Replace hardcoded 5 seconds with support.SHORT_TIMEOUT.
Fix the following error on slow CI such as GitHub Action UBSan:
test test_pyrepl failed -- Traceback (most recent call last):
File "Lib/test/test_pyrepl/test_unix_console.py", line 362, in test_repl_eio
_, err = proc.communicate(timeout=5) # sleep for pty to settle
~~~~~~~~~~~~~~~~^^^^^^^^^^^
File "Lib/subprocess.py", line 1219, in communicate
stdout, stderr = self._communicate(input, endtime, timeout)
~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^
File "Lib/subprocess.py", line 2126, in _communicate
self._check_timeout(endtime, orig_timeout, stdout, stderr)
~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "Lib/subprocess.py", line 1266, in _check_timeout
raise TimeoutExpired(
...<2 lines>...
stderr=b''.join(stderr_seq) if stderr_seq else None)
subprocess.TimeoutExpired: Command '[...]' timed out after 5 seconds
The last remaining set of tests to split out that are focused on one
specific implementation portion (`bufferedio.c`).
test_io.test_general is now largely tests around `io.open` and module
properties (ex. pickling, class hierarchy, module members, etc).
This closes#138013.
gh-138013: Split TextIO tests from test_general
These tests take 1.3 seconds on my dev machine, match fairly closely
with testing `textio.c` implementation only.
Passing a negative or zero size to `cursor.fetchmany()` made it fetch all rows
instead of none.
While this could be considered a security vulnerability, it was decided to treat
this issue as a regular bug as passing a non-sanitized *size* value in the first
place is not recommended.
Expose the XML Expat 2.7.2 APIs to tune protections against
"billion laughs" [1] attacks.
The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:
- `parser.SetBillionLaughsAttackProtectionActivationThreshold(threshold)`, and
- `parser.SetBillionLaughsAttackProtectionMaximumAmplification(max_factor)`.
This completes the work in f04bea44c3,
and improves the existing related documentation.
[1]: https://en.wikipedia.org/wiki/Billion_laughs_attack
Expose the XML Expat 2.7.2 mitigation APIs to disallow use of
disproportional amounts of dynamic memory from within an Expat
parser (see CVE-2025-59375 for instance).
The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:
- `parser.SetAllocTrackerActivationThreshold(threshold)`, and
- `parser.SetAllocTrackerMaximumAmplification(max_factor)`.
Merge `_WindowsPathInfo` and `_PosixPathInfo` classes into a new
`_StatResultInfo` class. On Windows, this means relying on `os.stat()`
rather than `os.path.isfile()` and friends, which is a little slower. But
there's value in making the code easier to maintain, and we're going to
need the stat result for implementing `size()`, `mode()` etc.
Also move the classes from `pathlib._os` to `pathlib` proper.
Functions that take timestamp or timeout arguments now accept any
real numbers (such as Decimal and Fraction), not only integers or floats,
although this does not improve precision.
