bpo-42967: [security] Address a web cache-poisoning issue reported in urllib.parse.parse_qsl().
urllib.parse will only us "&" as query string separator by default instead of both ";" and "&" as allowed in earlier versions. An optional argument seperator with default value "&" is added to specify the separator.
Co-authored-by: Éric Araujo <merwok@netwok.org>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
Co-authored-by: Éric Araujo <merwok@netwok.org>
bpo-43172: readline now passes its tests when built against libedit.
Existing irreconcilable API differences remain in readline.get_begidx
and readline.get_endidx behavior based on libreadline vs libedit use.
A note about that has been documented.
In 3.5 (?) a speed optimization made it possible to access members as
attributes of other members, i.e. ``Color.RED.BLUE``. This was always
discouraged in the docs, and other recent optimizations has made that
one no longer necessary. Because some may be relying on it anyway, it
is being deprecated in 3.10, and will be removed in 3.11.
In the case of multiprocessing.synchronize() being missing, the
test_concurrent_futures test suite now skips only the tests that
require multiprocessing.synchronize().
Validate that multiprocessing.synchronize exists as part of
_check_system_limits(), allowing ProcessPoolExecutor to raise
NotImplementedError during __init__, rather than crashing with
ImportError during __init__ when creating a lock imported from
multiprocessing.synchronize.
Use _check_system_limits() to disable tests of
ProcessPoolExecutor on systems without multiprocessing.synchronize.
Running the test suite without multiprocessing.synchronize reveals
that Lib/compileall.py crashes when it uses a ProcessPoolExecutor.
Therefore, change Lib/compileall.py to call _check_system_limits()
before creating the ProcessPoolExecutor.
Note that both Lib/compileall.py and Lib/test/test_compileall.py
were attempting to sanity-check ProcessPoolExecutor by expecting
ImportError. In multiprocessing.resource_tracker, sem_unlink() is also absent
on platforms where POSIX semaphores aren't available. Avoid using
sem_unlink() if it, too, does not exist.
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* Add to the peg generator a new directive ('&&') that allows to expect
a token and hard fail the parsing if the token is not found. This
allows to quickly emmit syntax errors for missing tokens.
* Use the new grammar element to hard-fail if the ':' is missing before
suites.
* bpo-41748: Adds tests for unquoted attributes with comma
* bpo-41748: Handles unquoted attributes with comma
* bpo-41748: Addresses review comments
* bpo-41748: Addresses review comments
* Adds more test cases
* Simplifies the regex for handling spaces
* bpo-41748: Moves attributes tests under the right class
* bpo-41748: Addresses review about duplicate attributes
* bpo-41748: Adds NEWS.d entry for this patch
For back-compatibility, make the new constructor parameter for public classes Function and Class
keyword-only with a default of None.
Co-authored-by: Aviral Srivastava <aviralsrivastava@Avirals-MacBook-Air.local
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Starting stack viewer when user code is running, including when Debugger is active, hangs or crashes IDLE.
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
* bpo-42979: Enhance abstract.c assertions checking slot result
Add _Py_CheckSlotResult() function which fails with a fatal error if
a slot function succeeded with an exception set or failed with no
exception set: write the slot name, the type name and the current
exception (if an exception is set).
* [Enum] only include .rst test if file available
In order to ensure the ReST documentation is up to date for Enum,
use doctest to check it -- but only if the .rst files have not
been stripped.
Flag members are now divided by one-bit verses multi-bit, with multi-bit being treated as aliases. Iterating over a flag only returns the contained single-bit flags.
Iterating, repr(), and str() show members in definition order.
When constructing combined-member flags, any extra integer values are either discarded (CONFORM), turned into ints (EJECT) or treated as errors (STRICT). Flag classes can specify which of those three behaviors is desired:
>>> class Test(Flag, boundary=CONFORM):
... ONE = 1
... TWO = 2
...
>>> Test(5)
<Test.ONE: 1>
Besides the three above behaviors, there is also KEEP, which should not be used unless necessary -- for example, _convert_ specifies KEEP as there are flag sets in the stdlib that are incomplete and/or inconsistent (e.g. ssl.Options). KEEP will, as the name suggests, keep all bits; however, iterating over a flag with extra bits will only return the canonical flags contained, not the extra bits.
Iteration is now in member definition order. If member definition order
matches increasing value order, then a more efficient method of flag
decomposition is used; otherwise, sort() is called on the results of
that method to get definition order.
``re`` module:
repr() has been modified to support as closely as possible its previous
output; the big difference is that inverted flags cannot be output as
before because the inversion operation now always returns the comparable
positive result; i.e.
re.A|re.I|re.M|re.S is ~(re.L|re.U|re.S|re.T|re.DEBUG)
in both of the above terms, the ``value`` is 282.
re's tests have been updated to reflect the modifications to repr().
Lowercase 'tkColorChooser', 'tkFileDialog', 'tkSimpleDialog', and
'tkMessageBox' and remove 'tk'. Just lowercase 'tkFont' as 'font'
is already used. Adjust import.
Add --with-wheel-pkg-dir=PATH option to the ./configure script. If
specified, the ensurepip module looks for setuptools and pip wheel
packages in this directory: if both are present, these wheel packages
are used instead of ensurepip bundled wheel packages.
Some Linux distribution packaging policies recommend against bundling
dependencies. For example, Fedora installs wheel packages in the
/usr/share/python-wheels/ directory and don't install the
ensurepip._bundled package.
ensurepip: Remove unused runpy import.
When stdin is a TTY, the test added in commit c13d89955d
is expected to fail. However, when it failed, it did not close
its file descriptors. This is flagged by the refleak tests (but
only when stdin is a TTY, which doesn't seem to be the case on CI).
The Py_FatalError() function and the faulthandler module now dump the
list of extension modules on a fatal error.
Add _Py_DumpExtensionModules() and _PyModule_IsExtension() internal
functions.
When trying to extract the error line for the error message there
are two distinct cases:
1. The input comes from a file, which means that we can extract the
error line by using `PyErr_ProgramTextObject` and which we already
do.
2. The input does not come from a file, at which point we need to get
the source code from the tokenizer:
* If the tokenizer's current line number is the same with the line
of the error, we get the line from `tok->buf` and we're ready.
* Else, we can extract the error line from the source code in the
following two ways:
* If the input comes from a string we have all the input
in `tok->str` and we can extract the error line from it.
* If the input comes from stdin, i.e. the interactive prompt, we
do not have access to the previous line. That's why a new
field `tok->stdin_content` is added which holds the whole input for the
current (multiline) statement or expression. We can then extract the
error line from `tok->stdin_content` like we do in the string case above.
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
Before, using the * operator to repeat a bytearray would copy data from the start of
the internal buffer (ob_bytes) and not from the start of the actual data (ob_start).
* Mark bytecodes at end of try-except as artificial.
* Make sure that the CFG is consistent throughout optimiization.
* Extend line-number propagation logic so that implicit returns after 'try-except' or 'with' have the correct line numbers.
* Update importlib
`type.__new__` calls `__set_name__` and `__init_subclass__`, which means
that any work metaclasses do after calling `super().__new__()` will not
be available to those two methods. In particular, `Enum` classes that
want to make use of `__init_subclass__` will not see any members.
Almost all customization is therefore moved to before the
`type.__new__()` call, including changing all members to a proto member
descriptor with a `__set_name__` that will do the final conversion of a
member to be an instance of the `Enum` class.
If __repr__ uses instance attributes, as normal, and one steps
through the __init__ method, debugger may try to get repr before
the instance attributes exist. reprlib.repr handles the error.
The distutils bdist_wininst command deprecated in Python 3.8 has been
removed. The distutils bidst_wheel command is now recommended to
distribute binary packages on Windows.
* Remove Lib/distutils/command/bdist_wininst.py
* Remove PC/bdist_wininst/ project
* Remove Lib/distutils/command/wininst-*.exe programs
* Remove all references to bdist_wininst
Convert the 6 CJK codec extension modules (_codecs_cn, _codecs_hk,
_codecs_iso2022, _codecs_jp, _codecs_kr and _codecs_tw) to the
multiphase initialization API (PEP 489).
Remove getmultibytecodec() local cache: always import
_multibytecodec. It should be uncommon to get a codec. For example,
this function is only called once per CJK codec module.
Fix a reference leak in register_maps() error path.
* Add test for frame.f_lineno with/without tracing.
* Make sure that frame.f_lineno is correct regardless of whether frame.f_trace is set.
* Update importlib
* Add NEWS
Ref. [SQLite 3.7.15 changelog](https://sqlite.org/changes.html#version_3_7_15):
_"Avoid invoking the sqlite3_trace() callback multiple times when a statement is automatically reprepared due to SQLITE_SCHEMA errors."_
If __stdout__ is not attached to terminal, try to use __stderr__
if it is attached to terminal, or open the terminal device, or
use regular file as terminal, but some functions will be untested
in the latter case.
Previously this didn't raise an error. Now it will:
```python
from collections.abc import Callable
isinstance(int, list | Callable[..., str])
```
Also added tests in Union since there were previously none for stuff like ``isinstance(list, list | list[int])`` either.
Backport to 3.9 not required.
Automerge-Triggered-By: GH:gvanrossum
* Add test capturing missed expectation with uname_result._replace.
* bpo-42163: Override uname_result._make to allow uname_result._replace to work (for everything but 'processor'.
* Replace hard-coded length with one derived from the definition.
* Add test capturing missed expectation with copy/deepcopy on namedtuple (bpo-42189).
* bpo-42189: Exclude processor parameter when constructing uname_result.
* In _make, rely on __new__ to strip processor.
* Add blurb.
* iter is not necessary here.
* Rely on num_fields in __new__
* Add test for slices on uname
* Add test for copy and pickle.
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* import pickle
* Fix equality test after pickling.
* Simply rely on __reduce__ for pickling.
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
* bpo-42382: In importlib.metadata, `EntryPoint` objects now expose a `.dist` object referencing the `Distribution` when constructed from a `Distribution`.
Also, sync importlib_metadata 3.3:
- Add support for package discovery under package normalization rules.
- The object returned by `metadata()` now has a formally-defined protocol called `PackageMetadata` with declared support for the `.get_all()` method.
* Add blurb
* Remove latent footnote.
When simple query dialogs (tkinter.simpledialog), message boxes
(tkinter.messagebox) or color choose dialog (tkinter.colorchooser)
are created without arguments master and parent, and the default
root window is not yet created, a new temporary hidden root window
will be created automatically. It will not be set as the default root
window and will be destroyed right after closing the dialog window.
It will help to use these simple dialog windows in programs which do
not need other GUI.
Previously, message boxes and color chooser created the blank root
window and left it after closing the dialog window, and query dialogs
just raised an exception.
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
When the modern text= spelling of the universal_newlines= parameter was added
for Python 3.7, check_output's special case around input=None was overlooked.
So it behaved differently with universal_newlines=True vs text=True. This
reconciles the behavior to be consistent and adds a test to guarantee it.
Also clarifies the existing check_output documentation.
Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>
* If parent is specified and mapped, the query widget is
centered at the center of parent. Its position and size
can be corrected so that it fits in the virtual root window.
* Otherwise it is centered at the center of the screen.
Added `__getitem__` for `_CallableGenericAlias` so that it returns a subclass (itself) of `types.GenericAlias` rather than the default behavior of returning a plain `types.GenericAlias`. This fixes `repr` issues occuring after `TypeVar` substitution arising from the previous behavior.
The coding cookie (ex: "# coding: latin1") is now ignored in the
command passed to the -c command line option.
Since pymain_run_command() uses UTF-8, pass PyCF_IGNORE_COOKIE
compiler flag to the parser.
pymain_run_python() no longer propages compiler flags between
function calls.
This was added for (some) Windows buildbots back in 2012, and should
either not be necessary anymore, or it should probably get investigated
why "\*.*" gets added to filenames in the first place.
Ref:
Automerge-Triggered-By: GH:hynek
* Tkinter functions and constructors which need a default root window
raise now RuntimeError with descriptive message instead of obscure
AttributeError or NameError if it is not created yet or cannot
be created automatically.
* Add tests for all functions which use default root window.
* Fix import in the pynche script.
zipimport's _unmarshal_code swallows import errors and then _get_module_code doesn't know the cause of the error, and returns the generic, and sometimes incorrect, 'could not find...'.
Automerge-Triggered-By: GH:brettcannon
* Delete jump instructions that bypass empty blocks
* Add news entry
* Explicitly check for unconditional jump opcodes
Using the is_jump function results in the inclusion of instructions like
returns for which this optimization is not really valid. So, instead
explicitly check that the instruction is an unconditional jump.
* Handle conditional jumps, delete jumps gracefully
* Ensure b_nofallthrough and b_reachable are valid
* Add test for redundant jumps
* Regenerate importlib.h and edit Misc/ACKS
* Fix bad whitespace
test_unix_events.py no longer checks if waitstatus_to_exitcode() mock
has been called or not to make the test more functional, rather than
checking the exact implementation.
* bpo-42644: Validate values in logging.disable()
Technically make the value of manager a property that checks and convert
values assigned to it properly. This has the side effect of making
`logging.disable` also accept strings representing the various level of
warnings.
We want to validate the type of the disable attribute at assignment
time, as it is later compared to other levels when emitting warnings and
would generate a `TypeError: '>=' not supported between ....` in a
different part of the code base, which can make it difficult to track
down.
When assigned an incorrect value; it will raise a TypeError when the
wrong type, or ValueError if an invalid str.
Co-authored-by: Andrew Svetlov <andrew.svetlov@gmail.com>
Enhance test_select.test_select(): it now takes 500 ms rather than 10
seconds.
* Use Python rather than a shell as the child process to make the
test more portable.
* Use a sleep of 50 ms per line rather than 1 second.
* Use subprocess.Popen rather than os.popen().
atexit._run_exitfuncs() now logs callback exceptions using
sys.unraisablehook, rather than logging them directly into
sys.stderr and raising the last exception.
Run GeneralTest of test_atexit in a subprocess since it calls
atexit._clear() which clears all atexit callbacks.
_PyAtExit_Fini() sets state->callbacks to NULL.
* Add run_test_script() function to test.support.script_helper.
* Rename Lib/test/eintrdata/eintr_tester.py to
Lib/test/_test_eintr.py.
* test_eintr.py uses run_test_script().
* Add _PyAtExit_Call() function and remove pyexitfunc and
pyexitmodule members of PyInterpreterState. The function
logs atexit callback errors using _PyErr_WriteUnraisableMsg().
* Add _PyAtExit_Init() and _PyAtExit_Fini() functions.
* Remove traverse, clear and free functions of the atexit module.
Co-authored-by: Dong-hee Na <donghee.na@python.org>
At Python exit, if a callback registered with atexit.register()
fails, its exception is now logged. Previously, only some exceptions
were logged, and the last exception was always silently ignored.
Add _PyAtExit_Call() function and remove
PyInterpreterState.atexit_func member. call_py_exitfuncs() now calls
directly _PyAtExit_Call().
The atexit module must now always be built as a built-in module.
patch, patch.object and create_autospec silently ignore misspelled
arguments such as autospect, auto_spec and set_spec. This can lead
to tests failing to check what they are supposed to check.
This change adds a check causing a RuntimeError if the above
functions get any of the above misspellings as arguments. It also
adds a new argument, "unsafe", which can be set to True to disable
this check.
Also add "!r" to format specifiers in added error messages.
Add positional only args support to lib2to3 pgen2.
This adds 3.8's PEP-570 support to lib2to3's pgen2. lib2to3, while
being deprecated is still used by things to parse all versions of Python
code today. We need it to support parsing modern 3.8 and 3.9 constructs.
Also add tests for complex *expr and **expr's.
This allows easier Enum construction in unusual cases, such as including dynamic member definitions into a class definition:
# created dynamically
foo_defines = {'FOO_CAT': 'aloof', 'BAR_DOG': 'friendly', 'FOO_HORSE': 'big'}
class Foo(Enum):
vars().update({
k: v
for k, v in foo_defines.items()
if k.startswith('FOO_')
})
def upper(self):
# example method
return self.value.upper()
The default for auto() is to return an integer, which doesn't work for `StrEnum`. The new `_generate_next_value_` for `StrEnum` returns the member name, lower cased.
This is a follow-up to
4662fa9bfe.
That original commit expanded guards against misspelling assertions on
mocks. This follow-up updates the documentation and improves the error
message by pointing out the potential cause and solution.
Automerge-Triggered-By: GH:gpshead
When creating an Enum, type.__new__ calls __init_subclass__, but at that point the members have not been added.
This patch suppresses the initial call, then manually calls the ancestor __init_subclass__ before returning the new Enum class.
- Copy existing xxlimited to xxlimited53 (named for the limited API version it uses)
- Build both modules, both in debug and release
- Test both modules
Remove obsolete workaround that prevented running files with
shortcuts when using new universal2 installers built on macOS 11.
Ignore buggy 2nd run_module_event call.
Ken Jin
Adam Goldschmidt
Terry Jan Reedy
Gregory P. Smith
Erlend Egeberg Aasland
Inada Naoki
Pablo Galindo
Ethan Furman
Asheesh Laroia
Raymond Hettinger
Zackery Spytz
Harry
BarneyStratford
Mark Shannon
Karl Dubost
Aviral Srivastava
Yonatan Goldschmidt
Ronald Oussoren
Serhiy Storchaka
Paul Moore
Steve Dower
Victor Stinner
Ken
Andrey Bienkowski
Julien Palard
Anthony Sottile
Cheryl Sabella
Batuhan Taskaya
cptpcrd
Zhiming Wang
Petr Viktorin
Benjamin Peterson
jonanifranco
Setrak Balian
Irit Katriel
Lysandros Nikolaou
Tobias Holl
Hugo van Kemenade
Berker Peksag
Brandt Bucher
Kurochan
Ross
Dong-hee Na
Jason R. Coombs
Brandon Stansbury
Yurii Karabas
Hai Shi
Senthil Kumaran
Desmond Cheong
AMIR
Fernando Toledo
Daniel Hahler
pxinwr
masklinn
Andre Delfino
Richard Kojedzinszky
Max Bernstein
Mike Lei
Chris Jerdonek
Om G
Matthias Bussonnier
E-Paine
vabr-g
Alex Grönholm
Matti Picus