* Link TOML & WSGI in New Modules section, refine text & add ref label
* Further reformat new modules & add PEP link to tomllib
(cherry picked from commit bd00112a99)
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Use HTTPS for documents which are available by both HTTP and HTTPS
links, but there is no redirection from HTTP to HTTPS or vice versa.
(cherry picked from commit dd53b79de0)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
(cherry picked from commit 4b81139aac)
Co-authored-by: Stanley <46876382+slateny@users.noreply.github.com>
Co-authored-by: Stanley <46876382+slateny@users.noreply.github.com>
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
(cherry picked from commit 4995f5f9a0)
Co-authored-by: Laurie O <laurie_opperman@hotmail.com>
Integer to and from text conversions via CPython's bignum `int` type is not safe against denial of service attacks due to malicious input. Very large input strings with hundred thousands of digits can consume several CPU seconds.
This PR comes fresh from a pile of work done in our private PSRT security response team repo.
This backports https://github.com/python/cpython/pull/96499 aka 511ca94520
Signed-off-by: Christian Heimes [Red Hat] <christian@python.org>
Tons-of-polishing-up-by: Gregory P. Smith [Google] <greg@krypto.org>
Reviews via the private PSRT repo via many others (see the NEWS entry in the PR).
<!-- gh-issue-number: gh-95778 -->
* Issue: gh-95778
<!-- /gh-issue-number -->
I wrote up [a one pager for the release managers](https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y/edit#).
The previous wording of this entry suggests that CPython
won't work if optional compiler features are enabled.
That's not the case. The change is that we require C11 rather
than C89.
Note that PEP 7 does say "Python 3.11 and newer versions use C11
without optional features." It is correct there: that's
not a guide for users who compile Python, but for CPython devs
who must avoid the features.
* 3.11 Whatsnew: Add Py_UNICODE encode functions removed in PEP 624
* Just use :func: instead of :c:func: for non-resolved funcs so ! works
(cherry picked from commit b6d88b7225)
Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
(cherry picked from commit ab4d72954f)
Co-authored-by: Christian Heimes <christian@python.org>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Stanley <46876382+slateny@users.noreply.github.com>
Co-authored-by: Mark Shannon <mark@hotpy.org>
It updates links which redirect to HTTPS with different authority or
path.
(cherry picked from commit d0d0154443)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
If an HTTP link is redirected to a same looking HTTPS link, the latter can
be used directly without changes in readability and behavior.
It protects from a men-in-the-middle attack.
This change does not affect Python examples..
(cherry picked from commit f79547a429)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
(cherry picked from commit a1daf6e5cc)
Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
Automerge-Triggered-By: GH:Fidget-Spinner
Some are missing, a few placed after the ')'.
One ') was missing.
(cherry picked from commit c944649ffc)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Elide traceback column indicators when the entire line of the
frame is implicated. This reduces traceback length and draws
more attention to the remaining (very relevant) indicators.
Example:
```
Traceback (most recent call last):
File "query.py", line 99, in <module>
bar()
File "query.py", line 66, in bar
foo()
File "query.py", line 37, in foo
magic_arithmetic('foo')
File "query.py", line 18, in magic_arithmetic
return add_counts(x) / 25
^^^^^^^^^^^^^
File "query.py", line 24, in add_counts
return 25 + query_user(user1) + query_user(user2)
^^^^^^^^^^^^^^^^^
File "query.py", line 32, in query_user
return 1 + query_count(db, response['a']['b']['c']['user'], retry=True)
~~~~~~~~~~~~~~~~~~^^^^^
TypeError: 'NoneType' object is not subscriptable
```
Automerge-Triggered-By: GH:pablogsal
Move the follow functions and type from frameobject.h to pyframe.h,
so the standard <Python.h> provide frame getter functions:
* PyFrame_Check()
* PyFrame_GetBack()
* PyFrame_GetBuiltins()
* PyFrame_GetGenerator()
* PyFrame_GetGlobals()
* PyFrame_GetLasti()
* PyFrame_GetLocals()
* PyFrame_Type
Remove #include "frameobject.h" from many C files. It's no longer
needed.
(cherry picked from commit 27b9894033)
* What's new in 3.10: fix link to issue
* What's new in 3.10: fix link to GH issue
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
(cherry picked from commit 59c1b33805)
Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
