Prepare release 0.8.0 (#133)

.github/actions/security-issues/action.yml

@@ -39,7 +39,7 @@ runs:
     - name: Install Python Toolbox / Security tool
       shell: bash
       run: |
-        pip install exasol-toolbox==0.7.0
+        pip install exasol-toolbox==0.8.0
 
     - name: Create Security Issue Report
       shell: bash

doc/changelog.rst

@@ -6,6 +6,9 @@
 Unreleased
 ==========
 
+0.8.0 - 2024-02-07
+==================
+
 ✨ Added
 --------
 * Added output `created-issues` to `security-issues` action containing the found security issues including the created GitHub issues in JSONL format.

exasol/toolbox/templates/github/workflows/build-and-publish.yml

@@ -17,7 +17,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
 
       - name: Build Artifacts
         run: poetry build

exasol/toolbox/templates/github/workflows/check-release-tag.yml

@@ -14,7 +14,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
 
       - name: Check Tag Version
         # make sure the pushed/created tag matched the project version

exasol/toolbox/templates/github/workflows/checks.yml

@@ -15,7 +15,7 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
 
       - name: Check Version(s)
         run: poetry run version-check exasol/toolbox/version.py
@@ -30,7 +30,7 @@ jobs:
       uses: actions/checkout@v3
 
     - name: Setup Python & Poetry Environment
-      uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+      uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
 
     - name: Build Documentation
       run: |
@@ -50,7 +50,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
         with:
           python-version: ${{ matrix.python-version }}
 
@@ -71,7 +71,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
         with:
           python-version: ${{ matrix.python-version }}
 
@@ -93,7 +93,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
         with:
           python-version: ${{ matrix.python-version }}
 

exasol/toolbox/templates/github/workflows/gh-pages.yml

@@ -12,7 +12,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
 
       - name: Build Documentation
         run: |

exasol/toolbox/templates/github/workflows/report.yml

@@ -21,7 +21,7 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Python & Poetry Environment
-        uses: exasol/python-toolbox/.github/actions/python-environment@0.6.2
+        uses: exasol/python-toolbox/.github/actions/python-environment@0.8.0
 
       - name: Download Artifacts
         uses: actions/download-artifact@v3

exasol/toolbox/tools/security.py

@@ -255,10 +255,12 @@ def create(
         stderr(std_err)
         stdout(format_jsonl(issue_url, issue))
 
+
 def format_jsonl(issue_url: str, issue: Issue) -> str:
     issue_json = asdict(issue)
-    issue_json["url"] = issue_url.strip()
+    issue_json["issue_url"] = issue_url.strip()
     return json.dumps(issue_json)
 
+
 if __name__ == "__main__":
     CLI()

exasol/toolbox/version.py

@@ -5,6 +5,6 @@
 # Do not edit this file manually!
 # If you need to change the version, do so in the project.toml, e.g. by using `poetry version X.Y.Z`.
 MAJOR = 0
-MINOR = 7
+MINOR = 8
 PATCH = 0
 VERSION = f"{MAJOR}.{MINOR}.{PATCH}"

pyproject.toml

@@ -3,7 +3,7 @@ name = "exasol-toolbox"
 packages = [
     { include = "exasol" },
 ]
-version = "0.7.0"
+version = "0.8.0"
 description = ""
 authors = [
     "Nicola Coretti <[email protected]>"

test/integration/cli/security-cve-create.t

@@ -31,7 +31,7 @@ Run test case
           "https://issues.apache.org/jira/browse/AVRO-3819",
           "https://lists.apache.org/thread/q142wj99cwdd0jo5lvdoxzoymlqyjdds"
       ],
-      "url": "https://github.com/exasol/a-project/issues/123"
+      "issue_url": "https://github.com/exasol/a-project/issues/123"
   }
   {
       "cve": "CVE-2020-36641",
@@ -43,5 +43,5 @@ Run test case
           "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-36641",
           "https://www.tenable.com/cve/CVE-2020-36641"
       ],
-      "url": "https://github.com/exasol/a-project/issues/123"
+      "issue_url": "https://github.com/exasol/a-project/issues/123"
   }

test/unit/security_test.py

@@ -360,39 +360,46 @@ def test_convert_maven_input_no_vulnerable():  # pylint: disable=redefined-outer
     actual = set(security.from_maven("{}"))
     assert len(actual) == 0
 
+
 def test_format_jsonl():
     issue = security.Issue(
         coordinates="coordinates",
-        cve="cve", cwe="cwe",
-        description="description", 
-        references=()
+        cve="cve",
+        cwe="cwe",
+        description="description",
+        references=(),
+    )
+    expected = json.dumps(
+        {
+            "cve": "cve",
+            "cwe": "cwe",
+            "description": "description",
+            "coordinates": "coordinates",
+            "references": [],
+            "issue_url": "my_issue_url",
+        }
     )
-    expected = json.dumps({ 
-        "cve": "cve",
-        "cwe": "cwe",
-        "description": "description",
-        "coordinates": "coordinates",
-        "references": [],
-        "url": "issue_url"
-    })
-    actual = security.format_jsonl("issue_url", issue)
+    actual = security.format_jsonl("my_issue_url", issue)
     assert actual == expected
 
 
 def test_format_jsonl_removes_newline():
     issue = security.Issue(
         coordinates="coordinates",
-        cve="cve", cwe="cwe",
+        cve="cve",
+        cwe="cwe",
         description="description",
-        references=()
+        references=(),
+    )
+    expected = json.dumps(
+        {
+            "cve": "cve",
+            "cwe": "cwe",
+            "description": "description",
+            "coordinates": "coordinates",
+            "references": [],
+            "issue_url": "my_issue_url",
+        }
     )
-    expected = json.dumps({
-        "cve": "cve",
-        "cwe": "cwe",
-        "description": "description",
-        "coordinates": "coordinates",
-        "references": [],
-        "url": "issue_url"
-    })
-    actual = security.format_jsonl("issue_url\n", issue)
+    actual = security.format_jsonl("my_issue_url\n", issue)
     assert actual == expected