https://github.com/python/cpython/commit/d8e0e009195b2388fb53012c1f0fa786426dc05f commit: d8e0e009195b2388fb53012c1f0fa786426dc05f branch: main author: Erlend E. Aasland <[email protected]> committer: erlend-aasland <[email protected]> date: 2024-05-14T16:10:55Z summary:
gh-118928: sqlite3: disallow sequences of params with named placeholders (#118929) Follow-up of gh-101693. The previous DeprecationWarning is replaced with raising sqlite3.ProgrammingError. Co-authored-by: Hugo van Kemenade <[email protected]> files: A Misc/NEWS.d/next/Library/2024-05-10-22-36-01.gh-issue-118928.IW7Ukv.rst M Doc/whatsnew/3.14.rst M Lib/test/test_sqlite3/test_dbapi.py M Modules/_sqlite/cursor.c diff --git a/Doc/whatsnew/3.14.rst b/Doc/whatsnew/3.14.rst index bcb1098f43d5a3..33a0f3e0f2f4bc 100644 --- a/Doc/whatsnew/3.14.rst +++ b/Doc/whatsnew/3.14.rst @@ -142,6 +142,11 @@ sqlite3 * Remove :data:`!version` and :data:`!version_info` from :mod:`sqlite3`. (Contributed by Hugo van Kemenade in :gh:`118924`.) +* Disallow using a sequence of parameters with named placeholders. + This had previously raised a :exc:`DeprecationWarning` since Python 3.12; + it will now raise a :exc:`sqlite3.ProgrammingError`. + (Contributed by Erlend E. Aasland in :gh:`118928` and :gh:`101693`.) + typing ------ diff --git a/Lib/test/test_sqlite3/test_dbapi.py b/Lib/test/test_sqlite3/test_dbapi.py index 1f71b5c34e448e..293baccaf1831d 100644 --- a/Lib/test/test_sqlite3/test_dbapi.py +++ b/Lib/test/test_sqlite3/test_dbapi.py @@ -878,9 +878,8 @@ def test_execute_named_param_and_sequence(self): msg = "Binding.*is a named parameter" for query, params in dataset: with self.subTest(query=query, params=params): - with self.assertWarnsRegex(DeprecationWarning, msg) as cm: + with self.assertRaisesRegex(sqlite.ProgrammingError, msg) as cm: self.cu.execute(query, params) - self.assertEqual(cm.filename, __file__) def test_execute_indexed_nameless_params(self): # See gh-117995: "'?1' is considered a named placeholder" diff --git a/Misc/NEWS.d/next/Library/2024-05-10-22-36-01.gh-issue-118928.IW7Ukv.rst b/Misc/NEWS.d/next/Library/2024-05-10-22-36-01.gh-issue-118928.IW7Ukv.rst new file mode 100644 index 00000000000000..91c95e4a5395d4 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2024-05-10-22-36-01.gh-issue-118928.IW7Ukv.rst @@ -0,0 +1,2 @@ +Disallow using a sequence of parameters with named placeholders in +:mod:`sqlite3` queries. Patch by Erlend E. Aasland. diff --git a/Modules/_sqlite/cursor.c b/Modules/_sqlite/cursor.c index 950596ea82b568..5d4b77b1a07e08 100644 --- a/Modules/_sqlite/cursor.c +++ b/Modules/_sqlite/cursor.c @@ -670,15 +670,11 @@ bind_parameters(pysqlite_state *state, pysqlite_Statement *self, for (i = 0; i < num_params; i++) { const char *name = sqlite3_bind_parameter_name(self->st, i+1); if (name != NULL && name[0] != '?') { - int ret = PyErr_WarnFormat(PyExc_DeprecationWarning, 1, + PyErr_Format(state->ProgrammingError, "Binding %d ('%s') is a named parameter, but you " "supplied a sequence which requires nameless (qmark) " - "placeholders. Starting with Python 3.14 an " - "sqlite3.ProgrammingError will be raised.", + "placeholders.", i+1, name); - if (ret < 0) { - return; - } } if (PyTuple_CheckExact(parameters)) { _______________________________________________ Python-checkins mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/python-checkins.python.org/ Member address: [email protected]
