Reject control characters in `http.cookies.Morsel.update()` and `http.cookies.BaseCookie.js_output`.
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Victor Stinner <victor.stinner@gmail.com>
freeze_support() called get_start_method() without allow_none=True,
which locked in the default start method context. This caused a
subsequent set_start_method() call to raise "context has already been
set". Use allow_none=True and accept None as a matching value, since
spawn.freeze_support() independently detects spawned child processes.
Test that freeze_support() does not lock in the default start method,
which would prevent a subsequent set_start_method() call.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
the lazy imports PEP initial implementation (3.15 alpha) inadvertently incremented the length of the sys.flags tuple. In a way that did not do anything useful or related to the lazy imports setting (it exposed sys.flags.gil in the tuple). This fixes that to hard code the length to the 3.13 & 3.14 released length of 18 and have our tests and code comments make it clear that we've since stopped making new sys.flags attributes available via sequence index.
* calling it with non-ASCII string format will now raise a ValueError
instead of UnicodeEncodeError
* calling it with non-ASCII bytes format will now raise a ValueError
instead of struct.error
* getting the format attribute of uninitialized object will now raise
an AttributeError instead of RuntimeError.
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
* Struct.__new__() will require a mandatory argument (format)
* Calls of __init__() method with a different format argument on initialized
Struct are deprecated
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
* fix(unittest.util): Deduplicate tail elements in sorted_list_difference
sorted_list_difference failed to deduplicate remaining elements when one
list was exhausted, causing duplicate values in the result.
Deduplicate before extending.
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Ensure wait() blocks for the specified timeout when object_list is empty, preventing 100% CPU usage. This aligns the Windows behavior with the Unix implementation.
Co-authored-by: AN Long <aisk@users.noreply.github.com>
Previously, component-wise relative error bound was tested. However,
such bound can't exist already for complex multiplication as one can be
used to perform subtraction of floating-point numbers, e.g. x and y for
z0=1+1j and z1=x+yj.
```pycon
>>> x, y = 1e-9+1j, 1+1j
>>> a = x*y*y.conjugate()/2;a
(1.0000000272292198e-09+1j)
>>> b = x*(y*y.conjugate()/2);b
(1e-09+1j)
>>> b == x
True
>>> (a.real-b.real)/math.ulp(b.real)
131672427.0
```
