Serhiy Storchaka [Fri, 19 Jun 2026 10:30:35 +0000 (13:30 +0300)]
[3.13] gh-151695: Fix use-after-free of the curses screen encoding (GH-151696) (GH-151706) (GH-151723)
The module-global screen_encoding stored a borrowed pointer to the
encoding owned by the window returned by the first initscr() call. That
window can be deallocated while unctrl() and ungetch(), which have no window
of their own, still use the pointer to encode non-ASCII characters.
[3.13] gh-151678: Add tests for tkinter.Text (GH-151681) (GH-151705) (GH-151715)
Cover previously-untested Text methods (indices, content, marks, tags,
undo/redo, dump, embedded images and windows, peers, and geometry) and
the tag, embedded-image and embedded-window configuration options.
(cherry picked from commit 4ac809e10bdb413d7dd8c7bab7e365b2b618ad91)
(cherry picked from commit 22c000eeb4341f650f2c660b29d49f3f44741392)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
[3.13] gh-151678: Add tests for tkinter.Listbox (GH-151686) (GH-151714)
Cover previously-untested Listbox methods in ListboxTest: size, delete,
index resolution, nearest, see, activate, and the selection methods
(selection_set/clear/includes/anchor and their select_* aliases),
including the errors raised for invalid indices.
(cherry picked from commit cf3b3c11485a870d8e8c02579bed27a316838eb1)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
[3.13] gh-151678: Add tests for tkinter.Menu (GH-151685) (GH-151711)
Cover previously-untested Menu methods in MenuTest: adding, inserting and
deleting items of every type, index resolution, invoking items, entry x/y
positions, and post/unpost/tk_popup mapping.
Also test per-entry configuration options and the errors raised for
invalid indices, entry types, option names and option values.
(cherry picked from commit ef5c32a40be50a33a9b7ac39ee64e6893bc22f60)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Serhiy Storchaka [Thu, 18 Jun 2026 13:32:37 +0000 (16:32 +0300)]
[3.13] gh-86726: Document the full public API of tkinter (GH-151579) (GH-151650) (GH-151653)
Replace the previously sparse reference documentation with full coverage of
the public API of the tkinter package, written from the Tcl/Tk manual pages,
the existing documentation and the module docstrings.
* Doc/library/tkinter.rst gains a "Reference" section documenting every public
class, method, function and constant of the core module -- the widgets, the
Misc, Wm, Pack, Place, Grid, XView and YView mix-ins, the Variable and image
classes, the module-level functions and the symbolic constants.
* Doc/library/tkinter.ttk.rst, dialog.rst, tkinter.font.rst and the other
module pages document their remaining classes, methods and functions.
The descriptions are Python-oriented (correct return types -- tuples rather
than Tcl lists, booleans, integers, None on cancellation, and so on) and were
checked against the Tcl/Tk 9.1 manual pages and the implementation.
versionadded, versionchanged and deprecated directives are added for the
public API, determined from the git history relative to Python 3.0: the
tkinter.ttk module (3.1); the Text, Wm, Menu and Misc methods exposing Tk 8.5
features (3.3); and the many later additions and behavior changes up to 3.15.
The Tk version required by features added after Tk 8.6 is noted as well. The
bundled Tcl/Tk version is updated to 9.0 and the manual-page links point at
the tcl9.0 reference.
* gh-86726: Adjust tkinter docs for the 3.14 backport
Remove documentation of API added only in 3.15 (the grid_content/
pack_content/place_content aliases, Text.search_all, the search
nolinestop/strictlimits parameters and Event.user_data/detail), date the
wm_attributes positional-argument deprecation to 3.13, and update the
bundled Tcl/Tk version to 8.6.
Co-authored-by: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
Fix errors and clarify the curses, curses.panel and curses.ascii docs
against X/Open Curses and ncurses, and sync the affected docstrings.
(cherry picked from commit 65afcdd8dfb3621ac696fce076e6282c76a04b2b)
[3.13] gh-120665: make unittest loaders avoid loading test cases that are abstract base classes (GH-120666) (#151599)
gh-120665: make unittest loaders avoid loading test cases that are abstract base classes (GH-120666)
(cherry picked from commit 5ad3c6dfbfe60a7f232e9604866c77ced24c4bfe)
gh-151519: Check effective gid in `_test_all_chown_common` group-0 guard (GH-151521)
The guard that skips the "chown to gid 0 should fail" assertion used
only `os.getgroups()` (supplementary groups). The kernel also accepts
the effective/filesystem gid for chown, so when a process runs with
egid 0 and a non-zero uid (common in containers and user namespaces),
chown(-1, 0) succeeds and the assertion spuriously fails.
[3.13] gh-139837: Document attributes of objects recorded by warnings.catch_warnings (GH-139893) (GH-151473) (#151494)
[3.14] gh-139837: Document attributes of objects recorded by warnings.catch_warnings (GH-139893) (GH-151473)
* gh-139837: Document attributes of objects recorded by warnings.catch_warnings (GH-139893)
(cherry picked from commit 47b7dc788c9bcf3d5ea69a2ea0aed3d5883647a8)
[3.13] gh-101267: ProcessPoolExecutor no longer shares 1 BrokenProcessPool exception among all failed futures (GH-101268) (GH-151431) (#151435)
[3.14] gh-101267: ProcessPoolExecutor no longer shares 1 BrokenProcessPool exception among all failed futures (GH-101268) (GH-151431)
* gh-101267: ProcessPoolExecutor no longer shares 1 BrokenProcessPool exception among all failed futures (GH-101268)
(cherry picked from commit 3c00ebc2bbd902495b163def850bc931420209fc)
* Drop the abrupt-exit-code reporting from the 3.14 backport
Reporting the exit codes of processes that died without a known cause
is a new feature, not part of the gh-101267 bugfix. Keep only the
bugfix on 3.14: each failed future gets its own BrokenProcessPool
exception instead of one shared instance.
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> Co-authored-by: Daniel Shields <daniel.shields@twosigma.com> Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Victor Stinner [Wed, 10 Jun 2026 21:24:46 +0000 (23:24 +0200)]
[3.13] gh-151253: Dump the Python path configuration on _PyCodec_InitRegistry() failure (#151250) (#151269) (#151283) (#151287)
[3.14][3.15] gh-151253: Dump the Python path configuration on _PyCodec_InitRegistry() failure (#151250) (#151269) (#151283)
[3.15] gh-151253: Dump the Python path configuration on _PyCodec_InitRegistry() failure (#151250) (#151269)
gh-151253: Dump the Python path configuration on _PyCodec_InitRegistry() failure (#151250)
If "import encodings" fails at Python startup, dump the Python path
configuration to help users debugging their configuration. The
encodings module is the first module imported during Python startup.
gh-143988: Fix re-entrant mutation crashes in socket sendmsg/recvmsg_into (#143987)
Fix crashes in socket.sendmsg() and socket.recvmsg_into() that could
occur if buffer sequences are mutated re-entrantly during argument
parsing via __buffer__ protocol callbacks.
The bug occurs because:
1. PySequence_Fast() returns the original list object when the input
is already a list (not a copy).
2. During iteration, PyObject_GetBuffer() triggers __buffer__
callbacks which may clear the list.
3. Subsequent iterations access invalid memory (heap OOB read).
The fix replaces PySequence_Fast() with PySequence_Tuple() which
always creates a new tuple, ensuring the sequence cannot be mutated
during iteration.
Victor Stinner [Wed, 10 Jun 2026 17:02:34 +0000 (19:02 +0200)]
[3.13][3.14] gh-89554: Document socket.SocketType as a class (#150683) (#151245) (#151254)
[3.14] gh-89554: Document socket.SocketType as a class (#150683) (#151245)
gh-89554: Document socket.SocketType as a class (#150683)
socket.SocketType is a class (re-exported from _socket as an alias of
_socket.socket, the base class of socket.socket), but was documented with
the ".. data::" directive, so ":class:" cross-references to it cannot
resolve against a py:class target.
Switch the entry to ".. class::", correct the misleading description
(SocketType is the base class of the socket type, not "type(socket(...))"
which is socket.socket; addresses gh-88427), move it into the Socket
Objects section, and document the socket object methods and attributes
nested under the socket class, dropping the redundant "socket." prefix.
Backport to 3.13: Replace ":platform: Windows" with
".. availability:: Windows" in ioctl() method.
[3.13] gh-150988: Fix refleak in `OSError` when attrs are set before `super().__init__()` (GH-150990) (#151242)
gh-150988: Fix refleak in `OSError` when attrs are set before `super().__init__()` (GH-150990)
(cherry picked from commit f2a0f82282d6307f7fd2d4ccf52a8fd95ac3922f)
Co-authored-by: Lukas Geiger <lukas.geiger94@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
Stan Ulbrych [Tue, 9 Jun 2026 14:23:22 +0000 (15:23 +0100)]
[3.13] gh-90949: expose Expat API to tune exponential expansion protections (GH-139368)
Expose the XML Expat 2.7.2 APIs to tune protections against
"billion laughs" [1] attacks.
The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:
- `parser.SetBillionLaughsAttackProtectionActivationThreshold(threshold)`, and
- `parser.SetBillionLaughsAttackProtectionMaximumAmplification(max_factor)`.
Update the table of Windows language code identifiers (LCIDs) to
protocol version 16.0 (2024-04-23).
(cherry picked from commit bfe6f9f590849f0d9f08a6fe94a5b4e76d8ed29f)
[3.13] gh-129011: Update docs for Raw I/O read, readinto, and write (GH-135328) (#150959)
gh-129011: Update docs for Raw I/O read, readinto, and write (GH-135328)
Update `RawIOBase` and `FileIO` documentation to match implementation
behavior around `.read`, `.readinto`, `.readall` and `.write`.
In particular:
- They may make more than one system call (PEP-475)
- Add warnings if `.write()` requires a wrapping retry loop (see: gh-126606)
- "Raw I/O" `.write`` may not write all bytes
- `buffering=0` example results in a "Raw I/O"
(cherry picked from commit e4db68b9c990ed1bb7562094bee2e73f4450d42b)
ass_subscript_slice() returned early when the computed slice length
was zero, bypassing validation performed for non-empty slices.
(cherry picked from commit fc9c4db1302f8be7527e70cf0938b629985a1d72)
[3.13] Correct Stable ABI documentation for METH_FASTCALL (GH-149593) (GH-150851)
The current documentation says:
>
> METH_FASTCALL
> Part of the Stable ABI since version 3.7.
>
> [...]
>
> Added in version 3.7.
>
> Changed in version 3.10: METH_FASTCALL is now part of the stable ABI.
so is contradictory about when it was added to the Stable ABI. Looking at the header it seems like 3.10 is right.
(cherry picked from commit 58beae7319c58d850184d621d6635de23f71a229)