From e394d66d50a7e6b88ea2879ffce3b8ad688a1884 Mon Sep 17 00:00:00 2001
From: Tilman Koschnick <til@subnetz.org>
Date: Sat, 16 Sep 2023 18:24:50 +0200
Subject: [PATCH 1/2] do not quote params before passing them to mogrify

---
 debug_toolbar/panels/sql/tracking.py | 19 +------------------
 docs/changes.rst                     |  2 ++
 2 files changed, 3 insertions(+), 18 deletions(-)

diff --git a/debug_toolbar/panels/sql/tracking.py b/debug_toolbar/panels/sql/tracking.py
index 0c53dc2c5..b5fc81234 100644
--- a/debug_toolbar/panels/sql/tracking.py
+++ b/debug_toolbar/panels/sql/tracking.py
@@ -109,21 +109,6 @@ class NormalCursorMixin(DjDTCursorWrapperMixin):
     Wraps a cursor and logs queries.
     """
 
-    def _quote_expr(self, element):
-        if isinstance(element, str):
-            return "'%s'" % element.replace("'", "''")
-        else:
-            return repr(element)
-
-    def _quote_params(self, params):
-        if not params:
-            return params
-        if isinstance(params, dict):
-            return {key: self._quote_expr(value) for key, value in params.items()}
-        if isinstance(params, tuple):
-            return tuple(self._quote_expr(p) for p in params)
-        return [self._quote_expr(p) for p in params]
-
     def _decode(self, param):
         if PostgresJson and isinstance(param, PostgresJson):
             # psycopg3
@@ -157,9 +142,7 @@ def _last_executed_query(self, sql, params):
         # process during the .last_executed_query() call.
         self.db._djdt_logger = None
         try:
-            return self.db.ops.last_executed_query(
-                self.cursor, sql, self._quote_params(params)
-            )
+            return self.db.ops.last_executed_query(self.cursor, sql, params)
         finally:
             self.db._djdt_logger = self.logger
 
diff --git a/docs/changes.rst b/docs/changes.rst
index ad3cab34c..49f3fa60e 100644
--- a/docs/changes.rst
+++ b/docs/changes.rst
@@ -5,6 +5,8 @@ Pending
 -------
 
 * Removed outdated third-party panels from the list.
+* Do not quote SQL params before passing them to mogrify() for display in SQL
+  panel.
 
 4.2.0 (2023-08-10)
 ------------------

From a98d07f020b4a0d00dcb938798eb4e7cad48f161 Mon Sep 17 00:00:00 2001
From: tkoschnick <til@subnetz.org>
Date: Sat, 16 Sep 2023 21:15:12 +0200
Subject: [PATCH 2/2] better wording for changelog

Co-authored-by: Matthias Kestenholz <mk@feinheit.ch>
---
 docs/changes.rst | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/docs/changes.rst b/docs/changes.rst
index 49f3fa60e..24679bfd1 100644
--- a/docs/changes.rst
+++ b/docs/changes.rst
@@ -5,8 +5,7 @@ Pending
 -------
 
 * Removed outdated third-party panels from the list.
-* Do not quote SQL params before passing them to mogrify() for display in SQL
-  panel.
+* Avoided the unnecessary work of recursively quoting SQL parameters.
 
 4.2.0 (2023-08-10)
 ------------------