Commit graph

31526 commits

Author SHA1 Message Date
Sergey Miryanov
e6e376a760
gh-132042: Remove resolve_slotdups() to speedup class creation (#132156)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: sobolevn <mail@sobolevn.me>
Co-authored-by: Kumar Aditya <kumaraditya@python.org>
2025-10-03 11:58:00 +02:00
Angela Liss
fd7dac0430
gh-137840: Implement PEP 728 (closed and extra_items in typing.TypedDict) (#137933)
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
2025-10-02 22:50:19 -07:00
Victor Stinner
4e7e2dd043
gh-139322: Reenable test_os.test_getlogin() (#139498)
Fix also getlogin() errno.
2025-10-02 20:51:57 +00:00
ivonastojanovic
75b1afe562
gh-135953: Add Gecko reporter to sampling profiler (#139364)
Signed-off-by: Pablo Galindo Salgado <pablogsal@gmail.com>
Co-authored-by: Pablo Galindo Salgado <pablogsal@gmail.com>
2025-10-01 21:18:54 +01:00
Ken Jin
d936dbeb1f
gh-139210: Move gh-139210 patch NEWS file to correct section (#139469)
Move gh-139210 patch NEWS file to correct section
2025-10-01 09:48:37 +01:00
yihong
22f7ccfad6
gh-138899: fix sys.ps1 in asyncio repl (#138900) 2025-10-01 11:19:49 +05:30
Ken Jin
c86eb4d3ac
gh-139210: Fix use-after-free in xml.etree.ElementTree.iterparse() (GH-139211) 2025-09-30 20:50:50 +03:00
Petr Viktorin
01157e0cdf
gh-139116: tracemalloc: Detach thread state when acquiring tables_lock (GH-139449)
* gh-139116: tracemalloc: Detach thread state when acquiring tables_lock

This prevents a deadlock when:

- One thread is in `_PyTraceMalloc_Stop`, with `TABLES_LOCK` held, calling
  `PyRefTracer_SetTracer` which wants to stop the world
- Another is thread in `PyTraceMalloc_Track`, just attached thread state, waiting
  for `TABLES_LOCK`

Detaching the thread state while waiting for `TABLES_LOCK` allows
`PyRefTracer_SetTracer` to stop the world.


Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
2025-09-30 16:43:49 +02:00
Bénédikt Tran
bc172ee830
gh-139283: correctly handle size limit in cursor.fetchmany() (#139296)
Passing a negative or zero size to `cursor.fetchmany()` made it fetch all rows
instead of none.

While this could be considered a security vulnerability, it was decided to treat
this issue as a regular bug as passing a non-sanitized *size* value in the first
place is not recommended.
2025-09-30 11:18:55 +02:00
AN Long
bd1ada6df3
gh-138092: Allow calling mmap.flush with offset only (#138093) 2025-09-30 11:08:50 +02:00
Adam Turner
8bfdda21a3
GH-123299: Copyedit 3.14 What's New: CPython bytecode changes (#139402)
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
2025-09-29 15:11:54 +00:00
Hugo van Kemenade
872eafd2b0
gh-76007: Deprecate __version__ attribute (#138675)
Co-authored-by: AN Long <aisk@users.noreply.github.com>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
2025-09-29 12:03:23 +03:00
Gordon Messmer
408154d64a
gh-78319: Fix implementation of IMAP APPEND UTF8 (GH-9436)
Make UTF8 support for the IMAP APPEND command RFC 6855 compliant.
2025-09-29 09:03:06 +03:00
Russell Keith-Magee
195d13c85e
gh-132006: Add support for handling XCPrivacy manifests (#139163)
Adds a PrivacyInfo.xcprivacy file when packaging `_hashlib` and `_ssl` modules
for iOS (based on the original OpenSSL sources); and adds handling to the build
script to allow any app to add `xcprivacy` handling for a binary module.
2025-09-29 05:50:46 +08:00
yihong
e18dda96c9
gh-139374: colorize traceback when using timeit command-line interface (#139375)
---------

Signed-off-by: yihong0618 <zouzou0208@gmail.com>
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
2025-09-28 11:49:18 +00:00
Bénédikt Tran
666112376d
gh-90949: expose Expat API to tune exponential expansion protections (#139368)
Expose the XML Expat 2.7.2 APIs to tune protections against
"billion laughs" [1] attacks.

The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:

- `parser.SetBillionLaughsAttackProtectionActivationThreshold(threshold)`, and
- `parser.SetBillionLaughsAttackProtectionMaximumAmplification(max_factor)`.

This completes the work in f04bea44c3,
and improves the existing related documentation.

[1]: https://en.wikipedia.org/wiki/Billion_laughs_attack
2025-09-28 08:27:04 +00:00
Stan Ulbrych
48d0d0dd97
gh-139312: Update bundled libexpat to 2.7.3 (GH-139319)
+ Blurb
+ Update sbom.spdx.json
2025-09-26 19:44:36 -07:00
Bénédikt Tran
68a1778b77
gh-90949: amend GH-139234 in prevision of future mitigation API (#139366)
Fix some typos left in f04bea44c3,
and simplify some internal functions to ease maintenance of future
mitigation APIs.
2025-09-26 17:59:40 +00:00
Tian Gao
8288f3693f
gh-139289: Lazy import rlcompleter to fix the refleak (#139305) 2025-09-26 22:17:02 +08:00
Bénédikt Tran
f04bea44c3
gh-90949: add Expat API to prevent XML deadly allocations (CVE-2025-59375) (#139234)
Expose the XML Expat 2.7.2 mitigation APIs to disallow use of
disproportional amounts of dynamic memory from within an Expat
parser (see CVE-2025-59375 for instance).

The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:

- `parser.SetAllocTrackerActivationThreshold(threshold)`, and
- `parser.SetAllocTrackerMaximumAmplification(max_factor)`.
2025-09-26 14:13:56 +00:00
Raymond Hettinger
7909b30493
gh-138682: Add symmetric difference to Counter (gh-138766) 2025-09-26 00:04:49 -05:00
Seth Michael Larson
89b5571025
gh-139330: Check expat version/checksum in SBOM with refresh.sh
Check expat version/checksum in SBOM with refresh.sh
2025-09-25 17:13:45 +00:00
Pablo Galindo Salgado
1963e70100
gh-139275: Fix compilation of Modules/_remote_debugging_module.c when the system doesn't have process_vm_readv (#139307) 2025-09-25 00:16:44 +01:00
dgpb
7ce25edb8f
gh-133059: Increase the small positive integer cache to 1024 (GH-133160) 2025-09-24 17:05:30 -04:00
Bénédikt Tran
a5e0562350
gh-133644: remove PyWeakref_GetObject and PyWeakref_GET_OBJECT (GH-133657) 2025-09-24 11:25:56 +02:00
Stan Ulbrych
30f849250b
gh-83336: Add alias for consistency to utf-8-sig (#136530)
Closes #83336
2025-09-24 10:38:57 +02:00
Tian Gao
c8624cd367
gh-138860: Lazy import rlcompleter in pdb to avoid deadlock in subprocess (#139185) 2025-09-24 11:46:05 +08:00
Serhiy Storchaka
1a2e00c97a
gh-67795: Accept any real numbers as timestamp and timeout (GH-139224)
Functions that take timestamp or timeout arguments now accept any
real numbers (such as Decimal and Fraction), not only integers or floats,
although this does not improve precision.
2025-09-23 21:31:42 +03:00
Dave Peck
6ec058a1f7
gh-138558: Improve handling of Template annotations in annotationlib (#139072) 2025-09-23 11:25:51 -07:00
Victor Stinner
e8382e55c5
gh-74857, PEP 538: Coerce POSIX locale to UTF-8 based locale (#139238) 2025-09-23 19:20:59 +02:00
Serhiy Storchaka
5854cf38a2
gh-130567: Fix possible crash in locale.strxfrm() (GH-138940)
On some macOS versions there was an off-by-one error in wcsxfrm() which
caused writing past the end of the array if its size was not calculated
by running wcsxfrm() first.

Co-authored-by: Ronald Oussoren <ronaldoussoren@mac.com>
2025-09-23 15:11:50 +00:00
Victor Stinner
dd683f8f34
gh-139208: Fix regrtest --fast-ci --verbose (#139240)
Don't ignore the --verbose option anymore.
2025-09-23 16:09:01 +02:00
Katie Gardner
e642a24b50
gh-95953: Add a css class to changed lines of difflib.HtmlDiff make_table (#139226) 2025-09-22 13:19:37 +00:00
Jason R. Coombs
a756a4b953
gh-138313: Suppress ResourceWarnings and restore skipped test (#138597) 2025-09-21 20:53:57 -04:00
Serhiy Storchaka
20d5494c88
Revert "gh-66234: Add flag to disable the use of mmap in dbm.gnu (GH-135005)" (GH-136989)
This reverts commit 0cec424af5.
2025-09-20 11:01:44 +03:00
Peter Bierma
d06113c7a7
gh-112729: Correctly fail when the process is out of memory during interpreter creation (GH-139164) 2025-09-19 10:41:09 -04:00
Serhiy Storchaka
7257b24140
gh-139076: Fix regression in pydoc not showing extension functions (GH-139077)
Fix a bug in the pydoc module that was hiding functions in a Python
module if they were implemented in an extension module and the module did
not have __all__.
2025-09-19 15:54:06 +03:00
Russell Keith-Magee
35c7e52b3e
gh-138171: Migrate iOS testbed location and add Apple build script (#138176)
Adds tooling to generate and test an iOS XCframework, in a way that will also facilitate
adding other XCframework targets for other Apple platforms (tvOS, watchOS, visionOS and 
even macOS, potentially).

---------
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
2025-09-19 13:23:38 +01:00
Peter Bierma
9243a4b933
gh-126016: Remove bad assertion in PyThreadState_Clear (GH-139158)
In the _interpreters module, we use PyEval_EvalCode() to run Python code in another interpreter. However, when the process receives a KeyboardInterrupt, PyEval_EvalCode() will jump straight to finalization rather than returning. This prevents us from cleaning up and marking the thread as "not running main", which triggers an assertion in PyThreadState_Clear() on debug builds. Since everything else works as intended, remove that assertion.
2025-09-19 12:17:05 +00:00
Semyon Moroz
495f589363
gh-121237: Add %:z directive to datetime.strptime (#136961) 2025-09-19 10:25:31 +01:00
da-woods
ac5c5d42a2
gh-119494: Fix error messages for deleting/setting type attributes (#119495) 2025-09-18 22:08:49 +01:00
Alex Waygood
293b05c09b
gh-118803: Make ByteString deprecations louder; remove ByteString from typing.__all__ and collections.abc.__all__ (#139127) 2025-09-18 18:58:16 +00:00
Nicholas Tindle
0f27e10204
gh-137976: Explicitly exclude localtime from available_timezones (#138012)
* fix: available_timezones is reporting an invalid IANA zone name

* 📜🤖 Added by blurb_it.

* correct rst format for backticks

---------

Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Paul Ganssle <1377457+pganssle@users.noreply.github.com>
2025-09-18 17:32:14 +01:00
Benjamin Peterson
e163fbdeda
fixes gh-139090: add os.RWF_DONTCACHE (#139091) 2025-09-18 08:13:23 -07:00
Peter Bierma
2191497933
gh-136003: Execute pre-finalization callbacks in a loop (GH-136004) 2025-09-18 08:29:12 -04:00
Peter Bierma
571210b8f3
gh-135729: Store reference to globals in Interpreter._decref (GH-139104) 2025-09-18 11:17:51 +00:00
Cody Maloney
db68bfc771
gh-138720: Make Buffered closed check match flush (GH-138724)
In `_io__Buffered_flush_impl` the macro `CHECK_CLOSED` is used to check
the `buffered*` is in a good state to be flushed. That differs slightly
from `buffered_closed`.

In some cases, that difference would result in `close()` thinking the
file needed to be flushed and closed while `flush()` thought the file
was already closed.

This could happen during GC and would result in an unraisable exception.
2025-09-18 12:02:29 +02:00
Mark Shannon
3b83257366
GH-138378: Move globals-to-consts pass into main optimizer pass (GH-138379) 2025-09-18 10:09:59 +01:00
Raymond Hettinger
c25400a4b6
Revert gh-139075. The sumprod fix needs more work. (gh-139092) 2025-09-18 02:05:27 -05:00
Raymond Hettinger
b485e50fde
gh-139074: Fix missing high precision case in sumprod() (gh-139075) 2025-09-17 16:50:15 -05:00