Unpin and update Boto-related constraints

  - Updating boto3 (1.9.128 -> 1.10.37)
    https://github.com/boto/boto3/blob/1.10.37/CHANGELOG.rst

  - Updating botocore (1.12.130 -> 1.13.37)
    https://github.com/boto/botocore/blob/1.13.37/CHANGELOG.rst

  - Updating docutils (0.12 -> 0.15.2)
    http://docutils.sourceforge.net/RELEASE-NOTES.html

  - Updating python-dateutil (2.7.3 -> 2.8.0)
    https://github.com/dateutil/dateutil/blob/2.8.1/NEWS

  - Updating s3transfer (0.2.0 -> 0.2.1)
    https://github.com/boto/s3transfer/blob/0.2.1/CHANGELOG.rst

  - Updating six (1.11.0 -> 1.13.0)
    https://github.com/benjaminp/six/blob/1.13.0/CHANGES

---

Boto3 1.9.128's dependency tree:

    boto3 1.9.128 The AWS SDK for Python
    |-- botocore >=1.12.128,<1.13.0
    |   |-- docutils >=0.10
    |   |-- jmespath >=0.7.1,<1.0.0
    |   |-- python-dateutil >=2.1,<3.0.0
    |   |   `-- six >=1.5
    |   `-- urllib3 >=1.20,<1.25
    |-- jmespath >=0.7.1,<1.0.0
    `-- s3transfer >=0.2.0,<0.3.0
        `-- botocore >=1.12.36,<2.0.0
            |-- docutils >=0.10
            |-- jmespath >=0.7.1,<1.0.0
            |-- python-dateutil >=2.1,<3.0.0
            |   `-- six >=1.5
            `-- urllib3 >=1.20,<1.25

The boto3 (1.9 -> 1.10) and botocore (1.12 -> 1.13) minor version
numbers were incremented due to Boto removing its vendored copy of
requests. Otherwise no significant changes to behavior.

urllib3 was not updated from 1.24.3, despite 1.25.7 being available,
because our pinned version of requests wants urllib3 (>=1.21.1,<1.25).

Similarly, python-dateutil is now stuck at 2.8.0 because botocore wants
python-dateutil (>=2.1,<2.8.1). Relaxing that upper bound is tracked at
boto/botocore#1872.

All of the changelogs look benign, and Boto is fairly self-contained.
However, python-dateutil is also used by elasticsearch-dsl, and six is
used in a few other dependencies.

pyproject.toml

@@ -17,7 +17,7 @@ python = "^3.8"
 # From default.txt
 babel = "2.2.0"
 bleach = "2.1.4"
-boto3 = "1.9.128"
+boto3 = "^1.10.37"
 celery = "^4.3.0"
 commonware = "0.5.0"
 cssselect = "1.0.3"
@@ -65,7 +65,7 @@ oauth2client = "3.0.0"
 polib = "1.1.0"
 puente = "0.5.0"
 pytest = "3.1.3"
-python-dateutil = "2.7.3"
+python-dateutil = "^2.8.0"
 python-decouple = "3.1"
 python-magic = "0.4.15"
 pytidylib = "0.3.2"
@@ -75,14 +75,14 @@ redis = "3.2.1"
 requests-mock = "0.7.0"
 sqlparse = "0.3.0"
 stripe = "2.31.0"
-urllib3 = "1.24.3"
+urllib3 = "^1.24.3"
 urlobject = "2.4.0"
 whitenoise = "3.3.1"
 
 # From default_and_test.txt
 pyquery = "1.4.0"
 requests = "2.20.1"
-six = "1.11.0"
+six = "^1.13.0"
 
 # From dev.txt
 django-babel = "0.6.2"
@@ -94,17 +94,14 @@ urlwait = "0.4"
 werkzeug = "0.16.0"
 
 # From constraints.txt
-botocore = "1.12.130"
 certifi = "2018.10.15"
 chardet = "3.0.4"
 click = "6.7"
 coverage = "4.3.4"
 defusedxml = "0.5.0"
 django-appconf = "1.0.2"
-docutils = "0.12"
 greenlet = "0.4.15"
 idna = "2.7"
-jmespath = "0.9.4"
 markupsafe = "1.0"
 oauthlib = "2.0.4"
 py = "1.4.33"
@@ -113,7 +110,6 @@ pyasn1-modules = "0.0.8"
 python3-openid = "3.1.0"
 requests-oauthlib = "0.8.0"
 rsa = "3.4.2"
-s3transfer = "0.2.0"
 uritemplate = "0.6"
 vine = "1.3.0"
 webencodings = "0.5.1"