feat: pin deps for Python 3.8

Makefile

@@ -64,10 +64,10 @@ test: clean
 
 upgrade: export CUSTOM_COMPILE_COMMAND=make upgrade
 upgrade: ## update the requirements/*.txt files with the latest packages satisfying requirements/*.in
-	pip install -q -r requirements/pip_tools.txt
-	pip-compile --upgrade --allow-unsafe --rebuild -o requirements/pip.txt requirements/pip.in
+	python -m pip install pip-tools
 	pip-compile --upgrade -o requirements/pip_tools.txt requirements/pip_tools.in
-	pip install -qr requirements/pip.txt
 	pip install -qr requirements/pip_tools.txt
+	pip-compile --upgrade --allow-unsafe --rebuild -o requirements/pip.txt requirements/pip.in
+	pip install -qr requirements/pip.txt
 	pip-compile --upgrade -o requirements/base.txt requirements/base.in
 	pip-compile --upgrade -o requirements/test.txt requirements/test.in

requirements/base.txt

@@ -1,14 +1,16 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
 #    make upgrade
 #
 boto==2.49.0
     # via google-compute-engine
-boto3==1.42.31
-    # via -r requirements/base.in
-botocore==1.42.31
+boto3==1.37.38
+    # via
+    #   -c /Users/adusenbery/code/api-manager/requirements/constraints.txt
+    #   -r requirements/base.in
+botocore==1.37.38
     # via
     #   -r requirements/base.in
     #   boto3
@@ -24,17 +26,17 @@ jmespath==1.0.1
     #   -r requirements/base.in
     #   boto3
     #   botocore
-markupsafe==3.0.3
+markupsafe==2.1.5
     # via jinja2
 python-dateutil==2.9.0.post0
     # via botocore
-s3transfer==0.16.0
+s3transfer==0.11.5
     # via boto3
 six==1.17.0
     # via
     #   -r requirements/base.in
     #   python-dateutil
-urllib3==2.6.3
+urllib3==1.26.20
     # via botocore
 
 # The following packages are considered to be unsafe in a requirements file:

requirements/constraints.txt

@@ -10,3 +10,11 @@
 
 # This file contains all common constraints for edx-repos
 -c https://raw.githubusercontent.com/edx/edx-lint/master/edx_lint/files/common_constraints.txt
+
+# Need to pin this as long as we're on Python 3.8 in this codebase
+# https://pypi.org/project/boto3/1.38.0/
+boto3<1.38
+
+# 7.0 dropped support for Python 3.8
+# https://pypi.org/project/pip-tools/7.0.0/
+pip-tools<7.0

requirements/pip.txt

@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
 #    make upgrade
@@ -8,7 +8,7 @@ wheel==0.45.1
     # via -r requirements/pip.in
 
 # The following packages are considered to be unsafe in a requirements file:
-pip==25.3
+pip==25.0.1
     # via -r requirements/pip.in
-setuptools==80.9.0
+setuptools==75.3.3
     # via -r requirements/pip.in

requirements/pip_tools.txt

@@ -1,23 +1,31 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
 #    make upgrade
 #
-build==1.4.0
+build==1.2.2.post1
     # via pip-tools
-click==8.3.1
+click==8.1.8
     # via pip-tools
-packaging==25.0
+importlib-metadata==8.5.0
     # via build
-pip-tools==7.5.2
-    # via -r requirements/pip_tools.in
+packaging==26.0
+    # via build
+pip-tools==6.14.0
+    # via
+    #   -c requirements/constraints.txt
+    #   -r requirements/pip_tools.in
 pyproject-hooks==1.2.0
+    # via build
+tomli==2.4.0
     # via
     #   build
     #   pip-tools
 wheel==0.45.1
     # via pip-tools
+zipp==3.20.2
+    # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
 # pip