Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
sqlparams is a utility package for converting between various SQL
parameter styles. This can simplify the use of SQL parameters in queries by
allowing the use of named parameters where only ordinal are supported. Some
Python DB API 2.0
_ compliant modules only support the ordinal qmark or
format style parameters (e.g., pyodbc
_ only supports qmark). This
package provides a helper class, SQLParams
_, that is used to convert
from any parameter style (qmark, numeric, named, format, pyformat;
and the non-standard numeric_dollar and named_dollar), and have them
safely converted to the desired parameter style.
.. _Python DB API 2.0
: http://www.python.org/dev/peps/pep-0249/
.. _pyodbc
: https://github.com/mkleehammer/pyodbc
You first create an SQLParams
_ instance specifying the named
parameter style you're converting from, and what ordinal style you're
converting to. Let's convert from named to qmark style::
import sqlparams query = sqlparams.SQLParams('named', 'qmark')
Now, lets to convert a simple SQL SELECT query using the SQLParams.format
_
method which accepts an SQL query, and a dict of parameters::
sql, params = query.format('SELECT * FROM users WHERE name = :name;', {'name': "Thorin"})
This returns the new SQL query using ordinal qmark parameters with the
corresponding list of ordinal parameters, which can be passed to the
.execute()
_ method on a database cursor::
print sql SELECT * FROM users WHERE name = ?; print params ['Thorin']
.. _.execute()
: http://www.python.org/dev/peps/pep-0249/#id15
tuple\ s are also supported which allows for safe use of the SQL IN operator::
sql, params = query.format("SELECT * FROM users WHERE name IN :names;", {'names': ("Dori", "Nori", "Ori")}) print sql SELECT * FROM users WHERE name in (?,?,?); print params ['Dori', 'Nori', 'Ori']
You can also format multiple parameters for a single, shared query useful with
the .executemany()
_ method of a database cursor::
sql, manyparams = query.formatmany("UPDATE users SET age = :age WHERE name = :name;", [{'name': "Dwalin", 'age': 169}, {'name': "Balin", 'age': 178}]) print sql UPDATE users SET age = ? WHERE name = ?; print manyparams [[169, 'Dwalin'], [178, 'Balin']]
.. _.executemany()
: http://www.python.org/dev/peps/pep-0249/#executemany
Please note that if an expanded tuple is used in SQLParams.formatmany
,
the tuple must be the same size in each of the parameter lists. Otherwise, you
might well use SQLParams.format
in a for-loop.
The source code for sqlparams is available from the GitHub repo
cpburnz/python-sql-parameters
_.
.. _cpburnz/python-sql-parameters
: https://github.com/cpburnz/python-sql-parameters.git
sqlparams can be installed from source with::
python setup.py install
sqlparams is also available for install through PyPI
_::
pip install sqlparams
.. _PyPI
: http://pypi.python.org/pypi/sqlparams
Documentation for sqlparams is available on Read the Docs
_.
.. _Read the Docs
: https://python-sql-parameters.readthedocs.org
.. _SQLParams
: https://python-sql-parameters.readthedocs.io/en/latest/sqlparams.html#sqlparams.SQLParams
.. _SQLParams.format
: https://python-sql-parameters.readthedocs.io/en/latest/sqlparams.html#sqlparams.SQLParams.format
.. _SQLParams.formatmany
: https://python-sql-parameters.readthedocs.io/en/latest/sqlparams.html#sqlparams.SQLParams.formatmany
New features:
Issue #11
/Pull #12
: Support Oracle named parameters enclosed in double quotes (style named_oracle
).Improvements:
.. _Issue #11
: https://github.com/cpburnz/python-sqlparams/issues/11
.. _Pull #12
: https://github.com/cpburnz/python-sqlparams/pull/12
Improvements:
LiteralString
_... _LiteralString
: https://docs.python.org/3/library/typing.html#typing.LiteralString
pyproject.toml
_ and build backend to setuptools.build_meta
_ which may have unforeseen consequences.Issue #8
_.Issue #9
_.python-sql-parameters
_ to python-sqlparams
_... _pyproject.toml
: https://pip.pypa.io/en/stable/reference/build-system/pyproject-toml/
.. _setuptools.build_meta
: https://setuptools.pypa.io/en/latest/build_meta.html
.. _Issue #8
: https://github.com/cpburnz/python-sqlparams/issues/8
.. _Issue #9
: https://github.com/cpburnz/python-sqlparams/issues/9
.. _python-sql-parameters
: https://github.com/cpburnz/python-sql-parameters
.. _python-sqlparams
: https://github.com/cpburnz/python-sqlparams
Issue #10
_: When converting to 'format'/'pyformat' types, escape existing '%' characters.escape_char=True
to unescape double '%' characters... _Issue #10
: https://github.com/cpburnz/python-sqlparams/issues/10
named
to in_style
on sqlparams.SQLParams
.ordinal
to out_style
on sqlparams.SQLParams
.match
and replace
from sqlparams.SQLParams
which
should have been private.Issue #4
_.Issue #7
_: Support dollar sign style for numeric and named parameters... _Issue #4
: https://github.com/cpburnz/python-sqlparams/issues/4
.. _Issue #7
: https://github.com/cpburnz/python-sqlparams/issues/7
issue 1
_... _issue 1
: https://github.com/cpburnz/python-sqlparams/issues/1
FAQs
Convert between various DB API 2.0 parameter styles.
We found that sqlparams demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.