Bump exasol/python-toolbox from 6 to 7

[dependabot]

Bumps exasol/python-toolbox from 6 to 7.

Release notes

Sourced from exasol/python-toolbox's releases.

7.0.0 - 2026-04-29

Summary

In this major release, support for the version.pyfile has been removed. Users should:

• delete the version.py file

• add in their project's __init__.py module

  from importlib.metadata import version
  __version__ = version("<package_name>")

This is required for the nox session docs:multiversion to successfully complete, and it is a Python standard for users to check in the terminal which version they are using.

The underlying code for the nox sessions vulnerabilities:resolved and release:prepare have been modified so that all dependencies (main, in groups, and in optional groups) are considered for the vulnerability report. Additionally, we only consider a vulnerability resolved if pip-audit includes fix_versions for the dependency. Previously, these nox sessions only reported the dependencies of main and the transitive dependencies of main.

Feature

• #803: Included other dependencies for local pip-audit check

Refactoring

• #800: Removed tbx security pretty-print, tbx lint pretty-print, and creation of .lint.txt, as superseded by Sonar and .lint.json usage
• #791: Resolved Sonar concerns: accepted specific subprocess import usage, subprocess commands, & improved minor maintainability items
• #629: Replace version.py with version from the __init__.py

Bug Fix

• #808: Resolved release:prepare to update pyproject.toml

6.4.0 - 2026-04-22

Summary

This release includes a few notable improvements:

• The nox session release:prepare automatically reports resolved security issues.
• The stability of the tbx security cve CLI commands is improved with new test coverage to help ensure it works for non-Python projects.

Features

• #777: Improved VulnerabilityMatcher to handle packages with multiple vulnerabilities
• #517: Modified nox session release:prepare to report resolved security issues

Refactoring

• #731: Reduced costly test-python-environment.yml to run when triggered on main or when the files related to the action are altered

... (truncated)

Commits

• de9c841 Bugfix/808 ensure pyprojecttoml updated for release preparation (#809)
• 1aae471 Release/prepare 7.0.0 (#807)
• 07fb849 Feature/803 include other dependencies in vulnerability report (#806)
• ece0084 791 Add nosec to select subprocess commands - part 2 (#805)
• 43f79c4 Refactoring/629 replace version.py file (#804)
• 308564e Refactoring/791 resolve sonar security issues part 1 (#796)
• ac2baad Refactoring/800 remove pretty prints and .lint.txt (#802)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)