From 5d946c9d0b6c02b3ad9a0ddcf0c5ab53daa96a29 Mon Sep 17 00:00:00 2001
From: Ben Thorner <ben.thorner@digital.cabinet-office.gov.uk>
Date: Tue, 16 Feb 2021 16:35:45 +0000
Subject: [PATCH] Run 'make freeze-requirements' to fix install errors

This downgrades various packages so they are mutually compatible
and "pip install -r requirements.txt" succeeds.

This downgrades to pyyaml 5.3.1, despite it having a security issue,
in order to fix the build for the time being. This also downgrades
dnspython, due to a suspected issue with eventlet [1], which caused
the admin app to start failing with errors like this:

  File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn
    conn.connect()
  File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connection.py", line 394, in connect
    cert_reqs=resolve_cert_reqs(self.cert_reqs),
  File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 303, in create_urllib3_context
    context.options |= options
  File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
    super(SSLContext, SSLContext).options.__set__(self, value)
  File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
    super(SSLContext, SSLContext).options.__set__(self, value)
  File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
    super(SSLContext, SSLContext).options.__set__(self, value)
  [Previous line repeated 280 more times]
  RecursionError: maximum recursion depth exceeded while calling a Python object

[1]: https://github.com/eventlet/eventlet/pull/684
---
 requirements.txt | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index e38be2cf0..8a25960bf 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -33,13 +33,13 @@ chardet==4.0.0
     # via requests
 click==7.1.2
     # via flask
-colorama==0.4.4
+colorama==0.4.3
     # via awscli
-dnspython==2.1.0
+dnspython==1.16.0
     # via eventlet
 docopt==0.6.2
     # via notifications-python-client
-docutils==0.16
+docutils==0.15.2
     # via awscli
 et-xmlfile==1.0.1
     # via openpyxl
@@ -59,8 +59,6 @@ flask==1.1.2
     #   flask-wtf
     #   gds-metrics
     #   notifications-utils
-future==0.18.2
-    # via notifications-python-client
 gds-metrics==0.2.4
     # via -r requirements.in
 geojson==2.5.0
@@ -77,7 +75,7 @@ gunicorn==20.0.4
     # via -r requirements.in
 humanize==3.2.0
     # via -r requirements.in
-idna==3.1
+idna==2.10
     # via requests
 itsdangerous==1.1.0
     # via
@@ -110,8 +108,6 @@ markupsafe==1.1.1
     #   wtforms
 mistune==0.8.4
     # via notifications-utils
-monotonic==1.5
-    # via notifications-python-client
 notifications-python-client==6.0.2
     # via -r requirements.in
 git+https://github.com/alphagov/notifications-utils.git@43.8.3#egg=notifications-utils==43.8.3
@@ -163,7 +159,7 @@ pytz==2021.1
     # via
     #   -r requirements.in
     #   notifications-utils
-pyyaml==5.4.1
+pyyaml==5.3.1
     # via
     #   awscli
     #   notifications-utils
@@ -175,7 +171,7 @@ requests==2.25.1
     #   govuk-bank-holidays
     #   notifications-python-client
     #   notifications-utils
-rsa==4.7
+rsa==4.5
     # via awscli
 s3transfer==0.3.4
     # via
@@ -208,7 +204,7 @@ werkzeug==1.0.1
     # via flask
 wtforms==2.3.3
     # via flask-wtf
-xlrd==2.0.1
+xlrd==1.2.0
     # via pyexcel-xls
 xlwt==1.3.0
     # via pyexcel-xls