summaryrefslogtreecommitdiffstats
path: root/Doc
Commit message (Collapse)AuthorAgeFilesLines
* [3.7] gh-105184: document that marshal functions can fail and need to be ↵Miss Islington (bot)2023-06-051-0/+4
| | | | | | | checked with PyErr_Occurred (GH-105223) (cherry picked from commit ee26ca13a129da8cf549409d0a1b2e892ff2b4ec) Co-authored-by: Irit Katriel <1055913+iritkatriel@users.noreply.github.com>
* [3.7] gh-102153: Start stripping C0 control and space chars in `urlsplit` ↵stratakis2023-06-051-2/+36
| | | | | | | | | | | | | | | | | (GH-104896) `urllib.parse.urlsplit` has already been respecting the WHATWG spec a bit GH-25595. This adds more sanitizing to respect the "Remove any leading C0 control or space from input" [rule](https://url.spec.whatwg.org/GH-url-parsing:~:text=Remove%20any%20leading%20and%20trailing%20C0%20control%20or%20space%20from%20input.) in response to [CVE-2023-24329](https://nvd.nist.gov/vuln/detail/CVE-2023-24329). (cherry picked from commit d7f8a5fe07b0ff3a419ccec434cc405b21a5a304) (cherry picked from commit 2f630e1ce18ad2e07428296532a68b11dc66ad10) (cherry picked from commit 610cc0ab1b760b2abaac92bd256b96191c46b941) (cherry picked from commit f48a96a28012d28ae37a2f4587a780a5eb779946) Co-authored-by: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Co-authored-by: Illia Volochii <illia.volochii@gmail.com> Co-authored-by: Gregory P. Smith [Google] <greg@krypto.org>
* [3.7] gh-68966: fix versionchanged in docs (GH-105300)Ned Deily2023-06-051-1/+1
|
* [3.7] gh-102627: Replace address pointing toward malicious web page ↵Miss Islington (bot)2023-03-131-1/+1
| | | | | | | | | (GH-102630) (GH-102668) (cherry picked from commit 61479d46848bc7a7f9b571b0b09c4a4b4436d839) Co-authored-by: Blind4Basics <32236948+Blind4Basics@users.noreply.github.com> Co-authored-by: C.A.M. Gerlach <CAM.Gerlach@Gerlach.CAM> Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
* [3.7] gh-101283: Improved fallback logic for subprocess with shell=True on ↵Steve Dower2023-02-091-0/+43
| | | | | | | Windows (GH-101286) (#101713) Co-authored-by: Oleg Iarygin <oleg@arhadthedev.net> Co-authored-by: Łukasz Langa <lukasz@langa.pl> Co-authored-by: Oleg Iarygin <dralife@yandex.ru>
* gh-101422: (docs) TarFile default errorlevel argument is 1, not 0 (GH-101424)Miss Islington (bot)2023-01-301-1/+1
| | | | | (cherry picked from commit ea232716d3de1675478db3a302629ba43194c967) Co-authored-by: Owain Davies <116417456+OTheDev@users.noreply.github.com>
* [3.7] Correct CVE-2020-10735 documentation (GH-100306). (GH-100699)Gregory P. Smith2023-01-091-3/+3
| | | | | | Co-authored-by: Jeremy Paige <ucodery@gmail.com>. (cherry picked from commit 88fe8d701af3316c8869ea18ea1c7acec6f68c04) Co-authored-by: Gregory P. Smith <greg@krypto.org>
* [3.7] Update copyright years to 2023. (gh-100853)Benjamin Peterson2023-01-082-2/+2
| | | | | | | | | | * [3.7] Update copyright years to 2023. (gh-100848). (cherry picked from commit 11f99323c2ae0ec428c370a335695e3d8d4afc1d) Co-authored-by: Benjamin Peterson <benjamin@python.org> * Update additional copyright years to 2023. Co-authored-by: Ned Deily <nad@python.org>
* [3.7] gh-100001: Omit control characters in http.server stderr logs. ↵Miss Islington (bot)2022-12-051-0/+10
| | | | | | | | (GH-100002) (GH-100034) Replace control characters in http.server.BaseHTTPRequestHandler.log_message with an escaped \xHH sequence to avoid causing problems for the terminal the output is printed to. (cherry picked from commit d8ab0a4dfa48f881b4ac9ab857d2e9de42f72828) Co-authored-by: Gregory P. Smith <greg@krypto.org>
* [3.7] gh-68966: Make mailcap refuse to match unsafe filenames/types/params ↵Miss Islington (bot)2022-10-111-0/+12
| | | | | | | | (GH-91993) (GH-98191) gh-68966: Make mailcap refuse to match unsafe filenames/types/params (GH-91993) (cherry picked from commit b9509ba7a9c668b984dab876c7926fe1dc5aa0ba) Co-authored-by: Petr Viktorin <encukou@gmail.com>
* [3.7] gh-95778: Mention sys.set_int_max_str_digits() in error message ↵Miss Islington (bot)2022-10-041-2/+2
| | | | | | | | | | | | | | | (GH-96874) (GH-96877) (GH-97836) [3.9] gh-95778: Mention sys.set_int_max_str_digits() in error message (GH-96874) (GH-96877) When ValueError is raised if an integer is larger than the limit, mention sys.set_int_max_str_digits() in the error message. (cherry picked from commit e841ffc915e82e5ea6e3b473205417d63494808d) Co-authored-by: Ned Deily <nad@python.org> (cherry picked from commit 41188134bd2120f0cedd681ed88743c11c7f3742) Co-authored-by: Victor Stinner <vstinner@python.org>
* gh-91423: Remove bugs.python.org from bugs.rst (GH-91425)v3.7.14roy reznik2022-09-061-19/+20
| | | | | Co-authored-by: Inada Naoki <songofacandy@gmail.com> Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
* Move doc build dependencies to Doc/requirements.txt (GH-96607)Ned Deily2022-09-062-1/+20
| | | | This makes 3.7 doc builds similar to later releases, simplifying build tooling.
* [3.7] gh-95778: CVE-2020-10735: Prevent DoS by very large int() (GH-96504)Gregory P. Smith2022-09-068-15/+264
| | | | | | | | | | | | | | | | Converting between `int` and `str` in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a `ValueError` if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This is a mitigation for CVE-2020-10735 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735). This new limit can be configured or disabled by environment variable, command line flag, or :mod:`sys` APIs. See the `Integer String Conversion Length Limitation` documentation. The default limit is 4300 digits in string form. Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson.
* bpo-35036: Remove empty log line in the suspicious.py tool (GH-10024) (GH-96498)Gregory P. Smith2022-09-021-1/+0
| | | | | | Previous to commit ee171a2 the logline was working because of self.info() (now deprecated) defaults to an empty message. Co-authored-by: Xtreak <tirkarthi@users.noreply.github.com>
* [3.7] Fix the Windows CI config. (GH-96490)Gregory P. Smith2022-09-011-0/+14614
| | | | | | * Add ABI and generated files checks to CI. * Fix the Windows CI config. This matches what 3.8 did in 899eb4167264a17ba703677814d69d4f7dcaea41.
* [3.7] gh-90359: Update documentation to follow PEP 495. (gh-94800). (gh-94833)Dong-hee Na2022-07-141-0/+14
| | | | | (cherry picked from commit 07374cce52abb7fd39729dc1b646ca3029b64c64) Co-authored-by: Dong-hee Na <donghee.na@python.org>
* [3.7] gh-81054: Document that SimpleHTTPRequestHandler follows symbolic ↵Łukasz Langa2022-07-011-1/+12
| | | | | | | links (GH-94416) (GH-94496) (cherry picked from commit 80aaeabb8bd1e6b49598a7e23e0f8d99b3fcecaf) Co-authored-by: Sam Ezeh <sam.z.ezeh@gmail.com>
* gh-92448: Update the documentation builder to render the GitHub issue (GH-92600)Ned Deily2022-05-101-4/+5
|
* [3.7] gh-91888: add a `:gh:` role to the documentation (GH-91889) (GH-91937)Ezio Melotti2022-05-101-0/+24
| | | | | Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>. Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com> (cherry picked from commit f7641a2ffec243e5f600028a84debe9028a9ee44)
* Add redirects to Misc/NEWS bpo links (GH-91454) (GH-91894)Miss Islington (bot)2022-05-101-1/+2
| | | | | (cherry picked from commit 17dbb6bc10ca8a8b602335414c047294f00afcbe) Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
* [3.7] Update Sphinx bpo role to use redirect URI. (GH-91893)Ezio Melotti2022-05-101-1/+1
| | | | | (cherry picked from commit 08cfe079503ffd19d8b7ab324f0fdb1c6b150ca8) Co-authored-by: Ezio Melotti <ezio.melotti@gmail.com>
* bpo-47138: Ensure Windows docs build uses the same pinned version as other ↵Steve Dower2022-03-291-1/+1
| | | | platforms (GH-32182)
* bpo-47138: Fix documentation build by pinning Jinja version to 3.0.3 (GH-32111)m-aciek2022-03-281-1/+1
|
* Update copyright year to 2022. (GH-30335) (GH-31477)Miss Islington (bot)2022-02-212-2/+2
| | | | | | Automerge-Triggered-By: GH:benjaminp (cherry picked from commit ba00f0d93a4aea85ae8089f139856a7c450584d7) Co-authored-by: Benjamin Peterson <benjamin@python.org>
* bpo-45618: Fix documentation build by pinning Docutils version to 0.17.1 ↵Ned Deily2022-02-211-1/+1
| | | | (GH-31476)
* bpo-41028: use generic version links in Docs index.Ned Deily2022-01-022-8/+6
|
* [3.7] bpo-44394: Update libexpat copy to 2.4.1 (GH-26945) (GH-28042)Łukasz Langa2021-08-311-14/+18
| | | | | | | | | | | | Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and macOS. Co-authored-by: Victor Stinner <vstinner@python.org> Co-authored-by: Łukasz Langa <lukasz@langa.pl>. (cherry picked from commit 3fc5d84046ddbd66abac5b598956ea34605a4e5d)
* [3.7] bpo-43882 - Mention urllib.parse changes in Whats New section for ↵Senthil Kumaran2021-05-201-0/+10
| | | | | 3.7.11 (GH-26267) Co-authored-by: Gregory P. Smith <greg@krypto.org>
* [3.7] bpo-43882 - urllib.parse should sanitize urls containing ASCII newline ↵Miss Islington (bot)2021-05-061-0/+13
| | | | | | | | | | | | and tabs. (GH-25923) Co-authored-by: Gregory P. Smith <greg@krypto.org> Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> (cherry picked from commit 76cd81d60310d65d01f9d7b48a8985d8ab89c8b4) Co-authored-by: Senthil Kumaran <senthil@uthcode.com> (cherry picked from commit 515a7bc4e13645d0945b46a8e1d9102b918cd407) Co-authored-by: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
* [3.7] bpo-43285 Make ftplib not trust the PASV response. (GH-24838) ↵Miss Islington (bot)2021-03-161-0/+9
| | | | | | | | | | | | | | | | | | | | (GH-24881) (GH-24883) The IPv4 address value returned from the server in response to the PASV command should not be trusted. This prevents a malicious FTP server from using the response to probe IPv4 address and port combinations on the client network. Instead of using the returned address, we use the IP address we're already connected to. This is the strategy other ftp clients adopted, and matches the only strategy available for the modern IPv6 EPSV command where the server response must return a port number and nothing else. For the rare user who _wants_ this ugly behavior, set a `trust_server_pasv_ipv4_address` attribute on your `ftplib.FTP` instance to True.. (cherry picked from commit 0ab152c6b5d95caa2dc1a30fa96e10258b5f188e) Co-authored-by: Gregory P. Smith <greg@krypto.org> (cherry picked from commit 664d1d16274b47eea6ec92572e1ebf3939a6fa0c)
* [3.7] bpo-43293: Doc: move note about GIL to top of threading module ↵Guanzhong Chen2021-02-261-12/+12
| | | | | | | | | | | | | (GH-24622) (#24642) The note about the GIL was buried pretty deep in the threading documentation, and this made it hard for first time users to discover why their attempts at using threading to parallelizing their application did not work. In this commit, the note is moved to the top of the module documention for visibility.. (cherry picked from commit 32181be6081f6c70a1e0bd0540050805c8e88e83) Co-authored-by: Guanzhong Chen <quantum2048@gmail.com>
* Add a warning block around the get_referrers() documentation (GH-24511) ↵Miss Islington (bot)2021-02-161-4/+5
| | | | | | | (GH-24544) (cherry picked from commit 813db24f7c2c536d587d1832c3c52b44fa9e242e) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>
* [3.7] bpo-42967: only use '&' as a query string separator (GH-24297) (GH-24531)Senthil Kumaran2021-02-154-5/+53
| | | | | | | | | | | | | | bpo-42967: [security] Address a web cache-poisoning issue reported in urllib.parse.parse_qsl(). urllib.parse will only us "&" as query string separator by default instead of both ";" and "&" as allowed in earlier versions. An optional argument seperator with default value "&" is added to specify the separator. Co-authored-by: Éric Araujo <merwok@netwok.org> Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com> Co-authored-by: Adam Goldschmidt <adamgold7@gmail.com> (cherry picked from commit fcbe0cb04d35189401c0c880ebfb4311e952d776)
* Bring Python into the new year. (GH-24036) (GH-24052)Miss Islington (bot)2021-01-012-2/+2
| | | | | (cherry picked from commit de6f20a6de48d63066b2cf5b317f50629f01d74a) Co-authored-by: Dong-hee Na <donghee.na@python.org>
* bpo-17140: Document multiprocessing's ThreadPool (GH-23812) (GH-23836)Miss Islington (bot)2020-12-181-0/+40
| | | | | | | | Up until now, the `multiprocessing.pool.ThreadPool` class has gone undocumented, despite being a public class in multiprocessing that is included in `multiprocessing.pool.__all__`. (cherry picked from commit 84ebcf271a2cc8bfd1762acb279502b8b6ef236e) Co-authored-by: Matt Wozniski <mwozniski@bloomberg.net>
* [3.7] Remove 3.5 from Doc version switcher in master. (GH-22886) (#22890)larryhastings2020-10-222-2/+0
| | | (cherry picked from commit 283f9a253b4ff4df728558205629b3bb3af6e47f)
* bpo-41455: Provide a link to how the third generation is collected in the GC ↵Miss Islington (bot)2020-08-121-3/+3
| | | | | | | | docs (GH-21703) (GH-21788) Co-authored-by: Pablo Galindo <Pablogsal@gmail.com> (cherry picked from commit 82ca8fada15b121866530f2cdac1b7055be4a244) Co-authored-by: Yaroslav Pankovych <31005942+P-Alban@users.noreply.github.com>
* bpo-41475: Fix note in "What's new in 3.7" (GH-21733) (GH-21835)Miss Islington (bot)2020-08-121-1/+1
| | | | | (cherry picked from commit 76643c10ede2813ca921464fe839e81caee21a84) Co-authored-by: Ram Rachum <ram@rachum.com>
* bpo-40204: Pin Sphinx version to 2.3.1 in Doc/MakefileNed Deily2020-06-171-1/+1
|
* [3.7] bpo-37674: Tweak imp module deprecation note in the docs (GH-20480) ↵Miss Islington (bot)2020-06-131-1/+1
| | | | | | | | | | (GH-20861) (cherry picked from commit dea3223740127ac13f984c1d38f127ab6701af44) Co-authored-by: Zackery Spytz <zspytz@gmail.com> Automerge-Triggered-By: @brettcannon
* bpo-40025: Require _generate_next_value_ to be defined before members (GH-19762)Miss Islington (bot)2020-06-111-0/+4
| | | | require `_generate_next_value_` to be defined before members (cherry picked from commit d9a43e20facdf4ad10186f820601c6580e1baa80)
* [3.7] bpo-40895: Update weakref documentation to remove old warnings ↵Antoine Pitrou2020-06-101-14/+0
| | | | | | | | | | | | | | | | | (GH-20687) (GH-20793) The doccumentation at https://docs.python.org/3.10/library/weakref.html cautions that the `WeakKeyDictionary` and `WeakValueDictionary` are susceptible to the problem of dictionary mutation during iteration. These notes present the user with a problem that has no easy solution. I dug into the implementation and found that fortunately, Antoine Pitrou already addressed this challenge (10 years ago!) by introducing an `_IterationGuard` context manager to the implementation, which delays mutation while an iteration is in progress. I asked for confirmation and @pitrou agreed that these notes could be removed: https://github.com/python/cpython/commit/c1baa601e2b558deb690edfdf334fceee3b03327GH-commitcomment-39514438. (cherry picked from commit 1642c0ef750f96664a98cadb09301d492098d2fb) Co-authored-by: Daniel Fortunov <asqui@users.noreply.github.com> Automerge-Triggered-By: @pitrou
* [3.7] Revert bpo-39576: docs: set context for decimal arbitrary precision ↵Stefan Krah2020-06-081-58/+8
| | | | | arithmetic (GH-20746) This reverts commit 00e45877e33d32bb61aa13a2033e3bba370bda4d.
* [3.7] Revert bpo-39576: Clarify the word size for the 32-bit build. (GH-20744)Stefan Krah2020-06-081-2/+2
| | | This reverts commit 24c570bbb82a7cb70576c253a73390accfa7ed78.
* bpo-22021: Update root_dir and base_dir documentation in shutil (GH-10367)Miss Islington (bot)2020-06-081-3/+47
| | | | | | | | Also added an example in shutil in order to make more clear how they are to be used. Initially reported by Weinan Li on bpo. (cherry picked from commit 7633371dace67aaa21eb4b86f889441571ec4167) Co-authored-by: Lysandros Nikolaou <lisandrosnik@gmail.com>
* Fix spacing in docs for tarfile (GH-20629)Miss Islington (bot)2020-06-041-1/+1
| | | | | | | | | | | | | | | | | | | | Before ``` content.txt is 42 bytes in size and isa regular file. folder is 420 bytes in size and isa directory. magic is 4200 bytes in size and issomething else. ``` After: ``` content.txt is 42 bytes in size and is a regular file. folder is 420 bytes in size and is a directory. magic is 4200 bytes in size and is something else. ``` Automerge-Triggered-By: @orsenthil (cherry picked from commit 7a280197f4162e5fcdde6f34701a9fa6e669190d) Co-authored-by: Harsha Laxman <HarshaLaxman@users.noreply.github.com>
* Ensure correct version of Sphinx is used for Windows builds (GH-20582)Miss Islington (bot)2020-06-011-1/+1
| | | | | (cherry picked from commit fe5dd78182dbf4937bcc2b113ca7526bfad0192b) Co-authored-by: Steve Dower <steve.dower@python.org>
* bpo-40831: Remove an incorrect statement in the Windows docs (GH-20570)Miss Islington (bot)2020-06-011-3/+1
| | | | | (cherry picked from commit c8966667bbdb284c3780ef6cec8a3870935a6bb7) Co-authored-by: Zackery Spytz <zspytz@gmail.com>
* bpo-40798: Generate a different message for already removed elements (GH-20483)Miss Islington (bot)2020-05-302-2/+12
| | | | | (cherry picked from commit 735d902b363b759df9ff00e58bbf4f7e2bde78cd) Co-authored-by: Florian Dahlitz <f2dahlitz@freenet.de>
generated by cgit v0.12 at 2026-01-04 02:05:56 (GMT)