diff --git a/CVE-2021-32839.patch b/CVE-2021-32839.patch deleted file mode 100644 index 9a2282a7aebfa468ae5cdfba1ae40767d33422e9..0000000000000000000000000000000000000000 --- a/CVE-2021-32839.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 8238a9e450ed1524e40cb3a8b0b3c00606903aeb Mon Sep 17 00:00:00 2001 -From: Andi Albrecht -Date: Tue, 7 Sep 2021 12:27:28 +0200 -Subject: [PATCH] Optimize regular expression for identifying line breaks in - comments. - ---- - sqlparse/filters/others.py | 5 ++++- - tests/test_format.py | 17 +++++++++++++++++ - 2 files changed, 21 insertions(+), 1 deletion(-) - -diff --git a/sqlparse/filters/others.py b/sqlparse/filters/others.py -index e0e1ca19..6905f2d6 100644 ---- a/sqlparse/filters/others.py -+++ b/sqlparse/filters/others.py -@@ -22,7 +22,10 @@ def get_next_comment(): - def _get_insert_token(token): - """Returns either a whitespace or the line breaks from token.""" - # See issue484 why line breaks should be preserved. -- m = re.search(r'((\r\n|\r|\n)+) *$', token.value) -+ # Note: The actual value for a line break is replaced by \n -+ # in SerializerUnicode which will be executed in the -+ # postprocessing state. -+ m = re.search(r'((\r|\n)+) *$', token.value) - if m is not None: - return sql.Token(T.Whitespace.Newline, m.groups()[0]) - else: -diff --git a/tests/test_format.py b/tests/test_format.py -index 7117d9d6..70bb8055 100644 ---- a/tests/test_format.py -+++ b/tests/test_format.py -@@ -84,6 +84,23 @@ def test_strip_comments_multi(self): - res = sqlparse.format(sql, strip_comments=True) - assert res == 'select (select 2)' - -+ def test_strip_comments_preserves_linebreak(self): -+ sql = 'select * -- a comment\r\nfrom foo' -+ res = sqlparse.format(sql, strip_comments=True) -+ assert res == 'select *\nfrom foo' -+ sql = 'select * -- a comment\nfrom foo' -+ res = sqlparse.format(sql, strip_comments=True) -+ assert res == 'select *\nfrom foo' -+ sql = 'select * -- a comment\rfrom foo' -+ res = sqlparse.format(sql, strip_comments=True) -+ assert res == 'select *\nfrom foo' -+ sql = 'select * -- a comment\r\n\r\nfrom foo' -+ res = sqlparse.format(sql, strip_comments=True) -+ assert res == 'select *\n\nfrom foo' -+ sql = 'select * -- a comment\n\nfrom foo' -+ res = sqlparse.format(sql, strip_comments=True) -+ assert res == 'select *\n\nfrom foo' -+ - def test_strip_ws(self): - f = lambda sql: sqlparse.format(sql, strip_whitespace=True) - s = 'select\n* from foo\n\twhere ( 1 = 2 )\n' diff --git a/python-sqlparse.spec b/python-sqlparse.spec index f6738e6e891ce33140498bf27c5c96bebeed9086..780ff27196ee56cbf5d03d82965a010e242dcd9d 100644 --- a/python-sqlparse.spec +++ b/python-sqlparse.spec @@ -1,12 +1,11 @@ %global _empty_manifest_terminate_build 0 Name: python-sqlparse -Version: 0.4.1 -Release: 2 +Version: 0.4.2 +Release: 1 Summary: A non-validating SQL parser. -License: BSD +License: BSD-3-Clause URL: https://github.com/andialbrecht/sqlparse -Patch001: CVE-2021-32839.patch -Source0: https://files.pythonhosted.org/packages/a2/54/da10f9a0235681179144a5ca02147428f955745e9393f859dec8d0d05b41/sqlparse-0.4.1.tar.gz +Source0: https://files.pythonhosted.org/packages/32/fe/8a8575debfd924c8160295686a7ea661107fc34d831429cce212b6442edb/sqlparse-0.4.2.tar.gz BuildArch: noarch %description @@ -78,6 +77,9 @@ mv %{buildroot}/doclist.lst . %{_docdir}/* %changelog +* Tue Oct 25 2022 yaoxin - 0.4.2-1 +- Upgrade to 0.4.2 + * Mon Oct 11 2021 houyingchao - 0.4.1-2 - Fix CVE-2021-32839 diff --git a/sqlparse-0.4.1.tar.gz b/sqlparse-0.4.1.tar.gz deleted file mode 100644 index bc3748b1e080a090fcee68ad0ef3efb90b3cfa38..0000000000000000000000000000000000000000 Binary files a/sqlparse-0.4.1.tar.gz and /dev/null differ diff --git a/sqlparse-0.4.2.tar.gz b/sqlparse-0.4.2.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..30d6f139c62fb1fa01d0e03aa306486a02284b32 Binary files /dev/null and b/sqlparse-0.4.2.tar.gz differ