From baec5c4a80f21dbfb7772594debd8cc2d82bb0855f867523de83aa37dc4495d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Wed, 25 Sep 2024 17:17:35 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main python-sqlparse revision a2529f3cb5f3d8e825f72c1ca6099e26 --- python-sqlparse.changes | 59 +++++++++++++++++++++++++++++++++++++++++ python-sqlparse.spec | 24 +++++++++-------- sqlparse-0.4.3.tar.gz | 3 --- sqlparse-0.5.0.tar.gz | 3 +++ 4 files changed, 75 insertions(+), 14 deletions(-) delete mode 100644 sqlparse-0.4.3.tar.gz create mode 100644 sqlparse-0.5.0.tar.gz diff --git a/python-sqlparse.changes b/python-sqlparse.changes index 70adbcc..5e57da5 100644 --- a/python-sqlparse.changes +++ b/python-sqlparse.changes @@ -1,3 +1,62 @@ +------------------------------------------------------------------- +Tue May 7 02:21:45 UTC 2024 - Steve Kowalik + +- Update to 0.5.0: + * Notable Changes + + Drop support for Python 3.5, 3.6, and 3.7. + + Python 3.12 is now supported. + + IMPORTANT: Fixes a potential denial of service attack (DOS) due to + recursion error for deeply nested statements. + (CVE-2024-2430, bsc#1223603) + * Enhancements: + + Splitting statements now allows to remove the semicolon at the end. + Some database backends love statements without semicolon. + + Support TypedLiterals in get_parameters. + + Improve splitting of Transact SQL when using GO keyword. + + Support for some JSON operators. + + Improve formatting of statements containing JSON operators. + + Support for BigQuery and Snowflake keywords. + + Support parsing of OVER clause. + * Bug Fixes + + Ignore dunder attributes when creating Tokens. + + Allow operators to precede dollar-quoted strings. + + Fix parsing of nested order clauses. + + Thread-safe initialization of Lexer class. + + Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords. + + Fix parsing of PRIMARY KEY. + * Other + + Optimize performance of matching function. + +------------------------------------------------------------------- +Mon Feb 26 20:15:41 UTC 2024 - Robert Schweikert + +- Version update in SLE 15 SP4 and later (jsc#PED-6697) + +------------------------------------------------------------------- +Fri Jun 9 11:45:02 UTC 2023 - ecsos + +- Add %{?sle15_python_module_pythons} + +------------------------------------------------------------------- +Thu May 25 16:21:05 UTC 2023 - Matej Cepl + +- Update to 0.4.4: + * IMPORTANT: This release fixes a security vulnerability in + the parser where a regular expression vulnerable to ReDOS + (Regular Expression Denial of Service) was used. See the + security advisory for details (CVE-2023-30608, bsc#1210617, + https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2) + The vulnerability was discovered by @erik-krogh from GitHub + Security Lab (GHSL). Thanks for reporting! + * Revert a change from 0.4.0 that changed IN to be a comparison + (issue694). The primary expectation is that IN is treated as + a keyword and not as a comparison operator. That also follows + the definition of reserved keywords for the major SQL syntax + definitions. + * Fix regular expressions for string parsing. + * sqlparse now uses pyproject.toml instead of setup.cfg + (issue685). + ------------------------------------------------------------------- Mon Oct 3 16:01:20 UTC 2022 - Dirk Müller diff --git a/python-sqlparse.spec b/python-sqlparse.spec index ebc81c4..01df361 100644 --- a/python-sqlparse.spec +++ b/python-sqlparse.spec @@ -1,7 +1,7 @@ # # spec file for package python-sqlparse # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,24 +16,24 @@ # -%{?!python_module:%define python_module() python-%{**} python3-%{**}} -%define skip_python2 1 +%{?sle15_python_module_pythons} Name: python-sqlparse -Version: 0.4.3 +Version: 0.5.0 Release: 0 Summary: Non-validating SQL parser License: BSD-3-Clause -Group: Development/Languages/Python URL: https://github.com/andialbrecht/sqlparse Source: https://files.pythonhosted.org/packages/source/s/sqlparse/sqlparse-%{version}.tar.gz +BuildRequires: %{python_module base >= 3.8} +BuildRequires: %{python_module hatchling} +BuildRequires: %{python_module pip} BuildRequires: %{python_module pytest} -BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module wheel} BuildRequires: fdupes BuildRequires: python-rpm-macros Requires(post): update-alternatives -Requires(postun):update-alternatives +Requires(postun): update-alternatives BuildArch: noarch - %python_subpackages %description @@ -43,12 +43,13 @@ parsing, splitting and formatting SQL statements. %prep %setup -q -n sqlparse-%{version} sed -i -e '1{\,^#!%{_bindir}/env python,d}' sqlparse/__main__.py sqlparse/cli.py +chmod -x sqlparse/cli.py %build -%python_build +%pyproject_wheel %install -%python_install +%pyproject_install %python_clone -a %{buildroot}%{_bindir}/sqlformat %python_expand %fdupes %{buildroot}%{$python_sitelib} @@ -65,6 +66,7 @@ sed -i -e '1{\,^#!%{_bindir}/env python,d}' sqlparse/__main__.py sqlparse/cli.py %doc AUTHORS README.rst %license LICENSE %python_alternative %{_bindir}/sqlformat -%{python_sitelib}/* +%{python_sitelib}/sqlparse +%{python_sitelib}/sqlparse-%{version}.dist-info %changelog diff --git a/sqlparse-0.4.3.tar.gz b/sqlparse-0.4.3.tar.gz deleted file mode 100644 index b88b0b8..0000000 --- a/sqlparse-0.4.3.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:69ca804846bb114d2ec380e4360a8a340db83f0ccf3afceeb1404df028f57268 -size 70771 diff --git a/sqlparse-0.5.0.tar.gz b/sqlparse-0.5.0.tar.gz new file mode 100644 index 0000000..bd3992f --- /dev/null +++ b/sqlparse-0.5.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:714d0a4932c059d16189f58ef5411ec2287a4360f17cdd0edd2d09d4c5087c93 +size 83475