Skip to content

Update pymysql to 1.1.2#438

Closed
pyup-bot wants to merge 1 commit intomasterfrom
pyup-update-pymysql-1.0.2-to-1.1.2
Closed

Update pymysql to 1.1.2#438
pyup-bot wants to merge 1 commit intomasterfrom
pyup-update-pymysql-1.0.2-to-1.1.2

Conversation

@pyup-bot
Copy link
Copy Markdown
Collaborator

@pyup-bot pyup-bot commented Aug 24, 2025

This PR updates PyMySQL from 1.0.2 to 1.1.2.

Changelog

1.1.1

Release date: 2024-05-21

> [!WARNING]
> This release fixes a vulnerability (CVE-2024-36039).
> All users are recommended to update to this version.
>
> If you can not update soon, check the input value from
> untrusted source has an expected type. Only dict input
> from untrusted source can be an attack vector.

* Prohibit dict parameter for `Cursor.execute()`. It didn't produce valid SQL
and might cause SQL injection. (CVE-2024-36039)
* Added ssl_key_password param. 1145

1.1.0

Release date: 2023-06-26

* Fixed SSCursor raising OperationalError for query timeouts on wrong statement (1032)
* Exposed `Cursor.warning_count` to check for warnings without additional query (1056)
* Make Cursor iterator (995)
* Support '_' in key name in my.cnf (1114)
* `Cursor.fetchall()` returns empty list instead of tuple (1115). Note that `Cursor.fetchmany()` still return empty tuple after reading all rows for compatibility with Django.
* Deprecate Error classes in Cursor class (1117)
* Add `Connection.set_character_set(charset, collation=None)`. This method is compatible with mysqlclient. (1119)
* Deprecate `Connection.set_charset(charset)` (1119)
* New connection always send "SET NAMES charset [COLLATE collation]" query. (1119)
Since collation table is vary on MySQL server versions, collation in handshake is fragile.
* Support `charset="utf8mb3"` option (1127)

1.0.3

Release date: 2023-03-28

* Dropped support of end of life MySQL version 5.6
* Dropped support of end of life MariaDB versions below 10.3
* Dropped support of end of life Python version 3.6
* Removed `_last_executed` because of duplication with `_executed` by rajat315315 in https://github.com/PyMySQL/PyMySQL/pull/948
* Fix generating authentication response with long strings by netch80 in https://github.com/PyMySQL/PyMySQL/pull/988
* update pymysql.constants.CR by Nothing4You in https://github.com/PyMySQL/PyMySQL/pull/1029
* Document that the ssl connection parameter can be an SSLContext by cakemanny in https://github.com/PyMySQL/PyMySQL/pull/1045
* Raise ProgrammingError on -np.inf in addition to np.inf by cdcadman in https://github.com/PyMySQL/PyMySQL/pull/1067
* Use Python 3.11 release instead of -dev in tests by Nothing4You in https://github.com/PyMySQL/PyMySQL/pull/1076
Links

@pyup-bot pyup-bot mentioned this pull request Aug 24, 2025
Closed
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Aug 24, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@pyup-bot
Copy link
Copy Markdown
Collaborator Author

pyup-bot commented May 1, 2026

Closing this in favor of #489

@pyup-bot pyup-bot closed this May 1, 2026
@burhan burhan deleted the pyup-update-pymysql-1.0.2-to-1.1.2 branch May 1, 2026 09:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pyup-bot