at-gmbh
diff --git a/‎.github/workflows/tests-poetry.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/tests-poetry.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 65 additions & 1 deletion b/‎CHANGELOG.md‎
Lines changed: 65 additions & 1 deletion
diff --git a/‎README.md‎
Lines changed: 3 additions & 3 deletions b/‎README.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎hooks/pre_gen_project.py‎
Lines changed: 3 additions & 3 deletions b/‎hooks/pre_gen_project.py‎
Lines changed: 3 additions & 3 deletions
@@ -18,14 +18,14 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: [3.9, 3.13]
+        python-version: ["3.10", "3.13"]
         os: [ubuntu-latest, windows-latest]
     name: Test (Python ${{ matrix.python-version }} on ${{ matrix.os }})
     steps:
       - uses: actions/checkout@v5
 
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
 
 
@@ -10,6 +10,69 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Placeholder for future updates and new features.
 
+## [1.3.0] - 2026-01-27
+
+### ⚠️ Breaking Changes
+- **Minimum Python version increased from 3.9 to 3.10** (required for secure dependency versions)
+
+### Security
+- Fixed CVE-2024-47081: Updated `requests` from 2.32.3 to 2.32.5 (Moderate - .netrc credentials leak)
+- Fixed CVE-2025-50181: Updated `urllib3` from 2.4.0 to 2.6.3 (Moderate - redirects not disabled with retries)
+- Fixed CVE-2025-50182: Updated `urllib3` to 2.6.3 (Moderate - redirects in browsers/Node.js)
+- Fixed CVE-2025-66418: Updated `urllib3` to 2.6.3 (High - unbounded decompression chain)
+- Fixed CVE-2025-66471: Updated `urllib3` to 2.6.3 (High - improper handling of compressed data)
+- Fixed CVE-2026-21441: Updated `urllib3` to 2.6.3 (High - decompression-bomb bypass in redirects)
+- Fixed CVE-2026-24049: Updated `wheel` from 0.45.1 to 0.46.3 (High - path traversal in wheel unpack)
+- Fixed CVE-2025-68146: Updated `filelock` from 3.18.0 to 3.20.3 (Moderate - TOCTOU symlink attack)
+- Fixed CVE-2026-22701: Updated `filelock` to 3.20.3 (Moderate - TOCTOU in SoftFileLock)
+- Fixed CVE-2026-22702: Updated `virtualenv` from 20.31.2 to 20.36.1 (Moderate - TOCTOU in directory creation)
+
+### Changed
+- Updated CI/CD workflows to test Python 3.10 and 3.13 (dropped 3.9)
+- Updated all template files and documentation to reflect Python 3.10 minimum requirement
+- Updated GitHub Actions `actions/setup-python` from v5 to v6
+- Updated `cookiecutter` from 2.3 to 2.6
+- Updated `pre-commit` from 4.3.0 to 4.5.1
+- Updated `pytest` from 8.4.1 to 9.0.2
+- Updated `pytest-cov` from 6.2.1 to 7.0.0
+- Updated `pytest-mock` from 3.14.1 to 3.15.1
+- Updated `pyyaml` from 6.0.2 to 6.0.3
+- Updated `typer` from 0.16.1 to 0.21.1
+- Updated `setuptools` from 80.9.0 to 80.10.2
+- Updated pre-commit hook `astral-sh/ruff-pre-commit` from v0.12.10 to v0.14.14
+- Updated pre-commit hook `pycqa/isort` from v6.0.1 to v6.1.0
+- Updated pre-commit hook `asottile/pyupgrade` args from `--py39-plus` to `--py310-plus`
+- Updated Python base images in GitLab CI from 3.9 to 3.10
+- Fixed YAML parsing issue in GitHub Actions workflow (quoted Python versions to prevent 3.10 → 3.1)
+
+### Dependency Updates (Transitive)
+- Updated `arrow` from 1.3.0 to 1.4.0
+- Updated `certifi` from 2025.4.26 to 2026.1.4
+- Updated `cfgv` from 3.4.0 to 3.5.0
+- Updated `charset-normalizer` from 3.4.2 to 3.4.4
+- Updated `click` from 8.1.8 to 8.3.1
+- Updated `coverage` from 7.8.2 to 7.13.2
+- Updated `distlib` from 0.3.9 to 0.4.0
+- Updated `exceptiongroup` from 1.3.0 to 1.3.1
+- Updated `identify` from 2.6.12 to 2.6.16
+- Updated `idna` from 3.10 to 3.11
+- Updated `iniconfig` from 2.1.0 to 2.3.0
+- Updated `markdown-it-py` from 3.0.0 to 4.0.0
+- Updated `markupsafe` from 3.0.2 to 3.0.3
+- Updated `nodeenv` from 1.9.1 to 1.10.0
+- Updated `packaging` from 25.0 to 26.0
+- Updated `platformdirs` from 4.3.8 to 4.5.1
+- Updated `pygments` from 2.19.1 to 2.19.2
+- Updated `pyparsing` from 3.2.3 to 3.3.2
+- Updated `rich` from 14.0.0 to 14.3.1
+- Updated `tomli` from 2.2.1 to 2.4.0
+- Added `tzdata` 2025.3
+
+### Summary
+All 10 Dependabot security vulnerabilities have been resolved (4 High, 6 Moderate).
+All dependencies updated to latest stable versions as of January 2026.
+
+
 ## [1.2.2] - 2025-08-22
 ### Changed
 - Aktualisiert: pre-commit Hook `astral-sh/ruff-pre-commit` von `v0.11.12` auf `v0.12.10`.
@@ -145,7 +208,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ---
 
-[Unreleased]: https://github.com/at-gmbh/at-python-template/compare/v1.2.2...HEAD
+[Unreleased]: https://github.com/at-gmbh/at-python-template/compare/v1.3.0...HEAD
+[1.3.0]: https://github.com/at-gmbh/at-python-template/compare/v1.2.2...v1.3.0
 [1.2.2]: https://github.com/at-gmbh/at-python-template/compare/v1.2.1...v1.2.2
 [1.2.1]: https://github.com/at-gmbh/at-python-template/compare/v1.2.0...v1.2.1
 [1.2.0]: https://github.com/at-gmbh/at-python-template/compare/v1.1.1...v1.2.0
 
@@ -1,7 +1,7 @@
 # AT Python Template
 
 [![Build](https://img.shields.io/github/actions/workflow/status/at-gmbh/at-python-template/tests-poetry.yml?branch=master)](https://github.com/at-gmbh/at-python-template/actions?query=branch%3Amaster+)
-![Python Version](https://img.shields.io/badge/python-3.9%20--%203.13-blue)
+![Python Version](https://img.shields.io/badge/python-3.10%20--%203.13-blue)
 [![Latest Version](https://img.shields.io/github/v/tag/at-gmbh/at-python-template?label=version&sort=semver)](https://github.com/at-gmbh/at-python-template/releases)
 [![Commit Activity](https://img.shields.io/github/commit-activity/m/at-gmbh/at-python-template)](https://github.com/at-gmbh/at-python-template/commits/master)
 [![Dependencies](https://img.shields.io/librariesio/github/at-gmbh/at-python-template)](https://libraries.io/github/at-gmbh/at-python-template)
@@ -18,7 +18,7 @@ This guide aims to help you set up your environment and get coding in no time.
 
 ## 🛠 Prerequisites
 
-Before you dive in, make sure you have Python 3.9 or higher installed on your machine. To check if Python is installed, open a terminal and run:
+Before you dive in, make sure you have Python 3.10 or higher installed on your machine. To check if Python is installed, open a terminal and run:
 
 ```
 python --version
@@ -114,7 +114,7 @@ For more advanced Docker usage, please refer to the `Dockerfile` and `docker-com
 
 ## 🔗 Additional Dependencies
 
-- Python 3.9 or higher is required.
+- Python 3.10 or higher is required.
 - Jupyter Lab: If you are planning to use Jupyter notebooks.
 - This template requires `cookiecutter>=2.0`. If you experience issues installing it into your default conda environment, we recommend to create a new clean environment with nothing but the `cookiecutter` package installed.
 
 
@@ -19,10 +19,10 @@
 
 with warnings.catch_warnings():
     warnings.simplefilter("ignore", category=DeprecationWarning)
-    # check Python version (3.9 or higher)
-    if Version(platform.python_version()) < Version("3.9.0"):
+    # check Python version (3.10 or higher)
+    if Version(platform.python_version()) < Version("3.10.0"):
         print(f"ERROR: You are using Python {platform.python_version()},",
-              "but Python 3.9 or higher is required to use this template")
+              "but Python 3.10 or higher is required to use this template")
         sys.exit(1)
     # check cookiecutter version (1.7.2 or higher)
     if Version(cookiecutter.__version__) < Version('1.7.2'):