Gleam is a functional language for building type-safe, scalable
systems.
The Gleam compiler itself is written in rust.
Gleam uses the BEAM runtime, and using the same actor-based multi-core
concurrency, with zero runtime overhead and full inter-operability
with Erlang, Elixir, and LFE.
It has all the features you'd expect from an ML derived language,
including algebraic data-types, immutable data structures, full type
inference, fast compilation, generics, no nulls nor exceptions, and a
few bonus features such as helpful error messages.
Version 16.15.0 'Gallium'
Notable changes
Add fetch API
Adds experimental support to the fetch API. This adds the --experimental-fetch flag that installs the fetch, Request, Response, Headers, and FormData globals.
(SEMVER-MINOR) add fetch (Michaël Zasso)
(SEMVER-MINOR) add FormData global when fetch is enabled (Michaël Zasso)
Other notable changes
build:
remove broken x32 arch support (Ben Noordhuis)
crypto:
(SEMVER-MINOR) add KeyObject.prototype.equals method (Filip Skokan)
doc:
add @ShogunPanda to collaborators (Paolo Insogna)
add JakobJingleheimer to collaborators list (Jacob Smith)
add joesepi to collaborators (Joe Sepi)
add marsonya to collaborators (Akhil Marsonya)
deprecate string coercion in fs.write, fs.writeFileSync (Livia Medeiros)
deprecate notice for process methods (Yash Ladha)
esm:
(SEMVER-MINOR) support https remotely and http locally under flag (Bradley Farias)
module:
(SEMVER-MINOR) unflag esm json modules (Geoffrey Booth)
node-api:
(SEMVER-MINOR) add node_api_symbol_for() (Darshan Sen)
process:
deprecate multipleResolves (Benjamin Gruenbaum)
stream:
(SEMVER-MINOR) support some and every (Benjamin Gruenbaum)
(SEMVER-MINOR) add toArray (Benjamin Gruenbaum)
(SEMVER-MINOR) add forEach method (Benjamin Gruenbaum)
# cpp11 0.4.2
* Romain François is now the maintainer.
# cpp11 0.4.1
* Fix crash related to unwind protect optimization (#244)
# cpp11 0.4.0
## New Features
* New opt-in message formatting with the {fmt} C++ library for
`cpp11::messages()` `cpp11::stop()` and `cpp11::warning()`. Set the
`CPP11_USE_FMT` macro to use this feature in your
package. (@sbearrows, #169, #208)
* New `as_double()` and `as_integer()` methods to coerce integers to
doubles and doubles to integers to doubles (@sbearrows, #46)
* `cpp11::matrix` iterators can now be used either row-wise or
column-wise (the default) depending on the user's choice (@alyst,
#229)
## Improvements and fixes
* Read-only matrix accessors are now marked const (#234)
* `writable::r_vector` default constructors now return a 0 length
vector when converted to `SEXP` (#166)
* Read-only `r_vector` constructors now disallow implicit construction
with named arguments (#237)
* Read-only `r_vector.attr()` methods now return const objects, so it
is a compile time error to try to assign to them (#237)
* Fixed `+` and `+=` operators of `r_vector::[const_]iterator` to
conform the *iterators* concept: `+=` updates the iterator, and `+`
returns the updated copy, while keeping the original unchanged
(@alyst, #231)
* Remove undefined behavior when constructing global `cpp11::sexp`s (#224)
* Removed redundant `.Call calls` in cpp11.cpp file (@sbearrows, #170)
* Error messages now output original file name rather than the
temporary file name (@sbearrows, #194)
* `cpp_register()` now includes `attribute_visible` in the init
function, so packages compiled with `C_VISIBILITY` will find the
init function.
* Fixed bug when running `cpp_source()` on the same file more than
once (@sbearrows, #202)
* Allow cpp11 decorators of the form `cpp11::linking_to` (@sbearrows,
#193)
* Removed internal instances of `cpp11::stop()` and replaced with C++
exceptions (@sbearrows, #203)
* Names of named lists are now resized along with the list elements
(@sbearrows, #206)
I did a bulk build and identified 5 packages that would break (apisprout, caddy,
go-staticcheck, gvproxy and restish) and fixed them.
Please email tech-pkg@ if you find other breakage!
(NetBSD)/sparc64 systems fail to build libunwind 13.0.1,
and libunwind is depended on here unless rust-llvm is turned
on. The latter succeeds, though. So default to using
rust-llvm on NetBSD/sparc64.
Ref. PR#56791
14 Apr 2022, PHP 7.4.29
- Core:
. No source changes to this release.
Version number added for reproduction of Windows builds.
- Date:
. Updated to latest IANA timezone database (2022a). (Derick)
2022-04-11
New Features
* improve associated item completion in trait impls.
Fixes
* (first contribution) complete pattern args based on type name
* show error message when flycheck fails.
* attempt to heuristically resolve paths in const arguments in IDE layer.
* make extract_module more lazy.
* show path to be created in the unresolved-module fix label.
* skip match check on patterns of unexpected TyKind::FnDef.
* use correct text ranges in SearchScope for macro-emitted inline modules.
* fix path qualifiers not resolving generic type params when shadowed by trait.
* fix panics with #[cfg]’d-out `self parameter.
* fix spurious type mismatch error for const generics with value parameters.
* flyimport: omit types when completing where-clause
* ignore Drop and Destruct bounds for now.
* check whether a parameter can be converted to a local.
* don’t create hir::Locals from const path patterns.
* parse for<'a> closure syntax.
Internal Improvements
* wrap macros in expr position in MacroExpr node.
* remove hir_expand macro recursion check.
* add more doc-link tests.
* remove FnFlags::IS_IN_EXTERN_BLOCK.
* use bitflags for FnFlags.
* add and start using HirFormatter::write_{str,char}.
* move function unsafety determination out of the ItemTree.
Import from wip/ats2 by Atsushi Toyokura, Mateusz Poszwa.
ATS is a statically typed programming language that unifies
implementation with formal specification. It is equipped with
a highly expressive type system rooted in the framework Applied
Type System, which gives the language its name. In particular,
both dependent types and linear types are available in ATS.
In addition, ATS contains a subsystem ATS/LF that supports a form
of (interactive) theorem-proving, where proofs are constructed as
total functions. With this subsystem, ATS is able to advocate a
programmer-centric approach to program verification that combines
programming with theorem-proving in a syntactically intertwined
manner. Furthermore, ATS/LF can also serve as a logical framework
(LF) for encoding various formal systems (such as logic systems
and type systems) together with proofs of their (meta-)properties.
This minor release includes three security fixes following the security policy:
- encoding/pem: fix stack overflow in Decode
A large (more than 5 MB) PEM input can cause a stack overflow in Decode,
leading the program to crash.
Thanks to Juho Nurminen of Mattermost who reported the error.
This is CVE-2022-24675 and https://go.dev/issue/51853.
- crypto/elliptic: tolerate all oversized scalars in generic P-256
A crafted scalar input longer than 32 bytes can cause P256().ScalarMult or
P256().ScalarBaseMult to panic. Indirect uses through crypto/ecdsa and
crypto/tls are unaffected. amd64, arm64, ppc64le, and s390x are unaffected.
This was discovered thanks to a Project Wycheproof test vector.
This is CVE-2022-28327 and https://go.dev/issue/52075.
- crypto/x509: non-compliant certificates can cause a panic in Verify on macOS in Go 1.18
Verifying certificate chains containing certificates which are not compliant
with RFC 5280 causes Certificate.Verify to panic on macOS.
These chains can be delivered through TLS and can cause a crypto/tls or
net/http client to crash.
Thanks to Tailscale for doing weird things and finding this.
This is CVE-2022-27536 and https://go.dev/issue/51759.
This minor release includes three security fixes following the security policy:
- encoding/pem: fix stack overflow in Decode
A large (more than 5 MB) PEM input can cause a stack overflow in Decode,
leading the program to crash.
Thanks to Juho Nurminen of Mattermost who reported the error.
This is CVE-2022-24675 and https://go.dev/issue/51853.
- crypto/elliptic: tolerate all oversized scalars in generic P-256
A crafted scalar input longer than 32 bytes can cause P256().ScalarMult or
P256().ScalarBaseMult to panic. Indirect uses through crypto/ecdsa and
crypto/tls are unaffected. amd64, arm64, ppc64le, and s390x are unaffected.
This was discovered thanks to a Project Wycheproof test vector.
This is CVE-2022-28327 and https://go.dev/issue/52075.
- crypto/x509: non-compliant certificates can cause a panic in Verify on macOS in Go 1.18
Verifying certificate chains containing certificates which are not compliant
with RFC 5280 causes Certificate.Verify to panic on macOS.
These chains can be delivered through TLS and can cause a crypto/tls or
net/http client to crash.
Thanks to Tailscale for doing weird things and finding this.
This is CVE-2022-27536 and https://go.dev/issue/51759.
Ruby 3.1.2 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2022-28738: Double free in Regexp compilation
* CVE-2022-28739: Buffer overrun in String-to-Float conversion
See the commit logs for further details.
Ruby 3.0.4 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2022-28738: Double free in Regexp compilation
* CVE-2022-28739: Buffer overrun in String-to-Float conversion
See the commit logs for further details.
Ruby 2.7.6 has been released.
This release includes a security fix. Please check the topics below for
details.
CVE-2022-28739: Buffer overrun in String-to-Float conversion
This release also includes some bug fixes. See the commit logs for further
details.
After thies release, we end the normal maintenance phase of Ruby 2.7, and
Ruby 2.7 enters the security maintenance phase. This means that we will no
longer backport any bug fixes to Ruby 2.7 excpet security fixes. Ther term
of the security maintenance pahse is scheduled for a year. Ruby 2.7 reaches
EOL and its official support ends by the end of the security maintenance
phase. Therefore, we recommend that you start to plan upgrade to Ruby 3.0
or 3.1.
Here is release announce:
Ruby 2.6.10 has been released.
This release includes a security fix. Please check the topics below for
details.
CVE-2022-28739: Buffer overrun in String-to-Float conversion
This release also includes a fix of a build problem with very old compilers
and a fix of a regression of date library. See the commit logs for further
details.
After this release, Ruby 2.6 reaches EOL. In other words, this is expected
to be the last release of Ruby 2.6 series. We will not release Ruby 2.6.11
even if a security vulnerability is found (but ocould release if a severe
regression is found). We recommend all Ruby 2.6 users to start migration to
Ruby 3.1, 3.0, or 2.7 immediately.
Version 12.22.12 'Erbium' (LTS)
This is planned to be the final Node.js 12 release. Node.js 12 will
reach End-of-Life status on 30 April 2022, after which it will no
receive updates. You are strongly advised to migrate your applications
to Node.js 16 or 14 (both of which are Long Term Support (LTS) releases)
to continue to receive future security updates beyond 30 April 2022.
This release fixes a shutdown crash in Node-API (formerly N-API) and a
potential stack overflow when using `vm.runInNewContext()`.
The list of GPG keys used to sign releases and instructions on how to
fetch the keys for verifying binaries has been synchronized with the
main branch.
Version 12.22.11 'Erbium' (LTS)
Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
* Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates (High)(CVE-2022-0778)
More details are available at <https://www.openssl.org/news/secadv/20220315.txt>
Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to
run CI tests.
setuptools must still be in TOOL_DEPENDS because we run it during the
build; for pkg_resources it must _also_ be in DEPENDS because the
built package needs it to run.
(https://rakudo.org/post/announce-rakudo-release-2022.03)
New in 2022.03:
* Deprecations:
* Additions:
+ Expose the .file and .line methods on Label objects [028828ac]
+ Allow Date / DateTime day parameter to be a Callable / Whatever
allowing e.g. Date.new(2022,3,*) for the last date in March 2022. (#
4808) [37756433]
+ Make sure tools/install-dist.p6 is also available as .raku [6ddf7529]
* Removals:
* Changes:
+ Make error on Date.later(:hour|minute|second) more awesome [7f00f798]
+ Give .chomp the possibility to specify a needle (#4739) [cccc3e8c]
+ Improve error message for invalid arguments passed to traits [eb151d53]
+ Test should work with any default version of the language [9425d0fa]
* Fixes:
+ Un =my= X::Comp::Group [74cca333]
+ Turn junctions into value objects [cc3ed94b]
+ Fix a bug with gist over Junction keys [df09bef0]
+ Fix classification and categorization over junctions [c50f51f9]
+ Fix typo'd missing : in .nominal_type signature (#4788) [59dcca66]
+ Decrement # of calls in a block if any are optimized away [4d19c236]
+ Fix [native array .repeated / .unique] issues on JVM backend [b46fed9c]
+ Fix IO::Path.parent [4ef9426f][e53716aa]
+ Fix multi-method candidates lost when 6.e role is applied [6b58cc03]
+ Workaround for cases where .ACCEPTS may return non-Raku object
[f1f5d5cd]
+ Fix issue with native array.splice [blin] [63830142]
+ Fix issue with Net::Curl [blin] [6d04cc39]
+ Make DateTime.new(Allomorph:D) work [60603bac]
+ Restore given / when optimization for Numeric cases [986b1df4]
+ Fix/test Pod::To::Text rendering of =defn elements (#4803) [ca2d1d6c]
+ Remove erroneous early exit from install-dist.raku [edb8a200]
+ Fix resources of the parent repo not found when using Staging
[07d580bc]
* Internal:
+ Optimize more cases of p6decontrv ops (#4793) [2ed88523]
+ Use new native unsigned integer NQP ops where applicable [ceaa38fc]
[4d61a582][28a734d1][548c2550][167c2394][72b9e1c2][e000840d][88386a09]
[3e89b30a][96cbc2be][f807186e][de9eeeb2][a71ec345][7c5595e2][a965cdcb]
[771655b0][5c8a2cf7]
+ Generate the SignedBlob/UnsignedBlob roles [65507b89][7870b446]
[4677dcb7] [fb25bd4e]
+ Use --/++$i instead of $i = nqp::add/sub_i($i,1) for readability, as
this is no longer needed for performance [5caf7aaf][648d02a1][0fac2da8]
[db277ae2][11494f98][e06e32ef][2dfc69e2][3b64a627][81099326][a6019d51]
[2bf84660][c92b44ec][af7c1c32][8077ebd3][6513988b][b79e9ba5][802a4737]
[8529cc97][a236d438][08dcab8d][c1345c57][c7231cd7][bd722aba][473e903a]
[f8e69321]
+ Streamline the Blob/Buf generated code a bit [6a21196c][6230645a]
+ Generate the sorting logic for native arrays [64c7dfa1]
+ Make Complex multiplication factor constant [7bc572e7]
+ Streamline Complex -> Real coercion [e3b836a5]
+ Simplify creating a Complex object [967a130f]
+ Enable num->str coercion in native.repeated/unique [979cc607]
+ Remove unneeded/confusing can('prec') checks [232a55b9]
+ Remove some unnecessary trys (#4773) [0949d67c]
+ Stop telling users to avoid mimalloc [200579f7]
+ CURS simplifications (use TWEAK over BUILD, remove .name) [3f10f7da]
* Modules and Pragmata
** Updated Modules and Pragmata
B::Deparse has been upgraded from version 1.56 to 1.57.
Encode has been upgraded from version 3.08 to 3.08_01.
GDBM_File has been upgraded from version 1.19 to 1.19_01.
Module::CoreList has been upgraded from version 5.20210520 to 5.20220313.
perl5db.pl has been upgraded from version 1.60 to 1.60_01.
* Testing
Tests were added and changed to reflect the other additions and changes in this
release.
* Selected Bug Fixes
B::Deparse now correctly handles try/catch blocks with more complex scopes.
0.942:
Fixes to Regressions
Let overload item have a more general return type than the implementation
Fix inheritance false positives with dataclasses/attrs
Support overriding dunder attributes in Enum subclass
Fix small conditional overload regression
Other Fixes
Fix issues related to the order of processing in the builtins import cycle
Fix crash in match statement if class name is undefined
Allow non-final __match_args__ and overriding
Vala 0.56.0
===========
* Various improvements and bug fixes:
- codegen: Drop confusing warning when accessing interface members
* Bindings:
- Add webkit2gtk-4.1 bindings
- glib-2.0: Fix memory management of TestSuite.add*/get_root() with 2.70 [#1295]
- libarchive: Fix a few binding errors
- SDL2_ttf: Fix a few binding errors
- tiff: Fix a few binding errors
Vala 0.55.91
============
* Various improvements and bug fixes:
- girparser:
+ Handle duplicated and unnamed symbols
+ Add support for "copy_/free_function" metadata for compact classes
+ Don't count instance-parameter when checking for backwards closure
reference [#721]
* Bindings:
- gst-editing-services-1.0: Fix BaseEffect.set_time_translation_funcs()
- gstreamer-audio-1.0: Fix a few binding errors
- gstreamer-base-1.0: Fix a few binding errors
- gstreamer-video-1.0: Fix a few binding errors
- gtk4: Fix content_deserialize_async()
- libarchive: Fix a few binding errors
- libgsf-1: Fix a few binding errors
- libgrss: Fix FeedItem.get_geo_point() parameters
Vala 0.55.90
============
* Various improvements and bug fixes:
- codegen:
+ Emit G_DEFINE_AUTOPTR_CLEANUP_FUNC() for interfaces with base class [#1292]
+ Emit G_DEFINE_AUTO_CLEANUP_CLEAR_FUNC() for structs [#1293]
+ Default to "has_type_id = false" for external error-domains
+ Emit GType definition for error domains [#699]
- vala:
+ Catch and throw possible inner error of lock statements [#83]
+ Keep error-code symbol reference in callable expression context
+ Allow delegate without target to be used as constant type
- girparser: Pick up type_id of error domains
* Bindings:
- glib-2.0: Update 2.70/72 symbols
- gstreamer: Update from 1.21.0+ git main
- vapi: Update GIR-based bindings
Vala 0.55.3
===========
* Highlights:
- Allow usage of dynamic on VarType [#187]
* Various improvements and bug fixes:
- codegen: Use correct target/destroy of delegate field initializer [#1285]
- codegen: Stop generating wrappers for dynamic property access
- gtkmodule: Improve UI parsing and handling of nested objects and properties
- vala:
+ Add missing TraverseVisitor.visit_data_type()
+ Improve check of generic type references in static contexts [#1284]
+ Make sure to drop our "trap" jump target in case of an error [#1287]
+ Move dynamic property errors to semantic analyzer pass
+ Free empty stack list for code contexts
+ Clear SemanticAnalyzer.current_{symbol,source_file} when not needed anymore
* Bindings:
- gio-2.0,glib-2.0,gobject-2.0: Update 2.72 symbols
- gstreamer: Update from 1.19.90+ git main
- gtk4: Specify sentinel for GtkAcessible methods
- gtk4: Update to 4.6.0+06ec4ec1
- vapi: Update GIR-based bindings
Vala 0.55.2
===========
* Highlights:
- Add support for async main and yield statements in main block [#1275]
- Add foreach statement support for GLib.Array and GLib.Sequence
* Various improvements and bug fixes:
- codegen:
+ Avoid symbol clashes with "va_*" from "stdarg.h"
+ Access of inline allocated array is guaranteed to be non null [#1282]
+ Don't uncoditionally null check callback_func for GLib.Closure [#1282]
+ Access of stack allocated struct is guaranteed to be non null [#1282]
+ Write array length of formal parameters with fixed length
- vala:
+ Require lvalue access of delegate target/destroy "fields" [#857]
+ Implement missing YieldStatement.accept()
+ Add support to infer return type of dynamic signals
+ Transform assignment of an array element as needed [#889] [#1258]
- parser: Reduce the source reference of main block method to its beginning
- parser: Improve handling of nullable VarType in with-statement
- manual: Update from wiki.gnome.org
* Bindings:
- glib-2.0,gio-2.0: Update 2.72 symbols
- gstreamer: Update from 1.19.3+ git master
- gtk4: Update to 4.6.0+a092986a
- glib-2.0: Fix criticals in string.joinv() with arrays that start with null
- vapi: Add linux-media bindings (linux/media.h)
- alsa: Add/fix *.alloca() functions
- posix: Add limits.h binding
- v4l2: Update V4l2.Capabilities and fix some inline arrays
Vala 0.55.1
===========
* Highlights:
- Add support for partial classes [#370]
- Add support for nested methods (local functions) [#1232]
- Add multi-line support to Vala.Report [#764]
- Support "emit" for explicit signal emission
- Add native support to specify non default length-type for arrays [#607]
* Various improvements and bug fixes:
- codegen:
+ Move some errors to semantic analyzer pass
+ Stop generating wrappers for dynamic signal connections
+ gdbus: Use g_dbus_method_invocation_take_error() as simplification
+ Initialize type parameter properties for generics earlier [#67]
+ Initialize "result" variable on declaration for abstract methods only
+ Use __once instead of __volatile in generated code
+ Generated SimpleType structs don't have a type id
- vala:
+ Add optional SourceReference parameter to DataType classes
+ Preserve the source reference when resolving data types
+ Set source references of created DataType instances in OCE
+ Set TypeParameter as symbol of GenericType
+ Add accessibility check of type for constants and structs base type
+ Don't allow casting to void [#1070]
+ Don't allow casting real structs to classes or simple-types [#1249]
+ Check accessibility of initializer for constant and enum value
+ Show source location when reporting deprecations
* Bindings:
- Add gnome-desktop-4, gnome-bg-4 and gnome-rr-4 bindings
- Add libsoup-3.0 binding
- Add webkit2gtk-5.0 bindings
- glib-2.0: Add Unicode 14.0 symbols
- glib-2.0: Update 2.72 symbols
- gstreamer: Update from 1.19.3+ git master
- gstreamer-1.0: Make Gst.Uri a sealed class
- gtk4: Update to 4.6.0+06e5da45
- webkit2gtk-*.0: Update to 2.35.1
- vapi: Update GIR-based bindings
Vala 0.54.6
===========
* Various improvements and bug fixes:
- codegen:
+ Allow boxing of non-external SimpleType structs [#1273]
+ Cast given default-value of struct with possible member initializer [#1272]
+ Clear existing length values when revisiting a slice expression [#1274]
- vala:
+ Allow unsafe assignment of integer to enum while reporting a notice
+ Non nullable enum types are simple types [#1268]
+ Correctly replace "in" expression in pre-/postconditions of method [#1269]
* Bindings:
- gio-2.0: Add custom MemoryOutputStream.with_*data() wrappers [#1271]
Vala 0.54.5
===========
* Various improvements and bug fixes:
- codegen:
+ Correctly handle chain up of struct creation methods [#1264]
+ Use a dedicated EmitContext for _variant_get*() functions
+ gtkmodule: Handle nested closure elements and bind them accordingly [#1262]
- vala:
+ NullLiteral is not a valid argument for string concatenation [#1260]
+ Set is_yield_expression in async context when chaining up to async base ctor
+ Report statement parsing error if it is not meant to be an expression [#1261]
+ girparser: Avoid possibily creating duplicated attributes
- vapigen.m4: use $PKG_CONFIG_SYSROOT_DIR
* Bindings:
- glib-2.0: Always use the actual C type for CCode.array_length_type
- gstreamer: Cherry-pick bindings fixes from 0.56
- gstreamer-1.0: Unskip the ElementFactory.make/create_full() symbols
Vala 0.54.4
===========
* Various improvements and bug fixes:
- codegen:
+ Use CCodeConstant for member access of constant symbol
+ Emit constants without initializer list in defines section [#440]
+ Add and use CCodeConstantIdentifier for accessing constants
+ Check required length of enum type name for GType support
+ Add missing check while overriding virtual async interface methods [#852]
+ Drop inconsistent space for ObjectType parameters
+ Accept CCode.type attribute on parameters [#876]
+ Fix CCodeUnaryExpression.write() for PREFIX_INCREMENT/PREFIX_DECREMENT
- vala:
+ Improve error message for invalid handler of dynamic signal
+ Using SignalHandler.disconnect() is required for dynamic signals
+ Check for unavailable value-type of variable initializer [#1253]
+ Add [Profile] as known attribute for methods
+ Report error on missing gio-2.0 package for async constructors
+ Fix signals with generic return
+ parser: Split out Parser.parse_switch_section_statement()
+ parser: Better handling of misplaced switch sections [#1246]
- genie:
+ Amend text of indent and dedent for error messages [#497]
+ Accept INTERR token before type arguments when parsing type [#1245]
+ Properly handle plain "get" or "set" property accessors [#1248]
+ "exception" is the expected string for TokenType.ERRORDOMAIN
+ Accept accessibility/async modifiers on "construct" creation methods [#1235]
- girparser: Accept "sealed" for transformed records and compact classes
- gtkmodule: Improve error message for invalid signal element in ui-file
- build: Add "test-update" which passed UPDATE_EXPECTED=1 to refresh c-expected
- tests: Rename colliding test cases to avoid conflicts
* Bindings:
- alsa: Add more API and fix a few things
- gnome-desktop-3.0: Some parameter fixes
- gstreamer: Cherry-pick bindings fixes from 0.56
- gstreamer-base-1.0: Some parameter fixes [#1255]
- gtk4: Update to 4.5.0~cd9b7307
- pango: Cherry-pick bindings fixes from 0.56
Vala 0.54.3
===========
* Various improvements and bug fixes:
- codegen: Actually free data when using "remove(_all)"
on GLib.Queue/(S)List [#1238]
- vala:
+ Parameter following ellipsis parameter is not allowed [#1237]
+ More thorough check of ValueType and set CodeNode.error on failure
+ Really check compatiblity of error types for delegate symbol
+ Correctly output signature of callable throwing error
+ Report error for non ErrorType in throws
+ Implement CodeWriter.visit_foreach_statement()/visit_catch_clause()
- parser: Make sure ErrorCodes are accessible as needed
- girparser: Add support for "ref_/ref_sink_/unref_function"
metadata for classes [#1233]
Vala 0.54.2
===========
* Various improvements and bug fixes:
- vala:
+ Multi-dimensional params-array not allowed [#1230]
+ Accept NullType as generic type argument
+ Set source references of created DataType instances in OCE
* Bindings:
- gio-2.0: Update to 2.71.0~a0d2efdc
- glib-2.0: Update 2.70 symbols
- gtk4: Update to 4.5.0~da5efea6
Vala 0.54.1
===========
* Regression and bug fixes:
- codegen:
+ Add type declaration for implicit temporary local variable
+ Sealed class in external package is not special [#1229]
* Bindings:
- gstreamer: Update from 1.19.0+ git master
- gtk4: Update to 4.5.0~3e20ecd6
Changes in 3.0.8 (since 3.0.7)
* Notable changes
** Cross-module inlining
Although historically Guile has treated modules as glorified hash
tables, most modules are actually _declarative_ -- they just define
functions and variables and provide them for other modules to use, and
don't manipulate modules as first-class objects. See "Declarative
Modules" in the manual, for more discussion.
Since version 3.0.0, Guile has taken advantage of declarative semantics
to allow a top-level definition to be inlined within its uses in the
same compilation unit, provided the binding is never assigned and
defined exactly once. Guile 3.0.8 extends this to allow some
exported declarative definitions to be inlined into other modules.
This facility is mostly transparent to the user and is enabled at the
default -O2 optimization level. "Small" definitions are available for
cross-module inlining (-Oinlinable-exports, included at -O2). The
actual inlining decision is performed by Guile's partial evaluation pass
(the -Ocross-module-inlining modifier to -Opeval, included at -O2 also),
subject to effort and size growth counters.
Note however that as with macros, when a definition changes in module A,
a separately compiled module B that uses that definition doesn't
automatically get recompiled. This is a limitation in Guile that we
would like to fix.
As another limitation, cross-module inlining is only available for
imports from modules which have already been compiled at -O2 (or
otherwise with -Oinlinable-exports).
When determining whether to enable this facility by default, we weighed
the usability problems of stale inlined bindings against the benefit of
allowing module boundaries to no longer be optimization boundaries, we
ended up on the "let's do it!" side of the equation. However we welcome
feedback from users as to what should be the default behavior, until
such a time as we have a proper notion of when a compiled file is stale
or not.
** Avoid the need for a custom GMP allocator
In Guile 3.0.6, we fixed a longstanding bug in Guile's use of the
library that Guile uses to implement bignums (large integers), GMP
(https://gmplib.org). See the Guile 3.0.6 release notes. However this
left us with a suboptimal Guile, in which each large integer had to have
a finalizer to free the memory allocated by GMP. Finalizers take time
and space, and so they limit allocation rate, causing bignum performance
to drop. Though you could set an environment variable to go back to the
older, faster behavior, it wasn't the default.
In Guile 3.0.8 we fix this problem comprehensively by avoiding embedding
GMP's mpz_t values in Guile bignums. Instead we embed the bignum digits
directly, avoiding the need for finalizers or custom allocators. This
removes the need for the GUILE_INSTALL_GMP_MEMORY_FUNCTIONS environment
variable mentioned in the Guile 3.0.6 release notes. We also deprecate
the scm_install_gmp_memory_functions variable.
* New interfaces and functionality
** Typed vector copy functions in (srfi srfi-4 gnu)
The functions `u8vector-copy' `s8vector-copy' `u16vector-copy'
`s16vector-copy' `u32vector-copy' `s32vector-copy' `u64vector-copy'
`s64vector-copy' `f32vector-copy' `f64vector-copy' `c32vector-copy'
`c64vector-copy' `u8vector-copy!' `s8vector-copy!' `u16vector-copy!'
`s16vector-copy!' `u32vector-copy!' `s32vector-copy!'
`u64vector-copy!' `s64vector-copy!' `f32vector-copy!'
`f64vector-copy!' `c32vector-copy!' `c64vector-copy!' have been
added. See SRFI-4 - Guile extensions" in the manual.
** New function srfi-4-vector-type-size in (srfi srfi-4 gnu)
See SRFI-4 - Guile extensions" in the manual.
** `bytevector-fill!' supports partial fill through optional arguments
This is an extension to the r6rs procedure. See "Manipulating
Bytevectors" in the manual.
** `vector-copy!' and `vector-copy' from (rnrs base) included in core
Compared to the previous versions, these accept range arguments. See
"Accessing and Modifying Vector Contents" in the manual.
** New function bitvector-copy
See "Bit vectors" in the manual.
** (system foreign) supports C99 complex types
The types `complex-float' and `complex-double' stand for C99 `float
_Complex' and `double _Complex` respectively.
* Other new optimizations
** Better optimization of "let" in right-hand-side of "letrec"
** Allow constant-folding for calls to "expt"
Thanks to Maxime Devos.
** Add ,optimize-cps REPL meta-command
This meta-command is like ,optimize, but at a lower level.
** Improve alias analysis in common subexpression elimination
** Avoid argument-count checks for well-typed calls to known procedures
This speeds up calls to lexically bound procedures.
** Avoid return-value-count checks for calls to known-return-arity procedures
This new optimization, enabled at -O2, speeds up returns from calls to
lexically bound procedures.
* Build system changes
** Update Gnulib (bugs.gnu.org/49930)
Update gnulib to 8f4538a53d64054ae2fc8b86c0f87c418c6176e6.
** Compile libguile with -flto if available
By default, if the compiler supports link-time optimization via the
-flto flag, Guile will add it to CFLAGS. This results in a libguile
that is approximately 15% smaller. Pass --disable-lto to configure to
inhibit this behavior.
** Trim set of prebuilt .go files shipped in the tarball
Guile includes built Scheme files in its tarball to speed up the build,
for casual builders that are less concerned with reproducibility.
However they took a lot of space and we have now trimmed these down to a
more minimal set. As always, you can remove them and build entirely
from source via a `make -C prebuilt clean`.
* New deprecations
** Vector functions require vector arguments
Passing arrays that are not vectors (arrays for which `(vector? array)'
returns false) to functions `vector-move-left!', `vector-move-right!',
`vector->list', and `vector-copy' is deprecated. Use `array-copy!',
`array-copy', and `array->list' for such arguments.
** `scm_from_contiguous_typed_array' is deprecated
This function was added during the Guile 2.x series and was not
documented and is no longer used in Guile itself.
** Deprecate the "simple vector" concept, `scm_is_simple_vector'
This concept meant to indicate "vectors which aren't array slices". Use
scm_is_vector.
** Deprecate internal contiguous array flag
We still reserve space for the flag to preserve ABI but it has no
effect. As such we also remove the internal SCM_I_ARRAY_CONTIGUOUS,
SCM_SET_ARRAY_CONTIGUOUS_FLAG, SCM_CLR_ARRAY_CONTIGUOUS_FLAG,
SCM_I_ARRAY_CONTP preprocessor interfaces, as they were internal and
there is no longer a sensible way of using them.
** Deprecate symbol properties
Symbols used to have a "function slot" and a "property slot", inherited
from Emacs Lisp and early Lisps, which one would access with
'symbol-pref', 'symbol-fref', 'symbol-pset!', and 'symbol-fset!'. These
procedures have been discouraged in favor of object properties; they are
now deprecated. This saves a few words of memory per symbol.
* Bug fixes
** Fix compilation of (ash x N), where N is a literal, at -O1 and below
** Texinfo and XML parsers are now thread-safe (bugs.gnu.org/51264)
** Fix `filename-completion-function' in (ice-9 readline)
** Fix trace-calls-to-procedure (bugs.gnu.org/43102, bugs.gnu.org/48412)
** Fix bug in nftw function (bugs.gnu.org/44182)
** Fix optimization bug in CSE in eq-constant? if both branches same
** Fix readline initialization with invalid keymaps
** Fix crash when reading #nil (bugs.gnu.org/49305)
** Fix read error when reading #{}}#.
** Fix Darwin host detection in foreign-library facility.
** Fix unification of (x ...) patterns in `match'
** Fix scaling floats with leading zeroes in `format'
** Improve support for r7rs-style `(srfi N)' and r6rs-style `(srfi :N)
module names (bugs.gnu.org/39601, bugs.gnu.org/40371)
** Add support for the ARC architecture (bugs.gnu.org/48816)
** Build fix for const strerror result (bugs.gnu.org/43987)
** Fix typos in SRFI documentation (bugs.gnu.org/50127)
** Fix bounds check in `recvfrom!' (bugs.gnu.org/45595)
** Add support for riscv32
** Limit `ash' to left-shift by 2^32 bits (bugs.gnu.org/48150)
** Fix type confusion in heap-numbers-equal? calls from VM
Version 14.19.1 'Fermium' (LTS)
This is a security release.
Notable Changes
Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778) More details are available at https://www.openssl.org/news/secadv/20220315.txt
This is the logic we have in gcc8. Replicate it to newer GCC packages.
Using pkgsrc zlib causes problems linking gcov(1) on at least Linux
and SunOS. It is not worth bend-over-backwards rpath-patching.
This fixes the PLIST for architectures that do not use OCaml's native
compiler; other architectures should not be affected.
Thanks to Havard Eidnes and Martin Husemann for reporting the error.
Python 3.10.4 final
Core and Builtins
bpo-46968: Check for the existence of the “sys/auxv.h” header in faulthandler to avoid compilation problems in systems where this header doesn’t exist. Patch by Pablo Galindo
Library
bpo-23691: Protect the re.finditer() iterator from re-entering.
bpo-42369: Fix thread safety of zipfile._SharedFile.tell() to avoid a “zipfile.BadZipFile: Bad CRC-32 for file” exception when reading a ZipFile from multiple threads.
bpo-38256: Fix binascii.crc32() when it is compiled to use zlib’c crc32 to work properly on inputs 4+GiB in length instead of returning the wrong result. The workaround prior to this was to always feed the function data in increments smaller than 4GiB or to just call the zlib module function.
bpo-39394: A warning about inline flags not at the start of the regular expression now contains the position of the flag.
bpo-47061: Deprecate the various modules listed by PEP 594:
aifc, asynchat, asyncore, audioop, cgi, cgitb, chunk, crypt, imghdr, msilib, nntplib, nis, ossaudiodev, pipes, smtpd, sndhdr, spwd, sunau, telnetlib, uu, xdrlib
bpo-2604: Fix bug where doctests using globals would fail when run multiple times.
bpo-45997: Fix asyncio.Semaphore re-aquiring FIFO order.
bpo-47022: The asynchat, asyncore and smtpd modules have been deprecated since at least Python 3.6. Their documentation and deprecation warnings and have now been updated to note they will removed in Python 3.12 (PEP 594).
bpo-46421: Fix a unittest issue where if the command was invoked as python -m unittest and the filename(s) began with a dot (.), a ValueError is returned.
bpo-40296: Fix supporting generic aliases in pydoc.
Python 3.9.12 final
Core and Builtins
bpo-46968: Check for the existence of the “sys/auxv.h” header in faulthandler to avoid compilation problems in systems where this header doesn’t exist. Patch by Pablo Galindo
Library
bpo-47101: hashlib.algorithms_available now lists only algorithms that are provided by activated crypto providers on OpenSSL 3.0. Legacy algorithms are not listed unless the legacy provider has been loaded into the default OSSL context.
bpo-23691: Protect the re.finditer() iterator from re-entering.
bpo-42369: Fix thread safety of zipfile._SharedFile.tell() to avoid a “zipfile.BadZipFile: Bad CRC-32 for file” exception when reading a ZipFile from multiple threads.
bpo-38256: Fix binascii.crc32() when it is compiled to use zlib’c crc32 to work properly on inputs 4+GiB in length instead of returning the wrong result. The workaround prior to this was to always feed the function data in increments smaller than 4GiB or to just call the zlib module function.
bpo-39394: A warning about inline flags not at the start of the regular expression now contains the position of the flag.
bpo-47061: Deprecate the various modules listed by PEP 594:
aifc, asynchat, asyncore, audioop, cgi, cgitb, chunk, crypt, imghdr, msilib, nntplib, nis, ossaudiodev, pipes, smtpd, sndhdr, spwd, sunau, telnetlib, uu, xdrlib
bpo-2604: Fix bug where doctests using globals would fail when run multiple times.
bpo-45997: Fix asyncio.Semaphore re-aquiring FIFO order.
bpo-47022: The asynchat, asyncore and smtpd modules have been deprecated since at least Python 3.6. Their documentation has now been updated to note they will removed in Python 3.12 (PEP 594).
bpo-46421: Fix a unittest issue where if the command was invoked as python -m unittest and the filename(s) began with a dot (.), a ValueError is returned.
bpo-40296: Fix supporting generic aliases in pydoc.
bpo-14156: argparse.FileType now supports an argument of ‘-’ in binary mode, returning the .buffer attribute of sys.stdin/sys.stdout as appropriate. Modes including ‘x’ and ‘a’ are treated equivalently to ‘w’ when argument is ‘-’. Patch contributed by Josh Rosenberg
Python 3.10.3 final
Core and Builtins
bpo-46940: Avoid overriding AttributeError metadata information for nested attribute access calls. Patch by Pablo Galindo.
bpo-46852: Rename the private undocumented float.__set_format__() method to float.__setformat__() to fix a typo introduced in Python 3.7. The method is only used by test_float. Patch by Victor Stinner.
bpo-46794: Bump up the libexpat version into 2.4.6
bpo-46820: Fix parsing a numeric literal immediately (without spaces) followed by “not in” keywords, like in 1not in x. Now the parser only emits a warning, not a syntax error.
bpo-46762: Fix an assert failure in debug builds when a ‘<’, ‘>’, or ‘=’ is the last character in an f-string that’s missing a closing right brace.
bpo-46724: Make sure that all backwards jumps use the JUMP_ABSOLUTE instruction, rather than JUMP_FORWARD with an argument of (2**32)+offset.
bpo-46732: Correct the docstring for the __bool__() method. Patch by Jelle Zijlstra.
bpo-46707: Avoid potential exponential backtracking when producing some syntax errors involving lots of brackets. Patch by Pablo Galindo.
bpo-40479: Add a missing call to va_end() in Modules/_hashopenssl.c.
bpo-46615: When iterating over sets internally in setobject.c, acquire strong references to the resulting items from the set. This prevents crashes in corner-cases of various set operations where the set gets mutated.
bpo-45773: Remove two invalid “peephole” optimizations from the bytecode compiler.
bpo-43721: Fix docstrings of getter, setter, and deleter to clarify that they create a new copy of the property.
bpo-46503: Fix an assert when parsing some invalid N escape sequences in f-strings.
bpo-46417: Fix a race condition on setting a type __bases__ attribute: the internal function add_subclass() now gets the PyTypeObject.tp_subclasses member after calling PyWeakref_NewRef() which can trigger a garbage collection which can indirectly modify PyTypeObject.tp_subclasses. Patch by Victor Stinner.
bpo-46383: Fix invalid signature of _zoneinfo’s module_free function to resolve a crash on wasm32-emscripten platform.
bpo-46070: Py_EndInterpreter() now explicitly untracks all objects currently tracked by the GC. Previously, if an object was used later by another interpreter, calling PyObject_GC_UnTrack() on the object crashed if the previous or the next object of the PyGC_Head structure became a dangling pointer. Patch by Victor Stinner.
bpo-46339: Fix a crash in the parser when retrieving the error text for multi-line f-strings expressions that do not start in the first line of the string. Patch by Pablo Galindo
bpo-46240: Correct the error message for unclosed parentheses when the tokenizer doesn’t reach the end of the source when the error is reported. Patch by Pablo Galindo
bpo-46091: Correctly calculate indentation levels for lines with whitespace character that are ended by line continuation characters. Patch by Pablo Galindo
Library
bpo-43253: Fix a crash when closing transports where the underlying socket handle is already invalid on the Proactor event loop.
bpo-47004: Apply bugfixes from importlib_metadata 4.11.3, including bugfix for EntryPoint.extras, which was returning match objects and not the extras strings.
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46968: faulthandler: On Linux 5.14 and newer, dynamically determine size of signal handler stack size CPython allocates using getauxval(AT_MINSIGSTKSZ). This changes allows for Python extension’s request to Linux kernel to use AMX_TILE instruction set on Sapphire Rapids Xeon processor to succeed, unblocking use of the ISA in frameworks.
bpo-46955: Expose asyncio.base_events.Server as asyncio.Server. Patch by Stefan Zabka.
bpo-23325: The signal module no longer assumes that SIG_IGN and SIG_DFL are small int singletons.
bpo-46932: Update bundled libexpat to 2.4.7
bpo-25707: Fixed a file leak in xml.etree.ElementTree.iterparse() when the iterator is not exhausted. Patch by Jacob Walls.
bpo-44886: Inherit asyncio proactor datagram transport from asyncio.DatagramTransport.
bpo-46827: Support UDP sockets in asyncio.loop.sock_connect() for selector-based event loops. Patch by Thomas Grainger.
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46252: Raise TypeError if ssl.SSLSocket is passed to transport-based APIs.
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-39327: shutil.rmtree() can now work with VirtualBox shared folders when running from the guest operating-system.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
bpo-46643: In typing.get_type_hints(), support evaluating stringified ParamSpecArgs and ParamSpecKwargs annotations. Patch by Gregory Beauregard.
bpo-45863: When the tarfile module creates a pax format archive, it will put an integer representation of timestamps in the ustar header (if possible) for the benefit of older unarchivers, in addition to the existing full-precision timestamps in the pax extended header.
bpo-46676: Make typing.ParamSpec args and kwargs equal to themselves. Patch by Gregory Beauregard.
bpo-46672: Fix NameError in asyncio.gather() when initial type check fails.
bpo-46655: In typing.get_type_hints(), support evaluating bare stringified TypeAlias annotations. Patch by Gregory Beauregard.
bpo-45948: Fixed a discrepancy in the C implementation of the xml.etree.ElementTree module. Now, instantiating an xml.etree.ElementTree.XMLParser with a target=None keyword provides a default xml.etree.ElementTree.TreeBuilder target as the Python implementation does.
bpo-46521: Fix a bug in the codeop module that was incorrectly identifying invalid code involving string quotes as valid code.
bpo-46581: Brings ParamSpec propagation for GenericAlias in line with Concatenate (and others).
bpo-46591: Make the IDLE doc URL on the About IDLE dialog clickable.
bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
bpo-46487: Add the get_write_buffer_limits method to asyncio.transports.WriteTransport and to the SSL transport.
bpo-45173: Note the configparser deprecations will be removed in Python 3.12.
bpo-46539: In typing.get_type_hints(), support evaluating stringified ClassVar and Final annotations inside Annotated. Patch by Gregory Beauregard.
bpo-46491: Allow typing.Annotated to wrap typing.Final and typing.ClassVar. Patch by Gregory Beauregard.
bpo-46436: Fix command-line option -d/--directory in module http.server which is ignored when combined with command-line option --cgi. Patch by Géry Ogam.
bpo-41403: Make mock.patch() raise a TypeError with a relevant error message on invalid arg. Previously it allowed a cryptic AttributeError to escape.
bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by limiting ambiguity in consecutive whitespace.
bpo-46469: asyncio generic classes now return types.GenericAlias in __class_getitem__ instead of the same class.
bpo-46434: pdb now gracefully handles help when __doc__ is missing, for example when run with pregenerated optimized .pyc files.
bpo-46333: The __eq__() and __hash__() methods of typing.ForwardRef now honor the module parameter of typing.ForwardRef. Forward references from different modules are now differentiated.
bpo-46246: Add missing __slots__ to importlib.metadata.DeprecatedList. Patch by Arie Bovenberg.
bpo-46266: Improve day constants in calendar.
Now all constants (MONDAY … SUNDAY) are documented, tested, and added to __all__.
bpo-46232: The ssl module now handles certificates with bit strings in DN correctly.
bpo-43118: Fix a bug in inspect.signature() that was causing it to fail on some subclasses of classes with a __text_signature__ referencing module globals. Patch by Weipeng Hong.
bpo-26552: Fixed case where failing asyncio.ensure_future() did not close the coroutine. Patch by Kumar Aditya.
bpo-21987: Fix an issue with tarfile.TarFile.getmember() getting a directory name with a trailing slash.
bpo-20392: Fix inconsistency with uppercase file extensions in MimeTypes.guess_type(). Patch by Kumar Aditya.
bpo-46080: Fix exception in argparse help text generation if a argparse.BooleanOptionalAction argument’s default is argparse.SUPPRESS and it has help specified. Patch by Felix Fontein.
bpo-44439: Fix .write() method of a member file in ZipFile, when the input data is an object that supports the buffer protocol, the file length may be wrong.
bpo-45703: When a namespace package is imported before another module from the same namespace is created/installed in a different sys.path location while the program is running, calling the importlib.invalidate_caches() function will now also guarantee the new module is noticed.
bpo-24959: Fix bug where unittest sometimes drops frames from tracebacks of exceptions raised in tests.
bpo-44791: Fix substitution of ParamSpec in Concatenate with different parameter expressions. Substitution with a list of types returns now a tuple of types. Substitution with Concatenate returns now a Concatenate with concatenated lists of arguments.
bpo-14156: argparse.FileType now supports an argument of ‘-’ in binary mode, returning the .buffer attribute of sys.stdin/sys.stdout as appropriate. Modes including ‘x’ and ‘a’ are treated equivalently to ‘w’ when argument is ‘-’. Patch contributed by Josh Rosenberg
Documentation
bpo-46463: Fixes escape4chm.py script used when building the CHM documentation file
Tests
bpo-46913: Fix test_faulthandler.test_sigfpe() if Python is built with undefined behavior sanitizer (UBSAN): disable UBSAN on the faulthandler_sigfpe() function. Patch by Victor Stinner.
bpo-46708: Prevent default asyncio event loop policy modification warning after test_asyncio execution.
bpo-46678: The function make_legacy_pyc in Lib/test/support/import_helper.py no longer fails when PYTHONPYCACHEPREFIX is set to a directory on a different device from where tempfiles are stored.
bpo-46616: Ensures test_importlib.test_windows cleans up registry keys after completion.
bpo-44359: test_ftplib now silently ignores socket errors to prevent logging unhandled threading exceptions. Patch by Victor Stinner.
bpo-46542: Fix a Python crash in test_lib2to3 when using Python built in debug mode: limit the recursion limit. Patch by Victor Stinner.
bpo-46576: test_peg_generator now disables compiler optimization when testing compilation of its own C extensions to significantly speed up the testing on non-debug builds of CPython.
bpo-46542: Fix test_json tests checking for RecursionError: modify these tests to use support.infinite_recursion(). Patch by Victor Stinner.
bpo-13886: Skip test_builtin PTY tests on non-ASCII characters if the readline module is loaded. The readline module changes input() behavior, but test_builtin is not intented to test the readline module. Patch by Victor Stinner.
Build
bpo-47032: Ensure Windows install builds fail correctly with a non-zero exit code when part of the build fails.
bpo-47024: Update OpenSSL to 1.1.1n for macOS installers and all Windows builds.
bpo-38472: Fix GCC detection in setup.py when cross-compiling. The C compiler is now run with LC_ALL=C. Previously, the detection failed with a German locale.
bpo-46513: configure no longer uses AC_C_CHAR_UNSIGNED macro and pyconfig.h no longer defines reserved symbol __CHAR_UNSIGNED__.
bpo-45925: Update Windows installer to use SQLite 3.37.2.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
bpo-46638: Ensures registry virtualization is consistently disabled. For 3.10 and earlier, it remains enabled (some registry writes are protected), while for 3.11 and later it is disabled (registry modifications affect all applications).
macOS
bpo-45925: Update macOS installer to SQLite 3.37.2.
IDLE
bpo-46630: Make query dialogs on Windows start with a cursor in the entry box.
bpo-45296: Clarify close, quit, and exit in IDLE. In the File menu, ‘Close’ and ‘Exit’ are now ‘Close Window’ (the current one) and ‘Exit’ is now ‘Exit IDLE’ (by closing all windows). In Shell, ‘quit()’ and ‘exit()’ mean ‘close Shell’. If there are no other windows, this also exits IDLE.
bpo-45447: Apply IDLE syntax highlighting to pyi files. Patch by Alex Waygood and Terry Jan Reedy.
C API
bpo-46433: The internal function _PyType_GetModuleByDef now correctly handles inheritance patterns involving static types.
bpo-14916: Fixed bug in the tokenizer that prevented PyRun_InteractiveOne from parsing from the provided FD.
Python 3.9.11 final
Core and Builtins
bpo-46852: Rename the private undocumented float.__set_format__() method to float.__setformat__() to fix a typo introduced in Python 3.7. The method is only used by test_float. Patch by Victor Stinner.
bpo-46794: Bump up the libexpat version into 2.4.6
bpo-46762: Fix an assert failure in debug builds when a ‘<’, ‘>’, or ‘=’ is the last character in an f-string that’s missing a closing right brace.
bpo-46732: Correct the docstring for the __bool__() method. Patch by Jelle Zijlstra.
bpo-40479: Add a missing call to va_end() in Modules/_hashopenssl.c.
bpo-46615: When iterating over sets internally in setobject.c, acquire strong references to the resulting items from the set. This prevents crashes in corner-cases of various set operations where the set gets mutated.
bpo-43721: Fix docstrings of getter, setter, and deleter to clarify that they create a new copy of the property.
bpo-46503: Fix an assert when parsing some invalid N escape sequences in f-strings.
bpo-46417: Fix a race condition on setting a type __bases__ attribute: the internal function add_subclass() now gets the PyTypeObject.tp_subclasses member after calling PyWeakref_NewRef() which can trigger a garbage collection which can indirectly modify PyTypeObject.tp_subclasses. Patch by Victor Stinner.
bpo-46383: Fix invalid signature of _zoneinfo’s module_free function to resolve a crash on wasm32-emscripten platform.
Library
bpo-43253: Fix a crash when closing transports where the underlying socket handle is already invalid on the Proactor event loop.
bpo-47004: Apply bugfixes from importlib_metadata 4.11.3, including bugfix for EntryPoint.extras, which was returning match objects and not the extras strings.
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46968: faulthandler: On Linux 5.14 and newer, dynamically determine size of signal handler stack size CPython allocates using getauxval(AT_MINSIGSTKSZ). This changes allows for Python extension’s request to Linux kernel to use AMX_TILE instruction set on Sapphire Rapids Xeon processor to succeed, unblocking use of the ISA in frameworks.
bpo-46955: Expose asyncio.base_events.Server as asyncio.Server. Patch by Stefan Zabka.
bpo-46932: Update bundled libexpat to 2.4.7
bpo-25707: Fixed a file leak in xml.etree.ElementTree.iterparse() when the iterator is not exhausted. Patch by Jacob Walls.
bpo-44886: Inherit asyncio proactor datagram transport from asyncio.DatagramTransport.
bpo-46827: Support UDP sockets in asyncio.loop.sock_connect() for selector-based event loops. Patch by Thomas Grainger.
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46252: Raise TypeError if ssl.SSLSocket is passed to transport-based APIs.
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-39327: shutil.rmtree() can now work with VirtualBox shared folders when running from the guest operating-system.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
bpo-45863: When the tarfile module creates a pax format archive, it will put an integer representation of timestamps in the ustar header (if possible) for the benefit of older unarchivers, in addition to the existing full-precision timestamps in the pax extended header.
bpo-46672: Fix NameError in asyncio.gather() when initial type check fails.
bpo-45948: Fixed a discrepancy in the C implementation of the xml.etree.ElementTree module. Now, instantiating an xml.etree.ElementTree.XMLParser with a target=None keyword provides a default xml.etree.ElementTree.TreeBuilder target as the Python implementation does.
bpo-46591: Make the IDLE doc URL on the About IDLE dialog clickable.
bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
bpo-46487: Add the get_write_buffer_limits method to asyncio.transports.WriteTransport and to the SSL transport.
bpo-46539: In typing.get_type_hints(), support evaluating stringified ClassVar and Final annotations inside Annotated. Patch by Gregory Beauregard.
bpo-46491: Allow typing.Annotated to wrap typing.Final and typing.ClassVar. Patch by Gregory Beauregard.
bpo-46436: Fix command-line option -d/--directory in module http.server which is ignored when combined with command-line option --cgi. Patch by Géry Ogam.
bpo-41403: Make mock.patch() raise a TypeError with a relevant error message on invalid arg. Previously it allowed a cryptic AttributeError to escape.
bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by limiting ambiguity in consecutive whitespace.
bpo-46469: asyncio generic classes now return types.GenericAlias in __class_getitem__ instead of the same class.
bpo-46434: pdb now gracefully handles help when __doc__ is missing, for example when run with pregenerated optimized .pyc files.
bpo-46333: The __eq__() and __hash__() methods of typing.ForwardRef now honor the module parameter of typing.ForwardRef. Forward references from different modules are now differentiated.
bpo-43118: Fix a bug in inspect.signature() that was causing it to fail on some subclasses of classes with a __text_signature__ referencing module globals. Patch by Weipeng Hong.
bpo-21987: Fix an issue with tarfile.TarFile.getmember() getting a directory name with a trailing slash.
bpo-20392: Fix inconsistency with uppercase file extensions in MimeTypes.guess_type(). Patch by Kumar Aditya.
bpo-46080: Fix exception in argparse help text generation if a argparse.BooleanOptionalAction argument’s default is argparse.SUPPRESS and it has help specified. Patch by Felix Fontein.
bpo-44439: Fix .write() method of a member file in ZipFile, when the input data is an object that supports the buffer protocol, the file length may be wrong.
bpo-45703: When a namespace package is imported before another module from the same namespace is created/installed in a different sys.path location while the program is running, calling the importlib.invalidate_caches() function will now also guarantee the new module is noticed.
bpo-24959: Fix bug where unittest sometimes drops frames from tracebacks of exceptions raised in tests.
Documentation
bpo-46463: Fixes escape4chm.py script used when building the CHM documentation file
Tests
bpo-46913: Fix test_faulthandler.test_sigfpe() if Python is built with undefined behavior sanitizer (UBSAN): disable UBSAN on the faulthandler_sigfpe() function. Patch by Victor Stinner.
bpo-46708: Prevent default asyncio event loop policy modification warning after test_asyncio execution.
bpo-46616: Ensures test_importlib.test_windows cleans up registry keys after completion.
bpo-44359: test_ftplib now silently ignores socket errors to prevent logging unhandled threading exceptions. Patch by Victor Stinner.
bpo-46542: Fix a Python crash in test_lib2to3 when using Python built in debug mode: limit the recursion limit. Patch by Victor Stinner.
bpo-46576: test_peg_generator now disables compiler optimization when testing compilation of its own C extensions to significantly speed up the testing on non-debug builds of CPython.
bpo-46542: Fix test_json tests checking for RecursionError: modify these tests to use support.infinite_recursion(). Patch by Victor Stinner.
bpo-13886: Skip test_builtin PTY tests on non-ASCII characters if the readline module is loaded. The readline module changes input() behavior, but test_builtin is not intented to test the readline module. Patch by Victor Stinner.
Build
bpo-47024: Update OpenSSL to 1.1.1n for macOS installers and all Windows builds.
bpo-38472: Fix GCC detection in setup.py when cross-compiling. The C compiler is now run with LC_ALL=C. Previously, the detection failed with a German locale.
bpo-46513: configure no longer uses AC_C_CHAR_UNSIGNED macro and pyconfig.h no longer defines reserved symbol __CHAR_UNSIGNED__.
bpo-45925: Update Windows installer to use SQLite 3.37.2.
bpo-47032: Ensure Windows install builds fail correctly with a non-zero exit code when part of the build fails.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
bpo-46638: Ensures registry virtualization is consistently disabled. For 3.10 and earlier, it remains enabled (some registry writes are protected), while for 3.11 and later it is disabled (registry modifications affect all applications).
macOS
bpo-45925: Update macOS installer to SQLite 3.37.2.
IDLE
bpo-46630: Make query dialogs on Windows start with a cursor in the entry box.
bpo-45296: Clarify close, quit, and exit in IDLE. In the File menu, ‘Close’ and ‘Exit’ are now ‘Close Window’ (the current one) and ‘Exit’ is now ‘Exit IDLE’ (by closing all windows). In Shell, ‘quit()’ and ‘exit()’ mean ‘close Shell’. If there are no other windows, this also exits IDLE.
bpo-45447: Apply IDLE syntax highlighting to pyi files. Patch by Alex Waygood and Terry Jan Reedy.
Python 3.8.13 final
Core and Builtins
bpo-46794: Bump up the libexpat version into 2.4.6
Library
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46932: Update bundled libexpat to 2.4.7
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid potential REDoS by limiting ambiguity in consecutive whitespace.
bpo-44849: Fix the os.set_inheritable() function on FreeBSD 14 for file descriptor opened with the O_PATH flag: ignore the EBADF error on ioctl(), fallback on the fcntl() implementation. Patch by Victor Stinner.
Documentation
bpo-41028: Language and version switchers, previously maintained in every cpython branches, are now handled by docsbuild-script.
Tests
bpo-45195: Fix test_readline.test_nonascii(): sometimes, the newline character is not written at the end, so don’t expect it in the output. Patch by Victor Stinner.
bpo-44949: Fix auto history tests of test_readline: sometimes, the newline character is not written at the end, so don’t expect it in the output.
Build
bpo-47024: Update Windows builds and macOS installer build to use OpenSSL 1.1.1n.
bpo-45405: Prevent internal configure error when running configure with recent versions of clang. Patch by David Bohman.
bpo-45220: Avoid building with the Windows 11 SDK previews automatically. This may be overridden by setting the DefaultWindowsSDKVersion environment variable before building.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
macOS
bpo-44828: Avoid tkinter file dialog failure on macOS 12 Monterey when using the Tk 8.6.11 provided by python.org macOS installers. Patch by Marc Culler of the Tk project.
Python 3.7.13 final
Library
bpo-46985: Upgrade pip wheel bundled with ensurepip (pip 22.0.4)
bpo-46932: Update bundled libexpat to 2.4.7
bpo-46811: Make test suite support Expat >=2.4.5
bpo-46784: Fix libexpat symbols collisions with user dynamically loaded or statically linked libexpat in embedded Python.
bpo-46756: Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI example.org/foobar was allowed if the user was authorized for URI example.org/foo.
Build
bpo-47024: Update Windows builds and macOS installer build to use OpenSSL 1.1.1n.
bpo-45405: Prevent internal configure error when running configure with recent versions of clang. Patch by David Bohman.
Windows
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900
bpo-46948: Prevent CVE-2022-26488 by ensuring the Add to PATH option in the Windows installer uses the correct path when being repaired.
Due to how close the freeze is, this will not be the default for the next
quarterly release.
There are lots of news, including support for Generics. Read the release
notes for details.
Disable symbol comparison, since it fails for a couple of people
and mef's bulk build.
Changes:
Enable support for utimes and futimesat.
more graphical code
chdir: fixing a malloc'ed buffer that was not large enough
0.940:
Miscellaneous New Features
Add support for conditionally defined overloads
Give "as" variables in with statements separate scopes when it is safe to do so
Add an optional error code ignore-without-code to require ignore comments to have error codes
Add support for typing.Never and typing_extensions.Never as alternative spellings of NoReturn
Add support for typing.reveal_type
Support universal2 macOS wheels
Add match_args support to attr.s()
Enum Improvements
Check Enum definition for invalid base classes
Understand the self-destructing nature of Enum._ignore_
Add StrEnum support for Python 3.11
Make enum values final
Improve final detection for Enum
Fix Enum final properties and writable special members
Enum now accepts String literals and final values as 2nd argument
Fix false positive about member name reuse in enum
Fix enum inheritance regression
Mypyc Fixes and Improvements
Use Py_TYPE and Py_IsNone
Implement additional internal consistency checks
Raise AttributeError also for non-refcounted types
Fix invalid unlikely() in certain rare branches
Skip no-op super calls to object.__init__()
Use latest pythoncapi_compat
Add helpful message to assert
Documentation Updates
Add documentations about Enum types
Update Enum documentation
Improve documentation of allow_redefinition
Fix intelligent indexing example
Explain generic Protocol[T1, T2, ...] shorthand
Clarify that stub-only packages need to be installed
Small documentation improvements for conditional overloads
Improved Error Messages
Improve the "Argument must be a mapping" error message
Coalesce Literals when printing unions
Suggest typing.Callable when using callable as type
Suggest typing.Any when using any as type
Add note about wrong error code in type: ignore
Add no-overload-impl error code
Display ellipsis when formatting variadic tuple[T, ...]
Deduplicate error codes for ignore-without-code
Tweak ignore-without-code error message
Mention common resolutions for build errors
Stubtest Improvements
Ignore more dunder positional-only errors
Fix wrong assumption about relative path
Catch more getattr errors
Error if module level dunder is missing, housekeeping
Ignore __main__ module
Error if a dunder method is missing from a stub
Error if a function is async at runtime but not in the stub
Do not error if a stub is async, but runtime is not
Error if a class should be decorated with @final
Use VERSIONS for submodules
Treat dicts as a subtype of typeddict
Ignore more exceptions in stubtest
Other Notable Fixes and Improvements
Fix non-default keyword-only argument positioning in stubgen
Remove orjson stubs from default list
Use __truediv__ for Python 2 with __future__ import
Fix Python 2 compatibility issue
Use type variable bound to infer constraints
Handle raise Exception(), None on Python 2.7
Fix inference of protocol against overloaded function
Fix an issubclass failure for protocols with overloaded methods
Fix crashes in class scoped imports
Fix use of TypeAlias from aliased imports
Delete open plugin
Read pyproject.toml with correct encoding on Windows
Fix issue with implicit type aliases in import cycles
Forbid extra ParamSpec arguments
Fix crash involving explicit any flag and Required
Fix join of Any against a union type
Simplify unions when erasing last known values
Fix crash with yield in comprehension
Fix handling of NoReturn in union return types
Fix __init__ in dataclasses inheriting from Any
Narrow NamedTuple to bool correctly when __bool__ is defined
Improve type of __attrs_attrs__ in attrs classes
Install dependencies needed for reports via pip install mypy[reports]
Consider import * to be an explicit re-export
Fix --no-implicit-reexport inconsistency
Fix crash if "_" is in builtins
Fixes crash on subclassing Annotated without args
0.9.1:
libcxx: fixed not building fs/filesystem when targeting Windows.
libcxx: fixed duplicate __muloti4 symbol.
Integration with --sysroot parameter
Integration with --entry parameter
Integration with --whole-archive, --no-whole-archive, --strip-all, and --strip-debug parameters.
Integration with --hash-style parameter.
Fixed a bug where passing a zig source file to zig cc would incorrectly punt to clang because it thought there were no positional arguments.
Integration with CUDA source files
Improved a warning message for some cases of using zig run -lc++.
Ignore -lgcc_s when it is redundant with compiler-rt.
Fixed Linux headers being named arm64 instead of aarch64
glibc: fixed passing of __GNU_MINOR__.
glibc: fixed compatibility with glibc <= 2.33 for global initializers
glibc: fixed MINSIGSTKSZ on glibcs older than 2.34
Release: 2022-03-14
New Features
* (first contribution) improve enum variant field completion, enum variant / struct consistency.
* (first contribution) highlight escape sequences in byte strings.
* BREAKING: switch to upstream inlay hints
* suggest union literals, suggest union fields within an empty union literal
* offer qualified path completions in derives.
* allow configuration of colons in inlay hints (rust-analyzer.inlayHints.renderColons).
Fixes
* (first contribution) add support for new where clause location in associated types.
* (first contribution) stop wrapping ConstParam default values in ConstArg.
* insert dummy values for const generics in subst.
* properly handle proc-macro crate types for nameres.
* fix extract_module on inherent impls.
* show what file paths were expected for unresolved modules.
* emit more detailed highlighting for %, >>, <<.
* detect NixOS when /etc/os-release includes quotes.
Internal Improvements
* add hir_def::MacroId, add Macro{Id} to ModuleDef{Id}.
* simplify CompletionContext.
* remove ide_completion::render::build_ext module.
* another round of clippy fixes.
NGINX JavaScript, also knows as njs, is a subset of the JavaScript
language that allows extending nginx functionality. njs is created
in compliance with ECMAScript 5.1 (strict mode) with some ECMAScript 6
and later extensions. It's easy to use njs command line utility to
develop and debug additional functionality. Also, it's light-weight
and very useful as a shebang in some cases as the nodejs substitutor.
Changes are in devel/ruby-activestorage70 only.
Rails 7.0.2.3 (March 08, 2022)
* Added image transformation validation via configurable allow-list.
Variant now offers a configurable allow-list for
transformation methods in addition to a configurable deny-list for arguments.
[CVE-2022-21831]
Ruby on Rails 6.1.4.7 is not latest version but it should be easy to pull-up
to pkgsrc-2021Q4.
Changes are in devel/ruby-activestorage61 only.
## Rails 6.1.4.7 (March 08, 2022) ##
* Added image transformation validation via configurable allow-list.
Variant now offers a configurable allow-list for
transformation methods in addition to a configurable deny-list for arguments.
[CVE-2022-21831]
Changes are in devel/ruby-activestorage60 only.
## Rails 6.0.4.7 (March 08, 2022) ##
* Added image transformation validation via configurable allow-list.
Variant now offers a configurable allow-list for
transformation methods in addition to a configurable deny-list for arguments.
[CVE-2022-21831]
Ruby on Rails 5.2.6.3 is not latest version but it should be easy to pull-up
to pkgsrc-2021Q4.
Changes are in devel/ruby-activestorage52 only.
Rails 5.2.6.3 (March 08, 2022)
* Added image transformation validation via configurable allow-list.
Variant now offers a configurable allow-list for
transformation methods in addition to a configurable deny-list for arguments.
[CVE-2022-21831]
New in 2022.02:
+ Deprecations:
+ Additions:
+ Add support for $RAKUDO_OPT environment variable [e82e6774]
+ Implement sub rotor [90a04ac0]
+ Introducing $*RAT-UPGRADE-CLASS (#4299) [f737b080]
+ Add Cool.Order "coercer" (#4473) [4b2fc66f]
+ Add CI job that runs a spectest instead of Rakudo tests [7ef7b6ed]
+ Add :slip named argument to roundrobin() [de605e84]
+ Add an Any(iterable).infer method (#4626) [4d263779]
+ Add ACCEPTS candidate for Junction to Bool [f21af28e]
+ Add missing checks for nulls [821195b2]
+ Add missing precedence info for some infix ops (#4725) [cd86606e]
+ Add .unique to native arrays [bc8c286f]
+ Add .repeated to native arrays [369093c8]
+ Add .squish to native arrays [284b5623]
+ Finally add in memoriam for David Adler [510c24ed]
+ Removals:
+ Remove uniprop-(int|str|bool) [cc5f17a0] [2b355dc4]
+ Remove check for nullness of descriptor [b2f0a9d2]
+ Remove some no longer needed CALL-MEs [25ca2064]
+ Remove RESTRICTED setting (#3965) [6a8fa2f4]
+ Remove two dummy parameters from (Fat)Rat coercer [6c765609]
+ Remove dead code from MoarVM and JVM extops [e912bf2e][1ba3fe04]
[421dd982][969ae326]
+ Changes:
+ Relax cross-language revision role-class boundaries [d493a051]
+ Get rid of trailing ] and } when dd-ing typed arrays/hashes [49608021]
+ Adapt to nqp::radix(_I)? now returning # chars converted [4a3753fb]
+ Disallow creating Uni with out-of-range codepoints [c56c578c][ef35db06]
+ Make Complex.new about 30x as fast [586f2f3c]
+ Get IO::Path!SET-SELF below inlining limit [4f3ff580][efdc1a9e]
+ $x ** ±Inf is sometimes 0 (#4226) [03065e29]
+ Make dd output consistent for arrays and hashes [59929f0a]
+ Call .perl(:arglist) for Capture's list elements [27ede8cb]
+ Make class A does B{ } error more awesome [535e0151]
+ Make .WHY on role group delegate to default role [8f989d1a][d3e74427]
[91e3c983]
+ Make set-env.sh script work on MacOS (#4704) [19696916]
+ Protect some typechecks with try [e3f22147][5f843222]
+ Make sure that subclasses of FatRat .raku correctly [d6e6afb0]
+ Make Rat.FatRat about 5x as fast [82afbbf0]
+ Rename Any.infer to Any.are [186bd0b0]
+ Bring Rational.floor/ceiling/round/Int below inlining limit [59ea71f7]
+ Reduce bytecode size of Array[TR].BIND-POS [daeb9915]
+ Make adverbless @a[iterable] about 2.5x as fast [30f1fba3]
+ Make adverbless @a[*] about 20% faster [8ac55c57]
+ Make the adverbless zen-slice (@a[]) a few percent faster [21829c33]
+ Make FatRat.Rat coercion about 6x as fast [2fe1bb85]
+ Bring down bytecode size of nativearray.splice helper [38648b4f]
+ Re-arrange Int.base a bit [4d78bc6a]
+ Make unsuccessful .first about 40% faster [ed99df18]
+ Extract failure creation into separate subs [7dc3add8]
+ Make Capture[n] (and thus $0, $1, ...) about 5x as fast [11c8f82a]
+ Implement smartmatch as a dispatcher [32401c47]
+ Set up nativeref types for unsigned integers [b70d1147]
+ Support primspec 10 for unsigned integers [b092cc6c]
+ Also check iscont_u when looking for native references [2509e183]
+ Support uints as their own argument kind in dispatch [c0fbd367]
+ Use unsigned ops when handling unsigned buffers [63b2b846]
+ New uint candidates for operators [4db92b18]
+ Switch to unsigned ops where appropriate [c38b6b42]
+ Unsigned versions of some iterators [56923c12]
+ uint versions of native arrays [1ef6001f]
+ Bring uint improvements to the JVM [27f3b719]
+ Introduce NYI as a sub (#4716) [94456edf]
+ Make Int.roll/pick act as (^Int).roll/pick on 6.e (#4695) [45090c91]
+ Make Int.roll/pick about 6x as fast in v6.e [6222a14c]
+ Make ^Int:D about 14x as fast [21ee1fa0]
+ Make creation of Int .. Int object about 14x as fast [8fbe6c0a]
+ Specify base of non base 10 invalid numbers (#4717) [522155d5]
+ Further improvements to smartmatch dispatcher [cd20a2bc][6148b75c]
[abfb9f86][2486960b]
+ Do some better job optimizing Junction on RHS [6f925ea2][eba72f4b]
[49955840]
+ Properly support uints in BUILDPLANs [a38bebec]
+ Don't assume "year" as unit [34455138]
+ Use proper unsigned ops for accessing multidim uint arrays [8777e923]
+ Use nqp::istype for nominalizable smartmatch [ef4abcc7]
+ Fixes:
+ Make ranges coerce LHS into a numeric if range boundaries are numeric
[7f73dcbd][dd5fabf9]
+ Many improvements to smartmatching and given/when [d0f2690f][7f1189fe]
[7554d733][80fbaadd][fedfd716][91ec1bbf][5855c1d5][6616440d][9f80771c]
[966e77fe][a1bb638f][ed85bad6][6b828fe6]
+ Fix Map ACCEPTS by collapsing explicit junctions [87621e1a]
+ [JVM] Mention routine in error for wrong arity [522e49a7]
+ Fix the behaviour of Pair ~~ Pair (#4671) [026c51a0]
+ Additional fixes and improvements of smartmatch optimizations [2a3f61ef]
+ Don't use MVM_free if we didn't use MVM_malloc [1b5c0b95]
+ Fix Nil warning in dd [a8498e8a]
+ Fix dd for nameless things [95d60623]
+ Fix potential race condition in Proc::Async start [8321ce10]
+ Test return constraints for role implementors (#3249) [56b57f61]
+ Use simpler code for correct `.length` suggestions test (#4703)
[9310799c]
+ Fix warning in Pod::To::Text signature processing (#3528) [36cee696]
+ Make sure rebuilds of native array will generate ok [21d988d1]
+ Make add_constant lookup setting symbols only [28b51238]
+ Make initialization of core dynamic variables threadsafe [768ebea7]
+ Fix is_array_type on roles [944debd3]
+ Fix writes to native arrays via [] returning arbitrary data [72ef4e4d]
+ Fix "This container does not reference a native unsigned integer"
[3823f88c]
+ Fix "This container does not reference a native integer" in Blob/Buf
[a64c2f55]
+ Fix CArray treating all native integers as signed [fee9e822]
+ Eliminate p6decontrv ops caused by *_u ops [e5b67c1d][b3a71fbc]
+ Fix custom-lib race (#4738) [dab9cd66]
+ Fix method put failing on junctions [e521c8e4]
+ Fix Attribute.(get|set)_value treating uints like str [382f2f10]
+ Add unsigned candidate of +^ (bitwise negation) prefix operator
[ffa09ff6]
+ Fix "Invalid ....BUILDALL plan: 24" error [118a0c3d]
+ Fix Attribute treating all native integers as signed [753c173e]
+ Fix optimizations of smartmatches over subsets [d6fb1919][b9d8aa49]
+ Fix "container does not reference a native integer" in UnsignedBlob.STORE
[14bacc24]
+ Fix "No registered operation handler for 'iseq_u'" [4e1a7721]
+ Fix NativeCall wrongly expecting signed integer for size_t rw args
[c92833f3]
+ Fix UInt where block trying to unbox a Scalar [26215f20]
+ Fix "container does not reference a native integer" with mixed int/uint
multidim array indexes [7cb21467]
+ Fix "container does not reference a native integer" in multi slice
[e4a4a92f]
+ Allow for using uint and int as indexes in native array slice assignment
[a35a7791]
+ Fix precomp file rename race condition [006a920c]
+ Fix X::Method::NotFound on my-classes [8edc6d88]
+ Internal:
+ Replace nqp::attrinited with a descriptor-based approach [425913dc]
[c3448773][13522362][71f8981b][c76c1e64][80f122d1][f96048c1][b6135861]
[bdb0cc23][c719eab8][cd585f9d][8f796f5b][28053bd2][43f4e8a5]
Packaged by gdt and myself in wip.
Compared to guile 2.2, this is a major release which implements a JIT
compiler. See NEWS in the sources for more details.
GUILE, GNU's Ubiquitous Intelligent Language for Extension, is a library
that implements the Scheme language plus various convenient facilities.
It's designed so that you can link it into an application or utility to
make it extensible. Our plan is to link this library into all GNU programs
that call for extensibility.
This is guile 3.0, the current stable version.
Re-import of lang/guile to avoid having an ancient version as the default.
GUILE, GNU's Ubiquitous Intelligent Language for Extension, is a library
that implements the Scheme language plus various convenient facilities.
It's designed so that you can link it into an application or utility to
make it extensible. Our plan is to link this library into all GNU programs
that call for extensibility.
This is an extremely old version of guile. It is installed into
guile/1.8 within PREFIX.
2022.03.07:
New Features
* support locals with multiple declaration sites
* parse destructuring assignments.
Fixes
* add another case to the syntax fixup code.
* preserve order of generic args.
* fix semantic highlighting breaking for lifetimes in macros.
* lower string literal values.
* show variadic args in hover function signature.
* add type variable table to InferenceTableSnapshot.
* fix macro-calls expanding to items in if/while conditions.
* recognize Self as a proper keyword.
* add abort to safe intrinsics list.
Internal Improvements
* build release binaries on Ubuntu 18.04.
* add currently failing test for 11242.
* slightly refactor TextEdit.
* refactor syntax_highlighting.
* bring back syntax highlighting in test data.
* re-arrange ide_db modules.
* automatically change text color in logo based on dark mode.
This minor release includes a security fix following the security policy:
regexp: stack exhaustion compiling deeply nested expressions
On 64-bit platforms, an extremely deeply nested expression can cause
regexp.Compile to cause goroutine stack exhaustion, forcing the program to
exit. Note this applies to very large expressions, on the order of 2MB.
Thanks to Juho Nurminen of Mattermost for reporting this.
This is CVE-2022-24921 and https://go.dev/issue/51112.
This minor release includes a security fix following the security policy:
regexp: stack exhaustion compiling deeply nested expressions
On 64-bit platforms, an extremely deeply nested expression can cause
regexp.Compile to cause goroutine stack exhaustion, forcing the program to
exit. Note this applies to very large expressions, on the order of 2MB.
Thanks to Juho Nurminen of Mattermost for reporting this.
This is CVE-2022-24921 and https://go.dev/issue/51112.
Changelog:
Version 1.6.4 released
08 February 2022 The Nim Team
The Nim team is happy to announce version 1.6.4, our second patch release for
Nim 1.6.
Version 1.6.4 is a result of a month and a half of hard work, and it contains
33 commits, fixing one major regression and bringing some general improvements
over 1.6.2.
The most important fix is for the C FFI regression introduced in 1.6.2.
We would recommend to all of our users to upgrade and use version 1.6.4.
Bugfixes
These reported issues were fixed:
* Fixed "Potential C FFI regression" (#19342)
* Fixed "re.split unexpected results with zero-width characters" (#14468)
* Fixed "Out-of-bounds in strformat" (#19107)
* Fixed "Adding an empty list to a non-empty list breaks the latter list" (
#19297)
* Fixed "Wrong result when using varargs with var arguments." (#16617)
* Fixed "Adding an empty DoublyLinkedList to a non-empty DoublyLinkedList
breaks the latter list" (#19314)
* Fixed "Silent FFI bug when passing array inside object using gc:orc" (#
19497)
* Enable compiler mode (--compile) for NetBSD at least.
Changelog:
Version 3.0.3 and 3.0.4
* Unavailable.
Version 3.0.1-4, January/February 2022
* Several bug fixes, reported for 3.0.0.
* Updates a68g.exe to GSL 2.7.1 and R mathlib 4.1.2.
Version 3.0.0, December 2021
* On platforms that support them: 64 bit INT/BITS and 128-bit LONG INT, LONG BITS and LONG REAL.
These platforms include amd64, x86_64 and i386 with GCC.
* More bindings for routines from the GNU Scientific Library.
* Adds a generalized incomplete gamma function.
* Builds with R mathlib bindings, if available.
* Fixes several minor bugs.
* Some NetBSD-specific patches are merged by upstream.
Changelog:
Updated BSD port of JDK 11
Additional features include:
Update to 11.0.14 GA
More fixes for LLVM/Clang 13
OpenBSD fixes
Improved NetBSD support
=========================
Duktape 2.7 release notes
=========================
Release overview
================
Main changes in this release (see RELEASES.rst for full details):
* Various fixes and portability improvements.
Upgrading from Duktape 2.6
==========================
No action (other than recompiling) should be needed for most users to upgrade
from Duktape v2.6.x.
=========================
Duktape 2.7 release notes
=========================
Release overview
================
Main changes in this release (see RELEASES.rst for full details):
* Various fixes and portability improvements.
Upgrading from Duktape 2.6
==========================
No action (other than recompiling) should be needed for most users to upgrade
from Duktape v2.6.x.
It's the variable that indicates if MKPIE is requested and feasible on the
platform. In fact I originally wrote a condition mentioning
${_PKGSRC_MKPIE}, but it somehow got lost while I was refactoring the code.
It's the variable that indicates if MKPIE is requested and feasible on the
platform. In fact I originally wrote a condition mentioning
${_PKGSRC_MKPIE}, but it somehow got lost while I was refactoring the code.
Dhall is an explicitly typed configuration language that is not Turing
complete. Despite being Turing incomplete, Dhall is a real programming
language with a type-checker and evaluator.
Use this library to parse, type-check, evaluate, and pretty-print the Dhall
configuration language. This package also includes an executable which
type-checks a Dhall file and reduces the file to a fully evaluated normal
form.
For some reason NetBSD does not append an OS version like pretty much all other
OS, and so installs of arch-specific extensions directories were broken due to
the triple containing a dash before the version and causing PLIST failures.
Introduce a new RUBY_EXTARCH variable that has a special-case for NetBSD, and
use it for GEM_EXTSBASE. Fixes many packages, but notably ruby31-base.
Packaged by adam and myself in wip.
LibCST parses Python 3.0 -> 3.11 source code as a CST tree that
keeps all formatting details (comments, whitespaces, parentheses,
etc). It's useful for building automated refactoring (codemod)
applications and linters.
LibCST creates a compromise between an Abstract Syntax Tree (AST)
and a traditional Concrete Syntax Tree (CST). By carefully reorganizing
and naming node types and fields, we've created a lossless CST that
looks and feels like an AST.
From release announce:
Ruby 3.1.1 Released
Posted by naruse on 18 Feb 2022
Ruby 3.1.1 has been released.
This is the first TEENY version release of the stable 3.1 series.
See the commit logs <https://github.com/ruby/ruby/compare/v3_1_0...v3_1_1> for details.
Version 14.19.0 'Fermium' (LTS)
Notable Changes
Corepack
Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development. In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default. Please head over to the Corepack documentation page for more information on how to use it.
ICU updated
ICU has been updated to 70.1. This updates timezone database to 2021a3, including bringing forward the start for DST for Jordan from March to February.
New option to disable loading of native addons
A new command line option --no-addons has been added to disallow loading of native addons.
Updated Root Certificates
Root certificates have been updated to those from Mozilla's Network Security Services 3.71.
0.0.2022.02.14
New Features
* fix up syntax errors in attribute macro inputs to make completion work more often
* render whether a function is async / const / unsafe in completion details
Fixes
* (first contribution) add missing experimental capabilities.
* (first contribution) use text range of a mod name after macro expansion when renaming a module.
* don’t change references to super when renaming a module.
* fix documentation of SsrParams.
Internal Improvements
* make ascend_call_token iterative instead of recursive.
* fix serialization of WorkspaceSymbolParams.
This update contains security fix for CVE-2022-23633 in ruby-actionpack61.
Active Support 6.1.4.6 (2022-02-11)
* Fix Reloader method signature to work with the new Executor signature.
Action Pack 6.1.4.5 (2022-02-11)
* Under certain circumstances, the middleware isn't informed that the
response body has been fully closed which result in request state
not being fully reset before the next request.
[CVE-2022-23633]
Other packages have no change.
This update contains security fix for CVE-2022-23633 in ruby-actionpack60.
Active Support 6.0.4.6 (2022-02-11)
* Fix Reloader method signature to work with the new Executor signature.
Action Pack 6.0.4.6
6.0.4.5 (2022-02-11)
* Under certain circumstances, the middleware isn't informed that the
response body has been fully closed which result in request state
not being fully reset before the next request.
[CVE-2022-23633]
Other packages have no change.
This update contains security fix for CVE-2022-23633 in
Active Support 5.2.6.2 (2022-02-11)
* Fix Reloader method signature to work with the new Executor signature.
Action Pack 5.2.6.2 (2022-02-11)
* Under certain circumstances, the middleware isn't informed that the
response body has been fully closed which result in request state
not being fully reset before the next request.
[CVE-2022-23633]
crypto/elliptic: fix IsOnCurve for big.Int values that are not valid coordinates
Some big.Int values that are not valid field elements (negative or overflowing)
might cause Curve.IsOnCurve to incorrectly return true. Operating on those values
may cause a panic or an invalid curve operation. Note that Unmarshal will never
return such values.
Thanks to Guido Vranken for reporting this.
This is CVE-2022-23806 and https://go.dev/issue/50974.
math/big: prevent large memory consumption in Rat.SetString
An attacker can cause unbounded memory growth in a program using (*Rat).SetString
due to an unhandled overflow.
Thanks to the OSS-Fuzz project for discovering this issue and to Emmanuel Odeke
(@odeke_et) for reporting it.
This is CVE-2022-23772 and Go issue https://go.dev/issue/50699.
cmd/go: prevent branches from materializing into versions
A branch whose name resembles a version tag (such as "v1.0.0" or "subdir/v2.0.0-dev")
can be considered a valid version by the go command. Materializing versions from
branches might be unexpected and bypass ACLs that limit the creation of tags but not
branches.
This is CVE-2022-23773 and Go issue https://go.dev/issue/35671.
crypto/elliptic: fix IsOnCurve for big.Int values that are not valid coordinates
Some big.Int values that are not valid field elements (negative or overflowing)
might cause Curve.IsOnCurve to incorrectly return true. Operating on those values
may cause a panic or an invalid curve operation. Note that Unmarshal will never
return such values.
Thanks to Guido Vranken for reporting this.
This is CVE-2022-23806 and https://go.dev/issue/50974.
math/big: prevent large memory consumption in Rat.SetString
An attacker can cause unbounded memory growth in a program using (*Rat).SetString
due to an unhandled overflow.
Thanks to the OSS-Fuzz project for discovering this issue and to Emmanuel Odeke
(@odeke_et) for reporting it.
This is CVE-2022-23772 and Go issue https://go.dev/issue/50699.
cmd/go: prevent branches from materializing into versions
A branch whose name resembles a version tag (such as "v1.0.0" or "subdir/v2.0.0-dev")
can be considered a valid version by the go command. Materializing versions from
branches might be unexpected and bypass ACLs that limit the creation of tags but not
branches.
This is CVE-2022-23773 and Go issue https://go.dev/issue/35671.
hslua-2.1.0 - Released 29-01-2022.
* Update to hslua-objectorientation 2.1.0. This entails changes to deftype'
and deftypeGeneric, switching the order of item pusher and list-extractor
function in the tuple passed as the last argument.
* Update to hslua-core 2.1.0, hslua-marshalling 2.1.0, and hslua-classes
2.1.0.
hslua-2.0.1 - Released 2021-11-04.
* Updated lower bounds of hslua packages:
hslua >= 2.0.0.2,
hslua-marshalling >= 2.0.1, and
hslua-objectorientation >= 2.0.1.
* This fixes a number of smaller issues; see the respective package
changelogs for details.
hslua-2.0.0 - Released 2021-10-21.
* Move module hierarchy from Foreign.Lua to HsLua.
* Error handling has been reworked completely. The type of exceptions used
and handled by HsLua is now exposed to the type system. The type Lua
makes use of a default error type. Custom error handling can be
implemented by using the LuaE type with an exception type that is an
instance of class LuaError.
* Renamed stack index helpers to nth, nthTop, nthBottom, top. The following
have been removed: stackTop, nthFromTop, nthFromBottom.
* Extracted raw Lua bindings into new package lua. This means that all
cabal flags have been moved to package lua as well. Version lua-1.0.0
contained the Foreign.Lua.Raw hierarchy as present in hslua-1.3.0. See
that package’s changelog for info on the additional modifications since
then.
* The module Foreign.Lua.Raw.Error was merged into the HsLua.Core.Error
module.
* The functions getglobal and gettable now return the Lua Type of the
pushed value.
* Extracted new packages:
* hslua-core: the package contains all modules from the Core sub-hierarchy.
* hslua-classes: typclasses Peekable and Pushable for pushing and
pulling, as well as function calling.
* tasty-hslua: makes testing helpers available for reuse.
* Moved run functions from Util to Core.Run.
* Moved module Utf8 from the base level into Core.
* Refactored code to expose Haskell functions to Lua:
* Removed functions newCFunction, freeCFunction. Use pushHaskellFunction
instead, it takes care of garbage collection.
* Renamed typeclass ToHaskellFunction to Exposable, function callFunc to
invoke. All these have been moved to hslua-classes.
* The type PreCFunction is now defined in package lua; HaskellFunction is
defined in hslua-core.
* Changed pushHaskellFunction to only accept HaskellFunction arguments,
move it to hslua-core.
* Removed helper functions addfunction and addfield from Module. Use
documented functions and fields instead.
* Added support for a “since” tag on documented functions; allows to mark
the library version when a function was introduced in its present form.
Utilities to package up Haskell functions and values into a Lua module.
This package is part of HsLua, a Haskell framework built around the
embeddable scripting language Lua.
Provides functions to marshal values from Haskell to Lua, and vice versa.
This package is part of HsLua, a Haskell framework built around the
embeddable scripting language Lua.
Starting with PHP 8.0, zts is enabled with --enable-zts, rather than
the older --enable-maintainer-zts. Addresses PR pkg/56681.
The actual pkgsrc option name should probably be adjusted, and the
current "maintainer-zts" moved to PKG_LEGACY_OPTIONS. I've left it for
another commit.
v1.4
Additions:
add guidance around the use of Py_FindMethod
Fixes:
Avoid compiler warning about unused function
Fix DESTDIR support in the Makefile
Various documentation warning fixes
which means 11.x and 12.x according to mk/platform/Darwin.mk. On 10.x
(i386 Snow Leopard Server, at least), no problem with the system gcc.
Adjust the scope of the workaround to match.
2022-01-24
11334: fix: don't panic in semantics due to `cfg_attr` disrupting
offsets
Reduces the panic in
https://github.com/rust-analyzer/rust-analyzer/issues/11298 to an
early return, that means we won't resolve these cases again for
now, but this is better than constantly panicking in highlighting
and hovering.
2022-01-17
11287: fix: rust-analyzer spamming overly error message when
workspace not being loaded
Fixes#10120
