diff --git a/Makefile b/Makefile
index 82e31bf1498a12c6f1bf4cca3a1d6e45d7daa71e..c9fb8b2987fadd151bc77d1347259f48d7733604 100644
--- a/Makefile
+++ b/Makefile
@@ -63,7 +63,8 @@ REQ_FILES = \
 	requirements/edx-sandbox/base \
 	requirements/edx/base \
 	requirements/edx/testing \
-	requirements/edx/development
+	requirements/edx/development \
+	scripts/xblock/requirements
 
 upgrade: export CUSTOM_COMPILE_COMMAND=make upgrade
 upgrade: ## update the pip requirements files to use the latest releases satisfying our constraints
diff --git a/requirements/edx/base.txt b/requirements/edx/base.txt
index ce59f16b52c5f59949aba5f4adf919c15990c4f8..07d76d760c34080e5426b6bfc813daf4de8cc6e9 100644
--- a/requirements/edx/base.txt
+++ b/requirements/edx/base.txt
@@ -246,3 +246,6 @@ xblock-utils==1.2.1
 xblock==1.2.2
 xmlsec==1.3.3             # via python3-saml
 zendesk==1.1.1
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.0.1        # via fs, lazy, python-levenshtein
diff --git a/requirements/edx/development.txt b/requirements/edx/development.txt
index b24bbb4cdd4cf9ced5f5373422cc191f355d241d..1600d2412a0a2004734b601eece0f38822aade27 100644
--- a/requirements/edx/development.txt
+++ b/requirements/edx/development.txt
@@ -335,3 +335,6 @@ xmlsec==1.3.3
 xmltodict==0.12.0
 zendesk==1.1.1
 zipp==0.5.1
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.0.1        # via caniusepython3, fs, lazy, pytest, python-levenshtein, sphinx, tox
diff --git a/requirements/edx/paver.txt b/requirements/edx/paver.txt
index 3bde400daa522b85e6ebdecbd7de4c0e63194936..8e4a1674bc1adeffd146f09ab30cb63821ae64b6 100644
--- a/requirements/edx/paver.txt
+++ b/requirements/edx/paver.txt
@@ -27,3 +27,6 @@ stevedore==1.30.1
 urllib3==1.23             # via requests
 watchdog==0.9.0
 wrapt==1.10.5
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.0.1        # via lazy
diff --git a/requirements/edx/testing.txt b/requirements/edx/testing.txt
index 615ddc295ef3bd5c3346860d2648f3a37c294722..2b0f4224412ff953bad84d157df1d46c408baaee 100644
--- a/requirements/edx/testing.txt
+++ b/requirements/edx/testing.txt
@@ -321,3 +321,6 @@ xmlsec==1.3.3
 xmltodict==0.12.0         # via moto
 zendesk==1.1.1
 zipp==0.5.1               # via importlib-metadata
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.0.1        # via caniusepython3, fs, lazy, pytest, python-levenshtein, tox
diff --git a/scripts/xblock/requirements.in b/scripts/xblock/requirements.in
new file mode 100644
index 0000000000000000000000000000000000000000..f2293605cf1b01dca72aad0a15c45b72ed5429a2
--- /dev/null
+++ b/scripts/xblock/requirements.in
@@ -0,0 +1 @@
+requests
diff --git a/scripts/xblock/requirements.txt b/scripts/xblock/requirements.txt
index 78cbc8441e239497085ab173b320d84de00d2579..a983f56144d502fa21fe9b12003209887c6b5cbc 100644
--- a/scripts/xblock/requirements.txt
+++ b/scripts/xblock/requirements.txt
@@ -1 +1,11 @@
-requests==2.10.0
+#
+# This file is autogenerated by pip-compile
+# To update, run:
+#
+#    make upgrade
+#
+certifi==2019.3.9         # via requests
+chardet==3.0.4            # via requests
+idna==2.8                 # via requests
+requests==2.22.0
+urllib3==1.25.3           # via requests