Mosql

Latest version: v0.12.3

Safety actively analyzes 681866 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 6

0.12.3

-------

. When `~mosql.db.Database` goes nest, only commit the changes after exit the
first with.

0.12.2

-------

. Fix the connection leaking issue.

0.12.1

-------

. Fix the Python 2 support.

0.12

-----

Thanks for the contribution from `Toki Tseng <https://github.com/tokikanno>`_
and `Pinkoi <http://pinkoi.com/>`_.

. Enhance multithreading and multiprocessing support.

0.11

-----

This version is totally made by `Tzu-ping Chung (uranusjr) <https://github.com/uranusjr>`_. Thanks for his contribution.

. Supports Python 3!
. Combined the doctests and nose tests by the `sphinx-nose
<https://github.com/uranusjr/saim-al-dahr>`_ which is also made by `uranusjr <https://github.com/uranusjr>`_.
. Fixed the bug which caused the instllation on Windows failed.
. Works better on Windows.

0.10

-----

The Security-related Changes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

. The standard :func:`~mosql.util.escape` and
:func:`~mosql.util.escape_identifier` now raise :exc:`ValueError` if its
argument has a null byte. A null byte may truncate the SQL when database
interprets it, but it still depends on how database handles it. Thanks
`Orange <http://blog.orange.tw>`_ for reporting this issue.
. Removed the support to use subquery directly. Use the new
:func:`~mosql.util.subq` instead.

As far as we know, the two flaws can't be exploited, but we still strongly
recommend you to upgrade to this version.

This version, v0.10, re-passed the strictest (level=5, risk=3) sqlmap_ tests on both value and identitifer-side in the cases:

- MySQL 5.6.21 with `MySQLdb <https://pypi.python.org/pypi/MySQL-python/>`_
1.2.5
- MySQL 5.6.21 with `MySQL Connector/Python
<https://pypi.python.org/pypi/mysql-connector-python>`_ 2.0.2
- PostgreSQL 9.3.5 with `Psycopg <https://pypi.python.org/pypi/psycopg2>`_ 2.5.4

The Majoy Changes
~~~~~~~~~~~~~~~~~

. The :class:`~mosql.db.Database` supports to keep connection open.
. The :class:`~mosql.db.Database` is thread-safe now.
. The :func:`~mosql.query.insert` supports multi-value.
. The :func:`~mosql.util.build_where` translates ``x IN ()`` into ``FALSE``.
. The :func:`~mosql.util.build_where` allows to use `pair` as key to include
operator.
. The :class:`mosql.util.Statement.format` ignores false -- in bool context --
clause argument.
. The :class:`mosql.util.Statement.format` raises :exc:`TypeError` if there is
any unused clause argument.
. Added :meth:`mosql.util.Query.enable_echo` to echo the SQL it builds.

Check details in :class:`~mosql.db.Database` or :func:`~mosql.query.select`.

The Minor Changes
~~~~~~~~~~~~~~~~~

. Added :func:`~mosql.util.dot`, :func:`~mosql.util.as_`,
:func:`~mosql.util.asc`, :func:`~mosql.util.desc`, :func:`~mosql.util.subq`,
and :func:`~mosql.util.in_operand`.
. All of the patch modules in :doc:`/patches` have a ``.patch()`` method to
apply the patch again.
. The :func:`~mosql.util.identifier` was split into
:func:`~mosql.util.identifier`, :func:`~mosql.util.identifier_as`, and
:func:`~mosql.util.identifier_dir`.
. The :func:`~mosql.util.identifier` supports to use `pair` to include table
and column name; and
. The :func:`~mosql.util.identifier_as` and :func:`~mosql.util.identifier_dir`
also supports to use `pair` to include alias or direction.
. Renamed :exc:`~mosql.util.OptionError` to :exc:`~mosql.util.DirectionError`.
. The :func:`~mosql.util.delimit_identifier`,
:data:`~mosql.util.allowed_operators`, and
:data:`~mosql.util.allowed_directions` don't allow to disable anymore. Use
:class:`~mosql.util.raw` instead.
. The deprecated modules in `/deprecated` will be removed in 0.11.
. Refined all the documentation.

Page 1 of 6

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.