[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Git][ftp-team/dak][deploy] 2 commits: fix: use `sqlalchemy.sql.text` in more places

Title: GitLab

Ansgar pushed to branch deploy at Debian FTP Team / dak

Commits:

  • 7c3fb650
    by Ansgar at 2025-12-30T18:36:49+01:00 
    fix: use `sqlalchemy.sql.text` in more places
  • 0c357d65
    by Ansgar at 2025-12-30T18:37:40+01:00 
    Merge branch 'master' into deploy

2 changed files:

Changes:

  • dak/import_users_from_passwd.py
    ... ... @@ -25,6 +25,7 @@ import re
    25 25 
     import sys
    26 26
    27 27 
     import apt_pkg
    28 
    +from sqlalchemy import sql
    28 29
    29 30 
     from daklib import utils
    30 31 
     from daklib.config import Config
    ... ... @@ -89,7 +90,7 @@ def main():
    89 90 
             passwd_unames[uname] = ""
    90 91
    91 92 
         postgres_unames = {}
    92 
    -    q = session.execute("SELECT usename FROM pg_user")
    93 
    +    q = session.execute(sql.text("SELECT usename FROM pg_user"))
    93 94 
         for i in q.fetchall():
    94 95 
             uname = i[0]
    95 96 
             postgres_unames[uname] = ""
    ... ... @@ -105,7 +106,7 @@ def main():
    105 106 
                     "I: Deleting %s from Postgres, no longer in passwd or list of known Postgres users"
    106 107 
                     % (uname)
    107 108 
                 )
    108 
    -            q = session.execute('DROP USER "%s"' % (uname))
    109 
    +            q = session.execute(sql.text('DROP USER "%s"' % (uname)))
    109 110
    110 111 
         safe_name = re.compile("^[A-Za-z0-9]+$")
    111 112 
         for uname in sorted(passwd_unames):
    ... ... @@ -118,7 +119,7 @@ def main():
    118 119 
                         # XXX: Fix this as it looks like a potential SQL injection attack to me
    119 120 
                         #      (hence the safe_name match we do)
    120 121 
                         try:
    121 
    -                        q = session.execute('CREATE USER "%s"' % (uname))
    122 
    +                        q = session.execute(sql.text('CREATE USER "%s"' % (uname)))
    122 123 
                             session.commit()
    123 124 
                         except Exception as e:
    124 125 
                             utils.warn("Could not create user %s (%s)" % (uname, str(e)))

  • dak/queue_report.py
    ... ... @@ -42,6 +42,7 @@ import sys
    42 42 
     import time
    43 43
    44 44 
     import apt_pkg
    45 
    +from sqlalchemy import sql
    45 46
    46 47 
     from daklib import utils
    47 48 
     from daklib.dak_exceptions import ParseMaintError
    ... ... @@ -322,7 +323,7 @@ def table_row(
    322 323 
                    FROM source_suite
    323 324 
                    WHERE source = :source
    324 325 
                    AND suite_name IN ('unstable', 'experimental')"""
    325 
    -    if not session.execute(query, {"source": source}).rowcount:
    326 
    +    if not session.execute(sql.text(query), {"source": source}).rowcount:
    326 327 
             trclass += " sourceNEW"
    327 328 
         session.commit()
    328 329


    • View it on GitLab.
    You're receiving this email because of your account on salsa.debian.org. Manage all notifications · Help Notification message regarding https://salsa.debian.org/ftp-team/dak/-/compare/456966ba0ca98d332beaadad3432fd2c93ccc132...0c357d6581946d39da3058f9f4b84b4110b5f45d at 1767116276

    Reply to: