forked from pool/python-sqlparse
- Update to 0.4.4:
* IMPORTANT: This release fixes a security vulnerability in
the parser where a regular expression vulnerable to ReDOS
(Regular Expression Denial of Service) was used. See the
security advisory for details (CVE-2023-30608, bsc#1210617,
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2)
The vulnerability was discovered by @erik-krogh from GitHub
Security Lab (GHSL). Thanks for reporting!
* Revert a change from 0.4.0 that changed IN to be a comparison
(issue694). The primary expectation is that IN is treated as
a keyword and not as a comparison operator. That also follows
the definition of reserved keywords for the major SQL syntax
definitions.
* Fix regular expressions for string parsing.
* sqlparse now uses pyproject.toml instead of setup.cfg
(issue685).
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-sqlparse?expand=0&rev=29
This commit is contained in:
Git OBS Bridge
@@ -1,3 +1,23 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu May 25 16:21:05 UTC 2023 - Matej Cepl <mcepl@suse.com>
|
||||
|
||||
- Update to 0.4.4:
|
||||
* IMPORTANT: This release fixes a security vulnerability in
|
||||
the parser where a regular expression vulnerable to ReDOS
|
||||
(Regular Expression Denial of Service) was used. See the
|
||||
security advisory for details (CVE-2023-30608, bsc#1210617,
|
||||
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2)
|
||||
The vulnerability was discovered by @erik-krogh from GitHub
|
||||
Security Lab (GHSL). Thanks for reporting!
|
||||
* Revert a change from 0.4.0 that changed IN to be a comparison
|
||||
(issue694). The primary expectation is that IN is treated as
|
||||
a keyword and not as a comparison operator. That also follows
|
||||
the definition of reserved keywords for the major SQL syntax
|
||||
definitions.
|
||||
* Fix regular expressions for string parsing.
|
||||
* sqlparse now uses pyproject.toml instead of setup.cfg
|
||||
(issue685).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 3 16:01:20 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package python-sqlparse
|
||||
#
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -16,24 +16,24 @@
|
||||
#
|
||||
|
||||
|
||||
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
|
||||
%define skip_python2 1
|
||||
Name: python-sqlparse
|
||||
Version: 0.4.3
|
||||
Version: 0.4.4
|
||||
Release: 0
|
||||
Summary: Non-validating SQL parser
|
||||
License: BSD-3-Clause
|
||||
Group: Development/Languages/Python
|
||||
URL: https://github.com/andialbrecht/sqlparse
|
||||
Source: https://files.pythonhosted.org/packages/source/s/sqlparse/sqlparse-%{version}.tar.gz
|
||||
BuildRequires: %{python_module flit-core}
|
||||
BuildRequires: %{python_module pip}
|
||||
BuildRequires: %{python_module pytest}
|
||||
BuildRequires: %{python_module setuptools}
|
||||
BuildRequires: %{python_module wheel}
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: python-rpm-macros
|
||||
Requires(post): update-alternatives
|
||||
Requires(postun):update-alternatives
|
||||
BuildArch: noarch
|
||||
|
||||
%python_subpackages
|
||||
|
||||
%description
|
||||
@@ -43,12 +43,13 @@ parsing, splitting and formatting SQL statements.
|
||||
%prep
|
||||
%setup -q -n sqlparse-%{version}
|
||||
sed -i -e '1{\,^#!%{_bindir}/env python,d}' sqlparse/__main__.py sqlparse/cli.py
|
||||
chmod -x sqlparse/cli.py
|
||||
|
||||
%build
|
||||
%python_build
|
||||
%pyproject_wheel
|
||||
|
||||
%install
|
||||
%python_install
|
||||
%pyproject_install
|
||||
%python_clone -a %{buildroot}%{_bindir}/sqlformat
|
||||
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
||||
|
||||
@@ -65,6 +66,7 @@ sed -i -e '1{\,^#!%{_bindir}/env python,d}' sqlparse/__main__.py sqlparse/cli.py
|
||||
%doc AUTHORS README.rst
|
||||
%license LICENSE
|
||||
%python_alternative %{_bindir}/sqlformat
|
||||
%{python_sitelib}/*
|
||||
%{python_sitelib}/sqlparse
|
||||
%{python_sitelib}/sqlparse-%{version}*-info
|
||||
|
||||
%changelog
|
||||
|
||||
BIN
sqlparse-0.4.3.tar.gz
(Stored with Git LFS)
BIN
sqlparse-0.4.3.tar.gz
(Stored with Git LFS)
Binary file not shown.
3
sqlparse-0.4.4.tar.gz
Normal file
3
sqlparse-0.4.4.tar.gz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d446183e84b8349fa3061f0fe7f06ca94ba65b426946ffebe6e3e8295332420c
|
||||
size 72383
|
||||
Reference in New Issue
Block a user