(SeeDiscourse topic.)

Per now, it is possible to supply a sequence of params to queries with named placeholders:

>>>cx.execute("select :name", [42]).fetchall()[(42,)]>>>cx.execute("select :other", [42]).fetchall()[(42,)]

This may result in unexpected results if a user misuse the sqlite3 module and usePEP-249 stylenumeric placeholders:

>>> cx.execute("select :1", ("first",)).fetchall()[('first',)]>>> cx.execute("select :1, :2", ("first", "second")).fetchall()[('first', 'second')]>>> cx.execute("select :2, :1", ("first", "second")).fetchall()  # Unexpected result follows[('first', 'second')]

PEP-249 stylenumeric placeholders are not supported by sqlite3; it only supportsPEP-249 stylenamed placeholders andPEP-249 styleqmark placeholders, so the placeholders in the above example are interpreted asnamed, notnumeric, placeholders.

Based on the discussion in the above linked Discourse topic, I propose to now issue a deprecation warning if sequences are used with named placeholders. The deprecation warning should inform that from Python 3.14 and onward,sqlite3.ProgrammingError will be raised instead.

Linked PRs

• gh-101693: In sqlite3, deprecate using named placeholders with parameters supplied as a sequence #101698