| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | gh-116741: Upgrade libexpat to 2.6.2 (#117296) | Seth Michael Larson | 2024-04-23 | 1 | -10/+10 |
| | | | | Upgrade libexpat to 2.6.2 | ||||
| * | gh-99108: Update and check HACL* version information (GH-117295) | Seth Michael Larson | 2024-03-27 | 1 | -4/+4 |
| | | | | * Update and check HACL* version information | ||||
| * | gh-99108: Refresh HACL*; update modules accordingly; fix namespacing (GH-117237) | Jonathan Protzenko | 2024-03-26 | 1 | -32/+32 |
| | | | | Pulls in a new update from https://github.com/hacl-star/hacl-star and fixes our C "namespacing" done by `Modules/_hacl/refresh.sh`. | ||||
| * | gh-116116: Backport blake2 change to fix building with clang-cl on ↵ | Yuriy Chernyshov | 2024-03-04 | 1 | -4/+4 |
| | | | | | windows-i686 (GH-116117) | ||||
| * | gh-108562: Fix compiler warnings for libmpdec (#114751) | Sergey B Kirpichev | 2024-03-03 | 1 | -2/+2 |
| | | | | | | | If awailable, enable -fstrict-overflow for libmpdec. Also shut off false positive warnings (-Warray-bounds). The later was backported from mpdecimal-4.0.0. | ||||
| * | gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) ↵ | Sebastian Pipping | 2024-02-29 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | | | | | (GH-115623) Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: - `xml.etree.ElementTree.XMLParser.flush` - `xml.etree.ElementTree.XMLPullParser.flush` - `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled` - `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled` - `xml.sax.expatreader.ExpatParser.flush` Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 . ### Notes - Please treat as a security fix related to CVE-2023-52425. Includes code suggested-by: Snild Dolkow <snild@sony.com> and by core dev Serhiy Storchaka. | ||||
| * | gh-112302: Move pip SBOM discovery to release-tools (#115360) | Seth Michael Larson | 2024-02-14 | 1 | -670/+0 |
| | | |||||
| * | gh-115399: Upgrade bundled libexpat to 2.6.0 (#115431) | Seth Michael Larson | 2024-02-14 | 1 | -43/+24 |
| | | |||||
| * | gh-112302: Change 'licenseConcluded' field to 'NOASSERTION' (#115038) | Seth Michael Larson | 2024-02-06 | 1 | -30/+30 |
| | | |||||
| * | gh-114965: Updated bundled pip to 24.0 (gh-114966) | Stéphane Bidoul | 2024-02-03 | 1 | -14/+14 |
| | | | | Updated bundled pip to 24.0 | ||||
| * | gh-114250: Fetch metadata for pip and its vendored dependencies from PyPI ↵ | Seth Michael Larson | 2024-01-26 | 1 | -0/+624 |
| | | | | | (#114450) | ||||
| * | gh-113257: Automatically generate pip SBOM metadata from wheel (#113295) | Seth Michael Larson | 2023-12-20 | 1 | -1/+1 |
| | | | | | Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com> | ||||
| * | gh-113257: Fix SBOM metadata for pip 23.3.2 (#113262) | Seth Michael Larson | 2023-12-19 | 1 | -4/+4 |
| | | | | Fix SBOM metadata for pip 23.3.2 | ||||
| * | gh-113246: Updated bundled pip to 23.3.2 (gh-113249) | Stéphane Bidoul | 2023-12-18 | 1 | -5/+5 |
| | | | | Updated bundled pip to 23.3.2 | ||||
| * | gh-112302: Add Software Bill-of-Materials (SBOM) tracking for dependencies ↵ | Seth Michael Larson | 2023-12-07 | 1 | -0/+2294 |
| (#112303) | |||||
 |
index : cpython.git | |
| https://github.com/python/cpython.git |
| summaryrefslogtreecommitdiffstats |