Fix: Sanitize user input passed to DataFrame.eval()/query() to prevent code injection#1293

Merged

jonbrenas merged 6 commits intomalariagen:masterfrom

kunal-10-cloud:fix/issue-1292-sanitize-eval-query

Apr 17, 2026

Commits on Apr 14, 2026

fix: sanitize user input passed to DataFrame.eval()/query() to prevent code injection (GH-1292)
kunal-10-cloud
committed
fix: support pandas @variable syntax in query validator and fix CI failures
kunal-10-cloud
committed
fix: handle typeguard TypeCheckError in test_non_string_input
kunal-10-cloud
committed

Commits on Apr 16, 2026

Merge branch 'master' into fix/issue-1292-sanitize-eval-query
kunal-10-cloud
authored

Commits on Apr 17, 2026