RG/Upgrade Requirements

requirements.in

@@ -1,10 +1,57 @@
-flattentool>=0.16.0
-jsonschema
-strict-rfc3339
-rfc3987
-requests[socks]
-apsw>=3.35,<4
-
-# Compatibility with CoVE
-attrs>=20.3.0
-openpyxl==2.6.4
+flattentool>=0.16.0,<0.27.0
+# https://github.com/OpenDataServices/flatten-tool
+# Changelog says the next version beyond 0.26 will drop Py3.8 support:
+#   https://github.com/OpenDataServices/flatten-tool/blob/main/CHANGELOG.md
+
+jsonschema>=3.2.0,<4
+# https://pypi.org/project/jsonschema/
+# https://github.com/python-jsonschema/jsonschema
+# jsonschema 3.2 was the last v3 release, in 2019.
+# Uses Semantic Versioning: https://python-jsonschema.readthedocs.io/en/stable/faq/#how-do-jsonschema-version-numbers-work
+# Changelog: https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst#v320
+# Note than Python 3.8 is reaching EOL, but jsonschema v4.1.0 is the first to claim support for Python 3.10,
+# but the datagetter with 3.2.0 does seem to work on Python 3.10.
+# Given the core nature of jsonschema to CoVE etc, I'm guessing the upgrade to v4 may be involved.
+
+strict-rfc3339==0.7
+# https://pypi.org/project/strict-rfc3339/
+# https://github.com/danielrichman/strict-rfc3339
+# 0.7 was the last release, in 2016.
+# Unmaintained, the maintainer's last activity of any kind on github was in 2020, and their website is down (in Nov 2024)
+# but the project is self-contained so may not be a problem.
+# In future we may need to find a fork just to keep the python packaging aspect up-to-date, it's still using distutils.
+
+rfc3987==1.3.8
+# https://pypi.org/project/rfc3987/
+# https://codeberg.org/atufi/rfc3987
+# The last release was 1.3.8 in 2018, but source repo has recent packaging-related commits, still supports Py3.8.
+# Small project, unspecified versioning policy.
+
+requests[socks]>=2.26.0,<2.32
+# https://requests.readthedocs.io/en/stable/
+# Drops support for Py3.8 in 2.32.0 (2024-05-20)
+# I can't find a stated versioning policy, read the Deprecations sections of the changelog when updating this entry:
+# Changelog: https://docs.python-requests.org/en/latest/community/updates/#release-history
+
+apsw>=3.35,<3.47
+# https://rogerbinns.github.io/apsw/
+# https://pypi.org/project/apsw/
+# https://github.com/rogerbinns/apsw/
+# Versioning policy is "they'll try not to break things", and it doesn't look like there have been compatibility breaks
+#   in a long time.
+#   https://rogerbinns.github.io/apsw/about.html#backwards-compatibility
+#   Still, check the changelog when updating this entry.
+# Changelog: https://rogerbinns.github.io/apsw/changes.html
+
+
+# for Compatibility with CoVE
+attrs>=21.2.0,<21.3.0
+# Last 21.2.x release was 2021.
+# Can't find a stated version policy, versions seem to have breaking changes in minor versions.
+# Check the changelog when updating this entry.
+# Changelog: https://www.attrs.org/en/stable/changelog.html#id22
+
+# for Compatibility with CoVE
+openpyxl>=2.6.4,<3.1
+# 2.6.4 is the last v2 release, in 2019, but 3.0 only removes support for Py3.5, Breaking changes begin in 3.1.
+# Changelog: https://openpyxl.readthedocs.io/en/stable/changes.html

requirements.txt

@@ -2,99 +2,98 @@
 # This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
-#    pip-compile
+#    pip-compile requirements.in
 #
-apsw==3.45.3.0
+apsw==3.46.1.0
     # via -r requirements.in
 attrs==21.2.0
     # via
     #   -r requirements.in
     #   jsonschema
-backports-datetime-fromisoformat==1.0.0
+backports-datetime-fromisoformat==2.0.2
     # via flattentool
-btrees==4.9.2
+btrees==6.1
     # via zodb
-certifi==2023.7.22
+certifi==2024.8.30
     # via requests
-cffi==1.15.0
+cffi==1.17.1
     # via persistent
-charset-normalizer==2.0.7
+charset-normalizer==3.4.0
     # via requests
-contextlib2==21.6.0
-    # via schema
 defusedxml==0.7.1
     # via odfpy
-et-xmlfile==1.1.0
+et-xmlfile==2.0.0
     # via openpyxl
-flattentool==0.17.1
+flattentool==0.26.0
     # via -r requirements.in
-idna==3.3
+idna==3.10
     # via requests
-ijson==3.1.4
+ijson==3.3.0
     # via flattentool
-jdcal==1.4.1
-    # via openpyxl
-jsonref==0.2
+jsonref==1.1.0
     # via flattentool
 jsonschema==3.2.0
     # via -r requirements.in
-lxml==4.6.4
+lxml==5.3.0
     # via flattentool
 odfpy==1.4.1
     # via flattentool
-openpyxl==2.6.4
+openpyxl==3.0.10
     # via
     #   -r requirements.in
     #   flattentool
-persistent==4.7.0
+persistent==6.1
     # via
     #   btrees
     #   zodb
-pycparser==2.21
+pycparser==2.22
     # via cffi
-pyrsistent==0.18.0
+pyrsistent==0.20.0
     # via jsonschema
 pysocks==1.7.1
     # via requests
-pytz==2021.3
+pytz==2024.2
     # via flattentool
-requests[socks]==2.26.0
+requests[socks]==2.31.0
     # via -r requirements.in
 rfc3987==1.3.8
     # via -r requirements.in
-schema==0.7.4
+schema==0.7.7
     # via flattentool
 six==1.16.0
-    # via
-    #   jsonschema
-    #   zodb
+    # via jsonschema
 strict-rfc3339==0.7
     # via -r requirements.in
-transaction==3.0.1
+transaction==5.0
     # via zodb
-urllib3==1.26.7
+urllib3==2.2.3
     # via requests
-xmltodict==0.12.0
+xmltodict==0.14.2
     # via flattentool
-zc-lockfile==2.0
+zc-lockfile==3.0.post1
     # via zodb
 zc-zlibstorage==1.2.0
     # via flattentool
-zconfig==3.6.0
+zconfig==4.1
     # via zodb
-zodb==5.6.0
+zodb==6.0
     # via
     #   flattentool
     #   zc-zlibstorage
-zodbpickle==2.2.0
+zodbpickle==4.1.1
     # via zodb
-zope-interface==5.4.0
+zope-deferredimport==5.0
+    # via persistent
+zope-interface==7.1.1
     # via
     #   btrees
     #   persistent
     #   transaction
     #   zc-zlibstorage
     #   zodb
+    #   zope-proxy
+zope-proxy==6.1
+    # via zope-deferredimport
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools

setup.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-from distutils.core import setup
+from setuptools import setup
 
 install_requires = []