mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-11-01 20:52:26 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

[chore]: Bump github.com/jackc/pgx/v5 from 5.5.3 to 5.5.5 (#2747)

Browse source
This commit is contained in:
dependabot[bot] 2024-03-11 10:13:33 +00:00 committed by GitHub
commit d115f9ebc4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
67 changed files with 515 additions and 385 deletions
Download patch file Download diff file Expand all files Collapse all files

4
vendor/github.com/jackc/pgx/v5/internal/sanitize/sanitize.go generated vendored
View file

@ -63,6 +63,10 @@ func (q *Query) Sanitize(args ...any) (string, error) {
return "", fmt.Errorf("invalid arg type: %T", arg)
}
argUse[argIdx] = true
// Prevent SQL injection via Line Comment Creation
// https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p
str = " " + str + " "
default:
return "", fmt.Errorf("invalid Part type: %T", part)
}