From 923151c41ea4b95b76ae579958cd58ac730414a2 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 27 May 2026 13:25:42 +0200 Subject: [PATCH 1/4] Fix jq and piping issue in dependency-update.yml --- .github/workflows/build-and-publish.yml | 2 +- .github/workflows/cd.yml | 2 +- .github/workflows/check-release-tag.yml | 2 +- .github/workflows/checks.yml | 2 +- .github/workflows/ci.yml | 2 +- .github/workflows/dependency-update.yml | 4 ++-- .github/workflows/fast-tests.yml | 2 +- .github/workflows/gh-pages.yml | 2 +- .github/workflows/matrix-all.yml | 2 +- .github/workflows/matrix-exasol.yml | 2 +- .github/workflows/matrix-python.yml | 2 +- .github/workflows/merge-gate.yml | 2 +- .github/workflows/periodic-validation.yml | 2 +- .github/workflows/pr-merge.yml | 2 +- .github/workflows/report.yml | 2 +- doc/changes/unreleased.md | 5 +++++ .../toolbox/templates/github/workflows/dependency-update.yml | 2 +- 17 files changed, 22 insertions(+), 17 deletions(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 341dc7d576..f60b739d9a 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Build & Publish on: diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index d171b63f21..72a414a4f5 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: CD on: diff --git a/.github/workflows/check-release-tag.yml b/.github/workflows/check-release-tag.yml index 2f3fa647f3..78e4161e84 100644 --- a/.github/workflows/check-release-tag.yml +++ b/.github/workflows/check-release-tag.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Check Release Tag on: diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index d9815f1838..3ce5eddb52 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Checks on: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6635826dbe..a9541cdaf5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: CI on: diff --git a/.github/workflows/dependency-update.yml b/.github/workflows/dependency-update.yml index 40cf00442f..5a5143b555 100644 --- a/.github/workflows/dependency-update.yml +++ b/.github/workflows/dependency-update.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Dependency Update on: @@ -43,7 +43,7 @@ jobs: run: | set -o pipefail poetry self add poetry-plugin-export - poetry run -- nox -s dependency:audit 2>&1 | tee vulnerabilities.json + poetry run -- nox -s dependency:audit 2>&1 | tee /dev/stderr | sed -n '/^\[/,$p' > vulnerabilities.json LENGTH=$(jq 'length' vulnerabilities.json) echo "count=$LENGTH" >> "$GITHUB_OUTPUT" diff --git a/.github/workflows/fast-tests.yml b/.github/workflows/fast-tests.yml index b144773ce7..24f775b297 100644 --- a/.github/workflows/fast-tests.yml +++ b/.github/workflows/fast-tests.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Fast-Tests on: diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 93f50c5f0e..c8ab778940 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Publish Documentation on: diff --git a/.github/workflows/matrix-all.yml b/.github/workflows/matrix-all.yml index dd0b8cc1a0..dfd410fb69 100644 --- a/.github/workflows/matrix-all.yml +++ b/.github/workflows/matrix-all.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Build Matrix (All Versions) on: diff --git a/.github/workflows/matrix-exasol.yml b/.github/workflows/matrix-exasol.yml index f2a63e30f4..c57464a79f 100644 --- a/.github/workflows/matrix-exasol.yml +++ b/.github/workflows/matrix-exasol.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Build Matrix (Exasol) on: diff --git a/.github/workflows/matrix-python.yml b/.github/workflows/matrix-python.yml index c56f26c0f6..c991d5a683 100644 --- a/.github/workflows/matrix-python.yml +++ b/.github/workflows/matrix-python.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Build Matrix (Python) on: diff --git a/.github/workflows/merge-gate.yml b/.github/workflows/merge-gate.yml index 060e25d7e7..7b53ab8b26 100644 --- a/.github/workflows/merge-gate.yml +++ b/.github/workflows/merge-gate.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Merge-Gate on: diff --git a/.github/workflows/periodic-validation.yml b/.github/workflows/periodic-validation.yml index 384d552ad1..dc1276af8d 100644 --- a/.github/workflows/periodic-validation.yml +++ b/.github/workflows/periodic-validation.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Periodic-Validation on: diff --git a/.github/workflows/pr-merge.yml b/.github/workflows/pr-merge.yml index c422a65ca6..8dd06a5848 100644 --- a/.github/workflows/pr-merge.yml +++ b/.github/workflows/pr-merge.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: PR-Merge on: diff --git a/.github/workflows/report.yml b/.github/workflows/report.yml index 42cd7bf327..7ff2917b31 100644 --- a/.github/workflows/report.yml +++ b/.github/workflows/report.yml @@ -1,5 +1,5 @@ # Generated and maintained by the exasol-toolbox. -# Last generated with exasol-toolbox version 8.0.0. +# Last generated with exasol-toolbox version 8.1.0. name: Status Report on: diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index fb4737052b..c4de9b236e 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -1,3 +1,8 @@ # Unreleased ## Summary + + +## Bugfix + +* #850: Fixed jq and piping in `dependency-update.yml` diff --git a/exasol/toolbox/templates/github/workflows/dependency-update.yml b/exasol/toolbox/templates/github/workflows/dependency-update.yml index 3800e15321..859ab7015e 100644 --- a/exasol/toolbox/templates/github/workflows/dependency-update.yml +++ b/exasol/toolbox/templates/github/workflows/dependency-update.yml @@ -42,7 +42,7 @@ jobs: run: | set -o pipefail poetry self add poetry-plugin-export - poetry run -- nox -s dependency:audit 2>&1 | tee vulnerabilities.json + poetry run -- nox -s dependency:audit 2>&1 | tee /dev/stderr | sed -n '/^\[/,$p' > vulnerabilities.json LENGTH=$(jq 'length' vulnerabilities.json) echo "count=$LENGTH" >> "$GITHUB_OUTPUT" From 72a119e0c07223c816c070b07bb708bf185eb2f2 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 27 May 2026 13:26:38 +0200 Subject: [PATCH 2/4] Prepare release 8.1.1 --- .github/actions/security-issues/action.yml | 2 +- doc/changes/changelog.md | 2 ++ doc/changes/changes_8.1.1.md | 10 ++++++++++ doc/changes/unreleased.md | 5 ----- project-template/cookiecutter.json | 2 +- pyproject.toml | 2 +- 6 files changed, 15 insertions(+), 8 deletions(-) create mode 100644 doc/changes/changes_8.1.1.md diff --git a/.github/actions/security-issues/action.yml b/.github/actions/security-issues/action.yml index fe899dddd8..64e67b4709 100644 --- a/.github/actions/security-issues/action.yml +++ b/.github/actions/security-issues/action.yml @@ -39,7 +39,7 @@ runs: - name: Install Python Toolbox / Security tool shell: bash run: | - pip install exasol-toolbox==8.1.0 + pip install exasol-toolbox==8.1.1 - name: Create Security Issue Report shell: bash diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index 4771ac7bb7..304fbaef5e 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,6 +1,7 @@ # Changelog * [unreleased](unreleased.md) +* [8.1.1](changes_8.1.1.md) * [8.1.0](changes_8.1.0.md) * [8.0.0](changes_8.0.0.md) * [7.0.0](changes_7.0.0.md) @@ -66,6 +67,7 @@ hidden: --- unreleased +changes_8.1.1 changes_8.1.0 changes_8.0.0 changes_7.0.0 diff --git a/doc/changes/changes_8.1.1.md b/doc/changes/changes_8.1.1.md new file mode 100644 index 0000000000..44deddd098 --- /dev/null +++ b/doc/changes/changes_8.1.1.md @@ -0,0 +1,10 @@ +# 8.1.1 - 2026-05-27 + +## Summary + +This patch release resolves a bug found in `dependency-update.yml`. This was introduced +in 8.0.0. + +## Bugfix + +* #850: Fixed jq and piping in `dependency-update.yml` diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index c4de9b236e..fb4737052b 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -1,8 +1,3 @@ # Unreleased ## Summary - - -## Bugfix - -* #850: Fixed jq and piping in `dependency-update.yml` diff --git a/project-template/cookiecutter.json b/project-template/cookiecutter.json index 37a1cc6f7e..b20bf5969c 100644 --- a/project-template/cookiecutter.json +++ b/project-template/cookiecutter.json @@ -9,7 +9,7 @@ "author_email": "opensource@exasol.com", "project_short_tag": "", "python_version_min": "3.10", - "exasol_toolbox_version_range": ">=8.1.0,<9", + "exasol_toolbox_version_range": ">=8.1.1,<9", "license_year": "{% now 'utc', '%Y' %}", "__repo_name_slug": "{{cookiecutter.package_name}}", "__package_name_slug": "{{cookiecutter.package_name}}", diff --git a/pyproject.toml b/pyproject.toml index a90f1a9319..c824c1faff 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "exasol-toolbox" -version = "8.1.0" +version = "8.1.1" description = "Your one-stop solution for managing all standard tasks and core workflows of your Python project." authors = [ { name = "Nicola Coretti", email = "nicola.coretti@exasol.com" }, From dcdb21c5b8c30178b3cf8dd304be0cfd7c15abf5 Mon Sep 17 00:00:00 2001 From: Ariel Schulz <43442541+ArBridgeman@users.noreply.github.com> Date: Wed, 27 May 2026 13:36:14 +0200 Subject: [PATCH 3/4] Fix version reference --- doc/changes/changes_8.1.1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/changes/changes_8.1.1.md b/doc/changes/changes_8.1.1.md index 44deddd098..8f978f8b5b 100644 --- a/doc/changes/changes_8.1.1.md +++ b/doc/changes/changes_8.1.1.md @@ -3,7 +3,7 @@ ## Summary This patch release resolves a bug found in `dependency-update.yml`. This was introduced -in 8.0.0. +in 8.1.0. ## Bugfix From 3e3fd530b1c75441b3e73f752b220e57d4abead7 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 27 May 2026 14:48:55 +0200 Subject: [PATCH 4/4] Add comment as to desire for it to work --- .github/workflows/dependency-update.yml | 5 +++++ .../toolbox/templates/github/workflows/dependency-update.yml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/.github/workflows/dependency-update.yml b/.github/workflows/dependency-update.yml index 5a5143b555..e36ce8b609 100644 --- a/.github/workflows/dependency-update.yml +++ b/.github/workflows/dependency-update.yml @@ -43,6 +43,11 @@ jobs: run: | set -o pipefail poetry self add poetry-plugin-export + # Pipeline purpose: + # - `2>&1`: merge stdout and stderr into one stream. + # - `tee /dev/stderr`: mirror the combined output back to stderr so it stays visible in the logs. + # - `sed -n '/^\[/,$p'`: keep only the JSON payload and write it to vulnerabilities.json. + # With `set -o pipefail`, any failure in the pipeline still fails this step and turns the workflow red. poetry run -- nox -s dependency:audit 2>&1 | tee /dev/stderr | sed -n '/^\[/,$p' > vulnerabilities.json LENGTH=$(jq 'length' vulnerabilities.json) echo "count=$LENGTH" >> "$GITHUB_OUTPUT" diff --git a/exasol/toolbox/templates/github/workflows/dependency-update.yml b/exasol/toolbox/templates/github/workflows/dependency-update.yml index 859ab7015e..fc35e61ead 100644 --- a/exasol/toolbox/templates/github/workflows/dependency-update.yml +++ b/exasol/toolbox/templates/github/workflows/dependency-update.yml @@ -42,6 +42,11 @@ jobs: run: | set -o pipefail poetry self add poetry-plugin-export + # Pipeline purpose: + # - `2>&1`: merge stdout and stderr into one stream. + # - `tee /dev/stderr`: mirror the combined output back to stderr so it stays visible in the logs. + # - `sed -n '/^\[/,$p'`: keep only the JSON payload and write it to vulnerabilities.json. + # With `set -o pipefail`, any failure in the pipeline still fails this step and turns the workflow red. poetry run -- nox -s dependency:audit 2>&1 | tee /dev/stderr | sed -n '/^\[/,$p' > vulnerabilities.json LENGTH=$(jq 'length' vulnerabilities.json) echo "count=$LENGTH" >> "$GITHUB_OUTPUT"