Security/774 update pytest on 6.2.0 (#775)

* Relock pytest

* Fix formatting issues in doc

Author: ArBridgeman

doc/changes/unreleased.md

@@ -11,6 +11,14 @@ The `report.yml` is also called after the `checks.yml` completes. This allows us
 to get linting, security, and unit test coverage before running the `slow-checks.yml`,
 as described in the [Pull Request description](https://exasol.github.io/python-toolbox/main/user_guide/features/github_workflows/index.html#pull-request).
 
+This release fixes a vulnerability by updating the `poetry.lock` file.
+
+| Name   | Version | ID             | Fix Versions | Updated to |
+|--------|---------|----------------|--------------|------------|
+| pytest | 9.0.2   | CVE-2025-71176 | 9.0.3        | 9.0.3      |
+
+To ensure usage of secure packages, it is up to the user to similarly relock their dependencies.
+
 ## Refactoring
 
 * #764: Updated `action/upload-pages-artifact` from v4 to [v5](https://github.com/actions/upload-pages-artifact/releases/tag/v5.0.0)
@@ -19,3 +27,7 @@ as described in the [Pull Request description](https://exasol.github.io/python-t
 ## Bugfix
 
 * #766: Fixed `action/upload-pages-artifact` from v5 to v5.0.0
+
+## Security
+
+* #774: Fixed vulnerability by re-locking `pytest` in the `poetry.lock`

doc/user_guide/features/github_workflows/index.rst

@@ -112,12 +112,13 @@ When configured as described on :ref:`github_project_configuration`, the
 workflows, like ``slow-checks.yml``. This allows developers to update their pull
 request more often and to only periodically run the more time-expensive tests.
 
-The `report.yml` is called twice:
-#. after the steps in `checks.yml` successfully finish - this allows developers
-to get faster feedback for linting, security, and unit test coverage.
-#. after the steps in `slow-checks.yml` successfully finish - this gives developers an
-overview of the total coverage, as well as the information provided from running
-the `checks.yml`
+The ``report.yml`` is called twice:
+
+#. after the steps in ``checks.yml`` successfully finish - this allows developers
+   to get faster feedback for linting, security, and unit test coverage.
+#. after the steps in ``slow-checks.yml`` successfully finish - this gives developers an
+   overview of the total coverage, as well as the information provided from running
+   the ``checks.yml``
 
 In both scenarios, the results are posted in the PR and made available on Sonar's UI.
 Note that Sonar does not keep historical information, so it will only show the latest