From b4b053cf4c5b404b88f267db91daa820ee3835d1 Mon Sep 17 00:00:00 2001 From: jana-selva Date: Tue, 23 Jun 2026 16:30:30 +0530 Subject: [PATCH 1/6] fix review comments --- doc/_includes/nox_sessions_catalog.rst | 121 ++++++++++++++++++++++ doc/changes/unreleased.md | 7 ++ doc/developer_guide/developer_guide.rst | 1 - doc/developer_guide/modules/modules.rst | 7 -- doc/developer_guide/modules/nox_tasks.rst | 14 --- doc/user_guide/features/index.rst | 6 ++ 6 files changed, 134 insertions(+), 22 deletions(-) create mode 100644 doc/_includes/nox_sessions_catalog.rst delete mode 100644 doc/developer_guide/modules/modules.rst delete mode 100644 doc/developer_guide/modules/nox_tasks.rst diff --git a/doc/_includes/nox_sessions_catalog.rst b/doc/_includes/nox_sessions_catalog.rst new file mode 100644 index 000000000..c6db24ac2 --- /dev/null +++ b/doc/_includes/nox_sessions_catalog.rst @@ -0,0 +1,121 @@ +Common PTB Nox Sessions +^^^^^^^^^^^^^^^^^^^^^^^ + +.. list-table:: + :widths: 24 48 28 + :header-rows: 1 + + * - Session + - Purpose + - More information + * - ``format:fix`` + - Apply automated formatting and cleanup fixes. + - :ref:`formatting_code` + * - ``format:check`` + - Verify formatting without changing files. + - :ref:`formatting_code` + * - ``project:check`` + - Run the main local quality gate across formatting, linting, typing, and coverage. + - :ref:`features` + * - ``lint:code`` + - Run ``pylint`` and write ``.lint.json``. + - :doc:`/user_guide/features/metrics/collecting_metrics` + * - ``lint:typing`` + - Run ``mypy`` over the project. + - :ref:`features` + * - ``lint:security`` + - Run ``bandit`` and write ``.security.json``. + - :doc:`/user_guide/features/metrics/collecting_metrics` + * - ``lint:dependencies`` + - Reject git, path, and URL-based Poetry dependencies. + - :ref:`managing_dependencies` + * - ``lint:import`` + - Run Import Linter against ``.import_linter_config``. + - `Import Linter docs `_ + * - ``test:unit`` + - Run unit tests. + - :ref:`features` + * - ``test:integration`` + - Run integration tests, including plugin hooks when configured. + - :ref:`plugins` + * - ``test:coverage`` + - Run unit and integration tests and print a combined coverage report. + - :doc:`/user_guide/features/metrics/collecting_metrics` + * - ``docs:build`` + - Build the documentation with Sphinx. + - :ref:`deploying_documentation` + * - ``docs:multiversion`` + - Build multiversion documentation output. + - :ref:`deploying_documentation` + * - ``docs:open`` + - Open the built documentation locally. + - :ref:`deploying_documentation` + * - ``docs:clean`` + - Remove built documentation output. + - :ref:`deploying_documentation` + * - ``links:list`` + - List documentation links discovered by Sphinx linkcheck. + - :ref:`deploying_documentation` + * - ``links:check`` + - Validate documentation links. + - :ref:`deploying_documentation` + * - ``changelog:updated`` + - Fail if ``doc/changes`` was not updated. + - :ref:`deploying_documentation` + * - ``workflow:generate`` + - Render PTB workflow templates into ``.github/workflows``. + - :ref:`GitHub Workflows` + * - ``workflow:check`` + - Compare checked-in workflows to generated PTB output. + - :ref:`GitHub Workflows` + * - ``workflow:audit`` + - Run ``zizmor`` against workflows and actions. + - :ref:`managing_dependencies` + * - ``matrix:generate`` + - Emit selected ``BaseConfig`` values as JSON for workflow matrices. + - :ref:`GitHub Workflows` + * - ``matrix:python`` + - Deprecated Python-only matrix output. + - :ref:`GitHub Workflows` + * - ``matrix:exasol`` + - Deprecated Exasol-only matrix output. + - :ref:`GitHub Workflows` + * - ``matrix:all`` + - Deprecated combined matrix output. + - :ref:`GitHub Workflows` + * - ``artifacts:copy`` + - Combine coverage artifacts and copy report inputs into the project root. + - :doc:`/user_guide/features/metrics/collecting_metrics` + * - ``artifacts:validate`` + - Validate ``.lint.json``, ``.security.json``, and ``.coverage`` before Sonar upload. + - :doc:`/user_guide/features/metrics/collecting_metrics` + * - ``sonar:check`` + - Generate ``ci-coverage.xml`` and upload code-quality data to Sonar. + - :doc:`/user_guide/features/metrics/collecting_metrics` + * - ``dependency:licenses`` + - Print dependency license information. + - :ref:`managing_dependencies` + * - ``dependency:audit`` + - Report known dependency vulnerabilities with ``pip-audit``. + - :ref:`managing_dependencies` + * - ``vulnerabilities:resolved`` + - Report vulnerabilities resolved since the last release. + - :ref:`managing_dependencies` + * - ``package:check`` + - Build the package and verify the long description with ``twine check``. + - :ref:`features` + * - ``release:prepare`` + - Bump the version, prepare changelog files, create a release branch, and optionally open a pull request. + - :doc:`/user_guide/features/creating_a_release` + * - ``release:update`` + - Refresh the prepared release changelog. + - :doc:`/user_guide/features/creating_a_release` + * - ``release:trigger`` + - Create and push the release tag. + - :doc:`/user_guide/features/creating_a_release` + +Notes ++++++ + +* The old task name ``test:typing`` is obsolete. The current session name is ``lint:typing``. +* The ``matrix:python``, ``matrix:exasol``, and ``matrix:all`` sessions are deprecated. Prefer ``matrix:generate``. diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index fb4737052..4c529d1c1 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -1,3 +1,10 @@ # Unreleased ## Summary + +Documented the common PTB Nox sessions in the user guide and removed the unused +developer-guide Modules section. + +## Documentation + +* #456: Cataloged common PTB nox sessions in the user guide and removed the unused developer-guide Modules section diff --git a/doc/developer_guide/developer_guide.rst b/doc/developer_guide/developer_guide.rst index cc9224315..03037fd33 100644 --- a/doc/developer_guide/developer_guide.rst +++ b/doc/developer_guide/developer_guide.rst @@ -9,4 +9,3 @@ ../design plugins - modules/modules diff --git a/doc/developer_guide/modules/modules.rst b/doc/developer_guide/modules/modules.rst deleted file mode 100644 index 21c47bf28..000000000 --- a/doc/developer_guide/modules/modules.rst +++ /dev/null @@ -1,7 +0,0 @@ -Modules -======= - -.. toctree:: - :maxdepth: 2 - - nox_tasks diff --git a/doc/developer_guide/modules/nox_tasks.rst b/doc/developer_guide/modules/nox_tasks.rst deleted file mode 100644 index b930c8d75..000000000 --- a/doc/developer_guide/modules/nox_tasks.rst +++ /dev/null @@ -1,14 +0,0 @@ -nox_tasks -========= - -lint:import (experimental) -__________________________ - -`Import Linter `_ -allows you to define and enforce rules for the imports within and between Python packages. - -.. important:: - - First configure the linter in file :code:`.import_linter_config`, see - `import-linter top-level-configuration `_ - and `import-linter contract types `_ diff --git a/doc/user_guide/features/index.rst b/doc/user_guide/features/index.rst index 373fb643b..e773ad305 100644 --- a/doc/user_guide/features/index.rst +++ b/doc/user_guide/features/index.rst @@ -37,3 +37,9 @@ Important Nox Commands * :code:`nox -l` shows a list of all available nox sessions * :code:`nox -s ` run the specified session(s) + +The most commonly used PTB sessions are cataloged below. The links in the +right-hand column point to the feature pages that explain the user-facing +workflow behind each session. + +.. include:: ../../_includes/nox_sessions_catalog.rst From b294fccff7e373d37dab66ddf053d52b690bd388 Mon Sep 17 00:00:00 2001 From: jana-selva Date: Tue, 23 Jun 2026 16:37:04 +0530 Subject: [PATCH 2/6] v9 to v10 --- .github/workflows/build-and-publish.yml | 2 +- .github/workflows/check-release-tag.yml | 2 +- .github/workflows/checks.yml | 18 +++++++++--------- .github/workflows/dependency-update.yml | 2 +- .github/workflows/fast-tests.yml | 2 +- .github/workflows/gh-pages.yml | 2 +- .github/workflows/matrix.yml | 2 +- .github/workflows/report.yml | 2 +- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 4813cc73b..f42d877ee 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -23,7 +23,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/check-release-tag.yml b/.github/workflows/check-release-tag.yml index 2191c3057..0e3971ab1 100644 --- a/.github/workflows/check-release-tag.yml +++ b/.github/workflows/check-release-tag.yml @@ -21,7 +21,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 2c0dc355e..d247a7e29 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -20,7 +20,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" @@ -48,7 +48,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" @@ -75,7 +75,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" @@ -113,7 +113,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" @@ -141,7 +141,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" @@ -173,7 +173,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" @@ -196,7 +196,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" @@ -219,7 +219,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" @@ -242,7 +242,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/dependency-update.yml b/.github/workflows/dependency-update.yml index 62cbc9c53..2945c41ee 100644 --- a/.github/workflows/dependency-update.yml +++ b/.github/workflows/dependency-update.yml @@ -35,7 +35,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/fast-tests.yml b/.github/workflows/fast-tests.yml index ac7faa679..3958495e7 100644 --- a/.github/workflows/fast-tests.yml +++ b/.github/workflows/fast-tests.yml @@ -25,7 +25,7 @@ jobs: fetch-depth: 0 - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 134be7f44..ff05877bf 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -22,7 +22,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml index c0476ae0c..de338684a 100644 --- a/.github/workflows/matrix.yml +++ b/.github/workflows/matrix.yml @@ -28,7 +28,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/report.yml b/.github/workflows/report.yml index 621a6447d..5df42e9e6 100644 --- a/.github/workflows/report.yml +++ b/.github/workflows/report.yml @@ -24,7 +24,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v9 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: "3.10" poetry-version: "2.3.0" From 8e169eb02e25f3431df174ad1e6f711974443e39 Mon Sep 17 00:00:00 2001 From: jana-selva Date: Wed, 24 Jun 2026 16:53:03 +0530 Subject: [PATCH 3/6] fixed review comments --- .github/workflows/slow-checks.yml | 4 +- doc/_includes/nox_sessions_catalog.rst | 121 ------------------------- doc/changes/unreleased.md | 6 +- doc/user_guide/features/index.rst | 16 +++- 4 files changed, 16 insertions(+), 131 deletions(-) delete mode 100644 doc/_includes/nox_sessions_catalog.rst diff --git a/.github/workflows/slow-checks.yml b/.github/workflows/slow-checks.yml index 9b040ed10..d5a94b49d 100644 --- a/.github/workflows/slow-checks.yml +++ b/.github/workflows/slow-checks.yml @@ -19,8 +19,6 @@ jobs: runs-on: "ubuntu-24.04" permissions: contents: read - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} strategy: fail-fast: false matrix: ${{ fromJson(needs.build-matrix.outputs.matrix) }} @@ -33,7 +31,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v8 + uses: exasol/python-toolbox/.github/actions/python-environment@v10 with: python-version: ${{ matrix.python_versions }} poetry-version: "2.3.0" diff --git a/doc/_includes/nox_sessions_catalog.rst b/doc/_includes/nox_sessions_catalog.rst deleted file mode 100644 index c6db24ac2..000000000 --- a/doc/_includes/nox_sessions_catalog.rst +++ /dev/null @@ -1,121 +0,0 @@ -Common PTB Nox Sessions -^^^^^^^^^^^^^^^^^^^^^^^ - -.. list-table:: - :widths: 24 48 28 - :header-rows: 1 - - * - Session - - Purpose - - More information - * - ``format:fix`` - - Apply automated formatting and cleanup fixes. - - :ref:`formatting_code` - * - ``format:check`` - - Verify formatting without changing files. - - :ref:`formatting_code` - * - ``project:check`` - - Run the main local quality gate across formatting, linting, typing, and coverage. - - :ref:`features` - * - ``lint:code`` - - Run ``pylint`` and write ``.lint.json``. - - :doc:`/user_guide/features/metrics/collecting_metrics` - * - ``lint:typing`` - - Run ``mypy`` over the project. - - :ref:`features` - * - ``lint:security`` - - Run ``bandit`` and write ``.security.json``. - - :doc:`/user_guide/features/metrics/collecting_metrics` - * - ``lint:dependencies`` - - Reject git, path, and URL-based Poetry dependencies. - - :ref:`managing_dependencies` - * - ``lint:import`` - - Run Import Linter against ``.import_linter_config``. - - `Import Linter docs `_ - * - ``test:unit`` - - Run unit tests. - - :ref:`features` - * - ``test:integration`` - - Run integration tests, including plugin hooks when configured. - - :ref:`plugins` - * - ``test:coverage`` - - Run unit and integration tests and print a combined coverage report. - - :doc:`/user_guide/features/metrics/collecting_metrics` - * - ``docs:build`` - - Build the documentation with Sphinx. - - :ref:`deploying_documentation` - * - ``docs:multiversion`` - - Build multiversion documentation output. - - :ref:`deploying_documentation` - * - ``docs:open`` - - Open the built documentation locally. - - :ref:`deploying_documentation` - * - ``docs:clean`` - - Remove built documentation output. - - :ref:`deploying_documentation` - * - ``links:list`` - - List documentation links discovered by Sphinx linkcheck. - - :ref:`deploying_documentation` - * - ``links:check`` - - Validate documentation links. - - :ref:`deploying_documentation` - * - ``changelog:updated`` - - Fail if ``doc/changes`` was not updated. - - :ref:`deploying_documentation` - * - ``workflow:generate`` - - Render PTB workflow templates into ``.github/workflows``. - - :ref:`GitHub Workflows` - * - ``workflow:check`` - - Compare checked-in workflows to generated PTB output. - - :ref:`GitHub Workflows` - * - ``workflow:audit`` - - Run ``zizmor`` against workflows and actions. - - :ref:`managing_dependencies` - * - ``matrix:generate`` - - Emit selected ``BaseConfig`` values as JSON for workflow matrices. - - :ref:`GitHub Workflows` - * - ``matrix:python`` - - Deprecated Python-only matrix output. - - :ref:`GitHub Workflows` - * - ``matrix:exasol`` - - Deprecated Exasol-only matrix output. - - :ref:`GitHub Workflows` - * - ``matrix:all`` - - Deprecated combined matrix output. - - :ref:`GitHub Workflows` - * - ``artifacts:copy`` - - Combine coverage artifacts and copy report inputs into the project root. - - :doc:`/user_guide/features/metrics/collecting_metrics` - * - ``artifacts:validate`` - - Validate ``.lint.json``, ``.security.json``, and ``.coverage`` before Sonar upload. - - :doc:`/user_guide/features/metrics/collecting_metrics` - * - ``sonar:check`` - - Generate ``ci-coverage.xml`` and upload code-quality data to Sonar. - - :doc:`/user_guide/features/metrics/collecting_metrics` - * - ``dependency:licenses`` - - Print dependency license information. - - :ref:`managing_dependencies` - * - ``dependency:audit`` - - Report known dependency vulnerabilities with ``pip-audit``. - - :ref:`managing_dependencies` - * - ``vulnerabilities:resolved`` - - Report vulnerabilities resolved since the last release. - - :ref:`managing_dependencies` - * - ``package:check`` - - Build the package and verify the long description with ``twine check``. - - :ref:`features` - * - ``release:prepare`` - - Bump the version, prepare changelog files, create a release branch, and optionally open a pull request. - - :doc:`/user_guide/features/creating_a_release` - * - ``release:update`` - - Refresh the prepared release changelog. - - :doc:`/user_guide/features/creating_a_release` - * - ``release:trigger`` - - Create and push the release tag. - - :doc:`/user_guide/features/creating_a_release` - -Notes -+++++ - -* The old task name ``test:typing`` is obsolete. The current session name is ``lint:typing``. -* The ``matrix:python``, ``matrix:exasol``, and ``matrix:all`` sessions are deprecated. Prefer ``matrix:generate``. diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index 4c529d1c1..54abf9712 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -2,9 +2,9 @@ ## Summary -Documented the common PTB Nox sessions in the user guide and removed the unused -developer-guide Modules section. +This release documents how to discover and use PTB's Nox sessions in the user +guide and removes the unused Modules section from the developer guide. ## Documentation -* #456: Cataloged common PTB nox sessions in the user guide and removed the unused developer-guide Modules section +* #456: Documented how to discover PTB nox sessions in the user guide and removed the unused developer-guide Modules section diff --git a/doc/user_guide/features/index.rst b/doc/user_guide/features/index.rst index e773ad305..8f66605b4 100644 --- a/doc/user_guide/features/index.rst +++ b/doc/user_guide/features/index.rst @@ -38,8 +38,16 @@ Important Nox Commands * :code:`nox -l` shows a list of all available nox sessions * :code:`nox -s ` run the specified session(s) -The most commonly used PTB sessions are cataloged below. The links in the -right-hand column point to the feature pages that explain the user-facing -workflow behind each session. +The command :code:`nox -l` is the most reliable way to see the full current +session list for your project. -.. include:: ../../_includes/nox_sessions_catalog.rst +Common examples are: + +* :code:`nox -s format:fix` to apply formatting changes +* :code:`nox -s project:check` to run the main local quality gate +* :code:`nox -s test:unit` to run unit tests +* :code:`nox -s workflow:generate -- all` to regenerate PTB workflows + +Use the feature pages in this guide for task-specific details, for example +formatting, GitHub workflows, dependency management, release preparation, and +code-quality reporting. From d9c950dbc49cbbb682d79b2e2bb56957ed33ad74 Mon Sep 17 00:00:00 2001 From: jana-selva Date: Wed, 24 Jun 2026 17:27:14 +0530 Subject: [PATCH 4/6] fixed review comments --- test/integration/tools/security_integration_test.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/test/integration/tools/security_integration_test.py b/test/integration/tools/security_integration_test.py index 6532c013e..923d65338 100644 --- a/test/integration/tools/security_integration_test.py +++ b/test/integration/tools/security_integration_test.py @@ -88,9 +88,13 @@ def test_without_existing_github_issue_passes_through( json_path = tmp_path / "input.json" json_path.write_text(sample_maven_vulnerabilities.issues_json) - result = cli_runner.invoke( - CVE_CLI, ["filter", Filter.GitHubIssues.value, str(json_path)] - ) + with patch( + "exasol.toolbox.tools.security.gh_security_issues", + return_value=(), + ): + result = cli_runner.invoke( + CVE_CLI, ["filter", Filter.GitHubIssues.value, str(json_path)] + ) assert result.exit_code == 0 assert result.output.strip() == sample_maven_vulnerabilities.issues_json From b885db79c1cc7eee9b0cf090bd930c1b8c7cc24e Mon Sep 17 00:00:00 2001 From: jana-selva Date: Wed, 24 Jun 2026 18:40:23 +0530 Subject: [PATCH 5/6] e-added GITHUB_TOKEN in slow-checks.yml and removed the test patch. --- .github/workflows/slow-checks.yml | 2 ++ test/integration/tools/security_integration_test.py | 10 +++------- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/workflows/slow-checks.yml b/.github/workflows/slow-checks.yml index d5a94b49d..895efe30f 100644 --- a/.github/workflows/slow-checks.yml +++ b/.github/workflows/slow-checks.yml @@ -19,6 +19,8 @@ jobs: runs-on: "ubuntu-24.04" permissions: contents: read + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} strategy: fail-fast: false matrix: ${{ fromJson(needs.build-matrix.outputs.matrix) }} diff --git a/test/integration/tools/security_integration_test.py b/test/integration/tools/security_integration_test.py index 923d65338..6532c013e 100644 --- a/test/integration/tools/security_integration_test.py +++ b/test/integration/tools/security_integration_test.py @@ -88,13 +88,9 @@ def test_without_existing_github_issue_passes_through( json_path = tmp_path / "input.json" json_path.write_text(sample_maven_vulnerabilities.issues_json) - with patch( - "exasol.toolbox.tools.security.gh_security_issues", - return_value=(), - ): - result = cli_runner.invoke( - CVE_CLI, ["filter", Filter.GitHubIssues.value, str(json_path)] - ) + result = cli_runner.invoke( + CVE_CLI, ["filter", Filter.GitHubIssues.value, str(json_path)] + ) assert result.exit_code == 0 assert result.output.strip() == sample_maven_vulnerabilities.issues_json From dd1b387c87ed4032ff8efa95ab584e476712e9b1 Mon Sep 17 00:00:00 2001 From: jana-selva Date: Thu, 25 Jun 2026 12:49:13 +0530 Subject: [PATCH 6/6] Required for integration tests that call the GitHub CLI. --- .github/workflows/slow-checks.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/slow-checks.yml b/.github/workflows/slow-checks.yml index 895efe30f..648c845b7 100644 --- a/.github/workflows/slow-checks.yml +++ b/.github/workflows/slow-checks.yml @@ -20,6 +20,7 @@ jobs: permissions: contents: read env: + # Required for integration tests that call the GitHub CLI. GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} strategy: fail-fast: false