Version 14.18.2 'Fermium' (LTS)
Notable changes
This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores 39780.
Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Python versions for building.
This release contains bug fixes plus a number of additional features. A
summary is below. See git for the full changelog.
Thanks to everyone who contributed to this release.
Bugs fixed in version 0.81
- info complete - return 0 if the script is missing an end quote
- sqlite3 - return integers as 64 bit values, not 32 bit
Features and improvements added in version 0.81
- New redis client extension
- expr - TIP 582 - support comments in expressions
- Many commands now accept “safe” integer expressions rather than simple
integers: loop, range, incr, string repeat, lrepeat, pack, unpack, rand
- string and list indexes now accept “safe” integer expressions
- loop can now omit the start value
- New xtrace command for execution trace support
- Add history keep
- Add support for lsearch -index and lsearch -stride, the latter per TIP 351
- lsort -index now supports multiple indices
- Add support for lsort -stride
- open now supports POSIX-style access arguments
- sdl extension now supports SDL2, and basic text support is added as well
as polling support
- ABI version checking is now available to allow dynamic modules to verify
they are loaded into a compatible interpreter
Possible incompatibilities in version 0.81
- If the --compat configure option is not set, expr now only allows a single
argument (per TIP 526)
Python 3.10.1 final
Release date: 2021-12-06
Core and Builtins
bpo-42268: Fail the configure step if the selected compiler doesn’t support memory sanitizer. Patch by Pablo Galindo
bpo-45727: Refine the custom syntax error that suggests that a comma may be missing to trigger only when the expressions are detected between parentheses or brackets. Patch by Pablo Galindo
bpo-45614: Fix traceback display for exceptions with invalid module name.
bpo-45848: Allow the parser to obtain error lines directly from encoded files. Patch by Pablo Galindo
bpo-45826: Fixed a crash when calling .with_traceback(None) on NameError. This occurs internally in unittest.TestCase.assertRaises().
bpo-45822: Fixed a bug in the parser that was causing it to not respect PEP 263 coding cookies when no flags are provided. Patch by Pablo Galindo
bpo-45820: Fix a segfault when the parser fails without reading any input. Patch by Pablo Galindo
bpo-42540: Fix crash when os.fork() is called with an active non-default memory allocator.
bpo-45738: Fix computation of error location for invalid continuation characters in the parser. Patch by Pablo Galindo.
bpo-45773: Fix a compiler hang when attempting to optimize certain jump patterns.
bpo-45716: Improve the SyntaxError message when using True, None or False as keywords in a function call. Patch by Pablo Galindo.
bpo-45688: sys.stdlib_module_names now contains the macOS-specific module _scproxy.
bpo-30570: Fixed a crash in issubclass() from infinite recursion when searching pathological __bases__ tuples.
bpo-45521: Fix a bug in the obmalloc radix tree code. On 64-bit machines, the bug causes the tree to hold 46-bits of virtual addresses, rather than the intended 48-bits.
bpo-45494: Fix parser crash when reporting errors involving invalid continuation characters. Patch by Pablo Galindo.
bpo-45408: Fix a crash in the parser when reporting tokenizer errors that occur at the same time unclosed parentheses are detected. Patch by Pablo Galindo.
bpo-45385: Fix reference leak from descr_check. Patch by Dong-hee Na.
bpo-45167: Fix deepcopying of types.GenericAlias objects.
bpo-44219: Release the GIL while performing isatty system calls on arbitrary file descriptors. In particular, this affects os.isatty(), os.device_encoding() and io.TextIOWrapper. By extension, io.open() in text mode is also affected. This change solves a deadlock in os.isatty(). Patch by Vincent Michel in bpo-44219.
bpo-44959: Added fallback to extension modules with ‘.sl’ suffix on HP-UX
bpo-44050: Extensions that indicate they use global state (by setting m_size to -1) can again be used in multiple interpreters. This reverts to behavior of Python 3.8.
bpo-45121: Fix issue where Protocol.__init__ raises RecursionError when it’s called directly or via super(). Patch provided by Yurii Karabas.
bpo-45083: When the interpreter renders an exception, its name now has a complete qualname. Previously only the class name was concatenated to the module name, which sometimes resulted in an incorrect full name being displayed.
(This issue impacted only the C code exception rendering, the traceback module was using qualname already).
bpo-45056: Compiler now removes trailing unused constants from co_consts.
Library
bpo-27946: Fix possible crash when getting an attribute of class:xml.etree.ElementTree.Element simultaneously with replacing the attrib dict.
bpo-37658: Fix issue when on certain conditions asyncio.wait_for() may allow a coroutine to complete successfully, but fail to return the result, potentially causing memory leaks or other issues.
bpo-44649: Handle dataclass(slots=True) with a field that has default a default value, but for which init=False.
bpo-45803: Added missing kw_only parameter to dataclasses.make_dataclass().
bpo-45831: faulthandler can now write ASCII-only strings (like filenames and function names) with a single write() syscall when dumping a traceback. It reduces the risk of getting an unreadable dump when two threads or two processes dump a traceback to the same file (like stderr) at the same time. Patch by Victor Stinner.
bpo-41735: Fix thread lock in zlib.Decompress.flush() method before PyObject_GetBuffer.
bpo-45235: Reverted an argparse bugfix that caused regression in the handling of default arguments for subparsers. This prevented leaf level arguments from taking precedence over root level arguments.
bpo-45765: In importlib.metadata, fix distribution discovery for an empty path.
bpo-45757: Fix bug where dis produced an incorrect oparg when EXTENDED_ARG is followed by an opcode that does not use its argument.
bpo-45644: In-place JSON file formatting using python3 -m json.tool infile infile now works correctly, previously it left the file empty. Patch by Chris Wesseling.
bpo-45679: Fix caching of multi-value typing.Literal. Literal[True, 2] is no longer equal to Literal[1, 2].
bpo-45664: Fix types.resolve_bases() and types.new_class() for types.GenericAlias instance as a base.
bpo-45663: Fix dataclasses.is_dataclass() for dataclasses which are subclasses of types.GenericAlias.
bpo-45662: Fix the repr of dataclasses.InitVar with a type alias to the built-in class, e.g. InitVar[list[int]].
bpo-45438: Fix typing.Signature string representation for generic builtin types.
bpo-45574: Fix warning about print_escape being unused.
bpo-45581: sqlite3.connect() now correctly raises MemoryError if the underlying SQLite API signals memory error. Patch by Erlend E. Aasland.
bpo-45557: pprint.pprint() now handles underscore_numbers correctly. Previously it was always setting it to False.
bpo-45515: Add references to zoneinfo in the datetime documentation, mostly replacing outdated references to dateutil.tz. Change by Paul Ganssle.
bpo-45475: Reverted optimization of iterating gzip.GzipFile, bz2.BZ2File, and lzma.LZMAFile (see bpo-43787) because it caused regression when user iterate them without having reference of them. Patch by Inada Naoki.
bpo-45428: Fix a regression in py_compile when reading filenames from standard input.
bpo-45467: Fix incremental decoder and stream reader in the “raw-unicode-escape” codec. Previously they failed if the escape sequence was split.
bpo-45461: Fix incremental decoder and stream reader in the “unicode-escape” codec. Previously they failed if the escape sequence was split.
bpo-45239: Fixed email.utils.parsedate_tz() crashing with UnboundLocalError on certain invalid input instead of returning None. Patch by Ben Hoyt.
bpo-45249: Fix the behaviour of traceback.print_exc() when displaying the caret when the end_offset in the exception is set to 0. Patch by Pablo Galindo
bpo-45416: Fix use of asyncio.Condition with explicit asyncio.Lock objects, which was a regression due to removal of explicit loop arguments. Patch by Joongi Kim.
bpo-45419: Correct interfaces on DegenerateFiles.Path.
bpo-44904: Fix bug in the doctest module that caused it to fail if a docstring included an example with a classmethod property. Patch by Alex Waygood.
bpo-45406: Make inspect.getmodule() catch FileNotFoundError raised by :’func:inspect.getabsfile, and return None to indicate that the module could not be determined.
bpo-45262: Prevent use-after-free in asyncio. Make sure the cached running loop holder gets cleared on dealloc to prevent use-after-free in get_running_loop
bpo-45386: Make xmlrpc.client more robust to C runtimes where the underlying C strftime function results in a ValueError when testing for year formatting options.
bpo-45371: Fix clang rpath issue in distutils. The UnixCCompiler now uses correct clang option to add a runtime library directory (rpath) to a shared library.
bpo-20028: Improve error message of csv.Dialect when initializing. Patch by Vajrasky Kok and Dong-hee Na.
bpo-45343: Update bundled pip to 21.2.4 and setuptools to 58.1.0
bpo-45329: Fix freed memory access in pyexpat.xmlparser when building it with an installed expat library <= 2.2.0.
bpo-41710: On Unix, if the sem_clockwait() function is available in the C library (glibc 2.30 and newer), the threading.Lock.acquire() method now uses the monotonic clock (time.CLOCK_MONOTONIC) for the timeout, rather than using the system clock (time.CLOCK_REALTIME), to not be affected by system clock changes. Patch by Victor Stinner.
bpo-45328: Fixed http.client.HTTPConnection to work properly in OSs that don’t support the TCP_NODELAY socket option.
bpo-1596321: Fix the threading._shutdown() function when the threading module was imported first from a thread different than the main thread: no longer log an error at Python exit.
bpo-45274: Fix a race condition in the Thread.join() method of the threading module. If the function is interrupted by a signal and the signal handler raises an exception, make sure that the thread remains in a consistent state to prevent a deadlock. Patch by Victor Stinner.
bpo-45238: Fix unittest.IsolatedAsyncioTestCase.debug(): it runs now asynchronous methods and callbacks.
bpo-36674: unittest.TestCase.debug() raises now a unittest.SkipTest if the class or the test method are decorated with the skipping decorator.
bpo-45235: Fix an issue where argparse would not preserve values in a provided namespace when using a subparser with defaults.
bpo-45183: Have zipimport.zipimporter.find_spec() not raise an exception when the underlying zip file has been deleted and the internal cache has been reset via invalidate_cache().
bpo-45234: Fixed a regression in copyfile(), copy(), copy2() raising FileNotFoundError when source is a directory, which should raise IsADirectoryError
bpo-45228: Fix stack buffer overflow in parsing J1939 network address.
bpo-45192: Fix the tempfile._infer_return_type function so that the dir argument of the tempfile functions accepts an object implementing the os.PathLike protocol.
Patch by Kyungmin Lee.
bpo-42135: Fix typo: importlib.find_loader is really slated for removal in Python 3.12 not 3.10, like the others in GH-25169.
Patch by Hugo van Kemenade.
bpo-45160: When tracing a tkinter variable used by a ttk OptionMenu, callbacks are no longer made twice.
bpo-35474: Calling mimetypes.guess_all_extensions() with strict=False no longer affects the result of the following call with strict=True. Also, mutating the returned list no longer affects the global state.
bpo-45166: typing.get_type_hints() now works with Final wrapped in ForwardRef.
bpo-20499: Improve the speed and accuracy of statistics.pvariance().
bpo-24444: Fixed an error raised in argparse help display when help for an option is set to 1+ blank spaces or when choices arg is an empty container.
bpo-45021: Fix a potential deadlock at shutdown of forked children when using concurrent.futures module
bpo-39039: tarfile.open raises ReadError when a zlib error occurs during file extraction.
bpo-44594: Fix an edge case of ExitStack and AsyncExitStack exception chaining. They will now match with block behavior when __context__ is explicitly set to None when the exception is in flight.
bpo-44295: Ensure deprecation warning from assertDictContainsSubset() points at calling code - by Anthony Sottile.
bpo-43498: Avoid a possible “RuntimeError: dictionary changed size during iteration” when adjusting the process count of ProcessPoolExecutor.
Documentation
bpo-45640: Properly marked-up grammar tokens in the documentation are now clickable and take you to the definition of a given piece of grammar. Patch by Arthur Milchior.
bpo-45788: Link doc for sys.prefix to sysconfig doc on installation paths.
bpo-45772: socket.socket documentation is corrected to a class from a function.
bpo-45392: Update the docstring of the type built-in to remove a redundant line and to mention keyword arguments for the constructor.
bpo-45726: Improve documentation for functools.singledispatch() and functools.singledispatchmethod.
bpo-45680: Amend the docs on GenericAlias objects to clarify that non-container classes can also implement __class_getitem__. Patch contributed by Alex Waygood.
bpo-45655: Add a new “relevant PEPs” section to the top of the documentation for the typing module. Patch by Alex Waygood.
bpo-45604: Add level argument to multiprocessing.log_to_stderr function docs.
bpo-45250: Update the documentation to note that CPython does not consistently require iterators to define __iter__.
bpo-45464: Mention in the documentation of Built-in Exceptions that inheriting from multiple exception types in a single subclass is not recommended due to possible memory layout incompatibility.
bpo-45449: Add note about PEP 585 in collections.abc.
bpo-45516: Add protocol description to the importlib.abc.Traversable documentation.
bpo-20692: Add Programming FAQ entry explaining that int literal attribute access requires either a space after or parentheses around the literal.
bpo-45216: Remove extra documentation listing methods in difflib. It was rendering twice in pydoc and was outdated in some places.
bpo-45024: collections.abc documentation has been expanded to explicitly cover how instance and subclass checks work, with additional doctest examples and an exhaustive list of ABCs which test membership purely by presence of the right special methods. Patch by Raymond Hettinger.
bpo-25381: In the extending chapter of the extending doc, update a paragraph about the global variables containing exception information.
bpo-43905: Expanded astuple() and asdict() docs, warning about deepcopy being applied and providing a workaround.
Tests
bpo-19460: Add new Test for email.mime.nonmultipart.MIMENonMultipart.
bpo-45835: Fix race condition in test_queue tests with multiple “feeder” threads.
bpo-45678: Add tests for scenarios in which functools.singledispatchmethod is stacked on top of a method that has already been wrapped by two other decorators. Patch by Alex Waygood.
bpo-45578: Add tests for dis.distb()
bpo-45678: Add tests to ensure that functools.singledispatchmethod correctly wraps the attributes of the target function.
bpo-45577: Add subtests for all pickle protocols in test_zoneinfo.
bpo-45566: Fix test_frozen_pickle in test_dataclasses to check all pickle versions.
bpo-43592: test.libregrtest now raises the soft resource limit for the maximum number of file descriptors when the default is too low for our test suite as was often the case on macOS.
bpo-39679: Add more test cases for @functools.singledispatchmethod when combined with @classmethod or @staticmethod.
bpo-45400: Fix test_name_error_suggestions_do_not_trigger_for_too_many_locals() of test_exceptions if a directory name contains “a1” (like “Python-3.11.0a1”): use a stricter regular expression. Patch by Victor Stinner.
bpo-40173: Fix test.support.import_helper.import_fresh_module().
bpo-45280: Add a test case for empty typing.NamedTuple.
bpo-45269: Cover case when invalid markers type is supplied to c_make_encoder.
bpo-45128: Fix test_multiprocessing_fork failure due to test_logging and sys.modules manipulation.
bpo-45209: Fix UserWarning: resource_tracker warning in _test_multiprocessing._TestSharedMemory.test_shared_memory_cleaned_after_process_termination
bpo-45195: Fix test_readline.test_nonascii(): sometimes, the newline character is not written at the end, so don’t expect it in the output. Patch by Victor Stinner.
bpo-45156: Fixes infinite loop on unittest.mock.seal() of mocks created by create_autospec().
bpo-45125: Improves pickling tests and docs of SharedMemory and SharableList objects.
bpo-44860: Update test_sysconfig.test_user_similar() for the posix_user scheme: platlib doesn’t use sys.platlibdir. Patch by Victor Stinner.
bpo-25130: Add calls of gc.collect() in tests to support PyPy.
Build
bpo-44035: CI now verifies that autoconf files have been regenerated with a current and unpatched autoconf package.
bpo-33393: Update config.guess to 2021-06-03 and config.sub to 2021-08-14. Makefile now has an update-config target to make updating more convenient.
bpo-45866: make regen-all now produces the same output when run from a directory other than the source tree: when building Python out of the source tree. pegen now strips directory of the “generated by pygen from <FILENAME>” header Patch by Victor Stinner.
bpo-41498: Python now compiles on platforms without sigset_t. Several functions in signal are not available when sigset_t is missing.
Based on patch by Roman Yurchak for pyodide.
bpo-45881: setup.py now uses CC from environment first to discover multiarch and cross compile paths.
bpo-43158: setup.py now uses values from configure script to build the _uuid extension module. Configure now detects util-linux’s libuuid, too.
bpo-45571: Modules/Setup now use PY_CFLAGS_NODIST instead of PY_CFLAGS to compile shared modules.
bpo-45561: Run smelly.py tool from $(srcdir).
bpo-45532: Update sys.version to use main as fallback information. Patch by Jeong YunWon.
bpo-45536: The configure script now checks whether OpenSSL headers and libraries provide required APIs. Most common APIs are verified. The check detects outdated or missing OpenSSL. Failures do not stop configure.
bpo-45221: Fixed regression in handling of LDFLAGS and CPPFLAGS options where argparse.parse_known_args() could interpret an option as one of the built-in command line argument, for example -h for help.
bpo-45405: Prevent internal configure error when running configure with recent versions of non-Apple clang. Patch by David Bohman.
bpo-45220: Avoid building with the Windows 11 SDK previews automatically. This may be overridden by setting the DefaultWindowsSDKVersion environment variable before building.
bpo-45067: The ncurses function extended_color_content was introduced in 2017
(https://invisible-island.net/ncurses/NEWS.html#index-t20170401). The
ncurses-devel package in CentOS 7 had a older version ncurses resulted in compilation error. For compiling ncurses with extended color support, we verify the version of the ncurses library >= 20170401.
Windows
bpo-45901: When installed through the Microsoft Store and set as the default app for *.py files, command line arguments will now be passed to Python when invoking a script without explicitly launching Python (that is, script.py args rather than python script.py args).
bpo-45616: Fix Python Launcher’s ability to distinguish between versions 3.1 and 3.10 when either one is explicitly requested. Previously, 3.1 would be used if 3.10 was requested but not installed, and 3.10 would be used if 3.1 was requested but 3.10 was installed.
bpo-45732: Updates bundled Tcl/Tk to 8.6.12.
bpo-45720: Internal reference to shlwapi.dll was dropped to help improve startup time. This DLL will no longer be loaded at the start of every Python process.
bpo-43652: Update Tcl/Tk to 8.6.11, actually this time. The previous update incorrectly included 8.6.10.
bpo-45337: venv now warns when the created environment may need to be accessed at a different path, due to redirections, links or junctions. It also now correctly installs or upgrades components when the alternate path is required.
macOS
bpo-45732: Update python.org macOS installer to use Tcl/Tk 8.6.12.
bpo-44828: Avoid tkinter file dialog failure on macOS 12 Monterey when using the Tk 8.6.11 provided by python.org macOS installers. Patch by Marc Culler of the Tk project.
bpo-34602: When building CPython on macOS with ./configure --with-undefined-behavior-sanitizer --with-pydebug, the stack size is now quadrupled to allow for the entire test suite to pass.
IDLE
bpo-45495: Add context keywords ‘case’ and ‘match’ to completions list.
bpo-45296: On Windows, change exit/quit message to suggest Ctrl-D, which works, instead of <Ctrl-Z Return>, which does not work in IDLE.
bpo-45193: Make completion boxes appear on Ubuntu again.
Tools/Demos
bpo-44786: Fix a warning in regular expression in the c-analyzer script.
C API
bpo-39026: Fix Python.h to build C extensions with Xcode: remove a relative include from Include/cpython/pystate.h.
bpo-45307: Restore the private C API function _PyImport_FindExtensionObject(). It will be removed in Python 3.11.
bpo-44687: BufferedReader.peek() no longer raises ValueError when the entire file has already been buffered.
bpo-44751: Remove crypt.h include from the public Python.h header.
go1.16.11 (released 2021-12-02) includes fixes to the compiler, runtime, and
the net/http, net/http/httptest, and time packages. See the Go 1.16.11
milestone on our issue tracker for details.
New in version 2.1.10
* incompatible change: simd-pack without a specific element-type
is no longer treated as containing integers. A type must be
supplied for VOPs to work on such values.
* minor incompatible change: the list form of the FUNCTION type
specifier does not allow * as any argument type, but does allow
* as a placeholder for wholly unspecified arguments when
specifying the value(s) type.
* minor incompatible change: the default (Lisp) toplevel option
parser throws an error if it encounters an option which was
intended to be used and removed by the C runtime. (#1945081,
reported by Luke Gorrie)
* new feature: there is now a defined interface for defining
foreign callable functions, which can be used for passing
callbacks to foreign functions or for calling Lisp code from the
foreign world as a shared library (preliminary support). See the
revised manual section "Calling into Lisp From C" for more
details.
* enhancement: arg-count mismatches in self-calls in defmethod are
reported. (#1912436, reported by 3b)
* enhancement: the SB-CLTL2 contrib now returns type information
for generated structure accessors. (#1934859, reported by SATO
shinichi)
* optimization: code generation is improved for modular arithmetic
involving signed operations.
* platform support:
* x86-64 machine code emitter crash when attempting to
assemble some vector instructions. (#1945975, thanks to
Marco Heisig)
* conditional move instructions are now supported on arm64.
* a number of new peephole optimizations have been implemented
on arm64.
* arm64 on Darwin now uses gcc-compatible thread-local storage.
* bug fix: compiler notes are no longer emitted when compiling
FORMATTER forms, including when implicitly triggered on a
constant string argument to FORMAT. (#1946246, reported by SATO
shinichi)
* bug fix: a compiler error when attempting to compile a call to
AREF with too many dimensions. (#1902985)
* bug fix: harmonize the behaviour of SLOT-BOUNDP on
non-standard-objects between the various ways in which it can be
called. (#732229, reported by Zach Beane)
* bug fix: FTRUNCATE and similar functions are now more careful
about deriving facts about the sign of zero they might
return. (#1732009, reported by Paul Dietz)
New in version 2.1.9
* minor incompatible change: the experimental DEFCAS macro has
been removed.
* minor incompatible change: finalizing classes with slots with
duplicate symbol-names will only emit a warning if either slot
name is an exported symbol. (#1943559)
* platform support:
* the debugger is better able to display SIMD packs. (thanks
to Marco Heisig)
* fix a bug in zeroing YMM registers. (thanks to Marco Heisig)
* fix instruction definitions for SSE blend and shuffle vector
instructions. (thanks to Marco Heisig)
* handle heap corruption exceptions in our exception handler
on win64.
* improve WAIT-UNTIL-FD-USABLE on Windows, reducing
busy-looping. (thanks to Fabio Almeida)
* bug fix: EQUALP hash tables whose keys contain arrays containing
floats should behave correctly. (#1942424, reported by Nicolas
Neuss)
New in version 2.1.8
* minor incompatible change: the experimental DEFINE-CAS-EXPANDER
macro has been removed.
* minor incompatible change: the hooks in *INIT-HOOKS* are called
before starting the finalizer or other non-user threads. (thanks
to Sean Whitton)
* platform support:
* many improvements to code generation on arm64.
* avoid slow forms of the bit test instructions BT, BTS, BTR on x86-64.
* fix a bug in loading large core files on the Apple
M1/arm64. (thanks to Mayank Manjrekar)
* fix a bug in loading core loading on the Apple
M1/arm64. (reported by Eric Timmons)
* enhancement: the block-compiler is more robust to files with
intermingled compile-time and load-time effects. The semantics
of the block-compiler remain not-entirely ANSI
compatible. (thanks to Sean Maher)
* enhancement: (CAS SAP-REF-<x>) and CAS on alien integers is
implemented on ppc64 and x86-64, working towards fixing #1894057
* bug fix: fix OPEN-STREAM-P on streams closed by saving a
core. (#1938433, reported by Guillaume LE VAILLANT)
* bug fix: remove a spurious warning from COERCE. (#1920931,
reported by Andrew Berkley)
* bug fix: remove a warning from inlining
SET-EXCLUSIVE-OR. (#1936470, reported by Jerome Abela)
This package installs the rust-src rust component, which contains
the source code to the rust-std library.
This package may be needed by other packages which depends on the
type definitions for that library.
PHP is a widely-used open source general-purpose scripting language
that is especially suited for web development and can be embedded
into HTML. It is modular, and object-oriented. Much of its syntax
is borrowed from C, Java and Perl with a couple of unique PHP-specific
features thrown in. The language is designed to allow web developers
to write dynamically generated pages quickly.
PHP 8.1 comes with numerous improvements and new features such as
* Enumerations
* Readonly properties
* Fibers
* Pure Intersection Types
* never return type
* First-class Callable Syntax
* "final" modifier for class constants
* New fsync and fdatasync functions
* New array_is_list function
* Explicit Octal numeral notation
* And much much more...
Ruby 3.0.3 Released
Posted by nagachika on 24 Nov 2021
Ruby 3.0.3 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41816: Buffer Overrun in CGI.escape_html
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
See the commit logs for details.
Ruby 2.7.5 Released
Posted by usa on 24 Nov 2021
Ruby 2.7.5 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41816: Buffer Overrun in CGI.escape_html
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
See the commit logs for details.
Ruby 2.6.9 Released
Posted by usa on 24 Nov 2021
Ruby 2.6.9 has been released.
This release includes security fixes. Please check the topics below for
details.
* CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date
Parsing Methods
* CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse See the commit
logs for details.
Ruby 2.6 is now under the state of the security maintenance phase, until the
end of March of 2022. After that date, maintenance of Ruby 2.6 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 3.0 or 2.7.
Tested on NetBSD-current and 9.1/amd64.
Also update packages tightly coupled to llvm, if new versions are
available.
Mark creduce, include-what-you-use, and zig broken (waiting for a
new release).
Changes:
Non-comprehensive list of changes in this release
Windows Control-flow Enforcement Technology: the -ehcontguard
option now emits valid unwind entrypoints which are validated
when the context is being set during exception handling.
Flang is now included in the binary packages released by LLVM.
The debuginfo-test project has been renamed cross-project-tests
and is now intended for testing components from multiple
projects, not just debug information. The new “cross-project-tests”
name replaces “debuginfo-test” in LLVM_ENABLE_PROJECTS, and a
new check-cross-project-tests target has been added for running
all tests in the project. The pre-existing check-debuginfo-
test target remains for running just the debug information
tests. (D95339 and D96513)
Changes to the LLVM IR
The inalloca attribute now has a mandatory type field, similar
to byval and sret.
The opaque pointer type ptr has been introduced. It is still
in the process of being worked on and should not be used yet.
Using the legacy pass manager for the optimization pipeline is
deprecated and will be removed after LLVM 14. In the meantime,
only minimal effort will be made to maintain the legacy pass
manager for the optimization pipeline.
Changes to building LLVM
The build system now supports building multiple distributions,
so that you can e.g. have one distribution containing just
tools and another for libraries (to enable development). See
Multi-distribution configurations for details.
Changes to the AArch64 Backend
Introduced assembly support for Armv9-A’s Realm Management
Extension (RME) and Scalable Matrix Extension (SME).
Produce proper cross-section relative relocations on COFF
Fixed the calling convention on Windows for variadic functions
involving floats in the fixed arguments
Changes to the ARM Backend
Produce proper cross-section relative relocations on COFF
Changes to the Hexagon Target
The Hexagon target now supports V68/HVX ISA.
Changes to the C API
The C API functions LLVMGetAlignment and LLVMSetAlignment now
allow changing alignment on atomicrmw and cmpxchg instructions
A new entry LLVMDIArgListMetadataKind was added to the
LLVMMetadataKind enum, representing DIArgLists (D88175)
Type attributes have been added to LLVM-C, introducing
LLVMCreateTypeAttribute, LLVMGetTypeAttributeValue and
LLVMIsTypeAttribute. (D977763’)
The LTO_API_VERSION was bumped to 28, introducing a new function
lto_set_debug_options for parsing LTO debug options (D92611)
LLVMJITTargetSymbolFlags was renamed to LLVMJITSymbolTargetFlags
(rG8d718a0bff73af066675a6258c01307937c33cf9)
The C API received support for creating custom ORCv2
MaterializationUnits and APIs to retrieve an LLJIT instance’s
linking layers. An ABI breaking change for LLVMOrcAbsoluteSymbols
was introduced to make it consistent with
LLVMOrcCreateCustomMaterializationUnit.
(rGc8fc5e3ba942057d6c4cdcd1faeae69a28e7b671)
The C API received support for adding ORCv2 object buffers
directly to an object layer.
(rG7b73cd684a8d5fb44d34064200f10e2723085c33)
A breaking change to LLVMGetInlineAsm was introduced, adding
a ninth argument LLVMBool CanThrow (D95745)
The C API received support for calling into the new pass manager.
(D102136)
The C API function LLVMIntrinsicCopyOverloadedName has been
deprecated. Please migrate to LLVMIntrinsicCopyOverloadedName2
which takes an extra module argument and which also handles
unnamed types. (D99173)
The C API received support for dumping objects from ORCv2
(rGcec8e69f01c3374cb38c6683058381b96fab8f89)
A breaking change to LLVMOrcObjectTransformLayerTransformFunction
was introduced, changing the order of the function pointer’s
arguments. (rG8962c68ad007a525f9daa987c99eda57e0d0069a)
The C API received support for accessing utilities from the
LLJIT IRTransformLayer and ThreadSafeModule classes. (D103855)
The C API received support for creating lazy-export
MaterializationUnits (D104672)
The C API function LLVMPassBuilderOptionsSetCoroutines was
removed because couroutine passes have been enabled by default.
(D105877)
comdat noduplicates was renamed to comdat nodeduplicate and as
a result, LLVMNoDuplicatesComdatSelectionKind was renamed to
LLVMNoDeduplicateComdatSelectionKind. (D106319)
Changes to the FastISel infrastructure
FastISel no longer tracks killed registers, and instead leaves
this to the register allocator. This means that hasTrivialKill()
is removed, as well as the OpNIsKill parameters to the fastEmit_*()
family of functions.
Changes to the LLVM tools
The options --build-id-link-{dir,input,output} have been deleted.
(D96310)
Support for in-order processors has been added to llvm-mca.
(D94928)
llvm-objdump supports -M {att,intel} now. --x86-asm-syntax is
a deprecated internal option which will be removed in LLVM
14.0.0. (D101695)
The llvm-readobj short aliases -s (previously --sections) and
-t (previously --syms) have been changed to --syms and
--section-details respectively, to match llvm-readelf. (D105055)
The llvm-nm short aliases -M (--print-armap), -U (--defined-only),
and -W (--no-weak) are now deprecated. Use the long form versions
instead. The alias --just-symbol-name is now deprecated in
favor of --format=just-symbols and -j. (D105330)
In lli the default JIT engine switched from MCJIT (-jit-kind=mcjit)
to ORC (-jit-kind=orc). (D98931)
llvm-rc got support for invoking Clang to preprocess its input.
(D100755)
llvm-rc got a GNU windres compatible frontend, llvm-windres.
(D100756)
llvm-ml has improved compatibility with MS ml.exe, managing to
assemble more asm files.
Changes to LLDB
LLDB executable is now included in pre-built LLVM binaries.
LLDB now includes full featured support for AArch64 SVE register
access.
LLDB now supports AArch64 Pointer Authentication, allowing
stack unwind with signed return address.
LLDB now supports debugging programs on AArch64 Linux that use
memory tagging (MTE).
Added memory tag read and memory tag write commands.
The memory region command will note when a region has memory
tagging enabled.
Synchronous and asynchronous tag faults are recognised.
Synchronous tag faults have memory tag annotations in addition
to the usual fault address.
22.0.0 (2021-09-23)
Added
* [Perl] Documentation for most of the modules (#1740 ehuelsmann)
Changed
* [Perl] Changed API to pass around Cucumber::Messages instead of hashes and
increased minimum Perl version in accordance with Cucumber::Messages (to
5.14; from 5.12) (#1735 ehuelsmann)
Fixed
* [Perl] Failure to include CHANGELOG.md in the release tarball (#1728
ehuelsmann)
21.0.0 (2021-09-01)
Added
* [JavaScript] Expose Errors object.
Changed
* Fixed Rule translation for hi, sr-Cyrl, sr-Latn and tr (aslakhellesoy)
* [Java] Renamed Token#mathcedItems to Token#matchedItems (#1687
aslakhellesoy)
* [Perl] Minimum Perl version upgraded to 5.12 (from 5.10.1) (#1665
ehuelsmann)
Removed
* [Perl] Dependency on IO::Scalar removed (#1665 ehuelsmann)
Changelog:
Nim version 1.6 is now officially released!
A year in the making, 1.6 is the latest stable release and by far the largest
yet. We're proud of what we --- the core team and dedicated volunteers --- have
accomplished with this milestone:
* 1667 PRs merged (1760 commits)
* 893 issues closed
* 15 new stdlib modules
* new features in more than 40 stdlib modules, including major improvements
to 10 commonly used modules
* documentation and minor improvements to 170 modules, including 312 new
runnable examples
* 280 new nimble packages
Nim made its first entry in TIOBE index in 2017 at position 129, last year it
entered the top-100, and for 2 months the top-50 (link). We hope this release
will reinforce this trend, building on Nim's core strengths: a practical,
compiled systems programming language offering C++-like performance and
portability, Python-like syntax, Lisp-like flexibility, strong C, C++, JS,
Python interop, and best-in-class metaprogramming.
This release includes improvements in the following areas:
* new language features (iterable[T], user-defined literals, private imports,
strict effects, dot-like operators, block arguments with optional
parameters)
* new compiler features (nim --eval:cmd, custom nimscript extensions,
customizable compiler messages)
* major improvements to --gc:arc and --gc:orc
* correctness and performance of integer and float parsing and rendering in
all backends
* significant improvements in error messages, showing useful context
* documentation generation logic and documentation, in particular
runnableExamples now works in more contexts
* JS, VM and nimscript backend are more consistent with the C backend,
allowing more modules to work with those backends, including the imports
from std/prelude; the test suite now standardizes on testing stdlib modules
on each major backend (C, JS, VM)
* support for Apple silicon/M1, 32-bit RISC-V, armv8l, CROSSOS, improved
support for NodeJS backend
* major improvements to the following modules: system, math, random, json,
jsonutils, os, typetraits, wrapnils, lists, hashes including performance
improvements
* deprecated a number of error prone or redundant features
Why use Nim?
* One language to rule them all: from shell scripting to web frontend and
backend, scientific computing, deep learning, blockchain client, gamedev,
embedded, see also some companies using Nim.
* Concise, readable and convenient: echo "hello world" is a 1-liner.
* Small binaries: echo "hello world" generates a 73K binary (or 5K with
further options), optimized for embedded devices (Go: 2MB, Rust: 377K, C++:
56K) [1].
* Fast compile times: a full compiler rebuild takes ~12s (Rust: 15min, gcc:
30min+, clang: 1hr+, Go: 90s) [2].
* Native performance: see Web Frameworks Benchmark, ray tracing, primes.
* No need for makefiles, cmake, configure or other build scripts, thanks to
compile-time function evaluation (CTFE) and dependency tracking [3].
* Target any platform with a C compiler: Android and iOS, embedded systems,
micro-controllers, WASM, Nintendo Switch, Game Boy Advance.
* Zero-overhead interop lets you reuse code in C, C++ (including templates,
C++ STL), JS, Objective-C, Python (via nimpy).
* Built-in documentation generator that understands Nim code and runnable
examples that stay in sync.
Last but not least, macros let you manipulate/generate code at compile time
instead of relying on code generators, enabling writing DSLs and language
extensions in user code. Typical examples include implementing Python-like
f-strings, optional chaining, command line generators, React-like Single Page
Apps, protobuf serialization and binding generators.
Installing Nim 1.6
We recommend everyone to upgrade to 1.6:
New users
Check out if your package manager already ships version 1.6 or install it as
described here.
Note: earlier this year researchers spotted malware written in Nim programming
language which supposedly led to antivirus vendors falsely tagging all software
written in Nim as a potential threat, including the Nim compiler, nimble (Nim'
s package manager) and so on (core Nim tooling is written entirely in Nim).
This has been an ongoing issue ever since - if you have any issues related to
this, please report the Nim compiler and associated tooling as false detection
to the respective antivirus vendors.
Existing users
If you have installed a previous version of Nim using choosenim, getting Nim
1.6 is as easy as:
choosenim update self
choosenim update stable
If you don't have choosenim, you can follow the same install link as above.
Building from source
git clone https://github.com/nim-lang/Nim
cd Nim
sh build_all.sh
The last command can be re-run after pulling new commits. Note that the
csources repo used was changed to csources_v1, the new setup is designed to be
forward and backward compatible.
Building from a CI setup
We now have bash APIs to (re-)build Nim from source which hide implementation
details, for example: . ci/funs.sh && nimBuildCsourcesIfNeeded. This can be
useful for CI when alternatives (using nightly builds or a Docker image) are
not suitable; in fact all the existing CI pipelines have been refactored to use
this, see #17815.
Contributors to Nim 1.6
Many thanks to our recurring and new contributors. Nim is a community driven
collaborative effort that welcomes all contributions, big or small.
Backward compatibility and preview flags
Starting with this release, we've introduced preview flags of the form
-d:nimPreviewX (e.g. -d:nimPreviewFloatRoundtrip), which allow users to opt-in
to new stdlib/compiler behavior that will likely become the default in the next
or a future release. These staging flags aim to minimize backward compatibility
issues.
We also introduced opt-out flags of the form -d:nimLegacyX, e.g.
-d:nimLegacyCopyFile, for cases where the default was changed to the new
behavior. For a transition period, these flags can be used to get the old
behavior.
Here's the list of these flags introduced in this release, refer to the text
below for explanations:
* -d:nimLegacyCopyFile
* -d:nimLegacyJsRound
* -d:nimLegacyMacrosCollapseSymChoice
* -d:nimLegacyParseQueryStrict
* -d:nimLegacyRandomInitRand
* -d:nimLegacyReprWithNewline
* -d:nimLegacySigpipeHandler
* -d:nimLegacyTypeMismatch
* -d:nimPreviewDotLikeOps
* -d:nimPreviewFloatRoundtrip
* -d:nimPreviewHashRef
* -d:nimPreviewJsonutilsHoleyEnum
Major new features
With so many new features, pinpointing the most salient ones is a subjective
exercise, but here are a select few:
iterable[T]
The iterable[T] type class was added to match called iterators, which solves a
number of long-standing issues related to iterators. Example:
iterator iota(n: int): int =
for i in 0..<n: yield i
# previously, you'd need `untyped`, which caused other problems such as lack
# of type inference, overloading issues, and MCS.
template sumOld(a: untyped): untyped = # no type inference possible
var result: typeof(block:(for ai in a: ai))
for ai in a: result += ai
result
assert sumOld(iota(3)) == 0 + 1 + 2
# now, you can write:
template sum[T](a: iterable[T]): T =
# `template sum(a: iterable): auto =` would also be possible
var result: T
for ai in a: result += ai
result
assert sum(iota(3)) == 0 + 1 + 2 # or `iota(3).sum`
In particular iterable arguments can now be used with the method call syntax.
For example:
import std/[sequtils, os]
echo walkFiles("*").toSeq # now works
See PR #17196 for additional details.
Strict effects
The effect system was refined and there is a new .effectsOf annotation that
does explicitly what was previously done implicitly. See the manual for more
details. To write code that is portable with older Nim versions, use this
idiom:
when defined(nimHasEffectsOf):
{.experimental: "strictEffects".}
else:
{.pragma: effectsOf.}
proc mysort(s: seq; cmp: proc(a, b: T): int) {.effectsOf: cmp.}
To enable the new effect system, compile with --experimental:strictEffects. See
also #18777 and RFC #408.
Private imports and private field access
A new import syntax import foo {.all.} now allows importing all symbols (public
or private) from foo. This can be useful for testing purposes or for more
flexibility in project organization.
Example:
from system {.all.} as system2 import nil
echo system2.ThisIsSystem # ThisIsSystem is private in `system`
import os {.all.} # weirdTarget is private in `os`
echo weirdTarget # or `os.weirdTarget`
Added a new module std/importutils, and an API privateAccess, which allows
access to private fields for an object type in the current scope.
Example:
import times
from std/importutils import privateAccess
block:
let t = now()
# echo t.monthdayZero # Error: undeclared field: 'monthdayZero' for type times.DateTime
privateAccess(typeof(t)) # enables private access in this scope
echo t.monthdayZero # ok
See PR #17706 for additional details.
nim --eval:cmd
Added nim --eval:cmd to evaluate a command directly, e.g.: nim --eval:"echo 1".
It defaults to e (nimscript) but can also work with other commands, e.g.:
find . | nim r --eval:'import strutils; for a in stdin.lines: echo a.toUpper'
# use as a calculator:
nim --eval:'echo 3.1 / (1.2+7)'
# explore a module's APIs, including private symbols:
nim --eval:'import os {.all.}; echo weirdTarget'
# use a custom backend:
nim r -b:js --eval:"import std/jsbigints; echo 2'big ** 64'big"
See PR #15687 for more details.
Round-trip float to string
system.addFloat and system.$ now can produce string representations of floating
point numbers that are minimal in size and possess round-trip and correct
rounding guarantees (via the Dragonbox algorithm). This currently has to be
enabled via -d:nimPreviewFloatRoundtrip. It is expected that this behavior
becomes the new default in upcoming versions, as with other nimPreviewX define
flags.
Example:
from math import round
let a = round(9.779999999999999, 2)
assert a == 9.78
echo a # with `-d:nimPreviewFloatRoundtrip`: 9.78, like in python3 (instead of 9.779999999999999)
New std/jsbigints module
Provides arbitrary precision integers for the JS target. See PR #16409.
Example:
import std/jsbigints
assert 2'big ** 65'big == 36893488147419103232'big
echo 0xdeadbeef'big shl 4'big # 59774856944n
New std/sysrand module
Cryptographically secure pseudorandom number generator, allows generating
random numbers from a secure source provided by the operating system. Example:
import std/sysrand
assert urandom(1234) != urandom(1234) # unlikely to fail in practice
See PR #16459.
New module: std/tempfiles
Allows creating temporary files and directories, see PR #17361 and followups.
import std/tempfiles
let tmpPath = genTempPath("prefix", "suffix.log", "/tmp/")
# tmpPath looks like: /tmp/prefixpmW1P2KLsuffix.log
let dir = createTempDir("tmpprefix_", "_end")
# created dir looks like: getTempDir() / "tmpprefix_YEl9VuVj_end"
let (cfile, path) = createTempFile("tmpprefix_", "_end.tmp")
# path looks like: getTempDir() / "tmpprefix_FDCIRZA0_end.tmp"
cfile.write "foo"
cfile.setFilePos 0
assert readAll(cfile) == "foo"
close cfile
assert readFile(path) == "foo"
User-defined literals
Custom numeric literals (e.g. -128'bignum) are now supported. Additionally, the
unary minus in -1 is now part of the integer literal, i.e. it is now parsed as
a single token. This implies that edge cases like -128'i8 finally work
correctly. Example:
func `'big`*(num: cstring): JsBigInt {.importjs: "BigInt(#)".}
assert 0xffffffffffffffff'big == (1'big shl 64'big) - 1'big
Dot-like operators
With -d:nimPreviewDotLikeOps, dot-like operators (operators starting with .,
but not with ..) now have the same precedence as ., so that a.?b.c is now
parsed as (a.?b).c instead of a.?(b.c). A warning is generated when a dot-like
operator is used without -d:nimPreviewDotLikeOps.
An important use case is to enable dynamic fields without affecting the
built-in . operator, e.g. for std/jsffi, std/json, pkg/nimpy. Example:
import std/json
template `.?`(a: JsonNode, b: untyped{ident}): JsonNode =
a[astToStr(b)]
let j = %*{"a1": {"a2": 10}}
assert j.?a1.?a2.getInt == 10
Block arguments now support optional parameters
This solves a major pain point for routines accepting block parameters, see PR
#18631 for details:
template fn(a = 1, b = 2, body) = discard
fn(1, 2): # already works
bar
fn(a = 1): # now works
bar
Likewise with multiple block arguments via do:
template fn(a = 1, b = 2, body1, body2) = discard
fn(a = 1): # now works
bar1
do:
bar2
Other features
For full changelog, see here.
Footnotes
Tested on a 2.3 GHz 8-Core Intel Core i9, 2019 macOS 11.5 with 64GB RAM.
* [1] command used: nim c -d:danger. The binary size can be further reduced
to 49K with stripping (--passL:-s) and link-time optimization
(--passC:-flto). Statically linking against musl brings it under 5K - see
here for more details.
* [2] commands used:
+ for Nim: nim c --forceBuild compiler/nim
+ for Rust: ./x.py build, details
+ for GCC: see 1 2
+ for Clang: details
+ for Go: ./make.bash
* [3] a separate nimscript file can be used if needed to execute code at
compile time before compiling the main program but it's in the same
language
* bsd-port repository is changed to https://github.com/battleblow/jdk11u .
Changelog:
11.0.13
Updated BSD port of JDK 11
Additional features include:
Update to 11.0.13 GA
Build fixes for LLVM 13 and fastdebug
11.0.12
Updated BSD port of JDK 11
Additional features include:
Update to 11.0.12 GA
This release contains security fix.
18 Nov 2021, PHP 7.3.33
- XML:
. Fix#79971: special character is breaking the path in xml function.
(CVE-2021-21707) (cmb)
