Upstream changes:
2.000028 - 2021-10-17
- fix skips in shell test when shell has unpredictable startup actions
2.000027 - 2021-10-14
- releasing as stable
2.000_026 - 2021-10-11
- fix output redirection used in fish shell to work with newer versions
- fix optional function used on Win32 for finding the current directory
2.000_025 - 2020-07-30
- add documentation for --quiet option
- added --always option to always add requested directory to env vars, even
if they are already included
- improve shell test to be more resiliant against custom init scripts
- improved test diagnostics
- reorganized documentation for bootstrapping into a non-standard directory
- remove mentions of File::HomeDir from documentation, as it is no longer
used
Upstream changes:
0.083 2022-03-17 T. R. Wyant
Correct and optimize the computation of logical column position (the
one that takes account of tabs).
0.082 2021-11-29 T. R. Wyant
Add --version to eg/predump, and document all options with double
dashes.
Silence 'uninitialized' warning generated by /(?<=.{35})/.
Thanks to Brian Fraser for reporting this.
Try to quell weird Win32 test failures which seem to occur only in
tests where I am using 'use open' to put the standard handles into
UTF-8 mode. The fix (I hope) is to do this to the Test::Harness
handles at run time instead of to the standard handles at compile
time.
Add file CONTRIBUTING.
Upstream changes:
0.08 2021-12-20 04:58:35 -0700
- Production release identical to 0.07_01
0.07_01 2021-12-19 07:27:44 -0700
- Remove the most uses of stringy eval (gh#6) One still remains
- Remove dependency on Data::Munge (gh#6)
Upstream changes:
1.57 2022-03-03
- The last release would die if Sub::Util was not available, but this should
just be an optional requirement. Fixed by Paul Howarth. GH #131.
- This is the second time I've introduced this bug, so now there's a test to
make sure that DateTime can be loaded if Sub::Util is not
installed. Hopefully this will prevent a third occurrence of this bug.
1.56 2022-03-02
- The DateTime->from_epoch constructor now accepts a single, non-hashref
argument, and validates it as an epoch value. Requested by Neil Bowers. GH
#119.
Upstream changes:
0.400000 2022-03-13 22:16:13-04:00 America/New_York
[ BUG FIXES ]
* PR #1634: Fix CI push setting to run tests on branches with / in the
name (Stefan Hornburg - Racke)
* PR #1641: Fix uninitialized warnings from parsing routes with mixed
regex/splats (Russell @veryrusty Jenkins)
[ ENHANCEMENTS ]
* PR #1627: Set minimum Perl to 5.10.1 (Peter Mottram - SysPete)
* PR #1643: Set minimum Perl to 5.12.5 (Jason A. Crome)
[ DOCUMENTATION ]
* PR #1633: Fix YAML example in the tutorial (Tina Müller)
* PR #1644: Add deprecation policy to docs; link git guide (Jason A.
Crome)
Upstream changes:
3.11.6
General fixes and improvements
MDL-72762 - Backup fails if section name has only blank spaces
MDL-72246 - 3.11 Dashboard Loads Slowly (30 seconds)
MDL-72915 - Drag and Drop onto image: Issue moving draggable items with Unlimited option
MDL-73846 - "Prepare submissions for annotation" task tries to process the whole queue in one go
MDL-64770 - User profile fields uniqueness don't work while user importing
MDL-72646 - MIME type headers for theme fonts are deprecated
MDL-67428 - Performance issues with filters applied to course/category titles in navigation
MDL-73824 - Decimal comma & PHP8.0
MDL-66940 - 'View external Criteria URL' on Badgr links to badge awarded to somebody else
MDL-69965 - MoodleNet profile field is displayed even when MoodleNet is disabled
MDL-73915 - Bump NodeJS version, dependencies, and update JS build process, drop IE support
MDL-73827 - URL blocked during OBv2.1 user authentication
MDL-69966 - Quiz: start attempt button should be a primary button
MDL-73450 - is_antelope_file_format_no_more_supported check should return true on Aurora MySQL 8.0+
MDL-73588 - Unexpected content in the CURLOPT_FILE output stream on redirects
MDL-73905 - Wrong coding_exception used on problems sending messages
MDL-73954 - Quiz percentage should round the percentage the same way as the other grades
MDL-73582 - Add endpoint to provide the Moodle version
MDL-73868 - Remove multiple slashes in URL image for Open Badges services
MDL-73636 - Activity "Mark as done" buttons contain unformatted module names
MDL-73625 - Reorder and review the mobile settings for app 4.0
MDL-72937 - Saving a user profile Moodlenet field > 255 characters causes exception
MDL-73765 - Scheduled task are randomly allocated to 0 - 23 minutes range only
MDL-72852 - If there are no course badges, students shouldn't have a link to a page saying there are no badges available
MDL-73603 - Webservice token creation form throws exceptions during validation
MDL-73561 - "Grades were set for X items" message displayed as alert-danger
Accessibility improvements
MDL-73584 - Required ARIA children role not present: group, menuitemradio, menuitem, menuitemcheckbox
MDL-70792 - CSS changes for the moremenu
MDL-72412 - aria-label attribute is invalid for informative icon fonts
Security improvements
MDL-72734 - Inconsistent checks used to determine whether to run task through web UI
3.11.5
General fixes and improvements
MDL-68944 - Workshop skips scheduled allocation
MDL-69467 - H5P attempts not recorded when multiple users have same email address
MDL-69496 - mod_quiz: Or all available attempts completed setting value lost
MDL-68773 - Adhoc tasks for backup and restore are stuck in endless fail delay loop
MDL-59115 - OAuth2 does not pass in all user mapped settings into new account
MDL-72796 - retry interval in milliseconds for redis session cache is far too high
MDL-72791 - Custom course field content for new course not found in global search
MDL-72443 - SVG files do not support the preview mode
MDL-72716 - You should not be able to add more than one instance of most blocks to your Dashboard
MDL-72925 - Forum grading separate group filter shows discussion topics in the other groups
MDL-73414 - Impossible to turn on only "Enable web services" from site admin page
MDL-73189 - File upload limits not always enforced if there are many simultaneous uploads in progress
MDL-69061 - Lack of files reported during upgrade to 3.9 when $CFG->admin differs from 'admin'
MDL-73046 - HTML5 video in the mediaplugin fails when using .MOV files
MDL-72988 - PHP Notices detected in web server logs (mod_lti)
MDL-72966 - File upload: Uncaught TypeError from JavaScript when uploading a single file
MDL-73195 - mod_url: Error makes course/view.php unreachable if an invalid URL is saved
MDL-73207 - $CFG->scheduled_tasks has incorrect order for dayofweek and months in cron spec
MDL-72701 - Expand unit test coverage defaults
MDL-73128 - Image caption warning for external badges
MDL-73155 - Essay qtype: Error message is displayed when Allow attachments field is reset to 'No'
MDL-73256 - Disabling "Require email verification" doesn't persist properly the first time
MDL-73086 - User profile fields are broken when having uppercase in shortname
MDL-73153 - External badge image not displayed in some cases
MDL-72992 - Cannot enter feedback from grader report when feedback was previously deleted from assign grader
MDL-72785 - Can't delete course category
MDL-73176 - JS exception filtering course participants for keyword containing quotes
MDL-73402 - Admin bookmarks block is too aggressive at cleaning bookmarked section
MDL-72870 - Quiz attempt navigation buttons misaligned
MDL-73039 - Double encoding of site/course name in course download
MDL-73140 - Badly formatted lists in the grade history report
MDL-72982 - Data request email breaks organisation signature
MDL-61671 - Admin mobile certificate check can return errors on valid certificate
MDL-72789 - Improve filtering by component in eventlist report
MDL-72908 - Purge all caches only purges the selected cache if selected
MDL-73074 - Course autocomplete duplicated in report condition/filter
MDL-73255 - User Participants filter leaves invalid group filter row if no groups are present
Accessibility improvements
MDL-70274 - The WCAG (cynthia.exe) validator links in the footer is no longer available
MDL-73026 - Focus outline for modal close button is clipped and has insufficient colour contrast
MDL-70721 - Need a Mustache helper method for html entities
MDL-73142 - File extension in Essay accepted file type list is failing accessibility color contrast limits
For developers
MDL-73175 - Add behat generators for glossary entries and categories
MDL-73202 - Add behat generators for forum discussions and posts
MDL-72846 - Create default block generator for testing
MDL-73269 - Add PHP version and required/optional extensions to composer.json
Security improvements
MDL-72096 - New helper function for cleaning SQL ORDER BY clauses
MDL-73295 - sesskey is exposed in url for /user/managetoken.php
Security fixes
MSA-22-0001 SQL injection risk in code fetching h5p activity user attempts
MSA-22-0002 calendar:manageentries capability allows CRUD access to all calendar events
MSA-22-0003 Capability gradereport/user:view not always respected when navigating to a user's course grade report
MSA-22-0004 CSRF risk in badge alignment deletion
Currently cad/oce does not build on Darwin, in part because sed
substitutions in CMakeFiles fail because the suffixes (.dylib) differ
from expected (.so). There are, however, two additional problems.
First, frameworks are not used by pkgsrc, yet CMakeLists.txt expects
them on Darwin and uses special installation steps. Instead, use the
standard installation steps. Additionally, there are a few PLIST
differences between Darwin and other platforms, which are handled with
PLIST.* variables that differentiate Darwin from other systems.
Upstream changes:
1.160000 2022-02-01 11:41:36-07:00 America/Denver
- Preserve incremental version release numbers.
The previous release number can be consider being
lower than 1.151940
1.16 2022-01-28 16:29:44-07:00 America/Denver
- Add Kosovo to the list of supported countries
- Add get_all_countries helper
- Remove Memoize dependency and make Faster faster
The R package installs the file lib/R/etc/Makeconf, which is intended
to be used by R packages that themselves compile programs. This
feature is rarely used, but the math/R-nimble package is an example of
one that does. For this to work, the compiler flags embedded within
Makeconf must be compatible with the system compiler. At least on
MacOS, this is not the case by default, and so nimble compilations
fail. This substitutes ${COMPILER_RPATH_FLAG} into configure.ac, so
that it is used when creating Makeconf. Since neither R itself nor
most R packages compile other programs, Makeconf is generally not used
and this fix will have no impact.
Python 3.10.3 final
Core and Builtins
bpo-46940: Avoid overriding AttributeError metadata information for nested attribute access calls. Patch by Pablo Galindo.
bpo-46852: Rename the private undocumented float.__set_format__() method to float.__setformat__() to fix a typo introduced in Python 3.7. The method is only used by test_float. Patch by Victor Stinner.
bpo-46794: Bump up the libexpat version into 2.4.6
bpo-46820: Fix parsing a numeric literal immediately (without spaces) followed by “not in” keywords, like in 1not in x. Now the parser only emits a warning, not a syntax error.
bpo-46762: Fix an assert failure in debug builds when a ‘<’, ‘>’, or ‘=’ is the last character in an f-string that’s missing a closing right brace.
bpo-46724: Make sure that all backwards jumps use the JUMP_ABSOLUTE instruction, rather than JUMP_FORWARD with an argument of (2**32)+offset.
bpo-46732: Correct the docstring for the __bool__() method. Patch by Jelle Zijlstra.
bpo-46707: Avoid potential exponential backtracking when producing some syntax errors involving lots of brackets. Patch by Pablo Galindo.
bpo-40479: Add a missing call to va_end() in Modules/_hashopenssl.c.
bpo-46615: When iterating over sets internally in setobject.c, acquire strong references to the resulting items from the set. This prevents crashes in corner-cases of various set operations where the set gets mutated.
bpo-45773: Remove two invalid “peephole” optimizations from the bytecode compiler.
bpo-43721: Fix docstrings of getter, setter, and deleter to clarify that they create a new copy of the property.
bpo-46503: Fix an assert when parsing some invalid N escape sequences in f-strings.
bpo-46417: Fix a race condition on setting a type __bases__ attribute: the internal function add_subclass() now gets the PyTypeObject.tp_subclasses member after calling PyWeakref_NewRef() which can trigger a garbage collection which can indirectly modify PyTypeObject.tp_subclasses. Patch by Victor Stinner.
bpo-46383: Fix invalid signature of _zoneinfo’s module_free function to resolve a crash on wasm32-emscripten platform.
bpo-46070: Py_EndInterpreter() now explicitly untracks all objects currently tracked by the GC. Previously, if an object was used later by another interpreter, calling PyObject_GC_UnTrack() on the object crashed if the previous or the next object of the PyGC_Head structure became a dangling pointer. Patch by Victor Stinner.
bpo-46339: Fix a crash in the parser when retrieving the error text for multi-line f-strings expressions that do not start in the first line of the string. Patch by Pablo Galindo
bpo-46240: Correct the error message for unclosed parentheses when the tokenizer doesn’t reach the end of the source when the error is reported. Patch by Pablo Galindo
bpo-46091: Correctly calculate indentation levels for lines with whitespace character that are ended by line continuation characters. Patch by Pablo Galindo
Library
bpo-43253: Fix a crash when closing transports where the underlying socket handle is already invalid on the Proactor event loop.
bpo-47004: Apply bugfixes from importlib_metadata 4.11.3, including bugfix for EntryPoint.extras, which was returning match objects and not the extras strings.
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46968: faulthandler: On Linux 5.14 and newer, dynamically determine size of signal handler stack size CPython allocates using getauxval(AT_MINSIGSTKSZ). This changes allows for Python extension’s request to Linux kernel to use AMX_TILE instruction set on Sapphire Rapids Xeon processor to succeed, unblocking use of the ISA in frameworks.
bpo-46955: Expose asyncio.base_events.Server as asyncio.Server. Patch by Stefan Zabka.
bpo-23325: The signal module no longer assumes that SIG_IGN and SIG_DFL are small int singletons.
bpo-46932: Update bundled libexpat to 2.4.7
bpo-25707: Fixed a file leak in xml.etree.ElementTree.iterparse() when the iterator is not exhausted. Patch by Jacob Walls.
bpo-44886: Inherit asyncio proactor datagram transport from asyncio.DatagramTransport.
bpo-46827: Support UDP sockets in asyncio.loop.sock_connect() for selector-based event loops. Patch by Thomas Grainger.
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46252: Raise TypeError if ssl.SSLSocket is passed to transport-based APIs.
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-39327: shutil.rmtree() can now work with VirtualBox shared folders when running from the guest operating-system.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
bpo-46643: In typing.get_type_hints(), support evaluating stringified ParamSpecArgs and ParamSpecKwargs annotations. Patch by Gregory Beauregard.
bpo-45863: When the tarfile module creates a pax format archive, it will put an integer representation of timestamps in the ustar header (if possible) for the benefit of older unarchivers, in addition to the existing full-precision timestamps in the pax extended header.
bpo-46676: Make typing.ParamSpec args and kwargs equal to themselves. Patch by Gregory Beauregard.
bpo-46672: Fix NameError in asyncio.gather() when initial type check fails.
bpo-46655: In typing.get_type_hints(), support evaluating bare stringified TypeAlias annotations. Patch by Gregory Beauregard.
bpo-45948: Fixed a discrepancy in the C implementation of the xml.etree.ElementTree module. Now, instantiating an xml.etree.ElementTree.XMLParser with a target=None keyword provides a default xml.etree.ElementTree.TreeBuilder target as the Python implementation does.
bpo-46521: Fix a bug in the codeop module that was incorrectly identifying invalid code involving string quotes as valid code.
bpo-46581: Brings ParamSpec propagation for GenericAlias in line with Concatenate (and others).
bpo-46591: Make the IDLE doc URL on the About IDLE dialog clickable.
bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
bpo-46487: Add the get_write_buffer_limits method to asyncio.transports.WriteTransport and to the SSL transport.
bpo-45173: Note the configparser deprecations will be removed in Python 3.12.
bpo-46539: In typing.get_type_hints(), support evaluating stringified ClassVar and Final annotations inside Annotated. Patch by Gregory Beauregard.
bpo-46491: Allow typing.Annotated to wrap typing.Final and typing.ClassVar. Patch by Gregory Beauregard.
bpo-46436: Fix command-line option -d/--directory in module http.server which is ignored when combined with command-line option --cgi. Patch by Géry Ogam.
bpo-41403: Make mock.patch() raise a TypeError with a relevant error message on invalid arg. Previously it allowed a cryptic AttributeError to escape.
bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by limiting ambiguity in consecutive whitespace.
bpo-46469: asyncio generic classes now return types.GenericAlias in __class_getitem__ instead of the same class.
bpo-46434: pdb now gracefully handles help when __doc__ is missing, for example when run with pregenerated optimized .pyc files.
bpo-46333: The __eq__() and __hash__() methods of typing.ForwardRef now honor the module parameter of typing.ForwardRef. Forward references from different modules are now differentiated.
bpo-46246: Add missing __slots__ to importlib.metadata.DeprecatedList. Patch by Arie Bovenberg.
bpo-46266: Improve day constants in calendar.
Now all constants (MONDAY … SUNDAY) are documented, tested, and added to __all__.
bpo-46232: The ssl module now handles certificates with bit strings in DN correctly.
bpo-43118: Fix a bug in inspect.signature() that was causing it to fail on some subclasses of classes with a __text_signature__ referencing module globals. Patch by Weipeng Hong.
bpo-26552: Fixed case where failing asyncio.ensure_future() did not close the coroutine. Patch by Kumar Aditya.
bpo-21987: Fix an issue with tarfile.TarFile.getmember() getting a directory name with a trailing slash.
bpo-20392: Fix inconsistency with uppercase file extensions in MimeTypes.guess_type(). Patch by Kumar Aditya.
bpo-46080: Fix exception in argparse help text generation if a argparse.BooleanOptionalAction argument’s default is argparse.SUPPRESS and it has help specified. Patch by Felix Fontein.
bpo-44439: Fix .write() method of a member file in ZipFile, when the input data is an object that supports the buffer protocol, the file length may be wrong.
bpo-45703: When a namespace package is imported before another module from the same namespace is created/installed in a different sys.path location while the program is running, calling the importlib.invalidate_caches() function will now also guarantee the new module is noticed.
bpo-24959: Fix bug where unittest sometimes drops frames from tracebacks of exceptions raised in tests.
bpo-44791: Fix substitution of ParamSpec in Concatenate with different parameter expressions. Substitution with a list of types returns now a tuple of types. Substitution with Concatenate returns now a Concatenate with concatenated lists of arguments.
bpo-14156: argparse.FileType now supports an argument of ‘-’ in binary mode, returning the .buffer attribute of sys.stdin/sys.stdout as appropriate. Modes including ‘x’ and ‘a’ are treated equivalently to ‘w’ when argument is ‘-’. Patch contributed by Josh Rosenberg
Documentation
bpo-46463: Fixes escape4chm.py script used when building the CHM documentation file
Tests
bpo-46913: Fix test_faulthandler.test_sigfpe() if Python is built with undefined behavior sanitizer (UBSAN): disable UBSAN on the faulthandler_sigfpe() function. Patch by Victor Stinner.
bpo-46708: Prevent default asyncio event loop policy modification warning after test_asyncio execution.
bpo-46678: The function make_legacy_pyc in Lib/test/support/import_helper.py no longer fails when PYTHONPYCACHEPREFIX is set to a directory on a different device from where tempfiles are stored.
bpo-46616: Ensures test_importlib.test_windows cleans up registry keys after completion.
bpo-44359: test_ftplib now silently ignores socket errors to prevent logging unhandled threading exceptions. Patch by Victor Stinner.
bpo-46542: Fix a Python crash in test_lib2to3 when using Python built in debug mode: limit the recursion limit. Patch by Victor Stinner.
bpo-46576: test_peg_generator now disables compiler optimization when testing compilation of its own C extensions to significantly speed up the testing on non-debug builds of CPython.
bpo-46542: Fix test_json tests checking for RecursionError: modify these tests to use support.infinite_recursion(). Patch by Victor Stinner.
bpo-13886: Skip test_builtin PTY tests on non-ASCII characters if the readline module is loaded. The readline module changes input() behavior, but test_builtin is not intented to test the readline module. Patch by Victor Stinner.
Build
bpo-47032: Ensure Windows install builds fail correctly with a non-zero exit code when part of the build fails.
bpo-47024: Update OpenSSL to 1.1.1n for macOS installers and all Windows builds.
bpo-38472: Fix GCC detection in setup.py when cross-compiling. The C compiler is now run with LC_ALL=C. Previously, the detection failed with a German locale.
bpo-46513: configure no longer uses AC_C_CHAR_UNSIGNED macro and pyconfig.h no longer defines reserved symbol __CHAR_UNSIGNED__.
bpo-45925: Update Windows installer to use SQLite 3.37.2.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
bpo-46638: Ensures registry virtualization is consistently disabled. For 3.10 and earlier, it remains enabled (some registry writes are protected), while for 3.11 and later it is disabled (registry modifications affect all applications).
macOS
bpo-45925: Update macOS installer to SQLite 3.37.2.
IDLE
bpo-46630: Make query dialogs on Windows start with a cursor in the entry box.
bpo-45296: Clarify close, quit, and exit in IDLE. In the File menu, ‘Close’ and ‘Exit’ are now ‘Close Window’ (the current one) and ‘Exit’ is now ‘Exit IDLE’ (by closing all windows). In Shell, ‘quit()’ and ‘exit()’ mean ‘close Shell’. If there are no other windows, this also exits IDLE.
bpo-45447: Apply IDLE syntax highlighting to pyi files. Patch by Alex Waygood and Terry Jan Reedy.
C API
bpo-46433: The internal function _PyType_GetModuleByDef now correctly handles inheritance patterns involving static types.
bpo-14916: Fixed bug in the tokenizer that prevented PyRun_InteractiveOne from parsing from the provided FD.
Python 3.9.11 final
Core and Builtins
bpo-46852: Rename the private undocumented float.__set_format__() method to float.__setformat__() to fix a typo introduced in Python 3.7. The method is only used by test_float. Patch by Victor Stinner.
bpo-46794: Bump up the libexpat version into 2.4.6
bpo-46762: Fix an assert failure in debug builds when a ‘<’, ‘>’, or ‘=’ is the last character in an f-string that’s missing a closing right brace.
bpo-46732: Correct the docstring for the __bool__() method. Patch by Jelle Zijlstra.
bpo-40479: Add a missing call to va_end() in Modules/_hashopenssl.c.
bpo-46615: When iterating over sets internally in setobject.c, acquire strong references to the resulting items from the set. This prevents crashes in corner-cases of various set operations where the set gets mutated.
bpo-43721: Fix docstrings of getter, setter, and deleter to clarify that they create a new copy of the property.
bpo-46503: Fix an assert when parsing some invalid N escape sequences in f-strings.
bpo-46417: Fix a race condition on setting a type __bases__ attribute: the internal function add_subclass() now gets the PyTypeObject.tp_subclasses member after calling PyWeakref_NewRef() which can trigger a garbage collection which can indirectly modify PyTypeObject.tp_subclasses. Patch by Victor Stinner.
bpo-46383: Fix invalid signature of _zoneinfo’s module_free function to resolve a crash on wasm32-emscripten platform.
Library
bpo-43253: Fix a crash when closing transports where the underlying socket handle is already invalid on the Proactor event loop.
bpo-47004: Apply bugfixes from importlib_metadata 4.11.3, including bugfix for EntryPoint.extras, which was returning match objects and not the extras strings.
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46968: faulthandler: On Linux 5.14 and newer, dynamically determine size of signal handler stack size CPython allocates using getauxval(AT_MINSIGSTKSZ). This changes allows for Python extension’s request to Linux kernel to use AMX_TILE instruction set on Sapphire Rapids Xeon processor to succeed, unblocking use of the ISA in frameworks.
bpo-46955: Expose asyncio.base_events.Server as asyncio.Server. Patch by Stefan Zabka.
bpo-46932: Update bundled libexpat to 2.4.7
bpo-25707: Fixed a file leak in xml.etree.ElementTree.iterparse() when the iterator is not exhausted. Patch by Jacob Walls.
bpo-44886: Inherit asyncio proactor datagram transport from asyncio.DatagramTransport.
bpo-46827: Support UDP sockets in asyncio.loop.sock_connect() for selector-based event loops. Patch by Thomas Grainger.
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46252: Raise TypeError if ssl.SSLSocket is passed to transport-based APIs.
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-39327: shutil.rmtree() can now work with VirtualBox shared folders when running from the guest operating-system.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
bpo-45863: When the tarfile module creates a pax format archive, it will put an integer representation of timestamps in the ustar header (if possible) for the benefit of older unarchivers, in addition to the existing full-precision timestamps in the pax extended header.
bpo-46672: Fix NameError in asyncio.gather() when initial type check fails.
bpo-45948: Fixed a discrepancy in the C implementation of the xml.etree.ElementTree module. Now, instantiating an xml.etree.ElementTree.XMLParser with a target=None keyword provides a default xml.etree.ElementTree.TreeBuilder target as the Python implementation does.
bpo-46591: Make the IDLE doc URL on the About IDLE dialog clickable.
bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
bpo-46487: Add the get_write_buffer_limits method to asyncio.transports.WriteTransport and to the SSL transport.
bpo-46539: In typing.get_type_hints(), support evaluating stringified ClassVar and Final annotations inside Annotated. Patch by Gregory Beauregard.
bpo-46491: Allow typing.Annotated to wrap typing.Final and typing.ClassVar. Patch by Gregory Beauregard.
bpo-46436: Fix command-line option -d/--directory in module http.server which is ignored when combined with command-line option --cgi. Patch by Géry Ogam.
bpo-41403: Make mock.patch() raise a TypeError with a relevant error message on invalid arg. Previously it allowed a cryptic AttributeError to escape.
bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by limiting ambiguity in consecutive whitespace.
bpo-46469: asyncio generic classes now return types.GenericAlias in __class_getitem__ instead of the same class.
bpo-46434: pdb now gracefully handles help when __doc__ is missing, for example when run with pregenerated optimized .pyc files.
bpo-46333: The __eq__() and __hash__() methods of typing.ForwardRef now honor the module parameter of typing.ForwardRef. Forward references from different modules are now differentiated.
bpo-43118: Fix a bug in inspect.signature() that was causing it to fail on some subclasses of classes with a __text_signature__ referencing module globals. Patch by Weipeng Hong.
bpo-21987: Fix an issue with tarfile.TarFile.getmember() getting a directory name with a trailing slash.
bpo-20392: Fix inconsistency with uppercase file extensions in MimeTypes.guess_type(). Patch by Kumar Aditya.
bpo-46080: Fix exception in argparse help text generation if a argparse.BooleanOptionalAction argument’s default is argparse.SUPPRESS and it has help specified. Patch by Felix Fontein.
bpo-44439: Fix .write() method of a member file in ZipFile, when the input data is an object that supports the buffer protocol, the file length may be wrong.
bpo-45703: When a namespace package is imported before another module from the same namespace is created/installed in a different sys.path location while the program is running, calling the importlib.invalidate_caches() function will now also guarantee the new module is noticed.
bpo-24959: Fix bug where unittest sometimes drops frames from tracebacks of exceptions raised in tests.
Documentation
bpo-46463: Fixes escape4chm.py script used when building the CHM documentation file
Tests
bpo-46913: Fix test_faulthandler.test_sigfpe() if Python is built with undefined behavior sanitizer (UBSAN): disable UBSAN on the faulthandler_sigfpe() function. Patch by Victor Stinner.
bpo-46708: Prevent default asyncio event loop policy modification warning after test_asyncio execution.
bpo-46616: Ensures test_importlib.test_windows cleans up registry keys after completion.
bpo-44359: test_ftplib now silently ignores socket errors to prevent logging unhandled threading exceptions. Patch by Victor Stinner.
bpo-46542: Fix a Python crash in test_lib2to3 when using Python built in debug mode: limit the recursion limit. Patch by Victor Stinner.
bpo-46576: test_peg_generator now disables compiler optimization when testing compilation of its own C extensions to significantly speed up the testing on non-debug builds of CPython.
bpo-46542: Fix test_json tests checking for RecursionError: modify these tests to use support.infinite_recursion(). Patch by Victor Stinner.
bpo-13886: Skip test_builtin PTY tests on non-ASCII characters if the readline module is loaded. The readline module changes input() behavior, but test_builtin is not intented to test the readline module. Patch by Victor Stinner.
Build
bpo-47024: Update OpenSSL to 1.1.1n for macOS installers and all Windows builds.
bpo-38472: Fix GCC detection in setup.py when cross-compiling. The C compiler is now run with LC_ALL=C. Previously, the detection failed with a German locale.
bpo-46513: configure no longer uses AC_C_CHAR_UNSIGNED macro and pyconfig.h no longer defines reserved symbol __CHAR_UNSIGNED__.
bpo-45925: Update Windows installer to use SQLite 3.37.2.
bpo-47032: Ensure Windows install builds fail correctly with a non-zero exit code when part of the build fails.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
bpo-46638: Ensures registry virtualization is consistently disabled. For 3.10 and earlier, it remains enabled (some registry writes are protected), while for 3.11 and later it is disabled (registry modifications affect all applications).
macOS
bpo-45925: Update macOS installer to SQLite 3.37.2.
IDLE
bpo-46630: Make query dialogs on Windows start with a cursor in the entry box.
bpo-45296: Clarify close, quit, and exit in IDLE. In the File menu, ‘Close’ and ‘Exit’ are now ‘Close Window’ (the current one) and ‘Exit’ is now ‘Exit IDLE’ (by closing all windows). In Shell, ‘quit()’ and ‘exit()’ mean ‘close Shell’. If there are no other windows, this also exits IDLE.
bpo-45447: Apply IDLE syntax highlighting to pyi files. Patch by Alex Waygood and Terry Jan Reedy.
Python 3.8.13 final
Core and Builtins
bpo-46794: Bump up the libexpat version into 2.4.6
Library
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46932: Update bundled libexpat to 2.4.7
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by limiting ambiguity in consecutive whitespace.
bpo-44849: Fix the os.set_inheritable() function on FreeBSD 14 for file descriptor opened with the O_PATH flag: ignore the EBADF error on ioctl(), fallback on the fcntl() implementation. Patch by Victor Stinner.
Documentation
bpo-41028: Language and version switchers, previously maintained in every cpython branches, are now handled by docsbuild-script.
Tests
bpo-45195: Fix test_readline.test_nonascii(): sometimes, the newline character is not written at the end, so don’t expect it in the output. Patch by Victor Stinner.
bpo-44949: Fix auto history tests of test_readline: sometimes, the newline character is not written at the end, so don’t expect it in the output.
Build
bpo-47024: Update Windows builds and macOS installer build to use OpenSSL 1.1.1n.
bpo-45405: Prevent internal configure error when running configure with recent versions of clang. Patch by David Bohman.
bpo-45220: Avoid building with the Windows 11 SDK previews automatically. This may be overridden by setting the DefaultWindowsSDKVersion environment variable before building.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
macOS
bpo-44828: Avoid tkinter file dialog failure on macOS 12 Monterey when using the Tk 8.6.11 provided by python.org macOS installers. Patch by Marc Culler of the Tk project.
Python 3.7.13 final
Library
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46932: Update bundled libexpat to 2.4.7
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
Build
bpo-47024: Update Windows builds and macOS installer build to use OpenSSL 1.1.1n.
bpo-45405: Prevent internal configure error when running configure with recent versions of clang. Patch by David Bohman.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
Changes in the installed share/doc/acme/Changes.txt file but no dates are
mentioned.
There are now more assembly library files.
Original MASTER_SITE no longer available, so rely on a SourceForge snapshot
file.
Changes:
- Removed OpenSSL 1.0.2 support.
- TLS 1.3 is now the default for tls_version.
- Fixed support for Python 3.10 and higher.
- Kore ships with the ffdhe4096 DH parameters.
- Changed the routing configuration context.
- JSON API error handling functions no longer take a kore_json context as
parameter.
- Removed stale out-of-date examples.
- Changed the way the workers log to the parent process.
- Changed kore.domain() and kore.server() for Python API, name is now a
keyword, if omitted defaults to "default".
- Added new HTTP APIs for obtaining headers as native C types.
- http_state_create() no longer takes an onfree callback.
- Updated log levels in the ACME process.
- New logfile configuration option, allowing all Kore logs to go to the given
file instead of stdout.
- New kodev commands: cflags, ldflags and gen.
- New TLS_BACKEND option to compile without TLS.
- New privsep configuration context.
- New @kore.route("url", methods=[]) decorator in Python API.
- New http_response_json() API function.
- New http_response_close() API function.
- New kore_signal_trap() API function.
- New kore_worker_signal() API hook.
- New kore.connection.x509dict in Python API.
- New koreapp.workerstop, koreapp.workerstart hooks for Python.
- New kore.task_id() for Python, returning current coroutine ID.
- New kore.sigtrap() for Python, trapping a given signal.
- New kore.privsep() for Python, for setting up the new privsep
configuration.
- New curlopt keyword for kore.httpclient, allowing setting of specific curl
options directly into it.
- New TARGET_PLATFORM environment variable for cross building Linux.
- New on_body, on_headers and on_free route handlers.
- New kore_mem_zero() function.
- New http.protocol() for Python API.
- Removed run_as and root configuration options.
- Removed keymgr_runas and keymgr_root configuration options.
- Removed acme_runas and acme_root configuration options.
- Added ability for parent to send messages via the msg framework to workers.
- Added several new system calls to seccomp whitelist filters.
- Added support for overriding previously set headers with
http_response_header().
- Added support for 100 in http_response_* APIs.
- Added new "docker" deployment target for Python.
- Updated the pgsql code to understand PGRES_PIPELINE_SYNC and
PGRES_PIPELINE_ABORTED.
- Modified Kore child handling code to wait for processes in its worker
process group.
- And much more..
Bug fixes:
- All kore_pool elements are now always properly aligned on a boundary of 8.
- execve() now takes an environment pointer instead of NULL.
- Fixed a problem in kore.socket.recvfrom() Python API.
- Fixed several wrong log messages while parsing configuration.
- Fixed a bug in the kore_http client related to OPTIONS and DELETE methods.
- Fixed potential uninitialised parameter in accesslog.
- Fixed small bugs in several examples.
- Fix bug in several kore_json_create_*() API functions with regards to
variadic arguments.
- Fixed dependencies in the Kore Makefile.
- Fixed how Kore obtains paths to openssl on Mac platforms.
2021-07-15:
libdwarf, dwarfdump, etc all now use a semantic version
number rather than a date string. As of today the
current version is "0.1.1".
2021-02-15:
dwarfdump given -ku now prints brief lists counting
the uses of every TAG, ATtribute, and FORM,
a concise summary of the basic building blocks of DWARF.
2021-01-23:
dwarfdump now reports and checks-for-sensible-values
the expression block offsets that DW_OP_bra and
DW_OP_skip use. If an expression does not use either of
those operators dwarfdump does not report the individual DW_OP
expression offsets.
2020-12-23:
dwarfdump --print-macinfo now follows DW_MACRO_imports
and does several additional checks on .debug_macro section
data. --check-macros skips printing most entries but does
all that and reports even more about that section. Since
.debug_macro does not reproduce all macro operations in
the original source the MACRONOTEs printed are indications
of things to consider, not errors.
2020-11-21:
dwarfdump now prints DWARF expression operators each on
its own line. This makes viewing DWARF expressions much
nicer given the increased use of much longer expressions.
Those expression operators that reference DIES are now
followed, verified, and the target DW_TAG and DW_AT_name
are printed. A new dwarfdump.conf command 'option:' lets
one specify option: --format-expr-ops-joined in case you
want the old style DWARF expression operators-on-one-line.
Where the DWARF DIE children nest > nine-deep dwarfdump
switches from indentation by spaces to a nest-level number.
2020-09-08:
libdwarf/dwarfdump work well with DWARF4 and DWARF5,
including DWP files.
2020-07-08:
libdwarf now reads .debug_gnu_pubtypes & pubnames
(non-standard but gcc creates them in DWARF5) via a small
number of new functions and dwarfdump --print-debug-gnu
prints both sections. Verifying the .debug_info offsets
is not yet done.
2020-06-29:
Dwarfdump now dumps DWARF5 .debug_rnglists and
.debug_loclists. To handle DWARF5 there are a small
number of new functions. All existing functions are
still supported, but to read DWARF5 some small changes
are required. In libdwarf see libdwarf2.1.pdf and also
see libdwarf/ChangeLog for details.
2020-05-23:
dwarfdump now takes much less malloc() to work, as
measured by valgrind --tool=massif and massif-visualizer.
A dwarfdump run that did 2.2Gib of malloc/free before the
changes now does 1.4GiB.
2020-05-19:
libdwarf and dwarfdump now support DWARF5 .debug_rnglists.
The new interfaces are documented in libdwarf/libdwarf2.1.pdf.
The new option to dwarfdump is "--print-raw-rnglists".
2019-11-04:
The code (dwarfdump/libdwarf), regressiontests,
and readelfobj directories and all their tests
are known to work on Linux(Ubuntu on x86_64 and i686),
FreeBSD, MacOS Catalina (with Apple Command Line Tools),
and IBM s390 (Big Endian!) running Ubuntu Linux.
On Windows-MinGW the full regression tests
have not been tested, but 'make check' works
for dwarfdump/libdwarf (the current dwarfdump
make check actually does run dwarfdump and
checks that dwarfdump basically works).
2019-04-16:
Now a --disable-libelf configure/build of libdwarf/dwarfdump
can read elf, mach-o DSYM, and PE executable/dll object files.
Such a build will not need or use libelf or elf.h .
The dwarfdump options that display Elf section headers
or relocation record data are not available in a
--disable-libelf build.
Nor is dwarfdump's support of reading archive files
available in a --disable-libelf build.
This libdwarf detects corrupt Elf object files much sooner
than before, but does not explain what the corruption
really is. Use GNU readelf (or readelfobj, a project
on sourceforge) to get more detail about the problems found.
See https://www.prevanders.net/dwarf.html for the git clone
command for readelfobj.
With --disable-libelf the --enable-dwarfgen option
does not work: the dwarfgen build will fail.
2019-02-18:
For building on machines without a usable elf.h or libelf
but possibly with a libelf.h visible, --disable-libelf
ensures the build won't use libelf or elf.h anywhere.
-lz will be done if zlib.h is visible, independent of
libelf, libelf.h, and elf.h
2019-02-08:
If one has a standard Bourne shell (sh) available
(such as sh on MacOS and sh in MinGW on Windows)
one may be able to build libdwarf and dwarfdump natively
and they can read Mach-o dSYM and PE object files
to access DWARF information.
This has NOT been tested under MacOS, so will likely
fail on MacOS.
No elf.h, libelf.h or zlib.h should be present.
For example, the following
is known to work under MinGW and this general plan
applies to all builds including all builds with elf.h
and libelf:
mkdir test
cd test
#(copy the source tree into test, if from git
#the name of the top level will likely be 'code')
cd code
sh -x scripts/FIX-CONFIGURE-TIMES
cd ..
mkdir bld
cd bld
../code/configure (choose your preferred options here)
make
2019-01-15:
The pre-build dwarf_names.[hc] and the tag related
files are now part of the standard build so there is
no longer any two-stage aspect of the build.
The build simply compiles files in the distribution.
If you use git to access the source be sure to
sh scripts/FIX-CONFIGURE-TIMES
to adjust the file timestamps as having timestamps
in the right relationships is vital and git
does not maintain timestamps.
The script is always safe to run. It takes about 30 seconds.
2018-12-22:
The complicated process of building certain .c and .h
files has been relegated to the few people updating
files libdwarf/libdwarf.h.in, libdwarf/dwarf_errmsg_list.h,
dwarfdump/tag_attr_ext.list,dwarfdump/tag_attr.list,
dwarfdump/tag_tree_ext.list, and dwarfdump/tag_tree.list.
For everyone else the build is simply compiling
the .c and .h files in the distribution. Simpler.
sh scripts/buildstandardsource.sh
creates these files.
2018-10-22:
dwarfdump can now dump mach-o (MacOS) dSYM dwarf.
All the usual libdwarf interfaces work.
A new libdwarf initialization call dwarf_init_path()
may be convenient for you to use.
2018-08-05:
dwarfdump.conf is now installed by make install
in <install prefix>/shared/libdwarf/dwarfdump .
Any dwarfdump.conf or .dwarfdump.conf in your
$HOME directory will be found before the
one in shared. The file is only opened when
one wants a more accurate register naming in frame
reports (the default is just to name things r54
etc, choosing the right abi with -x abi=<something>
can be helpful at times).
2018-06-24:
The configure has been completely rewritten to follow
current standards and practices. For simple builds
the standard
./configure
make
works as always, but the generated libdwarf.a appears
in libdwarf/.libs/libdwarf.a , as does the shared object
if "./configure --enable-shared" is used.
To build dwarfgen one adds the configure option --enable-dwarfgen
instead of using 'make all'.
To build the example code one adds the configure option
--enable-dwarfexample instead of using 'make all'.
"mkdir /tmp/bld ; cd /tmp/bld ; <sourcebase>/configure"
continues to work, as does configure --host=<name> .
2018-06-14:
A small simplification of build options simplifies building
across different environments. If your environment needs
to use the non-standard elf_open() call instead of unix/linux open()
then do <path>/configure --enable-elf-open which sets
HAVE_ELF_OPEN in config.h.
2018-03-27:
All the DWARF5 FORMs appear to be dealt with.
It's now possible to cross-compile libdwarf and dwarfdump.
See the README.
2016-11-30:
An alternative build mechanism using cmake is now in the source tree.
The builds for product testing continue to be done using configure && make.
==============
Version 2.52.8
==============
Just a bug fix:
- #721 - Catch circular references when rendering patterns.
==============
Version 2.52.7
==============
Backport a fix for the regression that was introduced in the last
release:
- #851 - Output filled text as text for PDF; fixes regression due to
outputting all text as paths.
