SLFO-pool/python-sqlparse
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main python-sqlparse revision a2529f3cb5f3d8e825f72c1ca6099e26

Browse Source
This commit is contained in:
Adrian Schröter
2024-09-25 17:17:35 +02:00
parent b39fef2cbe
commit baec5c4a80
4 changed files with 75 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
python-sqlparse.changes
View File

@@ -1,3 +1,62 @@
-------------------------------------------------------------------
Tue May 7 02:21:45 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
- Update to 0.5.0:
* Notable Changes
+ Drop support for Python 3.5, 3.6, and 3.7.
+ Python 3.12 is now supported.
+ IMPORTANT: Fixes a potential denial of service attack (DOS) due to
recursion error for deeply nested statements.
(CVE-2024-2430, bsc#1223603)
* Enhancements:
+ Splitting statements now allows to remove the semicolon at the end.
Some database backends love statements without semicolon.
+ Support TypedLiterals in get_parameters.
+ Improve splitting of Transact SQL when using GO keyword.
+ Support for some JSON operators.
+ Improve formatting of statements containing JSON operators.
+ Support for BigQuery and Snowflake keywords.
+ Support parsing of OVER clause.
* Bug Fixes
+ Ignore dunder attributes when creating Tokens.
+ Allow operators to precede dollar-quoted strings.
+ Fix parsing of nested order clauses.
+ Thread-safe initialization of Lexer class.
+ Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords.
+ Fix parsing of PRIMARY KEY.
* Other
+ Optimize performance of matching function.
-------------------------------------------------------------------
Mon Feb 26 20:15:41 UTC 2024 - Robert Schweikert <rjschwei@suse.com>
- Version update in SLE 15 SP4 and later (jsc#PED-6697)
-------------------------------------------------------------------
Fri Jun 9 11:45:02 UTC 2023 - ecsos <ecsos@opensuse.org>
- Add %{?sle15_python_module_pythons}
-------------------------------------------------------------------
Thu May 25 16:21:05 UTC 2023 - Matej Cepl <mcepl@suse.com>
- Update to 0.4.4:
* IMPORTANT: This release fixes a security vulnerability in
the parser where a regular expression vulnerable to ReDOS
(Regular Expression Denial of Service) was used. See the
security advisory for details (CVE-2023-30608, bsc#1210617,
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2)
The vulnerability was discovered by @erik-krogh from GitHub
Security Lab (GHSL). Thanks for reporting!
* Revert a change from 0.4.0 that changed IN to be a comparison
(issue694). The primary expectation is that IN is treated as
a keyword and not as a comparison operator. That also follows
the definition of reserved keywords for the major SQL syntax
definitions.
* Fix regular expressions for string parsing.
* sqlparse now uses pyproject.toml instead of setup.cfg
(issue685).
-------------------------------------------------------------------
Mon Oct 3 16:01:20 UTC 2022 - Dirk Müller <dmueller@suse.com>