diff --git a/requirements/common_constraints.txt b/requirements/common_constraints.txt
index 0718f74b1e..fc5c765e73 100644
--- a/requirements/common_constraints.txt
+++ b/requirements/common_constraints.txt
@@ -21,3 +21,12 @@ elasticsearch<7.14.0
 
 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
 
+
+# opentelemetry requires version 6.x at the moment:
+# https://github.com/open-telemetry/opentelemetry-python/issues/3570
+# Normally this could be added as a constraint in edx-django-utils, where we're
+# adding the opentelemetry dependency. However, when we compile pip-tools.txt,
+# that uses version 7.x, and then there's no undoing that when compiling base.txt.
+# So we need to pin it globally, for now.
+# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407
+importlib-metadata<7
diff --git a/requirements/docs.txt b/requirements/docs.txt
index e79c09fd6e..c8f5f0d97b 100644
--- a/requirements/docs.txt
+++ b/requirements/docs.txt
@@ -39,8 +39,10 @@ idna==3.6
     # via requests
 imagesize==1.4.1
     # via sphinx
-importlib-metadata==7.0.2
-    # via sphinx
+importlib-metadata==6.11.0
+    # via
+    #   -c requirements/common_constraints.txt
+    #   sphinx
 jinja2==3.1.3
     # via sphinx
 markupsafe==2.1.5
@@ -97,5 +99,5 @@ urllib3==1.26.18
     # via
     #   elasticsearch
     #   requests
-zipp==3.17.0
+zipp==3.18.1
     # via importlib-metadata
diff --git a/requirements/local.txt b/requirements/local.txt
index fef51d1a97..26b5d76d8c 100644
--- a/requirements/local.txt
+++ b/requirements/local.txt
@@ -60,6 +60,7 @@ backports-zoneinfo[tzdata]==0.2.1 ; python_version < "3.9"
     #   -c requirements/constraints.txt
     #   celery
     #   django
+    #   djangorestframework
     #   kombu
     #   pendulum
 bcrypt==4.1.2
@@ -76,9 +77,9 @@ boltons==21.0.0
     #   face
     #   glom
     #   semgrep
-boto3==1.34.59
+boto3==1.34.64
     # via django-ses
-botocore==1.34.59
+botocore==1.34.64
     # via
     #   boto3
     #   s3transfer
@@ -138,7 +139,7 @@ click-plugins==1.1.1
     # via celery
 click-repl==0.3.0
     # via celery
-code-annotations==1.6.0
+code-annotations==1.7.0
     # via
     #   edx-lint
     #   edx-toggles
@@ -148,7 +149,7 @@ colorama==0.4.6
     #   tox
 contentful==2.1.1
     # via -r requirements/base.in
-coverage[toml]==7.4.3
+coverage[toml]==7.4.4
     # via
     #   -r requirements/test.in
     #   pytest-cov
@@ -328,7 +329,7 @@ django-waffle==4.1.0
     #   edx-toggles
 django-webpack-loader==3.0.1
     # via -r requirements/base.in
-djangorestframework==3.14.0
+djangorestframework==3.15.0
     # via
     #   -r requirements/base.in
     #   django-config-models
@@ -394,7 +395,7 @@ edx-drf-extensions==10.2.0
     # via -r requirements/base.in
 edx-event-bus-kafka==5.6.0
     # via -r requirements/base.in
-edx-event-bus-redis==0.3.3
+edx-event-bus-redis==0.4.0
     # via -r requirements/base.in
 edx-i18n-tools==1.3.0
     # via -r requirements/local.in
@@ -439,7 +440,7 @@ face==22.0.0
     # via glom
 factory-boy==3.3.0
     # via -r requirements/test.in
-faker==24.1.0
+faker==24.2.0
     # via factory-boy
 fastavro==1.9.4
     # via openedx-events
@@ -460,7 +461,7 @@ glom==22.1.0
     # via semgrep
 google-api-core==2.17.1
     # via google-api-python-client
-google-api-python-client==2.121.0
+google-api-python-client==2.122.0
     # via -r requirements/base.in
 google-auth==2.28.2
     # via
@@ -475,7 +476,7 @@ google-auth-httplib2==0.2.0
     #   google-api-python-client
 google-auth-oauthlib==1.2.0
     # via gspread
-googleapis-common-protos==1.62.0
+googleapis-common-protos==1.63.0
     # via google-api-core
 gspread==6.0.2
     # via -r requirements/base.in
@@ -495,8 +496,9 @@ idna==3.6
     #   yarl
 imagesize==1.4.1
     # via sphinx
-importlib-metadata==7.0.2
+importlib-metadata==6.11.0
     # via
+    #   -c requirements/common_constraints.txt
     #   -r requirements/base.in
     #   markdown
     #   sphinx
@@ -537,7 +539,7 @@ lxml==5.1.0
     #   -r requirements/base.in
     #   edx-i18n-tools
     #   zeep
-markdown==3.5.2
+markdown==3.6
     # via -r requirements/base.in
 markupsafe==2.1.5
     # via jinja2
@@ -553,7 +555,7 @@ multidict==6.0.5
     #   yarl
 mysqlclient==2.2.4
     # via -r requirements/test.in
-newrelic==9.7.0
+newrelic==9.7.1
     # via edx-django-utils
 oauthlib==3.2.2
     # via
@@ -729,7 +731,7 @@ python-slugify==8.0.4
     # via
     #   -r requirements/base.in
     #   code-annotations
-python-stdnum==1.19
+python-stdnum==1.20
     # via django-localflavor
 python3-openid==3.2.0
     # via social-auth-core
@@ -738,7 +740,6 @@ pytz==2024.1
     #   -r requirements/base.in
     #   babel
     #   django-ses
-    #   djangorestframework
     #   drf-yasg
     #   getsmarter-api-clients
     #   snowflake-connector-python
@@ -806,7 +807,7 @@ ruamel-yaml==0.17.40
     # via semgrep
 ruamel-yaml-clib==0.2.8
     # via ruamel-yaml
-s3transfer==0.10.0
+s3transfer==0.10.1
     # via boto3
 selenium==4.12.0
     # via
@@ -987,7 +988,7 @@ yarl==1.9.4
     # via aiohttp
 zeep==4.2.1
     # via simple-salesforce
-zipp==3.17.0
+zipp==3.18.1
     # via
     #   importlib-metadata
     #   importlib-resources
diff --git a/requirements/pip.txt b/requirements/pip.txt
index ff319b6398..8e263bee07 100644
--- a/requirements/pip.txt
+++ b/requirements/pip.txt
@@ -4,11 +4,11 @@
 #
 #    pip-compile --allow-unsafe --output-file=requirements/pip.txt requirements/pip.in
 #
-wheel==0.42.0
+wheel==0.43.0
     # via -r requirements/pip.in
 
 # The following packages are considered to be unsafe in a requirements file:
 pip==24.0
     # via -r requirements/pip.in
-setuptools==69.1.1
+setuptools==69.2.0
     # via -r requirements/pip.in
diff --git a/requirements/pip_tools.txt b/requirements/pip_tools.txt
index 6f69089d43..c208d0680f 100644
--- a/requirements/pip_tools.txt
+++ b/requirements/pip_tools.txt
@@ -8,8 +8,10 @@ build==1.1.1
     # via pip-tools
 click==8.1.7
     # via pip-tools
-importlib-metadata==7.0.2
-    # via build
+importlib-metadata==6.11.0
+    # via
+    #   -c requirements/common_constraints.txt
+    #   build
 packaging==24.0
     # via build
 pip-tools==7.4.1
@@ -23,9 +25,9 @@ tomli==2.0.1
     #   build
     #   pip-tools
     #   pyproject-hooks
-wheel==0.42.0
+wheel==0.43.0
     # via pip-tools
-zipp==3.17.0
+zipp==3.18.1
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/production.txt b/requirements/production.txt
index b094457b40..87952d7f67 100644
--- a/requirements/production.txt
+++ b/requirements/production.txt
@@ -43,6 +43,7 @@ backports-zoneinfo[tzdata]==0.2.1 ; python_version < "3.9"
     #   -c requirements/constraints.txt
     #   celery
     #   django
+    #   djangorestframework
     #   kombu
     #   pendulum
 beautifulsoup4==4.12.3
@@ -51,9 +52,9 @@ beautifulsoup4==4.12.3
     #   taxonomy-connector
 billiard==4.2.0
     # via celery
-boto3==1.34.59
+boto3==1.34.64
     # via django-ses
-botocore==1.34.59
+botocore==1.34.64
     # via
     #   boto3
     #   s3transfer
@@ -99,7 +100,7 @@ click-plugins==1.1.1
     # via celery
 click-repl==0.3.0
     # via celery
-code-annotations==1.6.0
+code-annotations==1.7.0
     # via edx-toggles
 contentful==2.1.1
     # via -r requirements/base.in
@@ -263,7 +264,7 @@ django-waffle==4.1.0
     #   edx-toggles
 django-webpack-loader==3.0.1
     # via -r requirements/base.in
-djangorestframework==3.14.0
+djangorestframework==3.15.0
     # via
     #   -r requirements/base.in
     #   django-config-models
@@ -317,7 +318,7 @@ edx-drf-extensions==10.2.0
     # via -r requirements/base.in
 edx-event-bus-kafka==5.6.0
     # via -r requirements/base.in
-edx-event-bus-redis==0.3.3
+edx-event-bus-redis==0.4.0
     # via -r requirements/base.in
 edx-opaque-keys[django]==2.5.1
     # via
@@ -361,7 +362,7 @@ gevent==24.2.1
     # via -r requirements/production.in
 google-api-core==2.17.1
     # via google-api-python-client
-google-api-python-client==2.121.0
+google-api-python-client==2.122.0
     # via -r requirements/base.in
 google-auth==2.28.2
     # via
@@ -376,7 +377,7 @@ google-auth-httplib2==0.2.0
     #   google-api-python-client
 google-auth-oauthlib==1.2.0
     # via gspread
-googleapis-common-protos==1.62.0
+googleapis-common-protos==1.63.0
     # via google-api-core
 greenlet==3.0.3
     # via gevent
@@ -395,8 +396,9 @@ idna==3.6
     #   requests
     #   snowflake-connector-python
     #   yarl
-importlib-metadata==7.0.2
+importlib-metadata==6.11.0
     # via
+    #   -c requirements/common_constraints.txt
     #   -r requirements/base.in
     #   markdown
 importlib-resources==5.13.0
@@ -423,7 +425,7 @@ lxml==5.1.0
     # via
     #   -r requirements/base.in
     #   zeep
-markdown==3.5.2
+markdown==3.6
     # via -r requirements/base.in
 markupsafe==2.1.5
     # via jinja2
@@ -435,7 +437,7 @@ multidict==6.0.5
     #   yarl
 mysqlclient==2.2.4
     # via -r requirements/production.in
-newrelic==9.7.0
+newrelic==9.7.1
     # via
     #   -r requirements/production.in
     #   edx-django-utils
@@ -529,7 +531,7 @@ python-slugify==8.0.4
     # via
     #   -r requirements/base.in
     #   code-annotations
-python-stdnum==1.19
+python-stdnum==1.20
     # via django-localflavor
 python3-openid==3.2.0
     # via social-auth-core
@@ -537,7 +539,6 @@ pytz==2024.1
     # via
     #   -r requirements/base.in
     #   django-ses
-    #   djangorestframework
     #   drf-yasg
     #   getsmarter-api-clients
     #   snowflake-connector-python
@@ -588,7 +589,7 @@ rjsmin==1.2.1
     # via django-compressor
 rsa==4.9
     # via google-auth
-s3transfer==0.10.0
+s3transfer==0.10.1
     # via boto3
 semantic-version==2.10.0
     # via edx-drf-extensions
@@ -687,7 +688,7 @@ yarl==1.9.4
     # via aiohttp
 zeep==4.2.1
     # via simple-salesforce
-zipp==3.17.0
+zipp==3.18.1
     # via
     #   importlib-metadata
     #   importlib-resources