exasol · ArBridgeman · May 27, 2026 · May 27, 2026 · May 27, 2026 · May 27, 2026
diff --git a/.github/actions/security-issues/action.yml b/.github/actions/security-issues/action.yml
@@ -39,7 +39,7 @@ runs:
     - name: Install Python Toolbox / Security tool
       shell: bash
       run: |
-        pip install exasol-toolbox==8.1.0
+        pip install exasol-toolbox==8.1.1
 
     - name: Create Security Issue Report
       shell: bash

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
diff --git a/.github/workflows/check-release-tag.yml b/.github/workflows/check-release-tag.yml
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
diff --git a/.github/workflows/dependency-update.yml b/.github/workflows/dependency-update.yml
diff --git a/.github/workflows/fast-tests.yml b/.github/workflows/fast-tests.yml
diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml
diff --git a/.github/workflows/matrix-all.yml b/.github/workflows/matrix-all.yml
diff --git a/.github/workflows/matrix-exasol.yml b/.github/workflows/matrix-exasol.yml
diff --git a/.github/workflows/matrix-python.yml b/.github/workflows/matrix-python.yml
diff --git a/.github/workflows/merge-gate.yml b/.github/workflows/merge-gate.yml
diff --git a/.github/workflows/periodic-validation.yml b/.github/workflows/periodic-validation.yml
diff --git a/.github/workflows/pr-merge.yml b/.github/workflows/pr-merge.yml
diff --git a/.github/workflows/report.yml b/.github/workflows/report.yml
diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
diff --git a/doc/changes/changes_8.1.1.md b/doc/changes/changes_8.1.1.md
@@ -0,0 +1,10 @@
+# 8.1.1 - 2026-05-27
+
+## Summary
+
+This patch release resolves a bug found in `dependency-update.yml`. This was introduced
+in 8.1.0.
+
+## Bugfix
+
+* #850: Fixed jq and piping in `dependency-update.yml`
diff --git a/exasol/toolbox/templates/github/workflows/dependency-update.yml b/exasol/toolbox/templates/github/workflows/dependency-update.yml
@@ -42,7 +42,12 @@ jobs:
         run: |
           set -o pipefail
           poetry self add poetry-plugin-export
-          poetry run -- nox -s dependency:audit 2>&1 | tee vulnerabilities.json
+          # Pipeline purpose:
+          # - `2>&1`: merge stdout and stderr into one stream.
+          # - `tee /dev/stderr`: mirror the combined output back to stderr so it stays visible in the logs.
+          # - `sed -n '/^\[/,$p'`: keep only the JSON payload and write it to vulnerabilities.json.
+          # With `set -o pipefail`, any failure in the pipeline still fails this step and turns the workflow red.
+          poetry run -- nox -s dependency:audit 2>&1 | tee /dev/stderr | sed -n '/^\[/,$p' > vulnerabilities.json
           LENGTH=$(jq 'length' vulnerabilities.json)
           echo "count=$LENGTH" >> "$GITHUB_OUTPUT"
 

diff --git a/project-template/cookiecutter.json b/project-template/cookiecutter.json
@@ -9,7 +9,7 @@
   "author_email": "opensource@exasol.com",
   "project_short_tag": "",
   "python_version_min": "3.10",
-  "exasol_toolbox_version_range": ">=8.1.0,<9",
+  "exasol_toolbox_version_range": ">=8.1.1,<9",
   "license_year": "{% now 'utc', '%Y' %}",
   "__repo_name_slug": "{{cookiecutter.package_name}}",
   "__package_name_slug": "{{cookiecutter.package_name}}",

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "exasol-toolbox"
-version = "8.1.0"
+version = "8.1.1"
 description = "Your one-stop solution for managing all standard tasks and core workflows of your Python project."
 authors = [
     { name = "Nicola Coretti", email = "nicola.coretti@exasol.com" },