From 2105f584967b05240c3736c1c7c2ce82822e03d2 Mon Sep 17 00:00:00 2001 From: Ariel Schulz Date: Wed, 15 Apr 2026 08:48:10 +0200 Subject: [PATCH] Prepare release 6.3.0 --- .github/actions/security-issues/action.yml | 2 +- doc/changes/changelog.md | 2 + doc/changes/changes_6.3.0.md | 46 ++++++++++++++++++++++ doc/changes/unreleased.md | 37 ----------------- exasol/toolbox/version.py | 2 +- project-template/cookiecutter.json | 2 +- pyproject.toml | 2 +- 7 files changed, 52 insertions(+), 41 deletions(-) create mode 100644 doc/changes/changes_6.3.0.md diff --git a/.github/actions/security-issues/action.yml b/.github/actions/security-issues/action.yml index 7f7fe5f06..5e7cad9f6 100644 --- a/.github/actions/security-issues/action.yml +++ b/.github/actions/security-issues/action.yml @@ -39,7 +39,7 @@ runs: - name: Install Python Toolbox / Security tool shell: bash run: | - pip install exasol-toolbox==6.2.0 + pip install exasol-toolbox==6.3.0 - name: Create Security Issue Report shell: bash diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index cef209e78..34d1397ca 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,6 +1,7 @@ # Changelog * [unreleased](unreleased.md) +* [6.3.0](changes_6.3.0.md) * [6.2.0](changes_6.2.0.md) * [6.1.1](changes_6.1.1.md) * [6.1.0](changes_6.1.0.md) @@ -61,6 +62,7 @@ hidden: --- unreleased +changes_6.3.0 changes_6.2.0 changes_6.1.1 changes_6.1.0 diff --git a/doc/changes/changes_6.3.0.md b/doc/changes/changes_6.3.0.md new file mode 100644 index 000000000..fb23f05f3 --- /dev/null +++ b/doc/changes/changes_6.3.0.md @@ -0,0 +1,46 @@ +# 6.3.0 - 2026-04-15 + +## Summary + +This release includes an update of `action/upload-pages-artifact` from v4 to v5.0.0. With this +change, now all actions used in the PTB run with Node.js 24. This is important as support +for Node.js 20 reaches it end-of-life in April 2026 and support for it in GitHub will end in +September 2026; for more details, see GitHub's [deprecation notice](https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/). + +The `report.yml` is also called after the `checks.yml` completes. This allows users +to get linting, security, and unit test coverage before running the `slow-checks.yml`, +as described in the [Pull Request description](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#pull-request). + +This release also adds a `vulnerabilities:resolved` Nox session, which reports GitHub security issues resolved since the last release. + +This release fixes a vulnerability by updating the `poetry.lock` file. + +| Name | Version | ID | Fix Versions | Updated to | +|--------|---------|----------------|--------------|------------| +| pytest | 9.0.2 | CVE-2025-71176 | 9.0.3 | 9.0.3 | + +To ensure usage of secure packages, it is up to the user to similarly relock their dependencies. + +## Features + +* #402: Created nox session `vulnerabilities:resolved` to report resolved GitHub security issues +* #733: Adjusted structlog and log level for workflow generation + +## Refactoring + +* #764: Updated `action/upload-pages-artifact` from v4 to [v5](https://github.com/actions/upload-pages-artifact/releases/tag/v5.0.0) +* #768: Updated `merge-gate.yml` to execute the `report.yml` after the `checks.yml` completes + +## Bugfix + +* #766: Fixed `action/upload-pages-artifact` from v5 to v5.0.0 + +## Security + +* #774: Fixed vulnerability by re-locking `pytest` in the `poetry.lock` + +## Dependency Updates + +### `main` + +* Updated dependency `pytest:9.0.2` to `9.0.3` diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index 9c30b41a3..fb4737052 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -1,40 +1,3 @@ # Unreleased ## Summary - -This release includes an update of `action/upload-pages-artifact` from v4 to v5.0.0. With this -change, now all actions used in the PTB run with Node.js 24. This is important as support -for Node.js 20 reaches it end-of-life in April 2026 and support for it in GitHub will end in -September 2026; for more details, see GitHub's [deprecation notice](https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/). - -The `report.yml` is also called after the `checks.yml` completes. This allows users -to get linting, security, and unit test coverage before running the `slow-checks.yml`, -as described in the [Pull Request description](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#pull-request). - -This release also adds a `vulnerabilities:resolved` Nox session, which reports GitHub security issues resolved since the last release. - -This release fixes a vulnerability by updating the `poetry.lock` file. - -| Name | Version | ID | Fix Versions | Updated to | -|--------|---------|----------------|--------------|------------| -| pytest | 9.0.2 | CVE-2025-71176 | 9.0.3 | 9.0.3 | - -To ensure usage of secure packages, it is up to the user to similarly relock their dependencies. - -## Features - -* #402: Created nox session `vulnerabilities:resolved` to report resolved GitHub security issues -* #733: Adjusted structlog and log level for workflow generation - -## Refactoring - -* #764: Updated `action/upload-pages-artifact` from v4 to [v5](https://github.com/actions/upload-pages-artifact/releases/tag/v5.0.0) -* #768: Updated `merge-gate.yml` to execute the `report.yml` after the `checks.yml` completes - -## Bugfix - -* #766: Fixed `action/upload-pages-artifact` from v5 to v5.0.0 - -## Security - -* #774: Fixed vulnerability by re-locking `pytest` in the `poetry.lock` diff --git a/exasol/toolbox/version.py b/exasol/toolbox/version.py index dfa023387..78a301a6d 100644 --- a/exasol/toolbox/version.py +++ b/exasol/toolbox/version.py @@ -9,7 +9,7 @@ """ MAJOR = 6 -MINOR = 2 +MINOR = 3 PATCH = 0 VERSION = f"{MAJOR}.{MINOR}.{PATCH}" __version__ = VERSION diff --git a/project-template/cookiecutter.json b/project-template/cookiecutter.json index 5b3db10b6..40610cec5 100644 --- a/project-template/cookiecutter.json +++ b/project-template/cookiecutter.json @@ -9,7 +9,7 @@ "author_email": "opensource@exasol.com", "project_short_tag": "", "python_version_min": "3.10", - "exasol_toolbox_version_range": ">=6.2.0,<7", + "exasol_toolbox_version_range": ">=6.3.0,<7", "license_year": "{% now 'utc', '%Y' %}", "__repo_name_slug": "{{cookiecutter.package_name}}", "__package_name_slug": "{{cookiecutter.package_name}}", diff --git a/pyproject.toml b/pyproject.toml index 5424c1910..c858dd87b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "exasol-toolbox" -version = "6.2.0" +version = "6.3.0" description = "Your one-stop solution for managing all standard tasks and core workflows of your Python project." authors = [ { name = "Nicola Coretti", email = "nicola.coretti@exasol.com" },