git.99rst.org / openwrt-packages.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side (parent: 29cbf98)
python-pymysql: update to 1.1.3
authorAlexandru Ardelean <redacted>
Fri, 15 May 2026 10:57:44 +0000 (13:57 +0300)
committerAlexandru Ardelean <redacted>
Mon, 25 May 2026 15:47:13 +0000 (18:47 +0300)
Security fix:
- Fix Cursor.callproc() to escape procedure name, preventing SQL injection
  when calling a procedure with a string received from an untrusted source
- NOTICE: Backward compatibility change - procedure names like
  "dbname.funcname" are now backtick-quoted: ``CALL \`dbname.funcname\` ``

Other changes:
- CI: use ubuntu-slim, add dependabot for GitHub Actions
- Bump GitHub Actions (checkout v4→v6, setup-python v5→v6, codecov v5→v6)
- Add publish.yml workflow (copied from psf/requests)
- Upgrade dependencies: cryptography>=46.0.7, PyNaCl>=1.6.2
- Drop Python 3.8, require Python 3.9+

Changelog:
https://github.com/PyMySQL/PyMySQL/releases/tag/v1.1.3

NOTE: added test.sh for basic validation.

Signed-off-by: Alexandru Ardelean <redacted>
lang/python/pymysql/test.sh [new file with mode: 0644] patch | blob
lang/python/python-packaging/Makefile patch | blob | history

diff --git a/lang/python/pymysql/test.sh b/lang/python/pymysql/test.sh
new file mode 100644 (file)
index 0000000..22e89fc
--- /dev/null
+++ b/lang/python/pymysql/test.sh
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+[ "$1" = python3-pymysql ] || exit 0
+
+python3 -c '
+import pymysql
+
+# Verify version
+assert pymysql.__version__
+
+# Verify core exports
+assert hasattr(pymysql, "connect")
+assert hasattr(pymysql, "connections")
+assert hasattr(pymysql, "cursors")
+
+# Verify cursor types are importable
+from pymysql.cursors import Cursor, DictCursor, SSCursor, SSDictCursor
+
+# Verify exception classes are importable
+from pymysql import (
+    err,
+    MySQLError,
+    OperationalError,
+    InterfaceError,
+    DatabaseError,
+    IntegrityError,
+    DataError,
+)
+
+# Verify connections.Connection class exists
+from pymysql import connections
+assert connections.Connection is not None
+
+# Verify callable cursor classes
+assert callable(Cursor)
+assert callable(DictCursor)
+assert callable(SSCursor)
+assert callable(SSDictCursor)
+
+# Verify constants module
+import pymysql.constants as constants
+assert hasattr(constants, "CR")
+assert hasattr(constants, "ER")
+
+# Verify _escape function exists (used internally for queries)
+from pymysql.converters import escape_string, escape_dict
+assert callable(escape_string)
+assert callable(escape_dict)
+
+print("pymysql OK")
+'
diff --git a/lang/python/python-packaging/Makefile b/lang/python/python-packaging/Makefile
index ffd4f3458d31f5f76f91776198d96cc535b2dbea..2464ecae5ef2aef2f83612a184053162f4450d6c 100644 (file)
--- a/lang/python/python-packaging/Makefile
+++ b/lang/python/python-packaging/Makefile
@@ -7,11 +7,11 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=python-packaging
-PKG_VERSION:=26.0
+PKG_VERSION:=26.2
 PKG_RELEASE:=2
 
 PYPI_NAME:=packaging
-PKG_HASH:=00243ae351a257117b6a241061796684b084ed1c516a08c48a3f7e147a9d80b4
+PKG_HASH:=ff452ff5a3e828ce110190feff1178bb1f2ea2281fa2075aadb987c2fb221661
 
 PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
 PKG_LICENSE:=Apache-2.0 BSD-2-Clause
git clone https://git.99rst.org/PROJECT