Mirror of packages feed https://git.openwrt.org/feed/packages/atom?h=master 2026-05-25T15:47:13Z 2026-05-25T15:47:13Z Alexandru Ardelean 2026-05-15T10:57:44Z urn:sha1:24f5b1039c5805071bac3b2092e5f4af8d0e5cd3 Security fix: - Fix Cursor.callproc() to escape procedure name, preventing SQL injection when calling a procedure with a string received from an untrusted source - NOTICE: Backward compatibility change - procedure names like "dbname.funcname" are now backtick-quoted: ``CALL \`dbname.funcname\` `` Other changes: - CI: use ubuntu-slim, add dependabot for GitHub Actions - Bump GitHub Actions (checkout v4→v6, setup-python v5→v6, codecov v5→v6) - Add publish.yml workflow (copied from psf/requests) - Upgrade dependencies: cryptography>=46.0.7, PyNaCl>=1.6.2 - Drop Python 3.8, require Python 3.9+ Changelog: https://github.com/PyMySQL/PyMySQL/releases/tag/v1.1.3 NOTE: added test.sh for basic validation. Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>