Add curses tests for panels, textpad, and window behavior
Extend test_curses with behavior-verifying tests that go beyond the
existing smoke tests:
* curses.panel stacking: new_panel/top/bottom/above/below ordering,
hide/show/hidden, move, replace and userptr round-trip.
* Real-window curses.textpad.Textbox: gather(), edit(), stripspaces,
insert mode and the Emacs-like editing commands (previously only
exercised through a MagicMock).
* Window output: addstr cursor advance and addnstr truncation,
insstr/insnstr shifting without cursor movement, and pad behavior
(instr, subpad cell sharing, the required 6-argument refresh()).
* Error handling: out-of-range coordinates raising curses.error and
bad character/string argument types.
(cherry picked from commit b4cfb992ed)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Cover previously-untested Text methods (indices, content, marks, tags,
undo/redo, dump, embedded images and windows, peers, and geometry) and
the tag, embedded-image and embedded-window configuration options.
(cherry picked from commit 4ac809e10b)
(cherry picked from commit 22c000eeb4)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Cover previously-untested Listbox methods in ListboxTest: size, delete,
index resolution, nearest, see, activate, and the selection methods
(selection_set/clear/includes/anchor and their select_* aliases),
including the errors raised for invalid indices.
(cherry picked from commit cf3b3c1148)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Cover previously-untested Menu methods in MenuTest: adding, inserting and
deleting items of every type, index resolution, invoking items, entry x/y
positions, and post/unpost/tk_popup mapping.
Also test per-entry configuration options and the errors raised for
invalid indices, entry types, option names and option values.
(cherry picked from commit ef5c32a40b)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
(cherry picked from commit 015cc42bc2)
Fix errors and clarify the curses, curses.panel and curses.ascii docs
against X/Open Curses and ncurses, and sync the affected docstrings.
(cherry picked from commit 65afcdd8df)
gh-120665: make unittest loaders avoid loading test cases that are abstract base classes (GH-120666)
(cherry picked from commit 5ad3c6dfbf)
Co-authored-by: blhsing <blhsing@gmail.com>
gh-151519: Check effective gid in `_test_all_chown_common` group-0 guard (GH-151521)
The guard that skips the "chown to gid 0 should fail" assertion used
only `os.getgroups()` (supplementary groups). The kernel also accepts
the effective/filesystem gid for chown, so when a process runs with
egid 0 and a non-zero uid (common in containers and user namespaces),
chown(-1, 0) succeeds and the assertion spuriously fails.
Add an `os.getegid() != 0` check alongside the existing
`0 not in os.getgroups()` guard.
(cherry picked from commit 2ce260033b)
Co-authored-by: Itamar Oren <itamarost@gmail.com>
gh-151522: Guard against None transport in slow-socket SSL test (GH-151523)
(cherry picked from commit 11f032f904)
Co-authored-by: Itamar Oren <itamarost@gmail.com>
[3.14] gh-101267: ProcessPoolExecutor no longer shares 1 BrokenProcessPool exception among all failed futures (GH-101268) (GH-151431)
* gh-101267: ProcessPoolExecutor no longer shares 1 BrokenProcessPool exception among all failed futures (GH-101268)
(cherry picked from commit 3c00ebc2bb)
(cherry picked from commit 4e8c9c6a57)
* Drop the abrupt-exit-code reporting from the 3.14 backport
Reporting the exit codes of processes that died without a known cause
is a new feature, not part of the gh-101267 bugfix. Keep only the
bugfix on 3.14: each failed future gets its own BrokenProcessPool
exception instead of one shared instance.
---------
(cherry picked from commit 27ff2c8c53)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Co-authored-by: Daniel Shields <daniel.shields@twosigma.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
gh-138991: Update dataclass documentation for new eq behavior in Python 3.13 (GH-139007)
And add tests.
(cherry picked from commit 402668b2b1)
Co-authored-by: Aniket <148300120+Aniketsy@users.noreply.github.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-151284: Fix test_capi on UBSan (GH-151286)
Comment two checks relying on undefined behavior in
test_fromwidechar() of test_capi.
Enable test_capi in GitHub Action "Reusable Sanitizer".
(cherry picked from commit d87d772873)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14][3.15] gh-151253: Dump the Python path configuration on _PyCodec_InitRegistry() failure (#151250) (#151269) (#151283)
[3.15] gh-151253: Dump the Python path configuration on _PyCodec_InitRegistry() failure (#151250) (#151269)
gh-151253: Dump the Python path configuration on _PyCodec_InitRegistry() failure (#151250)
If "import encodings" fails at Python startup, dump the Python path
configuration to help users debugging their configuration. The
encodings module is the first module imported during Python startup.
(cherry picked from commit 7b6e98911e)
(cherry picked from commit 10f616cf39)
(cherry picked from commit b3a7758d8a)
[3.14] gh-143988: Fix re-entrant mutation crashes in socket sendmsg/recvmsg_into (#143987) (#151251)
gh-143988: Fix re-entrant mutation crashes in socket sendmsg/recvmsg_into (#143987)
Fix crashes in socket.sendmsg() and socket.recvmsg_into() that could
occur if buffer sequences are mutated re-entrantly during argument
parsing via __buffer__ protocol callbacks.
The bug occurs because:
1. PySequence_Fast() returns the original list object when the input
is already a list (not a copy).
2. During iteration, PyObject_GetBuffer() triggers __buffer__
callbacks which may clear the list.
3. Subsequent iterations access invalid memory (heap OOB read).
The fix replaces PySequence_Fast() with PySequence_Tuple() which
always creates a new tuple, ensuring the sequence cannot be mutated
during iteration.
(cherry picked from commit 896f7fdc7d)
(cherry picked from commit 632daaf5e9)
Co-authored-by: tonghuaroot (童话) <tonghuaroot@gmail.com>
Co-authored-by: tonghuaroot <23011166+tonghuaroot@users.noreply.github.com>
gh-150988: Fix refleak in `OSError` when attrs are set before `super().__init__()` (GH-150990)
(cherry picked from commit f2a0f82282)
Co-authored-by: Lukas Geiger <lukas.geiger94@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-149231: tomllib: Limit the number of parts in a key (GH-149233) (GH-149815)
(cherry picked from commit bc7c102f34)
(cherry picked from commit 724a5e5e3b)
Co-authored-by: Stan Ulbrych <stan@python.org>
Expose the XML Expat 2.7.2 APIs to tune protections against
"billion laughs" [1] attacks.
The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:
- `parser.SetBillionLaughsAttackProtectionActivationThreshold(threshold)`, and
- `parser.SetBillionLaughsAttackProtectionMaximumAmplification(max_factor)`.
This completes the work in f04bea44c3,
and improves the existing related documentation.
[1]: https://en.wikipedia.org/wiki/Billion_laughs_attack
(cherry picked from commit 666112376d)
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Nonatomic move might be used even if the files are
on the same filesystem in some cases.
(cherry picked from commit 6ecd197c03)
Co-authored-by: Fang Li <fangli@users.noreply.github.com>
gh-150368: Change Windows user group to secure identifier in test_tempfile (GH-150369)
(cherry picked from commit 9d64c355b5)
Co-authored-by: Dawid Konrad Kohnke <51542233+anytokin@users.noreply.github.com>
Update the table of Windows language code identifiers (LCIDs) to
protocol version 16.0 (2024-04-23).
(cherry picked from commit bfe6f9f590)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-151019: Fix test_os on 32-bit FreeBSD (GH-151087)
Remove references to server.handler_instance. This attribute has been
removed in 2022 by commit 3ae975f1ac.
(cherry picked from commit a9002349cb)
Co-authored-by: Victor Stinner <vstinner@python.org>
ass_subscript_slice() returned early when the computed slice length
was zero, bypassing validation performed for non-empty slices.
(cherry picked from commit fc9c4db130)
Co-authored-by: Jiseok CHOI <jiseok.dev@gmail.com>
* bpo-46943: fix[imaplib]: call Exception with string instance
Adjust the behavior of 'login' to be similar to `authenticate()`,
where self.error is called with a str() instance.
(cherry picked from commit 29805f00a1)
Co-authored-by: Florian Best <spaceone@users.noreply.github.com>
Co-authored-by: Oleg Iarygin <oleg@arhadthedev.net>
Fixed incorrect word.
(cherry picked from commit f7e0fb60cf)
Co-authored-by: Gustaf <79180496+gostak-dd@users.noreply.github.com>
Co-authored-by: Gustaf <79180496+GGyll@users.noreply.github.com>
Replace the insertion sort used for canonical ordering of combining
characters with a hybrid approach: insertion sort for short runs (< 20)
and counting sort for longer runs, reducing worst-case complexity from
O(n^2) to O(n). This prevents denial of service via crafted Unicode
strings with many combining characters in alternating CCC order.
(cherry picked from commit 991224b1e8)
Co-authored-by: Seth Larson <seth@python.org>
Co-authored-by: ch4n3-yoon <ch4n3.yoon@gmail.com>
Co-authored-by: Seokchan Yoon <13852925+ch4n3-yoon@users.noreply.github.com>
Co-authored-by: Stan Ulbrych <stan@python.org>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Maurycy Pawłowski-Wieroński <maurycy@maurycy.com>
gh-149738: Fix segmentation fault bug in sqllite3 (#149754)
Deleting the `row_factory` or `text_factory` attribute is no longer allowed.
(cherry picked from commit 60fdb3192b)
Co-authored-by: Sepehr Rasouli <sepehrrasouli06@gmail.com>
gh-148508: Add another common pattern for iOS SSL failures to test_ssl (GH-150442)
Match also '[SSL: HTTP_REQUEST] http request (_ssl.c:1143)'.
(cherry picked from commit 540b3d0a7f)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
gh-150436: Skip subprocess test on STATUS_DLL_INIT_FAILED (#150704)
If a subprocess spawned with CREATE_NEW_CONSOLE creation flag fails
with STATUS_DLL_INIT_FAILED return code, skip the test. It's likely a
memory allocation failure in the desktop heap memory which caused the
DLL init failure.
(cherry picked from commit e8034dd841)
* The content of elements "xmp", "iframe", "noembed", "noframes",
and "plaintext" is no longer escaped.
* The "plaintext" element no longer have the closing tag.
(cherry picked from commit c42e6d3f1a)
(cherry picked from commit bcd29e466f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>