v1.1.1

[methane]

Warning

This release fixes a vulnerability (CVE-2024-36039).
All users are recommended to update to this version.

If you can not update soon, check the input value from untrusted source has an expected type.
Only dict input from untrusted source can be an attack vector.

What's Changed

• Prohibit dict parameter for Cursor.execute(). It didn't produce valid SQL
  and might cause SQL injection. (CVE-2024-36039)

Merged PRs

• Add support for Python 3.12 by @hugovk in Add support for Python 3.12 #1134
• chore(deps): update actions/checkout action to v4 by @renovate in chore(deps): update actions/checkout action to v4 #1136
• Update codecov/codecov-action action to v4 by @renovate in Update codecov/codecov-action action to v4 #1137
• ci: use codecov@v3 by @methane in ci: use codecov@v3 #1142
• chore(deps): update dessant/lock-threads action to v5 by @renovate in chore(deps): update dessant/lock-threads action to v5 #1141
• doc: use rtd theme by @methane in doc: use rtd theme #1143
• use Ruff as formatter by @methane in use Ruff as formatter #1144
• Added ssl_key_password param by @svaskov in Added ssl_key_password param #1145
• chore(deps): update dependency sphinx-rtd-theme to v2 by @renovate in chore(deps): update dependency sphinx-rtd-theme to v2 #1147
• chore(deps): update actions/setup-python action to v5 by @renovate in chore(deps): update actions/setup-python action to v5 #1152
• chore(deps): update github/codeql-action action to v3 by @renovate in chore(deps): update github/codeql-action action to v3 #1154
• chore(deps): update codecov/codecov-action action to v4 by @renovate in chore(deps): update codecov/codecov-action action to v4 #1158
• Support error packet without sqlstate by @methane in Support error packet without sqlstate #1160
• test json - mariadb without JSON type by @grooverdan in test json - mariadb without JSON type #1165

New Contributors

• @hugovk made their first contribution in Add support for Python 3.12 #1134
• @svaskov made their first contribution in Added ssl_key_password param #1145

Full Changelog: v1.1.0...v1.1.1

---

This discussion was created from the release v1.1.1.

[cristopherchacon]

Why is this change not considered a breaking change?

[methane]

Because there were no valid usage for this function.

[methane]

See this thread.

#1172 (comment)