[3.15] gh-146219: Document reusing a thread state across repeated foreign-thread calls (GH-146221) (#152644)
gh-146219: Document reusing a thread state across repeated foreign-thread calls (GH-146221)
* Document reusing a thread state across repeated foreign-thread calls
Add a subsection under "Non-Python created threads" explaining the
performance cost of creating/destroying a PyThreadState on every
Ensure/Release cycle and showing how to keep one alive for the
thread's lifetime instead.
[3.15] gh-103878: Document that the cancelled file dialog value is only falsy (GH-152429) (GH-152629)
Its exact type (empty string, tuple, list or None) varies between
platforms and Tk versions, so advise testing the result for truth.
(cherry picked from commit 9dd3340a623093b5d0ff054d5d42c370bb09221c)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-152228: Fix an assertion failure in `str.replace` under a limited memory case (GH-152229) (#152615)
gh-152228: Fix an assertion failure in `str.replace` under a limited memory case (GH-152229)
(cherry picked from commit c5043dce1c6743682d93c71e937b95e7d27e0b35)
[3.15] gh-69134: Wait until mapped in keyboard virtual-event tests (GH-152599) (GH-152605)
test_virtual_events and test_selection_event generate key events after
focus_force(). On Windows these are only delivered once the toplevel is
mapped, so they could be dropped and the test fail. Wait until the
widget is mapped, as the other GUI tests already do.
(cherry picked from commit be4eebb8386d07f360dd835a0ecb4a1eb6385736)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-69134: Harden tkinter GUI tests that depend on a mapped widget (GH-152499) (GH-152516)
Add wait_until_mapped() and AbstractTkTest.require_mapped() to
test_tkinter.support and use them to guard the assertions that need a
widget to be actually mapped (winfo_width(), identify(), coords(), ...).
This avoids intermittent failures under window managers that do not map
the widget promptly, without skipping the unrelated checks.
(cherry picked from commit 0fff6bd86cf0224152c509e295d3cbbd209098f3)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
set_escdelay(), set_tabsize() and the ESCDELAY and TABSIZE variables were
gated only by the ncurses-specific NCURSES_EXT_FUNCS macro, which excluded
them when building against other curses implementations such as NetBSD curses
even when they provided them. Detect each with a configure capability probe
and gate on HAVE_CURSES_*.
(cherry picked from commit 0635e55b47e306aa6cc0610105775849b0699e2c)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
The name parameter of Misc.wait_variable(), setvar() and getvar() and the
value parameter of setvar() should not be optional. Their default values
('PY_VAR' and '1') are not meaningful and should not be advertised.
(cherry picked from commit e134a1aa36027fb3c8bd9493028072365b19479b)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-133031: Support non-ASCII characters in curses.textpad.Textbox (GH-152451) (GH-152467)
Textbox mangled non-ASCII characters of an 8-bit locale encoding: it masked
reads with curses.ascii.ascii(), which clears the 8th bit, and tested input
with curses.ascii.isprint(), which rejects bytes above 127.
Decode cells and input bytes with the window's encoding instead. Cells are
read with instr() and the lower-right cell is written as text, since inch() and
insch() with an int byte mishandle a non-ASCII character on a wide build. This
uses only the byte-oriented curses API, so it works without wide-character
support.
(cherry picked from commit c253f0c14b046cf79881d0602620a3b2a15c2316)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-85320: Use UTF-8 for IDLE configuration and breakpoint files (GH-152475) (GH-152555)
They were read and written using the locale encoding, which could corrupt
non-ASCII paths and made them non-portable.
(cherry picked from commit f6e904e1a666cb1e5664750b1c3d8f89cba3a769)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-110357: hashlib no longer logs at import when a guaranteed hash is unavailable (GH-152538) (#152554)
gh-110357: hashlib no longer logs at import when a guaranteed hash is unavailable (GH-152538)
When a normally-guaranteed hash algorithm cannot be constructed at import time
(e.g. an OpenSSL FIPS configuration excludes it from the default provider, or
the build used --without-builtin-hashlib-hashes), importing hashlib emitted an
"ERROR:root:hash algorithm ... will not be supported at runtime" message to
stderr. For the many programs that never use the missing algorithm this is
pure noise. Worse, logging.error() lazily calls logging.basicConfig(), which
mutates the root logger's handlers -- a global side effect that the test suite
flags as an altered execution environment.
Stop logging in that path. Code that actually uses a missing algorithm still
gets a clear ValueError from the stub constructor installed in its place.
The stray output has shown up incidentally in FIPS / "No Builtin Hashes"
buildbot reports for years (e.g. gh-110357, gh-76902) without being the
reported subject.
(cherry picked from commit 8ae1a236fd334a590e90028f615cd4a822ae6f97)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
[3.15] gh-87577: Document that wm_manage does not accept ttk widgets (GH-152532) (GH-152543)
wm_manage() works only with the classic tkinter Frame, LabelFrame and
Toplevel widgets, not their tkinter.ttk counterparts.
(cherry picked from commit 2670cb062c9ec31cd6df7be645f929a8398601c7)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-148660: Fix use-after-free in OrderedDict.copy() on reentrant mutation (GH-151573) (#152540)
gh-148660: Fix use-after-free in OrderedDict.copy() on reentrant mutation (GH-151573)
* gh-148660: Fix use-after-free in OrderedDict.copy() on reentrant mutation
OrderedDict.copy() walks the internal linked list while building the new
dict. The loop body can run arbitrary Python (a key's __eq__/__hash__, or
a subclass __getitem__/__setitem__) which can clear the source dict and
free the nodes being iterated.
Detect this the same way OrderedDict.__eq__ already does (gh-119004):
snapshot od_state before the loop, hold a strong reference to the key and
read the hash before any reentrant call, and raise RuntimeError if the
state changed before advancing to the next node.
[3.15] gh-151416: fix a borrowed ref potential use after free via fspath in os.spawnv/spawnve (GH-151417) (#152535)
gh-151416: fix a borrowed ref potential use after free via fspath in os.spawnv/spawnve (GH-151417)
* gh-151416: Fix use-after-free in os.spawnv/spawnve when __fspath__ mutates argv
The argv conversion loops passed references borrowed from the argv list
into fsconvert_strdup(). An item's __fspath__() can mutate the list and
release its reference to the item, leaving the converter operating on a
freed object. A shrunk list could also make PyList_GetItem() return
NULL, which PyUnicode_FS{Converter,Decoder}() treat as a request to
release an uninitialized output variable.
Hold a strong reference to each item across the conversion, matching
parse_arglist() and parse_envlist().
* gh-151416: Don't mask non-TypeError argv conversion errors in os.spawnv
os.spawnv() replaced any error raised during argv item conversion,
such as MemoryError, codec errors, or the embedded-null ValueError,
with a generic TypeError. Only add the contextual message when the
conversion actually raised TypeError, matching how os.spawnve() and
the exec functions propagate these errors.
The test is gated to the native C spawnv: the Python fallback used
elsewhere reports conversion failures from the forked child as exit
status 127 instead of raising.
(cherry picked from commit f57d3d6db39ea0bd39743f1a614b46cbefbfdab6)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
[3.15] gh-150743: Limit trailer lines and interim responses read by http.client (GH-150741) (#152523)
gh-150743: Limit trailer lines and interim responses read by http.client (GH-150741)
http.client read chunked-response trailer lines and skipped interim (1xx)
responses in unbounded loops, so a server streaming either forever would
hang the client even with a socket timeout set (data keeps arriving, so
the timeout never fires).
Trailer lines are now limited to max_response_headers (100 by default)
and interim responses to 100; HTTPException is raised past either limit.
Follow-up to gh-88188 for CVE-2021-3737, which bounded header lines
within an interim response but not these two sibling loops.
(cherry picked from commit 41cc78a7a47fe584e2c2899737fec877d61ae331)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
---
This issue was reported to us via [GHSA-w4q2-g22w-6fr4](https://github.com/python/cpython/security/advisories/GHSA-w4q2-g22w-6fr4) and was determined not to be high enough severity to handle privately.
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Serhiy Storchaka [Sun, 28 Jun 2026 17:06:55 +0000 (20:06 +0300)]
[3.15] gh-87881: Document the result of curses inch() and getbkgd() (GH-152488) (GH-152511)
Explain the character/attribute bit layout and how to extract the parts
(A_CHARTEXT and A_ATTRIBUTES bit-masks, pair_number() for the color pair).
(cherry picked from commit d831a690766e92b3be5e40134f64407bd041bcbf)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-78335: Complete the widget option lists in tkinter docstrings (GH-152485) (GH-152500)
Several widget __init__ docstrings omitted valid options, and Menubutton and
Message had no option list at all. List every option supported by the widget,
tagging those added in Tk 9.0 and 9.1.
Add test_options_in_docstring, asserting that every option in OPTIONS is named
in the widget's __init__ docstring. Options reported by keys() but not in the
docstring are only printed in verbose mode, as some depend on the Tk version.
(cherry picked from commit ba0c0e6be18ea56d00b4534cc9e32d1acaba96d6)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-110904: Recommend windows-curses in the curses HOWTO (GH-152491) (GH-152506)
The HOWTO pointed at UniCurses, which is unmaintained and exposes its own
API. windows-curses provides the standard curses interface on Windows, so
existing code runs unchanged.
(cherry picked from commit 7b0dff7d16ce59df44847ab04567eb97bfbc3576)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
The non-ASCII tests only exercised what the runner's locale could encode (in
practice UTF-8). Add 8-bit-encoding cases to the character and string I/O
tests, each guarded by the existing encodability check: ASCII, a character
common to the Latin encodings ('é'), and ones distinctive to a single encoding
(byte 0xA4 is '¤' in ISO-8859-1, '€' in ISO-8859-15, 'є' in KOI8-U). Run the
whole suite under different locales to cover them; unrepresentable cases skip.
* gh-152415: Verify character output round-trips in test_output_character
Read each written character back with in_wch() or instr() rather than
inch(), which on a wide build returns the low byte of the code point
instead of the locale-encoded byte and so mangles a non-ASCII character
of an 8-bit locale. This lets the int-argument cases cover '€'/'є', and
adds matching coverage for the str argument.
insch() with an int byte > 127 is checked only for Latin-1: on a wide
build ncurses winsch stores a printable byte directly as a code point
instead of decoding it through the locale.
(cherry picked from commit 003d3620cc0f44caca7bf26c3e6964f5f379645f)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-151613: Fix remote debugging frame cache ABA (#152448)
gh-151613: Fix remote debugging frame cache ABA (#151614)
The remote debugging frame cache previously used only the last_profiled_frame address as its cache anchor. If a frame returned and a later frame reused the same _PyInterpreterFrame address, the profiler could accept a stale cache entry and splice parent frames from a different call chain into the current stack.
This adds a last_profiled_frame_seq counter next to last_profiled_frame, increments it when the anchor advances, stores it in frame cache entries, and validates cache hits against both the frame address and the sequence. Cache miss walks now copy stack chunks before storing new cache entries so stored continuations come from a stable snapshot. The new regression test exercises alternating call chains and checks that cached stacks never contain frames from both branches.
[3.15] gh-152434: Block --async-aware with --binary (GH-152444) (#152446)
gh-152434: Block --async-aware with --binary (GH-152444)
The binary writer does not currently handle AwaitedInfo samples and
crashes when running in --async-aware mode.
(cherry picked from commit 876c06cab9e824747d708a031c6b81b1f8a4f8dc)
Co-authored-by: László Kiss Kollár <kiss.kollar.laszlo@gmail.com>
[3.15] gh-151029: Fix sys.remote_exec() unable to find writable memory when libpython replaced on disk (GH-151032) (#152443)
gh-151029: Fix sys.remote_exec() unable to find writable memory when libpython replaced on disk (GH-151032)
(cherry picked from commit a69d0fc41ef339378022f1c0190a9692cb276a7f)
Co-authored-by: Łukasz Langa <lukasz@langa.pl> Co-authored-by: Pablo Galindo <pablogsal@gmail.com>
[3.15] gh-70273: Document default class bindings in tkinter (GH-152389) (GH-152393)
Note in the Bindings and events section that every widget inherits Tk
class bindings for its standard behavior, where they are documented, and
how to suppress an unwanted one by returning "break" from a callback.
(cherry picked from commit 4fd69ef97a67fc935e0d4f30662f2a1985ba6be9)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-71880: Allow editing the last cell in curses.textpad.Textbox (GH-152363) (GH-152364)
Textbox.edit() ignored typing in the lower-right cell of the window. It is
now written with insch(), which fills the cell without moving the cursor out
of the window (addch() there raises an error and scrolls a scrollable window).
(cherry picked from commit 11b394381f30815a8ad0123afb0a55e7a0369f79)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-151678: Add more tests for tkinter.dnd (GH-152362) (GH-152367)
Cover the drag cursor, the Motion and ButtonRelease bindings, switching
between targets, the target search up the master chain, dnd_accept()
returning None, and restarting after a drag has finished.
(cherry picked from commit 389e00f13fb5b20b424980b08678753441db7529)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-38464: Make tkinter nametowidget() work with cloned menus (GH-152336) (GH-152349)
Map the auto-generated name of a cloned menu (a menu used as a menubar
or a cascade) back to the original widget instead of raising KeyError.
(cherry picked from commit 5c3555bdc56a8e110a7d366f8ac0a93cd082e90f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
focus_get(), focus_displayof(), focus_lastfor() and winfo_containing()
now return None instead of raising KeyError when the focused widget was
not created by tkinter (for example a torn-off menu).
(cherry picked from commit 5fed5ce85d9c862673cc68294f757f345bbcc9b1)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] IDLE: fix dedent() usage in htest (GH-152256) (#152342)
IDLE: fix dedent() usage in htest (GH-152256)
Fix typos: in GH-112642, initial string concatenation quotes were left when switching to textwrap.dedent().
(cherry picked from commit 74272d4f0b8478c1d879671ba35ec4ddaae50178)
[3.15] gh-80937: Fix memory leak in tkinter createcommand (GH-152294) (GH-152327)
A command created with createcommand() held a strong reference to the
interpreter, forming an uncollectable cycle (interpreter -> command ->
interpreter) that kept the interpreter and the callback alive until the
command was removed with deletecommand() or destroy(). The command now
borrows the reference; it cannot outlive the interpreter, which deletes its
commands when finalized.
(cherry picked from commit bbf7786a904e558a15d01475356167e29b2e3708)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
When a Tcl command running its own event loop (such as vwait or
wait_variable) was active and the user typed input on stdin, the event
loop kept spinning at 100% CPU. The stdin file handler is now removed as
soon as input becomes available.
Also fix gh-139816: an exception raised in a callback no longer stops the
event loop to wait for Enter on a Python built without readline; pending
callbacks keep running until input is actually available on stdin.
(cherry picked from commit 3ffda34f5cd3809a8755c9596948e4e477661d5f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: mdehoon <mjldehoon@yahoo.com> Co-authored-by: Christopher Chavez <chrischavez@gmx.us> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-151722: Defer GC tracking in frozendict.copy() (GH-152230) (#152271)
gh-151722: Defer GC tracking in frozendict.copy() (GH-152230)
Fix _PyDict_Or() and frozendict.copy(): only track the frozendict by
the GC once the dictionary is fully initialized.
Functions modifying frozendict now ensures that the object is not
tracked by the GC (in debug mode).
* can_modify_dict() checks that _PyObject_GC_IS_TRACKED() is false
for frozendicts.
* dict_merge_api() makes sure that the dictionary is tracked by the
GC.
(cherry picked from commit 05679f3576ed3298c9b0f86e8a3462f0b92dff8f)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.15] gh-151929: Get uptime on BSD/macOS in pythoninfo (GH-152189) (#152196)
gh-151929: Get uptime on BSD/macOS in pythoninfo (GH-152189)
* Check sysctlbyname() function and sys/sysctl.h header in
configure.
* Add _testcapi.uptime_bsd() function.
(cherry picked from commit b6d89edc4a13a71734ae1f1e386122bf62d68ed8)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.15] gh-127802: Schedule removal of legacy tkinter variable trace methods in 3.17 (GH-152012) (GH-152186)
The tkinter.Variable methods trace_variable(), trace(), trace_vdelete()
and trace_vinfo(), deprecated since Python 3.14, are now scheduled for
removal in Python 3.17.
(cherry picked from commit deeae2ac07a5aaa6fc1025a048592afe3516e57e)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-151678: Add tests for ttk Menubutton and OptionMenu widget options (GH-151960) (GH-151963)
Decorate ttk.MenubuttonTest with add_configure_tests() and make
ttk.OptionMenuTest inherit it to cover the standard widget options.
(cherry picked from commit ce147129c183b934800b539c9a85b7d6bf44ae5d)
Serhiy Storchaka [Wed, 24 Jun 2026 18:41:27 +0000 (21:41 +0300)]
[3.15] gh-86726: Improve the structure of the tkinter reference (GH-152109 (GH-152111)
Add short group intros before each cluster of Misc methods.
Group the Tk and Toplevel classes in a new "Toplevel widgets" section, move
the Tcl() function to the module-level functions, and move the "File
handlers" section into the reference.
(cherry picked from commit c7faa6936e17630ec26d4e0438ae9b95561b7151)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-151496: Use process groups in TraceBackend in test_dtrace (GH-152039) (#152082)
gh-151496: Use process groups in TraceBackend in test_dtrace (GH-152039)
Run the generic DTrace/SystemTap commands in a new process group and
terminate the whole group on timeout.
This prevents a forked tracer child from keeping stdout/stderr pipes
open after the direct tracer process is killed.
(cherry picked from commit 1785f4b35f899704df0be54cba3776906186b2b1)
The size is taken from the archive and is not validated, so a ~512-byte
crafted file can claim several gigabytes (or, via base-256 encoding, far
more) and make read() pre-allocate that much memory -- on open/iterate,
before any extraction filter runs.
Read the extended-header data in bounded chunks instead, so an oversized
or truncated header can no longer force a huge allocation. The bytes
returned for valid archives are unchanged.
(cherry picked from commit da99711d37dba3413af05207ea8b12cb06041c0f)
Add docstrings for the curses.window, curses.error, curses.panel.panel
and curses.panel.error classes. Document the panel class and its error
exception in curses.panel.rst, using the real lowercase panel name.
(cherry picked from commit 560ff8e2021d818555884622f6865f4a0d60756f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
[3.15] gh-84008: Document that the LC_NUMERIC locale affects tkinter numeric widgets (GH-152008) (GH-152049)
Spinbox, Scale and ttk.Spinbox format floating-point values according to
the LC_NUMERIC locale, but such values are always parsed with a period, so
a comma-decimal locale breaks DoubleVar.get().
(cherry picked from commit ee78d4323c174d0281fef5e04e965cda4c46eeb7)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
[3.15] gh-126219: Fix crash in tkinter.Tk with non-BMP className on Tcl/Tk 8.x (GH-151980) (GH-152045)
Tcl 8.x crashes when title-casing a non-BMP character during Tk
initialization, so such a className is now rejected with a ValueError.
(cherry picked from commit 124c7cd91be8cff76d1eec0adef65991c23c4419)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
projects / thirdparty / Python / cpython.git / log
