Add a few more items
This commit is contained in:
parent
81145c9b1d
commit
11bd81c226
|
@ -722,6 +722,10 @@ Some smaller changes made to the core Python language are:
|
||||||
Integer division is also more accurate in its rounding behaviours. (Also
|
Integer division is also more accurate in its rounding behaviours. (Also
|
||||||
implemented by Mark Dickinson; :issue:`1811`.)
|
implemented by Mark Dickinson; :issue:`1811`.)
|
||||||
|
|
||||||
|
* Implicit coercion for complex numbers has been removed; the interpreter
|
||||||
|
will no longer ever attempt to call a :meth:`__coerce__` method on complex
|
||||||
|
objects. (Removed by Meador Inge and Mark Dickinson; :issue:`5211`.)
|
||||||
|
|
||||||
* The :meth:`str.format` method now supports automatic numbering of the replacement
|
* The :meth:`str.format` method now supports automatic numbering of the replacement
|
||||||
fields. This makes using :meth:`str.format` more closely resemble using
|
fields. This makes using :meth:`str.format` more closely resemble using
|
||||||
``%s`` formatting::
|
``%s`` formatting::
|
||||||
|
@ -1102,6 +1106,10 @@ changes, or look through the Subversion logs for all the details.
|
||||||
statement, has been deprecated, because the :keyword:`with` statement
|
statement, has been deprecated, because the :keyword:`with` statement
|
||||||
now supports multiple context managers.
|
now supports multiple context managers.
|
||||||
|
|
||||||
|
* The :mod:`cookielib` module now ignores cookies that have an invalid
|
||||||
|
version field, one that doesn't contain an integer value. (Fixed by
|
||||||
|
John J. Lee; :issue:`3924`.)
|
||||||
|
|
||||||
* The :mod:`copy` module's :func:`~copy.deepcopy` function will now
|
* The :mod:`copy` module's :func:`~copy.deepcopy` function will now
|
||||||
correctly copy bound instance methods. (Implemented by
|
correctly copy bound instance methods. (Implemented by
|
||||||
Robert Collins; :issue:`1515`.)
|
Robert Collins; :issue:`1515`.)
|
||||||
|
@ -2073,6 +2081,28 @@ Changes to Python's build process and to the C API include:
|
||||||
:cfunc:`PyOS_ascii_strtod` and :cfunc:`PyOS_ascii_atof` functions
|
:cfunc:`PyOS_ascii_strtod` and :cfunc:`PyOS_ascii_atof` functions
|
||||||
are now deprecated.
|
are now deprecated.
|
||||||
|
|
||||||
|
* New function: :cfunc:`PySys_SetArgvEx` sets the value of
|
||||||
|
``sys.argv`` and can optionally update ``sys.path`` to include the
|
||||||
|
directory containing the script named by ``sys.argv[0]`` depending
|
||||||
|
on the value of an *updatepath* parameter.
|
||||||
|
|
||||||
|
This function was added to close a security hole for applications
|
||||||
|
that embed Python. The old function, :cfunc:`PySys_SetArgv`, would
|
||||||
|
always update ``sys.path``, and sometimes it would add the current
|
||||||
|
directory. This meant that, if you ran an application embedding
|
||||||
|
Python in a directory controlled by someone else, attackers could
|
||||||
|
put a Trojan-horse module in the directory (say, a file named
|
||||||
|
:file:`os.py`) that your application would then import and run.
|
||||||
|
|
||||||
|
If you maintain a C/C++ application that embeds Python, check
|
||||||
|
whether you're calling :cfunc:`PySys_SetArgv` and carefully consider
|
||||||
|
whether the application should be using :cfunc:`PySys_SetArgvEx`
|
||||||
|
with *updatepath* set to false.
|
||||||
|
|
||||||
|
Security issue reported as `CVE-2008-5983
|
||||||
|
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983>`_;
|
||||||
|
discussed in :issue:`5753`, and fixed by Antoine Pitrou.
|
||||||
|
|
||||||
* New macros: the Python header files now define the following macros:
|
* New macros: the Python header files now define the following macros:
|
||||||
:cmacro:`Py_ISALNUM`,
|
:cmacro:`Py_ISALNUM`,
|
||||||
:cmacro:`Py_ISALPHA`,
|
:cmacro:`Py_ISALPHA`,
|
||||||
|
@ -2281,6 +2311,10 @@ Other Changes and Fixes
|
||||||
thread switching latency, and IO processing bandwidth when
|
thread switching latency, and IO processing bandwidth when
|
||||||
performing several tasks using a varying number of threads.
|
performing several tasks using a varying number of threads.
|
||||||
|
|
||||||
|
* The :file:`Tools/i18n/msgfmt.py` script now understands plural
|
||||||
|
forms in :file:`.po` files. (Fixed by Martin von Löwis;
|
||||||
|
:issue:`5464`.)
|
||||||
|
|
||||||
* When importing a module from a :file:`.pyc` or :file:`.pyo` file
|
* When importing a module from a :file:`.pyc` or :file:`.pyo` file
|
||||||
with an existing :file:`.py` counterpart, the :attr:`co_filename`
|
with an existing :file:`.py` counterpart, the :attr:`co_filename`
|
||||||
attributes of the resulting code objects are overwritten when the
|
attributes of the resulting code objects are overwritten when the
|
||||||
|
@ -2415,6 +2449,14 @@ For C extensions:
|
||||||
:cfunc:`PyOS_ascii_strtod` and :cfunc:`PyOS_ascii_atof` functions,
|
:cfunc:`PyOS_ascii_strtod` and :cfunc:`PyOS_ascii_atof` functions,
|
||||||
which are now deprecated.
|
which are now deprecated.
|
||||||
|
|
||||||
|
For applications that embed Python:
|
||||||
|
|
||||||
|
* The :cfunc:`PySys_SetArgvEx` function was added, letting
|
||||||
|
applications close a security hole when the existing
|
||||||
|
:cfunc:`PySys_SetArgv` function was used. Check whether you're
|
||||||
|
calling :cfunc:`PySys_SetArgv` and carefully consider whether the
|
||||||
|
application should be using :cfunc:`PySys_SetArgvEx` with
|
||||||
|
*updatepath* set to false.
|
||||||
|
|
||||||
.. ======================================================================
|
.. ======================================================================
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue