Over on GitHub, the Dependabot opened several PRs/notifications about security-compromised dependencies in my tool for guessing the types of data in your CSV files and importing them into a SQLite DB. I noticed it's really been quite a while since the last update, so I went ahead and fixed that.
Dependabot warned that some of the updates can't be done automatically because there were larger version bumps to overcome, but I wasn't bothered - the script is quite simple, and the trivial functionalities usually don't break.
And that guess was correct - I just updated everything, reran the tests, everything worked.
The most time-consuming part was, aehm, struggling with Python's toolchain. Again.
Part of this was purely on me - I don't really use Python much these days, so I forgot a bunch of things. But every time I have to go through this again, I'm thankful for all the dev ecosystems where I don't have to bother with things like virtual environments just to make sure the dependencies on my projects don't break.
Anyway, the important part is: if you're using
csv-to-sqlite, please upgrade to benefit from the security updates in the dependencies. The functionality itself hasn't changed in any way.