Update the requirements.txt and freeze them on release
requirements.txt file has package versions that are pinned and some are very old by now.
I've done a quick test and using all the latest works with a very minor fix in the code so far.
We should have a development one that uses the latest packages (maybe?) and then use a minimal one that we use when we release (pip freeze).
This way, we keep up to date with everything and do not fall into the risk of having huge security holes because old dependencies for instance.