forked from pool/python313
Update to 3.13.12:
- Tools/Demos
- gh-142095: Make gdb ‘py-bt’ command use frame from thread
local state when available. Patch by Sam Gross and Victor
Stinner.
- Tests
- gh-144415: The Android testbed now distinguishes between
stdout/stderr messages which were triggered by a newline,
and those triggered by a manual call to flush. This fixes
logging of progress indicators and similar content.
- gh-65784: Add support for parametrized resource wantobjects
in regrtests, which allows to run Tkinter tests with the
specified value of tkinter.wantobjects, for example -u
wantobjects=0.
- gh-143553: Add support for parametrized resources, such as
-u xpickle=2.7.
- gh-142836: Accommodated Solaris in
test_pdb.test_script_target_anonymous_pipe.
- gh-129401: Fix a flaky test in test_repr_rlock that checks
the representation of multiprocessing.RLock.
- bpo-31391: Forward-port test_xpickle from Python 2 to
Python 3 and add the resource back to test’s command line.
- Security
- gh-144125: BytesGenerator will now refuse to serialize
(write) headers that are unsafely folded or delimited; see
verify_generated_headers. (Contributed by Bas Bloemsaat and
Petr Viktorin in gh-121650).
- gh-143935: Fixed a bug in the folding of comments when
flattening an email message using a modern email policy.
Comments consisting of a very long sequence of non-foldable
characters could trigger a forced line wrap that omitted
the required leading space on the continuation line,
causing the remainder of the comment to be interpreted as
a new header field. This enabled header injection with
carefully crafted inputs.
- gh-143925: Reject control characters in data: URL media
types.
- gh-143919: Reject control characters in http.cookies.Morsel
fields and values.
- gh-143916: Reject C0 control characters within
wsgiref.headers.Headers fields, values, and parameters.
- Library
- gh-144380: Improve performance of io.BufferedReader line
iteration by ~49%.
- gh-144169: Fix three crashes when non-string keyword
arguments are supplied to objects in the ast module.
- gh-144100: Fixed a crash in ctypes when using a deprecated
POINTER(str) type in argtypes. Instead of aborting, ctypes
now raises a proper Python exception when the pointer
target type is unresolved.
- gh-144050: Fix stat.filemode() in the pure-Python
implementation to avoid misclassifying invalid mode values
as block devices.
- gh-144023: Fixed validation of file descriptor 0 in posix
functions when used with follow_symlinks parameter.
- gh-143999: Fix an issue where inspect.getgeneratorstate()
and inspect.getcoroutinestate() could fail for generators
wrapped by types.coroutine() in the suspended state.
- gh-143706: Fix multiprocessing forkserver so that sys.argv
is correctly set before __main__ is preloaded. Previously,
sys.argv was empty during main module import in forkserver
child processes. This fixes a regression introduced in
3.13.8 and 3.14.1. Root caused by Aaron Wieczorek, test
provided by Thomas Watson, thanks!
- gh-143638: Forbid reentrant calls of the pickle.Pickler and
pickle.Unpickler methods for the C implementation.
Previously, this could cause crash or data corruption, now
concurrent calls of methods of the same object raise
RuntimeError.
- gh-78724: Raise RuntimeError’s when user attempts to call
methods on half-initialized Struct objects, For example,
created by Struct.__new__(Struct). Patch by Sergey
B Kirpichev.
- gh-143602: Fix a inconsistency issue in write() that leads
to unexpected buffer overwrite by deduplicating the buffer
exports.
- gh-143547: Fix sys.unraisablehook() when the hook raises an
exception and changes sys.unraisablehook(): hold a strong
reference to the old hook. Patch by Victor Stinner.
- gh-143378: Fix use-after-free crashes when a BytesIO object
is concurrently mutated during write() or writelines().
- gh-143346: Fix incorrect wrapping of the Base64 data in
plistlib._PlistWriter when the indent contains a mix of
tabs and spaces.
- gh-143310: tkinter: fix a crash when a Python list is
mutated during the conversion to a Tcl object (e.g., when
setting a Tcl variable). Patch by Bénédikt Tran.
- gh-143309: Fix a crash in os.execve() on non-Windows
platforms when given a custom environment mapping which is
then mutated during parsing. Patch by Bénédikt Tran.
- gh-143308: pickle: fix use-after-free crashes when
a PickleBuffer is concurrently mutated by a custom buffer
callback during pickling. Patch by Bénédikt Tran and Aaron
Wieczorek.
- gh-143237: Fix support of named pipes in the rotating
logging handlers.
- gh-143249: Fix possible buffer leaks in Windows overlapped
I/O on error handling.
- gh-143241: zoneinfo: fix infinite loop in
ZoneInfo.from_file when parsing a malformed TZif file.
Patch by Fatih Celik.
- gh-142830: sqlite3: fix use-after-free crashes when the
connection’s callbacks are mutated during a callback
execution. Patch by Bénédikt Tran.
- gh-143200: xml.etree.ElementTree: fix use-after-free
crashes in __getitem__() and __setitem__() methods of
Element when the element is concurrently mutated. Patch by
Bénédikt Tran.
- gh-142195: Updated timeout evaluation logic in subprocess
to be compatible with deterministic environments like
Shadow where time moves exactly as requested.
- gh-143145: Fixed a possible reference leak in ctypes when
constructing results with multiple output parameters on
error.
- gh-122431: Corrected the error message in
readline.append_history_file() to state that nelements must
be non-negative instead of positive.
- gh-143004: Fix a potential use-after-free in
collections.Counter.update() when user code mutates the
Counter during an update.
- gh-143046: The asyncio REPL no longer prints copyright and
version messages in the quiet mode (-q). Patch by Bartosz
Sławecki.
- gh-140648: The asyncio REPL now respects the -I flag
(isolated mode). Previously, it would load and execute
PYTHONSTARTUP even if the flag was set. Contributed by
Bartosz Sławecki.
- gh-142991: Fixed socket operations such as recvfrom() and
sendto() for FreeBSD divert(4) socket.
- gh-143010: Fixed a bug in mailbox where the precise timing
of an external event could result in the library opening an
existing file instead of a file it expected to create.
- gh-142881: Fix concurrent and reentrant call of
atexit.unregister().
- gh-112127: Fix possible use-after-free in
atexit.unregister() when the callback is unregistered
during comparison.
- gh-142783: Fix zoneinfo use-after-free with descriptor
_weak_cache. a descriptor as _weak_cache could cause
crashes during object creation. The fix ensures proper
reference counting for descriptor-provided objects.
- gh-142754: Add the ownerDocument attribute to
xml.dom.minidom elements and attributes created by directly
instantiating the Element or Attr class. Note that this way
of creating nodes is not supported; creator functions like
xml.dom.Document.documentElement() should be used instead.
- gh-142784: The asyncio REPL now properly closes the loop
upon the end of interactive session. Previously, it could
cause surprising warnings. Contributed by Bartosz Sławecki.
- gh-142555: array: fix a crash in a[i] = v when converting
i to an index via i.__index__ or i.__float__ mutates the
array.
- gh-142594: Fix crash in TextIOWrapper.close() when the
underlying buffer’s closed property calls detach().
- gh-142451: hmac: Ensure that the HMAC.block_size attribute
is correctly copied by HMAC.copy. Patch by Bénédikt Tran.
- gh-142495: collections.defaultdict now prioritizes
__setitem__() when inserting default values from
default_factory. This prevents race conditions where
a default value would overwrite a value set before
default_factory returns.
- gh-142651: unittest.mock: fix a thread safety issue where
Mock.call_count may return inaccurate values when the mock
is called concurrently from multiple threads.
- gh-142595: Added type check during initialization of the
decimal module to prevent a crash in case of broken stdlib.
Patch by Sergey B Kirpichev.
- gh-142517: The non-compat32 email policies now correctly
handle refolding encoded words that contain bytes that can
not be decoded in their specified character set. Previously
this resulted in an encoding exception during folding.
- gh-112527: The help text for required options in argparse
no longer extended with “ (default: None)”.
- gh-142315: Pdb can now run scripts from anonymous pipes
used in process substitution. Patch by Bartosz Sławecki.
- gh-142282: Fix winreg.QueryValueEx() to not accidentally
read garbage buffer under race condition.
- gh-75949: Fix argparse to preserve | separators in mutually
exclusive groups when the usage line wraps due to length.
- gh-68552: MisplacedEnvelopeHeaderDefect and Missing header
name defects are now correctly passed to the handle_defect
method of policy in FeedParser.
- gh-142006: Fix a bug in the email.policy.default folding
algorithm which incorrectly resulted in a doubled newline
when a line ending at exactly max_line_length was followed
by an unfoldable token.
- gh-105836: Fix asyncio.run_coroutine_threadsafe() leaving
underlying cancelled asyncio task running.
- gh-139971: pydoc: Ensure that the link to the online
documentation of a stdlib module is correct.
- gh-139262: Some keystrokes can be swallowed in the new
PyREPL on Windows, especially when used together with the
ALT key. Fix by Chris Eibl.
- gh-138897: Improved license/copyright/credits display in
the REPL: now uses a pager.
- gh-79986: Add parsing for References and In-Reply-To
headers to the email library that parses the header content
as lists of message id tokens. This prevents them from
being folded incorrectly.
- gh-109263: Starting a process from spawn context in
multiprocessing no longer sets the start method globally.
- gh-90871: Fixed an off by one error concerning the backlog
parameter in create_unix_server(). Contributed by Christian
Harries.
- gh-133253: Fix thread-safety issues in linecache.
- gh-132715: Skip writing objects during marshalling once
a failure has occurred.
- gh-127529: Correct behavior of
asyncio.selector_events.BaseSelectorEventLoop._accept_connection()
in handling ConnectionAbortedError in a loop. This improves
performance on OpenBSD.
- IDLE
- gh-143774: Better explain the operation of Format / Format
Paragraph.
- Documentation
- gh-140806: Add documentation for enum.bin().
- Core and Builtins
- gh-144307: Prevent a reference leak in module teardown at
interpreter finalization.
- gh-144194: Fix error handling in perf jitdump
initialization on memory allocation failure.
- gh-141805: Fix crash in set when objects with the same hash
are concurrently added to the set after removing an element
with the same hash while the set still contains elements
with the same hash.
- gh-143670: Fixes a crash in ga_repr_items_list function.
- gh-143377: Fix a crash in _interpreters.capture_exception()
when the exception is incorrectly formatted. Patch by
Bénédikt Tran.
- gh-143189: Fix crash when inserting a non-str key into
a split table dictionary when the key matches an existing
key in the split table but has no corresponding value in
the dict.
- gh-143228: Fix use-after-free in perf trampoline when
toggling profiling while threads are running or during
interpreter finalization with daemon threads active. The
fix uses reference counting to ensure trampolines are not
freed while any code object could still reference them.
Pach by Pablo Galindo
- gh-142664: Fix a use-after-free crash in
memoryview.__hash__ when the __hash__ method of the
referenced object mutates that object or the view. Patch by
Bénédikt Tran.
- gh-142557: Fix a use-after-free crash in bytearray.__mod__
when the bytearray is mutated while formatting the %-style
arguments. Patch by Bénédikt Tran.
- gh-143195: Fix use-after-free crashes in bytearray.hex()
and memoryview.hex() when the separator’s __len__() mutates
the original object. Patch by Bénédikt Tran.
- gh-143135: Set sys.flags.inspect to 1 when PYTHONINSPECT is
0. Previously, it was set to 0 in this case.
- gh-143003: Fix an overflow of the shared empty buffer in
bytearray.extend() when __length_hint__() returns 0 for
non-empty iterator.
- gh-143006: Fix a possible assertion error when comparing
negative non-integer float and int with the same number of
bits in the integer part.
- gh-142776: Fix a file descriptor leak in import.c
- gh-142829: Fix a use-after-free crash in
contextvars.Context comparison when a custom __eq__ method
modifies the context via set().
- gh-142766: Clear the frame of a generator when
generator.close() is called.
- gh-142737: Tracebacks will be displayed in fallback mode
even if io.open() is lost. Previously, this would crash the
interpreter. Patch by Bartosz Sławecki.
- gh-142554: Fix a crash in divmod() when
_pylong.int_divmod() does not return a tuple of length two
exactly. Patch by Bénédikt Tran.
- gh-142560: Fix use-after-free in bytearray search-like
methods (find(), count(), index(), rindex(), and rfind())
by marking the storage as exported which causes
reallocation attempts to raise BufferError. For contains(),
split(), and rsplit() the buffer protocol is used for this.
- gh-142343: Fix SIGILL crash on m68k due to incorrect
assembly constraint.
- gh-141732: Ensure the __repr__() for ExceptionGroup and
BaseExceptionGroup does not change when the exception
sequence that was original passed in to its constructor is
subsequently mutated.
- gh-100964: Fix reference cycle in exhausted generator
frames. Patch by Savannah Ostrowski.
- gh-140373: Correctly emit PY_UNWIND event when generator
object is closed. Patch by Mikhail Efimov.
- gh-138568: Adjusted the built-in help() function so that
empty inputs are ignored in interactive mode.
- gh-127773: Do not use the type attribute cache for types
with incompatible MRO.
- C API
- gh-142571: PyUnstable_CopyPerfMapFile() now checks that
opening the file succeeded before flushing.
- Build
- gh-142454: When calculating the digest of the JIT stencils
input, sort the hashed files by filenames before adding
their content to the hasher. This ensures deterministic
hash input and hence deterministic hash, independent on
filesystem order.
- gh-141808: When running make clean-retain-profile, keep the
generated JIT stencils. That way, the stencils are not
generated twice when Profile-guided optimization (PGO) is
used. It also allows distributors to supply their own
pre-built JIT stencils.
- gh-138061: Ensure reproducible builds by making JIT stencil
header generation deterministic.
Remove upstreamed patches:
- CVE-2024-6923-follow-up-EOL-email-headers.patch
- gh138131-exclude-pycache-from-digest.patch
This commit is contained in:
@@ -1,105 +0,0 @@
|
||||
From 7ef18bbf2f92550e65547c0a55995c423e237944 Mon Sep 17 00:00:00 2001
|
||||
From: Seth Michael Larson <seth@python.org>
|
||||
Date: Fri, 23 Jan 2026 08:59:35 -0600
|
||||
Subject: [PATCH] gh-144125: email: verify headers are sound in BytesGenerator
|
||||
(cherry picked from commit 052e55e7d44718fe46cbba0ca995cb8fcc359413)
|
||||
|
||||
Co-authored-by: Seth Michael Larson <seth@python.org>
|
||||
Co-authored-by: Denis Ledoux <dle@odoo.com>
|
||||
Co-authored-by: Denis Ledoux <5822488+beledouxdenis@users.noreply.github.com>
|
||||
Co-authored-by: Petr Viktorin <302922+encukou@users.noreply.github.com>
|
||||
Co-authored-by: Bas Bloemsaat <1586868+basbloemsaat@users.noreply.github.com>
|
||||
---
|
||||
Lib/email/generator.py | 12 +++++++++++-
|
||||
Lib/test/test_email/test_generator.py | 4 +++-
|
||||
Lib/test/test_email/test_policy.py | 6 +++++-
|
||||
.../2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst | 4 ++++
|
||||
4 files changed, 23 insertions(+), 3 deletions(-)
|
||||
create mode 100644 Misc/NEWS.d/next/Security/2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst
|
||||
|
||||
diff --git a/Lib/email/generator.py b/Lib/email/generator.py
|
||||
index ce94f5c56fe34e..a03eb1fbbc9288 100644
|
||||
--- a/Lib/email/generator.py
|
||||
+++ b/Lib/email/generator.py
|
||||
@@ -22,6 +22,7 @@
|
||||
NLCRE = re.compile(r'\r\n|\r|\n')
|
||||
fcre = re.compile(r'^From ', re.MULTILINE)
|
||||
NEWLINE_WITHOUT_FWSP = re.compile(r'\r\n[^ \t]|\r[^ \n\t]|\n[^ \t]')
|
||||
+NEWLINE_WITHOUT_FWSP_BYTES = re.compile(br'\r\n[^ \t]|\r[^ \n\t]|\n[^ \t]')
|
||||
|
||||
|
||||
class Generator:
|
||||
@@ -429,7 +430,16 @@ def _write_headers(self, msg):
|
||||
# This is almost the same as the string version, except for handling
|
||||
# strings with 8bit bytes.
|
||||
for h, v in msg.raw_items():
|
||||
- self._fp.write(self.policy.fold_binary(h, v))
|
||||
+ folded = self.policy.fold_binary(h, v)
|
||||
+ if self.policy.verify_generated_headers:
|
||||
+ linesep = self.policy.linesep.encode()
|
||||
+ if not folded.endswith(linesep):
|
||||
+ raise HeaderWriteError(
|
||||
+ f'folded header does not end with {linesep!r}: {folded!r}')
|
||||
+ if NEWLINE_WITHOUT_FWSP_BYTES.search(folded.removesuffix(linesep)):
|
||||
+ raise HeaderWriteError(
|
||||
+ f'folded header contains newline: {folded!r}')
|
||||
+ self._fp.write(folded)
|
||||
# A blank line always separates headers from body
|
||||
self.write(self._NL)
|
||||
|
||||
diff --git a/Lib/test/test_email/test_generator.py b/Lib/test/test_email/test_generator.py
|
||||
index c75a842c33578e..3ca79edf6a65d9 100644
|
||||
--- a/Lib/test/test_email/test_generator.py
|
||||
+++ b/Lib/test/test_email/test_generator.py
|
||||
@@ -313,7 +313,7 @@ def test_flatten_unicode_linesep(self):
|
||||
self.assertEqual(s.getvalue(), self.typ(expected))
|
||||
|
||||
def test_verify_generated_headers(self):
|
||||
- """gh-121650: by default the generator prevents header injection"""
|
||||
+ # gh-121650: by default the generator prevents header injection
|
||||
class LiteralHeader(str):
|
||||
name = 'Header'
|
||||
def fold(self, **kwargs):
|
||||
@@ -334,6 +334,8 @@ def fold(self, **kwargs):
|
||||
|
||||
with self.assertRaises(email.errors.HeaderWriteError):
|
||||
message.as_string()
|
||||
+ with self.assertRaises(email.errors.HeaderWriteError):
|
||||
+ message.as_bytes()
|
||||
|
||||
|
||||
class TestBytesGenerator(TestGeneratorBase, TestEmailBase):
|
||||
diff --git a/Lib/test/test_email/test_policy.py b/Lib/test/test_email/test_policy.py
|
||||
index baa35fd68e49c5..71ec0febb0fd86 100644
|
||||
--- a/Lib/test/test_email/test_policy.py
|
||||
+++ b/Lib/test/test_email/test_policy.py
|
||||
@@ -296,7 +296,7 @@ def test_short_maxlen_error(self):
|
||||
policy.fold("Subject", subject)
|
||||
|
||||
def test_verify_generated_headers(self):
|
||||
- """Turning protection off allows header injection"""
|
||||
+ # Turning protection off allows header injection
|
||||
policy = email.policy.default.clone(verify_generated_headers=False)
|
||||
for text in (
|
||||
'Header: Value\r\nBad: Injection\r\n',
|
||||
@@ -319,6 +319,10 @@ def fold(self, **kwargs):
|
||||
message.as_string(),
|
||||
f"{text}\nBody",
|
||||
)
|
||||
+ self.assertEqual(
|
||||
+ message.as_bytes(),
|
||||
+ f"{text}\nBody".encode(),
|
||||
+ )
|
||||
|
||||
# XXX: Need subclassing tests.
|
||||
# For adding subclassed objects, make sure the usual rules apply (subclass
|
||||
diff --git a/Misc/NEWS.d/next/Security/2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst b/Misc/NEWS.d/next/Security/2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst
|
||||
new file mode 100644
|
||||
index 00000000000000..e6333e724972c5
|
||||
--- /dev/null
|
||||
+++ b/Misc/NEWS.d/next/Security/2026-01-21-12-34-05.gh-issue-144125.TAz5uo.rst
|
||||
@@ -0,0 +1,4 @@
|
||||
+:mod:`~email.generator.BytesGenerator` will now refuse to serialize (write) headers
|
||||
+that are unsafely folded or delimited; see
|
||||
+:attr:`~email.policy.Policy.verify_generated_headers`. (Contributed by Bas
|
||||
+Bloemsaat and Petr Viktorin in :gh:`121650`).
|
||||
BIN
Python-3.13.11.tar.xz
LFS
BIN
Python-3.13.11.tar.xz
LFS
Binary file not shown.
@@ -1 +0,0 @@
|
||||
{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICyTCCAk+gAwIBAgIUMZ9OrU89PmgWXWiYxq/s1e8xVkkwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUxMjA1MTY1NjU1WhcNMjUxMjA1MTcwNjU1WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQ3Wq/mhAIwL1ZNOiCgOmVYXqwl8rWBi+hwTYY+NJLvmuRW7wblbWyTJ1RSZrS9dVGhVdWZP7tT2hvkt56ibycaOCAW4wggFqMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUCukYhSJA3LGmELdmyGSLM/sNqPowHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERdGhvbWFzQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGJBgorBgEEAdZ5AgQCBHsEeQB3AHUA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGa73H4UAAABAMARjBEAiAoqadI7BCu3G3jmK140KSkRC+uTKIS7K/yAUtT8zfdiwIgV51hPZZYKSjHglktFhqcxzHLdRyb96/caoR4m+DHvT8wCgYIKoZIzj0EAwMDaAAwZQIwSuCW4+VibjHM96ArSncpYew+tvp7bMlc21AHsgr12ZO6p//IiSdjJlqOTpYwCWtFAjEA0BxY6Y7zl4+baG4+BZ+EEiwDwoCOVTR7ORMuDYeZ/Dy6g47hohxRqtssCYdRKRZq"}, "tlogEntries": [{"logIndex": "743450012", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1764953815", "inclusionPromise": {"signedEntryTimestamp": "MEQCIFAmMfakwQScJ3jGB7ufmmWcvXbT/sQYyb/iIbRyJXYmAiB25k62mSSsvteAacdB4SjQJ100UGRI02mHOZykKqirrQ=="}, "inclusionProof": {"logIndex": "621545750", "rootHash": "lTjgILAqSIIoraXAj/bseL/7BMbChIzmHVo5P84pPO8=", "treeSize": "621545755", "hashes": ["FqRC4Ydg7KClKWZIe5BLdSoxPOl3L+wXnnctnBbxa5E=", "hyHMJXZjRrPr7N8JDpms6tqWbIuqgBLKkoDomNSzO8g=", "XV5KmKAmcumiCPrjB89usazCvsWagxoKoI5P3Rn5mDQ=", "FKJNSf/yPWGSGCwEZ4ybeMVy+zECYaK/u2yKEboKDQs=", "4wbyhSYvHHiszMmrsBtjXwOt9um81zByZQLFAXJAu0g=", "q0tC4xtUswgodVV8T7OYpkNlp/XC4qAM541kvTHkq4o=", "se5pDnKcF+idDdO0PdbWjF+rFNUWlCzxj+pSmkASRQU=", "YYvp7Leoq6lF3zEs+Bux7BQt/UrxFbOOJAwVroBevek=", "pQtmpjszxrel2u+2I5HrLBwlwvhc19nfAUsa5EHZAe4=", "0jEq6eagxqoSOor9OR//fY6uOsPzLaE1q1n9tZRzfSc=", "ZmUkYkHBy1B723JrEgiKvepTdHYrP6y2a4oODYvi5VY=", "T4DqWD42hAtN+vX8jKCWqoC4meE4JekI9LxYGCcPy1M="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n621545755\nlTjgILAqSIIoraXAj/bseL/7BMbChIzmHVo5P84pPO8=\n\n\u2014 rekor.sigstore.dev wNI9ajBEAiAS9t8HEV2fPKq2rB20KvscWBUzqlzyZr6asuXxp8whiAIgUxc+PuVjTYduOZ2zKNeaSos22BXxAn7hKgxBroQmIkE=\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIxNmVkZTdiYjdjZGJmYTg5NWQxMWIwNjQyZmEwZTUyM2YyOTFlNjQ4NzE5NGQ1M2NmNmQzYjMzOGMzYTE3ZWEyIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUURENENYVTNMNGlMSkVCb0xFSVlnVU5kTXhjN3VENWdMcUgyeXRFNFQxTnd3SWdKbHBhMHJFbDV0MGdtbTlTYzRoQnpFOG9QK2JLSlVZeExUTmd4dEdnSmo0PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjVWRU5EUVdzclowRjNTVUpCWjBsVlRWbzVUM0pWT0RsUWJXZFhXRmRwV1hoeEwzTXhaVGg0Vm10cmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZlRTFxUVRGTlZGa3hUbXBWTVZkb1kwNU5hbFY0VFdwQk1VMVVZM2RPYWxVeFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZSTTFkeEwyMW9RVWwzVERGYVRrOXBRMmRQYlZaWldIRjNiRGh5VjBKcEsyaDNWRmtLV1N0T1NreDJiWFZTVnpkM1lteGlWM2xVU2pGU1UxcHlVemxrVmtkb1ZtUlhXbEEzZEZReWFIWnJkRFUyYVdKNVkyRlBRMEZYTkhkblowWnhUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZEZFd0WkNtaFRTa0V6VEVkdFJVeGtiWGxIVTB4TkwzTk9jVkJ2ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoM1dVUldVakJTUVZGSUwwSkNWWGRGTkVWU1pFZG9kbUpYUm5wUlNFSTFaRWRvZG1KcE5YWmpiV04zUzFGWlMwdDNXVUpDUVVkRWRucEJRZ3BCVVZGaVlVaFNNR05JVFRaTWVUbG9XVEpPZG1SWE5UQmplVFZ1WWpJNWJtSkhWWFZaTWpsMFRVTnpSME5wYzBkQlVWRkNaemM0ZDBGUlowVklVWGRpQ21GSVVqQmpTRTAyVEhrNWFGa3lUblprVnpVd1kzazFibUl5T1c1aVIxVjFXVEk1ZEUxSlIwcENaMjl5UW1kRlJVRmtXalZCWjFGRFFraHpSV1ZSUWpNS1FVaFZRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJRVUZIWVRjelNEUlZRVUZCUWtGTlFRcFNha0pGUVdsQmIzRmhaRWszUWtOMU0wY3phbTFMTVRRd1MxTnJVa01yZFZSTFNWTTNTeTk1UVZWMFZEaDZabVJwZDBsblZqVXhhRkJhV2xsTFUycElDbWRzYTNSR2FIRmplSHBJVEdSU2VXSTVOaTlqWVc5U05HMHJSRWgyVkRoM1EyZFpTVXR2V2tsNmFqQkZRWGROUkdGQlFYZGFVVWwzVTNWRFZ6UXJWbWtLWW1wSVRUazJRWEpUYm1Od1dXVjNLM1IyY0RkaVRXeGpNakZCU0hObmNqRXlXazgyY0M4dlNXbFRaR3BLYkhGUFZIQlpkME5YZEVaQmFrVkJNRUo0V1FvMldUZDZiRFFyWW1GSE5DdENXaXRGUldsM1JIZHZRMDlXVkZJM1QxSk5kVVJaWlZvdlJIazJaelEzYUc5b2VGSnhkSE56UTFsa1VrdFNXbkVLTFMwdExTMUZUa1FnUTBWU1ZFbEdTVU5CVkVVdExTMHRMUW89In19fX0="}], "timestampVerificationData": {}}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "Fu3nu3zb+oldEbBkL6DlI/KR5khxlNU89tOzOMOhfqI="}, "signature": "MEUCIQDD4CXU3L4iLJEBoLEIYgUNdMxc7uD5gLqH2ytE4T1NwwIgJlpa0rEl5t0gmm9Sc4hBzE8oP+bKJUYxLTNgxtGgJj4="}}
|
||||
BIN
Python-3.13.12.tar.xz
LFS
Normal file
BIN
Python-3.13.12.tar.xz
LFS
Normal file
Binary file not shown.
1
Python-3.13.12.tar.xz.sigstore
Normal file
1
Python-3.13.12.tar.xz.sigstore
Normal file
File diff suppressed because one or more lines are too long
@@ -13,9 +13,11 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
5 files changed, 37 insertions(+), 9 deletions(-)
|
||||
create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst
|
||||
|
||||
--- a/Doc/library/ensurepip.rst
|
||||
+++ b/Doc/library/ensurepip.rst
|
||||
@@ -61,7 +61,11 @@ is at least as recent as the one availab
|
||||
Index: Python-3.13.12/Doc/library/ensurepip.rst
|
||||
===================================================================
|
||||
--- Python-3.13.12.orig/Doc/library/ensurepip.rst 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/library/ensurepip.rst 2026-02-06 11:32:33.737805498 +0100
|
||||
@@ -63,7 +63,11 @@
|
||||
By default, ``pip`` is installed into the current virtual environment
|
||||
(if one is active) or into the system site packages (if there is no
|
||||
active virtual environment). The installation location can be controlled
|
||||
@@ -28,7 +30,7 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
|
||||
.. option:: --root <dir>
|
||||
|
||||
@@ -102,7 +106,7 @@ Module API
|
||||
@@ -104,7 +108,7 @@
|
||||
Returns a string specifying the available version of pip that will be
|
||||
installed when bootstrapping an environment.
|
||||
|
||||
@@ -37,7 +39,7 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
altinstall=False, default_pip=False, \
|
||||
verbosity=0)
|
||||
|
||||
@@ -112,6 +116,8 @@ Module API
|
||||
@@ -114,6 +118,8 @@
|
||||
If *root* is ``None``, then installation uses the default install location
|
||||
for the current environment.
|
||||
|
||||
@@ -46,7 +48,7 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
*upgrade* indicates whether or not to upgrade an existing installation
|
||||
of an earlier version of ``pip`` to the available version.
|
||||
|
||||
@@ -132,6 +138,8 @@ Module API
|
||||
@@ -134,6 +140,8 @@
|
||||
*verbosity* controls the level of output to :data:`sys.stdout` from the
|
||||
bootstrapping operation.
|
||||
|
||||
@@ -55,9 +57,11 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
.. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap
|
||||
|
||||
.. note::
|
||||
--- a/Lib/ensurepip/__init__.py
|
||||
+++ b/Lib/ensurepip/__init__.py
|
||||
@@ -106,27 +106,27 @@ def _disable_pip_configuration_settings(
|
||||
Index: Python-3.13.12/Lib/ensurepip/__init__.py
|
||||
===================================================================
|
||||
--- Python-3.13.12.orig/Lib/ensurepip/__init__.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Lib/ensurepip/__init__.py 2026-02-06 11:32:33.738107656 +0100
|
||||
@@ -106,27 +106,27 @@
|
||||
os.environ['PIP_CONFIG_FILE'] = os.devnull
|
||||
|
||||
|
||||
@@ -90,7 +94,7 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
|
||||
Note that calling this function will alter both sys.path and os.environ.
|
||||
"""
|
||||
@@ -162,6 +162,8 @@ def _bootstrap(*, root=None, upgrade=Fal
|
||||
@@ -162,6 +162,8 @@
|
||||
args = ["install", "--no-cache-dir", "--no-index", "--find-links", tmpdir]
|
||||
if root:
|
||||
args += ["--root", root]
|
||||
@@ -99,7 +103,7 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
if upgrade:
|
||||
args += ["--upgrade"]
|
||||
if user:
|
||||
@@ -238,6 +240,11 @@ def _main(argv=None):
|
||||
@@ -238,6 +240,11 @@
|
||||
help="Install everything relative to this alternate root directory.",
|
||||
)
|
||||
parser.add_argument(
|
||||
@@ -111,7 +115,7 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
"--altinstall",
|
||||
action="store_true",
|
||||
default=False,
|
||||
@@ -256,6 +263,7 @@ def _main(argv=None):
|
||||
@@ -256,6 +263,7 @@
|
||||
|
||||
return _bootstrap(
|
||||
root=args.root,
|
||||
@@ -119,9 +123,11 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
upgrade=args.upgrade,
|
||||
user=args.user,
|
||||
verbosity=args.verbosity,
|
||||
--- a/Lib/test/test_ensurepip.py
|
||||
+++ b/Lib/test/test_ensurepip.py
|
||||
@@ -101,6 +101,17 @@ class TestBootstrap(EnsurepipMixin, unit
|
||||
Index: Python-3.13.12/Lib/test/test_ensurepip.py
|
||||
===================================================================
|
||||
--- Python-3.13.12.orig/Lib/test/test_ensurepip.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Lib/test/test_ensurepip.py 2026-02-06 11:32:33.738349331 +0100
|
||||
@@ -101,6 +101,17 @@
|
||||
unittest.mock.ANY,
|
||||
)
|
||||
|
||||
@@ -139,9 +145,11 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
def test_bootstrapping_with_user(self):
|
||||
ensurepip.bootstrap(user=True)
|
||||
|
||||
--- a/Makefile.pre.in
|
||||
+++ b/Makefile.pre.in
|
||||
@@ -2145,7 +2145,7 @@ install: @FRAMEWORKINSTALLFIRST@ @INSTAL
|
||||
Index: Python-3.13.12/Makefile.pre.in
|
||||
===================================================================
|
||||
--- Python-3.13.12.orig/Makefile.pre.in 2026-02-06 11:32:32.095115787 +0100
|
||||
+++ Python-3.13.12/Makefile.pre.in 2026-02-06 11:32:33.738723445 +0100
|
||||
@@ -2145,7 +2145,7 @@
|
||||
install|*) ensurepip="" ;; \
|
||||
esac; \
|
||||
$(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \
|
||||
@@ -150,7 +158,7 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
fi
|
||||
|
||||
.PHONY: altinstall
|
||||
@@ -2156,7 +2156,7 @@ altinstall: commoninstall
|
||||
@@ -2156,7 +2156,7 @@
|
||||
install|*) ensurepip="--altinstall" ;; \
|
||||
esac; \
|
||||
$(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \
|
||||
@@ -159,7 +167,9 @@ Co-Authored-By: Xavier de Gaye <xdegaye@gmail.com>
|
||||
fi
|
||||
|
||||
.PHONY: commoninstall
|
||||
--- /dev/null
|
||||
+++ b/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst
|
||||
Index: Python-3.13.12/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst
|
||||
===================================================================
|
||||
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ Python-3.13.12/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst 2026-02-06 11:32:33.739181056 +0100
|
||||
@@ -0,0 +1 @@
|
||||
+A directory prefix can now be specified when using :mod:`ensurepip`.
|
||||
|
||||
@@ -27,10 +27,10 @@
|
||||
Doc/tools/extensions/pydoc_topics.py | 22 +++++-----
|
||||
18 files changed, 159 insertions(+), 130 deletions(-)
|
||||
|
||||
Index: Python-3.13.11/Doc/Makefile
|
||||
Index: Python-3.13.12/Doc/Makefile
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/Makefile 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/Makefile 2025-12-18 23:36:11.845184450 +0100
|
||||
--- Python-3.13.12.orig/Doc/Makefile 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/Makefile 2026-02-06 11:32:43.257524049 +0100
|
||||
@@ -14,15 +14,15 @@
|
||||
SOURCES =
|
||||
DISTVERSION = $(shell $(PYTHON) tools/extensions/patchlevel.py)
|
||||
@@ -51,10 +51,10 @@ Index: Python-3.13.11/Doc/Makefile
|
||||
$(PAPEROPT_$(PAPER)) \
|
||||
$(SPHINXOPTS) $(SPHINXERRORHANDLING) \
|
||||
. build/$(BUILDER) $(SOURCES)
|
||||
Index: Python-3.13.11/Doc/c-api/arg.rst
|
||||
Index: Python-3.13.12/Doc/c-api/arg.rst
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/c-api/arg.rst 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/c-api/arg.rst 2025-12-18 23:36:11.845570257 +0100
|
||||
--- Python-3.13.12.orig/Doc/c-api/arg.rst 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/c-api/arg.rst 2026-02-06 11:32:43.257960130 +0100
|
||||
@@ -334,7 +334,6 @@
|
||||
should raise an exception and leave the content of *address* unmodified.
|
||||
|
||||
@@ -63,10 +63,10 @@ Index: Python-3.13.11/Doc/c-api/arg.rst
|
||||
|
||||
If the *converter* returns :c:macro:`!Py_CLEANUP_SUPPORTED`, it may get called a
|
||||
second time if the argument parsing eventually fails, giving the converter a
|
||||
Index: Python-3.13.11/Doc/c-api/typeobj.rst
|
||||
Index: Python-3.13.12/Doc/c-api/typeobj.rst
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/c-api/typeobj.rst 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/c-api/typeobj.rst 2025-12-18 23:36:11.846211337 +0100
|
||||
--- Python-3.13.12.orig/Doc/c-api/typeobj.rst 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/c-api/typeobj.rst 2026-02-06 11:32:43.258653093 +0100
|
||||
@@ -610,7 +610,7 @@
|
||||
Functions like :c:func:`PyObject_NewVar` will take the value of N as an
|
||||
argument, and store in the instance's :c:member:`~PyVarObject.ob_size` field.
|
||||
@@ -97,10 +97,10 @@ Index: Python-3.13.11/Doc/c-api/typeobj.rst
|
||||
include :c:type:`PyObject` or :c:type:`PyVarObject` (depending on
|
||||
whether :c:member:`~PyVarObject.ob_size` should be included). These are
|
||||
usually defined by the macro :c:macro:`PyObject_HEAD` or
|
||||
Index: Python-3.13.11/Doc/conf.py
|
||||
Index: Python-3.13.12/Doc/conf.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/conf.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/conf.py 2025-12-18 23:36:11.846742416 +0100
|
||||
--- Python-3.13.12.orig/Doc/conf.py 2026-02-06 11:32:20.252483695 +0100
|
||||
+++ Python-3.13.12/Doc/conf.py 2026-02-06 11:32:43.259159426 +0100
|
||||
@@ -11,6 +11,8 @@
|
||||
from importlib import import_module
|
||||
from importlib.util import find_spec
|
||||
@@ -172,10 +172,10 @@ Index: Python-3.13.11/Doc/conf.py
|
||||
# Options for c_annotations extension
|
||||
# -----------------------------------
|
||||
|
||||
Index: Python-3.13.11/Doc/library/doctest.rst
|
||||
Index: Python-3.13.12/Doc/library/doctest.rst
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/library/doctest.rst 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/library/doctest.rst 2025-12-18 23:36:11.847131855 +0100
|
||||
--- Python-3.13.12.orig/Doc/library/doctest.rst 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/library/doctest.rst 2026-02-06 11:32:43.259497242 +0100
|
||||
@@ -310,7 +310,6 @@
|
||||
.. currentmodule:: None
|
||||
|
||||
@@ -184,10 +184,10 @@ Index: Python-3.13.11/Doc/library/doctest.rst
|
||||
|
||||
.. currentmodule:: doctest
|
||||
|
||||
Index: Python-3.13.11/Doc/library/email.compat32-message.rst
|
||||
Index: Python-3.13.12/Doc/library/email.compat32-message.rst
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/library/email.compat32-message.rst 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/library/email.compat32-message.rst 2025-12-18 23:36:11.847579332 +0100
|
||||
--- Python-3.13.12.orig/Doc/library/email.compat32-message.rst 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/library/email.compat32-message.rst 2026-02-06 11:32:43.259906983 +0100
|
||||
@@ -7,7 +7,6 @@
|
||||
:synopsis: The base class representing email messages in a fashion
|
||||
backward compatible with Python 3.2
|
||||
@@ -196,10 +196,10 @@ Index: Python-3.13.11/Doc/library/email.compat32-message.rst
|
||||
|
||||
|
||||
The :class:`Message` class is very similar to the
|
||||
Index: Python-3.13.11/Doc/library/xml.etree.elementtree.rst
|
||||
Index: Python-3.13.12/Doc/library/xml.etree.elementtree.rst
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/library/xml.etree.elementtree.rst 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/library/xml.etree.elementtree.rst 2025-12-18 23:36:11.847865126 +0100
|
||||
--- Python-3.13.12.orig/Doc/library/xml.etree.elementtree.rst 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/library/xml.etree.elementtree.rst 2026-02-06 11:32:43.260169777 +0100
|
||||
@@ -873,7 +873,6 @@
|
||||
|
||||
.. module:: xml.etree.ElementTree
|
||||
@@ -208,10 +208,10 @@ Index: Python-3.13.11/Doc/library/xml.etree.elementtree.rst
|
||||
|
||||
.. class:: Element(tag, attrib={}, **extra)
|
||||
|
||||
Index: Python-3.13.11/Doc/tools/check-warnings.py
|
||||
Index: Python-3.13.12/Doc/tools/check-warnings.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/check-warnings.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/check-warnings.py 2025-12-18 23:36:11.848175434 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/check-warnings.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/check-warnings.py 2026-02-06 11:32:43.260451727 +0100
|
||||
@@ -228,7 +228,8 @@
|
||||
print(filename)
|
||||
for warning in warnings:
|
||||
@@ -222,7 +222,7 @@ Index: Python-3.13.11/Doc/tools/check-warnings.py
|
||||
print(" {line}: {msg}".format_map(match))
|
||||
return -1
|
||||
return 0
|
||||
@@ -316,7 +317,7 @@
|
||||
@@ -319,7 +320,7 @@
|
||||
|
||||
cwd = str(Path.cwd()) + os.path.sep
|
||||
files_with_nits = {
|
||||
@@ -231,10 +231,10 @@ Index: Python-3.13.11/Doc/tools/check-warnings.py
|
||||
for warning in warnings
|
||||
if "Doc/" in warning
|
||||
}
|
||||
Index: Python-3.13.11/Doc/tools/extensions/audit_events.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/audit_events.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/audit_events.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/audit_events.py 2025-12-18 23:36:11.848442160 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/audit_events.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/audit_events.py 2026-02-06 11:32:43.260742655 +0100
|
||||
@@ -1,9 +1,6 @@
|
||||
"""Support for documenting audit events."""
|
||||
|
||||
@@ -370,10 +370,10 @@ Index: Python-3.13.11/Doc/tools/extensions/audit_events.py
|
||||
) -> nodes.row:
|
||||
row = nodes.row()
|
||||
name_node = nodes.paragraph("", nodes.Text(name))
|
||||
Index: Python-3.13.11/Doc/tools/extensions/availability.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/availability.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/availability.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/availability.py 2025-12-18 23:36:11.848697922 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/availability.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/availability.py 2026-02-06 11:32:43.260981454 +0100
|
||||
@@ -1,8 +1,6 @@
|
||||
"""Support for documenting platform availability"""
|
||||
|
||||
@@ -427,10 +427,10 @@ Index: Python-3.13.11/Doc/tools/extensions/availability.py
|
||||
app.add_directive("availability", Availability)
|
||||
|
||||
return {
|
||||
Index: Python-3.13.11/Doc/tools/extensions/c_annotations.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/c_annotations.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/c_annotations.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/c_annotations.py 2025-12-18 23:37:01.590377119 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/c_annotations.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/c_annotations.py 2026-02-06 11:32:43.261164228 +0100
|
||||
@@ -9,22 +9,26 @@
|
||||
* Set ``stable_abi_file`` to the path to stable ABI list.
|
||||
"""
|
||||
@@ -569,10 +569,10 @@ Index: Python-3.13.11/Doc/tools/extensions/c_annotations.py
|
||||
return {
|
||||
"version": "1.0",
|
||||
"parallel_read_safe": True,
|
||||
Index: Python-3.13.11/Doc/tools/extensions/changes.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/changes.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/changes.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/changes.py 2025-12-18 23:36:11.849240594 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/changes.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/changes.py 2026-02-06 11:32:43.261401915 +0100
|
||||
@@ -1,7 +1,5 @@
|
||||
"""Support for documenting version of changes, additions, deprecations."""
|
||||
|
||||
@@ -608,10 +608,10 @@ Index: Python-3.13.11/Doc/tools/extensions/changes.py
|
||||
# Override Sphinx's directives with support for 'next'
|
||||
app.add_directive("versionadded", PyVersionChange, override=True)
|
||||
app.add_directive("versionchanged", PyVersionChange, override=True)
|
||||
Index: Python-3.13.11/Doc/tools/extensions/glossary_search.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/glossary_search.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/glossary_search.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/glossary_search.py 2025-12-18 23:36:11.849448932 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/glossary_search.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/glossary_search.py 2026-02-06 11:32:43.261561375 +0100
|
||||
@@ -1,21 +1,27 @@
|
||||
"""Feature search results for glossary items prominently."""
|
||||
|
||||
@@ -655,10 +655,10 @@ Index: Python-3.13.11/Doc/tools/extensions/glossary_search.py
|
||||
app.connect('doctree-resolved', process_glossary_nodes)
|
||||
app.connect('build-finished', write_glossary_json)
|
||||
|
||||
Index: Python-3.13.11/Doc/tools/extensions/implementation_detail.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/implementation_detail.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/implementation_detail.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/implementation_detail.py 2025-12-18 23:36:11.849650427 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/implementation_detail.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/implementation_detail.py 2026-02-06 11:32:43.261759899 +0100
|
||||
@@ -1,17 +1,10 @@
|
||||
"""Support for marking up implementation details."""
|
||||
|
||||
@@ -709,10 +709,10 @@ Index: Python-3.13.11/Doc/tools/extensions/implementation_detail.py
|
||||
app.add_directive("impl-detail", ImplementationDetail)
|
||||
|
||||
return {
|
||||
Index: Python-3.13.11/Doc/tools/extensions/issue_role.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/issue_role.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/issue_role.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/issue_role.py 2025-12-18 23:36:11.849838302 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/issue_role.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/issue_role.py 2026-02-06 11:32:43.261920641 +0100
|
||||
@@ -1,22 +1,18 @@
|
||||
"""Support for referencing issues in the tracker."""
|
||||
|
||||
@@ -758,10 +758,10 @@ Index: Python-3.13.11/Doc/tools/extensions/issue_role.py
|
||||
app.add_role("issue", BPOIssue())
|
||||
app.add_role("gh", GitHubIssue())
|
||||
|
||||
Index: Python-3.13.11/Doc/tools/extensions/misc_news.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/misc_news.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/misc_news.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/misc_news.py 2025-12-18 23:36:11.850033510 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/misc_news.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/misc_news.py 2026-02-06 11:32:43.262085421 +0100
|
||||
@@ -1,7 +1,5 @@
|
||||
"""Support for including Misc/NEWS."""
|
||||
|
||||
@@ -814,10 +814,10 @@ Index: Python-3.13.11/Doc/tools/extensions/misc_news.py
|
||||
app.add_directive("miscnews", MiscNews)
|
||||
|
||||
return {
|
||||
Index: Python-3.13.11/Doc/tools/extensions/patchlevel.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/patchlevel.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/patchlevel.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/patchlevel.py 2025-12-18 23:36:11.850217264 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/patchlevel.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/patchlevel.py 2026-02-06 11:32:43.262245612 +0100
|
||||
@@ -3,7 +3,7 @@
|
||||
import re
|
||||
import sys
|
||||
@@ -855,10 +855,10 @@ Index: Python-3.13.11/Doc/tools/extensions/patchlevel.py
|
||||
version = f"{info.major}.{info.minor}"
|
||||
release = f"{info.major}.{info.minor}.{info.micro}"
|
||||
if info.releaselevel != "final":
|
||||
Index: Python-3.13.11/Doc/tools/extensions/pydoc_topics.py
|
||||
Index: Python-3.13.12/Doc/tools/extensions/pydoc_topics.py
|
||||
===================================================================
|
||||
--- Python-3.13.11.orig/Doc/tools/extensions/pydoc_topics.py 2025-12-05 17:06:33.000000000 +0100
|
||||
+++ Python-3.13.11/Doc/tools/extensions/pydoc_topics.py 2025-12-18 23:36:11.850437755 +0100
|
||||
--- Python-3.13.12.orig/Doc/tools/extensions/pydoc_topics.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Doc/tools/extensions/pydoc_topics.py 2026-02-06 11:32:43.262420171 +0100
|
||||
@@ -1,21 +1,23 @@
|
||||
"""Support for building "topic help" for pydoc."""
|
||||
|
||||
@@ -890,8 +890,8 @@ Index: Python-3.13.11/Doc/tools/extensions/pydoc_topics.py
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
@@ -162,7 +164,7 @@
|
||||
self.outdir.joinpath("topics.py").write_text(topics, encoding="utf-8")
|
||||
@@ -188,7 +190,7 @@
|
||||
)
|
||||
|
||||
|
||||
-def _display_labels(item: tuple[str, Sequence[tuple[str, str]]]) -> str:
|
||||
@@ -899,7 +899,7 @@ Index: Python-3.13.11/Doc/tools/extensions/pydoc_topics.py
|
||||
_docname, label_ids = item
|
||||
labels = [name for name, _id in label_ids]
|
||||
if len(labels) > 4:
|
||||
@@ -170,7 +172,7 @@
|
||||
@@ -196,7 +198,7 @@
|
||||
return ", ".join(labels)
|
||||
|
||||
|
||||
@@ -908,7 +908,7 @@ Index: Python-3.13.11/Doc/tools/extensions/pydoc_topics.py
|
||||
"""Return a triple-single-quoted representation of text."""
|
||||
if "'''" not in text:
|
||||
return f"r'''{text}'''"
|
||||
@@ -178,7 +180,7 @@
|
||||
@@ -204,7 +206,7 @@
|
||||
return f"'''{text}'''"
|
||||
|
||||
|
||||
|
||||
@@ -2,9 +2,11 @@
|
||||
Lib/test/test_compile.py | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
--- a/Lib/test/test_compile.py
|
||||
+++ b/Lib/test/test_compile.py
|
||||
@@ -21,6 +21,9 @@ from test.support import (script_helper,
|
||||
Index: Python-3.13.12/Lib/test/test_compile.py
|
||||
===================================================================
|
||||
--- Python-3.13.12.orig/Lib/test/test_compile.py 2026-02-03 18:53:27.000000000 +0100
|
||||
+++ Python-3.13.12/Lib/test/test_compile.py 2026-02-06 11:32:39.221208472 +0100
|
||||
@@ -21,6 +21,9 @@
|
||||
from test.support.bytecode_helper import instructions_with_positions
|
||||
from test.support.os_helper import FakePath
|
||||
|
||||
@@ -14,7 +16,7 @@
|
||||
class TestSpecifics(unittest.TestCase):
|
||||
|
||||
def compile_single(self, source):
|
||||
@@ -117,6 +120,7 @@ class TestSpecifics(unittest.TestCase):
|
||||
@@ -117,6 +120,7 @@
|
||||
self.assertEqual(d['z'], 12)
|
||||
|
||||
@unittest.skipIf(support.is_wasi, "exhausts limited stack on WASI")
|
||||
@@ -22,7 +24,7 @@
|
||||
def test_extended_arg(self):
|
||||
repeat = int(get_c_recursion_limit() * 0.9)
|
||||
longexpr = 'x = x or ' + '-x' * repeat
|
||||
@@ -701,6 +705,7 @@ class TestSpecifics(unittest.TestCase):
|
||||
@@ -716,6 +720,7 @@
|
||||
|
||||
@support.cpython_only
|
||||
@unittest.skipIf(support.is_wasi, "exhausts limited stack on WASI")
|
||||
|
||||
@@ -1,30 +0,0 @@
|
||||
From 4bb41b28d5bac09bccd636d8c5fefe1a462f63a7 Mon Sep 17 00:00:00 2001
|
||||
From: Alm <alon.menczer@gmail.com>
|
||||
Date: Mon, 25 Aug 2025 08:56:38 +0300
|
||||
Subject: [PATCH 1/4] Exclude .pyc files from the computed digest in the jit
|
||||
stencils
|
||||
|
||||
---
|
||||
Tools/jit/_targets.py | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
Index: Python-3.13.7/Tools/jit/_targets.py
|
||||
===================================================================
|
||||
--- Python-3.13.7.orig/Tools/jit/_targets.py
|
||||
+++ Python-3.13.7/Tools/jit/_targets.py
|
||||
@@ -53,6 +53,9 @@ class _Target(typing.Generic[_S, _R]):
|
||||
hasher.update(PYTHON_EXECUTOR_CASES_C_H.read_bytes())
|
||||
hasher.update((out / "pyconfig.h").read_bytes())
|
||||
for dirpath, _, filenames in sorted(os.walk(TOOLS_JIT)):
|
||||
+ # Exclude cache files from digest computation to ensure reproducible builds.
|
||||
+ if dirpath.endswith("__pycache__"):
|
||||
+ continue
|
||||
for filename in filenames:
|
||||
hasher.update(pathlib.Path(dirpath, filename).read_bytes())
|
||||
return hasher.hexdigest()
|
||||
Index: Python-3.13.7/Misc/NEWS.d/next/Build/2025-08-27-09-52-45.gh-issue-138061.fMVS9w.rst
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ Python-3.13.7/Misc/NEWS.d/next/Build/2025-08-27-09-52-45.gh-issue-138061.fMVS9w.rst
|
||||
@@ -0,0 +1 @@
|
||||
+Ensure reproducible builds by making JIT stencil header generation deterministic.
|
||||
@@ -1,3 +1,316 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 6 10:28:12 UTC 2026 - Matej Cepl <mcepl@cepl.eu>
|
||||
|
||||
- Update to 3.13.12:
|
||||
Python 3.13.12 final
|
||||
Release date: 2026-02-03
|
||||
- Tools/Demos
|
||||
- gh-142095: Make gdb ‘py-bt’ command use frame from thread
|
||||
local state when available. Patch by Sam Gross and Victor
|
||||
Stinner.
|
||||
- Tests
|
||||
- gh-144415: The Android testbed now distinguishes between
|
||||
stdout/stderr messages which were triggered by a newline,
|
||||
and those triggered by a manual call to flush. This fixes
|
||||
logging of progress indicators and similar content.
|
||||
- gh-65784: Add support for parametrized resource wantobjects
|
||||
in regrtests, which allows to run Tkinter tests with the
|
||||
specified value of tkinter.wantobjects, for example -u
|
||||
wantobjects=0.
|
||||
- gh-143553: Add support for parametrized resources, such as
|
||||
-u xpickle=2.7.
|
||||
- gh-142836: Accommodated Solaris in
|
||||
test_pdb.test_script_target_anonymous_pipe.
|
||||
- gh-129401: Fix a flaky test in test_repr_rlock that checks
|
||||
the representation of multiprocessing.RLock.
|
||||
- bpo-31391: Forward-port test_xpickle from Python 2 to
|
||||
Python 3 and add the resource back to test’s command line.
|
||||
- Security
|
||||
- gh-144125: BytesGenerator will now refuse to serialize
|
||||
(write) headers that are unsafely folded or delimited; see
|
||||
verify_generated_headers. (Contributed by Bas Bloemsaat and
|
||||
Petr Viktorin in gh-121650).
|
||||
- gh-143935: Fixed a bug in the folding of comments when
|
||||
flattening an email message using a modern email policy.
|
||||
Comments consisting of a very long sequence of non-foldable
|
||||
characters could trigger a forced line wrap that omitted
|
||||
the required leading space on the continuation line,
|
||||
causing the remainder of the comment to be interpreted as
|
||||
a new header field. This enabled header injection with
|
||||
carefully crafted inputs.
|
||||
- gh-143925: Reject control characters in data: URL media
|
||||
types.
|
||||
- gh-143919: Reject control characters in http.cookies.Morsel
|
||||
fields and values.
|
||||
- gh-143916: Reject C0 control characters within
|
||||
wsgiref.headers.Headers fields, values, and parameters.
|
||||
- Library
|
||||
- gh-144380: Improve performance of io.BufferedReader line
|
||||
iteration by ~49%.
|
||||
- gh-144169: Fix three crashes when non-string keyword
|
||||
arguments are supplied to objects in the ast module.
|
||||
- gh-144100: Fixed a crash in ctypes when using a deprecated
|
||||
POINTER(str) type in argtypes. Instead of aborting, ctypes
|
||||
now raises a proper Python exception when the pointer
|
||||
target type is unresolved.
|
||||
- gh-144050: Fix stat.filemode() in the pure-Python
|
||||
implementation to avoid misclassifying invalid mode values
|
||||
as block devices.
|
||||
- gh-144023: Fixed validation of file descriptor 0 in posix
|
||||
functions when used with follow_symlinks parameter.
|
||||
- gh-143999: Fix an issue where inspect.getgeneratorstate()
|
||||
and inspect.getcoroutinestate() could fail for generators
|
||||
wrapped by types.coroutine() in the suspended state.
|
||||
- gh-143706: Fix multiprocessing forkserver so that sys.argv
|
||||
is correctly set before __main__ is preloaded. Previously,
|
||||
sys.argv was empty during main module import in forkserver
|
||||
child processes. This fixes a regression introduced in
|
||||
3.13.8 and 3.14.1. Root caused by Aaron Wieczorek, test
|
||||
provided by Thomas Watson, thanks!
|
||||
- gh-143638: Forbid reentrant calls of the pickle.Pickler and
|
||||
pickle.Unpickler methods for the C implementation.
|
||||
Previously, this could cause crash or data corruption, now
|
||||
concurrent calls of methods of the same object raise
|
||||
RuntimeError.
|
||||
- gh-78724: Raise RuntimeError’s when user attempts to call
|
||||
methods on half-initialized Struct objects, For example,
|
||||
created by Struct.__new__(Struct). Patch by Sergey
|
||||
B Kirpichev.
|
||||
- gh-143602: Fix a inconsistency issue in write() that leads
|
||||
to unexpected buffer overwrite by deduplicating the buffer
|
||||
exports.
|
||||
- gh-143547: Fix sys.unraisablehook() when the hook raises an
|
||||
exception and changes sys.unraisablehook(): hold a strong
|
||||
reference to the old hook. Patch by Victor Stinner.
|
||||
- gh-143378: Fix use-after-free crashes when a BytesIO object
|
||||
is concurrently mutated during write() or writelines().
|
||||
- gh-143346: Fix incorrect wrapping of the Base64 data in
|
||||
plistlib._PlistWriter when the indent contains a mix of
|
||||
tabs and spaces.
|
||||
- gh-143310: tkinter: fix a crash when a Python list is
|
||||
mutated during the conversion to a Tcl object (e.g., when
|
||||
setting a Tcl variable). Patch by Bénédikt Tran.
|
||||
- gh-143309: Fix a crash in os.execve() on non-Windows
|
||||
platforms when given a custom environment mapping which is
|
||||
then mutated during parsing. Patch by Bénédikt Tran.
|
||||
- gh-143308: pickle: fix use-after-free crashes when
|
||||
a PickleBuffer is concurrently mutated by a custom buffer
|
||||
callback during pickling. Patch by Bénédikt Tran and Aaron
|
||||
Wieczorek.
|
||||
- gh-143237: Fix support of named pipes in the rotating
|
||||
logging handlers.
|
||||
- gh-143249: Fix possible buffer leaks in Windows overlapped
|
||||
I/O on error handling.
|
||||
- gh-143241: zoneinfo: fix infinite loop in
|
||||
ZoneInfo.from_file when parsing a malformed TZif file.
|
||||
Patch by Fatih Celik.
|
||||
- gh-142830: sqlite3: fix use-after-free crashes when the
|
||||
connection’s callbacks are mutated during a callback
|
||||
execution. Patch by Bénédikt Tran.
|
||||
- gh-143200: xml.etree.ElementTree: fix use-after-free
|
||||
crashes in __getitem__() and __setitem__() methods of
|
||||
Element when the element is concurrently mutated. Patch by
|
||||
Bénédikt Tran.
|
||||
- gh-142195: Updated timeout evaluation logic in subprocess
|
||||
to be compatible with deterministic environments like
|
||||
Shadow where time moves exactly as requested.
|
||||
- gh-143145: Fixed a possible reference leak in ctypes when
|
||||
constructing results with multiple output parameters on
|
||||
error.
|
||||
- gh-122431: Corrected the error message in
|
||||
readline.append_history_file() to state that nelements must
|
||||
be non-negative instead of positive.
|
||||
- gh-143004: Fix a potential use-after-free in
|
||||
collections.Counter.update() when user code mutates the
|
||||
Counter during an update.
|
||||
- gh-143046: The asyncio REPL no longer prints copyright and
|
||||
version messages in the quiet mode (-q). Patch by Bartosz
|
||||
Sławecki.
|
||||
- gh-140648: The asyncio REPL now respects the -I flag
|
||||
(isolated mode). Previously, it would load and execute
|
||||
PYTHONSTARTUP even if the flag was set. Contributed by
|
||||
Bartosz Sławecki.
|
||||
- gh-142991: Fixed socket operations such as recvfrom() and
|
||||
sendto() for FreeBSD divert(4) socket.
|
||||
- gh-143010: Fixed a bug in mailbox where the precise timing
|
||||
of an external event could result in the library opening an
|
||||
existing file instead of a file it expected to create.
|
||||
- gh-142881: Fix concurrent and reentrant call of
|
||||
atexit.unregister().
|
||||
- gh-112127: Fix possible use-after-free in
|
||||
atexit.unregister() when the callback is unregistered
|
||||
during comparison.
|
||||
- gh-142783: Fix zoneinfo use-after-free with descriptor
|
||||
_weak_cache. a descriptor as _weak_cache could cause
|
||||
crashes during object creation. The fix ensures proper
|
||||
reference counting for descriptor-provided objects.
|
||||
- gh-142754: Add the ownerDocument attribute to
|
||||
xml.dom.minidom elements and attributes created by directly
|
||||
instantiating the Element or Attr class. Note that this way
|
||||
of creating nodes is not supported; creator functions like
|
||||
xml.dom.Document.documentElement() should be used instead.
|
||||
- gh-142784: The asyncio REPL now properly closes the loop
|
||||
upon the end of interactive session. Previously, it could
|
||||
cause surprising warnings. Contributed by Bartosz Sławecki.
|
||||
- gh-142555: array: fix a crash in a[i] = v when converting
|
||||
i to an index via i.__index__ or i.__float__ mutates the
|
||||
array.
|
||||
- gh-142594: Fix crash in TextIOWrapper.close() when the
|
||||
underlying buffer’s closed property calls detach().
|
||||
- gh-142451: hmac: Ensure that the HMAC.block_size attribute
|
||||
is correctly copied by HMAC.copy. Patch by Bénédikt Tran.
|
||||
- gh-142495: collections.defaultdict now prioritizes
|
||||
__setitem__() when inserting default values from
|
||||
default_factory. This prevents race conditions where
|
||||
a default value would overwrite a value set before
|
||||
default_factory returns.
|
||||
- gh-142651: unittest.mock: fix a thread safety issue where
|
||||
Mock.call_count may return inaccurate values when the mock
|
||||
is called concurrently from multiple threads.
|
||||
- gh-142595: Added type check during initialization of the
|
||||
decimal module to prevent a crash in case of broken stdlib.
|
||||
Patch by Sergey B Kirpichev.
|
||||
- gh-142517: The non-compat32 email policies now correctly
|
||||
handle refolding encoded words that contain bytes that can
|
||||
not be decoded in their specified character set. Previously
|
||||
this resulted in an encoding exception during folding.
|
||||
- gh-112527: The help text for required options in argparse
|
||||
no longer extended with “ (default: None)”.
|
||||
- gh-142315: Pdb can now run scripts from anonymous pipes
|
||||
used in process substitution. Patch by Bartosz Sławecki.
|
||||
- gh-142282: Fix winreg.QueryValueEx() to not accidentally
|
||||
read garbage buffer under race condition.
|
||||
- gh-75949: Fix argparse to preserve | separators in mutually
|
||||
exclusive groups when the usage line wraps due to length.
|
||||
- gh-68552: MisplacedEnvelopeHeaderDefect and Missing header
|
||||
name defects are now correctly passed to the handle_defect
|
||||
method of policy in FeedParser.
|
||||
- gh-142006: Fix a bug in the email.policy.default folding
|
||||
algorithm which incorrectly resulted in a doubled newline
|
||||
when a line ending at exactly max_line_length was followed
|
||||
by an unfoldable token.
|
||||
- gh-105836: Fix asyncio.run_coroutine_threadsafe() leaving
|
||||
underlying cancelled asyncio task running.
|
||||
- gh-139971: pydoc: Ensure that the link to the online
|
||||
documentation of a stdlib module is correct.
|
||||
- gh-139262: Some keystrokes can be swallowed in the new
|
||||
PyREPL on Windows, especially when used together with the
|
||||
ALT key. Fix by Chris Eibl.
|
||||
- gh-138897: Improved license/copyright/credits display in
|
||||
the REPL: now uses a pager.
|
||||
- gh-79986: Add parsing for References and In-Reply-To
|
||||
headers to the email library that parses the header content
|
||||
as lists of message id tokens. This prevents them from
|
||||
being folded incorrectly.
|
||||
- gh-109263: Starting a process from spawn context in
|
||||
multiprocessing no longer sets the start method globally.
|
||||
- gh-90871: Fixed an off by one error concerning the backlog
|
||||
parameter in create_unix_server(). Contributed by Christian
|
||||
Harries.
|
||||
- gh-133253: Fix thread-safety issues in linecache.
|
||||
- gh-132715: Skip writing objects during marshalling once
|
||||
a failure has occurred.
|
||||
- gh-127529: Correct behavior of
|
||||
asyncio.selector_events.BaseSelectorEventLoop._accept_connection()
|
||||
in handling ConnectionAbortedError in a loop. This improves
|
||||
performance on OpenBSD.
|
||||
- IDLE
|
||||
- gh-143774: Better explain the operation of Format / Format
|
||||
Paragraph.
|
||||
- Documentation
|
||||
- gh-140806: Add documentation for enum.bin().
|
||||
- Core and Builtins
|
||||
- gh-144307: Prevent a reference leak in module teardown at
|
||||
interpreter finalization.
|
||||
- gh-144194: Fix error handling in perf jitdump
|
||||
initialization on memory allocation failure.
|
||||
- gh-141805: Fix crash in set when objects with the same hash
|
||||
are concurrently added to the set after removing an element
|
||||
with the same hash while the set still contains elements
|
||||
with the same hash.
|
||||
- gh-143670: Fixes a crash in ga_repr_items_list function.
|
||||
- gh-143377: Fix a crash in _interpreters.capture_exception()
|
||||
when the exception is incorrectly formatted. Patch by
|
||||
Bénédikt Tran.
|
||||
- gh-143189: Fix crash when inserting a non-str key into
|
||||
a split table dictionary when the key matches an existing
|
||||
key in the split table but has no corresponding value in
|
||||
the dict.
|
||||
- gh-143228: Fix use-after-free in perf trampoline when
|
||||
toggling profiling while threads are running or during
|
||||
interpreter finalization with daemon threads active. The
|
||||
fix uses reference counting to ensure trampolines are not
|
||||
freed while any code object could still reference them.
|
||||
Pach by Pablo Galindo
|
||||
- gh-142664: Fix a use-after-free crash in
|
||||
memoryview.__hash__ when the __hash__ method of the
|
||||
referenced object mutates that object or the view. Patch by
|
||||
Bénédikt Tran.
|
||||
- gh-142557: Fix a use-after-free crash in bytearray.__mod__
|
||||
when the bytearray is mutated while formatting the %-style
|
||||
arguments. Patch by Bénédikt Tran.
|
||||
- gh-143195: Fix use-after-free crashes in bytearray.hex()
|
||||
and memoryview.hex() when the separator’s __len__() mutates
|
||||
the original object. Patch by Bénédikt Tran.
|
||||
- gh-143135: Set sys.flags.inspect to 1 when PYTHONINSPECT is
|
||||
0. Previously, it was set to 0 in this case.
|
||||
- gh-143003: Fix an overflow of the shared empty buffer in
|
||||
bytearray.extend() when __length_hint__() returns 0 for
|
||||
non-empty iterator.
|
||||
- gh-143006: Fix a possible assertion error when comparing
|
||||
negative non-integer float and int with the same number of
|
||||
bits in the integer part.
|
||||
- gh-142776: Fix a file descriptor leak in import.c
|
||||
- gh-142829: Fix a use-after-free crash in
|
||||
contextvars.Context comparison when a custom __eq__ method
|
||||
modifies the context via set().
|
||||
- gh-142766: Clear the frame of a generator when
|
||||
generator.close() is called.
|
||||
- gh-142737: Tracebacks will be displayed in fallback mode
|
||||
even if io.open() is lost. Previously, this would crash the
|
||||
interpreter. Patch by Bartosz Sławecki.
|
||||
- gh-142554: Fix a crash in divmod() when
|
||||
_pylong.int_divmod() does not return a tuple of length two
|
||||
exactly. Patch by Bénédikt Tran.
|
||||
- gh-142560: Fix use-after-free in bytearray search-like
|
||||
methods (find(), count(), index(), rindex(), and rfind())
|
||||
by marking the storage as exported which causes
|
||||
reallocation attempts to raise BufferError. For contains(),
|
||||
split(), and rsplit() the buffer protocol is used for this.
|
||||
- gh-142343: Fix SIGILL crash on m68k due to incorrect
|
||||
assembly constraint.
|
||||
- gh-141732: Ensure the __repr__() for ExceptionGroup and
|
||||
BaseExceptionGroup does not change when the exception
|
||||
sequence that was original passed in to its constructor is
|
||||
subsequently mutated.
|
||||
- gh-100964: Fix reference cycle in exhausted generator
|
||||
frames. Patch by Savannah Ostrowski.
|
||||
- gh-140373: Correctly emit PY_UNWIND event when generator
|
||||
object is closed. Patch by Mikhail Efimov.
|
||||
- gh-138568: Adjusted the built-in help() function so that
|
||||
empty inputs are ignored in interactive mode.
|
||||
- gh-127773: Do not use the type attribute cache for types
|
||||
with incompatible MRO.
|
||||
- C API
|
||||
- gh-142571: PyUnstable_CopyPerfMapFile() now checks that
|
||||
opening the file succeeded before flushing.
|
||||
- Build
|
||||
- gh-142454: When calculating the digest of the JIT stencils
|
||||
input, sort the hashed files by filenames before adding
|
||||
their content to the hasher. This ensures deterministic
|
||||
hash input and hence deterministic hash, independent on
|
||||
filesystem order.
|
||||
- gh-141808: When running make clean-retain-profile, keep the
|
||||
generated JIT stencils. That way, the stencils are not
|
||||
generated twice when Profile-guided optimization (PGO) is
|
||||
used. It also allows distributors to supply their own
|
||||
pre-built JIT stencils.
|
||||
- gh-138061: Ensure reproducible builds by making JIT stencil
|
||||
header generation deterministic.
|
||||
- Remove upstreamed patches:
|
||||
- CVE-2024-6923-follow-up-EOL-email-headers.patch
|
||||
- gh138131-exclude-pycache-from-digest.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 27 16:31:12 UTC 2026 - Matej Cepl <mcepl@cepl.eu>
|
||||
|
||||
|
||||
@@ -167,7 +167,7 @@
|
||||
# _md5.cpython-38m-x86_64-linux-gnu.so
|
||||
%define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
|
||||
Name: %{python_pkg_name}%{psuffix}
|
||||
Version: 3.13.11
|
||||
Version: 3.13.12
|
||||
%define tarversion %{version}
|
||||
%define tarname Python-%{tarversion}
|
||||
Release: 0
|
||||
@@ -231,17 +231,11 @@ Patch42: gh126985-mv-pyvenv.cfg2getpath.patch
|
||||
# PATCH-FIX-UPSTREAM bsc1243155-sphinx-non-determinism.patch bsc#1243155 mcepl@suse.com
|
||||
# Doc: Generate ids for audit_events using docname
|
||||
Patch43: bsc1243155-sphinx-non-determinism.patch
|
||||
# PATCH-FIX-UPSTREAM gh138131-exclude-pycache-from-digest.patch bsc#1244680 daniel.garcia@suse.com
|
||||
Patch44: gh138131-exclude-pycache-from-digest.patch
|
||||
# PATCH-FIX-OPENSUSE gh139257-Support-docutils-0.22.patch gh#python/cpython#139257 daniel.garcia@suse.com
|
||||
Patch45: gh139257-Support-docutils-0.22.patch
|
||||
# PATCH-FIX-UPSTREAM pass-test_write_read_limited_history.patch bsc#[0-9]+ mcepl@suse.com
|
||||
# Fix readline history truncation when length is reduced
|
||||
Patch48: pass-test_write_read_limited_history.patch
|
||||
# PATCH-FIX-UPSTREAM CVE-2024-6923-follow-up-EOL-email-headers.patch bsc#1257181 mcepl@suse.com
|
||||
# Encode newlines in headers when using ByteGenerator
|
||||
# patch from gh#python/cpython#144125
|
||||
Patch49: CVE-2024-6923-follow-up-EOL-email-headers.patch
|
||||
#### END OF PATCHES
|
||||
BuildRequires: autoconf-archive
|
||||
BuildRequires: automake
|
||||
|
||||
Reference in New Issue
Block a user