Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reworked #4709 after latest release #5447

Merged
merged 4 commits into from
Sep 30, 2024
Merged

Reworked #4709 after latest release #5447

merged 4 commits into from
Sep 30, 2024

Conversation

arogl
Copy link
Contributor

@arogl arogl commented Sep 28, 2024

Description

Fixes #4709 SQL use of Double Quoted Strings.

Replacing #5236

  • Changelog. (Add an entry to docs/changelog.rst to the bottom of one of the lists near the top of the document.)

snejus
snejus requested changes Sep 29, 2024
View reviewed changes
Copy link
Member

@snejus snejus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there's there may be one more replacement left, see extra/_beet line 111:

		sqlcmd="select distinct value from item_attributes where key=='$1' and value!='';"

docs/changelog.rst Outdated Show resolved Hide resolved
@arogl
Copy link
Contributor Author

arogl commented Sep 29, 2024

I think there's there may be one more replacement left, see extra/_beet line 111:

		sqlcmd="select distinct value from item_attributes where key=='$1' and value!='';"

I believe this is already correct when reviewing against the changes already made.

Double quotes surrounding the command and single quotes for variable use within the string

@snejus
Copy link
Member

snejus commented Sep 29, 2024

I think there's there may be one more replacement left, see extra/_beet line 111:

		sqlcmd="select distinct value from item_attributes where key=='$1' and value!='';"

I believe this is already correct when reviewing against the changes already made.

Double quotes surrounding the command and single quotes for variable use within the string

Ah you're completely right! My bad, got mixed up there.

@snejus
Copy link
Member

snejus commented Sep 29, 2024

I think I found something relevant!

beetsplug/web/__init__.py:            'SELECT DISTINCT "{}" FROM "{}" ORDER BY "{}"'.format(
CONTRIBUTING.rst:             rows = tx.query('SELECT DISTINCT "{0}" FROM "{1}" ORDER BY "{2}"'

@arogl
Copy link
Contributor Author

arogl commented Sep 29, 2024

I have updated the 2 files as requested

beetsplug/web/__init__.py:
CONTRIBUTING.rst:

Looking through the code I wonder if the changes in this PR should look to be updated to f-strings?

snejus
snejus requested changes Sep 29, 2024
View reviewed changes
CONTRIBUTING.rst Outdated Show resolved Hide resolved
@snejus
Copy link
Member

snejus commented Sep 29, 2024

I have updated the 2 files as requested

beetsplug/web/__init__.py:
CONTRIBUTING.rst:

Looking through the code I wonder if the changes in this PR should look to be updated to f-strings?

I wouldn't think so - I guess it would be out of scope of your actual goal here

@snejus snejus merged commit 04ee041 into beetbox:master Sep 30, 2024
12 checks passed
@wisp3rwind wisp3rwind mentioned this pull request Sep 30, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@snejus snejus snejus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Avoid using double-quoted string literals in SQL queries
2 participants
@arogl @snejus