From 6072bbdbcd7bfd8c5f3324786ce6dd96d225d95ce88a1f7b964a5ecc4e69059e Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Mon, 9 Jun 2025 21:38:15 +0000 Subject: [PATCH] =?UTF-8?q?-=20Update=20to=203.13.4:=20=20=20-=20Security?= =?UTF-8?q?=20=20=20=20=20-=20gh-135034:=20Fixes=20multiple=20issues=20tha?= =?UTF-8?q?t=20allowed=20tarfile=20=20=20=20=20=20=20extraction=20filters?= =?UTF-8?q?=20(filter=3D"data"=20and=20filter=3D"tar")=20to=20be=20=20=20?= =?UTF-8?q?=20=20=20=20bypassed=20using=20crafted=20symlinks=20and=20hard?= =?UTF-8?q?=20links.=20=20=20=20=20=20=20Addresses=20CVE-2024-12718=20(bsc?= =?UTF-8?q?#1244056),=20CVE-2025-4138=20=20=20=20=20=20=20(bsc#1244059),?= =?UTF-8?q?=20CVE-2025-4330=20(bsc#1244060),=20and=20=20=20=20=20=20=20CVE?= =?UTF-8?q?-2025-4517=20(bsc#1244032).=20=20=20=20=20-=20gh-133767:=20Fix?= =?UTF-8?q?=20use-after-free=20in=20the=20=E2=80=9Cunicode-escape=E2=80=9D?= =?UTF-8?q?=20=20=20=20=20=20=20decoder=20with=20a=20non-=E2=80=9Cstrict?= =?UTF-8?q?=E2=80=9D=20error=20handler=20(CVE-2025-4516,=20=20=20=20=20=20?= =?UTF-8?q?=20bsc#1243273).=20=20=20=20=20-=20gh-128840:=20Short-circuit?= =?UTF-8?q?=20the=20processing=20of=20long=20IPv6=20=20=20=20=20=20=20addr?= =?UTF-8?q?esses=20early=20in=20ipaddress=20to=20prevent=20excessive=20mem?= =?UTF-8?q?ory=20=20=20=20=20=20=20consumption=20and=20a=20minor=20denial-?= =?UTF-8?q?of-service.=20=20=20-=20Library=20=20=20=20=20-=20gh-134718:=20?= =?UTF-8?q?ast.dump()=20now=20only=20omits=20None=20and=20[]=20values=20if?= =?UTF-8?q?=20=20=20=20=20=20=20they=20are=20default=20values.=20=20=20=20?= =?UTF-8?q?=20-=20gh-128840:=20Fix=20parsing=20long=20IPv6=20addresses=20w?= =?UTF-8?q?ith=20embedded=20=20=20=20=20=20=20IPv4=20address.=20=20=20=20?= =?UTF-8?q?=20-=20gh-134696:=20Built-in=20HACL*=20and=20OpenSSL=20implemen?= =?UTF-8?q?tations=20of=20=20=20=20=20=20=20hash=20function=20constructors?= =?UTF-8?q?=20now=20correctly=20accept=20the=20same=20=20=20=20=20=20=20do?= =?UTF-8?q?cumented=20named=20arguments.=20For=20instance,=20md5()=20could?= =?UTF-8?q?=20be=20=20=20=20=20=20=20previously=20invoked=20as=20md5(data?= =?UTF-8?q?=3Ddata)=20or=20md5(string=3Dstring)=20=20=20=20=20=20=20depend?= =?UTF-8?q?ing=20on=20the=20underlying=20implementation=20but=20these=20ca?= =?UTF-8?q?lls=20=20=20=20=20=20=20were=20not=20compatible.=20Patch=20by?= =?UTF-8?q?=20B=C3=A9n=C3=A9dikt=20Tran.=20=20=20=20=20-=20gh-134210:=20cu?= =?UTF-8?q?rses.window.getch()=20now=20correctly=20handles=20=20=20=20=20?= =?UTF-8?q?=20=20signals.=20Patch=20by=20B=C3=A9n=C3=A9dikt=20Tran.=20=20?= =?UTF-8?q?=20=20=20-=20gh-80334:=20multiprocessing.freeze=5Fsupport()=20n?= =?UTF-8?q?ow=20checks=20for=20=20=20=20=20=20=20work=20on=20any=20?= =?UTF-8?q?=E2=80=9Cspawn=E2=80=9D=20start=20method=20platform=20rather=20?= =?UTF-8?q?than=20only=20=20=20=20=20=20=20on=20Windows.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python313?expand=0&rev=100 --- CVE-2025-4516-DecodeError-handler.patch | 483 -------------------- Python-3.13.3.tar.xz | 3 - Python-3.13.3.tar.xz.sigstore | 1 - Python-3.13.4.tar.xz | 3 + Python-3.13.4.tar.xz.sigstore | 1 + bpo-31046_ensurepip_honours_prefix.patch | 52 +-- doc-py38-to-py36.patch | 131 +++--- gh-132535-rsrc-warn-test_timeout.patch | 94 ---- python-3.3.0b1-fix_date_time_compiler.patch | 2 +- python-3.3.0b1-localpath.patch | 14 +- python313.changes | 259 +++++++++++ python313.spec | 8 +- subprocess-raise-timeout.patch | 8 +- 13 files changed, 356 insertions(+), 703 deletions(-) delete mode 100644 CVE-2025-4516-DecodeError-handler.patch delete mode 100644 Python-3.13.3.tar.xz delete mode 100644 Python-3.13.3.tar.xz.sigstore create mode 100644 Python-3.13.4.tar.xz create mode 100644 Python-3.13.4.tar.xz.sigstore delete mode 100644 gh-132535-rsrc-warn-test_timeout.patch diff --git a/CVE-2025-4516-DecodeError-handler.patch b/CVE-2025-4516-DecodeError-handler.patch deleted file mode 100644 index 4dcba72..0000000 --- a/CVE-2025-4516-DecodeError-handler.patch +++ /dev/null @@ -1,483 +0,0 @@ -From 0afcdf15f64273dc5e4ed12ea63a01f7f1136d71 Mon Sep 17 00:00:00 2001 -From: Serhiy Storchaka -Date: Mon, 12 May 2025 20:42:23 +0300 -Subject: [PATCH] [3.13] gh-133767: Fix use-after-free in the unicode-escape - decoder with an error handler (GH-129648) - -If the error handler is used, a new bytes object is created to set as -the object attribute of UnicodeDecodeError, and that bytes object then -replaces the original data. A pointer to the decoded data will became invalid -after destroying that temporary bytes object. So we need other way to return -the first invalid escape from _PyUnicode_DecodeUnicodeEscapeInternal(). - -_PyBytes_DecodeEscape() does not have such issue, because it does not -use the error handlers registry, but it should be changed for compatibility -with _PyUnicode_DecodeUnicodeEscapeInternal(). -(cherry picked from commit 9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e) - -Co-authored-by: Serhiy Storchaka ---- - Include/internal/pycore_bytesobject.h | 5 - Include/internal/pycore_unicodeobject.h | 12 +- - Lib/test/test_codeccallbacks.py | 39 +++++++ - Lib/test/test_codecs.py | 52 ++++++++-- - Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst | 2 - Objects/bytesobject.c | 41 ++++--- - Objects/unicodeobject.c | 46 +++++--- - Parser/string_parser.c | 26 +++-- - 8 files changed, 160 insertions(+), 63 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst - -Index: Python-3.13.3/Include/internal/pycore_bytesobject.h -=================================================================== ---- Python-3.13.3.orig/Include/internal/pycore_bytesobject.h 2025-04-08 13:54:08.000000000 +0000 -+++ Python-3.13.3/Include/internal/pycore_bytesobject.h 2025-05-17 07:33:22.001814947 +0000 -@@ -20,8 +20,9 @@ - - // Helper for PyBytes_DecodeEscape that detects invalid escape chars. - // Export for test_peg_generator. --PyAPI_FUNC(PyObject*) _PyBytes_DecodeEscape(const char *, Py_ssize_t, -- const char *, const char **); -+PyAPI_FUNC(PyObject*) _PyBytes_DecodeEscape2(const char *, Py_ssize_t, -+ const char *, -+ int *, const char **); - - - // Substring Search. -Index: Python-3.13.3/Include/internal/pycore_unicodeobject.h -=================================================================== ---- Python-3.13.3.orig/Include/internal/pycore_unicodeobject.h 2025-04-08 13:54:08.000000000 +0000 -+++ Python-3.13.3/Include/internal/pycore_unicodeobject.h 2025-05-17 07:33:22.001974979 +0000 -@@ -142,14 +142,18 @@ - // Helper for PyUnicode_DecodeUnicodeEscape that detects invalid escape - // chars. - // Export for test_peg_generator. --PyAPI_FUNC(PyObject*) _PyUnicode_DecodeUnicodeEscapeInternal( -+PyAPI_FUNC(PyObject*) _PyUnicode_DecodeUnicodeEscapeInternal2( - const char *string, /* Unicode-Escape encoded string */ - Py_ssize_t length, /* size of string */ - const char *errors, /* error handling */ - Py_ssize_t *consumed, /* bytes consumed */ -- const char **first_invalid_escape); /* on return, points to first -- invalid escaped char in -- string. */ -+ int *first_invalid_escape_char, /* on return, if not -1, contain the first -+ invalid escaped char (<= 0xff) or invalid -+ octal escape (> 0xff) in string. */ -+ const char **first_invalid_escape_ptr); /* on return, if not NULL, may -+ point to the first invalid escaped -+ char in string. -+ May be NULL if errors is not NULL. */ - - /* --- Raw-Unicode-Escape Codecs ---------------------------------------------- */ - -Index: Python-3.13.3/Lib/test/test_codeccallbacks.py -=================================================================== ---- Python-3.13.3.orig/Lib/test/test_codeccallbacks.py 2025-04-08 13:54:08.000000000 +0000 -+++ Python-3.13.3/Lib/test/test_codeccallbacks.py 2025-05-17 07:33:22.002185827 +0000 -@@ -1,6 +1,7 @@ - import codecs - import html.entities - import itertools -+import re - import sys - import unicodedata - import unittest -@@ -1124,7 +1125,7 @@ - text = 'abcghi'*n - text.translate(charmap) - -- def test_mutatingdecodehandler(self): -+ def test_mutating_decode_handler(self): - baddata = [ - ("ascii", b"\xff"), - ("utf-7", b"++"), -@@ -1159,6 +1160,42 @@ - for (encoding, data) in baddata: - self.assertEqual(data.decode(encoding, "test.mutating"), "\u4242") - -+ def test_mutating_decode_handler_unicode_escape(self): -+ decode = codecs.unicode_escape_decode -+ def mutating(exc): -+ if isinstance(exc, UnicodeDecodeError): -+ r = data.get(exc.object[:exc.end]) -+ if r is not None: -+ exc.object = r[0] + exc.object[exc.end:] -+ return ('\u0404', r[1]) -+ raise AssertionError("don't know how to handle %r" % exc) -+ -+ codecs.register_error('test.mutating2', mutating) -+ data = { -+ br'\x0': (b'\\', 0), -+ br'\x3': (b'xxx\\', 3), -+ br'\x5': (b'x\\', 1), -+ } -+ def check(input, expected, msg): -+ with self.assertWarns(DeprecationWarning) as cm: -+ self.assertEqual(decode(input, 'test.mutating2'), (expected, len(input))) -+ self.assertIn(msg, str(cm.warning)) -+ -+ check(br'\x0n\z', '\u0404\n\\z', r"invalid escape sequence '\z'") -+ check(br'\x0n\501', '\u0404\n\u0141', r"invalid octal escape sequence '\501'") -+ check(br'\x0z', '\u0404\\z', r"invalid escape sequence '\z'") -+ -+ check(br'\x3n\zr', '\u0404\n\\zr', r"invalid escape sequence '\z'") -+ check(br'\x3zr', '\u0404\\zr', r"invalid escape sequence '\z'") -+ check(br'\x3z5', '\u0404\\z5', r"invalid escape sequence '\z'") -+ check(memoryview(br'\x3z5x')[:-1], '\u0404\\z5', r"invalid escape sequence '\z'") -+ check(memoryview(br'\x3z5xy')[:-2], '\u0404\\z5', r"invalid escape sequence '\z'") -+ -+ check(br'\x5n\z', '\u0404\n\\z', r"invalid escape sequence '\z'") -+ check(br'\x5n\501', '\u0404\n\u0141', r"invalid octal escape sequence '\501'") -+ check(br'\x5z', '\u0404\\z', r"invalid escape sequence '\z'") -+ check(memoryview(br'\x5zy')[:-1], '\u0404\\z', r"invalid escape sequence '\z'") -+ - # issue32583 - def test_crashing_decode_handler(self): - # better generating one more character to fill the extra space slot -Index: Python-3.13.3/Lib/test/test_codecs.py -=================================================================== ---- Python-3.13.3.orig/Lib/test/test_codecs.py 2025-04-08 13:54:08.000000000 +0000 -+++ Python-3.13.3/Lib/test/test_codecs.py 2025-05-17 07:33:22.002507164 +0000 -@@ -1196,23 +1196,39 @@ - check(br"[\1010]", b"[A0]") - check(br"[\x41]", b"[A]") - check(br"[\x410]", b"[A0]") -+ -+ def test_warnings(self): -+ decode = codecs.escape_decode -+ check = coding_checker(self, decode) - for i in range(97, 123): - b = bytes([i]) - if b not in b'abfnrtvx': -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\%c'" % i): - check(b"\\" + b, b"\\" + b) -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\%c'" % (i-32)): - check(b"\\" + b.upper(), b"\\" + b.upper()) -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\8'"): - check(br"\8", b"\\8") - with self.assertWarns(DeprecationWarning): - check(br"\9", b"\\9") -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\\xfa'") as cm: - check(b"\\\xfa", b"\\\xfa") - for i in range(0o400, 0o1000): -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid octal escape sequence '\\%o'" % i): - check(rb'\%o' % i, bytes([i & 0o377])) - -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\z'"): -+ self.assertEqual(decode(br'\x\z', 'ignore'), (b'\\z', 4)) -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid octal escape sequence '\\501'"): -+ self.assertEqual(decode(br'\x\501', 'ignore'), (b'A', 6)) -+ - def test_errors(self): - decode = codecs.escape_decode - self.assertRaises(ValueError, decode, br"\x") -@@ -2661,24 +2677,40 @@ - check(br"[\x410]", "[A0]") - check(br"\u20ac", "\u20ac") - check(br"\U0001d120", "\U0001d120") -+ -+ def test_decode_warnings(self): -+ decode = codecs.unicode_escape_decode -+ check = coding_checker(self, decode) - for i in range(97, 123): - b = bytes([i]) - if b not in b'abfnrtuvx': -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\%c'" % i): - check(b"\\" + b, "\\" + chr(i)) - if b.upper() not in b'UN': -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\%c'" % (i-32)): - check(b"\\" + b.upper(), "\\" + chr(i-32)) -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\8'"): - check(br"\8", "\\8") - with self.assertWarns(DeprecationWarning): - check(br"\9", "\\9") -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\\xfa'") as cm: - check(b"\\\xfa", "\\\xfa") - for i in range(0o400, 0o1000): -- with self.assertWarns(DeprecationWarning): -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid octal escape sequence '\\%o'" % i): - check(rb'\%o' % i, chr(i)) - -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid escape sequence '\\z'"): -+ self.assertEqual(decode(br'\x\z', 'ignore'), ('\\z', 4)) -+ with self.assertWarnsRegex(DeprecationWarning, -+ r"invalid octal escape sequence '\\501'"): -+ self.assertEqual(decode(br'\x\501', 'ignore'), ('\u0141', 6)) -+ - def test_decode_errors(self): - decode = codecs.unicode_escape_decode - for c, d in (b'x', 2), (b'u', 4), (b'U', 4): -Index: Python-3.13.3/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ Python-3.13.3/Misc/NEWS.d/next/Security/2025-05-09-20-22-54.gh-issue-133767.kN2i3Q.rst 2025-05-17 07:33:22.002786511 +0000 -@@ -0,0 +1,2 @@ -+Fix use-after-free in the "unicode-escape" decoder with a non-"strict" error -+handler. -Index: Python-3.13.3/Objects/bytesobject.c -=================================================================== ---- Python-3.13.3.orig/Objects/bytesobject.c 2025-04-08 13:54:08.000000000 +0000 -+++ Python-3.13.3/Objects/bytesobject.c 2025-05-17 07:33:22.003325939 +0000 -@@ -1065,10 +1065,11 @@ - } - - /* Unescape a backslash-escaped string. */ --PyObject *_PyBytes_DecodeEscape(const char *s, -+PyObject *_PyBytes_DecodeEscape2(const char *s, - Py_ssize_t len, - const char *errors, -- const char **first_invalid_escape) -+ int *first_invalid_escape_char, -+ const char **first_invalid_escape_ptr) - { - int c; - char *p; -@@ -1082,7 +1083,8 @@ - return NULL; - writer.overallocate = 1; - -- *first_invalid_escape = NULL; -+ *first_invalid_escape_char = -1; -+ *first_invalid_escape_ptr = NULL; - - end = s + len; - while (s < end) { -@@ -1120,9 +1122,10 @@ - c = (c<<3) + *s++ - '0'; - } - if (c > 0377) { -- if (*first_invalid_escape == NULL) { -- *first_invalid_escape = s-3; /* Back up 3 chars, since we've -- already incremented s. */ -+ if (*first_invalid_escape_char == -1) { -+ *first_invalid_escape_char = c; -+ /* Back up 3 chars, since we've already incremented s. */ -+ *first_invalid_escape_ptr = s - 3; - } - } - *p++ = c; -@@ -1163,9 +1166,10 @@ - break; - - default: -- if (*first_invalid_escape == NULL) { -- *first_invalid_escape = s-1; /* Back up one char, since we've -- already incremented s. */ -+ if (*first_invalid_escape_char == -1) { -+ *first_invalid_escape_char = (unsigned char)s[-1]; -+ /* Back up one char, since we've already incremented s. */ -+ *first_invalid_escape_ptr = s - 1; - } - *p++ = '\\'; - s--; -@@ -1185,17 +1189,18 @@ - Py_ssize_t Py_UNUSED(unicode), - const char *Py_UNUSED(recode_encoding)) - { -- const char* first_invalid_escape; -- PyObject *result = _PyBytes_DecodeEscape(s, len, errors, -- &first_invalid_escape); -+ int first_invalid_escape_char; -+ const char *first_invalid_escape_ptr; -+ PyObject *result = _PyBytes_DecodeEscape2(s, len, errors, -+ &first_invalid_escape_char, -+ &first_invalid_escape_ptr); - if (result == NULL) - return NULL; -- if (first_invalid_escape != NULL) { -- unsigned char c = *first_invalid_escape; -- if ('4' <= c && c <= '7') { -+ if (first_invalid_escape_char != -1) { -+ if (first_invalid_escape_char > 0xff) { - if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1, -- "invalid octal escape sequence '\\%.3s'", -- first_invalid_escape) < 0) -+ "invalid octal escape sequence '\\%o'", -+ first_invalid_escape_char) < 0) - { - Py_DECREF(result); - return NULL; -@@ -1204,7 +1209,7 @@ - else { - if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1, - "invalid escape sequence '\\%c'", -- c) < 0) -+ first_invalid_escape_char) < 0) - { - Py_DECREF(result); - return NULL; -Index: Python-3.13.3/Objects/unicodeobject.c -=================================================================== ---- Python-3.13.3.orig/Objects/unicodeobject.c 2025-04-08 13:54:08.000000000 +0000 -+++ Python-3.13.3/Objects/unicodeobject.c 2025-05-17 07:33:22.004748214 +0000 -@@ -6177,13 +6177,15 @@ - /* --- Unicode Escape Codec ----------------------------------------------- */ - - PyObject * --_PyUnicode_DecodeUnicodeEscapeInternal(const char *s, -+_PyUnicode_DecodeUnicodeEscapeInternal2(const char *s, - Py_ssize_t size, - const char *errors, - Py_ssize_t *consumed, -- const char **first_invalid_escape) -+ int *first_invalid_escape_char, -+ const char **first_invalid_escape_ptr) - { - const char *starts = s; -+ const char *initial_starts = starts; - _PyUnicodeWriter writer; - const char *end; - PyObject *errorHandler = NULL; -@@ -6191,7 +6193,8 @@ - _PyUnicode_Name_CAPI *ucnhash_capi; - - // so we can remember if we've seen an invalid escape char or not -- *first_invalid_escape = NULL; -+ *first_invalid_escape_char = -1; -+ *first_invalid_escape_ptr = NULL; - - if (size == 0) { - if (consumed) { -@@ -6279,9 +6282,12 @@ - } - } - if (ch > 0377) { -- if (*first_invalid_escape == NULL) { -- *first_invalid_escape = s-3; /* Back up 3 chars, since we've -- already incremented s. */ -+ if (*first_invalid_escape_char == -1) { -+ *first_invalid_escape_char = ch; -+ if (starts == initial_starts) { -+ /* Back up 3 chars, since we've already incremented s. */ -+ *first_invalid_escape_ptr = s - 3; -+ } - } - } - WRITE_CHAR(ch); -@@ -6376,9 +6382,12 @@ - goto error; - - default: -- if (*first_invalid_escape == NULL) { -- *first_invalid_escape = s-1; /* Back up one char, since we've -- already incremented s. */ -+ if (*first_invalid_escape_char == -1) { -+ *first_invalid_escape_char = c; -+ if (starts == initial_starts) { -+ /* Back up one char, since we've already incremented s. */ -+ *first_invalid_escape_ptr = s - 1; -+ } - } - WRITE_ASCII_CHAR('\\'); - WRITE_CHAR(c); -@@ -6423,18 +6432,19 @@ - const char *errors, - Py_ssize_t *consumed) - { -- const char *first_invalid_escape; -- PyObject *result = _PyUnicode_DecodeUnicodeEscapeInternal(s, size, errors, -+ int first_invalid_escape_char; -+ const char *first_invalid_escape_ptr; -+ PyObject *result = _PyUnicode_DecodeUnicodeEscapeInternal2(s, size, errors, - consumed, -- &first_invalid_escape); -+ &first_invalid_escape_char, -+ &first_invalid_escape_ptr); - if (result == NULL) - return NULL; -- if (first_invalid_escape != NULL) { -- unsigned char c = *first_invalid_escape; -- if ('4' <= c && c <= '7') { -+ if (first_invalid_escape_char != -1) { -+ if (first_invalid_escape_char > 0xff) { - if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1, -- "invalid octal escape sequence '\\%.3s'", -- first_invalid_escape) < 0) -+ "invalid octal escape sequence '\\%o'", -+ first_invalid_escape_char) < 0) - { - Py_DECREF(result); - return NULL; -@@ -6443,7 +6453,7 @@ - else { - if (PyErr_WarnFormat(PyExc_DeprecationWarning, 1, - "invalid escape sequence '\\%c'", -- c) < 0) -+ first_invalid_escape_char) < 0) - { - Py_DECREF(result); - return NULL; -Index: Python-3.13.3/Parser/string_parser.c -=================================================================== ---- Python-3.13.3.orig/Parser/string_parser.c 2025-04-08 13:54:08.000000000 +0000 -+++ Python-3.13.3/Parser/string_parser.c 2025-05-17 07:33:22.005519309 +0000 -@@ -184,15 +184,18 @@ - len = (size_t)(p - buf); - s = buf; - -- const char *first_invalid_escape; -- v = _PyUnicode_DecodeUnicodeEscapeInternal(s, (Py_ssize_t)len, NULL, NULL, &first_invalid_escape); -+ int first_invalid_escape_char; -+ const char *first_invalid_escape_ptr; -+ v = _PyUnicode_DecodeUnicodeEscapeInternal2(s, (Py_ssize_t)len, NULL, NULL, -+ &first_invalid_escape_char, -+ &first_invalid_escape_ptr); - - // HACK: later we can simply pass the line no, since we don't preserve the tokens - // when we are decoding the string but we preserve the line numbers. -- if (v != NULL && first_invalid_escape != NULL && t != NULL) { -- if (warn_invalid_escape_sequence(parser, s, first_invalid_escape, t) < 0) { -- /* We have not decref u before because first_invalid_escape points -- inside u. */ -+ if (v != NULL && first_invalid_escape_ptr != NULL && t != NULL) { -+ if (warn_invalid_escape_sequence(parser, s, first_invalid_escape_ptr, t) < 0) { -+ /* We have not decref u before because first_invalid_escape_ptr -+ points inside u. */ - Py_XDECREF(u); - Py_DECREF(v); - return NULL; -@@ -205,14 +208,17 @@ - static PyObject * - decode_bytes_with_escapes(Parser *p, const char *s, Py_ssize_t len, Token *t) - { -- const char *first_invalid_escape; -- PyObject *result = _PyBytes_DecodeEscape(s, len, NULL, &first_invalid_escape); -+ int first_invalid_escape_char; -+ const char *first_invalid_escape_ptr; -+ PyObject *result = _PyBytes_DecodeEscape2(s, len, NULL, -+ &first_invalid_escape_char, -+ &first_invalid_escape_ptr); - if (result == NULL) { - return NULL; - } - -- if (first_invalid_escape != NULL) { -- if (warn_invalid_escape_sequence(p, s, first_invalid_escape, t) < 0) { -+ if (first_invalid_escape_ptr != NULL) { -+ if (warn_invalid_escape_sequence(p, s, first_invalid_escape_ptr, t) < 0) { - Py_DECREF(result); - return NULL; - } diff --git a/Python-3.13.3.tar.xz b/Python-3.13.3.tar.xz deleted file mode 100644 index 124c035..0000000 --- a/Python-3.13.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041 -size 22654240 diff --git a/Python-3.13.3.tar.xz.sigstore b/Python-3.13.3.tar.xz.sigstore deleted file mode 100644 index 220fba8..0000000 --- a/Python-3.13.3.tar.xz.sigstore +++ /dev/null @@ -1 +0,0 @@ -{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICyjCCAlCgAwIBAgIUW58MW2P+CwyzYzHaIuAK12gGJqIwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwNDA4MTcwOTUwWhcNMjUwNDA4MTcxOTUwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf+cTSQIElx0bw4BYf2qpKSxfUtm3PhehuBcTW3uoM+EnAUOv1pvCmnTteblYdA5s80cFMzvztRCKUCnvBTi+cKOCAW8wggFrMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQU/72Qdhdl1+U/9MdaCnja9KhnRBgwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERdGhvbWFzQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGWFmEv3gAABAMARzBFAiBJV9Vq6+FQfjXs74fcGUOsuBsMdCS1SzabcwCeFgO4UgIhAI1uOTXNb3iARGgglGWmTHeplKpGCHj+9yCPticrd2TrMAoGCCqGSM49BAMDA2gAMGUCMBRlMgfY9hXwAO7OtJpDIecgS9xyghjq/ECzfX12I1rDnF1i9DDr/1AY2SsOpAEW/AIxANwA+iMGDPdrvrp6iQtONa/37WhvKJQ+pglUHcrMcsZobpRHyD7shomq0SkxYA+icg=="}, "tlogEntries": [{"logIndex": "194024100", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1744132190", "inclusionPromise": {"signedEntryTimestamp": "MEQCIGlOwO+ANhog+/QCGrUQpJZ6axA6UaE86sNaN8vNj+QiAiA/7d5r4Em9+T6ZnAoc+BLv2ExsJcG8OCgqJvvF5ZJuxw=="}, "inclusionProof": {"logIndex": "72119838", "rootHash": "WvXJaELSoRtosW8xi2EfnsHoXkmpACSbqywq8TfHR1s=", "treeSize": "72119843", "hashes": ["jgENOnZn6TEf8ylEIYa0JR6FDNY+6ehLszSGwnEMpQU=", "n4F70M6fgFOoXeQXsHA3dWN3ASf9JTc8Z1qQuECW75M=", "RgczeejL0XzzT46BcDe3Z4s9D2QcpqnLv4M8+1//nUY=", "sfHyJ5ybNWBxYHNTEvBl90AOfY+44p++5XzDCBTB5RQ=", "JqDONCapxnE2xLLKg9gRz2xF/70qW/AT/GEk0BrOTw4=", "Kzx15aA9iYz3QmqQyoe03wPppaDYPNVmJeN2J8wCAR4=", "V5ZRP+iiphMoS6raAUPBERnIOeTUs8417+6gSEKM/n4=", "759Ej7PWC5mfI+qe2WSvB/3yyxTCPVUcjobBVnw5UkY=", "thdh10t3YSAkcLudlXJR1SELWGQbnzOa8SAkNLF/CYo=", "BmjRaZPKQ5bVHiwShpJ9cZKgX1rQ4iJrYo2rcEntw0o=", "Wr475nJfgYQLV7M6HuAo4zRJeK0nVZeV5zBNbie9m9U=", "cBeUncMhaAbVvOdQXg7Ev8AuOxlXrF0R/+5x1+5nmIo=", "K26LG80DXyb+bC58c4Nw00WigG52v0PCsZGY3ExGsts=", "WEm5OgPzJpYROv+4CcrieexCYyQKrLUH3hbxmcQQ+DM=", "7v8qPHNDLerpduaMx06eb/MwgoQwczTn/cYGKX/9wZ4="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n72119843\nWvXJaELSoRtosW8xi2EfnsHoXkmpACSbqywq8TfHR1s=\n\n\u2014 rekor.sigstore.dev wNI9ajBEAiAr3CtxLPjTl8zeJINGRTEhV2fchhMWTABj0kKfwmDvMwIgQYxaVBOI8NhmcU1YpPa7KD6770ZIC5invnZfRa/OpiU=\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI0MGY4NjhiY2JkZWI4MTQ5YTMxNDk1ODBiYjliZmQ0MDdiMzMyMWNkNDhmMGJlNjMxYWY5NTVhYzkyYzBlMDQxIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FWUNJUURHbFBQYytoNS9QVm9qaHRnUkdOc3A4NW9iT3d1YkVVVXN6REZWSmE2ZVVRSWhBSnlYVTlWeGNSNHR6WmJyVmtOeDBPMnJvc01xV1lVYXNtMGMxZmlndDFkZSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjVha05EUVd4RFowRjNTVUpCWjBsVlZ6VTRUVmN5VUN0RGQzbDZXWHBJWVVsMVFVc3hNbWRIU25GSmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDVFUVRSTlZHTjNUMVJWZDFkb1kwNU5hbFYzVGtSQk5FMVVZM2hQVkZWM1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZtSzJOVVUxRkpSV3g0TUdKM05FSlpaakp4Y0V0VGVHWlZkRzB6VUdobGFIVkNZMVFLVnpOMWIwMHJSVzVCVlU5Mk1YQjJRMjF1VkhSbFlteFpaRUUxY3pnd1kwWk5lblo2ZEZKRFMxVkRiblpDVkdrclkwdFBRMEZYT0hkblowWnlUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlV2TnpKUkNtUm9aR3d4SzFVdk9VMWtZVU51YW1FNVMyaHVVa0puZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoM1dVUldVakJTUVZGSUwwSkNWWGRGTkVWU1pFZG9kbUpYUm5wUlNFSTFaRWRvZG1KcE5YWmpiV04zUzFGWlMwdDNXVUpDUVVkRWRucEJRZ3BCVVZGaVlVaFNNR05JVFRaTWVUbG9XVEpPZG1SWE5UQmplVFZ1WWpJNWJtSkhWWFZaTWpsMFRVTnpSME5wYzBkQlVWRkNaemM0ZDBGUlowVklVWGRpQ21GSVVqQmpTRTAyVEhrNWFGa3lUblprVnpVd1kzazFibUl5T1c1aVIxVjFXVEk1ZEUxSlIwdENaMjl5UW1kRlJVRmtXalZCWjFGRFFraDNSV1ZuUWpRS1FVaFpRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJRVUZIVjBadFJYWXpaMEZCUWtGTlFRcFNla0pHUVdsQ1NsWTVWbkUySzBaUlptcFljemMwWm1OSFZVOXpkVUp6VFdSRFV6RlRlbUZpWTNkRFpVWm5UelJWWjBsb1FVa3hkVTlVV0U1aU0ybEJDbEpIWjJkc1IxZHRWRWhsY0d4TGNFZERTR29yT1hsRFVIUnBZM0prTWxSeVRVRnZSME5EY1VkVFRUUTVRa0ZOUkVFeVowRk5SMVZEVFVKU2JFMW5abGtLT1doWWQwRlBOMDkwU25CRVNXVmpaMU01ZUhsbmFHcHhMMFZEZW1aWU1USkpNWEpFYmtZeGFUbEVSSEl2TVVGWk1sTnpUM0JCUlZjdlFVbDRRVTUzUVFvcmFVMUhSRkJrY25aeWNEWnBVWFJQVG1Fdk16ZFhhSFpMU2xFcmNHZHNWVWhqY2sxamMxcHZZbkJTU0hsRU4zTm9iMjF4TUZOcmVGbEJLMmxqWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19"}], "timestampVerificationData": {}}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "QPhovL3rgUmjFJWAu5v9QHszIc1I8L5jGvlVrJLA4EE="}, "signature": "MEYCIQDGlPPc+h5/PVojhtgRGNsp85obOwubEUUszDFVJa6eUQIhAJyXU9VxcR4tzZbrVkNx0O2rosMqWYUasm0c1figt1de"}} diff --git a/Python-3.13.4.tar.xz b/Python-3.13.4.tar.xz new file mode 100644 index 0000000..423e749 --- /dev/null +++ b/Python-3.13.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:27b15a797562a2971dce3ffe31bb216042ce0b995b39d768cf15f784cc757365 +size 22672472 diff --git a/Python-3.13.4.tar.xz.sigstore b/Python-3.13.4.tar.xz.sigstore new file mode 100644 index 0000000..ef8d16e --- /dev/null +++ b/Python-3.13.4.tar.xz.sigstore @@ -0,0 +1 @@ +{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICzDCCAlGgAwIBAgIUO5JdWUQQH0AKKhZQ86mzrah+aHgwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwNjAzMTczNDEwWhcNMjUwNjAzMTc0NDEwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgJAyXDyFDJsY+or0M9p1w5KvL3+oZuieOqdDU6Gh9qvOZrWVSvZPOZBGyz/EeUNOJObcOk1IhevZUFhXh5u9NaOCAXAwggFsMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUjB59Lh3csAPMT3DhyuwWeIWhVh0wHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERdGhvbWFzQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGLBgorBgEEAdZ5AgQCBH0EewB5AHcA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGXNtuZFwAABAMASDBGAiEAtNGTM9VDDbVXwR3TgugfGns9nzo6R/JOIkUfJuZ5FaACIQDrA24Mj6a4LegeVBvZ9HFL5FwtoJgaea+ENOuA9dD56zAKBggqhkjOPQQDAwNpADBmAjEAlLDQV+HOGajtbJxtOTRltXbNwUwchium//yOldpEu0FM/H/DbeDD9Un81BRL/rn/AjEAhKsjsB/fwcxcSkF1dXI3gbKJEZIrBVoVv6HKV11BY7qOP84vHOquEOz//N3MZIFC"}, "tlogEntries": [{"logIndex": "228874080", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1748972051", "inclusionPromise": {"signedEntryTimestamp": "MEUCIQDL78XHlNQD+0lTPncrwH+XfGjXGDl3XgDzU2QjFRoqcQIgRkVgEwkUa1tVdGjQWMMUZfY2Dbkzk1JrrcENoIsng/s="}, "inclusionProof": {"logIndex": "106969818", "rootHash": "+h7KA5AELljEYPaFPgSmnZyY0Da3w9hxsf5RPjjvol0=", "treeSize": "106969820", "hashes": ["+wFAYkn4BCFt0K3mtMHu6s8tG6bbKjXsXaHhz1z1xEM=", "8pBLgkVh8zd9pK662U3mjwsxnwg4ZApT/iml+5U4n0E=", "yP7p3olgvk5E8bbyCn5V/xJhQY0z23Y8T3JoBBQzBBc=", "zP7tQ4DpmQptR54rK1PpfdlvfPZBalQEYcdFCrn2W8c=", "Q1gnGCWZvzY0Px0RpNv8hIRPQLEcyGLYhugDpYkxoE4=", "5S2DqBJZbuLio6e9iBmJWALzYi0hcpXFV3Z8ydE2lrA=", "n5MzQvR+waONXmENXriYi92eiz9pa5whuAyHmzyZa9Q=", "S+DrHAWb67kO9sHsAjIJ89A0RLlbeXy6mUvzoKO3dMI=", "JQ9xTJKo/o9IWVV8l4RTm06tpXUcGCeAh8ciAprOIoE=", "pqCD1LoiP58WZ9AfwL1uMRLqmiQQKDHHSdnl+4lB+/0=", "uEJFtwcGQJMd9kjQhkXb7gl2WD3WMElCc15uDFvFGxs=", "VdOKzpQhJlpXgijzXANf/hNlje1G/N1kUuVnKNskkso=", "mta5fH/gFwxJ/0fT8yGpn3sFCY0G1RY555Iflm0LInM=", "7v8qPHNDLerpduaMx06eb/MwgoQwczTn/cYGKX/9wZ4="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n106969820\n+h7KA5AELljEYPaFPgSmnZyY0Da3w9hxsf5RPjjvol0=\n\n\u2014 rekor.sigstore.dev wNI9ajBGAiEAs6seTO9AxVZIS/HmvX1ZRibir/qonYfB+9RAgl/DZB4CIQCq+rKh4xxwYTzpbdg4zDl77noWEK27NCTE0TinoQM+5Q==\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIyN2IxNWE3OTc1NjJhMjk3MWRjZTNmZmUzMWJiMjE2MDQyY2UwYjk5NWIzOWQ3NjhjZjE1Zjc4NGNjNzU3MzY1In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJRU5GcjFleURKbk0xeEdnOWNjaFZPL3poUUhIT0d1VCttTjhVbzZOQWJWVEFpQXBrdFhIRFR4eXZNbUJTWjN6dUFuR0NLNkV0Q0dFdyt1bENUZDk3anVvU3c9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjZSRU5EUVd4SFowRjNTVUpCWjBsVlR6VktaRmRWVVZGSU1FRkxTMmhhVVRnMmJYcHlZV2dyWVVobmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDVxUVhwTlZHTjZUa1JGZDFkb1kwNU5hbFYzVG1wQmVrMVVZekJPUkVWM1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZuU2tGNVdFUjVSa1JLYzFrcmIzSXdUVGx3TVhjMVMzWk1NeXR2V25WcFpVOXhaRVFLVlRaSGFEbHhkazlhY2xkV1UzWmFVRTlhUWtkNWVpOUZaVlZPVDBwUFltTlBhekZKYUdWMldsVkdhRmhvTlhVNVRtRlBRMEZZUVhkblowWnpUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZxUWpVNUNreG9NMk56UVZCTlZETkVhSGwxZDFkbFNWZG9WbWd3ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoM1dVUldVakJTUVZGSUwwSkNWWGRGTkVWU1pFZG9kbUpYUm5wUlNFSTFaRWRvZG1KcE5YWmpiV04zUzFGWlMwdDNXVUpDUVVkRWRucEJRZ3BCVVZGaVlVaFNNR05JVFRaTWVUbG9XVEpPZG1SWE5UQmplVFZ1WWpJNWJtSkhWWFZaTWpsMFRVTnpSME5wYzBkQlVWRkNaemM0ZDBGUlowVklVWGRpQ21GSVVqQmpTRTAyVEhrNWFGa3lUblprVnpVd1kzazFibUl5T1c1aVIxVjFXVEk1ZEUxSlIweENaMjl5UW1kRlJVRmtXalZCWjFGRFFrZ3dSV1YzUWpVS1FVaGpRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJRVUZIV0U1MGRWcEdkMEZCUWtGTlFRcFRSRUpIUVdsRlFYUk9SMVJOT1ZaRVJHSldXSGRTTTFSbmRXZG1SMjV6T1c1NmJ6WlNMMHBQU1d0VlprcDFXalZHWVVGRFNWRkVja0V5TkUxcU5tRTBDa3hsWjJWV1FuWmFPVWhHVERWR2QzUnZTbWRoWldFclJVNVBkVUU1WkVRMU5ucEJTMEpuWjNGb2EycFBVRkZSUkVGM1RuQkJSRUp0UVdwRlFXeE1SRkVLVml0SVQwZGhhblJpU25oMFQxUlNiSFJZWWs1M1ZYZGphR2wxYlM4dmVVOXNaSEJGZFRCR1RTOUlMMFJpWlVSRU9WVnVPREZDVWt3dmNtNHZRV3BGUVFwb1MzTnFjMEl2Wm5kamVHTlRhMFl4WkZoSk0yZGlTMHBGV2tseVFsWnZWblkyU0V0V01URkNXVGR4VDFBNE5IWklUM0YxUlU5Nkx5OU9NMDFhU1VaRENpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19"}], "timestampVerificationData": {}}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "J7FaeXViopcdzj/+MbshYELOC5lbOddozxX3hMx1c2U="}, "signature": "MEQCIENFr1eyDJnM1xGg9cchVO/zhQHHOGuT+mN8Uo6NAbVTAiApktXHDTxyvMmBSZ3zuAnGCK6EtCGEw+ulCTd97juoSw=="}} diff --git a/bpo-31046_ensurepip_honours_prefix.patch b/bpo-31046_ensurepip_honours_prefix.patch index b62eacf..44ed8cc 100644 --- a/bpo-31046_ensurepip_honours_prefix.patch +++ b/bpo-31046_ensurepip_honours_prefix.patch @@ -13,11 +13,9 @@ Co-Authored-By: Xavier de Gaye 5 files changed, 37 insertions(+), 9 deletions(-) create mode 100644 Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst -Index: Python-3.13.3/Doc/library/ensurepip.rst -=================================================================== ---- Python-3.13.3.orig/Doc/library/ensurepip.rst 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Doc/library/ensurepip.rst 2025-04-11 21:54:47.449458319 +0200 -@@ -61,7 +61,11 @@ +--- a/Doc/library/ensurepip.rst ++++ b/Doc/library/ensurepip.rst +@@ -61,7 +61,11 @@ is at least as recent as the one availab By default, ``pip`` is installed into the current virtual environment (if one is active) or into the system site packages (if there is no active virtual environment). The installation location can be controlled @@ -30,7 +28,7 @@ Index: Python-3.13.3/Doc/library/ensurepip.rst .. option:: --root -@@ -102,7 +106,7 @@ +@@ -102,7 +106,7 @@ Module API Returns a string specifying the available version of pip that will be installed when bootstrapping an environment. @@ -39,7 +37,7 @@ Index: Python-3.13.3/Doc/library/ensurepip.rst altinstall=False, default_pip=False, \ verbosity=0) -@@ -112,6 +116,8 @@ +@@ -112,6 +116,8 @@ Module API If *root* is ``None``, then installation uses the default install location for the current environment. @@ -48,7 +46,7 @@ Index: Python-3.13.3/Doc/library/ensurepip.rst *upgrade* indicates whether or not to upgrade an existing installation of an earlier version of ``pip`` to the available version. -@@ -132,6 +138,8 @@ +@@ -132,6 +138,8 @@ Module API *verbosity* controls the level of output to :data:`sys.stdout` from the bootstrapping operation. @@ -57,11 +55,9 @@ Index: Python-3.13.3/Doc/library/ensurepip.rst .. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap .. note:: -Index: Python-3.13.3/Lib/ensurepip/__init__.py -=================================================================== ---- Python-3.13.3.orig/Lib/ensurepip/__init__.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Lib/ensurepip/__init__.py 2025-04-11 21:53:49.548370352 +0200 -@@ -106,27 +106,27 @@ +--- a/Lib/ensurepip/__init__.py ++++ b/Lib/ensurepip/__init__.py +@@ -106,27 +106,27 @@ def _disable_pip_configuration_settings( os.environ['PIP_CONFIG_FILE'] = os.devnull @@ -94,7 +90,7 @@ Index: Python-3.13.3/Lib/ensurepip/__init__.py Note that calling this function will alter both sys.path and os.environ. """ -@@ -162,6 +162,8 @@ +@@ -162,6 +162,8 @@ def _bootstrap(*, root=None, upgrade=Fal args = ["install", "--no-cache-dir", "--no-index", "--find-links", tmpdir] if root: args += ["--root", root] @@ -103,7 +99,7 @@ Index: Python-3.13.3/Lib/ensurepip/__init__.py if upgrade: args += ["--upgrade"] if user: -@@ -238,6 +240,11 @@ +@@ -238,6 +240,11 @@ def _main(argv=None): help="Install everything relative to this alternate root directory.", ) parser.add_argument( @@ -115,7 +111,7 @@ Index: Python-3.13.3/Lib/ensurepip/__init__.py "--altinstall", action="store_true", default=False, -@@ -256,6 +263,7 @@ +@@ -256,6 +263,7 @@ def _main(argv=None): return _bootstrap( root=args.root, @@ -123,11 +119,9 @@ Index: Python-3.13.3/Lib/ensurepip/__init__.py upgrade=args.upgrade, user=args.user, verbosity=args.verbosity, -Index: Python-3.13.3/Lib/test/test_ensurepip.py -=================================================================== ---- Python-3.13.3.orig/Lib/test/test_ensurepip.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Lib/test/test_ensurepip.py 2025-04-11 21:53:49.548691764 +0200 -@@ -101,6 +101,17 @@ +--- a/Lib/test/test_ensurepip.py ++++ b/Lib/test/test_ensurepip.py +@@ -101,6 +101,17 @@ class TestBootstrap(EnsurepipMixin, unit unittest.mock.ANY, ) @@ -145,11 +139,9 @@ Index: Python-3.13.3/Lib/test/test_ensurepip.py def test_bootstrapping_with_user(self): ensurepip.bootstrap(user=True) -Index: Python-3.13.3/Makefile.pre.in -=================================================================== ---- Python-3.13.3.orig/Makefile.pre.in 2025-04-11 21:52:35.635495820 +0200 -+++ Python-3.13.3/Makefile.pre.in 2025-04-11 21:53:49.549094822 +0200 -@@ -2139,7 +2139,7 @@ +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -2145,7 +2145,7 @@ install: @FRAMEWORKINSTALLFIRST@ @INSTAL install|*) ensurepip="" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -158,7 +150,7 @@ Index: Python-3.13.3/Makefile.pre.in fi .PHONY: altinstall -@@ -2150,7 +2150,7 @@ +@@ -2156,7 +2156,7 @@ altinstall: commoninstall install|*) ensurepip="--altinstall" ;; \ esac; \ $(RUNSHARED) $(PYTHON_FOR_BUILD) -m ensurepip \ @@ -167,9 +159,7 @@ Index: Python-3.13.3/Makefile.pre.in fi .PHONY: commoninstall -Index: Python-3.13.3/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ Python-3.13.3/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst 2025-04-11 21:53:49.549612071 +0200 +--- /dev/null ++++ b/Misc/NEWS.d/next/Build/2019-12-16-17-50-42.bpo-31046.XA-Qfr.rst @@ -0,0 +1 @@ +A directory prefix can now be specified when using :mod:`ensurepip`. diff --git a/doc-py38-to-py36.patch b/doc-py38-to-py36.patch index 28a725d..84eec6b 100644 --- a/doc-py38-to-py36.patch +++ b/doc-py38-to-py36.patch @@ -1,18 +1,16 @@ --- - Doc/conf.py | 17 ++++++++-- + Doc/conf.py | 17 ++++++++- Doc/tools/check-warnings.py | 3 + - Doc/tools/extensions/audit_events.py | 54 ++++++++++++++++---------------- + Doc/tools/extensions/audit_events.py | 55 ++++++++++++++++---------------- Doc/tools/extensions/availability.py | 15 ++++---- - Doc/tools/extensions/c_annotations.py | 45 ++++++++++++++++---------- + Doc/tools/extensions/c_annotations.py | 45 +++++++++++++++----------- Doc/tools/extensions/glossary_search.py | 10 +---- Doc/tools/extensions/patchlevel.py | 9 ++--- - 7 files changed, 87 insertions(+), 66 deletions(-) + 7 files changed, 87 insertions(+), 67 deletions(-) -Index: Python-3.13.3/Doc/conf.py -=================================================================== ---- Python-3.13.3.orig/Doc/conf.py 2025-04-11 21:52:28.845065297 +0200 -+++ Python-3.13.3/Doc/conf.py 2025-04-11 21:55:28.065280454 +0200 -@@ -18,6 +18,9 @@ +--- a/Doc/conf.py ++++ b/Doc/conf.py +@@ -18,6 +18,9 @@ sys.path.append(os.path.abspath('include # Python specific content from Doc/Tools/extensions/pyspecific.py from pyspecific import SOURCE_URI @@ -22,7 +20,7 @@ Index: Python-3.13.3/Doc/conf.py # General configuration # --------------------- -@@ -92,7 +95,7 @@ +@@ -92,7 +95,7 @@ highlight_language = 'python3' # Minimum version of sphinx required # Keep this version in sync with ``Doc/requirements.txt``. @@ -31,7 +29,7 @@ Index: Python-3.13.3/Doc/conf.py # Create table of contents entries for domain objects (e.g. functions, classes, # attributes, etc.). Default is True. -@@ -361,7 +364,7 @@ +@@ -360,7 +363,7 @@ html_short_title = f'{release} Documenta # (See .readthedocs.yml and https://docs.readthedocs.io/en/stable/reference/environment-variables.html) is_deployment_preview = os.getenv("READTHEDOCS_VERSION_TYPE") == "external" repository_url = os.getenv("READTHEDOCS_GIT_CLONE_URL", "") @@ -40,7 +38,7 @@ Index: Python-3.13.3/Doc/conf.py html_context = { "is_deployment_preview": is_deployment_preview, "repository_url": repository_url or None, -@@ -606,6 +609,16 @@ +@@ -605,6 +608,16 @@ extlinks = { } extlinks_detect_hardcoded_links = True @@ -57,11 +55,9 @@ Index: Python-3.13.3/Doc/conf.py # Options for c_annotations extension # ----------------------------------- -Index: Python-3.13.3/Doc/tools/check-warnings.py -=================================================================== ---- Python-3.13.3.orig/Doc/tools/check-warnings.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Doc/tools/check-warnings.py 2025-04-11 21:55:11.212002463 +0200 -@@ -228,7 +228,8 @@ +--- a/Doc/tools/check-warnings.py ++++ b/Doc/tools/check-warnings.py +@@ -228,7 +228,8 @@ def fail_if_regression( print(filename) for warning in warnings: if filename in warning: @@ -71,11 +67,9 @@ Index: Python-3.13.3/Doc/tools/check-warnings.py print(" {line}: {msg}".format_map(match)) return -1 return 0 -Index: Python-3.13.3/Doc/tools/extensions/audit_events.py -=================================================================== ---- Python-3.13.3.orig/Doc/tools/extensions/audit_events.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Doc/tools/extensions/audit_events.py 2025-04-11 21:55:11.212275615 +0200 -@@ -1,9 +1,6 @@ +--- a/Doc/tools/extensions/audit_events.py ++++ b/Doc/tools/extensions/audit_events.py +@@ -1,23 +1,18 @@ """Support for documenting audit events.""" -from __future__ import annotations @@ -84,15 +78,16 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py -from typing import TYPE_CHECKING from docutils import nodes ++from typing import Any, List, Tuple from sphinx.errors import NoUri -@@ -12,12 +9,11 @@ + from sphinx.locale import _ as sphinx_gettext + from sphinx.transforms.post_transforms import SphinxPostTransform from sphinx.util import logging from sphinx.util.docutils import SphinxDirective -if TYPE_CHECKING: -- from collections.abc import Iterator -+from typing import Any, List, Tuple - +- from collections.abc import Iterator, Set +- - from sphinx.application import Sphinx - from sphinx.builders import Builder - from sphinx.environment import BuildEnvironment @@ -102,12 +97,12 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py logger = logging.getLogger(__name__) -@@ -32,16 +28,16 @@ +@@ -32,16 +27,16 @@ _SYNONYMS = [ class AuditEvents: def __init__(self) -> None: - self.events: dict[str, list[str]] = {} -- self.sources: dict[str, list[tuple[str, str]]] = {} +- self.sources: dict[str, set[tuple[str, str]]] = {} + self.events: dict[str, List[str]] = {} + self.sources: dict[str, List[Tuple[str, str]]] = {} @@ -123,16 +118,16 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py ) -> None: if name in self.events: self._check_args_match(name, args) -@@ -49,7 +45,7 @@ +@@ -49,7 +44,7 @@ class AuditEvents: self.events[name] = args - self.sources.setdefault(name, []).append(source) + self.sources.setdefault(name, set()).add(source) - def _check_args_match(self, name: str, args: list[str]) -> None: + def _check_args_match(self, name: str, args: List[str]) -> None: current_args = self.events[name] msg = ( f"Mismatched arguments for audit-event {name}: " -@@ -60,7 +56,7 @@ +@@ -60,7 +55,7 @@ class AuditEvents: if len(current_args) != len(args): logger.warning(msg) return @@ -141,16 +136,16 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py if a1 == a2: continue if any(a1 in s and a2 in s for s in _SYNONYMS): -@@ -73,7 +69,7 @@ +@@ -73,7 +68,7 @@ class AuditEvents: name_clean = re.sub(r"\W", "_", name) return f"audit_event_{name_clean}_{source_count}" -- def rows(self) -> Iterator[tuple[str, list[str], list[tuple[str, str]]]]: +- def rows(self) -> Iterator[tuple[str, list[str], Set[tuple[str, str]]]]: + def rows(self) -> Any: for name in sorted(self.events.keys()): yield name, self.events[name], self.sources[name] -@@ -97,7 +93,7 @@ +@@ -97,7 +92,7 @@ def audit_events_purge( def audit_events_merge( app: Sphinx, env: BuildEnvironment, @@ -159,7 +154,7 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py other: BuildEnvironment, ) -> None: """In Sphinx parallel builds, this merges audit_events from subprocesses.""" -@@ -126,14 +122,16 @@ +@@ -126,14 +121,16 @@ class AuditEvent(SphinxDirective): ), ] @@ -182,7 +177,7 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py else: args = [] ids = [] -@@ -169,7 +167,7 @@ +@@ -169,7 +166,7 @@ class audit_event_list(nodes.General, no class AuditEventListDirective(SphinxDirective): @@ -191,7 +186,7 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py return [audit_event_list()] -@@ -181,7 +179,11 @@ +@@ -181,7 +178,11 @@ class AuditEventListTransform(SphinxPost return table = self._make_table(self.app.builder, self.env.docname) @@ -204,21 +199,19 @@ Index: Python-3.13.3/Doc/tools/extensions/audit_events.py node.replace_self(table) def _make_table(self, builder: Builder, docname: str) -> nodes.table: -@@ -217,8 +219,8 @@ +@@ -217,8 +218,8 @@ class AuditEventListTransform(SphinxPost builder: Builder, docname: str, name: str, - args: list[str], -- sources: list[tuple[str, str]], +- sources: Set[tuple[str, str]], + args: List[str], -+ sources: List[Tuple[str, str]], ++ sources: Set[Tuple[str, str]], ) -> nodes.row: row = nodes.row() name_node = nodes.paragraph("", nodes.Text(name)) -Index: Python-3.13.3/Doc/tools/extensions/availability.py -=================================================================== ---- Python-3.13.3.orig/Doc/tools/extensions/availability.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Doc/tools/extensions/availability.py 2025-04-11 21:55:11.212578519 +0200 +--- a/Doc/tools/extensions/availability.py ++++ b/Doc/tools/extensions/availability.py @@ -1,8 +1,6 @@ """Support for documenting platform availability""" @@ -229,7 +222,7 @@ Index: Python-3.13.3/Doc/tools/extensions/availability.py from docutils import nodes from sphinx import addnodes -@@ -55,7 +53,7 @@ +@@ -55,7 +53,7 @@ class Availability(SphinxDirective): optional_arguments = 0 final_argument_whitespace = True @@ -238,7 +231,7 @@ Index: Python-3.13.3/Doc/tools/extensions/availability.py title = sphinx_gettext("Availability") refnode = addnodes.pending_xref( title, -@@ -79,7 +77,7 @@ +@@ -79,7 +77,7 @@ class Availability(SphinxDirective): return [cnode] @@ -247,7 +240,7 @@ Index: Python-3.13.3/Doc/tools/extensions/availability.py """Parse platform information from arguments Arguments is a comma-separated string of platforms. A platform may -@@ -98,12 +96,13 @@ +@@ -98,12 +96,13 @@ class Availability(SphinxDirective): platform, _, version = arg.partition(" >= ") if platform.startswith("not "): version = False @@ -263,7 +256,7 @@ Index: Python-3.13.3/Doc/tools/extensions/availability.py logger.warning( "Unknown platform%s or syntax '%s' in '.. availability:: %s', " "see %s:KNOWN_PLATFORMS for a set of known platforms.", -@@ -116,7 +115,7 @@ +@@ -116,7 +115,7 @@ class Availability(SphinxDirective): return platforms @@ -272,11 +265,9 @@ Index: Python-3.13.3/Doc/tools/extensions/availability.py app.add_directive("availability", Availability) return { -Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py -=================================================================== ---- Python-3.13.3.orig/Doc/tools/extensions/c_annotations.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Doc/tools/extensions/c_annotations.py 2025-04-11 21:55:11.212780990 +0200 -@@ -9,22 +9,18 @@ +--- a/Doc/tools/extensions/c_annotations.py ++++ b/Doc/tools/extensions/c_annotations.py +@@ -9,22 +9,18 @@ Configuration: * Set ``stable_abi_file`` to the path to stable ABI list. """ @@ -302,7 +293,7 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py ROLE_TO_OBJECT_TYPE = { "func": "function", -@@ -35,20 +31,20 @@ +@@ -35,20 +31,20 @@ ROLE_TO_OBJECT_TYPE = { } @@ -327,7 +318,7 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py class StableABIEntry: # Role of the object. # Source: Each [item_kind] in stable_abi.toml is mapped to a C Domain role. -@@ -67,7 +63,7 @@ +@@ -67,7 +63,7 @@ class StableABIEntry: struct_abi_kind: str @@ -336,7 +327,7 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py refcount_data = {} refcounts = refcount_filename.read_text(encoding="utf8") for line in refcounts.splitlines(): -@@ -103,7 +99,7 @@ +@@ -103,7 +99,7 @@ def read_refcount_data(refcount_filename return refcount_data @@ -345,7 +336,7 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py stable_abi_data = {} with open(stable_abi_file, encoding="utf8") as fp: for record in csv.DictReader(fp): -@@ -123,11 +119,14 @@ +@@ -123,11 +119,14 @@ def add_annotations(app: Sphinx, doctree continue if not par[0].get("ids", None): continue @@ -362,7 +353,7 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py if ROLE_TO_OBJECT_TYPE[record.role] != objtype: msg = ( f"Object type mismatch in limited API annotation for {name}: " -@@ -234,7 +233,7 @@ +@@ -234,7 +233,7 @@ def _unstable_api_annotation() -> nodes. ) @@ -371,7 +362,7 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py classes = ["refcount"] if result_refs is None: rc = sphinx_gettext("Return value: Always NULL.") -@@ -254,7 +253,7 @@ +@@ -254,7 +253,7 @@ class LimitedAPIList(SphinxDirective): optional_arguments = 0 final_argument_whitespace = True @@ -380,7 +371,7 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py state = self.env.domaindata["c_annotations"] content = [ f"* :c:{record.role}:`{record.name}`" -@@ -277,13 +276,23 @@ +@@ -277,13 +276,23 @@ def init_annotations(app: Sphinx) -> Non ) @@ -405,10 +396,8 @@ Index: Python-3.13.3/Doc/tools/extensions/c_annotations.py return { "version": "1.0", "parallel_read_safe": True, -Index: Python-3.13.3/Doc/tools/extensions/glossary_search.py -=================================================================== ---- Python-3.13.3.orig/Doc/tools/extensions/glossary_search.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Doc/tools/extensions/glossary_search.py 2025-04-11 21:55:11.212983043 +0200 +--- a/Doc/tools/extensions/glossary_search.py ++++ b/Doc/tools/extensions/glossary_search.py @@ -1,18 +1,14 @@ """Feature search results for glossary items prominently.""" @@ -430,7 +419,7 @@ Index: Python-3.13.3/Doc/tools/extensions/glossary_search.py logger = logging.getLogger(__name__) -@@ -52,7 +48,7 @@ +@@ -52,7 +48,7 @@ def write_glossary_json(app: Sphinx, _ex dest.write_text(json.dumps(app.env.glossary_terms), encoding='utf-8') @@ -439,10 +428,8 @@ Index: Python-3.13.3/Doc/tools/extensions/glossary_search.py app.connect('doctree-resolved', process_glossary_nodes) app.connect('build-finished', write_glossary_json) -Index: Python-3.13.3/Doc/tools/extensions/patchlevel.py -=================================================================== ---- Python-3.13.3.orig/Doc/tools/extensions/patchlevel.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Doc/tools/extensions/patchlevel.py 2025-04-11 21:55:11.213150035 +0200 +--- a/Doc/tools/extensions/patchlevel.py ++++ b/Doc/tools/extensions/patchlevel.py @@ -3,7 +3,7 @@ import re import sys @@ -452,7 +439,7 @@ Index: Python-3.13.3/Doc/tools/extensions/patchlevel.py CPYTHON_ROOT = Path( __file__, # cpython/Doc/tools/extensions/patchlevel.py -@@ -26,7 +26,7 @@ +@@ -26,7 +26,7 @@ class version_info(NamedTuple): # noqa: major: int #: Major release number minor: int #: Minor release number micro: int #: Patch release number @@ -461,7 +448,7 @@ Index: Python-3.13.3/Doc/tools/extensions/patchlevel.py serial: int #: Serial release number -@@ -37,7 +37,8 @@ +@@ -37,7 +37,8 @@ def get_header_version_info() -> version defines = {} patchlevel_h = PATCHLEVEL_H.read_text(encoding="utf-8") for line in patchlevel_h.splitlines(): @@ -471,7 +458,7 @@ Index: Python-3.13.3/Doc/tools/extensions/patchlevel.py name, value = m.groups() defines[name] = value -@@ -50,7 +51,7 @@ +@@ -50,7 +51,7 @@ def get_header_version_info() -> version ) diff --git a/gh-132535-rsrc-warn-test_timeout.patch b/gh-132535-rsrc-warn-test_timeout.patch deleted file mode 100644 index 1dc73a4..0000000 --- a/gh-132535-rsrc-warn-test_timeout.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 0e461dd411e9ec3dbdf376435154ca2834bcab51 Mon Sep 17 00:00:00 2001 -From: Serhiy Storchaka -Date: Wed, 16 Apr 2025 00:24:56 +0300 -Subject: [PATCH] gh-132535: Fix resource warnings in test_timeout - -They were emitted if internet connection was not available. ---- - Lib/test/test_timeout.py | 43 ++++++++++++++++--------------------------- - 1 file changed, 16 insertions(+), 27 deletions(-) - -Index: Python-3.13.3/Lib/test/test_timeout.py -=================================================================== ---- Python-3.13.3.orig/Lib/test/test_timeout.py 2025-04-08 15:54:08.000000000 +0200 -+++ Python-3.13.3/Lib/test/test_timeout.py 2025-04-15 23:45:55.028517897 +0200 -@@ -26,10 +26,8 @@ - """Test case for socket.gettimeout() and socket.settimeout()""" - - def setUp(self): -- self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) -- -- def tearDown(self): -- self.sock.close() -+ self.sock = self.enterContext( -+ socket.socket(socket.AF_INET, socket.SOCK_STREAM)) - - def testObjectCreation(self): - # Test Socket creation -@@ -113,8 +111,6 @@ - def setUp(self): - raise NotImplementedError() - -- tearDown = setUp -- - def _sock_operation(self, count, timeout, method, *args): - """ - Test the specified socket method. -@@ -142,12 +138,10 @@ - """TCP test case for socket.socket() timeout functions""" - - def setUp(self): -- self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) -+ self.sock = self.enterContext( -+ socket.socket(socket.AF_INET, socket.SOCK_STREAM)) - self.addr_remote = resolve_address('www.python.org.', 80) - -- def tearDown(self): -- self.sock.close() -- - def testConnectTimeout(self): - # Testing connect timeout is tricky: we need to have IP connectivity - # to a host that silently drops our packets. We can't simulate this -@@ -190,19 +184,16 @@ - # for the current configuration. - - skip = True -- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) -- timeout = support.LOOPBACK_TIMEOUT -- sock.settimeout(timeout) -- try: -- sock.connect((whitehole)) -- except TimeoutError: -- pass -- except OSError as err: -- if err.errno == errno.ECONNREFUSED: -- skip = False -- finally: -- sock.close() -- del sock -+ with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock: -+ try: -+ timeout = support.LOOPBACK_TIMEOUT -+ sock.settimeout(timeout) -+ sock.connect((whitehole)) -+ except TimeoutError: -+ pass -+ except OSError as err: -+ if err.errno == errno.ECONNREFUSED: -+ skip = False - - if skip: - self.skipTest( -@@ -269,10 +260,8 @@ - """UDP test case for socket.socket() timeout functions""" - - def setUp(self): -- self.sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) -- -- def tearDown(self): -- self.sock.close() -+ self.sock = self.enterContext( -+ socket.socket(socket.AF_INET, socket.SOCK_DGRAM)) - - def testRecvfromTimeout(self): - # Test recvfrom() timeout diff --git a/python-3.3.0b1-fix_date_time_compiler.patch b/python-3.3.0b1-fix_date_time_compiler.patch index 6b739fa..6b7e491 100644 --- a/python-3.3.0b1-fix_date_time_compiler.patch +++ b/python-3.3.0b1-fix_date_time_compiler.patch @@ -4,7 +4,7 @@ --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -1679,11 +1679,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ +@@ -1684,11 +1684,18 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \ $(DTRACE_OBJS) \ $(srcdir)/Modules/getbuildinfo.c $(CC) -c $(PY_CORE_CFLAGS) \ diff --git a/python-3.3.0b1-localpath.patch b/python-3.3.0b1-localpath.patch index 00d6dba..3dffb30 100644 --- a/python-3.3.0b1-localpath.patch +++ b/python-3.3.0b1-localpath.patch @@ -1,9 +1,11 @@ -Index: Python-3.13.0a3/Lib/site.py -=================================================================== ---- Python-3.13.0a3.orig/Lib/site.py -+++ Python-3.13.0a3/Lib/site.py -@@ -77,7 +77,7 @@ import io - import stat +--- + Lib/site.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/Lib/site.py ++++ b/Lib/site.py +@@ -78,7 +78,7 @@ import stat + import errno # Prefixes for site-packages; add additional prefixes like /usr/local here -PREFIXES = [sys.prefix, sys.exec_prefix] diff --git a/python313.changes b/python313.changes index ea04a7f..28ca241 100644 --- a/python313.changes +++ b/python313.changes @@ -1,3 +1,262 @@ +------------------------------------------------------------------- +Mon Jun 9 21:24:09 UTC 2025 - Matej Cepl + +- Update to 3.13.4: + - Security + - gh-135034: Fixes multiple issues that allowed tarfile + extraction filters (filter="data" and filter="tar") to be + bypassed using crafted symlinks and hard links. + Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138 + (bsc#1244059), CVE-2025-4330 (bsc#1244060), and + CVE-2025-4517 (bsc#1244032). + - gh-133767: Fix use-after-free in the “unicode-escape” + decoder with a non-“strict” error handler (CVE-2025-4516, + bsc#1243273). + - gh-128840: Short-circuit the processing of long IPv6 + addresses early in ipaddress to prevent excessive memory + consumption and a minor denial-of-service. + - Library + - gh-134718: ast.dump() now only omits None and [] values if + they are default values. + - gh-128840: Fix parsing long IPv6 addresses with embedded + IPv4 address. + - gh-134696: Built-in HACL* and OpenSSL implementations of + hash function constructors now correctly accept the same + documented named arguments. For instance, md5() could be + previously invoked as md5(data=data) or md5(string=string) + depending on the underlying implementation but these calls + were not compatible. Patch by Bénédikt Tran. + - gh-134210: curses.window.getch() now correctly handles + signals. Patch by Bénédikt Tran. + - gh-80334: multiprocessing.freeze_support() now checks for + work on any “spawn” start method platform rather than only + on Windows. + - gh-114177: Fix asyncio to not close subprocess pipes which + would otherwise error out when the event loop is already + closed. + - gh-134152: Fixed UnboundLocalError that could occur during + email header parsing if an expected trailing delimiter is + missing in some contexts. + - gh-62184: Remove import of C implementation of io.FileIO + from Python implementation which has its own implementation + - gh-133982: Emit RuntimeWarning in the Python implementation + of io when the file-like object is not closed explicitly in + the presence of multiple I/O layers. + - gh-133890: The tarfile module now handles + UnicodeEncodeError in the same way as OSError when cannot + extract a member. + - gh-134097: Fix interaction of the new REPL and -X + showrefcount command line option. + - gh-133889: The generated directory listing page in + http.server.SimpleHTTPRequestHandler now only shows the + decoded path component of the requested URL, and not the + query and fragment. + - gh-134098: Fix handling paths that end with + a percent-encoded slash (%2f or %2F) in + http.server.SimpleHTTPRequestHandler. + - gh-134062: ipaddress: fix collisions in __hash__() for + IPv4Network and IPv6Network objects. + - gh-133745: In 3.13.3 we accidentally changed the signature + of the asyncio create_task() family of methods and how it + calls a custom task factory in a backwards incompatible + way. Since some 3rd party libraries have already made + changes to work around the issue that might break if + we simply reverted the changes, we’re instead changing + things to be backwards compatible with 3.13.2 while still + supporting those workarounds for 3.13.3. In particular, the + special-casing of name and context is back (until 3.14) and + consequently eager tasks may still find that their name + hasn’t been set before they execute their first yielding + await. + - gh-71253: Raise ValueError in open() if opener returns a + negative file-descriptor in the Python implementation of io + to match the C implementation. + - gh-77057: Fix handling of invalid markup declarations in + html.parser.HTMLParser. + - gh-133489: random.getrandbits() can now generate more that + 231 bits. random.randbytes() can now generate more that 256 + MiB. + - gh-133290: Fix attribute caching issue when setting + ctypes._Pointer._type_ in the undocumented and deprecated + ctypes.SetPointerType() function and the undocumented + set_type() method. + - gh-132876: ldexp() on Windows doesn’t round subnormal + results before Windows 11, but should. Python’s + math.ldexp() wrapper now does round them, so results may + change slightly, in rare cases of very small results, on + Windows versions before 11. + - gh-133089: Use original timeout value for + subprocess.TimeoutExpired when the func subprocess.run() + is called with a timeout instead of sometimes a confusing + partial remaining time out value used internally on the + final wait(). + - gh-133009: xml.etree.ElementTree: Fix a crash in + Element.__deepcopy__ when the element is concurrently + mutated. Patch by Bénédikt Tran. + - gh-132995: Bump the version of pip bundled in ensurepip to + version 25.1.1 + - gh-132017: Fix error when pyrepl is suspended, then resumed + and terminated. + - gh-132673: Fix a crash when using _align_ = 0 and _fields_ + = [] in a ctypes.Structure. + - gh-132527: Include the valid typecode ‘w’ in the error + message when an invalid typecode is passed to array.array. + - gh-132439: Fix PyREPL on Windows: characters entered via + AltGr are swallowed. Patch by Chris Eibl. + - gh-132429: Fix support of Bluetooth sockets on NetBSD and + DragonFly BSD. + - gh-132106: QueueListener.start now raises a RuntimeError if + the listener is already started. + - gh-132417: Fix a NULL pointer dereference when a C function + called using ctypes with restype py_object returns NULL. + - gh-132385: Fix instance error suggestions trigger potential + exceptions in object.__getattr__() in traceback. + - gh-132308: A traceback.TracebackException now correctly + renders the __context__ and __cause__ attributes from + falsey Exception, and the exceptions attribute from falsey + ExceptionGroup. + - gh-132250: Fixed the SystemError in cProfile when locating + the actual C function of a method raises an exception. + - gh-132063: Prevent exceptions that evaluate as + falsey (namely, when their __bool__ method returns + False or their __len__ method returns 0) from being + ignored by concurrent.futures.ProcessPoolExecutor and + concurrent.futures.ThreadPoolExecutor. + - gh-119605: Respect follow_wrapped for __init__() and + __new__() methods when getting the class signature for a + class with inspect.signature(). Preserve class signature + after wrapping with warnings.deprecated(). Patch by Xuehai + Pan. + - gh-91555: Ignore log messages generated during handling of + log messages, to avoid deadlock or infinite recursion. + - gh-131434: Improve error reporting for incorrect format in + time.strptime(). + - gh-131127: Systems using LibreSSL now successfully build. + - gh-130999: Avoid exiting the new REPL and offer suggestions + even if there are non-string candidates when errors occur. + - gh-130941: Fix configparser.ConfigParser parsing empty + interpolation with allow_no_value set to True. + - gh-129098: Fix REPL traceback reporting when using + compile() with an inexisting file. Patch by Bénédikt Tran. + - gh-130631: http.cookiejar.join_header_words() is now more + similar to the original Perl version. It now quotes the + same set of characters and always quote values that end + with "\n". + - gh-129719: Fix missing socket.CAN_RAW_ERR_FILTER constant + in the socket module on Linux systems. It was missing since + Python 3.11. + - gh-124096: Turn on virtual terminal mode and enable + bracketed paste in REPL on Windows console. (If the + terminal does not support bracketed paste, enabling it does + nothing.) + - gh-122559: Remove __reduce__() and __reduce_ex__() methods + that always raise TypeError in the C implementation + of io.FileIO, io.BufferedReader, io.BufferedWriter + and io.BufferedRandom and replace them with default + __getstate__() methods that raise TypeError. This restores + fine details of behavior of Python 3.11 and older versions. + - gh-122179: hashlib.file_digest() now raises BlockingIOError + when no data is available during non-blocking I/O. Before, + it added spurious null bytes to the digest. + - gh-86155: html.parser.HTMLParser.close() no longer loses + data when the