- Update to 3.14.0~rc3:

- Tools/Demos
    - gh-137873: The iOS test runner has been simplified,
      resolving some issues that have been observed using
      the runner in GitHub Actions and Azure Pipelines test
      environments.
  - Security
    - gh-135661: Fix CDATA section parsing in
      html.parser.HTMLParser according to the HTML5 standard: ]
      ]> and ]] > no longer end the CDATA section. Add private
      method _set_support_cdata() which can be used to specify
      how to parse <[CDATA[ — as a CDATA section in foreign
      content (SVG or MathML) or as a bogus comment in the HTML
      namespace.
  - Library
    - gh-138998: Update bundled libexpat to 2.7.2
    - gh-118803: Add back collections.abc.ByteString and
      typing.ByteString. Both had been removed in prior alpha,
      beta and release candidates for Python 3.14, but their
      removal has now been postponed to Python 3.17.
    - gh-137226: Fix typing.get_type_hints() calls on generic
      typing.TypedDict classes defined with string annotations.
    - gh-138804: Raise TypeError instead of AttributeError when
      an argument of incorrect type is passed to shlex.quote().
      This restores the behavior of the function prior to 3.14.
    - gh-128636: Fix crash in PyREPL when os.environ is
      overwritten with an invalid value for mac
    - gh-138514: Raise ValueError when a multi-character string
      is passed to the echo_char parameter of getpass.getpass().
      Patch by Benjamin Johnson.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python314?expand=0&rev=99

Python-3.14.0rc2.tar.xz.sigstore

@@ -1 +0,0 @@
-{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICzzCCAlWgAwIBAgIUQEKlmQNoiRh225QSksqkOM8IenYwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwODE0MTYxMzQ5WhcNMjUwODE0MTYyMzQ5WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzLzYWrCTywpp57eT75o3g3u6mOfvUPEMby52aGbaPWs6j4uhVv7mk94AHJ749z2LBWt2TKEEjBsH9JQcSt7+6qOCAXQwggFwMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUIX8DXq8+NzGXp255fluKplNtcZowHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHQYDVR0RAQH/BBMwEYEPaHVnb0BweXRob24ub3JnMCwGCisGAQQBg78wAQEEHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDAuBgorBgEEAYO/MAEIBCAMHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDCBiwYKKwYBBAHWeQIEAgR9BHsAeQB3AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABmKlb6QAAAAQDAEgwRgIhAOpd5jpOMj0+E4zoUZknrn/0le429dCWtvrHqIkUcM3pAiEAyznt+7Rvlhx3bP0EcJe0LCtLO1KW2akdk1VoE2Lb+g4wCgYIKoZIzj0EAwMDaAAwZQIxAOaIcKm8k3VYCA/RFC6KO5i4yoxZLFFhjcydtPYyKetokpzUC5yZKkIRl3hySNaf5QIwKfloit/Poo4P3JOYhjSWK7qIJKF1r/5ZZWnvBpKhURIiFxQx7s9kL01MPCgRUeoa"}, "tlogEntries": [{"logIndex": "394682202", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1755188030", "inclusionPromise": {"signedEntryTimestamp": "MEUCIAavOG9MuKTYRE4q0Fns77HsUjPrRZ1bISheGxlDgbNZAiEA89315EfGt+C+C5GkBDLYMSr6bXkxXzT9PWgE56yVYYk="}, "inclusionProof": {"logIndex": "272777940", "rootHash": "94fZD9GTMc7ctVFYACd2ZmRetfuK9mpq5+VMWJJwmak=", "treeSize": "272777950", "hashes": ["izf5arJPLLyctcMaEwaxxYH8VGWnw9xsgWX3S2WpEV0=", "jARpwTi7gTCzrOOaEjEoCS/kS2bSHKmaNlWm6yut4Yo=", "6sOUCbaiDMXdWNdb4hzsJHyMl1sT3ib1ZC9ztLiug34=", "PNNoFA8l82Dr10vRBqmpGmJ4NBff8yyEzZceO2roeMA=", "xDogK8v4jzKZw6K+weJL+I415z4YGKlaNYbpu4pIHJw=", "RhKVrhK6HuUb1JRqZW25xWciggk7FUc5UKgfyA1w2cI=", "diHzb0EkmL9xXR57YrJSHiTf0lPiHRm1YiCBvr6u+Yk=", "VFCarORkpugC03FeEE1qleQGuDOGuNw1cHLdsQRQNOc=", "SQrQA1o0sqMm1AvDow2P8FTn8h2ANcuz3QfFE1PJuk0=", "TlYW0zjr+tiOJcOsfXER0SPRMMqX0hniotB3gsI+t5o=", "W+k28CiT95aBszrjZFbfyGpEsCOH+n3gc9sBqBw5vqs=", "vS7O4ozHIQZJWBiov+mkpI27GE8zAmVCEkRcP3NDyNE="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n272777950\n94fZD9GTMc7ctVFYACd2ZmRetfuK9mpq5+VMWJJwmak=\n\n\u2014 rekor.sigstore.dev wNI9ajBEAiAPQipm3l7c4F/4rKjw7KOGX//0IM93z657ckzFBHd5TgIgJQscKWLcVlFhrZO7/8E8ywgLhOeDZeu0ltQlEaFFv8g=\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJiYzYyODU0Y2YyMzIzNDViZDIyYzkwOTFhNjg0NjRlMDFlMDU2YzY0NzNhM2ZmZmE4NDU3MmM4YTM0MmRhNjU2In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJQlgvR2hwOG45TUhNTHdCc3lOR2RSZUwwNjFGVFIzb3A2ZmhXTWw2YXQ3L0FpQURtWEtaWXBFNDZqUk1UMTJjYk92cTVHcEZBLzQ1Tzh6MUV2VDRiK3hGRlE9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjZla05EUVd4WFowRjNTVUpCWjBsVlVVVkxiRzFSVG05cFVtZ3lNalZSVTJ0emNXdFBUVGhKWlc1WmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDlFUlRCTlZGbDRUWHBSTlZkb1kwNU5hbFYzVDBSRk1FMVVXWGxOZWxFMVYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVY2VEhwWlYzSkRWSGwzY0hBMU4yVlVOelZ2TTJjemRUWnRUMloyVlZCRlRXSjVOVElLWVVkaVlWQlhjelpxTkhWb1ZuWTNiV3M1TkVGSVNqYzBPWG95VEVKWGRESlVTMFZGYWtKelNEbEtVV05UZERjck5uRlBRMEZZVVhkblowWjNUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZKV0RoRUNsaHhPQ3RPZWtkWWNESTFOV1pzZFV0d2JFNTBZMXB2ZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoUldVUldVakJTUVZGSUwwSkNUWGRGV1VWUVlVaFdibUl3UW5kbFdGSnZZakkwZFdJelNtNU5RM2RIUTJselIwRlJVVUpuTnpoM1FWRkZSUXBJYldnd1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemx6WWpKa2NHSnBPWFpaV0ZZd1lVUkJkVUpuYjNKQ1owVkZRVmxQTDAxQlJVbENRMEZOQ2todGFEQmtTRUo2VDJrNGRsb3liREJoU0ZacFRHMU9kbUpUT1hOaU1tUndZbWs1ZGxsWVZqQmhSRU5DYVhkWlMwdDNXVUpDUVVoWFpWRkpSVUZuVWprS1FraHpRV1ZSUWpOQlRqQTVUVWR5UjNoNFJYbFplR3RsU0Vwc2JrNTNTMmxUYkRZME0ycDVkQzgwWlV0amIwRjJTMlUyVDBGQlFVSnRTMnhpTmxGQlFRcEJRVkZFUVVWbmQxSm5TV2hCVDNCa05XcHdUMDFxTUN0Rk5IcHZWVnByYm5KdUx6QnNaVFF5T1dSRFYzUjJja2h4U1d0VlkwMHpjRUZwUlVGNWVtNTBDaXMzVW5ac2FIZ3pZbEF3UldOS1pUQk1RM1JNVHpGTFZ6SmhhMlJyTVZadlJUSk1ZaXRuTkhkRFoxbEpTMjlhU1hwcU1FVkJkMDFFWVVGQmQxcFJTWGdLUVU5aFNXTkxiVGhyTTFaWlEwRXZVa1pETmt0UE5XazBlVzk0V2t4R1JtaHFZM2xrZEZCWmVVdGxkRzlyY0hwVlF6VjVXa3RyU1ZKc00yaDVVMDVoWmdvMVVVbDNTMlpzYjJsMEwxQnZielJRTTBwUFdXaHFVMWRMTjNGSlNrdEdNWEl2TlZwYVYyNTJRbkJMYUZWU1NXbEdlRkY0TjNNNWEwd3dNVTFRUTJkU0NsVmxiMkVLTFMwdExTMUZUa1FnUTBWU1ZFbEdTVU5CVkVVdExTMHRMUW89In19fX0="}]}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "vGKFTPIyNFvSLJCRpoRk4B4FbGRzo//6hFcsijQtplY="}, "signature": "MEQCIBX/Ghp8n9MHMLwBsyNGdReL061FTR3op6fhWMl6at7/AiADmXKZYpE46jRMT12cbOvq5GpFA/45O8z1EvT4b+xFFQ=="}}

python314.changes

@@ -1,3 +1,89 @@
+-------------------------------------------------------------------
+Thu Sep 18 16:17:21 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
+
+- Update to 3.14.0~rc3:
+  - Tools/Demos
+    - gh-137873: The iOS test runner has been simplified,
+      resolving some issues that have been observed using
+      the runner in GitHub Actions and Azure Pipelines test
+      environments.
+  - Security
+    - gh-135661: Fix CDATA section parsing in
+      html.parser.HTMLParser according to the HTML5 standard: ]
+      ]> and ]] > no longer end the CDATA section. Add private
+      method _set_support_cdata() which can be used to specify
+      how to parse <[CDATA[ — as a CDATA section in foreign
+      content (SVG or MathML) or as a bogus comment in the HTML
+      namespace.
+  - Library
+    - gh-138998: Update bundled libexpat to 2.7.2
+    - gh-118803: Add back collections.abc.ByteString and
+      typing.ByteString. Both had been removed in prior alpha,
+      beta and release candidates for Python 3.14, but their
+      removal has now been postponed to Python 3.17.
+    - gh-137226: Fix typing.get_type_hints() calls on generic
+      typing.TypedDict classes defined with string annotations.
+    - gh-138804: Raise TypeError instead of AttributeError when
+      an argument of incorrect type is passed to shlex.quote().
+      This restores the behavior of the function prior to 3.14.
+    - gh-128636: Fix crash in PyREPL when os.environ is
+      overwritten with an invalid value for mac
+    - gh-138514: Raise ValueError when a multi-character string
+      is passed to the echo_char parameter of getpass.getpass().
+      Patch by Benjamin Johnson.
+    - gh-138515: email is added to Emscripten build.
+    - gh-99948: ctypes.util.find_library() now works in
+      Emscripten build.
+    - gh-138253: Add the block parameter in the put() and
+      get() methods of the concurrent.interpreters queues for
+      compatibility with the queue.Queue interface.
+    - gh-138133: Prevent infinite traceback loop when sending
+      CTRL^C to Python through strace.
+    - gh-134869: Fix an issue where pressing Ctrl+C during tab
+      completion in the REPL would leave the autocompletion menu
+      in a corrupted state.
+    - gh-90548: Fix musl detection for platform.libc_ver() on
+      Alpine Linux if compiled with –strip-all.
+    - gh-136134: SMTP.auth_cram_md5() now raises an SMTPException
+      instead of a ValueError if Python has been built without
+      MD5 support. In particular, SMTP clients will not attempt
+      to use this method even if the remote server is assumed to
+      support it. Patch by Bénédikt Tran.
+    - gh-136134: IMAP4.login_cram_md5 now raises an IMAP4.error
+      if CRAM-MD5 authentication is not supported. Patch by
+      Bénédikt Tran.
+    - gh-134953: Expand _colorize theme with keyword_constant and
+      implement in repl.
+  - Core and Builtins
+    - gh-71810: Raise OverflowError for (-1).to_bytes() for
+      signed conversions when bytes count is zero. Patch by
+      Sergey B Kirpichev.
+    - gh-138192: Fix contextvars initialization so that all
+      subinterpreters are assigned the MISSING value.
+    - gh-138479: Fix a crash when a generic object’s
+      __typing_subst__ returns an object that isn’t a tuple.
+    - gh-138372: Fix SyntaxWarning emitted for erroneous
+      subscript expressions involving template string literals.
+      Patch by Brian Schubert.
+    - gh-138318: The default REPL now avoids highlighting
+      built-in names (for instance set or format()) when they
+      are used as attribute names (for instance in value.set or
+      text.format).
+    - gh-138349: Fix crash in certain cases where a module
+      contains both a module-level annotation and a
+      comprehension.
+    - gh-137384: Fix a crash when using the warnings module in a
+      finalizer at shutdown. Patch by Kumar Aditya.
+    - gh-137883: Fix runaway recursion when calling a function
+      with keyword arguments.
+    - gh-137079: Fix keyword typo recognition when parsing files.
+      Patch by Pablo Galindo.
+    - gh-137728: Fix the JIT’s handling of many local variables.
+      This previously caused a segfault.
+    - gh-137576: Fix for incorrect source code being shown in
+      tracebacks from the Basic REPL when PYTHONSTARTUP is given.
+      Patch by Adam Hartz.
+
 -------------------------------------------------------------------
 Fri Sep 12 07:46:55 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
 

python314.spec

@@ -162,8 +162,8 @@
 # _md5.cpython-38m-x86_64-linux-gnu.so
 %define dynlib() %{sitedir}/lib-dynload/%{1}.cpython-%{abi_tag}-%{archname}-%{_os}%{?_gnu}%{?armsuffix}.so
 Name:           %{python_pkg_name}%{psuffix}
-Version:        3.14.0~rc2
-%define         tarversion 3.14.0rc2
+Version:        3.14.0~rc3
+%define         tarversion 3.14.0rc3
 %define         tarname    Python-%{tarversion}
 Release:        0
 Summary:        Python 3 Interpreter