sequel 5.102.0 → 5.103.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 92eed5c337b361dfde5b948323fb6a0a22ad89ecb2473c284d9e5b70a5eed8e2
-  data.tar.gz: dd07fefb9f3d2821479be092a12b87c6e7b92f5d8d8c314ff656741d31e75531
+  metadata.gz: 955bca9c729dcd1f54079d4d48d7ac162b6d7e2b234857cfd80d228117541e5a
+  data.tar.gz: fe96ad60b73bd55cbaec0f62ba0b977cb79a7ba23fa33a392116b54ca5e7ef34
 SHA512:
-  metadata.gz: ea53c48308a031896491a59e57ca3902a9a3478b8d09d12de6548a927991419054fa8698463c18c18cef9801a9c4629dc299b27df03245272bb2296f79ccdc1c
-  data.tar.gz: adfd92660e225f0d67948dfdc4aa57c2c61c1118265908f8b6a26fe23179573aff4195aec759575abea984e46fa5d1b62701b75caa8ce7e78838f6434e208527
+  metadata.gz: 783fa47d72067acb98193be788f133891839984441d0ca763c6be92421b99d294c1710b52e7538a1725fe476bd17b16a1796f68d96017f3e07ef12cc34a2181e
+  data.tar.gz: 38f08e76546e3cfee1fa4c520b9d524b1558608572532a940ab06c57ddb50b2ec7766978ab020d9754af415fbd679383d44a506018cca141c0c46ba9f62271cc

data/MIT-LICENSE

@@ -1,5 +1,5 @@
 Copyright (c) 2007-2008 Sharon Rosner
-Copyright (c) 2008-2023 Jeremy Evans
+Copyright (c) 2008-2026 Jeremy Evans and contributors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to

data/lib/sequel/adapters/jdbc/derby.rb

@@ -1,5 +1,7 @@
 # frozen-string-literal: true
 
+# SEQUEL6: Remove
+
 Sequel::JDBC.load_driver('Java::OrgApacheDerbyJdbc::EmbeddedDriver', :Derby)
 require_relative 'transactions'
 require_relative '../utils/columns_limit_1'

data/lib/sequel/adapters/jdbc/h2.rb

@@ -18,7 +18,7 @@ module Sequel
         include AutoCastDateAndTime
 
         def commit_prepared_transaction(transaction_id, opts=OPTS)
-          run("COMMIT TRANSACTION #{transaction_id}", opts)
+          run("COMMIT TRANSACTION #{transaction_id}".freeze, opts)
         end
 
         def database_type
@@ -36,7 +36,7 @@ module Sequel
         end
 
         def rollback_prepared_transaction(transaction_id, opts=OPTS)
-          run("ROLLBACK TRANSACTION #{transaction_id}", opts)
+          run("ROLLBACK TRANSACTION #{transaction_id}".freeze, opts)
         end
 
         # H2 uses an IDENTITY type for primary keys

data/lib/sequel/adapters/postgres.rb

@@ -727,7 +727,7 @@ module Sequel
               prepared_args << y
               i = prepared_args.length
             end
-            LiteralString.new("#{prepared_arg_placeholder}#{i}")
+            LiteralString.new("#{prepared_arg_placeholder}#{i}".freeze)
           end
         end
 

data/lib/sequel/adapters/shared/mssql.rb

@@ -106,7 +106,7 @@ module Sequel
           values << value
         end
 
-        sql = "DECLARE #{declarations.join(', ')}; EXECUTE @RC = #{name} #{values.join(', ')}; SELECT #{names.join(', ')}"
+        sql = "DECLARE #{declarations.join(', ')}; EXECUTE @RC = #{name} #{values.join(', ')}; SELECT #{names.join(', ')}".freeze
 
         ds = dataset.with_sql(sql)
         ds = ds.server(opts[:server]) if opts[:server]
@@ -400,7 +400,7 @@ module Sequel
       # Error if a string is given.
       def create_table_as(name, ds, options)
         raise(Error, "must provide dataset instance as value of create_table :as option on MSSQL") unless ds.is_a?(Sequel::Dataset)
-        run(ds.into(name).sql)
+        run(ds.into(name).sql.freeze)
       end
     
       DATABASE_ERROR_REGEXPS = {
@@ -878,7 +878,7 @@ module Sequel
         elsif @opts[:output]
           # no transaction: our multi_insert_sql_strategy should guarantee
           # that there's only ever a single statement.
-          sql = multi_insert_sql(columns, values)[0]
+          sql = multi_insert_sql(columns, values)[0].freeze
           naked.with_sql(sql).map{|v| v.length == 1 ? v.values.first : v}
         else
           super

data/lib/sequel/adapters/shared/mysql.rb

@@ -40,7 +40,7 @@ module Sequel
       end
 
       def commit_prepared_transaction(transaction_id, opts=OPTS)
-        run("XA COMMIT #{literal(transaction_id)}", opts)
+        run("XA COMMIT #{literal(transaction_id)}".freeze, opts)
       end
 
       def database_type
@@ -103,7 +103,7 @@ module Sequel
           sql += " FROM #{literal(schema)}"
         end
 
-        metadata_dataset.with_sql(sql).each do |r|
+        metadata_dataset.with_sql(sql.freeze).each do |r|
           name = r[:Key_name]
           next if name == 'PRIMARY'
           name = m.call(name)
@@ -115,7 +115,7 @@ module Sequel
       end
 
       def rollback_prepared_transaction(transaction_id, opts=OPTS)
-        run("XA ROLLBACK #{literal(transaction_id)}", opts)
+        run("XA ROLLBACK #{literal(transaction_id)}".freeze, opts)
       end
 
       # Whether the database is MariaDB and not MySQL
@@ -780,7 +780,8 @@ module Sequel
         # Load the PrettyTable class, needed for explain output
         Sequel.extension(:_pretty_table) unless defined?(Sequel::PrettyTable)
 
-        ds = db.send(:metadata_dataset).with_sql(((opts[:extended] && (db.mariadb? || db.server_version < 50700)) ? 'EXPLAIN EXTENDED ' : 'EXPLAIN ') + select_sql).naked
+        sql = ((opts[:extended] && (db.mariadb? || db.server_version < 50700)) ? 'EXPLAIN EXTENDED ' : 'EXPLAIN ') + select_sql
+        ds = db.send(:metadata_dataset).with_sql(sql.freeze).naked
         rows = ds.all
         Sequel::PrettyTable.string(rows, ds.columns)
       end

data/lib/sequel/adapters/shared/postgres.rb

@@ -339,7 +339,7 @@ module Sequel
       end
 
       def commit_prepared_transaction(transaction_id, opts=OPTS)
-        run("COMMIT PREPARED #{literal(transaction_id)}", opts)
+        run("COMMIT PREPARED #{literal(transaction_id)}".freeze, opts)
       end
 
       # A hash of metadata for CHECK constraints on the table.
@@ -416,7 +416,7 @@ module Sequel
         return if already_identity
 
         transaction(server_hash) do
-          run("ALTER TABLE #{quote_schema_table(table)} ALTER COLUMN #{quote_identifier(column)} DROP DEFAULT", server_hash)
+          run("ALTER TABLE #{quote_schema_table(table)} ALTER COLUMN #{quote_identifier(column)} DROP DEFAULT".freeze, server_hash)
 
           ds.from(:pg_depend).
             where(:classid=>pg_class, :objid=>seq_oid, :objsubid=>0, :deptype=>'a').
@@ -453,7 +453,7 @@ module Sequel
       #                 often used here if :security_definer is used.
       #         :strict :: Makes the function return NULL when any argument is NULL.
       def create_function(name, definition, opts=OPTS)
-        self << create_function_sql(name, definition, opts)
+        self << create_function_sql(name, definition, opts).freeze
       end
 
       # Create the procedural language in the database. Arguments:
@@ -464,7 +464,7 @@ module Sequel
       #         :trusted :: Marks the language being created as trusted, allowing unprivileged users to create functions using this language.
       #         :validator :: The name of previously registered function used as a validator of functions defined in this language.
       def create_language(name, opts=OPTS)
-        self << create_language_sql(name, opts)
+        self << create_language_sql(name, opts).freeze
       end
 
       # Create a schema in the database. Arguments:
@@ -473,7 +473,7 @@ module Sequel
       #         :if_not_exists :: Don't raise an error if the schema already exists (PostgreSQL 9.3+)
       #         :owner :: The owner to set for the schema (defaults to current user if not specified)
       def create_schema(name, opts=OPTS)
-        self << create_schema_sql(name, opts)
+        self << create_schema_sql(name, opts).freeze
       end
 
       # Support partitions of tables using the :partition_of option.
@@ -509,7 +509,7 @@ module Sequel
       #         :replace :: Replace the trigger with the same name if it already exists (PostgreSQL 14+).
       #         :when :: A filter to use for the trigger
       def create_trigger(table, name, function, opts=OPTS)
-        self << create_trigger_sql(table, name, function, opts)
+        self << create_trigger_sql(table, name, function, opts).freeze
       end
 
       def database_type
@@ -542,7 +542,7 @@ module Sequel
       #              default is plpgsql.  Can be specified as a string or a symbol.
       def do(code, opts=OPTS)
         language = opts[:language]
-        run "DO #{"LANGUAGE #{literal(language.to_s)} " if language}#{literal(code)}"
+        run "DO #{"LANGUAGE #{literal(language.to_s)} " if language}#{literal(code)}".freeze
       end
 
       # Drops the function from the database. Arguments:
@@ -552,7 +552,7 @@ module Sequel
       #         :cascade :: Drop other objects depending on this function.
       #         :if_exists :: Don't raise an error if the function doesn't exist.
       def drop_function(name, opts=OPTS)
-        self << drop_function_sql(name, opts)
+        self << drop_function_sql(name, opts).freeze
       end
 
       # Drops a procedural language from the database.  Arguments:
@@ -561,7 +561,7 @@ module Sequel
       #         :cascade :: Drop other objects depending on this function.
       #         :if_exists :: Don't raise an error if the function doesn't exist.
       def drop_language(name, opts=OPTS)
-        self << drop_language_sql(name, opts)
+        self << drop_language_sql(name, opts).freeze
       end
 
       # Drops a schema from the database.  Arguments:
@@ -570,7 +570,7 @@ module Sequel
       #         :cascade :: Drop all objects in this schema.
       #         :if_exists :: Don't raise an error if the schema doesn't exist.
       def drop_schema(name, opts=OPTS)
-        self << drop_schema_sql(name, opts)
+        self << drop_schema_sql(name, opts).freeze
         remove_all_cached_schemas
       end
 
@@ -581,7 +581,7 @@ module Sequel
       #         :cascade :: Drop other objects depending on this function.
       #         :if_exists :: Don't raise an error if the function doesn't exist.
       def drop_trigger(table, name, opts=OPTS)
-        self << drop_trigger_sql(table, name, opts)
+        self << drop_trigger_sql(table, name, opts).freeze
       end
 
       # Return full foreign key information using the pg system tables, including
@@ -745,7 +745,7 @@ module Sequel
       # name :: Current name of the schema
       # opts :: New name for the schema
       def rename_schema(name, new_name)
-        self << rename_schema_sql(name, new_name)
+        self << rename_schema_sql(name, new_name).freeze
         remove_all_cached_schemas
       end
 
@@ -756,7 +756,7 @@ module Sequel
       #   DB.refresh_view(:items_view, concurrently: true)
       #   # REFRESH MATERIALIZED VIEW CONCURRENTLY items_view
       def refresh_view(name, opts=OPTS)
-        run "REFRESH MATERIALIZED VIEW#{' CONCURRENTLY' if opts[:concurrently]} #{quote_schema_table(name)}"
+        run "REFRESH MATERIALIZED VIEW#{' CONCURRENTLY' if opts[:concurrently]} #{quote_schema_table(name)}".freeze
       end
       
       # Reset the primary key sequence for the given table, basing it on the
@@ -769,7 +769,7 @@ module Sequel
         table = Sequel.qualify(s, t) if s
 
         if server_version >= 100000
-          seq_ds = metadata_dataset.from(:pg_sequence).where(:seqrelid=>regclass_oid(LiteralString.new(seq)))
+          seq_ds = metadata_dataset.from(:pg_sequence).where(:seqrelid=>regclass_oid(LiteralString.new(seq.freeze)))
           increment_by = :seqincrement
           min_value = :seqmin
         # :nocov:
@@ -784,7 +784,7 @@ module Sequel
       end
 
       def rollback_prepared_transaction(transaction_id, opts=OPTS)
-        run("ROLLBACK PREPARED #{literal(transaction_id)}", opts)
+        run("ROLLBACK PREPARED #{literal(transaction_id)}".freeze, opts)
       end
 
       # PostgreSQL uses SERIAL psuedo-type instead of AUTOINCREMENT for
@@ -1469,7 +1469,7 @@ module Sequel
 
       def column_references_add_period(cols)
         cols= cols.dup
-        cols[-1] = Sequel.lit("PERIOD #{quote_identifier(cols[-1])}")
+        cols[-1] = Sequel.lit("PERIOD #{quote_identifier(cols[-1])}".freeze)
         cols
       end
   

data/lib/sequel/adapters/shared/sqlite.rb

@@ -195,7 +195,7 @@ module Sequel
 
       # Dataset used for parsing schema
       def _parse_pragma_ds(table_name, opts)
-        metadata_dataset.with_sql("PRAGMA table_#{'x' if sqlite_version > 33100}info(?)", input_identifier_meth(opts[:dataset]).call(table_name))
+        metadata_dataset.with_sql("PRAGMA table_#{'x' if sqlite_version > 33100}info(?)".freeze, input_identifier_meth(opts[:dataset]).call(table_name))
       end
 
       # Run all alter_table commands in a transaction.  This is technically only
@@ -407,7 +407,7 @@ module Sequel
       def defined_columns_for(table)
         cols = parse_pragma(table, OPTS)
         cols.each do |c|
-          c[:default] = LiteralString.new(c[:default]) if c[:default]
+          c[:default] = LiteralString.new(c[:default]).freeze if c[:default]
           c[:type] = c[:db_type]
         end
         cols
@@ -684,7 +684,7 @@ module Sequel
         # Load the PrettyTable class, needed for explain output
         Sequel.extension(:_pretty_table) unless defined?(Sequel::PrettyTable)
 
-        ds = db.send(:metadata_dataset).clone(:sql=>"EXPLAIN #{select_sql}")
+        ds = db.send(:metadata_dataset).clone(:sql=>"EXPLAIN #{select_sql}".freeze)
         rows = ds.all
         Sequel::PrettyTable.string(rows, ds.columns)
       end

data/lib/sequel/adapters/sqlite.rb

@@ -388,7 +388,7 @@ module Sequel
         # SQLite uses a : before the name of the argument for named
         # arguments.
         def prepared_arg(k)
-          LiteralString.new("#{prepared_arg_placeholder}#{k.to_s.gsub('.', '__')}")
+          LiteralString.new("#{prepared_arg_placeholder}#{k.to_s.gsub('.', '__')}".freeze)
         end
       end
       

data/lib/sequel/adapters/tinytds.rb

@@ -205,7 +205,7 @@ module Sequel
         private
         
         def prepared_arg(k)
-          LiteralString.new("@#{k.to_s.gsub('.', '__')}")
+          LiteralString.new("@#{k.to_s.gsub('.', '__')}".freeze)
         end
       end
       

data/lib/sequel/connection_pool/sharded_timed_queue.rb

@@ -91,14 +91,16 @@ class Sequel::ShardedTimedQueueConnectionPool < Sequel::ConnectionPool
   # creates new connections to the database.
   #
   # If the :server option is provided, it should be a symbol or array of symbols,
-  # and then the method will only disconnect connectsion from those specified shards.
+  # and then the method will only disconnect connections from those specified shards.
   def disconnect(opts=OPTS)
     (opts[:server] ? Array(opts[:server]) : sync{@servers.keys}).each do |server|
       raise Sequel::Error, "invalid server" unless queue = sync{@queues[server]}
+      nconns = 0
       while conn = available(queue, server)
+        nconns += 1
         disconnect_pool_connection(conn, server)
       end
-      fill_queue(server)
+      fill_queue(server, nconns)
     end
     nil
   end
@@ -132,7 +134,7 @@ class Sequel::ShardedTimedQueueConnectionPool < Sequel::ConnectionPool
         conn = nil
         disconnect_pool_connection(oconn, server) if oconn
         sync{@allocated[server].delete(t)}
-        fill_queue(server)
+        fill_queue(server, 1)
       end
       raise
     ensure
@@ -250,11 +252,15 @@ class Sequel::ShardedTimedQueueConnectionPool < Sequel::ConnectionPool
   # after disconnecting to potentially add new connections to the
   # pool, so the threads that are currently waiting for connections
   # do not timeout after the pool is no longer full.
-  def fill_queue(server)
+  #
+  # nconns specifies the maximum number of connections to add, which should
+  # be the number of connections that were disconnected.
+  def fill_queue(server, nconns)
     queue = sync{@queues[server]}
-    if queue.num_waiting > 0
+    if nconns > 0 && queue.num_waiting > 0
       Thread.new do
-        while queue.num_waiting > 0 && (conn = try_make_new(server))
+        while nconns > 0 && queue.num_waiting > 0 && (conn = try_make_new(server))
+          nconns -= 1
           queue.push(conn)
         end
       end
@@ -303,7 +309,7 @@ class Sequel::ShardedTimedQueueConnectionPool < Sequel::ConnectionPool
     ensure
       if to_disconnect
         to_disconnect.each{|conn| disconnect_pool_connection(conn, server)}
-        fill_queue(server)
+        fill_queue(server, to_disconnect.size)
       end
     end
   end

data/lib/sequel/connection_pool/timed_queue.rb

@@ -59,10 +59,12 @@ class Sequel::TimedQueueConnectionPool < Sequel::ConnectionPool
   # Once a connection is requested using #hold, the connection pool
   # creates new connections to the database.
   def disconnect(opts=OPTS)
+    nconns = 0
     while conn = available
+      nconns += 1
       disconnect_connection(conn)
     end
-    fill_queue
+    fill_queue(nconns)
     nil
   end
 
@@ -94,7 +96,7 @@ class Sequel::TimedQueueConnectionPool < Sequel::ConnectionPool
         conn = nil
         disconnect_connection(oconn) if oconn
         sync{@allocated.delete(t)}
-        fill_queue
+        fill_queue(1)
       end
       raise
     ensure
@@ -156,10 +158,13 @@ class Sequel::TimedQueueConnectionPool < Sequel::ConnectionPool
   # after disconnecting to potentially add new connections to the
   # pool, so the threads that are currently waiting for connections
   # do not timeout after the pool is no longer full.
-  def fill_queue
-    if @queue.num_waiting > 0
+  #
+  # nconns specifies the maximum number of connections to add, which should
+  # be the number of connections that were disconnected.
+  def fill_queue(nconns)
+    if nconns > 0 && @queue.num_waiting > 0
       Thread.new do
-        while @queue.num_waiting > 0 && (conn = try_make_new)
+        while nconns > 0 && @queue.num_waiting > 0 && (conn = try_make_new)
           @queue.push(conn)
         end
       end
@@ -207,7 +212,7 @@ class Sequel::TimedQueueConnectionPool < Sequel::ConnectionPool
     ensure
       if to_disconnect
         to_disconnect.each{|conn| disconnect_connection(conn)}
-        fill_queue
+        fill_queue(to_disconnect.size)
       end
     end
   end

data/lib/sequel/database/schema_generator.rb

@@ -3,6 +3,33 @@
 module Sequel
   # The Schema module holds the schema generators.
   module Schema
+    module ColumnOptionMerger
+      private
+
+      # Merge given options into the column's default options. For backwards compatibility,
+      # the options take priority, but in cases where the option value overrides the argument
+      # value, and the values are different, we warn as this is likely to be an error in the
+      # code.
+      def _merge_column_options(defaults, opts)
+        defaults.merge!(opts) do |k, defv, v|
+          unless defv == v
+            # :nocov:
+            if RUBY_VERSION >= "3.2"
+            # :nocov:
+              caller_loc = Thread.each_caller_location do |loc|
+                break loc unless loc.path == __FILE__
+              end
+              caller_loc &&= "#{caller_loc.path}:#{caller_loc.lineno}: "
+            end
+            warn("#{caller_loc}#{k.inspect} option value (#{v.inspect}) overrides argument value (#{defv.inspect})")
+          end
+
+          v
+        end
+      end
+    end
+    private_constant :ColumnOptionMerger
+
     # Schema::CreateTableGenerator is an internal class that the user is not expected
     # to instantiate directly.  Instances are created by Database#create_table.
     # It is used to specify table creation parameters.  It takes a Database
@@ -17,6 +44,8 @@ module Sequel
     # For more information on Sequel's support for schema modification, see
     # the {"Schema Modification" guide}[rdoc-ref:doc/schema_modification.rdoc].
     class CreateTableGenerator
+      include ColumnOptionMerger
+
       # Classes specifying generic types that Sequel will convert to database-specific types.
       GENERIC_TYPES=%w'String Integer Float Numeric BigDecimal Date DateTime Time File TrueClass FalseClass'.freeze
       
@@ -173,13 +202,13 @@ module Sequel
       # :clustered :: When using :primary_key or :unique, marks the primary key or unique
       #               constraint as CLUSTERED (if true), or NONCLUSTERED (if false).
       def column(name, type, opts = OPTS)
-        columns << {:name => name, :type => type}.merge!(opts)
+        columns << _merge_column_options({:name => name, :type => type}, opts)
         if index_opts = opts[:index]
           index(name, index_opts.is_a?(Hash) ? index_opts : OPTS)
         end
         nil
       end
-      
+
       # Adds a named CHECK constraint (or unnamed if name is nil),
       # with the given block or args. To provide options for the constraint, pass
       # a hash as the first argument.
@@ -246,7 +275,7 @@ module Sequel
           opts.merge(:table=>table)
         end
         return composite_foreign_key(name, opts) if name.is_a?(Array)
-        column(name, Integer, opts)
+        column(name, opts.fetch(:type, Integer), opts)
       end
 
       # Add a full text index on the given columns.
@@ -429,6 +458,8 @@ module Sequel
     # For more information on Sequel's support for schema modification, see
     # the {"Schema Modification" guide}[link:files/doc/schema_modification_rdoc.html].
     class AlterTableGenerator
+      include ColumnOptionMerger
+
       # An array of operations to perform
       attr_reader :operations
       
@@ -454,7 +485,7 @@ module Sequel
       # :after :: The name of an existing column that the new column should be positioned after
       # :first :: Create this new column before all other existing columns
       def add_column(name, type, opts = OPTS)
-        op = {:op => :add_column, :name => name, :type => type}.merge!(opts)
+        op = _merge_column_options({:op => :add_column, :name => name, :type => type}, opts)
         index_opts = op.delete(:index)
         @operations << op
         add_index(name, index_opts.is_a?(Hash) ? index_opts : OPTS) if index_opts
@@ -519,7 +550,7 @@ module Sequel
       #               sense when using an array of columns.
       def add_foreign_key(name, table, opts = OPTS)
         return add_composite_foreign_key(name, table, opts) if name.is_a?(Array)
-        add_column(name, Integer, {:table=>table}.merge!(opts))
+        add_column(name, opts.fetch(:type, Integer), {:table=>table}.merge!(opts))
       end
       
       # Add a full text index on the given columns.

data/lib/sequel/database/schema_methods.rb

@@ -819,7 +819,7 @@ module Sequel
     # SELECT sql statement.
     def create_table_as(name, sql, options)
       sql = sql.sql if sql.is_a?(Sequel::Dataset)
-      run(create_table_as_sql(name, sql, options))
+      run(create_table_as_sql(name, sql, options).freeze)
     end
     
     # SQL statement for creating a table from the result of a SELECT statement.

data/lib/sequel/dataset/placeholder_literalizer.rb

@@ -117,6 +117,8 @@ module Sequel
           frags << final_sql
           prepared_sql << final_sql
 
+          frags.each(&:freeze)
+          frags.freeze
           [prepared_sql, frags]
         end
 
@@ -125,6 +127,7 @@ module Sequel
           @argn = -1
           @args = []
           ds = yield self, dataset
+          ds.opts[:sql].freeze
           sql = ds.clone(:placeholder_literalizer=>self).sql
 
           last_offset = 0

data/lib/sequel/dataset/prepared_statements.rb

@@ -54,7 +54,7 @@ module Sequel
 
       # Set the bind arguments based on the hash and call super.
       def call(bind_vars=OPTS, &block)
-        sql = prepared_sql
+        sql = prepared_sql.freeze
         prepared_args.freeze
         ps = bind(bind_vars)
         ps.clone(:bind_arguments=>ps.map_to_prepared_args(ps.opts[:bind_vars]), :sql=>sql, :prepared_sql=>sql).run(&block)
@@ -223,7 +223,7 @@ module Sequel
       # with the prepared SQL, to ensure the prepared_sql_type is respected.
       def force_prepared_sql
         if prepared_sql_type != prepared_type
-          with_sql(prepared_sql)
+          with_sql(prepared_sql.freeze)
         else
           self
         end
@@ -287,7 +287,7 @@ module Sequel
 
       def run(&block)
         if @opts[:prepared_sql_frags]
-          sql = literal(Sequel::SQL::PlaceholderLiteralString.new(@opts[:prepared_sql_frags], @opts[:bind_arguments], false))
+          sql = literal(Sequel::SQL::PlaceholderLiteralString.new(@opts[:prepared_sql_frags], @opts[:bind_arguments], false)).freeze
           clone(:prepared_sql_frags=>nil, :sql=>sql, :prepared_sql=>sql).run(&block)
         else
           super
@@ -320,6 +320,9 @@ module Sequel
         end
 
         prepared_args.freeze
+        frags.freeze
+        frags.each(&:freeze)
+        prepared_sql.freeze
         clone(:prepared_sql_frags=>frags, :prepared_sql=>prepared_sql, :sql=>prepared_sql)
       end
 
@@ -409,7 +412,7 @@ module Sequel
         ps = ps.with_extend(EmulatePreparedStatementMethods)
         ps.send(:emulated_prepared_statement, type, name, values)
       else
-        sql = ps.prepared_sql
+        sql = ps.prepared_sql.freeze
         ps.prepared_args.freeze
         ps.clone(:prepared_sql=>sql, :sql=>sql)
       end

data/lib/sequel/dataset/query.rb

@@ -1301,7 +1301,7 @@ module Sequel
     # * truncate (if a TRUNCATE statement, with no arguments)
     def with_sql(sql, *args)
       if sql.is_a?(Symbol)
-        sql = public_send(sql, *args)
+        sql = public_send(sql, *args).freeze
       else
         sql = SQL::PlaceholderLiteralString.new(sql, args) unless args.empty?
       end
@@ -1474,7 +1474,10 @@ module Sequel
     def default_join_table_qualification
       :symbol
     end
-    
+
+    PAREN_WRAPPER = ["(".freeze, ")".freeze].freeze
+    private_constant :PAREN_WRAPPER
+
     # SQL expression object based on the expr type.  See +where+.
     def filter_expr(expr = nil, &block)
       expr = nil if expr == EMPTY_ARRAY
@@ -1495,7 +1498,7 @@ module Sequel
           raise Error, "Invalid filter expression: #{expr.inspect}"
         end
       when LiteralString
-        LiteralString.new("(#{expr})")
+        SQL::PlaceholderLiteralString.new(PAREN_WRAPPER, [expr])
       when Numeric, SQL::NumericExpression, SQL::StringExpression, Proc, String, Set
         raise Error, "Invalid filter expression: #{expr.inspect}"
       when TrueClass, FalseClass

data/lib/sequel/dataset/sql.rb

@@ -53,7 +53,7 @@ module Sequel
       when String
         case v
         when LiteralString
-          sql << v
+          literal_literal_string_append(sql, v)
         when SQL::Blob
           literal_blob_append(sql, v)
         else
@@ -1424,6 +1424,11 @@ module Sequel
       v.to_s
     end
 
+    # Append string to SQL string.
+    def literal_literal_string_append(sql, v)
+      sql << v
+    end
+
     # SQL fragment for nil
     def literal_nil
       "NULL"

data/lib/sequel/extensions/dataset_run.rb

@@ -30,9 +30,9 @@ module Sequel
     #   # GRANT SELECT ON "table" TO "user"
     def run
       if server = @opts[:server]
-        db.run(sql, :server=>server)
+        db.run(sql.freeze, :server=>server)
       else
-        db.run(sql)
+        db.run(sql.freeze)
       end
     end
   end

data/lib/sequel/extensions/date_arithmetic.rb

@@ -82,12 +82,12 @@ module Sequel
         DURATION_UNITS = [:years, :months, :days, :hours, :minutes, :seconds].freeze
         DEF_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| s.to_s.freeze}).freeze
         POSTGRES_DURATION_UNITS = DURATION_UNITS.zip([:years, :months, :days, :hours, :mins, :secs].map{|s| s.to_s.freeze}).freeze
-        MYSQL_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit(s.to_s.upcase[0...-1]).freeze}).freeze
-        MSSQL_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit(s.to_s[0...-1]).freeze}).freeze
+        MYSQL_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit(s.to_s.upcase[0...-1].freeze).freeze}).freeze
+        MSSQL_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit(s.to_s[0...-1].freeze).freeze}).freeze
         H2_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| s.to_s[0...-1].freeze}).freeze
-        DERBY_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit("SQL_TSI_#{s.to_s.upcase[0...-1]}").freeze}).freeze
+        DERBY_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit("SQL_TSI_#{s.to_s.upcase[0...-1]}".freeze).freeze}).freeze
         ACCESS_DURATION_UNITS = DURATION_UNITS.zip(%w'yyyy m d h n s'.map(&:freeze)).freeze
-        DB2_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit(s.to_s).freeze}).freeze
+        DB2_DURATION_UNITS = DURATION_UNITS.zip(DURATION_UNITS.map{|s| Sequel.lit(s.to_s.freeze).freeze}).freeze
 
         # Append the SQL fragment for the DateAdd expression to the SQL query.
         def date_add_sql_append(sql, da)
@@ -107,7 +107,7 @@ module Sequel
               placeholder = []
               vals = []
               each_valid_interval_unit(h, POSTGRES_DURATION_UNITS) do |value, sql_unit|
-                placeholder << "#{', ' unless placeholder.empty?}#{sql_unit} := "
+                placeholder << "#{', ' unless placeholder.empty?}#{sql_unit} := ".freeze
                 vals << value
               end
               interval = Sequel.function(:make_interval, Sequel.lit(placeholder, *vals)) unless vals.empty?
@@ -156,7 +156,7 @@ module Sequel
               expr = Sequel.cast_string(expr) + ' 00:00:00'
             end
             each_valid_interval_unit(h, DERBY_DURATION_UNITS) do |value, sql_unit|
-              expr = Sequel.lit(["{fn timestampadd(#{sql_unit}, ", ", timestamp(", "))}"], value, expr)
+              expr = Sequel.lit(["{fn timestampadd(#{sql_unit}, ".freeze, ", timestamp(", "))}"], value, expr)
             end
           when :oracle
             each_valid_interval_unit(h, MYSQL_DURATION_UNITS) do |value, sql_unit|

data/lib/sequel/extensions/lit_require_frozen.rb

@@ -0,0 +1,131 @@
+# frozen-string-literal: true
+#
+# The lit_require_frozen extension disallows the use of unfrozen strings
+# as literal strings in database and dataset methods. If you try to use an
+# unfrozen string as a literal string for a dataset using this extension,
+# an exception will be raised.
+#
+# While this works for all Ruby versions, it is designed for use on Ruby 3+
+# where all files are using the frozen-string-literal magic comment. In this
+# case, uninterpolated literal strings are frozen, but interpolated strings
+# are not frozen. This allows you to catch potentially dangerous code:
+#
+#   # Probably safe, no exception raised
+#   DB["SELECT * FROM t WHERE c > :v", v: user_provided_string)
+#
+#   # Potentially unsafe, raises Sequel::LitRequireFrozen::Error
+#   DB["SELECT * FROM t WHERE c > '#{user_provided_string}'"]
+#
+# The assumption made is that a frozen string is unlikely to contain unsafe
+# input, while an unfrozen string has potentially been interpolated and may
+# contain unsafe input.
+#
+# This disallows the the following cases:
+#
+# * Sequel::LiteralString instances that are unfrozen and are not based on a
+#   frozen string
+# * Sequel::SQL::PlaceholderLiteralString instances when the placeholder string
+#   is not frozen
+# * Unfrozen strings passed to Database#<< or #[] or Dataset#with_sql
+#
+# To use this extension, load it into the database:
+#
+#   DB.extension :lit_require_frozen
+#
+# It can also be loaded into individual datasets:
+#
+#  ds = DB[:t].extension(:lit_require_frozen)
+#
+# Assuming you have good test coverage, it is recommended to only load
+# this extension when testing.
+#
+# Related module: Sequel::LitRequireFrozen
+
+#
+module Sequel
+  class LiteralString
+    # The string used when creating the literal string (first argument to
+    # Sequel::LiteralString.new). This may be nil if no string was provided,
+    # or if the litral string was created before this extension was required.
+    attr_reader :source
+
+    def initialize(*a)
+      @source = a.first
+      super
+    end
+    # :nocov:
+    ruby2_keywords :initialize if respond_to?(:ruby2_keywords, true)
+    # :nocov:
+  end
+
+  module LitRequireFrozen
+    # Error class raised for using unfrozen literal string.
+    class Error < Sequel::Error
+    end
+
+    module DatabaseMethods
+      def self.extended(db)
+        db.extend_datasets(DatasetMethods)
+      end
+
+      # Check given SQL is frozen before running it.
+      def run(sql, opts=OPTS)
+        @default_dataset.with_sql(sql)
+        super
+      end
+    end
+
+    module DatasetMethods
+      # Check given SQL is not an unfrozen string.
+      def with_sql(sql, *args)
+        _check_unfrozen_literal_string(sql)
+        super
+      end
+
+      # Check that placeholder string is frozen (or all entries
+      # in placeholder array are frozen).
+      def placeholder_literal_string_sql_append(sql, pls)
+        str = pls.str
+
+        if str.is_a?(Array)
+          str.each do |s|
+            _check_unfrozen_literal_string(s)
+          end
+        else
+          _check_unfrozen_literal_string(str)
+        end
+
+        super
+      end
+
+      private
+
+      # Base method that other methods used to check for whether a string should be allowed
+      # as literal SQL. Allows non-strings as well as frozen strings.
+      def _check_unfrozen_literal_string(str)
+        return if !str.is_a?(String) || str.frozen?
+
+        if str.is_a?(LiteralString)
+          _check_unfrozen_literal_string(str.source)
+        else
+          raise Error, "cannot treat unfrozen string as literal SQL: #{str.inspect}"
+        end
+      end
+
+      # Check literal strings appended to SQL.
+      def literal_literal_string_append(sql, v)
+        _check_unfrozen_literal_string(v)
+        super
+      end
+
+      # Check static SQL is not frozen.
+      def static_sql(sql)
+        _check_unfrozen_literal_string(sql)
+        super
+      end
+    end
+  end
+
+  Dataset.register_extension(:lit_require_frozen, LitRequireFrozen::DatasetMethods)
+  Database.register_extension(:lit_require_frozen, LitRequireFrozen::DatabaseMethods)
+end

data/lib/sequel/extensions/migration.rb

@@ -186,22 +186,19 @@ module Sequel
     # and returns a new block that reverses the actions taken by
     # the given block.
     def reverse(&block)
-      begin
-        instance_exec(&block)
-      rescue
-        just_raise = true
-      end
-      if just_raise
-        Proc.new{raise Sequel::Error, "irreversible migration method used in #{block.source_location.first}, you may need to write your own down method"}
-      else
-        actions = @actions.reverse
-        Proc.new do
-          actions.each do |a|
-            pr = a.last.is_a?(Proc) ? a.pop : nil
-            # Allow calling private methods as the reversing methods are private
-            send(*a, &pr)
-          end
-        end
+      instance_exec(&block)
+    rescue NoMethodError => e
+      Proc.new{raise Sequel::Error, "irreversible migration method \"#{e.name}\" used in #{block.source_location.first}, you may need to write your own down method"}
+    rescue => e
+      Proc.new{raise Sequel::Error, "unable to reverse migration due to #{e.class} in #{block.source_location.first}, you may need to write your own down method"}
+    else
+      actions = @actions.reverse
+      Proc.new do
+       actions.each do |a|
+        pr = a.last.is_a?(Proc) ? a.pop : nil
+        # Allow calling private methods as the reversing methods are private
+        send(*a, &pr)
+       end
       end
     end
 
@@ -270,7 +267,7 @@ module Sequel
     end
 
     def add_primary_key(*args)
-      raise if args.first.is_a?(Array)
+      super if args.first.is_a?(Array)
       @actions << [:drop_column, args.first]
     end
 

data/lib/sequel/extensions/pg_enum.rb

@@ -127,7 +127,7 @@ module Sequel
 
       # Run the SQL on the database, reparsing the enum labels after it is run.
       def _process_enum_change_sql(sql)
-        run(sql)
+        run(sql.freeze)
         parse_enum_labels
         nil
       end

data/lib/sequel/model/associations.rb

@@ -320,7 +320,7 @@ module Sequel
                 end
                 loader.append_sql(sql, *k)
               end
-              objects.concat(ds.with_sql(sql).to_a)
+              objects.concat(ds.with_sql(sql.freeze).to_a)
             end
             ds = ds.eager(cascade) if cascade
             ds.send(:post_load, objects)

data/lib/sequel/plugins/dirty.rb

@@ -234,8 +234,11 @@ module Sequel
               iv.delete(column)
             end
           else
-            check_missing_initial_value(column)
-            iv[column] = get_column_value(column)
+            if db_schema[column]
+              check_missing_initial_value(column)
+              iv[column] = get_column_value(column)
+            end
+
             super
           end
         end

data/lib/sequel/plugins/mssql_optimistic_locking.rb

@@ -55,7 +55,7 @@ module Sequel
         def _update_without_checking(columns)
           ds = _update_dataset
           lc = model.lock_column
-          rows = ds.clone(ds.send(:default_server_opts, :sql=>ds.output(nil, [Sequel[:inserted][lc]]).update_sql(columns))).all
+          rows = ds.clone(ds.send(:default_server_opts, :sql=>ds.output(nil, [Sequel[:inserted][lc]]).update_sql(columns).freeze)).all
           values[lc] = rows.first[lc] unless rows.empty?
           rows.length
         end

data/lib/sequel/plugins/pg_xmin_optimistic_locking.rb

@@ -99,7 +99,7 @@ module Sequel
         # Add an RETURNING clause to fetch the updated xmin when updating the row.
         def _update_without_checking(columns)
           ds = _update_dataset
-          rows = ds.clone(ds.send(:default_server_opts, :sql=>ds.returning(:xmin).update_sql(columns))).all
+          rows = ds.clone(ds.send(:default_server_opts, :sql=>ds.returning(:xmin).update_sql(columns).freeze)).all
           values[:xmin] = rows.first[:xmin] unless rows.empty?
           rows.length
         end

data/lib/sequel/plugins/serialization.rb

@@ -30,6 +30,15 @@ module Sequel
     # Otherwise, it is possible that the default column accessors will take
     # precedence.
     #
+    # Note that use of an unsafe serialization method can result in an attack vector
+    # (potentially allowing remote code execution) if an attacker has the ability to
+    # store data directly in the underlying column. This would affect the marshal
+    # serialization format, and on older versions of Ruby, potentially the yaml and
+    # json serialization formats as well. It can also affect custom formats. You
+    # should ensure that attackers do not have access to store data directly in the
+    # underlying column when using this plugin (especially when using an unsafe
+    # serialization method).
+    #
     # == Example
     #
     #   # Require json if you plan to use it, as the plugin doesn't require it for you.
@@ -97,7 +106,7 @@ module Sequel
       register_format(:marshal, lambda{|v| [Marshal.dump(v)].pack('m')},
         lambda do |v|
           # Handle unpacked marshalled data for backwards compat
-          v = v.unpack('m')[0] unless v[0..1] == "\x04\x08"
+          v = v.unpack('m')[0] unless v.start_with?("\x04\x08")
           Marshal.load(v)
         end)
       register_format(:yaml, :to_yaml.to_proc, lambda{|s| YAML.load(s)})

data/lib/sequel/version.rb

@@ -6,7 +6,7 @@ module Sequel
 
   # The minor version of Sequel.  Bumped for every non-patch level
   # release, generally around once a month.
-  MINOR = 102
+  MINOR = 103
 
   # The tiny version of Sequel.  Usually 0, only bumped for bugfix
   # releases that fix regressions from previous versions.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sequel
 version: !ruby/object:Gem::Version
-  version: 5.102.0
+  version: 5.103.0
 platform: ruby
 authors:
 - Jeremy Evans
@@ -241,6 +241,7 @@ files:
 - lib/sequel/extensions/inflector.rb
 - lib/sequel/extensions/integer64.rb
 - lib/sequel/extensions/is_distinct_from.rb
+- lib/sequel/extensions/lit_require_frozen.rb
 - lib/sequel/extensions/looser_typecasting.rb
 - lib/sequel/extensions/migration.rb
 - lib/sequel/extensions/mssql_emulate_lateral_with_apply.rb