From f671ca37801a97f16d2fa2250f171b151e30c8da Mon Sep 17 00:00:00 2001
From: Anders Kaseorg <anders@zulipchat.com>
Date: Sun, 22 Sep 2019 16:48:29 -0700
Subject: [PATCH] requirements: Upgrade Python requirements.

This commit was generated by deleting these lock files and rerunning
update-locked-requirements.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
---
 requirements/dev.txt         | 128 ++++++++++++++++++-----------------
 requirements/docs.txt        |  29 ++++----
 requirements/pip.txt         |   4 +-
 requirements/prod.txt        |  71 ++++++++++---------
 requirements/thumbor-dev.txt |  32 ++++-----
 requirements/thumbor.txt     |  32 ++++-----
 version.py                   |   2 +-
 7 files changed, 154 insertions(+), 144 deletions(-)

diff --git a/requirements/dev.txt b/requirements/dev.txt
index 121171286b..57b4ca8c13 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -16,75 +16,75 @@ arrow==0.14.2             # via gitlint
 asn1crypto==0.24.0        # via cryptography
 attrs==19.1.0             # via automat, jsonschema, service-identity, twisted
 automat==0.7.0            # via twisted
-aws-sam-translator==1.12.0  # via cfn-lint
-aws-xray-sdk==0.95        # via moto
-babel==2.5.3              # via django-phonenumber-field, sphinx
+aws-sam-translator==1.14.0  # via cfn-lint
+aws-xray-sdk==2.4.2       # via moto
+babel==2.7.0              # via django-phonenumber-field, sphinx
 backcall==0.1.0           # via ipython
 beautifulsoup4==4.8.0
-boto3==1.9.183            # via aws-sam-translator, moto
+boto3==1.9.233            # via aws-sam-translator, moto
 boto==2.49.0
-botocore==1.12.183        # via boto3, moto, s3transfer
+botocore==1.12.233        # via aws-xray-sdk, boto3, moto, s3transfer
 cachetools==3.1.1         # via premailer
 cchardet==2.1.4
-certifi==2019.6.16        # via requests
+certifi==2019.9.11        # via requests
 cffi==1.12.3              # via argon2-cffi, cryptography
-cfn-lint==0.22.3          # via moto
+cfn-lint==0.24.1          # via moto
 chardet==3.0.4            # via requests
 click==7.0                # via gitlint, pip-tools
 commonmark==0.9.0         # via recommonmark
 constantly==15.1.0        # via twisted
-coverage==4.5.3
-cryptography==2.6.1       # via apns2, moto, pyopenssl, requests, service-identity, sshpubkeys
-cssselect==1.0.3          # via parsel, premailer, scrapy
+coverage==4.5.4
+cryptography==2.7         # via apns2, moto, pyopenssl, requests, service-identity, sshpubkeys
+cssselect==1.1.0          # via parsel, premailer, scrapy
 cssutils==1.0.2           # via premailer
 datetime==4.3             # via moto
 decorator==4.4.0
 defusedxml==0.6.0
-disposable-email-domains==0.0.52
+disposable-email-domains==0.0.53
 django-auth-ldap==2.0.0
 django-bitfield==1.9.6
 django-formtools==2.1     # via django-two-factor-auth
-django-otp==0.6.0         # via django-two-factor-auth
+django-otp==0.7.2         # via django-two-factor-auth
 django-phonenumber-field==1.3.0  # via django-two-factor-auth
 django-pylibmc==0.6.1
 django-sendfile2==0.4.2
 django-statsd-mozilla==0.4.0
 django-two-factor-auth==1.9.1
 django-webpack-loader==0.6.0
-django==1.11.23
+django==1.11.24
 docker==4.0.2             # via moto
-docutils==0.14            # via botocore, recommonmark, sphinx
+docutils==0.15.2          # via botocore, recommonmark, sphinx
 ecdsa==0.13.2             # via python-jose, sshpubkeys
 fakeldap==0.6.1
-# future==0.17.1            # via commonmark, python-jose, python-twitter
+# future==0.17.1            # via aws-xray-sdk, commonmark, python-jose, python-twitter
 gitlint==0.12.0
 h2==2.6.2                 # via hyper
 hpack==3.0.0              # via h2
-html2text==2018.1.9
-httplib2==0.13.0
+html2text==2019.8.11
+httplib2==0.13.1
 httpretty==0.9.6
 hypchat==0.21
 hyper==0.7.0              # via apns2
 hyperframe==3.2.0         # via h2, hyper
 hyperlink==19.0.0
 idna==2.8                 # via hyperlink, moto, requests
-ijson==2.4
+ijson==2.5
 imagesize==1.1.0          # via sphinx
 incremental==17.5.0       # via twisted
 ipython-genutils==0.2.0   # via traitlets
-ipython==6.5.0
+ipython==7.8.0
 isort==4.3.21
-jedi==0.14.0              # via ipython
+jedi==0.15.1              # via ipython
 jinja2==2.10.1
 jmespath==0.9.4           # via boto3, botocore
 jsondiff==1.1.2           # via moto
-jsonpatch==1.23           # via cfn-lint
+jsonpatch==1.24           # via cfn-lint
 jsonpickle==1.2           # via aws-xray-sdk, python-digitalocean
 jsonpointer==2.0          # via jsonpatch
-jsonschema==3.0.1         # via aws-sam-translator, cfn-lint
+jsonschema==3.0.2         # via aws-sam-translator, cfn-lint
 git+https://github.com/zulip/libthumbor.git@60ed2431c07686a12f2770b2d852c5650f3ccfc6#egg=libthumbor==1.3.2zulip
 lp37==2.1.1
-lxml==4.3.4
+lxml==4.4.1
 markdown-include==0.5.1
 markdown==3.1.1
 markupsafe==1.1.1         # via jinja2
@@ -93,28 +93,27 @@ mock==3.0.5
 moto==1.3.13
 mypy-extensions==0.4.1    # via mypy
 mypy==0.720
-oauthlib==3.0.1           # via requests-oauthlib, social-auth-core
-packaging==19.0           # via sphinx
-parsel==1.5.1             # via scrapy
-parso==0.5.0              # via jedi
+oauthlib==3.1.0           # via requests-oauthlib, social-auth-core
+packaging==19.2           # via sphinx
+parsel==1.5.2             # via scrapy
+parso==0.5.1              # via jedi
 pexpect==4.7.0            # via ipython
-phonenumberslite==8.10.15
+phonenumberslite==8.10.19
 pickleshare==0.7.5        # via ipython
-pika==0.13.0
+pika==0.13.1
 pillow==6.1.0
 pip-tools==4.1.0
 polib==1.1.0
-premailer==3.5.0
-prompt-toolkit==1.0.16    # via ipython
+premailer==3.6.1
+prompt-toolkit==2.0.9     # via ipython
 psycopg2==2.8.3
 ptyprocess==0.6.0         # via pexpect
-py3dns==3.2.0
+py3dns==3.2.1
 pyahocorasick==1.4.0
-pyasn1-modules==0.2.5     # via python-ldap, service-identity
-pyasn1==0.4.5             # via pyasn1-modules, python-ldap, service-identity
+pyasn1-modules==0.2.6     # via python-ldap, service-identity
+pyasn1==0.4.7             # via pyasn1-modules, python-ldap, rsa, service-identity
 pycodestyle==2.5.0
 pycparser==2.19           # via cffi
-pycryptodome==3.8.2       # via python-jose
 pydispatcher==2.0.5       # via scrapy
 pyflakes==2.1.1
 pygments==2.4.2
@@ -122,66 +121,73 @@ pyhamcrest==1.9.0         # via twisted
 pyinotify==0.9.6
 pyjwt==1.7.1
 pyldap==3.0.0.post1       # via fakeldap
-pylibmc==1.6.0
+pylibmc==1.6.1
 pyoembed==0.1.2
 pyopenssl==19.0.0         # via requests, scrapy
-pyparsing==2.4.0          # via packaging
-pyrsistent==0.15.3        # via jsonschema
-pysocks==1.7.0            # via twilio
+pyparsing==2.4.2          # via packaging
+pyrsistent==0.15.4        # via jsonschema
+pysocks==1.7.1            # via twilio
 python-dateutil==2.8.0
 python-digitalocean==1.14.0
 python-gcm==0.4
-python-jose==2.0.2        # via moto
+python-jose==3.0.1        # via moto
 python-ldap==3.2.0        # via django-auth-ldap, pyldap
 python-magic==0.4.15
+python-slugify==1.2.6     # via transifex-client
 python-twitter==3.5
 python3-openid==3.1.0     # via social-auth-core
-pytz==2019.1
-pyyaml==5.1.1             # via cfn-lint, moto, yamole
+pytz==2019.2
+pyyaml==5.1.2             # via cfn-lint, moto, yamole
 qrcode==6.1               # via django-two-factor-auth
 queuelib==1.5.0           # via scrapy
 recommonmark==0.5.0
-redis==3.2.1
-regex==2019.6.8
-requests-oauthlib==1.0.0  # via python-twitter, social-auth-core
-requests[security]==2.22.0  # via aws-xray-sdk, cfn-lint, docker, hypchat, matrix-client, moto, premailer, pyoembed, python-digitalocean, python-gcm, python-twitter, requests-oauthlib, responses, social-auth-core, sphinx, stripe, twilio
+redis==3.3.8
+regex==2019.8.19
+requests-oauthlib==1.2.0  # via python-twitter, social-auth-core
+requests[security]==2.22.0  # via docker, hypchat, matrix-client, moto, premailer, pyoembed, python-digitalocean, python-gcm, python-twitter, requests-oauthlib, responses, social-auth-core, sphinx, stripe, transifex-client, twilio
 responses==0.10.6         # via moto
+rsa==4.0                  # via python-jose
 s3transfer==0.2.1         # via boto3
-scrapy==1.7.2
+scrapy==1.7.3
 service-identity==18.1.0  # via scrapy
 sh==1.12.14               # via gitlint
-simplegeneric==0.8.1      # via ipython
-six==1.12.0
+six==1.11.0
 snakeviz==2.0.1
-snowballstemmer==1.2.1    # via sphinx
+snowballstemmer==1.9.1    # via sphinx
 social-auth-app-django==3.1.0
 social-auth-core==3.2.0   # via social-auth-app-django
 sockjs-tornado==1.0.6
-soupsieve==1.9.2          # via beautifulsoup4
+soupsieve==1.9.3          # via beautifulsoup4
 sourcemap==0.2.1
 sphinx-rtd-theme==0.4.3
-sphinx==1.8.4
-sphinxcontrib-websupport==1.1.2  # via sphinx
-sqlalchemy==1.3.6
+sphinx==2.2.0
+sphinxcontrib-applehelp==1.0.1  # via sphinx
+sphinxcontrib-devhelp==1.0.1  # via sphinx
+sphinxcontrib-htmlhelp==1.0.2  # via sphinx
+sphinxcontrib-jsmath==1.0.1  # via sphinx
+sphinxcontrib-qthelp==1.0.2  # via sphinx
+sphinxcontrib-serializinghtml==1.1.3  # via sphinx
+sqlalchemy==1.3.8
 sshpubkeys==3.1.0         # via moto
 statsd==3.3.0             # via django-statsd-mozilla
-stripe==2.35.0
+stripe==2.36.2
 git+https://github.com/zulip/talon.git@7d8bdc4dbcfcc5a73298747293b99fe53da55315#egg=talon==1.2.10.zulip1
 tblib==1.4.0
 tornado==4.5.3
 traitlets==4.3.2          # via ipython
-transifex-client==0.12.5
-twilio==6.29.2
+transifex-client==0.13.6
+twilio==6.31.0
 twisted==19.7.0
 typed-ast==1.4.0          # via mypy
 typing-extensions==3.7.4
 git+https://github.com/zulip/ultrajson@70ac02bec#egg=ujson==1.35+git
-urllib3==1.25.3           # via botocore, requests, transifex-client
+unidecode==1.1.1          # via python-slugify
+urllib3==1.23             # via botocore, requests, transifex-client
 virtualenv-clone==0.5.3
-w3lib==1.20.0             # via parsel, scrapy
+w3lib==1.21.0             # via parsel, scrapy
 wcwidth==0.1.7            # via prompt-toolkit
 websocket-client==0.56.0  # via docker
-werkzeug==0.15.4          # via moto
+werkzeug==0.16.0          # via moto
 wrapt==1.11.2             # via aws-xray-sdk
 xmltodict==0.12.0         # via moto
 yamole==2.1.6
@@ -192,4 +198,4 @@ git+https://github.com/zulip/python-zulip-api.git@804501610b6a205334e71b4e441fca
 
 # The following packages are considered to be unsafe in a requirements file:
 pip==19.2.3
-setuptools==41.0.1        # via cfn-lint, ipython, jsonschema, markdown, pyhamcrest, sphinx, zope.interface
+setuptools==41.2.0        # via cfn-lint, ipython, jsonschema, markdown, pyhamcrest, sphinx, zope.interface
diff --git a/requirements/docs.txt b/requirements/docs.txt
index b3b6aa7361..2c9c99ac3f 100644
--- a/requirements/docs.txt
+++ b/requirements/docs.txt
@@ -8,28 +8,33 @@
 # For details, see requirements/README.md .
 #
 alabaster==0.7.12         # via sphinx
-babel==2.5.3              # via sphinx
-certifi==2019.6.16        # via requests
+babel==2.7.0              # via sphinx
+certifi==2019.9.11        # via requests
 chardet==3.0.4            # via requests
 commonmark==0.9.0         # via recommonmark
-docutils==0.14            # via recommonmark, sphinx
+docutils==0.15.2          # via recommonmark, sphinx
 # future==0.17.1            # via commonmark
 idna==2.8                 # via requests
 imagesize==1.1.0          # via sphinx
 jinja2==2.10.1            # via sphinx
 markupsafe==1.1.1         # via jinja2
-packaging==19.0           # via sphinx
+packaging==19.2           # via sphinx
 pygments==2.4.2           # via sphinx
-pyparsing==2.4.0          # via packaging
-pytz==2019.1              # via babel
+pyparsing==2.4.2          # via packaging
+pytz==2019.2              # via babel
 recommonmark==0.5.0
 requests==2.22.0          # via sphinx
-six==1.12.0               # via packaging, sphinx
-snowballstemmer==1.2.1    # via sphinx
+six==1.12.0               # via packaging
+snowballstemmer==1.9.1    # via sphinx
 sphinx-rtd-theme==0.4.3
-sphinx==1.8.4
-sphinxcontrib-websupport==1.1.2  # via sphinx
-urllib3==1.25.3           # via requests
+sphinx==2.2.0
+sphinxcontrib-applehelp==1.0.1  # via sphinx
+sphinxcontrib-devhelp==1.0.1  # via sphinx
+sphinxcontrib-htmlhelp==1.0.2  # via sphinx
+sphinxcontrib-jsmath==1.0.1  # via sphinx
+sphinxcontrib-qthelp==1.0.2  # via sphinx
+sphinxcontrib-serializinghtml==1.1.3  # via sphinx
+urllib3==1.25.5           # via requests
 
 # The following packages are considered to be unsafe in a requirements file:
-setuptools==41.0.1        # via sphinx
+setuptools==41.2.0        # via sphinx
diff --git a/requirements/pip.txt b/requirements/pip.txt
index e612a9b6ba..ac6314389e 100644
--- a/requirements/pip.txt
+++ b/requirements/pip.txt
@@ -7,8 +7,8 @@
 #
 # For details, see requirements/README.md .
 #
-wheel==0.33.4
+wheel==0.33.6
 
 # The following packages are considered to be unsafe in a requirements file:
 pip==19.2.3
-setuptools==41.0.1
+setuptools==41.2.0
diff --git a/requirements/prod.txt b/requirements/prod.txt
index 96022edbe6..86ce5da6b7 100644
--- a/requirements/prod.txt
+++ b/requirements/prod.txt
@@ -18,102 +18,101 @@ beautifulsoup4==4.8.0
 boto==2.49.0
 cachetools==3.1.1         # via premailer
 cchardet==2.1.4
-certifi==2019.6.16        # via requests
+certifi==2019.9.11        # via requests
 cffi==1.12.3              # via argon2-cffi, cryptography
 chardet==3.0.4            # via requests
-cryptography==2.6.1       # via apns2, pyopenssl, requests
-cssselect==1.0.3          # via premailer
+cryptography==2.7         # via apns2, pyopenssl, requests
+cssselect==1.1.0          # via premailer
 cssutils==1.0.2           # via premailer
 decorator==4.4.0
 defusedxml==0.6.0
-disposable-email-domains==0.0.52
+disposable-email-domains==0.0.53
 django-auth-ldap==2.0.0
 django-bitfield==1.9.6
 django-formtools==2.1     # via django-two-factor-auth
-django-otp==0.6.0         # via django-two-factor-auth
+django-otp==0.7.2         # via django-two-factor-auth
 django-phonenumber-field==1.3.0  # via django-two-factor-auth
 django-pylibmc==0.6.1
 django-sendfile2==0.4.2
 django-statsd-mozilla==0.4.0
 django-two-factor-auth==1.9.1
 django-webpack-loader==0.6.0
-django==1.11.23
+django==1.11.24
 # future==0.17.1            # via python-twitter
 h2==2.6.2                 # via hyper
 hpack==3.0.0              # via h2
-html2text==2018.1.9
-httplib2==0.13.0
+html2text==2019.8.11
+httplib2==0.13.1
 hypchat==0.21
 hyper==0.7.0              # via apns2
 hyperframe==3.2.0         # via h2, hyper
 hyperlink==19.0.0
 idna==2.8                 # via hyperlink, requests
-ijson==2.4
+ijson==2.5
 ipython-genutils==0.2.0   # via traitlets
-ipython==6.5.0
-jedi==0.14.0              # via ipython
+ipython==7.8.0
+jedi==0.15.1              # via ipython
 jinja2==2.10.1
 git+https://github.com/zulip/libthumbor.git@60ed2431c07686a12f2770b2d852c5650f3ccfc6#egg=libthumbor==1.3.2zulip
-lxml==4.3.4
+lxml==4.4.1
 markdown-include==0.5.1
 markdown==3.1.1
 markupsafe==1.1.1         # via jinja2
 matrix-client==0.3.2
 mock==3.0.5
-oauthlib==3.0.1           # via requests-oauthlib, social-auth-core
-parso==0.5.0              # via jedi
+oauthlib==3.1.0           # via requests-oauthlib, social-auth-core
+parso==0.5.1              # via jedi
 pexpect==4.7.0            # via ipython
-phonenumberslite==8.10.15
+phonenumberslite==8.10.19
 pickleshare==0.7.5        # via ipython
-pika==0.13.0
+pika==0.13.1
 pillow==6.1.0
 polib==1.1.0
-premailer==3.5.0
-prompt-toolkit==1.0.16    # via ipython
+premailer==3.6.1
+prompt-toolkit==2.0.9     # via ipython
 psycopg2==2.8.3
 ptyprocess==0.6.0         # via pexpect
-py3dns==3.2.0
+py3dns==3.2.1
 pyahocorasick==1.4.0
-pyasn1-modules==0.2.5     # via python-ldap
-pyasn1==0.4.5             # via pyasn1-modules, python-ldap
+pyasn1-modules==0.2.6     # via python-ldap
+pyasn1==0.4.7             # via pyasn1-modules, python-ldap
 pycparser==2.19           # via cffi
 pygments==2.4.2
 pyjwt==1.7.1
-pylibmc==1.6.0
+pylibmc==1.6.1
 pyoembed==0.1.2
 pyopenssl==19.0.0         # via requests
-pysocks==1.7.0            # via twilio
+pysocks==1.7.1            # via twilio
 python-dateutil==2.8.0
 python-gcm==0.4
 python-ldap==3.2.0        # via django-auth-ldap
 python-magic==0.4.15
 python-twitter==3.5
 python3-openid==3.1.0     # via social-auth-core
-pytz==2019.1
-pyyaml==5.1.1             # via yamole
+pytz==2019.2
+pyyaml==5.1.2             # via yamole
 qrcode==6.1               # via django-two-factor-auth
-redis==3.2.1
-regex==2019.6.8
-requests-oauthlib==1.0.0  # via python-twitter, social-auth-core
+redis==3.3.8
+regex==2019.8.19
+requests-oauthlib==1.2.0  # via python-twitter, social-auth-core
 requests[security]==2.22.0  # via hypchat, matrix-client, premailer, pyoembed, python-gcm, python-twitter, requests-oauthlib, social-auth-core, stripe, twilio
-simplegeneric==0.8.1      # via ipython
 six==1.12.0
 social-auth-app-django==3.1.0
 social-auth-core==3.2.0   # via social-auth-app-django
 sockjs-tornado==1.0.6
-soupsieve==1.9.2          # via beautifulsoup4
+soupsieve==1.9.3          # via beautifulsoup4
 sourcemap==0.2.1
-sqlalchemy==1.3.6
+sqlalchemy==1.3.8
 statsd==3.3.0             # via django-statsd-mozilla
-stripe==2.35.0
+stripe==2.36.2
 git+https://github.com/zulip/talon.git@7d8bdc4dbcfcc5a73298747293b99fe53da55315#egg=talon==1.2.10.zulip1
 tornado==4.5.3
 traitlets==4.3.2          # via ipython
-twilio==6.29.2
+twilio==6.31.0
 typing-extensions==3.7.4
 git+https://github.com/zulip/ultrajson@70ac02bec#egg=ujson==1.35+git
-urllib3==1.25.3           # via requests
-uwsgi==2.0.17.1
+urllib3==1.25.5           # via requests
+uwsgi==2.0.18
 virtualenv-clone==0.5.3
 wcwidth==0.1.7            # via prompt-toolkit
 yamole==2.1.6
@@ -122,4 +121,4 @@ git+https://github.com/zulip/python-zulip-api.git@804501610b6a205334e71b4e441fca
 
 # The following packages are considered to be unsafe in a requirements file:
 pip==19.2.3
-setuptools==41.0.1        # via ipython, markdown
+setuptools==41.2.0        # via ipython, markdown
diff --git a/requirements/thumbor-dev.txt b/requirements/thumbor-dev.txt
index b89a1fa7eb..7a6c7f9f0c 100644
--- a/requirements/thumbor-dev.txt
+++ b/requirements/thumbor-dev.txt
@@ -9,33 +9,33 @@
 #
 argparse==1.4.0           # via thumbor
 backports-abc==0.5        # via tornado
-botocore==1.12.183        # via tornado-botocore
+botocore==1.12.233        # via tornado-botocore
 click==7.0                # via pip-tools
 derpconf==0.8.3           # via thumbor
 django-auth-ldap==1.7.0
-django==1.11.23
-docutils==0.14            # via botocore
-futures==3.1.1            # via thumbor, tornado
+django==1.11.24
+docutils==0.15.2          # via botocore
+futures==3.3.0            # via thumbor, tornado
 jmespath==0.9.4           # via botocore
 libthumbor==1.3.2         # via thumbor
-piexif==1.0.13            # via thumbor
-pillow==5.1.0             # via thumbor
+piexif==1.1.3             # via thumbor
+pillow==5.4.1             # via thumbor
 pip-tools==4.1.0
-pyasn1-modules==0.2.5     # via python-ldap
-pyasn1==0.4.5             # via pyasn1-modules, python-ldap
-pycryptodome==3.8.2       # via thumbor
+pyasn1-modules==0.2.6     # via python-ldap
+pyasn1==0.4.7             # via pyasn1-modules, python-ldap
+pycryptodome==3.9.0       # via thumbor
 pycurl==7.43.0.3          # via thumbor
 python-dateutil==2.8.0    # via botocore, tc-aws
 python-ldap==3.2.0        # via django-auth-ldap
-pytz==2019.1              # via django, thumbor
+pytz==2019.2              # via django, thumbor
 singledispatch==3.4.0.3   # via tornado
 six==1.12.0               # via derpconf, libthumbor, pip-tools, python-dateutil, singledispatch, thumbor, webcolors
 statsd==3.3.0             # via thumbor
-tc-aws==6.2.10
-thumbor==6.5.1
+tc-aws==6.2.12
+thumbor==6.7.0
 tornado-botocore==1.5.0   # via tc-aws
 tornado==5.1.1            # via thumbor, tornado-botocore
-typing==3.6.6
-urllib3==1.25.3           # via botocore
-virtualenv-clone==0.5.1
-webcolors==1.9.1          # via thumbor
+typing==3.7.4.1
+urllib3==1.25.5           # via botocore
+virtualenv-clone==0.5.3
+webcolors==1.10           # via thumbor
diff --git a/requirements/thumbor.txt b/requirements/thumbor.txt
index 564d0ac24c..348126b1fc 100644
--- a/requirements/thumbor.txt
+++ b/requirements/thumbor.txt
@@ -9,31 +9,31 @@
 #
 argparse==1.4.0           # via thumbor
 backports-abc==0.5        # via tornado
-botocore==1.12.183        # via tornado-botocore
+botocore==1.12.233        # via tornado-botocore
 derpconf==0.8.3           # via thumbor
 django-auth-ldap==1.7.0
-django==1.11.23
-docutils==0.14            # via botocore
-futures==3.1.1            # via thumbor, tornado
+django==1.11.24
+docutils==0.15.2          # via botocore
+futures==3.3.0            # via thumbor, tornado
 jmespath==0.9.4           # via botocore
 libthumbor==1.3.2         # via thumbor
-piexif==1.0.13            # via thumbor
-pillow==5.1.0             # via thumbor
-pyasn1-modules==0.2.5     # via python-ldap
-pyasn1==0.4.5             # via pyasn1-modules, python-ldap
-pycryptodome==3.8.2       # via thumbor
+piexif==1.1.3             # via thumbor
+pillow==5.4.1             # via thumbor
+pyasn1-modules==0.2.6     # via python-ldap
+pyasn1==0.4.7             # via pyasn1-modules, python-ldap
+pycryptodome==3.9.0       # via thumbor
 pycurl==7.43.0.3          # via thumbor
 python-dateutil==2.8.0    # via botocore, tc-aws
 python-ldap==3.2.0        # via django-auth-ldap
-pytz==2019.1              # via django, thumbor
+pytz==2019.2              # via django, thumbor
 singledispatch==3.4.0.3   # via tornado
 six==1.12.0               # via derpconf, libthumbor, python-dateutil, singledispatch, thumbor, webcolors
 statsd==3.3.0             # via thumbor
-tc-aws==6.2.10
-thumbor==6.5.1
+tc-aws==6.2.12
+thumbor==6.7.0
 tornado-botocore==1.5.0   # via tc-aws
 tornado==5.1.1            # via thumbor, tornado-botocore
-typing==3.6.6
-urllib3==1.25.3           # via botocore
-virtualenv-clone==0.5.1
-webcolors==1.9.1          # via thumbor
+typing==3.7.4.1
+urllib3==1.25.5           # via botocore
+virtualenv-clone==0.5.3
+webcolors==1.10           # via thumbor
diff --git a/version.py b/version.py
index 582d360cc9..c3844a9eb0 100644
--- a/version.py
+++ b/version.py
@@ -26,4 +26,4 @@ LATEST_RELEASE_ANNOUNCEMENT = "https://blog.zulip.org/2019/03/01/zulip-2-0-relea
 #   historical commits sharing the same major version, in which case a
 #   minor version bump suffices.
 
-PROVISION_VERSION = '55.2'
+PROVISION_VERSION = '56.0'