8,15 +8,19 @@ appdirs==1.4.4
     # via
     #   -r requirements/base.txt
     #   fs
-asgiref==3.7.2
+asgiref==3.8.1
     # via
     #   -r requirements/base.txt
     #   django
-astroid==3.1.0
+astroid==3.2.2
     # via
     #   -r requirements/test.txt
     #   pylint
     #   pylint-celery
+backports-zoneinfo==0.2.1
+    # via
+    #   -r requirements/base.txt
+    #   django
 click==8.1.7
     # via
     #   -r requirements/test.txt
@@ -27,23 +31,27 @@ click-log==0.4.0
     # via
     #   -r requirements/test.txt
     #   edx-lint
-code-annotations==1.6.0
+code-annotations==1.8.0
     # via
     #   -r requirements/test.txt
     #   edx-lint
-coverage==7.4.3
+coverage==7.5.3
     # via -r requirements/test.txt
 dill==0.3.8
     # via
     #   -r requirements/test.txt
     #   pylint
-django==3.2.24
+django==4.2.13
     # via
     #   -c requirements/common_constraints.txt
     #   -r requirements/base.txt
+dnspython==2.6.1
+    # via
+    #   -r requirements/test.txt
+    #   pymongo
 edx-lint==5.3.6
     # via -r requirements/test.txt
-edx-opaque-keys==2.5.1
+edx-opaque-keys==2.10.0
     # via -r requirements/test.txt
 fs==2.4.16
     # via
@@ -53,15 +61,15 @@ isort==5.13.2
     # via
     #   -r requirements/test.txt
     #   pylint
-jinja2==3.1.3
+jinja2==3.1.4
     # via
     #   -r requirements/test.txt
     #   code-annotations
-lxml==5.1.0
+lxml==5.2.2
     # via
     #   -r requirements/base.txt
     #   xblock
-mako==1.3.2
+mako==1.3.5
     # via
     #   -r requirements/base.txt
     #   xblock
@@ -82,13 +90,13 @@ pbr==6.0.0
     # via
     #   -r requirements/test.txt
     #   stevedore
-platformdirs==4.2.0
+platformdirs==4.2.2
     # via
     #   -r requirements/test.txt
     #   pylint
-pycodestyle==2.11.1
+pycodestyle==2.12.0
     # via -r requirements/quality.in
-pylint==3.1.0
+pylint==3.2.3
     # via
     #   -r requirements/quality.in
     #   -r requirements/test.txt
@@ -109,11 +117,11 @@ pylint-plugin-utils==0.8.2
     #   -r requirements/test.txt
     #   pylint-celery
     #   pylint-django
-pymongo==3.13.0
+pymongo==4.7.3
     # via
     #   -r requirements/test.txt
     #   edx-opaque-keys
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via
     #   -r requirements/base.txt
     #   xblock
@@ -124,7 +132,6 @@ python-slugify==8.0.4
 pytz==2024.1
     # via
     #   -r requirements/base.txt
-    #   django
     #   xblock
 pyyaml==6.0.1
     # via
@@ -143,7 +150,7 @@ six==1.16.0
     #   edx-lint
     #   fs
     #   python-dateutil
-sqlparse==0.4.4
+sqlparse==0.5.0
     # via
     #   -r requirements/base.txt
     #   django
@@ -160,27 +167,27 @@ tomli==2.0.1
     # via
     #   -r requirements/test.txt
     #   pylint
-tomlkit==0.12.4
+tomlkit==0.12.5
     # via
     #   -r requirements/test.txt
     #   pylint
-typing-extensions==4.10.0
+typing-extensions==4.12.2
     # via
     #   -r requirements/base.txt
     #   -r requirements/test.txt
     #   asgiref
     #   astroid
     #   edx-opaque-keys
     #   pylint
-web-fragments==2.1.0
+web-fragments==2.2.0
     # via
     #   -r requirements/base.txt
     #   xblock
 webob==1.8.7
     # via
     #   -r requirements/base.txt
     #   xblock
-xblock==1.10.0
+xblock==4.0.1
     # via -r requirements/base.txt
 
 # The following packages are considered to be unsafe in a requirements file: