Skip to content

Commit 2bdeacb

Browse files
robsdeduderobsdedude
authored
Type execute_query query arg as LiteralString (#923)
1 parent 5ad2b6f commit 2bdeacb

File tree

3 files changed

+15
-8
lines changed

3 files changed

+15
-8
lines changed

CHANGELOG.md

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,15 @@
33
See also https://github.com/neo4j/neo4j-python-driver/wiki for more details.
44

55
## NEXT RELEASE
6-
- Renamed experimental `neo4j.RoutingControl.READERS` to `READ` and `WRITERS` to `WRITE`.
7-
- Renamed experimental `driver.query_bookmark_manager` to `execute_query_bookmark_manager`.
6+
- Renamed experimental `neo4j.RoutingControl.READERS` to `READ` and `WRITERS` to
7+
`WRITE`.
8+
- Renamed experimental `driver.query_bookmark_manager` to
9+
`execute_query_bookmark_manager`.
10+
- Query argument to experimental `driver.execute_query` not is typed
11+
`LiteralString` instead of `str` to help mitigate accidental Cypher
12+
injections. There are rare use-cases where a computed string is necessary.
13+
Please use `# type: ignore`, or `typing.cast` to suppress the type checking in
14+
those cases.
815

916

1017
## Version 5.7

src/neo4j/_async/driver.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -565,7 +565,7 @@ async def close(self) -> None:
565565
@t.overload
566566
async def execute_query(
567567
self,
568-
query_: str,
568+
query_: te.LiteralString,
569569
parameters_: t.Optional[t.Dict[str, t.Any]] = None,
570570
routing_: T_RoutingControl = RoutingControl.WRITE,
571571
database_: t.Optional[str] = None,
@@ -584,7 +584,7 @@ async def execute_query(
584584
@t.overload
585585
async def execute_query(
586586
self,
587-
query_: str,
587+
query_: te.LiteralString,
588588
parameters_: t.Optional[t.Dict[str, t.Any]] = None,
589589
routing_: T_RoutingControl = RoutingControl.WRITE,
590590
database_: t.Optional[str] = None,
@@ -602,7 +602,7 @@ async def execute_query(
602602

603603
async def execute_query(
604604
self,
605-
query_: str,
605+
query_: te.LiteralString,
606606
parameters_: t.Optional[t.Dict[str, t.Any]] = None,
607607
routing_: T_RoutingControl = RoutingControl.WRITE,
608608
database_: t.Optional[str] = None,

src/neo4j/_sync/driver.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -564,7 +564,7 @@ def close(self) -> None:
564564
@t.overload
565565
def execute_query(
566566
self,
567-
query_: str,
567+
query_: te.LiteralString,
568568
parameters_: t.Optional[t.Dict[str, t.Any]] = None,
569569
routing_: T_RoutingControl = RoutingControl.WRITE,
570570
database_: t.Optional[str] = None,
@@ -583,7 +583,7 @@ def execute_query(
583583
@t.overload
584584
def execute_query(
585585
self,
586-
query_: str,
586+
query_: te.LiteralString,
587587
parameters_: t.Optional[t.Dict[str, t.Any]] = None,
588588
routing_: T_RoutingControl = RoutingControl.WRITE,
589589
database_: t.Optional[str] = None,
@@ -601,7 +601,7 @@ def execute_query(
601601

602602
def execute_query(
603603
self,
604-
query_: str,
604+
query_: te.LiteralString,
605605
parameters_: t.Optional[t.Dict[str, t.Any]] = None,
606606
routing_: T_RoutingControl = RoutingControl.WRITE,
607607
database_: t.Optional[str] = None,

0 commit comments

Comments
 (0)