subject:"Re\: \[Django\] #26899\: RawSQL requires parameters even if they are empty"

Re: [Django] #26899: RawSQL requires parameters even if they are empty

2016-07-17 Thread Django

#26899: RawSQL requires parameters even if they are empty
-+-
 Reporter:  wolever  |Owner:
 |  petedmarsh
 Type:  Uncategorized|   Status:  assigned
Component:  Database layer   |  Version:  master
  (models, ORM)  |
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  1|UI/UX:  0
-+-

Comment (by petedmarsh):

 I've updated the PR to add a note to the documentation as described above,
 happy to re-word or bring back the code changes, just let me know!

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/065.f6970cea56bc8b8544f22bd6859d3519%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26899: RawSQL requires parameters even if they are empty

2016-07-15 Thread Django

#26899: RawSQL requires parameters even if they are empty
-+-
 Reporter:  wolever  |Owner:
 |  petedmarsh
 Type:  Uncategorized|   Status:  assigned
Component:  Database layer   |  Version:  master
  (models, ORM)  |
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  1|UI/UX:  0
-+-

Comment (by timgraham):

 Sounds reasonable to me. If we decide to keep the status quo, let's update
 the documentation with that rationale.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/065.43bfa7a9791bb99f445640630a6da3ea%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26899: RawSQL requires parameters even if they are empty

2016-07-15 Thread Django

#26899: RawSQL requires parameters even if they are empty
-+-
 Reporter:  wolever  |Owner:
 |  petedmarsh
 Type:  Uncategorized|   Status:  assigned
Component:  Database layer   |  Version:  master
  (models, ORM)  |
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  1|UI/UX:  0
-+-

Comment (by charettes):

 I like to think of `params` being an explicit argument as a feature that
 forces developers to think twice about not interpolating user provided
 data into their SQL and expose their application into possible injections.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/065.4fc0a30d9adbc86ed8d82f28cbef0ff6%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26899: RawSQL requires parameters even if they are empty

2016-07-14 Thread Django

#26899: RawSQL requires parameters even if they are empty
-+-
 Reporter:  wolever  |Owner:
 |  petedmarsh
 Type:  Uncategorized|   Status:  assigned
Component:  Database layer   |  Version:  master
  (models, ORM)  |
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  1|UI/UX:  0
-+-

Comment (by petedmarsh):

 PR: https://github.com/django/django/pull/6916/files

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/065.78d52022ca45fc3e563810a50755fc6e%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26899: RawSQL requires parameters even if they are empty

2016-07-14 Thread Django

#26899: RawSQL requires parameters even if they are empty
-+-
 Reporter:  wolever  |Owner:
 |  petedmarsh
 Type:  Uncategorized|   Status:  assigned
Component:  Database layer   |  Version:  master
  (models, ORM)  |
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  1|UI/UX:  0
-+-
Changes (by petedmarsh):

 * owner:  nobody => petedmarsh
 * needs_docs:   => 0
 * status:  new => assigned
 * needs_tests:   => 0
 * needs_better_patch:   => 0


--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/065.71949077bcd8f4ddaf2954fe6e02dabe%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26899: RawSQL requires parameters even if they are empty

Re: [Django] #26899: RawSQL requires parameters even if they are empty

Re: [Django] #26899: RawSQL requires parameters even if they are empty

Re: [Django] #26899: RawSQL requires parameters even if they are empty

Re: [Django] #26899: RawSQL requires parameters even if they are empty

5 matches

Site Navigation

Mail list logo

Footer information