Prepare release 8.1.0 (#849)

ArBridgeman · web-flow · commit 547916ad2a67 · 2026-05-27T13:09:07.000+02:00
* Prepare release 8.1.0
* Remove as unneeded with latest sonar package
* Fix tests failing due to new release
diff --git a/.github/actions/security-issues/action.yml b/.github/actions/security-issues/action.yml
@@ -39,7 +39,7 @@ runs:
     - name: Install Python Toolbox / Security tool
       shell: bash
       run: |
-        pip install exasol-toolbox==8.0.0
+        pip install exasol-toolbox==8.1.0
 
     - name: Create Security Issue Report
       shell: bash
diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
diff --git a/doc/changes/changes_8.1.0.md b/doc/changes/changes_8.1.0.md
@@ -0,0 +1,41 @@
+# 8.1.0 - 2026-05-27
+
+## Summary
+
+In this minor release, the nox session `workflow:check` was added and is now used in the `checks.yml`.
+If this job is active in your CI, please double-check if additional files should be added into your project's `.gitattributes`.
+
+## Security Issues
+
+This release fixes vulnerabilities by updating dependencies:
+
+| Dependency | Vulnerability  | Affected | Fixed in |
+|------------|----------------|----------|----------|
+| idna       | CVE-2026-45409 | 3.14     | 3.15     |
+
+## Bugfix
+
+* #840: Added `export` plugin installation within `dependency-update.yml`
+* #847: Used hashed `poetry export` output with `pip-audit --disable-pip` to avoid the
+  copied-interpreter failure in Poetry-managed Python builds
+
+## Feature
+
+* #722: Added check in `workflow:generate` to compare the generated and existing content before writing out and nox session `workflow:check`
+* #642: Added nox session `workflow:check` into the `checks.yml`
+* #698: Added a comment in the top of all workflows maintained by the PTB
+
+## Refactoring
+
+* #722: Modified `workflow:generate` backend function to class `WorkflowOrchestrator`
+
+## Dependency Updates
+
+### `main`
+
+* Updated dependency `black:26.3.1` to `26.5.1`
+* Updated dependency `shibuya:2026.1.9` to `2026.5.19`
+
+### `dev`
+
+* Updated dependency `types-pyyaml:6.0.12.20260510` to `6.0.12.20260518`
diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md
@@ -1,22 +1,3 @@
 # Unreleased
 
 ## Summary
-
-In this minor release, the nox session `workflow:check` was added and is now used in the `checks.yml`.
-If this job is active in your CI, please double-check if additional files should be added into your project's `.gitattributes`.
-
-## Bugfix
-
-* #840: Added `export` plugin installation within `dependency-update.yml`
-* #847: Used hashed `poetry export` output with `pip-audit --disable-pip` to avoid the
-  copied-interpreter failure in Poetry-managed Python builds
-
-## Feature
-
-* #722: Added check in `workflow:generate` to compare the generated and existing content before writing out and nox session `workflow:check`
-* #642: Added nox session `workflow:check` into the `checks.yml`
-* #698: Added a comment in the top of all workflows maintained by the PTB
-
-## Refactoring
-
-* #722: Modified `workflow:generate` backend function to class `WorkflowOrchestrator`
diff --git a/project-template/cookiecutter.json b/project-template/cookiecutter.json
@@ -9,7 +9,7 @@
   "author_email": "opensource@exasol.com",
   "project_short_tag": "",
   "python_version_min": "3.10",
-  "exasol_toolbox_version_range": ">=8.0.0,<9",
+  "exasol_toolbox_version_range": ">=8.1.0,<9",
   "license_year": "{% now 'utc', '%Y' %}",
   "__repo_name_slug": "{{cookiecutter.package_name}}",
   "__package_name_slug": "{{cookiecutter.package_name}}",
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "exasol-toolbox"
-version = "8.0.0"
+version = "8.1.0"
 description = "Your one-stop solution for managing all standard tasks and core workflows of your Python project."
 authors = [
     { name = "Nicola Coretti", email = "nicola.coretti@exasol.com" },
diff --git a/test/integration/project-template/conftest.py b/test/integration/project-template/conftest.py
@@ -68,10 +68,12 @@ def poetry_install(run_command, poetry_path, ptb_wheel):
     # template before releasing the PTB. We install a built wheel from the checked-out
     # PTB instead of using an editable dependency so the fixture mirrors release-like
     # installation behavior.
-    # This is needed due to pysonar hard-pinning requests. Without this addition,
-    # the selected requests has an active vulnerability.
-    run_command([poetry_path, "add", "--group", "dev", "requests>=2.33.0"])
+    # Poetry must see the unreleased wheel before it resolves the template project's
+    # dependency on exasol-toolbox, otherwise it tries PyPI and fails when the version
+    # is not published yet. This happens on the preparation of a new release.
+    run_command([poetry_path, "add", "--group", "dev", str(ptb_wheel)])
     run_command([poetry_path, "install"])
+    # safety to ensure the prepared wheel is used
     run_command(
         [
             poetry_path,
