diff --git a/.github/workflows/dependency-update.yml b/.github/workflows/dependency-update.yml index 9aa73b3ec..288025a17 100644 --- a/.github/workflows/dependency-update.yml +++ b/.github/workflows/dependency-update.yml @@ -24,15 +24,6 @@ jobs: persist-credentials: true fetch-depth: 0 - - name: Fail if not running on the default branch - id: check-branch - if: github.ref != format('refs/heads/{0}', github.event.repository.default_branch) - env: - CURRENT_BRANCH: ${{ github.ref }} - run: | - echo "Not running on the default branch. Current ref is: $CURRENT_BRANCH" - exit 1 - - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment uses: exasol/python-toolbox/.github/actions/python-environment@v9 @@ -112,6 +103,7 @@ jobs: PR_URL=$(gh pr create \ --base "$BASE_BRANCH" \ + --label "security" \ --title "Update dependencies to fix vulnerabilities ($(date '+%Y-%m-%d'))" \ --body "$PR_BODY") diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index 4fcaebf47..63b459a93 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -5,6 +5,10 @@ Updated the nox DB-version default to come from `BaseConfig` instead of the hardcoded `7.1.9`, so ITDE-related test flows use the configured Exasol baseline and unit-test help no longer advertises `--db-version`. +## Feature + +* #874: Added the `security` label to dependency update PR creation + ## Bug * #744: Updated nox DB-version handling to use `BaseConfig.minimum_exasol_version` instead hardcoded `7.1.9` diff --git a/exasol/toolbox/templates/github/workflows/dependency-update.yml b/exasol/toolbox/templates/github/workflows/dependency-update.yml index 2b19eba2c..9979a99e8 100644 --- a/exasol/toolbox/templates/github/workflows/dependency-update.yml +++ b/exasol/toolbox/templates/github/workflows/dependency-update.yml @@ -111,6 +111,7 @@ jobs: PR_URL=$(gh pr create \ --base "$BASE_BRANCH" \ + --label "security" \ --title "Update dependencies to fix vulnerabilities ($(date '+%Y-%m-%d'))" \ --body "$PR_BODY") diff --git a/poetry.lock b/poetry.lock index 7c8438b37..d6b402547 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.4.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand. [[package]] name = "accessible-pygments" @@ -2650,8 +2650,8 @@ astroid = ">=4.0.2,<=4.1.dev0" colorama = {version = ">=0.4.5", markers = "sys_platform == \"win32\""} dill = [ {version = ">=0.2", markers = "python_version < \"3.11\""}, - {version = ">=0.3.6", markers = "python_version == \"3.11\""}, {version = ">=0.3.7", markers = "python_version >= \"3.12\""}, + {version = ">=0.3.6", markers = "python_version == \"3.11\""}, ] isort = ">=5,<5.13 || >5.13,<9" mccabe = ">=0.6,<0.8" @@ -2712,21 +2712,21 @@ tomli = ">=2.0,<3" [[package]] name = "pytest" -version = "9.1.0" +version = "8.4.2" description = "pytest: simple powerful testing with Python" optional = false -python-versions = ">=3.10" +python-versions = ">=3.9" groups = ["main"] files = [ - {file = "pytest-9.1.0-py3-none-any.whl", hash = "sha256:8ebb0e7888bdf2bdfc602ec51f8f62d50200af37356c74e503c79a94f5c81f32"}, - {file = "pytest-9.1.0.tar.gz", hash = "sha256:41dd9148c08072446394cefd3d79701701335a9f4cae69ba92e39f6c7f5c061c"}, + {file = "pytest-8.4.2-py3-none-any.whl", hash = "sha256:872f880de3fc3a5bdc88a11b39c9710c3497a547cfa9320bc3c5e62fbf272e79"}, + {file = "pytest-8.4.2.tar.gz", hash = "sha256:86c0d0b93306b961d58d62a4db4879f27fe25513d4b969df351abdddb3c30e01"}, ] [package.dependencies] colorama = {version = ">=0.4", markers = "sys_platform == \"win32\""} exceptiongroup = {version = ">=1", markers = "python_version < \"3.11\""} -iniconfig = ">=1.0.1" -packaging = ">=22" +iniconfig = ">=1" +packaging = ">=20" pluggy = ">=1.5,<2" pygments = ">=2.7.2" tomli = {version = ">=1", markers = "python_version < \"3.11\""}