openedx · Jawayria · Jun 24, 2022 · Jun 23, 2022 · Jun 23, 2022
diff --git a/Makefile b/Makefile
@@ -37,11 +37,14 @@ COMMON_CONSTRAINTS_TXT=requirements/common_constraints.txt
 $(COMMON_CONSTRAINTS_TXT):
 	wget -O "$(@)" https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt || touch "$(@)"
 
-
 upgrade: export CUSTOM_COMPILE_COMMAND=make upgrade
-upgrade:  $(COMMON_CONSTRAINTS_TXT) ## update the requirements/*.txt files with the latest packages satisfying requirements/*.in
-	pip install -q pip-tools
+upgrade: $(COMMON_CONSTRAINTS_TXT)
+	## update the requirements/*.txt files with the latest packages satisfying requirements/*.in
+	pip install -qr requirements/pip-tools.txt
 	pip-compile --rebuild --upgrade --allow-unsafe -o requirements/pip.txt requirements/pip.in
+	pip-compile --rebuild --upgrade -o requirements/pip-tools.txt requirements/pip-tools.in
+	pip install -qr requirements/pip.txt
+	pip install -qr requirements/pip-tools.txt
 	pip-compile --rebuild --upgrade -o requirements/dev.txt requirements/base.in requirements/dev.in requirements/quality.in requirements/test.in requirements/ci.in
 	pip-compile --rebuild --upgrade -o requirements/quality.txt requirements/base.in requirements/quality.in requirements/test.in
 	pip-compile --rebuild --upgrade -o requirements/test.txt requirements/base.in requirements/test.in

diff --git a/requirements/dev.in b/requirements/dev.in
@@ -2,5 +2,4 @@
 
 -c constraints.txt
 
-diff-cover                # Changeset diff test coverage
-pip-tools                 # Requirements file management
+diff-cover                # Changeset diff test coverage
diff --git a/requirements/dev.txt b/requirements/dev.txt
@@ -9,9 +9,7 @@ anyio==3.6.1
 appdirs==1.4.4
     # via fs
 asgiref==3.5.2
-    # via
-    #   django
-    #   uvicorn
+    # via django
 astroid==2.11.6
     # via
     #   pylint
@@ -41,7 +39,6 @@ click==8.1.3
     #   edx-django-utils
     #   edx-lint
     #   pact-python
-    #   pip-tools
     #   uvicorn
 click-log==0.4.0
     # via edx-lint
@@ -62,10 +59,9 @@ cryptography==37.0.2
     # via
     #   djfernet
     #   pyjwt
-    #   secretstorage
 ddt==1.5.0
     # via -r requirements/test.in
-diff-cover==6.5.0
+diff-cover==6.5.1
     # via -r requirements/dev.in
 dill==0.3.5.1
     # via pylint
@@ -149,10 +145,6 @@ isort==5.10.1
     # via
     #   -r requirements/quality.in
     #   pylint
-jeepney==0.8.0
-    # via
-    #   keyring
-    #   secretstorage
 jinja2==3.1.2
     # via
     #   code-annotations
@@ -179,12 +171,8 @@ pact-python==1.5.2
     # via -r requirements/test.in
 pbr==5.9.0
     # via stevedore
-pep517==0.12.0
-    # via pip-tools
 pillow==9.1.1
     # via -r requirements/base.in
-pip-tools==6.6.2
-    # via -r requirements/dev.in
 pkginfo==1.8.3
     # via twine
 platformdirs==2.5.2
@@ -208,7 +196,7 @@ pycodestyle==2.8.0
     # via -r requirements/quality.in
 pycparser==2.21
     # via cffi
-pycryptodomex==3.14.1
+pycryptodomex==3.15.0
     # via pyjwkest
 pydantic==1.9.1
     # via fastapi
@@ -225,7 +213,7 @@ pyjwt[crypto]==2.4.0
     # via
     #   drf-jwt
     #   edx-drf-extensions
-pylint==2.14.2
+pylint==2.14.3
     # via
     #   edx-lint
     #   pylint-celery
@@ -286,8 +274,6 @@ rfc3986==2.0.0
     # via twine
 rich==12.4.4
     # via twine
-secretstorage==3.3.2
-    # via keyring
 semantic-version==2.10.0
     # via edx-drf-extensions
 six==1.16.0
@@ -322,7 +308,6 @@ toml==0.10.2
 tomli==2.0.1
     # via
     #   coverage
-    #   pep517
     #   pylint
     #   pytest
 tomlkit==0.11.0
@@ -348,19 +333,16 @@ urllib3==1.26.9
     #   requests
     #   responses
     #   twine
-uvicorn==0.17.6
+uvicorn==0.18.1
     # via pact-python
 virtualenv==20.14.1
     # via tox
 webencodings==0.5.1
     # via bleach
-wheel==0.37.1
-    # via pip-tools
 wrapt==1.14.1
     # via astroid
 zipp==3.8.0
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
-# pip
 # setuptools
diff --git a/requirements/pip-tools.in b/requirements/pip-tools.in
@@ -0,0 +1,3 @@
+-c constraints.txt
+
+pip-tools
diff --git a/requirements/pip-tools.txt b/requirements/pip-tools.txt
@@ -0,0 +1,20 @@
+#
+# This file is autogenerated by pip-compile with python 3.8
+# To update, run:
+#
+#    make upgrade
+#
+click==8.1.3
+    # via pip-tools
+pep517==0.12.0
+    # via pip-tools
+pip-tools==6.6.2
+    # via -r requirements/pip-tools.in
+tomli==2.0.1
+    # via pep517
+wheel==0.37.1
+    # via pip-tools
+
+# The following packages are considered to be unsafe in a requirements file:
+# pip
+# setuptools
diff --git a/requirements/quality.txt b/requirements/quality.txt
@@ -9,9 +9,7 @@ anyio==3.6.1
 appdirs==1.4.4
     # via fs
 asgiref==3.5.2
-    # via
-    #   django
-    #   uvicorn
+    # via django
 astroid==2.11.6
     # via
     #   pylint
@@ -56,7 +54,6 @@ cryptography==37.0.2
     # via
     #   djfernet
     #   pyjwt
-    #   secretstorage
 ddt==1.5.0
     # via -r requirements/test.in
 dill==0.3.5.1
@@ -133,10 +130,6 @@ isort==5.10.1
     # via
     #   -r requirements/quality.in
     #   pylint
-jeepney==0.8.0
-    # via
-    #   keyring
-    #   secretstorage
 jinja2==3.1.2
     # via code-annotations
 keyring==23.6.0
@@ -177,7 +170,7 @@ pycodestyle==2.8.0
     # via -r requirements/quality.in
 pycparser==2.21
     # via cffi
-pycryptodomex==3.14.1
+pycryptodomex==3.15.0
     # via pyjwkest
 pydantic==1.9.1
     # via fastapi
@@ -193,7 +186,7 @@ pyjwt[crypto]==2.4.0
     # via
     #   drf-jwt
     #   edx-drf-extensions
-pylint==2.14.2
+pylint==2.14.3
     # via
     #   edx-lint
     #   pylint-celery
@@ -253,8 +246,6 @@ rfc3986==2.0.0
     # via twine
 rich==12.4.4
     # via twine
-secretstorage==3.3.2
-    # via keyring
 semantic-version==2.10.0
     # via edx-drf-extensions
 six==1.16.0
@@ -304,7 +295,7 @@ urllib3==1.26.9
     #   requests
     #   responses
     #   twine
-uvicorn==0.17.6
+uvicorn==0.18.1
     # via pact-python
 webencodings==0.5.1
     # via bleach

diff --git a/requirements/test.txt b/requirements/test.txt
@@ -9,9 +9,7 @@ anyio==3.6.1
 appdirs==1.4.4
     # via fs
 asgiref==3.5.2
-    # via
-    #   django
-    #   uvicorn
+    # via django
 attrs==21.4.0
     # via pytest
 boto==2.49.0
@@ -131,7 +129,7 @@ py==1.11.0
     # via pytest
 pycparser==2.21
     # via cffi
-pycryptodomex==3.14.1
+pycryptodomex==3.15.0
     # via pyjwkest
 pydantic==1.9.1
     # via fastapi
@@ -213,7 +211,7 @@ urllib3==1.26.9
     #   pact-python
     #   requests
     #   responses
-uvicorn==0.17.6
+uvicorn==0.18.1
     # via pact-python
 
 # The following packages are considered to be unsafe in a requirements file: