Safety CI > laowantong/paroxython

master

2 years, 7 months ago

8a8e88d9

regenerate documentation

No dependencies with known security vulnerabilities.

master

2 years, 7 months ago

3a662e55

add Python 3.10 partial support "Partial" means that no tag is currently provided for Python 3.10 a

No dependencies with known security vulnerabilities.

master

2 years, 7 months ago

3f3e137e

drop Python 3.6 and 3.7 support

No dependencies with known security vulnerabilities.

master

2 years, 7 months ago

7af96801

close #123 #122 #119 #116 #97, bump version number

No dependencies with known security vulnerabilities.

pyup-update-pytest-6.1.1-to-7.1.3

2 years, 7 months ago

1e771900

Update pytest from 6.1.1 to 7.1.3

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-regex-2020.7.14-to-2022.8.17

2 years, 8 months ago

78b7e132

Update regex from 2020.7.14 to 2022.8.17

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-regex-2020.7.14-to-2022.7.25

2 years, 8 months ago

9d88325a

Update regex from 2020.7.14 to 2022.7.25

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-regex-2020.7.14-to-2022.7.24

2 years, 8 months ago

46dbd5fa

Update regex from 2020.7.14 to 2022.7.24

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-regex-2020.7.14-to-2022.7.9

2 years, 9 months ago

1327edca

Update regex from 2020.7.14 to 2022.7.9

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-typing-extensions-3.7.4.3-to-4.3.0

2 years, 9 months ago

4775e27d

Update typing-extensions from 3.7.4.3 to 4.3.0

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-regex-2020.7.14-to-2022.6.2

2 years, 10 months ago

ed5337eb

Update regex from 2020.7.14 to 2022.6.2

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-typed-ast-1.4.1-to-1.5.4

2 years, 11 months ago

669101cd

Update typed-ast from 1.4.1 to 1.5.4

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

master

2 years, 11 months ago

30ca8076

regenerate outputs of "idioms" and "simple"

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-regex-2020.7.14-to-2022.4.24

2 years, 12 months ago

9da48d80

Update regex from 2020.7.14 to 2022.4.24

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

pyup-update-pytest-6.1.1-to-7.1.2

2 years, 12 months ago

9f37411b

Update pytest from 6.1.1 to 7.1.2

sqlparse 0.4.1 has known security vulnerabilities.

Package	Installed	Affected	Info
sqlparse	0.4.1	>=0.1.15,<0.4.4	show Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service). https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
sqlparse	0.4.1	>=0.4.0,<0.4.2	show Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb
sqlparse	0.4.1	<0.5.0	show Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.

Package

Installed

Affected

Info

sqlparse

0.4.1

>=0.1.15,<0.4.4

show

Sqlparse 0.4.4 includes a fix for CVE-2023-30608: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service).
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2

sqlparse

0.4.1

>=0.4.0,<0.4.2

show

Sqlparse version 0.4.2 includes a fix for CVE-2021-32839: In sqlparse versions 0.4.0 and 0.4.1 there is a Regular Expression Denial of Service vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of "\r\n" in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround, avoid using the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool.
https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
https://github.com/andialbrecht/sqlparse/commit/8238a9e450ed1524e40cb3a8b0b3c00606903aeb

sqlparse

0.4.1

<0.5.0

show

Sqlparse 0.5.0 addresses a potential denial of service (DoS) vulnerability related to recursion errors in deeply nested SQL statements. To mitigate this issue, the update replaces recursion errors with a general SQLParseError, improving the resilience and stability of the parsing process.