Sync from SUSE:SLFO:Main python-sqlparse revision a2529f3cb5f3d8e825f72c1ca6099e26

2024-09-25 17:17:35 +02:00 · 2024-09-25 17:17:35 +02:00 · baec5c4a80
commit baec5c4a80
parent b39fef2cbe
4 changed files with 75 additions and 14 deletions
--- a/python-sqlparse.changes
+++ b/python-sqlparse.changes
@ -1,3 +1,62 @@
+-------------------------------------------------------------------
+Tue May  7 02:21:45 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Update to 0.5.0:
+  * Notable Changes
+    + Drop support for Python 3.5, 3.6, and 3.7.
+    + Python 3.12 is now supported.
+    + IMPORTANT: Fixes a potential denial of service attack (DOS) due to
+      recursion error for deeply nested statements.
+      (CVE-2024-2430, bsc#1223603)
+  * Enhancements:
+    + Splitting statements now allows to remove the semicolon at the end.
+      Some database backends love statements without semicolon.
+    + Support TypedLiterals in get_parameters.
+    + Improve splitting of Transact SQL when using GO keyword.
+    + Support for some JSON operators.
+    + Improve formatting of statements containing JSON operators.
+    + Support for BigQuery and Snowflake keywords.
+    + Support parsing of OVER clause.
+  * Bug Fixes
+    + Ignore dunder attributes when creating Tokens.
+    + Allow operators to precede dollar-quoted strings.
+    + Fix parsing of nested order clauses.
+    + Thread-safe initialization of Lexer class.
+    + Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords.
+    + Fix parsing of PRIMARY KEY.
+  * Other
+    + Optimize performance of matching function.
+
+-------------------------------------------------------------------
+Mon Feb 26 20:15:41 UTC 2024 - Robert Schweikert <rjschwei@suse.com>
+
+- Version update in SLE 15 SP4 and later (jsc#PED-6697)
+
+-------------------------------------------------------------------
+Fri Jun  9 11:45:02 UTC 2023 - ecsos <ecsos@opensuse.org>
+
+- Add %{?sle15_python_module_pythons}
+
+-------------------------------------------------------------------
+Thu May 25 16:21:05 UTC 2023 - Matej Cepl <mcepl@suse.com>
+
+- Update to 0.4.4:
+  * IMPORTANT: This release fixes a security vulnerability in
+    the parser where a regular expression vulnerable to ReDOS
+    (Regular Expression Denial of Service) was used. See the
+    security advisory for details (CVE-2023-30608, bsc#1210617,
+    https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2)
+    The vulnerability was discovered by @erik-krogh from GitHub
+    Security Lab (GHSL). Thanks for reporting!
+  * Revert a change from 0.4.0 that changed IN to be a comparison
+    (issue694).  The primary expectation is that IN is treated as
+    a keyword and not as a comparison operator. That also follows
+    the definition of reserved keywords for the major SQL syntax
+    definitions.
+  * Fix regular expressions for string parsing.
+  * sqlparse now uses pyproject.toml instead of setup.cfg
+    (issue685).
+
 -------------------------------------------------------------------
 Mon Oct  3 16:01:20 UTC 2022 - Dirk Müller <dmueller@suse.com>

--- a/python-sqlparse.spec
+++ b/python-sqlparse.spec
@ -1,7 +1,7 @@
 #
 # spec file for package python-sqlparse
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -16,24 +16,24 @@
 #


-%{?!python_module:%define python_module() python-%{**} python3-%{**}}
-%define skip_python2 1
+%{?sle15_python_module_pythons}
 Name:           python-sqlparse
-Version:        0.4.3
+Version:        0.5.0
 Release:        0
 Summary:        Non-validating SQL parser
 License:        BSD-3-Clause
-Group:          Development/Languages/Python
 URL:            https://github.com/andialbrecht/sqlparse
 Source:         https://files.pythonhosted.org/packages/source/s/sqlparse/sqlparse-%{version}.tar.gz
+BuildRequires:  %{python_module base >= 3.8}
+BuildRequires:  %{python_module hatchling}
+BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module pytest}
-BuildRequires:  %{python_module setuptools}
+BuildRequires:  %{python_module wheel}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
 Requires(post): update-alternatives
-Requires(postun):update-alternatives
+Requires(postun): update-alternatives
 BuildArch:      noarch
-
 %python_subpackages

 %description
@ -43,12 +43,13 @@ parsing, splitting and formatting SQL statements.
 %prep
 %setup -q -n sqlparse-%{version}
 sed -i -e '1{\,^#!%{_bindir}/env python,d}' sqlparse/__main__.py sqlparse/cli.py
+chmod -x sqlparse/cli.py

 %build
-%python_build
+%pyproject_wheel

 %install
-%python_install
+%pyproject_install
 %python_clone -a %{buildroot}%{_bindir}/sqlformat
 %python_expand %fdupes %{buildroot}%{$python_sitelib}

@ -65,6 +66,7 @@ sed -i -e '1{\,^#!%{_bindir}/env python,d}' sqlparse/__main__.py sqlparse/cli.py
 %doc AUTHORS README.rst
 %license LICENSE
 %python_alternative %{_bindir}/sqlformat
-%{python_sitelib}/*
+%{python_sitelib}/sqlparse
+%{python_sitelib}/sqlparse-%{version}.dist-info

 %changelog
--- a/sqlparse-0.4.3.tar.gz
+++ b/sqlparse-0.4.3.tar.gz
--- a/sqlparse-0.5.0.tar.gz
+++ b/sqlparse-0.5.0.tar.gz