Jason R. Coombs [Sat, 28 Sep 2019 13:15:05 +0000 (09:15 -0400)]
[3.7] bpo-38216, bpo-36274: Allow subclasses to separately override validation and encoding behavior (GH-16448) (GH-16461)
* bpo-38216: Allow bypassing input validation
* bpo-36274: Also allow the URL encoding to be overridden.
* bpo-38216, bpo-36274: Add tests demonstrating a hook for overriding validation, test demonstrating override encoding, and a test to capture expectation of the interface for the URL.
* Call with skip_host to avoid tripping on the host checking in the URL.
* Remove obsolete comment.
* Make _prepare_path_encoding its own attr.
This makes overriding just that simpler.
Also, don't use the := operator to make backporting easier.
* Once again separate the path validation and request encoding, drastically simplifying the behavior. Drop the guarantee that all processing happens in _prepare_path..
(cherry picked from commit 7774d7831e8809795c64ce27f7df52674581d298)
Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
bpo-38243, xmlrpc.server: Escape the server_title (GH-16373)
Escape the server title of xmlrpc.server.DocXMLRPCServer
when rendering the document page as HTML.
(cherry picked from commit e8650a4f8c7fb76f570d4ca9c1fbe44e91c8dfaa)
Co-authored-by: Dong-hee Na <donghee.na92@gmail.com>
Christian Heimes [Thu, 26 Sep 2019 20:54:33 +0000 (22:54 +0200)]
[3.7] bpo-38275: Skip ssl tests for disabled versions (GH-16427)
test_ssl now handles disabled TLS/SSL versions better. OpenSSL's crypto
policy and run-time settings are recognized and tests for disabled versions
are skipped.
[3.7] closes bpo-38174: Update vendored expat library to 2.2.8. (GH-16407)
Fixes CVE-2019-15903. See full changelog at https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes..
(cherry picked from commit 52b940803860e37bcc3f6096b2d24e7c20a0e807)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
bpo-38271: encrypt private key test files with AES256 (GH-16385)
The private keys for test_ssl were encrypted with 3DES in traditional
PKCSGH-5 format. 3DES and the digest algorithm of PKCSGH-5 are blocked by
some strict crypto policies. Use PKCSGH-8 format with AES256 encryption
instead.
Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue38271
Gregory P. Smith [Wed, 25 Sep 2019 05:29:17 +0000 (22:29 -0700)]
[3.7] bpo-36871: Handle spec errors in assert_has_calls (GH-16364) (GH-16374)
Handle spec errors in assert_has_calls (GH-16005) (GH-16364)
The fix in PR 13261 handled the underlying issue about the spec for specific methods not being applied correctly, but it didn't fix the issue that was causing the misleading error message.
The code currently grabs a list of responses from _call_matcher (which may include exceptions). But it doesn't reach inside the list when checking if the result is an exception. This results in a misleading error message when one of the provided calls does not match the spec.
Multiprocessing test test_mymanager() now also expects -SIGTERM, not
only exitcode 0.
bpo-30356: BaseManager._finalize_manager() sends SIGTERM to the
manager process if it takes longer than 1 second to stop, which
happens on slow buildbots.
(cherry picked from commit b0e1ae5f5430433766e023c1a6936aeba0f2b84e)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
Multiprocessing tests: increase test_queue_feeder_donot_stop_onexc()
timeout from 1 to 60 seconds.
(cherry picked from commit 99799c722065d0524f3ab0bc455e1938bb8dc60f)
Co-authored-by: Victor Stinner <vstinner@python.org>
bpo-37937: Mention frame.f_trace in sys.settrace docs (GH-15439)
Mention frame.f_trace in sys.settrace docs, as well as the fact you still
need to call `sys.settrace` to enable the tracing machinery before setting
`frame.f_trace` will have any effect.
(cherry picked from commit 9c2682efc69568e1b42a0c1759489d6f2e3b30ea)
bpo-38203: faulthandler.dump_traceback_later() is always available (GH-16260)
dump_traceback_later() and cancel_dump_traceback_later() functions of
the faulthandler module are always available since Python 3.7.
(cherry picked from commit 064e1e384120635330493abf300b1113eadd904c)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
bpo-37531: regrtest main process uses shorter timeout (GH-16220) (GH-16223)
When using multiprocesss (-jN), the main process now uses a timeout
of 60 seconds instead of the double of the --timeout value. The
buildbot server stops a job which does not produce any output in 1200
seconds.
(cherry picked from commit 46b0b81220a23bc4aee5ba3ba67e8cf1b5df7960)
Co-authored-by: Victor Stinner <vstinner@redhat.com>
bpo-35379: When exiting IDLE, catch any AttributeError. (GH-16212)
One happens when EditorWindow.close is called twice.
Printing a traceback, when IDLE is run from a terminal,
is useless and annoying.
(cherry picked from commit dfd34a9cd58e8150c324190f746de919e140abe8)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
bpo-38183: Test_idle ignores user config directory GH-16198)
It no longer tries to create or access .idlerc or any files within.
Users must run IDLE to discover problems with saving settings.
(cherry picked from commit 0048afc16a7e7301d5c565237db271505e5fbed9)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
bpo-28556: Update the opening note in typing docs (GH-16204)
This PR replaces the old note mentioning that `typing` is a provisional module with a new one mentioning types are not enforced at runtime. I am not sure if there was any official announcement about making `typing` non-provisional, but _de-facto_ no new features were added during Python 3.7, and no backwards incompatible changes were made except for few small things that were considered bugs.
(cherry picked from commit 81528ba2e81c39f4d6bca5b785e818c7d08b8501)
Co-authored-by: Ivan Levkivskyi <levkivskyi@gmail.com>
bpo-37635: Update arg name for seek() in IO tutorial (GH-16147)
Typically, the second positional argument for ``seek()`` is *whence*. That is the POSIX standard name (http://man7.org/linux/man-pages/man3/lseek.3p.html) and the name listed in the documentation for ``io`` module (https://docs.python.org/3/library/io.htmlGH-io.IOBase.seek).
The tutorial for IO is the only location where the second positional argument for ``seek()`` is referred to as *from_what*. I suspect this was created at an early point in Python's history, and was never updated (as this section predates the GitHub repository):
```
$ git grep "from_what"
Doc/tutorial/inputoutput.rst:To change the file object's position, use ``f.seek(offset, from_what)``. The position is computed
Doc/tutorial/inputoutput.rst:the *from_what* argument. A *from_what* value of 0 measures from the beginning
Doc/tutorial/inputoutput.rst:the reference point. *from_what* can be omitted and defaults to 0, using the
```
For consistency, I am suggesting that the tutorial be updated to use the same argument name as the IO documentation and POSIX standard for ``seek()``, particularly since this is the only location where *from_what* is being used.
Note: In the POSIX standard, *whence* is technically the third positional argument, but the first argument *fildes* (file descriptor) is implicit in Python.
bpo-21872: fix lzma library decompresses data incompletely (GH-14048)
* 1. add test case with wrong behavior
* 2. fix bug when max_length == -1
* 3. allow b"" as valid input data for decompress_buf()
* 4. when max_length >= 0, let needs_input mechanism works
* add more asserts to test case
(cherry picked from commit 4ffd05d7ec47cfd0d7fc95dce851633be9663255)
[3.8] bpo-37409: fix relative import with no parent (GH-14956) (GH-15913)
Relative imports use resolve_name to get the absolute target name,
which first seeks the current module's absolute package name from the globals:
If __package__ (and __spec__.parent) are missing then
import uses __name__, truncating the last segment if
the module is a submodule rather than a package __init__.py
(which it guesses from whether __path__ is defined).
The __name__ attempt should fail if there is no parent package (top level modules),
if __name__ is '__main__' (-m entry points), or both (scripts).
That is, if both __name__ has no subcomponents and the module does not seem
to be a package __init__ module then import should fail..
(cherry picked from commit 92420b3e679959a7d0ce875875601a4cee45231e)
bpo-35066: Make trailing percent test more portable. (GH-15907)
Different libc implementations have different behavior when presented with trailing % in strftime strings. To make test_strftime_trailing_percent more portable, compare the output of datetime.strftime directly to that of time.strftime rather than hardcoding.
(cherry picked from commit f2173ae38fa49235c3cdc28ae2ca2e19a375a596)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
bpo-37424: Avoid a hang in subprocess.run timeout output capture (GH-14490)
Fixes a possible hang when using a timeout on subprocess.run() while
capturing output. If the child process spawned its own children or otherwise
connected its stdout or stderr handles with another process, we could hang
after the timeout was reached and our child was killed when attempting to read
final output from the pipes.
(cherry picked from commit 580d2782f70f8e0bed7ec20abb03d740cb83b5da)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
* Write a message when killing a worker process
* Put a timeout on the second popen.communicate() call
(after killing the process)
* Put a timeout on popen.wait() call
* Catch popen.kill() and popen.wait() exceptions
projects / thirdparty / Python / cpython.git / log
