issue_comments
5 rows where author_association = "OWNER", "created_at" is on date 2022-10-26 and issue = 1424378012 sorted by updated_at descending
This data as json, CSV (advanced)
Suggested facets: reactions, created_at (date), updated_at (date)
issue 1
- SQL query field can't begin by a comment · 5 ✖
id | html_url | issue_url | node_id | user | created_at | updated_at ▲ | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
1292685478 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292685478 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDNCm | simonw 9599 | 2022-10-26T21:42:35Z | 2022-10-26T21:42:35Z | OWNER | That's deployed to https://latest.datasette.io/ now - some examples:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292679567 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292679567 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDLmP | simonw 9599 | 2022-10-26T21:36:25Z | 2022-10-26T21:36:25Z | OWNER | I'm never 100% sure how to tell if a regular expression includes a nasty denial of service attack - are there any inputs that could cause this new regex to execute in quadratic time or similar? |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292678657 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292678657 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDLYB | simonw 9599 | 2022-10-26T21:35:23Z | 2022-10-26T21:35:37Z | OWNER | Here are the new tests - each of these should now work: https://github.com/simonw/datasette/blob/55a709c480a1e7401b4ff6208f37a2cf7c682183/tests/test_utils.py#L170-L175 |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292674919 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292674919 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDKdn | simonw 9599 | 2022-10-26T21:31:22Z | 2022-10-26T21:31:22Z | OWNER | I'm experimenting with this: ```python Allow SQL to start with a / / or -- commentcomment_re = ( # Start of string, then any amount of whitespace r'^(\s' + # Comment that starts with -- and ends at a newline r'(?:--.?\n\s)' + # Comment that starts with / and ends with / r'|(?:/*[\s\S]?*/)' + # Whitespace r')\s' ) allowed_sql_res = [ re.compile(comment_re + r"select\b"), re.compile(comment_re + r"explain\s+select\b"), re.compile(comment_re + r"explain\s+query\s+plan\s+select\b"), re.compile(comment_re + r"with\b"), re.compile(comment_re + r"explain\s+with\b"), re.compile(comment_re + r"explain\s+query\s+plan\s+with\b"), ] ``` This should allow any number of comments of either type as a suffix to the allowed SQL patterns. Needs extensive unit tests! I'm not massively worried if it has a flaw in it though, since this is part of Datasette's defense in depth: if a non-SELECT query sneaks through it still shouldn't be able to cause any damage as the database connection is read-only or immutable. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 | |
1292659986 | https://github.com/simonw/datasette/issues/1860#issuecomment-1292659986 | https://api.github.com/repos/simonw/datasette/issues/1860 | IC_kwDOBm6k_c5NDG0S | simonw 9599 | 2022-10-26T21:14:26Z | 2022-10-26T21:15:22Z | OWNER | Yeah we should fix this. https://www.sqlite.org/lang_comment.html - SQLite also supports I like how explicit the documentation is here:
|
{ "total_count": 1, "+1": 1, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
SQL query field can't begin by a comment 1424378012 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] ( [html_url] TEXT, [issue_url] TEXT, [id] INTEGER PRIMARY KEY, [node_id] TEXT, [user] INTEGER REFERENCES [users]([id]), [created_at] TEXT, [updated_at] TEXT, [author_association] TEXT, [body] TEXT, [reactions] TEXT, [issue] INTEGER REFERENCES [issues]([id]) , [performed_via_github_app] TEXT); CREATE INDEX [idx_issue_comments_issue] ON [issue_comments] ([issue]); CREATE INDEX [idx_issue_comments_user] ON [issue_comments] ([user]);
user 1