Please update the pip package dependencies

[eabase]

Many of the core python packages used in this package are outdated, and breaking most all new python 3.10 installations.

Please update the requirements and the related python code.

# pip list --outdated
Package        Version Latest Type
-------------- ------- ------ -----
cli-helpers    0.2.3   2.2.1  wheel
Click          7.0     8.1.0  wheel
prompt-toolkit 2.0.10  3.0.28 wheel
sqlparse       0.2.4   0.4.2  wheel

Related issues:
#531
#484

[cwegener]

Running pip install --upgrade cli-helpers after pip install mssqli-cli is how I was able to use mssql-cli on Python 3.10

[ggt-steven-combs]

I can't even use this because of the dependency issue. Is there a fork or a PR for this yet?

[swells]

It would be great if the deps could be updated due to the security vulnerability of the sqlparse version

We take a dependence on this package and our governed repositories scans for violations.
dependency sqlparse==0.2.4 as a security violation.

StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)
The formatter function that strips comments from a SQL contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments.

Recommendation

Upgrade to version sqlparse - 0.4.2