From: Niels Thykier Date: Sun, 7 Jun 2015 09:30:21 +0000 (+0200) Subject: auto-decruft: Use bind variables X-Git-Url: https://git.decadent.org.uk/gitweb/?a=commitdiff_plain;h=ef8e2d4089e30d379cbe912e59f61c7b8b186f7d;p=dak.git auto-decruft: Use bind variables Signed-off-by: Niels Thykier --- diff --git a/dak/auto_decruft.py b/dak/auto_decruft.py index e8ff995f..38e3b8c5 100644 --- a/dak/auto_decruft.py +++ b/dak/auto_decruft.py @@ -131,17 +131,20 @@ def removeNBS(suite_name, suite_id, session, dryrun): for architecture in arch_list: if architecture in arch2ids: arch2ids[architecture] = utils.get_architecture(architecture, session=session) - arch_ids = ", ".join(arch2ids[architecture] for architecture in arch_list) - pkg_db_set = ", ".join('"%s"' % package for package in pkg_list) - # TODO: Fix this properly to remove the remaining non-bind arguments + arch_ids = tuple(arch2ids[architecture] for architecture in arch_list) + params = { + suite_id: suite_id, + arch_ids: arch2ids, + pkg_list: tuple(pkg_list), + } q = session.execute(""" SELECT b.package, b.version, a.arch_string, b.id FROM binaries b JOIN bin_associations ba ON b.id = ba.bin JOIN architecture a ON b.architecture = a.id JOIN suite su ON ba.suite = su.id - WHERE a.id IN (%s) AND b.package IN (%s) AND su.id = :suite_id - """ % (arch_ids, pkg_db_set), { suite_id: suite_id}) + WHERE a.id IN :arch_ids AND b.package IN :pkg_db_set AND su.id = :suite_id + """, params) remove(session, message, [suite_name], list(q), partial=True, whoami="DAK's auto-decrufter") ################################################################################