chore: Upgrade Python requirements

requirements/ci.txt

@@ -4,45 +4,45 @@
 #
 #    make upgrade
 #
-cachetools==6.2.0
+cachetools==6.2.2
     # via tox
-certifi==2025.8.3
+certifi==2025.11.12
     # via requests
 chardet==5.2.0
     # via tox
-charset-normalizer==3.4.3
+charset-normalizer==3.4.4
     # via requests
 codecov==2.1.13
     # via -r requirements/ci.in
 colorama==0.4.6
     # via tox
-coverage==7.10.7
+coverage==7.12.0
     # via codecov
 distlib==0.4.0
     # via virtualenv
-filelock==3.19.1
+filelock==3.20.0
     # via
     #   tox
     #   virtualenv
-idna==3.10
+idna==3.11
     # via requests
 packaging==25.0
     # via
     #   pyproject-api
     #   tox
-platformdirs==4.4.0
+platformdirs==4.5.0
     # via
     #   tox
     #   virtualenv
 pluggy==1.6.0
     # via tox
-pyproject-api==1.9.1
+pyproject-api==1.10.0
     # via tox
 requests==2.32.5
     # via codecov
-tox==4.30.2
+tox==4.32.0
     # via -r requirements/ci.in
 urllib3==2.5.0
     # via requests
-virtualenv==20.34.0
+virtualenv==20.35.4
     # via tox

requirements/common_constraints.txt

@@ -12,13 +12,16 @@
 #  this file from Github directly. It does not require packaging in edx-lint.
 
 # using LTS django version
-Django<5.0
+Django<6.0
 
 # elasticsearch>=7.14.0 includes breaking changes in it which caused issues in discovery upgrade process.
 # elastic search changelog: https://www.elastic.co/guide/en/enterprise-search/master/release-notes-7.14.0.html
 # See https://github.com/openedx/edx-platform/issues/35126 for more info
 elasticsearch<7.14.0
 
-# Cause: https://github.com/openedx/edx-lint/issues/458
-# This can be unpinned once https://github.com/openedx/edx-lint/issues/459 has been resolved.
-pip<24.3
+# pip 25.3 is incompatible with pip-tools hence causing failures during the build process
+# Make upgrade command and all requirements upgrade jobs are broken due to this.
+# See issue https://github.com/openedx/public-engineering/issues/440 for details regarding the ongoing fix.
+# The constraint can be removed once a release (pip-tools > 7.5.1) is available with support for pip 25.3
+# Issue to track this dependency and unpin later on: https://github.com/openedx/edx-lint/issues/503
+pip<25.3

requirements/dev.txt

@@ -4,7 +4,7 @@
 #
 #    make upgrade
 #
-asgiref==3.9.2
+asgiref==3.10.0
     # via django
 astroid==3.3.11
     # via
@@ -14,19 +14,19 @@ backports-tarfile==1.2.0
     # via jaraco-context
 build==1.3.0
     # via -r requirements/quality.in
-cachetools==6.2.0
+cachetools==6.2.2
     # via tox
-certifi==2025.8.3
+certifi==2025.11.12
     # via requests
 cffi==2.0.0
     # via cryptography
 chardet==5.2.0
     # via
     #   diff-cover
     #   tox
-charset-normalizer==3.4.3
+charset-normalizer==3.4.4
     # via requests
-click==8.3.0
+click==8.3.1
     # via
     #   click-log
     #   code-annotations
@@ -37,38 +37,38 @@ code-annotations==2.3.0
     # via edx-lint
 colorama==0.4.6
     # via tox
-cryptography==46.0.1
+cryptography==46.0.3
     # via secretstorage
-diff-cover==9.7.0
+diff-cover==9.7.2
     # via -r requirements/dev.in
 dill==0.4.0
     # via pylint
 distlib==0.4.0
     # via virtualenv
-django==4.2.24
+django==5.2.8
     # via
     #   -c requirements/common_constraints.txt
     #   -r requirements/base.in
     #   edx-i18n-tools
-docutils==0.22.2
+docutils==0.22.3
     # via readme-renderer
 edx-i18n-tools==1.9.0
     # via -r requirements/dev.in
 edx-lint==5.6.0
     # via
     #   -r requirements/dev.in
     #   -r requirements/quality.in
-filelock==3.19.1
+filelock==3.20.0
     # via
     #   tox
     #   virtualenv
 id==1.5.0
     # via twine
-idna==3.10
+idna==3.11
     # via requests
 importlib-metadata==8.7.0
     # via keyring
-isort==6.0.1
+isort==6.1.0
     # via
     #   -r requirements/quality.in
     #   pylint
@@ -86,17 +86,17 @@ jinja2==3.1.6
     # via
     #   code-annotations
     #   diff-cover
-keyring==25.6.0
+keyring==25.7.0
     # via twine
 lxml[html-clean]==6.0.2
     # via
     #   edx-i18n-tools
     #   lxml-html-clean
-lxml-html-clean==0.4.2
+lxml-html-clean==0.4.3
     # via lxml
 markdown-it-py==4.0.0
     # via rich
-markupsafe==3.0.2
+markupsafe==3.0.3
     # via jinja2
 mccabe==0.7.0
     # via pylint
@@ -106,7 +106,7 @@ more-itertools==10.8.0
     # via
     #   jaraco-classes
     #   jaraco-functools
-nh3==0.3.0
+nh3==0.3.2
     # via readme-renderer
 packaging==25.0
     # via
@@ -116,7 +116,7 @@ packaging==25.0
     #   twine
 path==16.16.0
     # via edx-i18n-tools
-platformdirs==4.4.0
+platformdirs==4.5.0
     # via
     #   pylint
     #   tox
@@ -138,7 +138,7 @@ pygments==2.19.2
     #   diff-cover
     #   readme-renderer
     #   rich
-pylint==3.3.8
+pylint==3.3.9
     # via
     #   edx-lint
     #   pylint-celery
@@ -152,13 +152,13 @@ pylint-plugin-utils==0.9.0
     # via
     #   pylint-celery
     #   pylint-django
-pyproject-api==1.9.1
+pyproject-api==1.10.0
     # via tox
 pyproject-hooks==1.2.0
     # via build
 python-slugify==8.0.4
     # via code-annotations
-pyyaml==6.0.2
+pyyaml==6.0.3
     # via
     #   code-annotations
     #   edx-i18n-tools
@@ -173,9 +173,9 @@ requests-toolbelt==1.0.0
     # via twine
 rfc3986==2.0.0
     # via twine
-rich==14.1.0
+rich==14.2.0
     # via twine
-secretstorage==3.4.0
+secretstorage==3.4.1
     # via keyring
 six==1.17.0
     # via edx-lint
@@ -189,7 +189,7 @@ text-unidecode==1.3
     # via python-slugify
 tomlkit==0.13.3
     # via pylint
-tox==4.30.2
+tox==4.32.0
     # via -r requirements/dev.in
 twine==6.2.0
     # via
@@ -199,7 +199,7 @@ urllib3==2.5.0
     # via
     #   requests
     #   twine
-virtualenv==20.34.0
+virtualenv==20.35.4
     # via tox
 wheel==0.45.1
     # via -r requirements/dev.in

requirements/pip-tools.txt

@@ -6,11 +6,11 @@
 #
 build==1.3.0
     # via pip-tools
-click==8.3.0
+click==8.3.1
     # via pip-tools
 packaging==25.0
     # via build
-pip-tools==7.5.0
+pip-tools==7.5.2
     # via -r requirements/pip-tools.in
 pyproject-hooks==1.2.0
     # via

requirements/pip.txt

@@ -8,7 +8,7 @@ wheel==0.45.1
     # via -r requirements/pip.in
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==24.2
+pip==25.2
     # via
     #   -c requirements/common_constraints.txt
     #   -r requirements/pip.in

requirements/quality.txt

@@ -12,13 +12,13 @@ backports-tarfile==1.2.0
     # via jaraco-context
 build==1.3.0
     # via -r requirements/quality.in
-certifi==2025.8.3
+certifi==2025.11.12
     # via requests
 cffi==2.0.0
     # via cryptography
-charset-normalizer==3.4.3
+charset-normalizer==3.4.4
     # via requests
-click==8.3.0
+click==8.3.1
     # via
     #   click-log
     #   code-annotations
@@ -27,21 +27,21 @@ click-log==0.4.0
     # via edx-lint
 code-annotations==2.3.0
     # via edx-lint
-cryptography==46.0.1
+cryptography==46.0.3
     # via secretstorage
 dill==0.4.0
     # via pylint
-docutils==0.22.2
+docutils==0.22.3
     # via readme-renderer
 edx-lint==5.6.0
     # via -r requirements/quality.in
 id==1.5.0
     # via twine
-idna==3.10
+idna==3.11
     # via requests
 importlib-metadata==8.7.0
     # via keyring
-isort==6.0.1
+isort==6.1.0
     # via
     #   -r requirements/quality.in
     #   pylint
@@ -57,11 +57,11 @@ jeepney==0.9.0
     #   secretstorage
 jinja2==3.1.6
     # via code-annotations
-keyring==25.6.0
+keyring==25.7.0
     # via twine
 markdown-it-py==4.0.0
     # via rich
-markupsafe==3.0.2
+markupsafe==3.0.3
     # via jinja2
 mccabe==0.7.0
     # via pylint
@@ -71,13 +71,13 @@ more-itertools==10.8.0
     # via
     #   jaraco-classes
     #   jaraco-functools
-nh3==0.3.0
+nh3==0.3.2
     # via readme-renderer
 packaging==25.0
     # via
     #   build
     #   twine
-platformdirs==4.4.0
+platformdirs==4.5.0
     # via pylint
 pycodestyle==2.14.0
     # via -r requirements/quality.in
@@ -89,7 +89,7 @@ pygments==2.19.2
     # via
     #   readme-renderer
     #   rich
-pylint==3.3.8
+pylint==3.3.9
     # via
     #   edx-lint
     #   pylint-celery
@@ -107,7 +107,7 @@ pyproject-hooks==1.2.0
     # via build
 python-slugify==8.0.4
     # via code-annotations
-pyyaml==6.0.2
+pyyaml==6.0.3
     # via code-annotations
 readme-renderer==44.0
     # via twine
@@ -120,9 +120,9 @@ requests-toolbelt==1.0.0
     # via twine
 rfc3986==2.0.0
     # via twine
-rich==14.1.0
+rich==14.2.0
     # via twine
-secretstorage==3.4.0
+secretstorage==3.4.1
     # via keyring
 six==1.17.0
     # via edx-lint