meta-openembedded

MIRRORS/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-07-19 15:29:08 +02:00

Commit Graph

Author	SHA1	Message	Date
Trevor Gamblin	74e70284ac	python3-sqlparse: upgrade 0.4.3 -> 0.4.4 - Use python_flit_core instead of setuptools3 - Modify 0001-sqlparse-change-shebang-to-python3.patch to apply on 0.4.4 - Remove CVE-2023-30608.patch since it's now upstream: [tgamblin@megalith sqlparse]$ git tag --contains c457abd 0.4.4 Changelog (https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG): Release 0.4.4 (Apr 18, 2023) ---------------------------- Notable Changes * IMPORTANT: This release fixes a security vulnerability in the parser where a regular expression vulnerable to ReDOS (Regular Expression Denial of Service) was used. See the security advisory for details: https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2 The vulnerability was discovered by @erik-krogh from GitHub Security Lab (GHSL). Thanks for reporting! Bug Fixes * Revert a change from 0.4.0 that changed IN to be a comparison (issue694). The primary expectation is that IN is treated as a keyword and not as a comparison operator. That also follows the definition of reserved keywords for the major SQL syntax definitions. * Fix regular expressions for string parsing. Other * sqlparse now uses pyproject.toml instead of setup.cfg (issue685). Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>	2023-07-25 12:46:19 -07:00
Leon Anavi	3ae56a340a	python3-sqlparse: Upgrade 0.3.1 -> 0.4.1 Upgrade to release 0.4.1: - Just removed a debug print statement - Remove support for end-of-life Python 2.7 and 3.4. Python 3.5+ is now required. - Remaining strings that only consist of whitespaces are not treated as statements anymore. Code that ignored the last element from sqlparse.split() should be updated accordingly since that function now doesn't return an empty string as the last element in some cases. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>	2020-10-16 23:11:58 -07:00
Changqing Li	41eb6e1a61	python3-sqlparse: change shebang to python3 we have offcially dropped python2, so it is possible that our code run on python3 only host, so change shebang to python3 to avoid error like: python: command not found Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>	2020-03-09 11:26:36 -07:00

Author

SHA1

Message

Date

Trevor Gamblin

74e70284ac

python3-sqlparse: upgrade 0.4.3 -> 0.4.4

- Use python_flit_core instead of setuptools3
- Modify 0001-sqlparse-change-shebang-to-python3.patch to apply on 0.4.4
- Remove CVE-2023-30608.patch since it's now upstream:

[tgamblin@megalith sqlparse]$ git tag --contains c457abd
0.4.4

Changelog (https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG):

Release 0.4.4 (Apr 18, 2023)
----------------------------

Notable Changes

* IMPORTANT: This release fixes a security vulnerability in the
  parser where a regular expression vulnerable to ReDOS (Regular
  Expression Denial of Service) was used. See the security advisory
  for details: https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
  The vulnerability was discovered by @erik-krogh from GitHub
  Security Lab (GHSL). Thanks for reporting!

Bug Fixes

* Revert a change from 0.4.0 that changed IN to be a comparison (issue694).
  The primary expectation is that IN is treated as a keyword and not as a
  comparison operator. That also follows the definition of reserved keywords
  for the major SQL syntax definitions.
* Fix regular expressions for string parsing.

Other

* sqlparse now uses pyproject.toml instead of setup.cfg (issue685).

Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

2023-07-25 12:46:19 -07:00

Leon Anavi

3ae56a340a

python3-sqlparse: Upgrade 0.3.1 -> 0.4.1

Upgrade to release 0.4.1:

- Just removed a debug print statement
- Remove support for end-of-life Python 2.7 and 3.4. Python 3.5+
  is now required.
- Remaining strings that only consist of whitespaces are not
  treated as statements anymore. Code that ignored the last
  element from sqlparse.split() should be updated accordingly
  since that function now doesn't return an empty string as the
  last element in some cases.

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

2020-10-16 23:11:58 -07:00

Changqing Li

41eb6e1a61

python3-sqlparse: change shebang to python3

we have offcially dropped python2, so it is possible
that our code run on python3 only host, so change
shebang to python3 to avoid error like:
python: command not found

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

2020-03-09 11:26:36 -07:00

3 Commits