[Bug] sqlparse dependency out-of-date with dbt-core

[zwallacedev]

Is this a new bug in dbt-redshift?

• [X] I believe this is a new bug in dbt-redshift
• [X] I have searched the existing issues, and I could not find an existing issue for this bug

Current Behavior

At this point in time, we are having issues related to an out-of-date sqlparse, which had a vulnerability reported.

Is it possible to get a timeline on when this will be resolved? I noted there are two separate PRs that have been opened and closed without merging to update the sqlparse version.

Expected Behavior

I would like to build dbt-redshift with dbt-core to ensure both of the dependencies have sqlparse above 0.5.0

Steps To Reproduce

1. bump dbt-core to 1.7.13
2. build fails because dependency mis-match with dbt-redshift

Relevant log output

No response

Environment

- OS:
- Python:
- dbt-core:
- dbt-redshift:

Additional Context

No response

[dataders]

@zwallacedev can you share how you're installing dbt-redshift?

I don't see a dependency conflict when I look at the setup.py's of both dbt-core and dbt-redshift.

AFAICT, both have the same sqlparse version range: "sqlparse>=0.5.0,<0.6.0",

[github-actions[bot]]

This issue has been marked as Stale because it has been open for 180 days with no activity. If you would like the issue to remain open, please comment on the issue or else it will be closed in 7 days.

[github-actions[bot]]

Although we are closing this issue as stale, it's not gone forever. Issues can be reopened if there is renewed community interest. Just add a comment to notify the maintainers.