Use specific versions of packages in tox.ini to ensure reproducible builds + set up automatic updates

[PawelLipski]

As for now, most deps in tox.ini are defined as:

deps =
  pytest
  pytest-mock
  pytest-xdist

This is convenient, but might lead to non-reproducible builds in the future (as just the latest version of each package is used).

Let's instead use specific version, as in

deps =
  sphinx==4.4.0
  sphinx-rtd-theme==0.5.2

Also, let's check if there's a tool (dependabot?) that is able to open dependency update PRs periodically. Probably it might require all dependencies to be defined in a *-requirements.txt file? TBD