From 01fcaf151dd3a52ffe1a08b45c1ef745285227f6 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 27 May 2026 12:23:35 +0200 Subject: [PATCH 1/4] Prepare release 8.1.0 --- .github/actions/security-issues/action.yml | 2 +- doc/changes/changelog.md | 2 ++ doc/changes/changes_8.1.0.md | 41 ++++++++++++++++++++++ doc/changes/unreleased.md | 19 ---------- project-template/cookiecutter.json | 2 +- pyproject.toml | 2 +- 6 files changed, 46 insertions(+), 22 deletions(-) create mode 100644 doc/changes/changes_8.1.0.md diff --git a/.github/actions/security-issues/action.yml b/.github/actions/security-issues/action.yml index dbff320638..fe899dddd8 100644 --- a/.github/actions/security-issues/action.yml +++ b/.github/actions/security-issues/action.yml @@ -39,7 +39,7 @@ runs: - name: Install Python Toolbox / Security tool shell: bash run: | - pip install exasol-toolbox==8.0.0 + pip install exasol-toolbox==8.1.0 - name: Create Security Issue Report shell: bash diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index b03ab9e07c..4771ac7bb7 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,6 +1,7 @@ # Changelog * [unreleased](unreleased.md) +* [8.1.0](changes_8.1.0.md) * [8.0.0](changes_8.0.0.md) * [7.0.0](changes_7.0.0.md) * [6.4.0](changes_6.4.0.md) @@ -65,6 +66,7 @@ hidden: --- unreleased +changes_8.1.0 changes_8.0.0 changes_7.0.0 changes_6.4.0 diff --git a/doc/changes/changes_8.1.0.md b/doc/changes/changes_8.1.0.md new file mode 100644 index 0000000000..d75d62425f --- /dev/null +++ b/doc/changes/changes_8.1.0.md @@ -0,0 +1,41 @@ +# 8.1.0 - 2026-05-27 + +## Summary + +In this minor release, the nox session `workflow:check` was added and is now used in the `checks.yml`. +If this job is active in your CI, please double-check if additional files should be added into your project's `.gitattributes`. + +## Security Issues + +This release fixes vulnerabilities by updating dependencies: + +| Dependency | Vulnerability | Affected | Fixed in | +|------------|----------------|----------|----------| +| idna | CVE-2026-45409 | 3.14 | 3.15 | + +## Bugfix + +* #840: Added `export` plugin installation within `dependency-update.yml` +* #847: Used hashed `poetry export` output with `pip-audit --disable-pip` to avoid the + copied-interpreter failure in Poetry-managed Python builds + +## Feature + +* #722: Added check in `workflow:generate` to compare the generated and existing content before writing out and nox session `workflow:check` +* #642: Added nox session `workflow:check` into the `checks.yml` +* #698: Added a comment in the top of all workflows maintained by the PTB + +## Refactoring + +* #722: Modified `workflow:generate` backend function to class `WorkflowOrchestrator` + +## Dependency Updates + +### `main` + +* Updated dependency `black:26.3.1` to `26.5.1` +* Updated dependency `shibuya:2026.1.9` to `2026.5.19` + +### `dev` + +* Updated dependency `types-pyyaml:6.0.12.20260510` to `6.0.12.20260518` diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index f6f3dc5f16..fb4737052b 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -1,22 +1,3 @@ # Unreleased ## Summary - -In this minor release, the nox session `workflow:check` was added and is now used in the `checks.yml`. -If this job is active in your CI, please double-check if additional files should be added into your project's `.gitattributes`. - -## Bugfix - -* #840: Added `export` plugin installation within `dependency-update.yml` -* #847: Used hashed `poetry export` output with `pip-audit --disable-pip` to avoid the - copied-interpreter failure in Poetry-managed Python builds - -## Feature - -* #722: Added check in `workflow:generate` to compare the generated and existing content before writing out and nox session `workflow:check` -* #642: Added nox session `workflow:check` into the `checks.yml` -* #698: Added a comment in the top of all workflows maintained by the PTB - -## Refactoring - -* #722: Modified `workflow:generate` backend function to class `WorkflowOrchestrator` diff --git a/project-template/cookiecutter.json b/project-template/cookiecutter.json index cc8fbcfac2..37a1cc6f7e 100644 --- a/project-template/cookiecutter.json +++ b/project-template/cookiecutter.json @@ -9,7 +9,7 @@ "author_email": "opensource@exasol.com", "project_short_tag": "", "python_version_min": "3.10", - "exasol_toolbox_version_range": ">=8.0.0,<9", + "exasol_toolbox_version_range": ">=8.1.0,<9", "license_year": "{% now 'utc', '%Y' %}", "__repo_name_slug": "{{cookiecutter.package_name}}", "__package_name_slug": "{{cookiecutter.package_name}}", diff --git a/pyproject.toml b/pyproject.toml index c4624a0241..a90f1a9319 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "exasol-toolbox" -version = "8.0.0" +version = "8.1.0" description = "Your one-stop solution for managing all standard tasks and core workflows of your Python project." authors = [ { name = "Nicola Coretti", email = "nicola.coretti@exasol.com" }, From e16a4caa73f9d8177ad0e7575f1b5442aa2c8942 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 27 May 2026 12:26:43 +0200 Subject: [PATCH 2/4] Remove as unneeded with latest sonar package --- test/integration/project-template/conftest.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/test/integration/project-template/conftest.py b/test/integration/project-template/conftest.py index 7b76292a3c..7739b71cb6 100644 --- a/test/integration/project-template/conftest.py +++ b/test/integration/project-template/conftest.py @@ -68,9 +68,6 @@ def poetry_install(run_command, poetry_path, ptb_wheel): # template before releasing the PTB. We install a built wheel from the checked-out # PTB instead of using an editable dependency so the fixture mirrors release-like # installation behavior. - # This is needed due to pysonar hard-pinning requests. Without this addition, - # the selected requests has an active vulnerability. - run_command([poetry_path, "add", "--group", "dev", "requests>=2.33.0"]) run_command([poetry_path, "install"]) run_command( [ From 624040d3a2d5cb0fc55a23ebd427f1f295da1600 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 27 May 2026 12:32:18 +0200 Subject: [PATCH 3/4] Fix tests failing due to new release --- test/integration/project-template/conftest.py | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/test/integration/project-template/conftest.py b/test/integration/project-template/conftest.py index 7739b71cb6..1830348d8f 100644 --- a/test/integration/project-template/conftest.py +++ b/test/integration/project-template/conftest.py @@ -68,19 +68,11 @@ def poetry_install(run_command, poetry_path, ptb_wheel): # template before releasing the PTB. We install a built wheel from the checked-out # PTB instead of using an editable dependency so the fixture mirrors release-like # installation behavior. + # Poetry must see the unreleased wheel before it resolves the template project's + # dependency on exasol-toolbox, otherwise it tries PyPI and fails when the version + # is not published yet. This happens on the preparation of a new release. + run_command([poetry_path, "add", "--group", "dev", str(ptb_wheel)]) run_command([poetry_path, "install"]) - run_command( - [ - poetry_path, - "run", - "--", - "pip", - "install", - "--no-deps", - "--force-reinstall", - str(ptb_wheel), - ] - ) @pytest.fixture(scope="session") From 45230a9e2dc8c7574ed944389513dfbb7d961da1 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 27 May 2026 12:32:26 +0200 Subject: [PATCH 4/4] Fix tests failing due to new release --- test/integration/project-template/conftest.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/test/integration/project-template/conftest.py b/test/integration/project-template/conftest.py index 1830348d8f..4e2eb12d60 100644 --- a/test/integration/project-template/conftest.py +++ b/test/integration/project-template/conftest.py @@ -73,6 +73,19 @@ def poetry_install(run_command, poetry_path, ptb_wheel): # is not published yet. This happens on the preparation of a new release. run_command([poetry_path, "add", "--group", "dev", str(ptb_wheel)]) run_command([poetry_path, "install"]) + # safety to ensure the prepared wheel is used + run_command( + [ + poetry_path, + "run", + "--", + "pip", + "install", + "--no-deps", + "--force-reinstall", + str(ptb_wheel), + ] + ) @pytest.fixture(scope="session")