Skip to content

Remove escape() and escape_string() from MySQLdb. #511

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 19, 2021
Merged

Remove escape() and escape_string() from MySQLdb. #511

merged 1 commit into from
Oct 19, 2021

Conversation

methane
Copy link
Member

@methane methane commented Oct 19, 2021

No description provided.

@codecov
Copy link

codecov bot commented Oct 19, 2021
edited
Loading

Codecov Report

Merging #511 (6c2845a) into main (3ee07a0) will increase coverage by 1.77%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##             main     #511      +/-   ##
==========================================
+ Coverage   83.99%   85.76%   +1.77%     
==========================================
  Files           6        6              
  Lines         556      583      +27     
==========================================
+ Hits          467      500      +33     
+ Misses         89       83       -6
Impacted Files Coverage Δ
MySQLdb/__init__.py 85.00% <ø> (ø)
MySQLdb/connections.py 86.62% <0.00%> (+6.62%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3ee07a0...6c2845a. Read the comment docs.

@methane methane merged commit 16d139c into main Oct 19, 2021
@methane methane deleted the remove-escape branch October 19, 2021 04:19
@methane methane added this to the v2.1 milestone Oct 19, 2021
This was referenced Nov 18, 2021
Merged
Merged
Merged
Merged
@renovate renovate bot mentioned this pull request Dec 19, 2021
Merged
1 task
@aelous
Copy link

aelous commented Jan 14, 2022

why Remove escape() and escape_string() ?

This was referenced Mar 7, 2022
Open
Open
Closed
This was referenced Mar 26, 2022
Closed
Merged
Closed
@dattran2346
Copy link

why Remove escape() and escape_string() ?

Same question.

@methane
Copy link
Member Author

methane commented Jul 12, 2022

  • Unrecommended
  • Unsafe
  • Do not want to maintain

@hhyo hhyo mentioned this pull request Apr 6, 2023
Merged
@chrisburr chrisburr mentioned this pull request Apr 23, 2023
Closed
gnodar01 added a commit to CellProfiler/CellProfiler that referenced this pull request Feb 7, 2024
@gnodar01
Replace deprecated use of escape_string
89ef8a5 
MySQLdb.escape_string was removed in v2.1.0, here: PyMySQL/mysqlclient#511

mysqlclient still allows escape_string to be used via the connection
object

really we should be using parameterized queries: https://pynative.com/python-mysql-execute-parameterized-query-using-prepared-statement/

that would require more substantial changes however
gnodar01 added a commit to CellProfiler/CellProfiler that referenced this pull request Feb 7, 2024
@gnodar01
Replace deprecated use of escape_string
1ffa1d6 
MySQLdb.escape_string was removed in v2.1.0, here: PyMySQL/mysqlclient#511

we can still access `escape_string` via the underlying `_mysql` object
that mysqlclient wraps

really we should be using parameterized queries: https://pynative.com/python-mysql-execute-parameterized-query-using-prepared-statement/

that would require more substantial changes however
gnodar01 added a commit to CellProfiler/CellProfiler that referenced this pull request Feb 7, 2024
@gnodar01
Replace deprecated use of escape_string
89c4a14 
MySQLdb.escape_string was removed in v2.1.0, here: PyMySQL/mysqlclient#511

mysqlclient still allows escape_string to be used via the connection
object

really we should be using parameterized queries: https://pynative.com/python-mysql-execute-parameterized-query-using-prepared-statement/

that would require more substantial changes however
gnodar01 added a commit to CellProfiler/CellProfiler that referenced this pull request Feb 7, 2024
@gnodar01
Replace deprecated use of escape_string
134e6c3 
MySQLdb.escape_string was removed in v2.1.0, here: PyMySQL/mysqlclient#511

we can still access `escape_string` via the underlying `_mysql` object
that mysqlclient wraps

really we should be using parameterized queries: https://pynative.com/python-mysql-execute-parameterized-query-using-prepared-statement/

that would require more substantial changes however
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v2.1

Development

Successfully merging this pull request may close these issues.

3 participants

@methane @aelous @dattran2346