curses.update_lines_cols() is only defined when the curses library
provides either resizeterm() or resize_term() functions which are optional
and are not provided on AIX.
CVE-2021-3426: Remove the "getfile" feature of the pydoc module which
could be abused to read arbitrary files on the disk (directory
traversal vulnerability). Moreover, even source code of Python
modules can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
See [PEP 597](https://www.python.org/dev/peps/pep-0597/).
* Add `-X warn_default_encoding` and `PYTHONWARNDEFAULTENCODING`.
* Add EncodingWarning
* Add io.text_encoding()
* open(), TextIOWrapper() emits EncodingWarning when encoding is omitted and warn_default_encoding is enabled.
* _pyio.TextIOWrapper() uses UTF-8 as fallback default encoding used when failed to import locale module. (used during building Python)
* bz2, configparser, gzip, lzma, pathlib, tempfile modules use io.text_encoding().
* What's new entry
This test checks result code of the connection directly, so it never raises an exception that can be suppressed by `support.transient_internet`. Directly support skipping the test in case of unreachable network.
pprint() gains a new boolean underscore_numbers kwarg to emit
integers with thousands separated by an underscore character
for improved readability (for example 1_000_000 instead of 1000000).
Reduce the number of modules imported by "python3 -m module".
The runpy module no longer imports at startup (in the module body),
but only in functions using it: _get_code_from_file() and run_path().
RegressionTestResult.USE_XML must now be set to True to get the JUnit
XML output.
Reduce the number of imports when --junit-xml=FILE option is not
used: 153 => 144 (-9).
Move clear_caches() from libregrtest.refleak to libregrtest.utils to
avoid importing libregrtest.refleak when it's not needed.
clear_caches() now only calls re.purge() if 're' is in sys.modules.
Reduce the number of modules imported by libregrtest.
saved_test_environment no longer imports modules at startup, but try
to get them from sys.modules. If an module is missing, skip the test.
It also sets directly support.environment_altered.
runtest() now now two saved_test_environment instances: one before
importing the test module, one after importing it.
Remove imports from test.libregrtest.save_env:
* asyncio
* logging
* multiprocessing
* shutil
* sysconfig
* urllib.request
* warnings
When a test method imports a module (ex: warnings) and the test
has a side effect (ex: add a warnings filter), the side effect is not
detected, because the module was not imported when Python
enters the saved_test_environment context manager.
bpo-43420: Implement standard transformations in + - * / that can often reduce the size of intermediate integers needed. For rationals with large components, this can yield dramatic speed improvements, but for small rationals can run 10-20% slower, due to increased fixed overheads in the longer-winded code. If those slowdowns turn out to be a problem, see the PR discussion for low-level implementation tricks that could cut other fixed overheads.
Co-authored-by: Tim Peters <tim.peters@gmail.com>
Co-authored-by: Mark Dickinson <dickinsm@gmail.com>
Stefan Krah requested the reversal of these (unreleased) changes, quoting him:
> The capsule API does not meet my testing standards, since I've focused
on the upstream mpdecimal in the last couple of months.
> Additionally, I'd like to refine the API, perhaps together with the
Arrow community.
Automerge-Triggered-By: GH:pitrou
OpenSSL copies the internal message callback from SSL_CTX->msg_callback to
SSL->msg_callback. SSL_set_SSL_CTX() does not update SSL->msg_callback
to use the callback value of the new context.
PySSL_set_context() now resets the callback and _PySSL_msg_callback()
resets thread state in error path.
Signed-off-by: Christian Heimes <christian@python.org>
Python no longer fails at startup with a fatal error if a command
line argument contains an invalid Unicode character.
The Py_DecodeLocale() function now escapes byte sequences which would
be decoded as Unicode characters outside the [U+0000; U+10ffff]
range.
Use MAX_UNICODE constant in unicodeobject.c.
* bpo-43497: Emit SyntaxWarnings for assertions with tuple constants.
Add a test that shows that a tuple constant (a tuple, where all of its
members are also compile-time constants) produces a SyntaxWarning. Then
fix this failure.
* Make SyntaxWarnings also work when "optimized".
* Split tests for SyntaxWarning to SyntaxError conversion
SyntaxWarnings emitted by the compiler when configured to be errors are
actually raised as SyntaxError exceptions.
Move these tests into their own method and add a test to ensure they are
raised. Previously we only tested that they were not raised for a
"valid" assertion statement.
bpo-43285: Make ftplib not trust the PASV response.
The IPv4 address value returned from the server in response to the PASV command
should not be trusted. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the client network.
Instead of using the returned address, we use the IP address we're
already connected to. This is the strategy other ftp clients adopted,
and matches the only strategy available for the modern IPv6 EPSV command
where the server response must return a port number and nothing else.
For the rare user who _wants_ this ugly behavior, set a `trust_server_pasv_ipv4_address`
attribute on your `ftplib.FTP` instance to True.
* bpo-43428: Sync with importlib_metadata 3.7.3 (16ac3a95)
* Add 'versionadded' for importlib.metadata.packages_distributions
* Add section in what's new for Python 3.10 highlighting most salient changes and relevant backport.
* Fix auth_login logic (bpo-27820)
* Also fix a longstanding bug in the SimSMTPChannel.found_terminator() method that causes inability to test
SMTP AUTH with initial_response_ok=False.
Check to make sure stdout and stderr are not empty before selecting an item from them in Windows subprocess._communicate.
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Fix a race condition of test_stress_modifying_handlers() of
test_signal: only raise signals while we are in the
catch_unraisable_exception() context manager.
Moreover, don't check if we received at least one
signal if at least one signal got ignored.
Added an invalidate_caches() method to the zipimport.zipimporter class based on the implementation of importlib.FileFinder.invalidate_caches(). This was done by adding a get_files() method and an _archive_mtime attribute to zipimport.zipimporter to check for updates or cache invalidation whenever the cache of files and toc entry information in the zipimporter is accessed.
We now buffer the CONNECT request + tunnel HTTP headers into a single
send call. This prevents the OS from generating multiple network
packets for connection setup when not necessary, improving efficiency.
This approach ensures the code matches the interpreter version.
Previously, PYTHON_FOR_REGEN was used to generate the code, which might
be wrong. The marshal format for code objects has changed with
bpo-42246, commit 877df851. Update the code and the expected code sizes
in ctypes test_frozentable.
We can receive signals (at the C level, in `trip_signal()` in signalmodule.c) while `signal.signal` is being called to modify the corresponding handler. Later when `PyErr_CheckSignals()` is called to handle the given signal, the handler may be a non-callable object and would raise a cryptic asynchronous exception.
* Unify behavior in ResourceReaderDefaultsTests and align with the behavior found in importlib_resources.
* Equip NamespaceLoader with a NamespaceReader.
* Apply changes from importlib_resources 5.0.4
The following changes are required:
* add a new platform win-arm64
* replace the emulated compiler executable paths
* bump the linker base addressed as ARM64 requires more memory
this change might not be needed (investigation required)
On Windows 10 ARM64, VS compiler paths look like this:
C:\Program Files (x86)\Microsoft Visual
Studio\2019\Community\VC\Tools\MSVC\14.27.29110\bin\HostX86\ARM64\cl.exe
Note that the cl.exe for ARM64 is an x32 binary, which can run emulated
on Windows 10 ARM64 (it has builtin emulation for x32).
The rc.exe and mc.exe paths have to also be changed, as the initial
discovery has to be fixed.
Work in progress to remove the hardcoded bits and to change the path
query fixes to the proper location.
Automerge-Triggered-By: GH:jaraco
The case of tempfile.tempdir variable being bytes is now handled consistently.
The getters return the right type and no more error of mixing str and bytes unless explicitly caused by the user.
Adds a regression test.
Expands the documentation to clarify the behavior.
Co-authored-by: Eric L <ewl+git@lavar.de>
Co-authored-by: Gregory P. Smith <greg@krypto.org>
Previously, `datetime.strptime` would match `'z'` with the format string `'%z'` (for UTC offsets), throwing an `IndexError` by erroneously trying to parse `'z'` as a timestamp. As a special case, `'%z'` matches the string `'Z'` which is equivalent to the offset `'+00:00'`, however this behavior is not defined for lowercase `'z'`.
This change ensures a `ValueError` is thrown when encountering the original example, as follows:
```
>>> from datetime import datetime
>>> datetime.strptime('z', '%z')
ValueError: time data 'z' does not match format '%z'
```
Automerge-Triggered-By: GH:pganssle
From the commit message:
> When the structure is packed we should always expand when needed,
> otherwise we will add some padding between the fields. This patch makes
> sure we always merge bitfields together. It also changes the field merging
> algorithm so that it handles bitfields correctly.
Automerge-Triggered-By: GH:jaraco
Implement an enhanced variant of Crochemore and Perrin's Two-Way string searching algorithm, which reduces worst-case time from quadratic (the product of the string and pattern lengths) to linear. This applies to forward searches (like``find``, ``index``, ``replace``); the algorithm for reverse searches (like ``rfind``) is not changed.
Co-authored-by: Tim Peters <tim.peters@gmail.com>
Exit code is now 1 instead of 0. A message is printed to stderr instead of stdout. This is
the proper behaviour for a tool that can be used in scripts.
Printing to IDLE's Shell is often slower than printing to a system
terminal, but it can be made faster by pre-formatting a single
string before printing.
When very large data remains in TextIOWrapper, flush() may fail forever.
So prevent that data larger than chunk_size is remained in TextIOWrapper internal
buffer.
Co-Authored-By: Eryk Sun
The types.FunctionType constructor now inherits the current builtins
if the globals dictionary has no "__builtins__" key, rather than
using {"None": None} as builtins: same behavior as eval() and exec()
functions.
Defining a function with "def function(...): ..." in Python is not
affected, globals cannot be overriden with this syntax: it also
inherits the current builtins.
PyFrame_New(), PyEval_EvalCode(), PyEval_EvalCodeEx(),
PyFunction_New() and PyFunction_NewWithQualName() now inherits the
current builtins namespace if the globals dictionary has no
"__builtins__" key.
* Add _PyEval_GetBuiltins() function.
* _PyEval_BuiltinsFromGlobals() now uses _PyEval_GetBuiltins() if
builtins cannot be found in globals.
* Add tstate parameter to _PyEval_BuiltinsFromGlobals().
Expose the new PyFunctionObject.func_builtins member in Python as a
new __builtins__ attribute on functions.
Document also the behavior change in What's New in Python 3.10.
Alex Prengère
Brett Cannon
Grégory Starck
Pablo Galindo
Michael Felt
Jesús Cea
Serhiy Storchaka
Victor Stinner
Inada Naoki
Carl Meyer
Christian Heimes
sblondon
Joshua Bronson
Hai Shi
Sergey B Kirpichev
Antoine Pitrou
Ilya Stepin
Kodi Arfer
Chris Burr
tsukasa-au
Chavdar Yotov
Gregory P. Smith
Mark Shannon
Jason R. Coombs
CAM Gerlach
Kamil Turek
Géry Ogam
Pandu E POLUAN
Chris Griffith
Desmond Cheong
Mariusz Felisiak
Zackery Spytz
Neil Schemenauer
Adrian Vladu
Erlend Egeberg Aasland
Eric L
Ethan Furman
Noor Michael
Nathan Beals
Winson Luk
Peter Donis
Filipe Laíns
Dennis Sweeney
Brandt Bucher
Alex
Ruben Vorderman
Ammar Askar
Florian Bruhin
Felix C. Stegerman
Terry Jan Reedy
Irit Katriel
