![[BACK]](/http/cvsweb.netbsd.org/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / lang / python310
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
*: recursive bump for icu 76 shlib major version bump
*: revbump for icu downgrade
*: recursive bump for icu 76.1 shlib bump
python310 py310-html-docs: updated to 3.10.15 Python 3.10.15 final Windows gh-119690: Fixes data type confusion in audit events raised by _winapi.CreateFile and _winapi.CreateNamedPipe. gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. Tests gh-112769: The tests now correctly compare zlib version when zlib.ZLIB_RUNTIME_VERSION contains non-integer suffixes. For example zlib-ng defines the version as 1.3.0.zlib-ng. gh-117187: Fix XML tests for vanilla Expat <2.6.0. gh-100454: Fix SSL tests CI for OpenSSL 3.1+ Security gh-123678: Upgrade libexpat to 2.6.3 gh-121957: Fixed missing audit events around interactive use of Python, now also properly firing for python -i, as well as for python -m asyncio. The event in question is cpython.run_stdin. gh-122133: Authenticate the socket connection for the socket.socketpair() fallback on platforms where AF_UNIX is not available like Windows. Patch by Gregory P. Smith <[email protected]> and Seth Larson <[email protected]>. Reported by Ellie <[email protected]> gh-121285: Remove backtracking from tarfile header parsing for hdrcharset, PAX, and GNU sparse headers. gh-118486: os.mkdir() on Windows now accepts mode of 0o700 to restrict the new directory to the current user. This fixes CVE-2024-4030 affecting tempfile.mkdtemp() in scenarios where the base temporary directory is more permissive than the default. gh-116741: Update bundled libexpat to 2.6.2 Library gh-123693: Use platform-agnostic behavior when computing zipfile.Path.name. gh-123270: Applied a more surgical fix for malformed payloads in zipfile.Path causing infinite loops (gh-122905) without breaking contents using legitimate characters. gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes by http.cookies. gh-122905: zipfile.Path objects now sanitize names from the zipfile. gh-121650: email headers with embedded newlines are now quoted on output. The generator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650.) gh-113171: Fixed various false positives and false negatives in ipaddress.IPv4Address.is_private (see these docs for details) ipaddress.IPv4Address.is_global ipaddress.IPv6Address.is_private ipaddress.IPv6Address.is_global Also in the corresponding ipaddress.IPv4Network and ipaddress.IPv6Network attributes. gh-102988: email.utils.getaddresses() and email.utils.parseaddr() now return ('', '') 2-tuples in more situations where invalid email addresses are encountered instead of potentially inaccurate values. Add optional strict parameter to these two functions: use strict=False to get the old behavior, accept malformed inputs. getattr(email.utils, 'supports_strict_parsing', False) can be use to check if the strict paramater is available. Patch by Thomas Dwyer and Victor Stinner to improve the CVE-2023-27043 fix. gh-67693: Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with path starting with multiple slashes and no authority. Based on patch by Ashwin Ramaswami. Core and Builtins gh-112275: A deadlock involving pystate.c’s HEAD_LOCK in posixmodule.c at fork is now fixed. Patch by ChuBoning based on previous Python 3.12 fix by Victor Stinner.
revbump after icu and protobuf updates
python310 py310-html-docs: updated to 3.10.14 Python 3.10.14 Security gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() gh-115399: Update bundled libexpat to 2.6.0 gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. gh-113659: Skip .pth files with names starting with a dot or hidden file attribute. Core and Builtins gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004 codecs read out of bounds Library gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. gh-81194: Fix a crash in socket.if_indextoname() with specific value (UINT_MAX). Fix an integer overflow in socket.if_indextoname() on 64-bit non-Windows platforms. gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now raises BadZipFile when try to read an entry that overlaps with other entry or central directory. gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup, which now no longer dereferences symlinks when working around file system permission errors. Documentation gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. Windows gh-111239: Update Windows builds to use zlib v1.3.1. gh-109991: Windows builds now use OpenSSL 1.1.1w. Note that OpenSSL 1.1 has reached its end of life and no future fixes will be made, and this version of Python is no longer receiving maintenance fixes and will not be updated to OpenSSL 3.0. Tools/Demos gh-109991: Update GitHub CI workflows to use OpenSSL 3.0.11 and multissltests to use 1.1.1w, 3.0.11, and 3.1.3.
python39 python310: fix build on Darwin
lang/python3*: Fix cross-build by patching out broken readline crud. Python's setup.py tries to decide whether readline is available by running readelf on the path it thinks it can find to libreadline.so. Since we always use a single static readline/curses choice in Pythin (readline, not editline, with (fake-)ncurses), just patch all that buggy detection goo away. No new maintenance burden because this logic has been ripped out of Python 3.12 anyway. Python 3.8 skipped for now because it doesn't cross-build at the moment anyway -- more work needed to make that happen (and it's not as easy as Python>=3.9 as I recall).
python*: Remove -luuid hack on SunOS. This ends up leaking into the shipped python-config, which wouldn't normally be a problem, but broken build systems such as waf end up linking against libraries that are not buildlinked, resulting in missing libuuid references. If this is still required for builtin libuuid support then that will need to be done in a different way that doesn't end up in the exported libraries.
Revert previous
python: Honour user's choice of readline implementation.
*: recursive bump for icu 74.1
python*: needs wide curses
*: bump for openssl 3
python*: explicitly add --with-system-expat To make sure expat module is linked against expat library. Bump PKGREVISION.
python*: add SUPERSEDES
python*: include some standard modules in the base Python package As proposed on tech-pkg Bump PKGREVISION.
python3*: when linking with pkgsrc gettext, pass -lintl. When linking with builtin gettext, NFCI. Fixes PREFER_PKGSRC=gettext-lib builds on at least NetBSD 9 and 10.
python310: Fix env vars for sysconfig data when cross-compiling. Paves the way to cross-version-compiling (e.g., netbsd9 building packages for netbsd10) and cross-OS-compilation (e.g., macOS building packages for NetBSD).
python: Override sys.platform with PY_PLATNAME when cross-compiling. For this purpose, factor the PY_PLATNAME definition out into a new lang/pythonNN/platname.mk file. It's not the same for 2.x and 3.x; perhaps we could factor it out further into a single 2.x vs 3.x conditional but this is a more mechanical change that makes it easier to audit for now.
lang/python39, 310, 311: Handle TOOLBASE/LOCALBASE split.
python310: updated to 3.10.7 Python 3.10.7 final Security gh-95778: Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This is a mitigation for CVE-2020-10735. This new limit can be configured or disabled by environment variable, command line flag, or sys APIs. See the integer string conversion length limitation documentation. The default limit is 4300 digits in string form. Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson. Core and Builtins gh-96187: Fixed a bug that caused _PyCode_GetExtra to return garbage for negative indexes. Patch by Pablo Galindo gh-95876: Fix format string in _PyPegen_raise_error_known_location that can lead to memory corruption on some 64bit systems. The function was building a tuple with i (int) instead of n (Py_ssize_t) for Py_ssize_t arguments. gh-95605: Fix misleading contents of error message when converting an all-whitespace string to float. gh-93592: coroutine.throw() now properly initializes the frame.f_back when resuming a stack of coroutines. This allows e.g. traceback.print_stack() to work correctly when an exception (such as CancelledError) is thrown into a coroutine. gh-94996: ast.parse() will no longer parse function definitions with positional-only params when passed feature_version less than (3, 8). Patch by Shantanu Jain. Library gh-68163: Correct conversion of numbers.Rational’s to float. gh-96159: Fix a performance regression in logging TimedRotatingFileHandler. Only check for special files when the rollover time has passed. gh-96175: Fix unused localName parameter in the Attr class in xml.dom.minidom. gh-95609: Update bundled pip to 22.2.2. gh-95231: Fail gracefully if EPERM or ENOSYS is raised when loading crypt methods. This may happen when trying to load MD5 on a Linux kernel with FIPS enabled. Documentation gh-96098: Improve discoverability of the higher level concurrent.futures module by providing clearer links from the lower level threading and multiprocessing modules. gh-95789: Update the default RFC base URL from deprecated tools.ietf.org to datatracker.ietf.org gh-91207: Fix stylesheet not working in Windows CHM htmlhelp docs. Contributed by C.A.M. Gerlach. bpo-47115: The documentation now lists which members of C structs are part of the Limited API/Stable ABI. Tests gh-95243: Mitigate the inherent race condition from using find_unused_port() in testSockName() by trying to find an unused port a few times before failing. Patch by Ross Burton. Build gh-94682: Build and test with OpenSSL 1.1.1q IDLE gh-65802: Document handling of extensions in Save As dialogs. gh-95191: Include prompts when saving Shell (interactive input and output).
python310 py310-html-docs: updated to 3.10.6 Python 3.10.6 final Release date: 2022-08-01 Security gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. Vulnerability discovered, and initial fix proposed, by Hamza Avvan. gh-92888: Fix memoryview use after free when accessing the backing buffer in certain cases. Core and Builtins gh-95355: _PyPegen_Parser_New now properly detects token memory allocation errors. Patch by Honglin Zhu. gh-94938: Fix error detection in some builtin functions when keyword argument name is an instance of a str subclass with overloaded __eq__ and __hash__. Previously it could cause SystemError or other undesired behavior. gh-94949: ast.parse() will no longer parse parenthesized context managers when passed feature_version less than (3, 9). Patch by Shantanu Jain. gh-94947: ast.parse() will no longer parse assignment expressions when passed feature_version less than (3, 8). Patch by Shantanu Jain. gh-94869: Fix the column offsets for some expressions in multi-line f-strings ast nodes. Patch by Pablo Galindo. gh-91153: Fix an issue where a bytearray item assignment could crash if it’s resized by the new value’s __index__() method. gh-94329: Compile and run code with unpacking of extremely large sequences (1000s of elements). Such code failed to compile. It now compiles and runs correctly. gh-94360: Fixed a tokenizer crash when reading encoded files with syntax errors from stdin with non utf-8 encoded text. Patch by Pablo Galindo gh-94192: Fix error for dictionary literals with invalid expression as value. gh-93964: Strengthened compiler overflow checks to prevent crashes when compiling very large source files. gh-93671: Fix some exponential backtrace case happening with deeply nested sequence patterns in match statements. Patch by Pablo Galindo gh-93021: Fix the __text_signature__ for __get__() methods implemented in C. Patch by Jelle Zijlstra. gh-92930: Fixed a crash in _pickle.c from mutating collections during __reduce__ or persistent_id. gh-92914: Always round the allocated size for lists up to the nearest even number. gh-92858: Improve error message for some suites with syntax error before ‘:’ Library gh-95339: Update bundled pip to 22.2.1. gh-95045: Fix GC crash when deallocating _lsprof.Profiler by untracking it before calling any callbacks. Patch by Kumar Aditya. gh-95087: Fix IndexError in parsing invalid date in the email module. gh-95199: Upgrade bundled setuptools to 63.2.0. gh-95194: Upgrade bundled pip to 22.2. gh-93899: Fix check for existence of os.EFD_CLOEXEC, os.EFD_NONBLOCK and os.EFD_SEMAPHORE flags on older kernel versions where these flags are not present. Patch by Kumar Aditya. gh-95166: Fix concurrent.futures.Executor.map() to cancel the currently waiting on future on an error - e.g. TimeoutError or KeyboardInterrupt. gh-93157: Fix fileinput module didn’t support errors option when inplace is true. gh-94821: Fix binding of unix socket to empty address on Linux to use an available address from the abstract namespace, instead of “0”. gh-94736: Fix crash when deallocating an instance of a subclass of _multiprocessing.SemLock. Patch by Kumar Aditya. gh-94637: SSLContext.set_default_verify_paths() now releases the GIL around SSL_CTX_set_default_verify_paths call. The function call performs I/O and CPU intensive work. gh-94510: Re-entrant calls to sys.setprofile() and sys.settrace() now raise RuntimeError. Patch by Pablo Galindo. gh-92336: Fix bug where linecache.getline() fails on bad files with UnicodeDecodeError or SyntaxError. It now returns an empty string as per the documentation. gh-89988: Fix memory leak in pickle.Pickler when looking up dispatch_table. Patch by Kumar Aditya. gh-94254: Fixed types of struct module to be immutable. Patch by Kumar Aditya. gh-94245: Fix pickling and copying of typing.Tuple[()]. gh-94207: Made _struct.Struct GC-tracked in order to fix a reference leak in the _struct module. gh-94101: Manual instantiation of ssl.SSLSession objects is no longer allowed as it lead to misconfigured instances that crashed the interpreter when attributes where accessed on them. gh-84753: inspect.iscoroutinefunction(), inspect.isgeneratorfunction(), and inspect.isasyncgenfunction() now properly return True for duck-typed function-like objects like instances of unittest.mock.AsyncMock. This makes inspect.iscoroutinefunction() consistent with the behavior of asyncio.iscoroutinefunction(). Patch by Mehdi ABAAKOUK. gh-83499: Fix double closing of file description in tempfile. gh-79512: Fixed names and __module__ value of weakref classes ReferenceType, ProxyType, CallableProxyType. It makes them pickleable. gh-90494: copy.copy() and copy.deepcopy() now always raise a TypeError if __reduce__() returns a tuple with length 6 instead of silently ignore the 6th item or produce incorrect result. gh-90549: Fix a multiprocessing bug where a global named resource (such as a semaphore) could leak when a child process is spawned (as opposed to forked). gh-79579: sqlite3 now correctly detects DML queries with leading comments. Patch by Erlend E. Aasland. gh-93421: Update sqlite3.Cursor.rowcount when a DML statement has run to completion. This fixes the row count for SQL queries like UPDATE ... RETURNING. Patch by Erlend E. Aasland. gh-91810: Suppress writing an XML declaration in open files in ElementTree.write() with encoding='unicode' and xml_declaration=None. gh-93353: Fix the importlib.resources.as_file() context manager to remove the temporary file if destroyed late during Python finalization: keep a local reference to the os.remove() function. Patch by Victor Stinner. gh-83658: Make multiprocessing.Pool raise an exception if maxtasksperchild is not None or a positive int. gh-74696: shutil.make_archive() no longer temporarily changes the current working directory during creation of standard .zip or tar archives. gh-91577: Move imports in SharedMemory methods to module level so that they can be executed late in python finalization. bpo-47231: Fixed an issue with inconsistent trailing slashes in tarfile longname directories. bpo-46755: In QueueHandler, clear stack_info from LogRecord to prevent stack trace from being written twice. bpo-46053: Fix OSS audio support on NetBSD. bpo-46197: Fix ensurepip environment isolation for subprocess running pip. bpo-45924: Fix asyncio incorrect traceback when future’s exception is raised multiple times. Patch by Kumar Aditya. bpo-34828: sqlite3.Connection.iterdump() now handles databases that use AUTOINCREMENT in one or more tables. Documentation gh-94321: Document the PEP 246 style protocol type sqlite3.PrepareProtocol. gh-86128: Document a limitation in ThreadPoolExecutor where its exit handler is executed before any handlers in atexit. gh-61162: Clarify sqlite3 behavior when Using the connection as a context manager. gh-87260: Align sqlite3 argument specs with the actual implementation. gh-86986: The minimum Sphinx version required to build the documentation is now 3.2. gh-88831: Augmented documentation of asyncio.create_task(). Clarified the need to keep strong references to tasks and added a code snippet detailing how to to this. bpo-47161: Document that pathlib.PurePath does not collapse initial double slashes because they denote UNC paths. Tests gh-95280: Fix problem with test_ssl test_get_ciphers on systems that require perfect forward secrecy (PFS) ciphers. gh-95212: Make multiprocessing test case test_shared_memory_recreate parallel-safe. gh-91330: Added more tests for dataclasses to cover behavior with data descriptor-based fields. # Write your Misc/NEWS entry below. It should be a simple ReST paragraph. # Don’t start with “- Issue #<n>: ” or “- gh-issue-<n>: ” or that sort of stuff. ########################################################################### gh-94208: test_ssl is now checking for supported TLS version and protocols in more tests. gh-93951: In test_bdb.StateTestCase.test_skip, avoid including auxiliary importers. gh-93957: Provide nicer error reporting from subprocesses in test_venv.EnsurePipTest.test_with_pip. gh-57539: Increase calendar test coverage for calendar.LocaleTextCalendar.formatweekday(). gh-92886: Fixing tests that fail when running with optimizations (-O) in test_zipimport.py bpo-47016: Create a GitHub Actions workflow for verifying bundled pip and setuptools. Patch by Illia Volochii and Adam Turner. Build gh-94841: Fix the possible performance regression of PyObject_Free() compiled with MSVC version 1932. bpo-45816: Python now supports building with Visual Studio 2022 (MSVC v143, VS Version 17.0). Patch by Jeremiah Vivian. Windows gh-90844: Allow virtual environments to correctly launch when they have spaces in the path. gh-92841: asyncio no longer throws RuntimeError: Event loop is closed on interpreter exit after asynchronous socket activity. Patch by Oleg Iarygin. bpo-42658: Support native Windows case-insensitive path comparisons by using LCMapStringEx instead of str.lower() in ntpath.normcase(). Add LCMapStringEx to the _winapi module. IDLE gh-95511: Fix the Shell context menu copy-with-prompts bug of copying an extra line when one selects whole lines. gh-95471: In the Edit menu, move Select All and add a new separator. gh-95411: Enable using IDLE’s module browser with .pyw files. gh-89610: Add .pyi as a recognized extension for IDLE on macOS. This allows opening stub files by double clicking on them in the Finder. Tools/Demos gh-94538: Fix Argument Clinic output to custom file destinations. Patch by Erlend E. Aasland. gh-94430: Allow parameters named module and self with custom C names in Argument Clinic. Patch by Erlend E. Aasland C API gh-94930: Fix SystemError raised when PyArg_ParseTupleAndKeywords() is used with # in (...) but without PY_SSIZE_T_CLEAN defined. gh-94864: Fix PyArg_Parse* with deprecated format units “u” and “Z”. It returned 1 (success) when warnings are turned into exceptions.
*: Revbump packages that use Python at runtime without a PKGNAME prefix
lang/python310: Make it cross-compile.
python310 py310-html-docs: updated to 3.10.3 Python 3.10.3 final Core and Builtins bpo-46940: Avoid overriding AttributeError metadata information for nested attribute access calls. Patch by Pablo Galindo. bpo-46852: Rename the private undocumented float.__set_format__() method to float.__setformat__() to fix a typo introduced in Python 3.7. The method is only used by test_float. Patch by Victor Stinner. bpo-46794: Bump up the libexpat version into 2.4.6 bpo-46820: Fix parsing a numeric literal immediately (without spaces) followed by “not in” keywords, like in 1not in x. Now the parser only emits a warning, not a syntax error. bpo-46762: Fix an assert failure in debug builds when a ‘<’, ‘>’, or ‘=’ is the last character in an f-string that’s missing a closing right brace. bpo-46724: Make sure that all backwards jumps use the JUMP_ABSOLUTE instruction, rather than JUMP_FORWARD with an argument of (2**32)+offset. bpo-46732: Correct the docstring for the __bool__() method. Patch by Jelle Zijlstra. bpo-46707: Avoid potential exponential backtracking when producing some syntax errors involving lots of brackets. Patch by Pablo Galindo. bpo-40479: Add a missing call to va_end() in Modules/_hashopenssl.c. bpo-46615: When iterating over sets internally in setobject.c, acquire strong references to the resulting items from the set. This prevents crashes in corner-cases of various set operations where the set gets mutated. bpo-45773: Remove two invalid “peephole” optimizations from the bytecode compiler. bpo-43721: Fix docstrings of getter, setter, and deleter to clarify that they create a new copy of the property. bpo-46503: Fix an assert when parsing some invalid N escape sequences in f-strings. bpo-46417: Fix a race condition on setting a type __bases__ attribute: the internal function add_subclass() now gets the PyTypeObject.tp_subclasses member after calling PyWeakref_NewRef() which can trigger a garbage collection which can indirectly modify PyTypeObject.tp_subclasses. Patch by Victor Stinner. bpo-46383: Fix invalid signature of _zoneinfo’s module_free function to resolve a crash on wasm32-emscripten platform. bpo-46070: Py_EndInterpreter() now explicitly untracks all objects currently tracked by the GC. Previously, if an object was used later by another interpreter, calling PyObject_GC_UnTrack() on the object crashed if the previous or the next object of the PyGC_Head structure became a dangling pointer. Patch by Victor Stinner. bpo-46339: Fix a crash in the parser when retrieving the error text for multi-line f-strings expressions that do not start in the first line of the string. Patch by Pablo Galindo bpo-46240: Correct the error message for unclosed parentheses when the tokenizer doesn’t reach the end of the source when the error is reported. Patch by Pablo Galindo bpo-46091: Correctly calculate indentation levels for lines with whitespace character that are ended by line continuation characters. Patch by Pablo Galindo Library bpo-43253: Fix a crash when closing transports where the underlying socket handle is already invalid on the Proactor event loop. bpo-47004: Apply bugfixes from importlib_metadata 4.11.3, including bugfix for EntryPoint.extras, which was returning match objects and not the extras strings. bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4) bpo-46968: faulthandler: On Linux 5.14 and newer, dynamically determine size of signal handler stack size CPython allocates using getauxval(AT_MINSIGSTKSZ). This changes allows for Python extension’s request to Linux kernel to use AMX_TILE instruction set on Sapphire Rapids Xeon processor to succeed, unblocking use of the ISA in frameworks. bpo-46955: Expose asyncio.base_events.Server as asyncio.Server. Patch by Stefan Zabka. bpo-23325: The signal module no longer assumes that SIG_IGN and SIG_DFL are small int singletons. bpo-46932: Update bundled libexpat to 2.4.7 bpo-25707: Fixed a file leak in xml.etree.ElementTree.iterparse() when the iterator is not exhausted. Patch by Jacob Walls. bpo-44886: Inherit asyncio proactor datagram transport from asyncio.DatagramTransport. bpo-46827: Support UDP sockets in asyncio.loop.sock_connect() for selector-based event loops. Patch by Thomas Grainger. bpo-46811: Make test suite support Expat >=2.4.5 bpo-46252: Raise TypeError if ssl.SSLSocket is passed to transport-based APIs. bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python. bpo-39327: shutil.rmtree() can now work with VirtualBox shared folders when running from the guest operating-system. bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo. bpo-46643: In typing.get_type_hints(), support evaluating stringified ParamSpecArgs and ParamSpecKwargs annotations. Patch by Gregory Beauregard. bpo-45863: When the tarfile module creates a pax format archive, it will put an integer representation of timestamps in the ustar header (if possible) for the benefit of older unarchivers, in addition to the existing full-precision timestamps in the pax extended header. bpo-46676: Make typing.ParamSpec args and kwargs equal to themselves. Patch by Gregory Beauregard. bpo-46672: Fix NameError in asyncio.gather() when initial type check fails. bpo-46655: In typing.get_type_hints(), support evaluating bare stringified TypeAlias annotations. Patch by Gregory Beauregard. bpo-45948: Fixed a discrepancy in the C implementation of the xml.etree.ElementTree module. Now, instantiating an xml.etree.ElementTree.XMLParser with a target=None keyword provides a default xml.etree.ElementTree.TreeBuilder target as the Python implementation does. bpo-46521: Fix a bug in the codeop module that was incorrectly identifying invalid code involving string quotes as valid code. bpo-46581: Brings ParamSpec propagation for GenericAlias in line with Concatenate (and others). bpo-46591: Make the IDLE doc URL on the About IDLE dialog clickable. bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4 bpo-46487: Add the get_write_buffer_limits method to asyncio.transports.WriteTransport and to the SSL transport. bpo-45173: Note the configparser deprecations will be removed in Python 3.12. bpo-46539: In typing.get_type_hints(), support evaluating stringified ClassVar and Final annotations inside Annotated. Patch by Gregory Beauregard. bpo-46491: Allow typing.Annotated to wrap typing.Final and typing.ClassVar. Patch by Gregory Beauregard. bpo-46436: Fix command-line option -d/--directory in module http.server which is ignored when combined with command-line option --cgi. Patch by Géry Ogam. bpo-41403: Make mock.patch() raise a TypeError with a relevant error message on invalid arg. Previously it allowed a cryptic AttributeError to escape. bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by limiting ambiguity in consecutive whitespace. bpo-46469: asyncio generic classes now return types.GenericAlias in __class_getitem__ instead of the same class. bpo-46434: pdb now gracefully handles help when __doc__ is missing, for example when run with pregenerated optimized .pyc files. bpo-46333: The __eq__() and __hash__() methods of typing.ForwardRef now honor the module parameter of typing.ForwardRef. Forward references from different modules are now differentiated. bpo-46246: Add missing __slots__ to importlib.metadata.DeprecatedList. Patch by Arie Bovenberg. bpo-46266: Improve day constants in calendar. Now all constants (MONDAY … SUNDAY) are documented, tested, and added to __all__. bpo-46232: The ssl module now handles certificates with bit strings in DN correctly. bpo-43118: Fix a bug in inspect.signature() that was causing it to fail on some subclasses of classes with a __text_signature__ referencing module globals. Patch by Weipeng Hong. bpo-26552: Fixed case where failing asyncio.ensure_future() did not close the coroutine. Patch by Kumar Aditya. bpo-21987: Fix an issue with tarfile.TarFile.getmember() getting a directory name with a trailing slash. bpo-20392: Fix inconsistency with uppercase file extensions in MimeTypes.guess_type(). Patch by Kumar Aditya. bpo-46080: Fix exception in argparse help text generation if a argparse.BooleanOptionalAction argument’s default is argparse.SUPPRESS and it has help specified. Patch by Felix Fontein. bpo-44439: Fix .write() method of a member file in ZipFile, when the input data is an object that supports the buffer protocol, the file length may be wrong. bpo-45703: When a namespace package is imported before another module from the same namespace is created/installed in a different sys.path location while the program is running, calling the importlib.invalidate_caches() function will now also guarantee the new module is noticed. bpo-24959: Fix bug where unittest sometimes drops frames from tracebacks of exceptions raised in tests. bpo-44791: Fix substitution of ParamSpec in Concatenate with different parameter expressions. Substitution with a list of types returns now a tuple of types. Substitution with Concatenate returns now a Concatenate with concatenated lists of arguments. bpo-14156: argparse.FileType now supports an argument of ‘-’ in binary mode, returning the .buffer attribute of sys.stdin/sys.stdout as appropriate. Modes including ‘x’ and ‘a’ are treated equivalently to ‘w’ when argument is ‘-’. Patch contributed by Josh Rosenberg Documentation bpo-46463: Fixes escape4chm.py script used when building the CHM documentation file Tests bpo-46913: Fix test_faulthandler.test_sigfpe() if Python is built with undefined behavior sanitizer (UBSAN): disable UBSAN on the faulthandler_sigfpe() function. Patch by Victor Stinner. bpo-46708: Prevent default asyncio event loop policy modification warning after test_asyncio execution. bpo-46678: The function make_legacy_pyc in Lib/test/support/import_helper.py no longer fails when PYTHONPYCACHEPREFIX is set to a directory on a different device from where tempfiles are stored. bpo-46616: Ensures test_importlib.test_windows cleans up registry keys after completion. bpo-44359: test_ftplib now silently ignores socket errors to prevent logging unhandled threading exceptions. Patch by Victor Stinner. bpo-46542: Fix a Python crash in test_lib2to3 when using Python built in debug mode: limit the recursion limit. Patch by Victor Stinner. bpo-46576: test_peg_generator now disables compiler optimization when testing compilation of its own C extensions to significantly speed up the testing on non-debug builds of CPython. bpo-46542: Fix test_json tests checking for RecursionError: modify these tests to use support.infinite_recursion(). Patch by Victor Stinner. bpo-13886: Skip test_builtin PTY tests on non-ASCII characters if the readline module is loaded. The readline module changes input() behavior, but test_builtin is not intented to test the readline module. Patch by Victor Stinner. Build bpo-47032: Ensure Windows install builds fail correctly with a non-zero exit code when part of the build fails. bpo-47024: Update OpenSSL to 1.1.1n for macOS installers and all Windows builds. bpo-38472: Fix GCC detection in setup.py when cross-compiling. The C compiler is now run with LC_ALL=C. Previously, the detection failed with a German locale. bpo-46513: configure no longer uses AC_C_CHAR_UNSIGNED macro and pyconfig.h no longer defines reserved symbol __CHAR_UNSIGNED__. bpo-45925: Update Windows installer to use SQLite 3.37.2. Windows bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900 bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired. bpo-46638: Ensures registry virtualization is consistently disabled. For 3.10 and earlier, it remains enabled (some registry writes are protected), while for 3.11 and later it is disabled (registry modifications affect all applications). macOS bpo-45925: Update macOS installer to SQLite 3.37.2. IDLE bpo-46630: Make query dialogs on Windows start with a cursor in the entry box. bpo-45296: Clarify close, quit, and exit in IDLE. In the File menu, ‘Close’ and ‘Exit’ are now ‘Close Window’ (the current one) and ‘Exit’ is now ‘Exit IDLE’ (by closing all windows). In Shell, ‘quit()’ and ‘exit()’ mean ‘close Shell’. If there are no other windows, this also exits IDLE. bpo-45447: Apply IDLE syntax highlighting to pyi files. Patch by Alex Waygood and Terry Jan Reedy. C API bpo-46433: The internal function _PyType_GetModuleByDef now correctly handles inheritance patterns involving static types. bpo-14916: Fixed bug in the tokenizer that prevented PyRun_InteractiveOne from parsing from the provided FD.
According to the noted issue, the compiler to avoid is llvm-gcc-4.2, which means 11.x and 12.x according to mk/platform/Darwin.mk. On 10.x (i386 Snow Leopard Server, at least), no problem with the system gcc. Adjust the scope of the workaround to match.
python3*: Switch to CFLAGS, CPPFLAGS is ignored. Fixes build on SmartOS.
python3*: Add REPLACE_SH, from pekdon via IRC.
python310: Solaris 10 fixes, from pekdon via IRC.
python310 py310-html-docs: updated to 3.10.2 Python 3.10.2 final Core and Builtins bpo-46347: Fix memory leak in PyEval_EvalCodeEx. bpo-46289: ASDL declaration of FormattedValue has changed to reflect conversion field is not optional. bpo-46237: Fix the line number of tokenizer errors inside f-strings. Patch by Pablo Galindo. bpo-46006: Fix a regression when a type method like __init__() is modified in a subinterpreter. Fix a regression in _PyUnicode_EqualToASCIIId() and type update_slot(). Revert the change which made the Unicode dictionary of interned strings compatible with subinterpreters: the internal interned dictionary is shared again by all interpreters. Patch by Victor Stinner. bpo-46085: Fix iterator cache mechanism of OrderedDict. bpo-46110: Add a maximum recursion check to the PEG parser to avoid stack overflow. Patch by Pablo Galindo bpo-46054: Fix parser error when parsing non-utf8 characters in source files. Patch by Pablo Galindo. bpo-46042: Improve the location of the caret in SyntaxError exceptions emitted by the symbol table. Patch by Pablo Galindo. bpo-46025: Fix a crash in the atexit module involving functions that unregister themselves before raising exceptions. Patch by Pablo Galindo. bpo-46009: Restore behavior from 3.9 and earlier when sending non-None to newly started generator. In 3.9 this did not affect the state of the generator. In 3.10.0 and 3.10.1 gen_func().send(0) is equivalent to gen_func().throw(TypeError(...) which exhausts the generator. In 3.10.2 onward, the behavior has been reverted to that of 3.9. bpo-46000: Improve compatibility of the curses module with NetBSD curses. bpo-46004: Fix the SyntaxError location for errors involving for loops with invalid targets. Patch by Pablo Galindo bpo-42918: Fix bug where the built-in compile() function did not always raise a SyntaxError when passed multiple statements in ‘single’ mode. Patch by Weipeng Hong. Library bpo-40479: Fix hashlib usedforsecurity option to work correctly with OpenSSL 3.0.0 in FIPS mode. bpo-46070: Fix possible segfault when importing the asyncio module from different sub-interpreters in parallel. Patch by Erlend E. Aasland. bpo-46278: Reflect context argument in AbstractEventLoop.call_*() methods. Loop implementations already support it. bpo-46239: Improve error message when importing asyncio.windows_events on non-Windows. bpo-20369: concurrent.futures.wait() no longer blocks forever when given duplicate Futures. Patch by Kumar Aditya. bpo-46105: Honor spec when generating requirement specs with urls and extras (importlib_metadata 4.8.3). bpo-26952: argparse raises ValueError with clear message when trying to render usage for an empty mutually-exclusive group. Previously it raised a cryptic IndexError. bpo-27718: Fix help for the signal module. Some functions (e.g. signal() and getsignal()) were omitted. bpo-46032: The registry() method of functools.singledispatch() functions checks now the first argument or the first parameter annotation and raises a TypeError if it is not supported. Previously unsupported “types” were ignored (e.g. typing.List[int]) or caused an error at calling time (e.g. list[int]). bpo-46018: Ensure that math.expm1() does not raise on underflow. bpo-45755: typing generic aliases now reveal the class attributes of the original generic class when passed to dir(). This was the behavior up to Python 3.6, but was changed in 3.7-3.9. bpo-13236: unittest.TextTestResult and unittest.TextTestRunner flush now the output stream more often. bpo-42378: Fixes the issue with log file being overwritten when logging.FileHandler is used in atexit with filemode set to 'w'. Note this will cause the message in atexit not being logged if the log stream is already closed due to shutdown of logging. Documentation bpo-46120: State that | is preferred for readability over Union in the typing docs. bpo-46040: Fix removal Python version for @asyncio.coroutine, the correct value is 3.11. bpo-19737: Update the documentation for the globals() function. bpo-45840: Improve cross-references in the documentation for the data model. Tests bpo-46205: Fix hang in runtest_mp due to race condition bpo-46263: Fix test_capi on FreeBSD 14-dev: instruct jemalloc to not fill freed memory with junk byte. bpo-46150: Now fakename in test_pathlib.PosixPathTest.test_expanduser is checked to be non-existent. bpo-46129: Rewrite asyncio.locks tests with unittest.IsolatedAsyncioTestCase usage. bpo-46114: Fix test case for OpenSSL 3.0.1 version. OpenSSL 3.0 uses 0xMNN00PP0L. Build bpo-46263: configure no longer sets MULTIARCH on FreeBSD platforms. bpo-46106: Updated OpenSSL to 1.1.1m in Windows builds, macOS installer builds, and CI. Patch by Kumar Aditya. macOS bpo-40477: The Python Launcher app for macOS now properly launches scripts and, if necessary, the Terminal app when running on recent macOS releases. C API bpo-46236: Fix a bug in PyFunction_GetAnnotations() that caused it to return a tuple instead of a dict.
python*: remove no-egg support This was added in the pkgsrc stone age when pkgsrc had no egg support, and then carried forward up to python 3.10. This ends now. Bump PKGREVISION.
python310: prepare for upcoming setuptools change Bump PKGREVISION.
python310: remove reference to non-existent file
python310: remove patch that was carried forward from before 2.7 times upstream says it should not be needed, and I don't see a difference in building python310 and running its tests either. Let me know if you do. Bump PKGREVISION to be on the safe side.
revbump for icu and libffi
python310 py310-html-docs: added version 3.10.0 Python 3.10 Summary – Release highlights New syntax features: PEP 634, Structural Pattern Matching: Specification PEP 635, Structural Pattern Matching: Motivation and Rationale PEP 636, Structural Pattern Matching: Tutorial bpo-12782, Parenthesized context managers are now officially allowed. New features in the standard library: PEP 618, Add Optional Length-Checking To zip. Interpreter improvements: PEP 626, Precise line numbers for debugging and other tools. New typing features: PEP 604, Allow writing union types as X | Y PEP 613, Explicit Type Aliases PEP 612, Parameter Specification Variables Important deprecations, removals or restrictions: PEP 644, Require OpenSSL 1.1.1 or newer PEP 632, Deprecate distutils module. PEP 623, Deprecate and prepare for the removal of the wstr member in PyUnicodeObject. PEP 624, Remove Py_UNICODE encoder APIs PEP 597, Add optional EncodingWarning