* Disable AF_UNIX connection family on Cygwin.
* forkserver start method is not available on Cygwin: update tests
for that.
* test_logging calls multiprocessing.get_all_start_methods().
These were all deprecated in 3.9 (bace59d8b8) but without
a runtime deprecation warning. Add it now, so that these
items can be removed in 3.21 per PEP 387.
Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
* Check for SIG_BLOCK instead of pthread_sigmask() to decide if
SIG_BLOCK, SIG_UNBLOCK and SIG_SETMASK constants should be
converted to enums.
* Skip ITIMER_VIRTUAL and ITIMER_PROF tests on Cygwin: setitimer()
fails with ItimerError(EINVAL).
ftpcp() called parse227() directly and passed the source server's
self-reported PASV IPv4 address to the target server's PORT command,
bypassing the CVE-2021-4189 fix that was applied only to FTP.makepasv().
A malicious source FTP server could use this to redirect the target
server's data connection to an arbitrary host:port (SSRF).
ftpcp() now uses the source server's actual peer address, honoring the
existing trust_server_pasv_ipv4_address opt-out, the same as makepasv().
Thanks to Qi Ding at Aurascape AI for the report. (GHSA-w8c5-q2xf-gf7c)
* Add re-entrant tests for gh-149504
* Add end-to-end integration test coverage
This ensures that future whitebox internal test changes do not regress the
public surface semantics.
* Implement a state class to process .pth and .start files
By using this state class and managing implicit and explicit batching, we make it structurally
impossible to get bitten by re-entrant site startup processing.
Fixes#149504
RFC 2047 Section 6.2 requires that "any 'linear-white-space' that
separates a pair of adjacent 'encoded-word's is ignored." The modern
header value parser correctly implements that for unstructured headers,
but had missed a case in structured headers. This could cause a parsed
address header to include extraneous spaces in a display-name.
Switch to @bitdancer's fix from review feedback. Recharacterize space
between ews as fws after parsing in get_phrase.
RDM: This fix is dependent on the fact that "subsequent" atoms will never have
leading whitespace because that's been consumed already. I don't think
it's worth adding extra code for the possibility of leading whitespace
because the parser won't produce it. It's a bit of parser fragility in the
face of code changes, but I think that's a minor concern given the
parser design (which is that it consumes whitespace greedily)
Co-authored-by: R David Murray <rdmurray@bitdance.com>
In free-threaded builds, concurrent calls to PyDict_AddWatcher, PyDict_ClearWatcher, PyDict_Watch, and PyDict_Unwatch can race on the shared callback array and the per-dict watcher tags. This change adds a mutex to serialize watcher registration and removal, atomic operations for tag updates, and atomic acquire/release synchronization for callback dispatch in _PyDict_SendEvent.
* Idempotent `.pth` execution in `site.addsitedir`
* potentially fix monkeypatch leak?
* fix blind copy paste of recommendation
* Update 2026-03-31-16-15-15.gh-issue-75723.BZ4Rsn.rst
* fix implicit merge conflict with 24c4aecc16
* Add failing tests for gh-75723
Based on @asottle branch !asottle-gh-75723 but refactored for `main`.
This will need a different backport.
* Repair gh-75723
The original fix is here: https://github.com/python/cpython/pull/147951
but I'm refactoring a bit for `main`.
* Refactor _make_mod() so we can use it to create package modules too
* Add myself to CODEOWNERS for the site module
---------
Co-authored-by: anthony sottile <asottile@umich.edu>
Co-authored-by: Filipe Laíns <lains@riseup.net>
