Skip to content

Commit e7d5456

Browse files
Merge pull request #1516 from phenobarbital/dev
removing useless modules
2 parents 83ff30b + eb03ac0 commit e7d5456

11 files changed

Lines changed: 50 additions & 858 deletions

File tree

.github/workflows/release.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,16 @@ jobs:
3131
CIBW_ARCHS_MACOS: "x86_64 arm64"
3232
CIBW_SKIP: "pp* *-win32 *i686 *musllinux*"
3333
CIBW_PRERELEASE_PYTHONS: "0"
34+
# Fail the build if a wheel is ever produced without the compiled
35+
# Cython extension (asyncdb/utils/types.*.so / .pyd). This prevents
36+
# publishing a broken wheel that raises "No module named
37+
# 'asyncdb.utils.types'" at import time.
38+
CIBW_TEST_COMMAND: >-
39+
python -c "import glob, os, sysconfig;
40+
d = os.path.join(sysconfig.get_paths()['platlib'], 'asyncdb', 'utils');
41+
ext = glob.glob(os.path.join(d, 'types.*.so')) + glob.glob(os.path.join(d, 'types.*.pyd'));
42+
assert ext, 'compiled Cython extension missing in ' + d;
43+
print('compiled Cython extension present:', ext[0])"
3444
run: |
3545
cibuildwheel --output-dir dist
3646

MANIFEST.in

Lines changed: 14 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -5,16 +5,24 @@ include SECURITY.md
55
include INSTALL.md
66
include README.md
77
include Makefile
8+
include pyproject.toml
9+
include setup.py
810

9-
graft asyncdb
10-
graft tests
11+
# Ship only the sources needed to build the package.
12+
# (Compiled .so/.pyd are produced at build time by build_ext, not shipped in the sdist.)
13+
recursive-include asyncdb *.py *.pyx *.pxd *.pyi
14+
include asyncdb/py.typed
1115

12-
# Exclude tests, settings, env, examples, and bin folders
13-
global-exclude *.pyc
16+
# --- Never ship build artifacts, caches or compiled blobs in the sdist ---
17+
global-exclude *.pyc *.pyo *.pyd *.so *.o *.obj
18+
global-exclude *.cpp
19+
global-exclude *.c
20+
recursive-exclude * __pycache__
21+
22+
# Exclude tests, settings, env, examples, docs and bin folders
1423
prune docs
1524
prune settings
1625
prune env
1726
prune examples
1827
prune bin
19-
recursive-exclude */__pycache__
20-
prune */__pycache__
28+
prune tests

SECURITY.md

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,23 @@ receiving such patches depend on the CVSS v3.0 Rating:
1010
| 9.0-10.0 | Releases within the previous three months |
1111
| 4.0-8.9 | Most recent release |
1212

13+
## Known Accepted Risks
14+
15+
### asyncmy (optional `mysql` extra) — GHSA-qhqw-rrw9-25rm
16+
17+
`asyncmy` (used only by the optional `mysql` driver) is affected by a SQL
18+
injection issue via crafted dictionary keys, and there is **no patched upstream
19+
release** (all versions `<= 0.2.11` are affected). We pin the latest available
20+
version (`0.2.11`) and accept the risk under the following condition:
21+
22+
- **Never pass dictionaries with untrusted / attacker-controlled keys** as query
23+
parameters to the MySQL driver. Parameter *values* are escaped correctly; the
24+
issue only affects *keys*, which in normal usage are developer-defined column
25+
names, not user input.
26+
27+
If your application forwards externally-controlled dict keys into queries, use
28+
the `mariadb` extra (`aiomysql >= 0.3.2`) or `mysqlclient` instead.
29+
1330
## Reporting a Vulnerability
1431

1532
Please report (suspected) security vulnerabilities to

asyncdb/conversions/__init__.py

Whitespace-only changes.

asyncdb/conversions/pgrecords.py

Lines changed: 0 additions & 36 deletions
This file was deleted.

0 commit comments

Comments
 (0)