Update dependency sqlparse to v0.5.5 #16

Open

Renovate wants to merge 1 commit from renovate/sqlparse-0.x into frontend-new

Renovate commented

2025-12-23 01:03:58 +01:00

Collaborator

This PR contains the following updates:

Package	Update	Change
sqlparse (changelog)	patch	`==0.5.3` → `==0.5.5`

Release Notes

andialbrecht/sqlparse (sqlparse)

`v0.5.5`

Compare Source

Bug Fixes

Fix DoS protection to raise SQLParseError instead of silently returning None
when grouping limits are exceeded (issue827).
Fix splitting of BEGIN TRANSACTION statements (issue826).

`v0.5.4`

Compare Source

Enhancements

Add support for Python 3.14.
Add type annotations to top-level API functions and include py.typed marker
for PEP 561 compliance, enabling type checking with mypy and other tools
(issue756).
Add pre-commit hook support. sqlparse can now be used as a pre-commit hook
to automatically format SQL files. The CLI now supports multiple files and
an --in-place flag for in-place editing (issue537).
Add ATTACH and DETACH to PostgreSQL keywords (pr808).
Add INTERSECT to close keywords in WHERE clause (pr820).
Support REGEXP BINARY comparison operator (pr817).

Bug Fixes

Add additional protection against denial of service attacks when parsing
very large lists of tuples. This enhances the existing recursion protections
with configurable limits for token processing to prevent DoS through
algorithmic complexity attacks. The new limits (MAX_GROUPING_DEPTH=100,
MAX_GROUPING_TOKENS=10000) can be adjusted or disabled (by setting to None)
if needed for legitimate large SQL statements.
Remove shebang from cli.py and remove executable flag (pr818).
Fix strip_comments not removing all comments when input contains only
comments (issue801, pr803 by stropysh).
Fix splitting statements with IF EXISTS/IF NOT EXISTS inside BEGIN...END
blocks (issue812).
Fix splitting on semicolons inside BEGIN...END blocks (issue809).

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [sqlparse](https://github.com/andialbrecht/sqlparse) ([changelog](https://sqlparse.readthedocs.io/en/latest/changes.html)) | patch | `==0.5.3` → `==0.5.5` | --- ### Release Notes <details> <summary>andialbrecht/sqlparse (sqlparse)</summary> ### [`v0.5.5`](https://github.com/andialbrecht/sqlparse/blob/HEAD/CHANGELOG#Release-055-Dec-19-2025) [Compare Source](https://github.com/andialbrecht/sqlparse/compare/0.5.4...0.5.5) Bug Fixes - Fix DoS protection to raise SQLParseError instead of silently returning None when grouping limits are exceeded (issue827). - Fix splitting of BEGIN TRANSACTION statements (issue826). ### [`v0.5.4`](https://github.com/andialbrecht/sqlparse/blob/HEAD/CHANGELOG#Release-054-Nov-28-2025) [Compare Source](https://github.com/andialbrecht/sqlparse/compare/0.5.3...0.5.4) Enhancements - Add support for Python 3.14. - Add type annotations to top-level API functions and include py.typed marker for PEP 561 compliance, enabling type checking with mypy and other tools (issue756). - Add pre-commit hook support. sqlparse can now be used as a pre-commit hook to automatically format SQL files. The CLI now supports multiple files and an `--in-place` flag for in-place editing (issue537). - Add `ATTACH` and `DETACH` to PostgreSQL keywords (pr808). - Add `INTERSECT` to close keywords in WHERE clause (pr820). - Support `REGEXP BINARY` comparison operator (pr817). Bug Fixes - Add additional protection against denial of service attacks when parsing very large lists of tuples. This enhances the existing recursion protections with configurable limits for token processing to prevent DoS through algorithmic complexity attacks. The new limits (MAX\_GROUPING\_DEPTH=100, MAX\_GROUPING\_TOKENS=10000) can be adjusted or disabled (by setting to None) if needed for legitimate large SQL statements. - Remove shebang from cli.py and remove executable flag (pr818). - Fix strip\_comments not removing all comments when input contains only comments (issue801, pr803 by stropysh). - Fix splitting statements with IF EXISTS/IF NOT EXISTS inside BEGIN...END blocks (issue812). - Fix splitting on semicolons inside BEGIN...END blocks (issue809). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Renovate added 1 commit

2025-12-23 01:03:58 +01:00