sequel 5.60.1 → 5.61.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cd8695696d6b55edf6337870f3ff172aeb6fe2ef9ba4bbc23daae0af26908649
-  data.tar.gz: 2483bbb3549adbcb9f179165119051b7bb234d6e714e4afa116c0ffddf379dc6
+  metadata.gz: f542d5f0e7cca642a8fccd52cb4099101f38dbd1617ff2437b8690766b5f2bdd
+  data.tar.gz: 79ff2215f1e38e523e7e64a5779bee695a939a03f046a5e2e9a5974a804a714c
 SHA512:
-  metadata.gz: 0527cba1fcc06d8001cbd55473b3af5c23a9f5c004113fc24aa6f9e029c5ed2cf4f938bf184d79922164cdc3ea502d12860d46d64237bdbd306bf5ce50f59ffa
-  data.tar.gz: e13c17553592773e70c0e9a6753438444a5245f3cd0664c6c5a6c0a08a271d1d92180b110c7b7e5981f7ca6dc2b18d90da3feeb05a14ae863fcfd99d5673650e
+  metadata.gz: 1e0bdc80d388f1bdbf39674624522f7086ca5b0904df2bb28d7b6f3c8f6057df38eca1c0854905a87d920286e578d1e0fe269deb33c3c3f1691d2113a9f23d11
+  data.tar.gz: 31ebb15cc504b82c5406c2f7eb6a02a99aa035e9486ecd52698403eff7bd79a99e606229dbbf392ac3fabd1b68c9a7ebc09c127dea3970e2a083c7d781159f33

data/CHANGELOG

@@ -1,3 +1,15 @@
+=== 5.61.0 (2022-10-01)
+
+* Make Database#foreign_key_list on PostgreSQL return results for partitioned tables (jeremyevans)
+
+* Add Database#check_string_typecast_bytesize for checking bytesize of strings before typecasting (jeremyevans)
+
+* Treat negative hexidecimal strings similar to positive hexidecimal strings when typecasting to integer (jeremyevans)
+
+* Remove is_json and is_not_json methods from the pg_json_ops extension, as the support was removed in PostgreSQL 15 beta 4 (jeremyevans)
+
+* Fix handling of timestamps before the date of calendar reform when using pg_extended_date_support extension on Ruby 3.2 (jeremyevans)
+
 === 5.60.1 (2022-09-02)
 
 * Revert conversion of respond_to? to defined?, as it breaks with unused refinements on Ruby 2 (jeremyevans) (#1919)

data/doc/release_notes/5.61.0.txt

@@ -0,0 +1,43 @@
+= Improvements
+
+* When typecasting strings to other types, Sequel::Database will now
+  by default not typecast strings that are much longer than expected
+  for the underlying type. Depending on the underlying type, there
+  is a limit of either 100 or 1000 bytes on the input string.  This
+  avoids potential performance issues when trying to convert
+  arbitrary sized user input to specific types.
+
+* The respond_to? to defined? change made in 5.60.0 was reverted in
+  5.60.1 as it broke cases on Ruby < 3 where the object had an unused
+  refinement that added the method.
+
+* When typecasting strings to integer, strings such as -0xa are now
+  treated as negative hexidecimal strings, similar to how 0xa is
+  treated as a positive hexidecimal string.
+
+* Database#foreign_key_list now returns results for partitioned
+  tables on PostgreSQL 11+.
+
+* Timestamps before the date of calendar reform are now handled
+  correctly by the pg_extended_date_support extension when using
+  Ruby 3.2 preview 2+.
+
+= Backwards Compatibility
+
+* The change to not typecast strings that are too long can break
+  backwards compatibility for applications that expect typecasting
+  for input beyond Sequel's limits.  You can disable the string
+  bytesize checking by setting:
+
+    DB.check_string_typecast_bytesize = false
+
+  or by passing the check_string_typecast_bytesize: false option when
+  creating the Database instance.
+
+* Code to workaround a bug in JRuby 9.2.0.0 has been removed from the
+  pg_extended_date_support extension.  Users of the extension should
+  upgrade to a newer JRuby version.
+
+* The is_json and is_not_json methods have been removed from the
+  pg_json_ops extension, as the underlying support was removed in
+  PostgreSQL 15 beta 4.

data/lib/sequel/adapters/shared/postgres.rb

@@ -586,7 +586,7 @@ module Sequel
           join(Sequel[:pg_namespace].as(:nsp), :oid=>Sequel[:cl2][:relnamespace]).
           order{[co[:conname], cpos]}.
           where{{
-            cl[:relkind]=>'r',
+            cl[:relkind]=>%w'r p',
             co[:contype]=>'f',
             cl[:oid]=>oid,
             cpos=>rpos

data/lib/sequel/database/misc.rb

@@ -91,6 +91,11 @@ module Sequel
     # The specific default size of string columns for this Sequel::Database, usually 255 by default.
     attr_accessor :default_string_column_size
 
+    # Whether to check the bytesize of strings before typecasting (to avoid typecasting strings that
+    # would be too long for the given type), true by default. Strings that are too long will raise
+    # a typecasting error.
+    attr_accessor :check_string_typecast_bytesize
+
     # Constructs a new instance of a database connection with the specified
     # options hash.
     #
@@ -98,6 +103,7 @@ module Sequel
     # :before_preconnect :: Callable that runs after extensions from :preconnect_extensions are loaded,
     #                       but before any connections are created.
     # :cache_schema :: Whether schema should be cached for this Database instance
+    # :check_string_typecast_bytesize :: Whether to check the bytesize of strings before typecasting.
     # :default_string_column_size :: The default size of string columns, 255 by default.
     # :extensions :: Extensions to load into this Database instance.  Can be a symbol, array of symbols,
     #                or string with extensions separated by columns.  These extensions are loaded after
@@ -107,7 +113,7 @@ module Sequel
     # :loggers :: An array of loggers to use.
     # :log_connection_info :: Whether connection information should be logged when logging queries.
     # :log_warn_duration :: The number of elapsed seconds after which queries should be logged at warn level.
-    # :name :: A name to use for the Database object, displayed in PoolTimeout .
+    # :name :: A name to use for the Database object, displayed in PoolTimeout.
     # :preconnect :: Automatically create the maximum number of connections, so that they don't
     #                need to be created as needed.  This is useful when connecting takes a long time
     #                and you want to avoid possible latency during runtime.
@@ -116,7 +122,7 @@ module Sequel
     # :preconnect_extensions :: Similar to the :extensions option, but loads the extensions before the
     #                           connections are made by the :preconnect option.
     # :quote_identifiers :: Whether to quote identifiers.
-    # :servers :: A hash specifying a server/shard specific options, keyed by shard symbol .
+    # :servers :: A hash specifying a server/shard specific options, keyed by shard symbol.
     # :single_threaded :: Whether to use a single-threaded connection pool.
     # :sql_log_level :: Method to use to log SQL to a logger, :info by default.
     #
@@ -132,6 +138,7 @@ module Sequel
       @opts[:adapter_class] = self.class
       @opts[:single_threaded] = @single_threaded = typecast_value_boolean(@opts.fetch(:single_threaded, Sequel.single_threaded))
       @default_string_column_size = @opts[:default_string_column_size] || DEFAULT_STRING_COLUMN_SIZE
+      @check_string_typecast_bytesize = typecast_value_boolean(@opts.fetch(:check_string_typecast_bytesize, true))
 
       @schemas = {}
       @prepared_statements = {}
@@ -465,6 +472,21 @@ module Sequel
     #   Don't rescue other exceptions, they will be raised normally.
     end
 
+    # Check the bytesize of a string before conversion. There is no point
+    # trying to typecast strings that would be way too long.
+    def typecast_check_string_length(string, max_size)
+      if @check_string_typecast_bytesize && string.bytesize > max_size
+        raise InvalidValue, "string too long to typecast (bytesize: #{string.bytesize}, max: #{max_size})"
+      end
+      string
+    end
+
+    # Check the bytesize of the string value, if value is a string.
+    def typecast_check_length(value, max_size)
+      typecast_check_string_length(value, max_size) if String === value
+      value
+    end
+
     # Typecast the value to an SQL::Blob
     def typecast_value_blob(value)
       value.is_a?(Sequel::SQL::Blob) ? value : Sequel::SQL::Blob.new(value)
@@ -488,9 +510,9 @@ module Sequel
       when Date
         value
       when String
-        Sequel.string_to_date(value)
+        Sequel.string_to_date(typecast_check_string_length(value, 100))
       when Hash
-        Date.new(*[:year, :month, :day].map{|x| (value[x] || value[x.to_s]).to_i})
+        Date.new(*[:year, :month, :day].map{|x| typecast_check_length(value[x] || value[x.to_s], 100).to_i})
       else
         raise InvalidValue, "invalid value for Date: #{value.inspect}"
       end
@@ -498,7 +520,17 @@ module Sequel
 
     # Typecast the value to a DateTime or Time depending on Sequel.datetime_class
     def typecast_value_datetime(value)
-      Sequel.typecast_to_application_timestamp(value)
+      case value
+      when String
+        Sequel.typecast_to_application_timestamp(typecast_check_string_length(value, 100))
+      when Hash
+        [:year, :month, :day, :hour, :minute, :second, :nanos, :offset].each do |x|
+          typecast_check_length(value[x] || value[x.to_s], 100)
+        end
+        Sequel.typecast_to_application_timestamp(value)
+      else
+        Sequel.typecast_to_application_timestamp(value)
+      end
     end
     
     if RUBY_VERSION >= '2.4'
@@ -531,18 +563,30 @@ module Sequel
       when Numeric
         BigDecimal(value.to_s)
       when String
-        _typecast_value_string_to_decimal(value)
+        _typecast_value_string_to_decimal(typecast_check_string_length(value, 1000))
       else
         raise InvalidValue, "invalid value for BigDecimal: #{value.inspect}"
       end
     end
 
     # Typecast the value to a Float
-    alias typecast_value_float Float
+    def typecast_value_float(value)
+      Float(typecast_check_length(value, 1000))
+    end
 
     # Typecast the value to an Integer
     def typecast_value_integer(value)
-      (value.is_a?(String) && value =~ /\A0+(\d)/) ? Integer(value, 10) : Integer(value)
+      case value
+      when String
+        typecast_check_string_length(value, 100)
+        if value =~ /\A-?0+(\d)/
+          Integer(value, 10)
+        else
+          Integer(value)
+        end
+      else
+        Integer(value)
+      end
     end
 
     # Typecast the value to a String
@@ -565,9 +609,9 @@ module Sequel
           SQLTime.create(value.hour, value.min, value.sec, value.nsec/1000.0)
         end
       when String
-        Sequel.string_to_time(value)
+        Sequel.string_to_time(typecast_check_string_length(value, 100))
       when Hash
-        SQLTime.create(*[:hour, :minute, :second].map{|x| (value[x] || value[x.to_s]).to_i})
+        SQLTime.create(*[:hour, :minute, :second].map{|x| typecast_check_length(value[x] || value[x.to_s], 100).to_i})
       else
         raise Sequel::InvalidValue, "invalid value for Time: #{value.inspect}"
       end

data/lib/sequel/extensions/looser_typecasting.rb

@@ -8,6 +8,9 @@
 # :decimal :: use 0.0 for unsupported strings
 # :string :: silently allow hash and array conversion to string
 #
+# This also removes bytesize checks for string inputs for float, integer
+# and decimal conversions.
+#
 # To load the extension into the database:
 #
 #   DB.extension :looser_typecasting

data/lib/sequel/extensions/pg_extended_date_support.rb

@@ -29,6 +29,8 @@ module Sequel
       INFINITE_DATETIME_VALUES = ([PLUS_INFINITY, MINUS_INFINITY] + INFINITE_TIMESTAMP_STRINGS).freeze
       PLUS_DATE_INFINITY = Date::Infinity.new
       MINUS_DATE_INFINITY = -PLUS_DATE_INFINITY
+      RATIONAL_60 = Rational(60)
+      TIME_CAN_PARSE_BC = RUBY_VERSION >= '2.5'
 
       # Add dataset methods and update the conversion proces for dates and timestamps.
       def self.extended(db)
@@ -86,27 +88,18 @@ module Sequel
         if value.is_a?(String) && (m = /((?:[-+]\d\d:\d\d)(:\d\d)?)?( BC)?\z/.match(value)) && (m[2] || m[3])
           if m[3]
             value = value.sub(' BC', '').sub(' ', ' BC ')
-            conv = defined?(JRUBY_VERSION) && JRUBY_VERSION == '9.2.0.0'
           end
-          if m[2] || conv
-            dt = DateTime.parse(value)
-            if conv
-              # :nocov:
-              if Sequel.datetime_class == DateTime
-                dt >>= 12
-              else
-                dt >>= 24
-              end
-              # :nocov:
-            end
-            unless Sequel.datetime_class == DateTime
-              dt = dt.to_time
-              if conv && (timezone == nil || timezone == :local) && !m[1]
-                # :nocov:
-                dt = Sequel.send(:convert_input_timestamp, dt.strftime("%F %T.%6N"), :local)
-                # :nocov:
-              end
+          if m[2]
+            dt = if Sequel.datetime_class == DateTime
+              DateTime.parse(value)
+            elsif TIME_CAN_PARSE_BC
+              Time.parse(value)
+            # :nocov:
+            else
+              DateTime.parse(value).to_time
+            # :nocov:
             end
+
             Sequel.convert_output_timestamp(dt, Sequel.application_timezone)
           else
             super(value)
@@ -223,10 +216,7 @@ module Sequel
           # Work around JRuby bug #4822 in Time#to_datetime for times before date of calendar reform
           def literal_time(time)
             if time < TIME_YEAR_1
-              dt = DateTime.parse(super)
-              # Work around JRuby bug #5191
-              dt >>= 12 if JRUBY_VERSION == '9.2.0.0'
-              literal_datetime(dt)
+              literal_datetime(DateTime.parse(super))
             else
               super
             end
@@ -236,7 +226,8 @@ module Sequel
           # Handle BC Time objects.
           def literal_time(time)
             if time < TIME_YEAR_1
-              literal_datetime(time.to_datetime)
+              time = db.from_application_timestamp(time)
+              time.strftime("'#{sprintf('%04i', time.year.abs+1)}-%m-%d %H:%M:%S.%N#{format_timestamp_offset(*(time.utc_offset/RATIONAL_60).divmod(60))} BC'")
             else
               super
             end

data/lib/sequel/extensions/pg_inet.rb

@@ -111,7 +111,7 @@ module Sequel
         when IPAddr
           value
         when String
-          IPAddr.new(value)
+          IPAddr.new(typecast_check_string_length(value, 100))
         else
           raise Sequel::InvalidValue, "invalid value for inet/cidr: #{value.inspect}"
         end

data/lib/sequel/extensions/pg_interval.rb

@@ -197,7 +197,7 @@ module Sequel
         when Numeric
           ActiveSupport::Duration.new(value, [[:seconds, value]])
         when String
-          PARSER.call(value)
+          PARSER.call(typecast_check_string_length(value, 1000))
         else
           raise Sequel::InvalidValue, "invalid value for interval type: #{value.inspect}"
         end

data/lib/sequel/extensions/pg_json_ops.rb

@@ -123,15 +123,6 @@
 #   c = Sequel.pg_jsonb_op(:c)
 #   DB[:t].update(c['key1'] => 1.to_json, c['key2'] => "a".to_json)
 #
-# On PostgreSQL 15+, the <tt>IS [NOT] JSON</tt> operator is supported:
-#
-#   j.is_json                              # j IS JSON
-#   j.is_json(type: :object)               # j IS JSON OBJECT
-#   j.is_json(type: :object, unique: true) # j IS JSON OBJECT WITH UNIQUE
-#   j.is_not_json                          # j IS NOT JSON
-#   j.is_json(type: :array)                # j IS NOT JSON ARRAY
-#   j.is_json(unique: true)                # j IS NOT JSON WITH UNIQUE
-#
 # If you are also using the pg_json extension, you should load it before
 # loading this extension.  Doing so will allow you to use the #op method on
 # JSONHash, JSONHarray, JSONBHash, and JSONBArray, allowing you to perform json/jsonb operations
@@ -160,18 +151,6 @@ module Sequel
       GET_PATH = ["(".freeze, " #> ".freeze, ")".freeze].freeze
       GET_PATH_TEXT = ["(".freeze, " #>> ".freeze, ")".freeze].freeze
 
-      IS_JSON = ["(".freeze, " IS JSON".freeze, "".freeze, ")".freeze].freeze
-      IS_NOT_JSON = ["(".freeze, " IS NOT JSON".freeze, "".freeze, ")".freeze].freeze
-      EMPTY_STRING = Sequel::LiteralString.new('').freeze
-      WITH_UNIQUE = Sequel::LiteralString.new(' WITH UNIQUE').freeze
-      IS_JSON_MAP = {
-        nil => EMPTY_STRING,
-        :value => Sequel::LiteralString.new(' VALUE').freeze,
-        :scalar => Sequel::LiteralString.new(' SCALAR').freeze,
-        :object => Sequel::LiteralString.new(' OBJECT').freeze,
-        :array => Sequel::LiteralString.new(' ARRAY').freeze
-      }.freeze
-
       # Get JSON array element or object field as json.  If an array is given,
       # gets the object at the specified path.
       #
@@ -254,30 +233,6 @@ module Sequel
         end
       end
 
-      # Return whether the json object can be parsed as JSON.
-      #
-      # Options:
-      # :type :: Check whether the json object can be parsed as a specific type
-      #          of JSON (:value, :scalar, :object, :array).
-      # :unique :: Check JSON objects for unique keys.
-      #
-      #   json_op.is_json                 # json IS JSON
-      #   json_op.is_json(type: :object)  # json IS JSON OBJECT
-      #   json_op.is_json(unique: true)   # json IS JSON WITH UNIQUE
-      def is_json(opts=OPTS)
-        _is_json(IS_JSON, opts)
-      end
-
-      # Return whether the json object cannot be parsed as JSON. The opposite
-      # of #is_json. See #is_json for options.
-      #
-      #   json_op.is_not_json                 # json IS NOT JSON
-      #   json_op.is_not_json(type: :object)  # json IS NOT JSON OBJECT
-      #   json_op.is_not_json(unique: true)   # json IS NOT JSON WITH UNIQUE
-      def is_not_json(opts=OPTS)
-        _is_json(IS_NOT_JSON, opts)
-      end
-
       # Returns a set of keys AS text in the json object.
       #
       #   json_op.keys # json_object_keys(json)
@@ -331,13 +286,6 @@ module Sequel
 
       private
 
-      # Internals of IS [NOT] JSON support
-      def _is_json(lit_array, opts)
-        raise Error, "invalid is_json :type option: #{opts[:type].inspect}" unless type = IS_JSON_MAP[opts[:type]]
-        unique = opts[:unique] ? WITH_UNIQUE : EMPTY_STRING
-        Sequel::SQL::BooleanExpression.new(:NOOP, Sequel::SQL::PlaceholderLiteralString.new(lit_array, [self, type, unique]))
-      end
-
       # Return a placeholder literal with the given str and args, wrapped
       # in an JSONOp or JSONBOp, used by operators that return json or jsonb.
       def json_op(str, args)

data/lib/sequel/extensions/pg_range.rb

@@ -282,7 +282,7 @@ module Sequel
           when Range
             PGRange.from_range(value, parser.db_type)
           when String
-            parser.call(value)
+            parser.call(typecast_check_string_length(value, 100))
           else
             raise Sequel::InvalidValue, "invalid value for range type: #{value.inspect}"
           end

data/lib/sequel/version.rb

@@ -6,11 +6,11 @@ module Sequel
 
   # The minor version of Sequel.  Bumped for every non-patch level
   # release, generally around once a month.
-  MINOR = 60
+  MINOR = 61
 
   # The tiny version of Sequel.  Usually 0, only bumped for bugfix
   # releases that fix regressions from previous versions.
-  TINY  = 1
+  TINY  = 0
   
   # The version of Sequel you are using, as a string (e.g. "2.11.0")
   VERSION = [MAJOR, MINOR, TINY].join('.').freeze

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sequel
 version: !ruby/object:Gem::Version
-  version: 5.60.1
+  version: 5.61.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-09-02 00:00:00.000000000 Z
+date: 2022-10-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest
@@ -192,6 +192,7 @@ extra_rdoc_files:
 - doc/release_notes/5.59.0.txt
 - doc/release_notes/5.6.0.txt
 - doc/release_notes/5.60.0.txt
+- doc/release_notes/5.61.0.txt
 - doc/release_notes/5.7.0.txt
 - doc/release_notes/5.8.0.txt
 - doc/release_notes/5.9.0.txt
@@ -280,6 +281,7 @@ files:
 - doc/release_notes/5.59.0.txt
 - doc/release_notes/5.6.0.txt
 - doc/release_notes/5.60.0.txt
+- doc/release_notes/5.61.0.txt
 - doc/release_notes/5.7.0.txt
 - doc/release_notes/5.8.0.txt
 - doc/release_notes/5.9.0.txt