Updated dependencies to clear safety checks

[zenmonkeykstop]

• updated urllib3 from 1.24.3 to 1.25.10
• updated requests from 2.20.0 to 2.22.0
• updated pip-tools to >=5.0.0 to clear pip-related error
• Updated Makefile to pin pip and setuptools in dev requirements

testing:

• Merge Adds wheels for requests 2.22.0, urllib3-1.25.10 securedrop-builder#199 and re-run CI here to test the build logic
• CI is passing
• diff review was performed on urllib3 1.25.10 (vs 1.25.8, as that version is already in use and reviewed on other projects)

[zenmonkeykstop]

Yeah.. gonna need to pick someone's brains on dependency updates for this and the client.

[emkll]

CI is failing due to the requirements changes not being present in build-requirements.txt. build-requirements.txt contains the hashes of the wheels on the production pypi mirror. In order to get this PR passing, you will need to build the production wheels and submit a PR to securedrop-debian-packaging that contains the new wheels.

requests==2.22.0
urllib3==1.25.10

The "Updating Python Wheels" section in https://github.com/freedomofpress/securedrop-debian-packaging/blob/main/README.md is a good place to start, which will walk you through creating a pull request to securedrop-debian-packaging repo with the new wheels. Once the wheels built and committed, you can use the wheel hash in this pr in the build-requirements.txt requirements file.

[emkll]

thanks @zenmonkeykstop, LGTM!

• Merge Adds wheels for requests 2.22.0, urllib3-1.25.10 securedrop-builder#199 and re-run CI here to test the build logic
• CI is passing
• diff review was performed on urllib3 1.25.10 (vs 1.25.8, as that version is already in use and reviewed on other projects)
• wheel hashes are correct