security/updates_on_top_of_0.13.0 (#136)

* Update dependencies on top of 0.13.0 to fix vulnerabilities.
---------

Co-authored-by: Ariel Schulz <43442541+ArBridgeman@users.noreply.github.com>

Author: redcatbear

.gitattributes

@@ -6,6 +6,8 @@
 /.github/workflows/checks.yml              linguist-generated
 /.github/workflows/ci.yml                  linguist-generated
 /.github/workflows/gh-pages.yml            linguist-generated
+/.github/workflows/matrix-exasol.yml       linguist-generated
+/.github/workflows/matrix-python.yml       linguist-generated
 /.github/workflows/merge-gate.yml          linguist-generated
 /.github/workflows/pr-merge.yml            linguist-generated
 /.github/workflows/report.yml              linguist-generated

.github/workflows/checks.yml

@@ -1,3 +1,14 @@
+# Please note that this workflow was manually adapted from the version generated
+# by the Exasol Python Toolbox.
+#
+# 1. The matrix consists of backend type and Exasol version
+# 2. Disabling AppArmor namespace restrictions is required to run dockerdb
+# 3. To make sure space on the standard runner is freed up,
+#    unneeded large directories are removed
+#
+# Once the workflow patcher can do this modification without having to replace
+# each workflow step individually, this workflow should be generated.
+
 name: Slow-Checks
 
 on:
@@ -49,7 +60,7 @@ jobs:
           python-version: "3.10"
           poetry-version: "2.3.0"
 
-      - name: Run Tests and Collect Coverage
+      - name: Run Integration Tests
         id: run-integration-tests
         run: >
           poetry run -- nox -s test:integration -- --coverage
@@ -62,7 +73,7 @@ jobs:
 
       - name: Upload Artifacts
         id: upload-artifacts
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v7
         with:
           name: coverage-python3.10-${{ matrix.backend }}-${{ matrix.exasol-version }}
           path: .coverage

.github/workflows/ci.yml

@@ -3,5 +3,6 @@
 .build_output
 .coverage
 __pycache__
+dist
 
 TAGS

.github/workflows/matrix-exasol.yml

@@ -2,6 +2,26 @@
 
 ## Summary
 
+We updated the dependencies in the `poetry.lock` file in this repository to fix the following security vulnerabilities: 
+
+| Name         | Version | ID                  | Fix Versions |
+|--------------|---------|---------------------|--------------|
+| black        | 25.12.0 | CVE-2026-32274      | 26.3.1       |
+| cryptography | 46.0.5  | CVE-2026-34073      | 46.0.6       |
+| pyasn1       | 0.6.2   | CVE-2026-30922      | 0.6.3        |
+| pygments     | 2.19.2  | CVE-2026-4539       | 2.20.0       |
+| requests     | 2.32.5  | CVE-2026-25645      | 2.33.0       |
+| tornado      | 6.5.4   | GHSA-78cv-mqj4-43f7 | 6.5.5        |
+| tornado      | 6.5.4   | CVE-2026-31958      | 6.5.5        |
+
+Please note that the situation on the user's machine differs since they have their own lock file.
+
+We also updated versions in the GitHub actions. Users are not affected by this.
+
+## Security
+
+* #136: Security updates to fix vulnerabilities listed above
+
 ## Refactorings
 
 * #127: Refactored class `ParameterFormatters` and docstrings