django.git/tests/dbshell/test_mysql.py, branch main django http://cgit.adnoto.dev/django.git/atom?h=main 2024-11-18T14:00:33Z Fixed #18392 -- Changed default mysql encoding to "utf8mb4". 2024-11-18T14:00:33Z Ben Cail bcail@crossway.org 2024-10-17T20:32:36Z urn:sha1:9609b48b9149aa0b96208588b99ce6161be6a287 Fixed #33715 -- Allowed keyboard interrupt to abort queries in MySQL dbshell. 2022-05-20T05:11:51Z Hasan Ramezani hasan.r67@gmail.com 2022-05-20T05:11:51Z urn:sha1:1a78ef2b85467a18ea6d7eaa4b27f67d11c87b9e Refs #33476 -- Reformatted code with Black. 2022-02-07T19:37:05Z django-bot ops@djangoproject.com 2022-02-03T19:24:19Z urn:sha1:9c19aff7c7561e3a82978a272ecdaad40dda5c00 Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend. 2021-05-12T10:21:57Z Nick Pope nick@nickpope.me.uk 2021-05-10T20:32:10Z urn:sha1:1061f5243646b4c9b8a758f8a36c9e2ccdded1cf The 'db' and 'passwd' connection options have been deprecated, use 'database' and 'password' instead (available since mysqlclient >= 1.3.8). This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL. Refs #32061 -- Fixed test_crash_password_does_not_leak() crash on Windows. 2020-11-03T10:38:40Z Mariusz Felisiak felisiak.mariusz@gmail.com 2020-11-03T10:38:40Z urn:sha1:009fddc96b88a9aee1232d6a2637f2970fdcfb50 When env is passed to subprocess.run() we should pass all existing environment variables. This fixes crash on Windows: Fatal Python error: failed to get random numbers to initialize Python Fatal Python error: _Py_HashRandomization_Init: failed to get random numbers to initialize Python Python runtime state: preinitialized Refs #32061 -- Prevented password leak on MySQL dbshell crash. 2020-10-30T09:12:52Z Simon Charette charette.s@gmail.com 2020-10-04T22:31:04Z urn:sha1:384ac0990ff414526ec47381845dae79b8e3ddfe The usage of the --password flag when invoking the mysql CLI has the potential of exposing the password in plain text if the command happens to crash due to the inclusion of args provided to subprocess.run(check=True) in the string representation of the subprocess.CalledProcessError exception raised on non-zero return code. Since this has the potential of leaking the password to logging facilities configured to capture crashes (e.g. sys.excepthook, Sentry) it's safer to rely on the MYSQL_PWD environment variable instead even if its usage is discouraged due to potential leak through the ps command on old flavors of Unix. Thanks Charlie Denton for reporting the issue to the security team. Refs #24999. Refs #32061 -- Unified DatabaseClient.runshell() in db backends. 2020-10-29T21:22:58Z Simon Charette charette.s@gmail.com 2020-10-04T22:25:29Z urn:sha1:bbe6fbb8768e8fb1aecb96d51c049d7ceaf802d3 Fixed #6517 -- Made dbshell use charset option on MySQL. 2020-10-17T10:24:36Z manav014 dpsman13016@gmail.com 2020-10-14T18:07:57Z urn:sha1:af87574a3c3df61cf2f829909977e347118e6480 Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> Fixed #31491 -- Allowed 'password' option in DATABASES['OPTIONS'] on MySQL. 2020-06-12T10:07:43Z Hasan Ramezani hasan.r67@gmail.com 2020-06-11T18:12:35Z urn:sha1:9e8edc1e5511f128dec6bcd70a10ebd263b76280 Fixed #29501 -- Allowed dbshell to pass options to underlying tool. 2020-04-14T13:02:51Z Adam Johnson me@adamj.eu 2020-04-14T07:56:40Z urn:sha1:5b884d45ac5b76234eca614d90c83b347294c332