From 24593022b6aa21a4e554dea2e4ec281afed3dd08 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 13 May 2026 13:40:52 +0200 Subject: [PATCH 1/2] Prepare release 8.0.0 --- .github/actions/security-issues/action.yml | 2 +- doc/changes/changelog.md | 2 + doc/changes/changes_8.0.0.md | 64 +++++++++++++++++++ doc/changes/unreleased.md | 36 ----------- .../github/workflows/build-and-publish.yml | 2 +- .../github/workflows/check-release-tag.yml | 2 +- .../templates/github/workflows/checks.yml | 14 ++-- .../github/workflows/dependency-update.yml | 2 +- .../templates/github/workflows/fast-tests.yml | 2 +- .../templates/github/workflows/gh-pages.yml | 2 +- .../templates/github/workflows/matrix-all.yml | 2 +- .../github/workflows/matrix-exasol.yml | 2 +- .../github/workflows/matrix-python.yml | 2 +- .../templates/github/workflows/report.yml | 2 +- .../github/workflows/slow-checks.yml | 2 +- project-template/cookiecutter.json | 2 +- pyproject.toml | 2 +- 17 files changed, 86 insertions(+), 56 deletions(-) create mode 100644 doc/changes/changes_8.0.0.md diff --git a/.github/actions/security-issues/action.yml b/.github/actions/security-issues/action.yml index aa565632d6..dbff320638 100644 --- a/.github/actions/security-issues/action.yml +++ b/.github/actions/security-issues/action.yml @@ -39,7 +39,7 @@ runs: - name: Install Python Toolbox / Security tool shell: bash run: | - pip install exasol-toolbox==7.0.0 + pip install exasol-toolbox==8.0.0 - name: Create Security Issue Report shell: bash diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index be5a0b7165..b03ab9e07c 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,6 +1,7 @@ # Changelog * [unreleased](unreleased.md) +* [8.0.0](changes_8.0.0.md) * [7.0.0](changes_7.0.0.md) * [6.4.0](changes_6.4.0.md) * [6.3.0](changes_6.3.0.md) @@ -64,6 +65,7 @@ hidden: --- unreleased +changes_8.0.0 changes_7.0.0 changes_6.4.0 changes_6.3.0 diff --git a/doc/changes/changes_8.0.0.md b/doc/changes/changes_8.0.0.md new file mode 100644 index 0000000000..52f6b835be --- /dev/null +++ b/doc/changes/changes_8.0.0.md @@ -0,0 +1,64 @@ +# 8.0.0 - 2026-05-13 + +## Summary + +In this major release, several modifications were made to the PTB's workflow templates: + +* For automatically resolving vulnerabilities, the `dependency-update.yml` workflow was +added. For more details, see the [Dependency Update](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#dependency-update) section. +* The periodic run which was previously executed in the `ci.yml` has been moved to its +own `periodic-validation.yml` and will run weekly. This also has been modified to +run the `slow-checks.yml` so that more complete linting and coverage information is +sent to Sonar. +* With the addition of `periodic-validation.yml`, the `pr-merge.yml` was reduced so that +it only executes `gh-pages.yml`. +* The unit tests job has been moved from `checks.yml` to its own `fast-tests.yml` file. +* Workflow extensions were added to `fast-tests` and `merge-gate`. This allows users to +add custom `fast-tests-extension.yml` and `merge-gate-extension.yml` files. For more +details, check out the [Workflow Extensions](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#workflow-extensions) section. +* `slow-checks.yml` is only maintained by the project (not the PTB). See the [Not Maintained by the PTB](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#not-maintained-by-the-ptb) section. + +## Features + +* #829: Extended removing a job from a workflow to also remove it from the `needs` of another job +* #825: Created two workflows by splitting up previous ones: + * Moved the periodic jobs in `ci.yml` to its own `periodic-validation.yml` + * Moved the unit tests job in `checks.yml` to its own `fast-tests.yml` +* #730: Added workflow extensions to `fast-tests` and `merge-gate` +* #756: Added `dependency-update.yml` to automate resolving vulnerabilities with a generated pull request +* #792: Improved `dependency-update.yml` documentation +* #831: Switched `slow-checks.yml` to be provided by the project and not maintained by the PTB and improved output of pydantic validation of `.workflow-patcher.yml` + +## Bugfix + +* #563: Fixed merge-gate to prevent auto-merges from happening when integration tests failed + +## Security Issues + +This release fixes vulnerabilities by updating dependencies: + +| Dependency | Vulnerability | Affected | Fixed in | +|------------|---------------|----------|----------| +| urllib3 | CVE-2026-44431 | 2.6.3 | 2.7.0 | +| urllib3 | CVE-2026-44432 | 2.6.3 | 2.7.0 | + +* #836: Relocked `poetry.lock` + +## Dependency Updates + +### `main` + +* Updated dependency `coverage:7.13.4` to `7.14.0` +* Updated dependency `importlib-resources:6.5.2` to `7.1.0` +* Updated dependency `mypy:1.19.1` to `2.1.0` +* Updated dependency `nox:2026.2.9` to `2026.4.10` +* Updated dependency `pip-licenses:5.5.1` to `5.5.5` +* Updated dependency `pre-commit:4.5.1` to `4.6.0` +* Updated dependency `pydantic:2.12.5` to `2.13.4` +* Updated dependency `pysonar:1.0.2.1722` to `1.5.0.4793` +* Updated dependency `sphinxcontrib-mermaid:2.0.1` to `2.0.2` +* Updated dependency `typer:0.24.1` to `0.25.1` + +### `dev` + +* Updated dependency `types-pyyaml:6.0.12.20250915` to `6.0.12.20260510` diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index 5e5bc6c12c..fb4737052b 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -1,39 +1,3 @@ # Unreleased ## Summary - -In this major release, several modifications were made to the PTB's workflow templates: - -* For automatically resolving vulnerabilities, the `dependency-update.yml` workflow was -added. For more details, see the [Dependency Update](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#dependency-update) section. -* The periodic run which was previously executed in the `ci.yml` has been moved to its -own `periodic-validation.yml` and will run weekly. This also has been modified to -run the `slow-checks.yml` so that more complete linting and coverage information is -sent to Sonar. -* With the addition of `periodic-validation.yml`, the `pr-merge.yml` was reduced so that -it only executes `gh-pages.yml`. -* The unit tests job has been moved from `checks.yml` to its own `fast-tests.yml` file. -* Workflow extensions were added to `fast-tests` and `merge-gate`. This allows users to -add custom `fast-tests-extension.yml` and `merge-gate-extension.yml` files. For more -details, check out the [Workflow Extensions](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#workflow-extensions) section. -* `slow-checks.yml` is only maintained by the project (not the PTB). See the [Not Maintained by the PTB](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#not-maintained-by-the-ptb) section. - -## Features - - -* #829: Extended removing a job from a workflow to also remove it from the `needs` of another job -* #825: Created two workflows by splitting up previous ones: - * Moved the periodic jobs in `ci.yml` to its own `periodic-validation.yml` - * Moved the unit tests job in `checks.yml` to its own `fast-tests.yml` -* #730: Added workflow extensions to `fast-tests` and `merge-gate` -* #756: Added `dependency-update.yml` to automate resolving vulnerabilities with a generated pull request -* #792: Improved `dependency-update.yml` documentation -* #831: Switched `slow-checks.yml` to be provided by the project and not maintained by the PTB and improved output of pydantic validation of `.workflow-patcher.yml` - -## Bugfix - -* #563: Fixed merge-gate to prevent auto-merges from happening when integration tests failed - -## Security Issues - -* #836: Relocked `poetry.lock` diff --git a/exasol/toolbox/templates/github/workflows/build-and-publish.yml b/exasol/toolbox/templates/github/workflows/build-and-publish.yml index 83877e39d8..fe4b5ec73b 100644 --- a/exasol/toolbox/templates/github/workflows/build-and-publish.yml +++ b/exasol/toolbox/templates/github/workflows/build-and-publish.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/check-release-tag.yml b/exasol/toolbox/templates/github/workflows/check-release-tag.yml index f9fb6f697a..7e1598f5ab 100644 --- a/exasol/toolbox/templates/github/workflows/check-release-tag.yml +++ b/exasol/toolbox/templates/github/workflows/check-release-tag.yml @@ -17,7 +17,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/checks.yml b/exasol/toolbox/templates/github/workflows/checks.yml index 6bcb8e1bad..35a3ef777b 100644 --- a/exasol/toolbox/templates/github/workflows/checks.yml +++ b/exasol/toolbox/templates/github/workflows/checks.yml @@ -16,7 +16,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" @@ -42,7 +42,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" @@ -67,7 +67,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: ${{ matrix.python-versions }} poetry-version: "(( dependency_manager_version ))" @@ -103,7 +103,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: ${{ matrix.python-versions }} poetry-version: "(( dependency_manager_version ))" @@ -129,7 +129,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: ${{ matrix.python-versions }} poetry-version: "(( dependency_manager_version ))" @@ -159,7 +159,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" @@ -181,7 +181,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/dependency-update.yml b/exasol/toolbox/templates/github/workflows/dependency-update.yml index 2466b64b38..069038a3a6 100644 --- a/exasol/toolbox/templates/github/workflows/dependency-update.yml +++ b/exasol/toolbox/templates/github/workflows/dependency-update.yml @@ -31,7 +31,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/fast-tests.yml b/exasol/toolbox/templates/github/workflows/fast-tests.yml index 9d444371e6..5d5696166a 100644 --- a/exasol/toolbox/templates/github/workflows/fast-tests.yml +++ b/exasol/toolbox/templates/github/workflows/fast-tests.yml @@ -21,7 +21,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: ${{ matrix.python-versions }} poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/gh-pages.yml b/exasol/toolbox/templates/github/workflows/gh-pages.yml index 4341e2316a..4fc438c356 100644 --- a/exasol/toolbox/templates/github/workflows/gh-pages.yml +++ b/exasol/toolbox/templates/github/workflows/gh-pages.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/matrix-all.yml b/exasol/toolbox/templates/github/workflows/matrix-all.yml index d78b3e6bb6..000358a06e 100644 --- a/exasol/toolbox/templates/github/workflows/matrix-all.yml +++ b/exasol/toolbox/templates/github/workflows/matrix-all.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/matrix-exasol.yml b/exasol/toolbox/templates/github/workflows/matrix-exasol.yml index f630009067..e13b7347fa 100644 --- a/exasol/toolbox/templates/github/workflows/matrix-exasol.yml +++ b/exasol/toolbox/templates/github/workflows/matrix-exasol.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/matrix-python.yml b/exasol/toolbox/templates/github/workflows/matrix-python.yml index 7d091a0788..5524a02270 100644 --- a/exasol/toolbox/templates/github/workflows/matrix-python.yml +++ b/exasol/toolbox/templates/github/workflows/matrix-python.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/report.yml b/exasol/toolbox/templates/github/workflows/report.yml index 54114c0f0a..2ad381fbe7 100644 --- a/exasol/toolbox/templates/github/workflows/report.yml +++ b/exasol/toolbox/templates/github/workflows/report.yml @@ -20,7 +20,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: "(( minimum_python_version ))" poetry-version: "(( dependency_manager_version ))" diff --git a/exasol/toolbox/templates/github/workflows/slow-checks.yml b/exasol/toolbox/templates/github/workflows/slow-checks.yml index 69d48cb2ab..b961e19ae0 100644 --- a/exasol/toolbox/templates/github/workflows/slow-checks.yml +++ b/exasol/toolbox/templates/github/workflows/slow-checks.yml @@ -31,7 +31,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v7 + uses: exasol/python-toolbox/.github/actions/python-environment@v8 with: python-version: ${{ matrix.python-version }} poetry-version: "(( dependency_manager_version ))" diff --git a/project-template/cookiecutter.json b/project-template/cookiecutter.json index 2c2914f56a..cc8fbcfac2 100644 --- a/project-template/cookiecutter.json +++ b/project-template/cookiecutter.json @@ -9,7 +9,7 @@ "author_email": "opensource@exasol.com", "project_short_tag": "", "python_version_min": "3.10", - "exasol_toolbox_version_range": ">=7.0.0,<8", + "exasol_toolbox_version_range": ">=8.0.0,<9", "license_year": "{% now 'utc', '%Y' %}", "__repo_name_slug": "{{cookiecutter.package_name}}", "__package_name_slug": "{{cookiecutter.package_name}}", diff --git a/pyproject.toml b/pyproject.toml index 516496220d..c4624a0241 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "exasol-toolbox" -version = "7.0.0" +version = "8.0.0" description = "Your one-stop solution for managing all standard tasks and core workflows of your Python project." authors = [ { name = "Nicola Coretti", email = "nicola.coretti@exasol.com" }, From e7a918a98f5cb7c0dbea18bccce3729d5af16759 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 13 May 2026 13:43:14 +0200 Subject: [PATCH 2/2] Update link as renamed --- doc/changes/changes_8.0.0.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/changes/changes_8.0.0.md b/doc/changes/changes_8.0.0.md index 52f6b835be..dfe5c38b21 100644 --- a/doc/changes/changes_8.0.0.md +++ b/doc/changes/changes_8.0.0.md @@ -5,7 +5,7 @@ In this major release, several modifications were made to the PTB's workflow templates: * For automatically resolving vulnerabilities, the `dependency-update.yml` workflow was -added. For more details, see the [Dependency Update](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#dependency-update) section. +added. For more details, see the [Update Dependencies](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#update-dependencies) section. * The periodic run which was previously executed in the `ci.yml` has been moved to its own `periodic-validation.yml` and will run weekly. This also has been modified to run the `slow-checks.yml` so that more complete linting and coverage information is