search

jeremyevans / sequel

Sequel: The Database Toolkit for Ruby
http://sequel.jeremyevans.net
Other
4.97k stars 1.07k forks source link

Version 5.83.0 no longer unescapes sqlite3 connection strings #2201

Closed Ben3eeE closed 1 month ago

Ben3eeE commented 1 month ago

Complete Description of Issue

In version 5.82.0 when connecting with sqlite3 the connection string was unescaped and this was changed here: https://github.com/jeremyevans/sequel/commit/f1377af8312d33559867f218277dd4f2913c45e2#diff-8e4b522a718d9c729869dad14f50bafcac64665ef51504eea33e79e71ee42ae4

This makes connecting with a URI like sqlite://app%2Fdata%2Ftest.db create a file called app%2Fdata%2Ftest.db instead of a file called test.db in the app/data folder.

This way of connecting is used in the wild by gemstash: https://github.com/rubygems/gemstash/blob/e0e1b4b920ac29b9f777e0cd0b9325e3d73f5259/lib/gemstash/env.rb#L132

Not sure if this was an unintentional change here or if gemstash should be changed to stop doing this.

Simplest Possible Self-Contained Example Showing the Bug

require 'sequel'
require 'cgi'

Sequel.connect("sqlite://#{CGI.escape("app/data/test.db")}")

Full Backtrace of Exception (if any)

No response

SQL Log (if any)

No response

Ruby Version

3.3.4

Sequel Version

5.83.0

jeremyevans commented 1 month ago

Thanks for the report. This wasn't intended, and it is a regression, so I'll fix it and release 5.83.1.

jeremyevans commented 1 month ago

I've released 5.83.1 with this fix.