chore: upgrade pip-tools and add more constraints (#462)

upgrade pip-tools from 6.4.0 to 6.5.1
  add wrapt < 1.14.0 and responses < 0.17.0 to constraint.txt
  If not, the upgrade does not pass testing

requirements/base.txt

@@ -8,7 +8,7 @@ amqp==2.6.1
     # via kombu
 analytics-python==1.4.0
     # via -r requirements/base.in
-asgiref==3.4.1
+asgiref==3.5.0
     # via django
 backoff==1.10.0
     # via analytics-python
@@ -23,7 +23,7 @@ certifi==2021.10.8
     # via requests
 cffi==1.15.0
     # via cryptography
-charset-normalizer==2.0.10
+charset-normalizer==2.0.12
     # via requests
 coreapi==2.3.3
     # via drf-yasg
@@ -41,7 +41,7 @@ defusedxml==0.7.1
     #   social-auth-core
 deprecated==1.2.13
     # via redis
-django==3.2.11
+django==3.2.12
     # via
     #   -c requirements/common_constraints.txt
     #   -c requirements/constraints.txt
@@ -62,7 +62,7 @@ django==3.2.11
     #   edx-django-release-util
     #   edx-django-utils
     #   edx-drf-extensions
-django-cors-headers==3.10.1
+django-cors-headers==3.11.0
     # via -r requirements/base.in
 django-crum==0.7.9
     # via edx-django-utils
@@ -74,17 +74,17 @@ django-model-utils==4.2.0
     # via
     #   -r requirements/base.in
     #   django-user-tasks
-django-mysql==4.3.0
+django-mysql==4.5.0
     # via -r requirements/base.in
 django-simple-history==3.0.0
     # via -r requirements/base.in
 django-storages==1.8
     # via
     #   -c requirements/constraints.txt
     #   -r requirements/base.in
-django-user-tasks==2.1.0
+django-user-tasks==3.0.0
     # via -r requirements/base.in
-django-waffle==2.2.1
+django-waffle==2.3.0
     # via
     #   -r requirements/base.in
     #   edx-django-utils
@@ -102,21 +102,21 @@ drf-jwt==1.19.2
     # via edx-drf-extensions
 drf-yasg==1.20.0
     # via edx-api-doc-tools
-edx-api-doc-tools==1.5.0
+edx-api-doc-tools==1.6.0
     # via -r requirements/base.in
-edx-auth-backends==4.0.1
+edx-auth-backends==4.1.0
     # via -r requirements/base.in
-edx-django-release-util==1.1.0
+edx-django-release-util==1.2.0
     # via -r requirements/base.in
-edx-django-utils==4.4.1
+edx-django-utils==4.5.0
     # via
     #   edx-drf-extensions
     #   edx-rest-api-client
 edx-drf-extensions==8.0.1
     # via -r requirements/base.in
-edx-opaque-keys==2.2.2
+edx-opaque-keys==2.3.0
     # via edx-drf-extensions
-edx-rest-api-client==5.4.1
+edx-rest-api-client==5.5.0
     # via -r requirements/base.in
 future==0.18.2
     # via pyjwkest
@@ -132,29 +132,29 @@ jinja2==3.0.3
     # via coreschema
 kombu==4.6.11
     # via celery
-markupsafe==2.0.1
+markupsafe==2.1.0
     # via jinja2
 monotonic==1.6
     # via analytics-python
 newrelic==5.24.0.153
     # via
     #   -c requirements/constraints.txt
     #   edx-django-utils
-oauthlib==3.1.1
+oauthlib==3.2.0
     # via
     #   requests-oauthlib
     #   social-auth-core
 packaging==21.3
     # via
     #   drf-yasg
     #   redis
-pbr==5.8.0
+pbr==5.8.1
     # via stevedore
 psutil==5.9.0
     # via edx-django-utils
 pycparser==2.21
     # via cffi
-pycryptodomex==3.12.0
+pycryptodomex==3.14.1
     # via pyjwkest
 pyjwkest==1.4.2
     # via edx-drf-extensions
@@ -165,9 +165,9 @@ pyjwt[crypto]==2.3.0
     #   edx-drf-extensions
     #   edx-rest-api-client
     #   social-auth-core
-pymongo==4.0.1
+pymongo==3.12.3
     # via edx-opaque-keys
-pyparsing==3.0.6
+pyparsing==3.0.7
     # via packaging
 python-dateutil==2.8.2
     # via
@@ -182,7 +182,7 @@ pytz==2021.3
     #   django
 pyyaml==6.0
     # via edx-django-release-util
-redis==4.1.0
+redis==4.1.4
     # via -r requirements/base.in
 requests==2.27.1
     # via
@@ -194,13 +194,13 @@ requests==2.27.1
     #   requests-oauthlib
     #   slumber
     #   social-auth-core
-requests-oauthlib==1.3.0
+requests-oauthlib==1.3.1
     # via social-auth-core
-ruamel.yaml==0.17.20
+ruamel-yaml==0.17.21
     # via drf-yasg
-ruamel.yaml.clib==0.2.6
-    # via ruamel.yaml
-semantic-version==2.8.5
+ruamel-yaml-clib==0.2.6
+    # via ruamel-yaml
+semantic-version==2.9.0
     # via edx-drf-extensions
 six==1.16.0
     # via
@@ -216,7 +216,7 @@ social-auth-app-django==5.0.0
     # via
     #   -r requirements/base.in
     #   edx-auth-backends
-social-auth-core==4.1.0
+social-auth-core==4.2.0
     # via
     #   edx-auth-backends
     #   social-auth-app-django
@@ -237,4 +237,6 @@ vine==1.3.0
     #   amqp
     #   celery
 wrapt==1.13.3
-    # via deprecated
+    # via
+    #   -c requirements/constraints.txt
+    #   deprecated

requirements/common_constraints.txt

@@ -3,6 +3,16 @@
 # See BOM-2721 for more details.
 # Below is the copied and edited version of common_constraints
 
+# This is a temporary solution to override the real common_constraints.txt
+# In edx-lint, until the pyjwt constraint in edx-lint has been removed.
+# See BOM-2721 for more details.
+# Below is the copied and edited version of common_constraints
+
+# This is a temporary solution to override the real common_constraints.txt
+# In edx-lint, until the pyjwt constraint in edx-lint has been removed.
+# See BOM-2721 for more details.
+# Below is the copied and edited version of common_constraints
+
 # A central location for most common version constraints
 # (across edx repos) for pip-installation.
 #

requirements/constraints.txt

@@ -36,5 +36,14 @@ boto3>=1.4.4    # https://github.com/edx/registrar/pull/66
 moto==1.3.8
 idna==2.8
 
+# Constraint responses library to be less than 0.18.0 because version 0.18.0 would remove response._is_string() member function.
+# That _is_string() function is used by moto==1.3.8
+responses < 0.18.0
+
 # Requires: Python >=3.6
 newrelic<6.0
+
+# At the time of adding this, the version of deprecated required (1.2.13) requires
+# wrapt > 1.10, <2, (https://github.com/tantale/deprecated/blob/801c558a07ef930f92fc070045d86cb5640397eb/setup.py#L161)
+# but base.in is for some reason compiled to require ==1.14, which conflicts with later requirements.
+wrapt < 1.14.0