[issue36515] unaligned memory access in the _sha3 extension

[Matthias Klose]

New submission from Matthias Klose :

This was seen when running an armhf binary on a 64bit kernel. The problem is 
that the implementation uses unaligned memory accesses, and even is well aware 
of that. The module allows misaligned memory accesses by default. The 
NO_MISALIGNED_ACCESSES macro is never defined.  Now you can define it only on 
architectures where unaligned memory accesses are not allowed (ARM32 on 64bit 
kernels), or where there are performance penalties (AArch64), or just don't try 
to outsmart modern compilers and always define this macro.

The attached patch only fixes the issue on ARM32 and AArch64, however the safe 
fix should be to always define the macro.

--
components: Extension Modules
files: arm-alignment.diff
keywords: patch
messages: 339379
nosy: christian.heimes, doko
priority: high
severity: normal
status: open
title: unaligned memory access in the _sha3 extension
type: crash
versions: Python 3.6, Python 3.7, Python 3.8
Added file: https://bugs.python.org/file48243/arm-alignment.diff

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue9883] minidom: AttributeError: DocumentFragment instance has no attribute 'writexml'

[Karthikeyan Singaravelan]

Change by Karthikeyan Singaravelan :


--
nosy: +scoder, serhiy.storchaka

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36440] more helpful diagnostics for parser module

[Pablo Galindo Salgado]

Change by Pablo Galindo Salgado :


--
pull_requests: +12599
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36440] more helpful diagnostics for parser module

[Pablo Galindo Salgado]

Pablo Galindo Salgado  added the comment:


New changeset cb0748d3939c31168ab5d3b80e3677494497d5e3 by Pablo Galindo 
(tyomitch) in branch 'master':
bpo-36440: include node names in ParserError messages, instead of numeric IDs 
(GH-12565)
https://github.com/python/cpython/commit/cb0748d3939c31168ab5d3b80e3677494497d5e3


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: Logging module and datetime - oil & water for some reason?

[DL Neil]

Skip,


On 2/04/19 9:54 AM, Skip Montanaro wrote:

I assiduously avoided using Python's logging package for about the
first dozen years of its existence. I eventually gave in and started


I'm glad you're stepping-up!

I'm never sure whether to be amazed or dismayed by the huge number of 
folk expressing/hiding this sort of 'fear'.

(not that I'm insulting you - you might be bigger than I!)

Have spent some time over the last two days, contemplating an 'upgrade' 
from ordinary files to a RotatingFileHandler, so, with the manual fresh 
in my mind, you're in-luck!

(maybe)



using it relatively recently in the guise of a thin wrapper provided
by a colleague at work. Today I had occasion to tweak the timestamp
format only to discover that logging still uses time.localtime or
time.gmtime as its underlying source of time fields, so subsecond
timestamps are hacked in, with no straightforward way to log both
milliseconds and the timezone in normal order. I have need for both,
as I work for a company with offices in multiple timezones, and
sometimes need subsecond time resolution for quick-n-dirty analysis.


Prepare for that "thin wrapper" (and most of the provided 'convenience 
functions') to disappear in your rear-view mirror!




I stole a custom formatter class from a StackOverflow thread and am
now back in business (milliseconds *and* timezones, yay!). Still,
peeking at the 2.7 documentation, I see that both the logging package
and the datetime module were added to the standard library in Python
2.3 (2003). Why is logging still relying on the suboptimal
time.{localtime,gmtime} API? Surely, if there was no
backwards-compatible way to introduce datetime into the system, a
small breaking change could have been made for Python 3000 and
probably affected very few users.


The formatTime method was added to the Formatter class in Python 3.3. 
(see docs, if v3.3 is an option available to you)


Otherwise, your idea of implementing a sub-class was likely the best 
approach.


Another introduction (v3.2) has been LoggerAdapter objects. I've not 
used them(!) but wondered if they might have purpose in such situations?


In multi-national situations, my recommendation has long been to 
standardise all times (incl logging) as UTC.


I'm not sure if it was available as far back as Py2, but there is a 
SysLogHandler() which enables disparate and dispersed applications to 
log to a central 'logging server'. (although I wonder if the formatters 
would still be using local time (or whatever), or if the 'time' relates 
to that central server)


Am unable to comment on, or answer, the last question.

--
Regards =dn
--
https://mail.python.org/mailman/listinfo/python-list

Re: DeprecationWarning in Python 3.6 and 3.7

[אורי]

אורי
u...@speedy.net


On Wed, Apr 3, 2019 at 6:12 AM Inada Naoki  wrote:

> See this log.
>
> https://travis-ci.org/speedy-net/speedy-net/jobs/514595889
>
> 1. In line 172, you *enabled* virtualenv, created by Travis-CI with
> old virtualenv library.
> 2. In the legacy virtualenv, you installed latest virtualenv.
>
> You need to enable virtualenv, *created by* latest virtualenv.
> Install latest virtualenv in virtualenv *created by* old virtualenv is
> not enough.
>

Thank you, I understand now. I'm sorry about the misunderstanding.
The virtualenv enabled in line 172 is from Travis. Do you know if it's
possible to change it's version? It's the default virtualenv of these
versions of Python (3.6 & 3.7) and I don't know how to change it. Should I
wait until Travis will upgrade their default virtualenv versions? Or can I
upgrade it manually?

The first line of code from my script in the log above is line 177 (`cp
env.ini.tests env.ini`), which comes from
https://github.com/speedy-net/speedy-net/blob/uri_run_tests_with_deprecation_warnings_2019-04-02_a/.travis.yml
line
17.

I also asked this question on Stack Overflow:
https://stackoverflow.com/questions/55486248/deprecationwarning-in-python-3-6-and-3-7-with-pillow



>
> ‪On Wed, Apr 3, 2019 at 11:35 AM ‫אורי‬‎  wrote:‬
> >
> >
> > אורי
> > u...@speedy.net
> >
> >
> > On Wed, Apr 3, 2019 at 2:50 AM Inada Naoki 
> wrote:
> >>
> >> The DeprecationWarning is raised for virtualenv's distutils.
> >> It is fixed already.  Use latest virtualenv.
> >
> >
> > That's what I wrote. I tried to upgrade to the latest virtualenv
> (virtualenv==16.4.3) in the tests but the tests still fail in Python 3.6
> and 3.7 with the DeprecationWarning. You can see the "pip freeze" before
> the tests start.
> >
> > (with Pillow==5.4.1):
> > https://travis-ci.org/speedy-net/speedy-net/builds/514284524
> >
> > (with Pillow==6.0.0):
> > https://travis-ci.org/speedy-net/speedy-net/builds/514595887
> >
> >
> >>
> >>
> >> Links:
> >> https://github.com/pypa/virtualenv/pull/1289
> >> https://virtualenv.pypa.io/en/latest/changes/#v16-4-0-2019-02-09
> >> --
> >> Inada Naoki  
>
>
>
> --
> Inada Naoki  
>
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue9883] minidom: AttributeError: DocumentFragment instance has no attribute 'writexml'

[Fred L. Drake, Jr.]

Fred L. Drake, Jr.  added the comment:

Updated target to Python 3.8, since this has aged a bit.

--
versions: +Python 3.8 -Python 3.5

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36505] PYTHON-CAN with vector

[tejesh]

tejesh  added the comment:

THANKS for your response

i have tried checking in Stackoverflow i did not get any help from the list 
Q's in Stackoverflow 

i sent out mail to python help also still i did not got any help

i need help ASAP 

Thanks again

--
status: closed -> open

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36501] Remove POSIX.1e ACLs in tests that rely on default permissions behavior

[Karthikeyan Singaravelan]

Change by Karthikeyan Singaravelan :


--
nosy: +steve.dower

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36512] future_factory argument for Thread/ProcessPoolExecutor

[Karthikeyan Singaravelan]

Change by Karthikeyan Singaravelan :


--
nosy: +bquinlan, pitrou

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: DeprecationWarning in Python 3.6 and 3.7

[Inada Naoki]

See this log.

https://travis-ci.org/speedy-net/speedy-net/jobs/514595889

1. In line 172, you *enabled* virtualenv, created by Travis-CI with
old virtualenv library.
2. In the legacy virtualenv, you installed latest virtualenv.

You need to enable virtualenv, *created by* latest virtualenv.
Install latest virtualenv in virtualenv *created by* old virtualenv is
not enough.

‪On Wed, Apr 3, 2019 at 11:35 AM ‫אורי‬‎  wrote:‬
>
>
> אורי
> u...@speedy.net
>
>
> On Wed, Apr 3, 2019 at 2:50 AM Inada Naoki  wrote:
>>
>> The DeprecationWarning is raised for virtualenv's distutils.
>> It is fixed already.  Use latest virtualenv.
>
>
> That's what I wrote. I tried to upgrade to the latest virtualenv 
> (virtualenv==16.4.3) in the tests but the tests still fail in Python 3.6 and 
> 3.7 with the DeprecationWarning. You can see the "pip freeze" before the 
> tests start.
>
> (with Pillow==5.4.1):
> https://travis-ci.org/speedy-net/speedy-net/builds/514284524
>
> (with Pillow==6.0.0):
> https://travis-ci.org/speedy-net/speedy-net/builds/514595887
>
>
>>
>>
>> Links:
>> https://github.com/pypa/virtualenv/pull/1289
>> https://virtualenv.pypa.io/en/latest/changes/#v16-4-0-2019-02-09
>> --
>> Inada Naoki  



-- 
Inada Naoki  
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue32941] mmap should expose madvise()

[Josh Rosenberg]

Josh Rosenberg  added the comment:

It might be nice to expose a more limited API to prefetch memory in bulk while 
we're at it. Windows 8 and higher offers PrefetchVirtualMemory ( 
https://docs.microsoft.com/en-us/windows/desktop/api/memoryapi/nf-memoryapi-prefetchvirtualmemory
 ) which fills roughly the same niche as madvise/posix_madvise with the 
WILLNEED hint.

I kept meaning to file an issue to suggest this, but kept getting hung up on 
how to make it as portable as possible and as powerful as possible, and where 
to implement it.

It could go on mmap, but it's also useful for just about any contiguous 
buffer-supporting object, so it almost seems like adding an os.madvise (and/or 
os.prefetch) would make more sense than specifically tying it to the mmap 
module.

--
nosy: +josh.r

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: DeprecationWarning in Python 3.6 and 3.7

[אורי]

אורי
u...@speedy.net


On Wed, Apr 3, 2019 at 2:50 AM Inada Naoki  wrote:

> The DeprecationWarning is raised for virtualenv's distutils.
> It is fixed already.  Use latest virtualenv.
>

That's what I wrote. I tried to upgrade to the latest virtualenv
(virtualenv==16.4.3) in the tests but the tests still fail in Python 3.6
and 3.7 with the DeprecationWarning. You can see the "pip freeze" before
the tests start.

(with Pillow==5.4.1):
https://travis-ci.org/speedy-net/speedy-net/builds/514284524

(with Pillow==6.0.0):
https://travis-ci.org/speedy-net/speedy-net/builds/514595887



>
> Links:
> https://github.com/pypa/virtualenv/pull/1289
> https://virtualenv.pypa.io/en/latest/changes/#v16-4-0-2019-02-09
> --
> Inada Naoki  
>
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue31904] Python should support VxWorks RTOS

[Yue Sun]

Change by Yue Sun :


--
pull_requests: +12598

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: fs package question - cp -p semantics when copying files?

[DL Neil]

Skip,

On 3/04/19 8:06 AM, Skip Montanaro wrote:

I posed this yesterday on the PyFilesystem discussion Google Group but
it's so far not even garnered a single view, so perhaps that group is
defunct. I turn to the knowledgeable folks here:

I am copying files from one filesystem instance to another. I see no
(easy) way to tell fs.copy.copy_fs to preserve file permissions when
copying files (the equivalent of the cp(1)'s -p flag). So, accessed,
created, modified times, as well as permissions. It seems I need to
craft a dictionary with only marginally documented structure, which I
can then pass to the destination filesystem's setinfo method,
something like this:

 dst_fs.setinfo(dst_path, )

I suspect I will figure this out (painfully), but if someone has some
hints, they'd be appreciated.


Is there an (unstated) reason why you're using Python and not a system 
tool such as rsync?


--
Regards =dn
--
https://mail.python.org/mailman/listinfo/python-list

Re: Clicking a specific item within a drop down list

[DL Neil]

Richard,
(this is a Python list, and whilst the question is quite proper - your 
are using Python after all, the answer delves into Selenium and then 
dives into HTML and finally disappears into 'the dark side' of JavaScript!)



On 3/04/19 2:02 PM, rlew2...@gmail.com wrote:

Hi dn,
Thank you kindly for your warm greeting.  Please forgive my lack of forum 
decorum, I just started Python 2 days ago out of necessity, so I'm still quite 
unknowledgable about a lot of things.
I'm working on a person project.  So far, my only resources to date have been 
forums based off of Google searches, and a YouTube video: 
https://www.youtube.com/watch?v=rfscVS0vtbw
This is the code that I have so far:
from selenium import webdriver
driver = webdriver.Chrome()
driver.get("http://financials.morningstar.com/balance-sheet/bs.html?t=XNAS:AAPL=usa=en-US;)
import time
time.sleep(2)
driver.find_element_by_id("menu_A")
driver.("Quarterly")
When I run it, I get this error code:
selenium.common.exceptions.NoSuchElementException: Message: no such element: Unable to locate element: 
{"method":"link text","selector":"Quarterly"}
I've exhausted all of the forum posts I can find on this topic, but I've still 
been unable to solve it.  Any suggestions on how to solve it are eagerly 
welcomed.



Python is being helpful. Stop and read the error message: "Unable to 
locate element". What can you learn from the components of that msg?


The error was found by Selenium.
Did you look within their documentation?
Sadly, a quick web-search link to their web site basically repeats the 
err.msg. Big deal!


The subject Selenium is examining is a web page.
In this case the word "element" is not part of Python, nor is it part of 
Selenium (per-se), but is an HTML term.
Have you opened that page in your web-browser? (bring it up again, if 
necessary)


Usually I would suggest using the web-browser to look at HTML elements, 
indeed Firefox's (right-mouse-click) Context Menu offers an "Inspect 
Element" function, or use of the "Developer Tools" (F12). NB 
Chromium/Chrome and presumably the Apple and MSFT products offer similarly.


In this case, may I recommend (first) using the web-browser's "View 
Source" facility (Context or Tool menus) to inspect the HTML code of 
this web page.

What happens when you try to find "Quarterly" on the page?

Yes, it is found, but that's not in the place you expect ("menu_A")!

Return to the web page and now try the "Inspect Element" function.
Ahah, the "quarterly" link content *is* there.
What is going on?

Return to the page source, scroll through to (manually) find the Balance 
Sheet. It's not there either!

Yet, on the web page you can see it with your own eyes!!!???

What is there, around line 259 of the HTML, is a call to a JavaScript 
script.

What did I say about "going over to the dark side"?

You ask Selenium to load a web page. In turn, the browser/driver 
discovers that the web-page/HTML loads other items/files, eg graphics, 
CSS files, and JavaScript code files.


That's where the problem (seems to) lies - and it also explains the 
difference between Firefox's "View Source" facility and the "Developer 
Tools". Selenium works fast. Accordingly, as soon as the HTML page is 
available, it finds "menu_A" and thence attempts to find the "Quarterly" 
link. Unfortunately, the JavaScript needs to be loaded (from a separate 
file on the web server) and executed. You have a "race condition". The 
solution (hopefully - I have not tested it) is to add a delay between 
the page-load and the search-analysis (and possibly again, to allow the 
quarterly analysis to load before commencing the next step...


WebRefs:
https://stackoverflow.com/questions/6936149/how-to-use-find-element-by-link-text-properly-to-not-raise-nosuchelementexcept
https://en.wikipedia.org/wiki/Race_condition


Let us know how you get on...
--
Regards =dn
--
https://mail.python.org/mailman/listinfo/python-list

[issue36514] -m switch revisited

[Colin Dick]

New submission from Colin Dick :

-m switch revisited - see issue 27487
Win 10 64bit
python 3.6.3 & 3.7.3

initially running code using py 3.6.3 with this command
python -m vixsd.py
produced
C:\Python36\python.exe: Error while finding module specification for 'vixsd.py' 
(AttributeError: module 'vixsd' has no attribute '__path__')

updated python from 3.6.3 to 3.7.3

searched & read web
retried the 4 options with & without "-m" & ".py"
results reproduced below

c:\shared\python\vmw>python vixsd
python: can't open file 'vixsd': [Errno 2] No such file or directory

c:\shared\python\vmw>python vixsd.py
A

c:\shared\python\vmw>python -m vixsd
A

c:\shared\python\vmw>python -m vixsd.py
A
C:\Python3\python.exe: Error while finding module specification for 'vixsd.py' 
(ModuleNotFoundError: __path__ attribute not found on 'vixsd' while trying to 
find 'vixsd.py')

while this was initially produced thru my ignorance,
handling all 4 options still does not work correctly
appears to have been a problem at least since
issue 27487

cheers team, keep up the great work
ColinDNZ

--
messages: 339374
nosy: Colin Dick
priority: normal
severity: normal
status: open
title: -m switch revisited
type: behavior
versions: Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32941] mmap should expose madvise()

[Giampaolo Rodola']

Change by Giampaolo Rodola' :


--
nosy: +giampaolo.rodola

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: Clicking a specific item within a drop down list

[rlew2008]

Hi dn,

Thank you kindly for your warm greeting.  Please forgive my lack of forum 
decorum, I just started Python 2 days ago out of necessity, so I'm still quite 
unknowledgable about a lot of things.  

I'm working on a person project.  So far, my only resources to date have been 
forums based off of Google searches, and a YouTube video: 
https://www.youtube.com/watch?v=rfscVS0vtbw

This is the code that I have so far:

from selenium import webdriver
driver = webdriver.Chrome()
driver.get("http://financials.morningstar.com/balance-sheet/bs.html?t=XNAS:AAPL=usa=en-US;)
import time
time.sleep(2)
driver.find_element_by_id("menu_A")
driver.find_element_by_link_text("Quarterly")

When I run it, I get this error code:

selenium.common.exceptions.NoSuchElementException: Message: no such element: 
Unable to locate element: {"method":"link text","selector":"Quarterly"}

I've exhausted all of the forum posts I can find on this topic, but I've still 
been unable to solve it.  Any suggestions on how to solve it are eagerly 
welcomed.

Cheers,
Richard



On Tuesday, April 2, 2019 at 1:22:35 PM UTC-7, DL Neil wrote:
> On 3/04/19 7:53 AM, rlew2...@gmail.com wrote:
> > What code would allow me to automatically select and click the "Quarterly" 
> > value from the drop-down box labeled "Statement Type" on the web page below.
> > 
> > I'm new to Python and have been struggling with this one. Any help is 
> > immensely appreciated. Thanks!
> 
> Welcome!
> People here offer great assistance.
> 
> To help you, please advise:
> Which Python book, course, or tutorial have you been following?
> Is this task course-work or for some other purpose?
> Which GUI library are you using?
> What code do you have so far?
> What error message and/or screen behavior results?
> 
> -- 
> Regards =dn

-- 
https://mail.python.org/mailman/listinfo/python-list

[issue36513] Add support for building arm32 nuget package

[Paul Monson]

Change by Paul Monson :


--
keywords: +patch
pull_requests: +12597
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36513] Add support for building arm32 nuget package

[Paul Monson]

Change by Paul Monson :


--
components: Build, Windows
nosy: Paul Monson, paul.moore, steve.dower, tim.golden, zach.ware
priority: normal
severity: normal
status: open
title: Add support for building arm32 nuget package
type: enhancement
versions: Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36501] Remove POSIX.1e ACLs in tests that rely on default permissions behavior

[Ivan Pozdeev]

Ivan Pozdeev  added the comment:

Seeing during PR composition how basically every mode check and every 
`test.support.temp_umask` use is broken by ACLs, I'm starting to doubt that 
fixing individual test cases is the way to go.

Though we can simply not worry about supporting everything imaginable and solve 
problems as they come and declare highly unusual cases unsupported.

For the record, other potential problems:

* All open(O_CREAT) and umask uses anywhere in the tests are broken by default.
* Though only 4 test files were affected for now -- test_pathlib, 
test_tarfile, test_os, test_import .
* There are other overlay security frameworks that override POSIX permissions 
like NFSv4 and SELinux.

And possible solutions:

* Skip mode_t checks outright if overlay security is detected like it's already 
done in Windows
* Embed cleanup code into test.support's temp_* and such. In the POSIX.1e case, 
will have to create temporary dirs or change permissions for the current dir.
* I don't think regrtest's temporary dir is a good place for this 'cuz 
tests are supposed to be runnable directly with `unittest`, too.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36506] [security] CVE-2019-10268: An arbitrary execution vulnerability exists in the built-in function getattr

[bigbigliang]

bigbigliang  added the comment:

Yes, as you said. I think this problem can be closed. My initial idea was
that if a user carefully constructs a vulnerability point, it may cause
some danger, such as 'getattr(os,"system")("/bin/sh")'. So I have some
ideas about whether it is necessary to filter it.
Thank you for your reply.

from:bigbigliang

Josh Rosenberg  于2019年4月3日周三 上午12:52写道：

>
> Josh Rosenberg  added the comment:
>
> I'll note that, based on the title, I'm skeptical of the claim of a
> vulnerability. getattr is effectively *designed* to execute arbitrary code
> if called on an appropriate object (one where the class defines
> __getattribute__; defines __getattr__ without defining the name in
> question; defines the name in question as a property, not an instance
> attribute; or does something complicated with metaclasses that achieves a
> similar result looking up the attribute on the class).
>
> In all of those cases, the "vulnerability" only exists if:
>
> 1. The object in question defines a vulnerable handler for the attribute
> (that is, provides a code path for arbitrary execution that Python's
> attribute lookup machinery wasn't responsible for except insofar as it
> passed control to the unsafe handler in question)
> 2. Untrusted user input is passed as the name to look up on the vulnerable
> object
>
> If it's something more subtle than that (e.g. something where a "plain"
> instance with no special execution path supports arbitrary execution),
> that's an issue, but if it requires a Python developer to both create the
> vulnerability and open a path to trigger it explicitly, that doesn't really
> count.
>
> --
> keywords: +security_issue
> nosy: +josh.r
>
> ___
> Python tracker 
> 
> ___
>

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: DeprecationWarning in Python 3.6 and 3.7

[Inada Naoki]

The DeprecationWarning is raised for virtualenv's distutils.
It is fixed already.  Use latest virtualenv.

Links:
https://github.com/pypa/virtualenv/pull/1289
https://virtualenv.pypa.io/en/latest/changes/#v16-4-0-2019-02-09
-- 
Inada Naoki  
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue6721] Locks in the standard library should be sanitized on fork

[Gregory P. Smith]

Gregory P. Smith  added the comment:

We need a small test case that can reproduce your problem.  I believe 
https://github.com/python/cpython/commit/3b699932e5ac3e76031bbb6d700fbea07492641d
 to be correct.

acquiring locks before fork in the thread doing the forking and releasing them 
afterwards is always the safe thing to do.

Example possibility: Does your code use any C code that forks on its own 
without properly calling the C Python PyOS_BeforeFork(), 
PyOS_AfterFork_Parent(), and PyOS_AfterFork_Child() APIs?

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue35866] concurrent.futures deadlock

[cagney]

cagney  added the comment:

I'm seeing cf-deadlock-alarm.py hangs on vanilla python 3.7.[0123] with:

Linux 5.0.5-100.fc28.x86_64 #1 SMP Wed Mar 27 22:16:29 UTC 2019 x86_64 x86_64 
x86_64 GNU/Linux
glibc-2.27-37.fc28.x86_64

can anyone reproduce this?

I also wonder if this is connected to bpo-6721 where a recent "fix" made things 
worse - the fedora versions that work for libreswan don't have the "fix".

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue6721] Locks in the standard library should be sanitized on fork

[cagney]

cagney  added the comment:

I suspect 3b699932e5ac3e7 is causing a hang in libreswan's kvmrunner.py on 
Fedora.

Looking at the Fedora RPMs:

python3-3.7.0-9.fc29.x86_64 didn't contain the fix and worked
python3-3.7.1-4.fc29.x86_64 reverted the fix (for anaconda) and worked
python3-3.7.2-4.fc29.x86_64 included the fix; eventually hangs

I believe the hang looks like:

Traceback (most recent call last):
  File "/home/build/libreswan-web/master/testing/utils/fab/runner.py", line 
389, in _process_test
test_domains = _boot_test_domains(logger, test, domain_prefix, 
boot_executor)
  File "/home/build/libreswan-web/master/testing/utils/fab/runner.py", line 
203, in _boot_test_domains
TestDomain.boot_and_login)
  File "/home/build/libreswan-web/master/testing/utils/fab/runner.py", line 
150, in submit_job_for_domain
logger.debug("scheduled %s on %s", job, domain)
  File "/usr/lib64/python3.7/logging/__init__.py", line 1724, in debug

  File "/usr/lib64/python3.7/logging/__init__.py", line 1768, in log
def __repr__(self):
  File "/usr/lib64/python3.7/logging/__init__.py", line 1449, in log
"""
  File "/usr/lib64/python3.7/logging/__init__.py", line 1519, in _log
break
  File "/usr/lib64/python3.7/logging/__init__.py", line 1529, in handle
logger hierarchy. If no handler was found, output a one-off error
  File "/usr/lib64/python3.7/logging/__init__.py", line 1591, in callHandlers

  File "/usr/lib64/python3.7/logging/__init__.py", line 905, in handle
try:
  File "/home/build/libreswan-web/master/testing/utils/fab/logutil.py", line 
163, in emit
stream_handler.emit(record)
  File "/usr/lib64/python3.7/logging/__init__.py", line 1038, in emit
Handler.__init__(self)
  File "/usr/lib64/python3.7/logging/__init__.py", line 1015, in flush
name += ' '
  File "/usr/lib64/python3.7/logging/__init__.py", line 854, in acquire
self.emit(record)
KeyboardInterrupt

--
nosy: +cagney

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36322] Argument typo in dbm.ndbm.open

[Brett Cannon]

Brett Cannon  added the comment:

So Terry is correct in so much as there is no parameter name. :) Both of the 
functions in question are positional-only, so the name actually doesn't matter 
beyond giving a way to reference the parameter in the documentation.

So thanks for the PR, Marco, but I'm going to reject this as there's nothing 
actually wrong with the gdbm or ndbm docs.

--
resolution:  -> rejected
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36322] Argument typo in dbm.ndbm.open

[Brett Cannon]

Brett Cannon  added the comment:

Actually, it's even more subtle as the arguments are positional-only.

--
nosy: +brett.cannon

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: DeprecationWarning in Python 3.6 and 3.7

[Karsten Hilbert]

On Tue, Apr 02, 2019 at 01:29:08PM +0300, אורי wrote:

> DeprecationWarning in Python 3.6 and 3.7
> 
>
> I tried to upgrade to the latest virtualenv (virtualenv==16.4.3) in the
> tests but the tests still fail in Python 3.6 and 3.7 with
> the DeprecationWarning:
>
> (with Pillow==5.4.1):
> https://travis-ci.org/speedy-net/speedy-net/builds/514284524
>
> (with Pillow==6.0.0):
> https://travis-ci.org/speedy-net/speedy-net/builds/514595887
>
> What is the problem?

Missing information.

Karsten
--
GPG  40BE 5B0E C98E 1713 AFA6  5BC0 3BEA AC80 7D4F C89B
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue36485] Establish a uniform way to clear all caches in a given module

[Raymond Hettinger]

Raymond Hettinger  added the comment:

> Did you mean importlib.reload() instead of sys.reload()?

Yes.

> And technically it would *if* you're okay with the other 
> side-effects of reloading,

If you want to go forward with this, go for it. I would like to be able to 
explain to another person why this is needed, but personally can't visualize a 
circumstance where a person is testing module, doesn't know how to use the 
existing cache clearing APIs, but needs to clear caches (not sure why), and 
doesn't either know or want what happens on import.  I've never seen this 
situation arise, but if it's something you want, I won't stand it the way.

BTW, if you're going to have some sort of clear_all(), perhaps it should cover 
the sys.intern() dictionary and string hashes as well.  AFAICT, there's nothing 
special about a regex cache that gives it a greater need to be cleared

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: Clicking a specific item within a drop down list

[DL Neil]

On 3/04/19 7:53 AM, rlew2...@gmail.com wrote:

What code would allow me to automatically select and click the "Quarterly" value from the 
drop-down box labeled "Statement Type" on the web page below.

I'm new to Python and have been struggling with this one. Any help is immensely 
appreciated. Thanks!


Welcome!
People here offer great assistance.

To help you, please advise:
Which Python book, course, or tutorial have you been following?
Is this task course-work or for some other purpose?
Which GUI library are you using?
What code do you have so far?
What error message and/or screen behavior results?

--
Regards =dn
--
https://mail.python.org/mailman/listinfo/python-list

[issue36475] PyEval_AcquireLock() and PyEval_AcquireThread() do not handle runtime finalization properly.

[Joannah Nanjekye]

Joannah Nanjekye  added the comment:

@eric.snow , you can review the PR I submitted for this.

--
nosy: +nanjekyejoannah

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36512] future_factory argument for Thread/ProcessPoolExecutor

[Stefan Hölzl]

Change by Stefan Hölzl :


--
keywords: +patch
pull_requests: +12596
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36475] PyEval_AcquireLock() and PyEval_AcquireThread() do not handle runtime finalization properly.

[Joannah Nanjekye]

Change by Joannah Nanjekye :


--
keywords: +patch
pull_requests: +12595
stage: test needed -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Clicking a specific item within a drop down list

[rlew2008]

What code would allow me to automatically select and click the "Quarterly" 
value from the drop-down box labeled "Statement Type" on the web page below.

I'm new to Python and have been struggling with this one. Any help is immensely 
appreciated. Thanks!

http://financials.morningstar.com/balance-sheet/bs.html?t=XNYS:MMM=usa=en-US=sal
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue36512] future_factory argument for Thread/ProcessPoolExecutor

[Stefan Hölzl]

New submission from Stefan Hölzl :

adding a future_factory argument to Thread/ProcessPoolExecutor to control which 
type of Future should be created by Executor.submit

--
components: Library (Lib)
messages: 339364
nosy: stefanhoelzl
priority: normal
severity: normal
status: open
title: future_factory argument for Thread/ProcessPoolExecutor
type: enhancement
versions: Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36487] Make C-API docs clear about what the "main" interpreter is

[Joannah Nanjekye]

Change by Joannah Nanjekye :


--
keywords: +patch
pull_requests: +12594
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20399] Comparison of memoryview

[james stone]

james stone  added the comment:

I encountered this issue as well when using python 3.6.7 and psycopg2. Postgres 
tries to sort rows by the primary key field and if the returned type is a 
memoryview an the error is thrown: "TypeError: '<' not supported between 
instances of 'memoryview' and 'memoryview'." It may be more on the postgres 
guys to use a proper type with full comparison support. But I wanted to mention 
it here as a datapoint for a valid use case in the wild. More details on the 
specific issue at https://github.com/modoboa/modoboa-amavis/issues/115

--
nosy: +james stone

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

fs package question - cp -p semantics when copying files?

[Skip Montanaro]

I posed this yesterday on the PyFilesystem discussion Google Group but
it's so far not even garnered a single view, so perhaps that group is
defunct. I turn to the knowledgeable folks here:

I am copying files from one filesystem instance to another. I see no
(easy) way to tell fs.copy.copy_fs to preserve file permissions when
copying files (the equivalent of the cp(1)'s -p flag). So, accessed,
created, modified times, as well as permissions. It seems I need to
craft a dictionary with only marginally documented structure, which I
can then pass to the destination filesystem's setinfo method,
something like this:

dst_fs.setinfo(dst_path, )

I suspect I will figure this out (painfully), but if someone has some
hints, they'd be appreciated.

Thanks,

Skip
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue36511] Add Windows ARM32 buildbot

[Paul Monson]

Change by Paul Monson :


--
nosy: +vstinner

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36511] Add Windows ARM32 buildbot

[Paul Monson]

New submission from Paul Monson :

Zachary Ware suggested I create an issue to discuss this:

I've started a worker using the worker name monson-win-arm32 and the password 
provided.

I think it is waiting for a change, there were no errors, but it didn't print 
anything.

Also, I don’t see anything in the list of builders that looks like it would be 
windows arm32, and it's not showing in the list of workers.

I'm looking at tools/buildbot/test.bat and it seems like it might be a good 
place to use SSH to run the test on arm32 device, but I'm not clear on where it 
is called from or what the best way to detect that project is being 
cross-compiled.  

Should I add an "-arm32" switch here?

--
components: Build, Windows
messages: 339362
nosy: Paul Monson, paul.moore, steve.dower, tim.golden, zach.ware
priority: normal
severity: normal
status: open
title: Add Windows ARM32 buildbot
type: enhancement
versions: Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33608] Add a cross-interpreter-safe mechanism to indicate that an object may be destroyed.

[Paul Monson]

Change by Paul Monson :


--
pull_requests: +12593

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: DeprecationWarning in Python 3.6 and 3.7

[Rhodri James]

On 02/04/2019 16:52, אורי wrote:

On Tue, Apr 2, 2019 at 6:33 PM Terry Reedy  wrote:


On 4/2/2019 6:29 AM, אורי wrote:

Hi,

Please look at this issue:
DeprecationWarning in Python 3.6 and 3.7


I tried to upgrade to the latest virtualenv (virtualenv==16.4.3) in the
tests but the tests still fail in Python 3.6 and 3.7 with
the DeprecationWarning:

Which is?


I don't understand your question.


What is the DeprecationWarning?  You gave us a couple of links, which no 
one with any sense is going to click on without checking they are valid, 
and frankly I can't be bothered.


--
Rhodri James *-* Kynesim Ltd
--
https://mail.python.org/mailman/listinfo/python-list

[issue35866] concurrent.futures deadlock

[cagney]

cagney  added the comment:

I've attached a variation on cf-deadlock.py that, should nothing happen for 2 
minutes, will kill itself.  Useful with git bisect.

--
Added file: https://bugs.python.org/file48242/cf-deadlock-alarm.py

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36487] Make C-API docs clear about what the "main" interpreter is

[Joannah Nanjekye]

Change by Joannah Nanjekye :


--
components: +Documentation
versions: +Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32413] Document that locals() may return globals()

[Brett Cannon]

Change by Brett Cannon :


--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36510] Regular Expression Dot-Star patter matching - re- text skipping

[SilentGhost]

SilentGhost  added the comment:

re.findall returns non-overlapping matches (as is made clear in documentation). 
This is the behaviour you're observing.

--
assignee: terry.reedy -> 
components:  -IDLE, Library (Lib), Windows
nosy: +SilentGhost
resolution:  -> not a bug
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32413] Document that locals() may return globals()

[miss-islington]

miss-islington  added the comment:


New changeset ef516d11c1a0f885dba0aba8cf5366502077cdd4 by Miss Islington (bot) 
in branch '3.7':
bpo-32413: Add documentation that at the module level, locals(), globals() are 
the  same dictionary (GH-5004)
https://github.com/python/cpython/commit/ef516d11c1a0f885dba0aba8cf5366502077cdd4


--
nosy: +miss-islington

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36084] Threading: add builtin TID attribute to Thread objects

[Jake Tesler]

Jake Tesler  added the comment:

*bump*

Could someone look into reviewing this bug/PR? Thanks!

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36510] Regular Expression Dot-Star patter matching - re- text skipping

[DJR]

New submission from DJR :

#Python 3.7.2 Tk version 8.6.8
#IDLE version: 3.7.2
#Following code does not return ALL the partial matched patters within a string

import re
#_
#Normal Mode
#_

atRegex = re.compile(r'...at')
TextStr=(atRegex.findall(':at-at~at:  The Bigcat sat in the hat sat on the flat 
sat mat sat.'))
print('\nFull Text String:---> :at-at~at: The Bigcat sat in the hat sat on the 
flat sat mat sat\n')
print('\n Normal Mode: Returns\n' +  ':--->' + str(TextStr))


#_
#Greedy Mode
#_

atRegex = re.compile(r'...at*')
TextStr=(atRegex.findall(':at-at~at:  The Bigcat sat in the hat sat on the flat 
sat mat sat.'))
print('\nFull Text String:---> :at-at~at: The Bigcat sat in the hat sat on the 
flat sat mat sat mat\n')
print('\n Greedy Mode: Returns\n' +  ':---> ' + str(TextStr)+'\n')

"""
#===
# IDLE OutPut Normal Mode and Greedy Mode:  multiple 'sat' are missing 
#===
Full Text String:---> :at-at~at: The Bigcat sat in the hat sat on the flat sat 
mat sat.

 Normal Mode: Returns
:---> ['at-at', 'igcat', 'e hat', ' flat', 't mat']


Full Text String:---> :at-at~at: The Bigcat sat in the hat sat on the flat sat 
mat sat.


 Greedy Mode: Returns
:---> ['at-at', 'igcat', 'e hat', ' flat', 't mat']

"""

--
assignee: terry.reedy
components: IDLE, Library (Lib), Regular Expressions, Windows
messages: 339357
nosy: djr_python, ezio.melotti, mrabarnett, paul.moore, steve.dower, 
terry.reedy, tim.golden, zach.ware
priority: normal
severity: normal
status: open
title: Regular Expression Dot-Star patter matching  - re- text skipping
type: behavior
versions: Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36364] errors in multiprocessing.shared_memory examples

[Brett Cannon]

Brett Cannon  added the comment:

@Davin is there an issue for that and thus this issue can then be closed? Or 
did you want to re-purpose this issue to track that? Either way I'm assigning 
the issue to you to let you decide which way you want to go. :)

--
assignee: docs@python -> davin

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36485] Establish a uniform way to clear all caches in a given module

[Brett Cannon]

Brett Cannon  added the comment:

Did you mean importlib.reload() instead of sys.reload()?

And technically it would *if* you're okay with the other side-effects of 
reloading, e.g. making sure no one has a reference to any objects from the 
module's namespace which won't change in-place (e.g. if you stored a reference 
to the cache in some code then the reload wouldn't clear it for the stored 
reference).

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32413] Document that locals() may return globals()

[miss-islington]

Change by miss-islington :


--
pull_requests: +12592

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36379] nb_inplace_pow is always called with an invalid argument

[Josh Rosenberg]

Josh Rosenberg  added the comment:

skrah: Is there any reason your patch, as written, wouldn't work? If you need a 
test case to verify, gmpy2's xmpz type supports in place pow (but requires the 
modulus to be None, since there is no normal way to pass it anyway), so you can 
just test:

>>> xm = gmpy2.xmpz(2)
>>> xm.__ipow__(3, 5)

Right now, that code will raise a TypeError (from check_num_args in 
wrap_binary_func):

TypeError: expected 1 argument, got 2

while:

>>> xm.__ipow__(3)

typically results in:

SystemError: modulo not expected

because wrap_binaryfunc fails to pass the expected argument so the receiver 
sees garbage, and xmpz's ipow implementation checks the third argument raises 
an exception if anything but None is received; barring a coincidence of Py_None 
being on the stack there, it'll always fail the test.

Changing to wrap_ternaryfunc should make xm.__ipow__(3, 5) raise the 
SystemError currently raised by xm.__ipow__(3) (because it doesn't accept 
non-None), while xm.__ipow__(3) will work correctly.

--
versions: +Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: Syntax for one-line "nonymous" functions in "declaration style"

[Chris Angelico]

On Wed, Apr 3, 2019 at 3:55 AM Alexey Muranov  wrote:
> I clarified what i meant by an assignment, and i believe it to be a
> usual meaning.
>
>   1. `def` is not an assignment, there is no left-hand side or
> right-hand side. I was talking about the normal assignment by which
> anyone can bind any value to any variable.

Actually, a 'def' statement DOES perform assignment. It does a bit
more than that, but it definitely is assignment. You can easily check
the CPython disassembly:

>>> import dis
>>> def f():
... def g(x): return x * 3 + 1
...
>>> dis.dis(f)
  2   0 LOAD_CONST   1 (", line 2>)
  2 LOAD_CONST   2 ('f..g')
  4 MAKE_FUNCTION0
  6 STORE_FAST   0 (g)
  8 LOAD_CONST   0 (None)
 10 RETURN_VALUE

[disassembly of g() omitted as it's irrelevant]

At run time, the statement "def g(x): ..." means "grab this code
object and this name, make a function, *and assign it to the name g*".

Your other points, I agree on.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue36509] Add iot layout for windows iot containers

[Paul Monson]

Change by Paul Monson :


--
keywords: +patch
pull_requests: +12591
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36158] Regex search behaves differently in list comprehension

[Josh Rosenberg]

Change by Josh Rosenberg :


--
resolution:  -> not a bug
stage:  -> resolved
status: pending -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36509] Add iot layout for windows iot containers

[Paul Monson]

New submission from Paul Monson :

The layout should not contain tcl/tk, tkinter, distutils since ARM is 
cross-compiled and these features will not be useful on target ARM devices.

--
components: Build, Windows
messages: 339352
nosy: Paul Monson, paul.moore, steve.dower, tim.golden, zach.ware
priority: normal
severity: normal
status: open
title: Add iot layout for windows iot containers
type: enhancement
versions: Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36506] [security] CVE-2019-10268: An arbitrary execution vulnerability exists in the built-in function getattr

[SilentGhost]

SilentGhost  added the comment:

As another note, this seem to be a third "security" issue created in less then 
a week to the same template (others are 36260 and 36462). I hope it's some 
assignment due soon.

--
nosy: +SilentGhost

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: Syntax for one-line "nonymous" functions in "declaration style"

[Alexey Muranov]

On mar., Apr 2, 2019 at 6:00 PM, python-list-requ...@python.org wrote:
On Tue, Apr 2, 2019 at 1:43 AM Alexey Muranov 


wrote:


 > On Mon, Apr 1, 2019 at 3:52 PM Alexey Muranov  gmail.com>
 > wrote:
 > >
 > > I only see a superficial analogy with `super()`, but perhaps it 
is

 > > because you did not give much details of you suggestion.
 >
 > No, it's because the analogy was not meant to be anything more 
than

 > superficial. Both are constructs of syntactic magic that aid
 > readability at
 > a high level but potentially obscure the details of execution (in
 > relatively unimportant ways) when examined at a low level.

 Since i understand that the "super() magic" is just evaluation in a
 predefined environment, it does not look so very magic.


It's the reason why this doesn't work:

superduper = super

class A:
def f(self):
return 42

class B(A):
def f(self):
return superduper().f()


 B().f()

Traceback (most recent call last):
  File "", line 1, in 
  File "", line 3, in f
RuntimeError: super(): __class__ cell not found

But this does:

class C(A):
def f(self):
return superduper().f()
not super


 C().f()

42

I don't know, seems magical to me.

 Moreover, without this "magic", `super()` would have just produced 
an
 error.  So this magic did not change behaviour of something that 
worked

 before, it made "magically" work something that did not work before
 (but i am still not excited about it).


I'm curious how you feel about this example then (from the CPython 
3.7.2
REPL; results from different Python implementations or from scripts 
that

comprise a single compilation unit may vary)?


 372 is 372

True

 b = 372; b is 372

True

 b = 372
 b is 372

False


 > Maybe it was from my talk of implementing this by replacing the
 > assignment
 > with an equivalent def statement in the AST. Bear in mind that 
the def
 > statement is already just a particular kind of assignment: it 
creates

 > a
 > function and assigns it to a name. The only difference between the
 > original
 > assignment and the def statement that replaces it is in the 
__name__
 > attribute of the function object that gets created. The proposal 
just

 > makes
 > the direct lambda assignment and the def "assignment" to be fully
 > equivalent.

 `def` is not an assignment, it is more than that.


def is an assignment where the target is constrained to a single 
variable

and the expression is constrained to a newly created function object
(optionally "decorated" first with one or more composed function 
calls).

The only ways in which:

@decorate
def foo(blah):
return stuff

is more than:

foo = decorate(lambda blah: stuff)

are: 1) the former syntactically allows statements inside the function
body, not just expressions; 2) the former syntactically allows 
annotations
on the function; and 3) the former syntactically sets a function name 
and
the latter doesn't. In other words, all of the differences ultimately 
boil

down to syntax.


Sorry, i do not feel like continuing this discussion for much longer, 
or we need to concentrate on some specific statement on which we 
disagree.


I clarified what i meant by an assignment, and i believe it to be a 
usual meaning.


 1. `def` is not an assignment, there is no left-hand side or 
right-hand side. I was talking about the normal assignment by which 
anyone can bind any value to any variable.


 2. If i execute an assignment statement

foo = ...

and instead of evaluating the right-hand side and assigning the 
value to "foo" variable Python does something else, i consider the 
assignment operation ( = ) broken, as it does not do 
assignment (and only assignment). I've said more on this in previous 
messages.


 3. About the examples with `372 is 372`, Python gives no garanties 
about the id's of numerical objects, and about id's of many other types 
of immutable objects. The user is not supposed to rely on their 
equality or inequality.


Anytime Python's interpreter encounter two immutable objects that 
it finds identical, it is free to allocate a single object for both, 
this does not change the guaranteed semantics of the program.


The '__name__' attribute of an object, as well as most (or all) 
other attributes, is a part of object's value/contents, no analogies 
with the id's.


I am sorry, but except maybe for one or two more very specific 
questions, I am probably not going to continue.


Alexey.



--
https://mail.python.org/mailman/listinfo/python-list

[issue36506] [security] CVE-2019-10268: An arbitrary execution vulnerability exists in the built-in function getattr

[Josh Rosenberg]

Josh Rosenberg  added the comment:

I'll note that, based on the title, I'm skeptical of the claim of a 
vulnerability. getattr is effectively *designed* to execute arbitrary code if 
called on an appropriate object (one where the class defines __getattribute__; 
defines __getattr__ without defining the name in question; defines the name in 
question as a property, not an instance attribute; or does something 
complicated with metaclasses that achieves a similar result looking up the 
attribute on the class).

In all of those cases, the "vulnerability" only exists if:

1. The object in question defines a vulnerable handler for the attribute (that 
is, provides a code path for arbitrary execution that Python's attribute lookup 
machinery wasn't responsible for except insofar as it passed control to the 
unsafe handler in question)
2. Untrusted user input is passed as the name to look up on the vulnerable 
object

If it's something more subtle than that (e.g. something where a "plain" 
instance with no special execution path supports arbitrary execution), that's 
an issue, but if it requires a Python developer to both create the 
vulnerability and open a path to trigger it explicitly, that doesn't really 
count.

--
keywords: +security_issue
nosy: +josh.r

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36493] Add math.midpoint(a,b) function

[Steven D'Aprano]

Steven D'Aprano  added the comment:

I see this has been rejected for the math module, but I wonder whether it 
should be considered for Decimal? I recall Mark Dickinson demonstrating this 
lovely little bit of behaviour:

py> from decimal import getcontext, Decimal
py> getcontext().prec = 3
py> x = Decimal('0.516')
py> y = Decimal('0.518')
py> (x + y) / 2
Decimal('0.515')


To prove its not a fluke, or an artifact of tiny numbers:

py> getcontext().prec = 28
py> a = Decimal('0.1009267827205')
py> b = Decimal('0.1009267827207')
py> a <= (a + b)/2 <= b
False

py> a = Decimal('71009267827205')
py> b = Decimal('71009267827207')
py> a <= (a + b)/2 <= b
False


Thoughts?

--
nosy: +steven.daprano

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

EuroSciPy 2019 - CfP is open

[Alexander CS Hendorf [EuroSciPy 2019]]

=

*** Apologise for multiple posting ***

Dear Colleagues,

We are delighted to invite you to join us for the 12th European Conference on 
Python in Science. 
The EuroSciPy 2019 Conference will take place from September 2 to September 6 
in Bilbao, Basque Country, Spain. 

The EuroSciPy meeting is a cross-disciplinary gathering focused on the use and 
development of the Python language in scientific research. This event strives 
to bring together both users and developers of scientific tools, as well as 
academic research and state of the art industry.

The conference will be structured as it follows:
Sep, 2-3 : Tutorials and Hands-on
Sep, 4-5 : Main Conference
Sep, 6 : Sprints
--

TOPICS OF INTEREST:

Presentations of scientific tools and libraries using the Python language, 
including but not limited to:
Algorithms implemented or exposed in Python
Astronomy
Data Visualisation
Deep Learning & AI
Earth, Ocean and Geo Science
General-purpose Python tools that can be of special interest to the scientific 
community.
Image Processing
Materials Science
Parallel computing
Political and Social Sciences
Project Jupyter
Reports on the use of Python in scientific achievements or ongoing projects.
Robotics & IoT
Scientific data flow and persistence
Scientific visualization
Simulation
Statistics
Vector and array manipulation
Web applications and portals for science and engineering
3D Printing
---

CALL FOR PROPOSALS:

EuroScipy will accept three different kinds of contributions:

Regular Talks: standard talks for oral presentations, allocated in time slots 
of `15`, or `30` minutes, depending on your preference and scheduling 
constraints. Each time slot considers a Q session at the end of the talk (at 
least, 5 mins). 
Hands-on Tutorials: These are beginner or advanced training sessions to dive 
into the subject with all details. These sessions are 90 minutes long, we 
expect participants to bring their own laptop for the tutorials. 
For a sneak peak of last years tutorials, here are the videos: 
https://www.youtube.com/channel/UCruMegFU9dg2doEGOUaAWTg
Poster: EuroScipy will host two poster sessions during the two days of Main 
Conference. We warmly encourage students and participants to present their work 
and/or preliminary results as posters. 

Proposals should be submitted using the EuroScipy submission system at 
https://pretalx.com/euroscipy-2019/cfp. Submission deadline is April, 28 2019.

--

REGISTRATION & FEES:

The registration fees will be as moderate as in previous years, we'll keep you 
posted.

--

IMPORTANT DATES:


Mar 26  Call for talks, posters & tutorials
Apr 28  Submission deadline for talks and tutorials
May 20  Notifications of submission acceptance
Sept 2  Start of EuroSciPy Tutorial
Sept 4  Start of EuroSciPy Main Conference
Sept 6  EuroSciPy Sprints

--


Best regards,
EuroScipy 2019 Organising Committee,
Email: i...@euroscipy.org 
Website: http://www.euroscipy.org/2019 
twitter: @euroscipy

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: DeprecationWarning in Python 3.6 and 3.7

[אורי]

On Tue, Apr 2, 2019 at 6:33 PM Terry Reedy  wrote:

> On 4/2/2019 6:29 AM, אורי wrote:
> > Hi,
> >
> > Please look at this issue:
> > DeprecationWarning in Python 3.6 and 3.7
> > 
> >
> > I tried to upgrade to the latest virtualenv (virtualenv==16.4.3) in the
> > tests but the tests still fail in Python 3.6 and 3.7 with
> > the DeprecationWarning:
>
> Which is?
>

I don't understand your question.


>
> > (with Pillow==5.4.1):
> > https://travis-ci.org/speedy-net/speedy-net/builds/514284524
> >
> > (with Pillow==6.0.0):
> > https://travis-ci.org/speedy-net/speedy-net/builds/514595887
>
> Click on the red failure line on that page to see the test results and
> go to the end of the page and get your answer.  It has nothing to do
> with virtualenv.
>

What do you mean? Did you see the issue I linked from GitHub? Look
at hugovk's comment from Feb. 3. [
https://github.com/python-pillow/Pillow/issues/3547#issuecomment-460037890]
He says it's related to virtualenv. Also radarhere's comment [
https://github.com/python-pillow/Pillow/issues/3547#issuecomment-451727081]
says it's virtualenv. I submitted the issue on Pillow because it occurred
when I upgraded Pillow.


>
> Terry Jan Reedy
>
>
> --
> https://mail.python.org/mailman/listinfo/python-list
>

אורי
u...@speedy.net
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: python os.chdir() Windows Error 2

[grossmudda]

Ahhh now I see!! I actually was trying to import a file, now I know it´s just 
changing the directory. Next time I´d better read the description of the tool 
carefully...

Thank you so much!! You helped a lot!
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue36507] frozenset type breaks ZFC

[Steven D'Aprano]

Steven D'Aprano  added the comment:

(Aside: that's interesting, normally if I try to post a comment to an issue, 
and somebody else edits it in the meantime, the message doesn't get posted and 
I get a error message saying that the page has been edited. This time I did 
not.)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: DeprecationWarning in Python 3.6 and 3.7

[Terry Reedy]

On 4/2/2019 6:29 AM, אורי wrote:

Hi,

Please look at this issue:
DeprecationWarning in Python 3.6 and 3.7


I tried to upgrade to the latest virtualenv (virtualenv==16.4.3) in the
tests but the tests still fail in Python 3.6 and 3.7 with
the DeprecationWarning:


Which is?


(with Pillow==5.4.1):
https://travis-ci.org/speedy-net/speedy-net/builds/514284524

(with Pillow==6.0.0):
https://travis-ci.org/speedy-net/speedy-net/builds/514595887


Click on the red failure line on that page to see the test results and 
go to the end of the page and get your answer.  It has nothing to do 
with virtualenv.


Terry Jan Reedy


--
https://mail.python.org/mailman/listinfo/python-list

Re: Syntax for one-line "nonymous" functions in "declaration style"

[Ian Kelly]

On Tue, Apr 2, 2019 at 1:43 AM Alexey Muranov 
wrote:
>
> > On Mon, Apr 1, 2019 at 3:52 PM Alexey Muranov  > gmail.com>
> > wrote:
> > >
> > > I only see a superficial analogy with `super()`, but perhaps it is
> > > because you did not give much details of you suggestion.
> >
> > No, it's because the analogy was not meant to be anything more than
> > superficial. Both are constructs of syntactic magic that aid
> > readability at
> > a high level but potentially obscure the details of execution (in
> > relatively unimportant ways) when examined at a low level.
>
> Since i understand that the "super() magic" is just evaluation in a
> predefined environment, it does not look so very magic.

It's the reason why this doesn't work:

superduper = super

class A:
def f(self):
return 42

class B(A):
def f(self):
return superduper().f()

>>> B().f()
Traceback (most recent call last):
  File "", line 1, in 
  File "", line 3, in f
RuntimeError: super(): __class__ cell not found

But this does:

class C(A):
def f(self):
return superduper().f()
not super

>>> C().f()
42

I don't know, seems magical to me.

> Moreover, without this "magic", `super()` would have just produced an
> error.  So this magic did not change behaviour of something that worked
> before, it made "magically" work something that did not work before
> (but i am still not excited about it).

I'm curious how you feel about this example then (from the CPython 3.7.2
REPL; results from different Python implementations or from scripts that
comprise a single compilation unit may vary)?

>>> 372 is 372
True
>>> b = 372; b is 372
True
>>> b = 372
>>> b is 372
False

> > Maybe it was from my talk of implementing this by replacing the
> > assignment
> > with an equivalent def statement in the AST. Bear in mind that the def
> > statement is already just a particular kind of assignment: it creates
> > a
> > function and assigns it to a name. The only difference between the
> > original
> > assignment and the def statement that replaces it is in the __name__
> > attribute of the function object that gets created. The proposal just
> > makes
> > the direct lambda assignment and the def "assignment" to be fully
> > equivalent.
>
> `def` is not an assignment, it is more than that.

def is an assignment where the target is constrained to a single variable
and the expression is constrained to a newly created function object
(optionally "decorated" first with one or more composed function calls).
The only ways in which:

@decorate
def foo(blah):
return stuff

is more than:

foo = decorate(lambda blah: stuff)

are: 1) the former syntactically allows statements inside the function
body, not just expressions; 2) the former syntactically allows annotations
on the function; and 3) the former syntactically sets a function name and
the latter doesn't. In other words, all of the differences ultimately boil
down to syntax.
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue36507] frozenset type breaks ZFC

[Steven D'Aprano]

Steven D'Aprano  added the comment:

Python is a programming language, and we're probably not going to care too much 
about compliance with ZFC set theory unless there is good *practical* and not 
theoretical reason to care. That's not to say that we want to break ZFC, only 
that if we do so, we won't lose any sleep over it.

And it certainly won't mean that 3 == 2 as you suggest.

But fortunately, we haven't violated ZFC and this is not a bug in Python.

You've made two serious errors in your code. The first is that your second line 
of code:

y = frozenset(frozenset())

doesn't do what you think it does. It doesn't create a [frozen]set of a 
[frozen]set, (a nested set). It creates a simple, non-nested set. Printing the 
value of y in the interactive interpreter would have shown you that it was a 
plain old non-nested empty set:

py> print(y)
frozenset()

The code you want is something like:

   y = frozenset([frozenset()])

for reasons which I hope will become clear. The code you are actually using is 
equivalent to:

temp = set()  # mutable (non-frozen)
for x in frozenset():  # loop over the contents of the inner frozenset
temp.add(x)  # since that inner set is empty, nothing gets added
y = frozenset(temp)  # an empty frozenset


Your second error is using the `is` operator when you are talking about 
equality. The `is` operator tests for object identity, not equality, and the 
Python interpreter reserves the right to re-use objects when appropriate. In 
this case, the interpreter sees that it has two empty frozensets, and since 
they are indistinguishable and immutable, it saves memory by using the same 
object for both.

(To put it another way: the interpreter caches certain immutable objects to 
save memory, and empty frozensets happen to be included.)

Of course had you used `==` rather than `is` you would have got the same 
result, since two empty sets are equal, but the point still stands that you 
shouldn't use object identity when you mean equality.

Once we fix the bugs in your code, we see that ZFC is saved:

py> x = frozenset()  # empty set
py> y = frozenset([frozenset()])  # non-empty set
py> print(len(x), len(y))
0 1
py> x == y
False

--
nosy: +steven.daprano

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36507] frozenset type breaks ZFC

[Raymond Hettinger]

Raymond Hettinger  added the comment:

The code in the minimal example isn't creating nested frozensets.  Instead, if 
is converting one frozenset into another (because frozenset takes an iterable 
as an argument).  This is no different than list(list(list())) producing a 
single list rather than a nested list.

Here's how to build nested frozensets:

>>> x = frozenset({})
>>> y = frozenset({x})
>>> z = frozenset({y})
>>> x
frozenset()
>>> y
frozenset({frozenset()})
>>> z
frozenset({frozenset({frozenset()})})
>>> x is y
False
>>> x == y
False

--
resolution:  -> not a bug
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36506] [security] CVE-2019-10268: An arbitrary execution vulnerability exists in the built-in function getattr

[STINNER Victor]

Change by STINNER Victor :


--
title: An arbitrary execution vulnerability exists in the built-in function 
getattr -> [security] CVE-2019-10268: An arbitrary execution vulnerability 
exists in the built-in function getattr

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36508] python-config --ldflags must not contain LINKFORSHARED ("-Xlinker -export-dynamic" on Linux)

[STINNER Victor]

STINNER Victor  added the comment:

See also bpo-10112: "Use -Wl,--dynamic-list=x.list, not -Xlinker 
-export-dynamic".

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36508] python-config --ldflags must not contain LINKFORSHARED ("-Xlinker -export-dynamic" on Linux)

[STINNER Victor]

Change by STINNER Victor :


--
title: python-config --ldflags must not contain LINKFORSHARED -> python-config 
--ldflags must not contain LINKFORSHARED ("-Xlinker -export-dynamic" on Linux)

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36506] An arbitrary execution vulnerability exists in the built-in function getattr

[Christian Heimes]

Change by Christian Heimes :


--
components: +Interpreter Core -2to3 (2.x to 3.x conversion tool)

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36508] python-config --ldflags must not contain LINKFORSHARED

[STINNER Victor]

Change by STINNER Victor :


--
nosy: +doko, ned.deily, pitrou

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36508] python-config --ldflags must not contain LINKFORSHARED

[STINNER Victor]

STINNER Victor  added the comment:

I'm a little bit scared by the idea of backporting such change in Python 2.7 
and 3.7 stable branches, even if I think that it's a correct bugfix. I'm scared 
by the number of platforms, I don't know all these linker flags and I am not 
able to test all combinations:

AC_MSG_RESULT($CCSHARED)
# LINKFORSHARED are the flags passed to the $(CC) command that links
# the python executable -- this is only needed for a few systems
AC_MSG_CHECKING(LINKFORSHARED)
if test -z "$LINKFORSHARED"
then
case $ac_sys_system/$ac_sys_release in
AIX*)   LINKFORSHARED='-Wl,-bE:Modules/python.exp -lld';;
hp*|HP*)
LINKFORSHARED="-Wl,-E -Wl,+s";;
#   LINKFORSHARED="-Wl,-E -Wl,+s -Wl,+b\$(BINLIBDEST)/lib-dynload";;
Linux-android*) LINKFORSHARED="-pie -Xlinker -export-dynamic";;
Linux*|GNU*) LINKFORSHARED="-Xlinker -export-dynamic";;
# -u libsys_s pulls in all symbols in libsys
Darwin/*)
LINKFORSHARED="$extra_undefs -framework CoreFoundation"

# Issue #18075: the default maximum stack size (8MBytes) is too
# small for the default recursion limit. Increase the stack size
# to ensure that tests don't crash
LINKFORSHARED="-Wl,-stack_size,100 $LINKFORSHARED"

if test "$enable_framework"
then
LINKFORSHARED="$LINKFORSHARED 
"'$(PYTHONFRAMEWORKDIR)/Versions/$(VERSION)/$(PYTHONFRAMEWORK)'
fi
LINKFORSHARED="$LINKFORSHARED";;
OpenUNIX*|UnixWare*) LINKFORSHARED="-Wl,-Bexport";;
SCO_SV*) LINKFORSHARED="-Wl,-Bexport";;
ReliantUNIX*) LINKFORSHARED="-W1 -Blargedynsym";;
FreeBSD*|NetBSD*|OpenBSD*|DragonFly*)
if [[ "`$CC -dM -E - &1 | grep export-dynamic >/dev/null
then
LINKFORSHARED="-Xlinker --export-dynamic"
fi;;
  esac;;
CYGWIN*)
if test $enable_shared = "no"
then
LINKFORSHARED='-Wl,--out-implib=$(LDLIBRARY)'
fi;;
QNX*)
# -Wl,-E causes the symbols to be added to the dynamic
# symbol table so that they can be found when a module
# is loaded.  -N 2048K causes the stack size to be set
# to 2048 kilobytes so that the stack doesn't overflow
# when running test_compile.py.
LINKFORSHARED='-Wl,-E -N 2048K';;
VxWorks*)
LINKFORSHARED='--export-dynamic';;  
esac
fi
AC_MSG_RESULT($LINKFORSHARED)

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36506] An arbitrary execution vulnerability exists in the built-in function getattr

[Karthikeyan Singaravelan]

Karthikeyan Singaravelan  added the comment:

The security vulnerability disclosure process can be found at 
https://www.python.org/news/security/ . Please contact secur...@python.org.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36508] python-config --ldflags must not contain LINKFORSHARED

[STINNER Victor]

Change by STINNER Victor :


--
keywords: +patch
pull_requests: +12590
stage:  -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36506] An arbitrary execution vulnerability exists in the built-in function getattr

[Christian Heimes]

Christian Heimes  added the comment:

Hi,

this is a public bug tracker. Please don't report new security bugs here but 
follow the guidelines at https://www.python.org/news/security/. Also please 
don't acquire CVE numbers for issues yourself. The Python Security Response 
Team will request CVE numbers.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36508] python-config --ldflags must not contain LINKFORSHARED

[STINNER Victor]

New submission from STINNER Victor :

python-config --ldflags must not contain LINKFORSHARED.

Attached PR modifies python-config --ldflags to no longer include LINKFORSHARED.

This similar change was already made on macOS: see bpo-14197.


--


Python build system uses a LINKFORSHARED variable, extract of configure.ac:

# LINKFORSHARED are the flags passed to the $(CC) command that links
# the python executable -- this is only needed for a few systems

This variable is set to "-Xlinker -export-dynamic" on Linux. Extract of ld 
manual page for --export-dynamic option:
---
When creating a dynamically linked executable, using the -E
option or the --export-dynamic option causes the linker to
add all symbols to the dynamic symbol table.  The dynamic
symbol table is the set of symbols which are visible from
dynamic objects at run time.

If you do not use either of these options (or use the
--no-export-dynamic option to restore the default behavior),
the dynamic symbol table will normally contain only those
symbols which are referenced by some dynamic object
mentioned in the link.

If you use "dlopen" to load a dynamic object which needs to
refer back to the symbols defined by the program, rather
than some other dynamic object, then you will probably need
to use this option when linking the program itself.

You can also use the dynamic list to control what symbols
should be added to the dynamic symbol table if the output
format supports it.  See the description of --dynamic-list.

Note that this option is specific to ELF targeted ports.  PE
targets support a similar function to export all symbols
from a DLL or EXE; see the description of
--export-all-symbols below.
---

Both configure.ac and ld manual page mention an "executable", whereas 
LINKFORSHARED is currently exported in python-config --ldflags. Example on 
Fedora 29:

$ python3-config --ldflags
 -L/usr/lib64 -lpython3.7m -lpthread -ldl  -lutil -lm  -Xlinker -export-dynamic

The "-export-dynamic" flag causes non-obvious dynamic linking bug like the 
following bug in Samba which embeds Python:

* https://bugzilla.redhat.com/show_bug.cgi?id=1198161 (python bug)
* https://bugzilla.redhat.com/show_bug.cgi?id=1198158 (bug reported on samba)
* https://bugzilla.redhat.com/show_bug.cgi?id=1197914 (bug originally reported 
on gdb)


--


History of the LINKFORSHARED variable.

(*) Python build system uses a LINKFORSHARED variable since this commit:

commit 7cc5abd4548629cc41d3951576f41ff2ddd7b5f7
Author: Guido van Rossum 
Date:   Mon Sep 12 10:42:20 1994 +

Support shared library creation.

The value of the variable changed on Linux with:

commit b65a48e2b631f9a171e6eab699974bd2074f40d7 (HEAD)
Author: Guido van Rossum 
Date:   Wed Jun 14 18:21:23 1995 +

linux elf shlib; sys/wait.h; don't add -posix for NeXT

Extract of the configure.in change:

 if test -z "$LINKFORSHARED"
 then
case $ac_sys_system in
hp*|HP*) LINKFORSHARED="-Wl,-E";;
+   Linux*) LINKFORSHARED="-rdynamic";;
esac
 fi

The variable was only used to build the "python" executable. Extract of 
Modules/Makefile.in (at commit 7cc5abd4548629cc41d3951576f41ff2ddd7b5f7):

../python:  config.o $(MYLIBS) Makefile
$(CC) $(OPT) config.o $(LINKFORSHARED) \
  $(MYLIBS) $(MODLIBS) $(LIBS) $(SYSLIBS) -o python
mv python ../python


(*) The python-config script was created as a Python script by:

commit c90b17ec8233009e4745dd8f77401f52c5d4a8d5
Author: Martin v. Löwis 
Date:   Sat Apr 15 08:13:05 2006 +

Patch #1161914: Add python-config.


The following commit modified Misc/python-config.in to add LINKFORSHARED to 
python-config --ldflags:

commit a70f3496203cd68d88208a21d90f0ca3503aa2f6
Author: Collin Winter 
Date:   Fri Mar 19 00:08:44 2010 +

Make python-config support multiple option flags on the same command line, 
rather than requiring one invocation per flag.

Extract:

+elif opt in ('--libs', '--ldflags'):
+libs = getvar('LIBS').split() + getvar('SYSLIBS').split()
+libs.append('-lpython'+pyver)
+# add the prefix/lib/pythonX.Y/config dir, but only if there is no
+# shared library in prefix/lib/.
+if opt == '--ldflags':
+if not getvar('Py_ENABLE_SHARED'):
+libs.insert(0, '-L' + getvar('LIBPL'))
+libs.extend(getvar('LINKFORSHARED').split())
+print ' '.join(libs)


The following commit modified Misc/python-config.in to not add LINKFORSHARED 
into "libs" when built on macOS (if PYTHONFRAMEWORK is defined):

commit ecd4e9de5afab6a5d75a6fa7ebfb62804ba69264
Author: Ned Deily 
Date:   Tue Jul 24 03:31:48 2012 -0700

Issue #14197: For OS X framework builds, ensure links to the shared
library are created with the proper ABI suffix.

diff --git a/Misc/python-config.in b/Misc/python-config.in
index 1d4a81d850..79f0bb14c1 100644
--- a/Misc/python-config.in
+++ b/Misc/python-config.in
@@ -52,7 +52,8 @@ for 

[issue36507] frozenset type breaks ZFC

[Karthikeyan Singaravelan]

Change by Karthikeyan Singaravelan :


--
nosy: +rhettinger

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36507] frozenset type breaks ZFC

[George Shuklin]

New submission from George Shuklin :

ZFC (https://en.wikipedia.org/wiki/Zermelo%E2%80%93Fraenkel_set_theory) defines 
numbers as nested empty sets.

0 is {}
1 is {{}}
2 is {{{}}}

Sets can not be nested in python (as they are mutable), so next best type is 
frozen set. Unfortunately, nested sets are equal to each other no matter how 
deep they are nested. This behavior means that 3==2, and it breaks all set 
operations for ZFC.

Minimal example:

frozenset({frozenset()})
>>> x=frozenset()
>>> y=frozenset(frozenset())
>>> x is y
True

--
components: Interpreter Core
messages: 339340
nosy: george-shuklin
priority: normal
severity: normal
status: open
title: frozenset type breaks ZFC
type: behavior
versions: Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36502] The behavior of str.isspace() for U+00A0 and U+202F is different from what is documented

[SilentGhost]

SilentGhost  added the comment:

According to comment for _PyUnicode_IsWhitespace it's supposed to include Zs 
category, plus documented BIDI properties. So, I'm not sure where "Other" came 
from.

--
versions: +Python 3.7, Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32849] Fatal Python error: Py_Initialize: can't initialize sys standard streams

[Владислав Ярмак]

Владислав Ярмак  added the comment:

I have similar crash with Python 3.7.2 on Linux.

Steps to reproduce: send sigint when Python initializes.

I've built debug version of Python 3.7.2 and collected core dump:

(gdb) thread apply all bt

Thread 1 (Thread 0x7f8f5ee67e80 (LWP 13285)):
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x7f8f5dfe742a in __GI_abort () at abort.c:89
#2  0x559515870286 in fatal_error (prefix=prefix@entry=0x5595159837f0 
<__func__.14264> "init_sys_streams", msg=msg@entry=0x559515983480 "can't 
initialize sys standard streams", status=-1) at Python/pylifecycle.c:2179
#3  0x559515871062 in _Py_FatalInitError (err=...) at 
Python/pylifecycle.c:2198
#4  0x55951577d1f5 in pymain_init (pymain=pymain@entry=0x7ffe886aafc0) at 
Modules/main.c:3019
#5  0x55951577d215 in pymain_main (pymain=pymain@entry=0x7ffe886aafc0) at 
Modules/main.c:3032
#6  0x55951577d29a in _Py_UnixMain (argc=, argv=) at Modules/main.c:3072
#7  0x5595157763e9 in main (argc=, argv=) at 
./Programs/python.c:15

--
nosy: +Владислав Ярмак

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36506] An arbitrary execution vulnerability exists in the built-in function getattr

[bigbigliang]

New submission from bigbigliang :

Dear Python Community, 

We’ve found a bug in cpython Lib and already received a cve number 
(CVE-2019-10268).But to be honest, I'm not sure if it's a loophole.
Please tell me what to do next.

bigbigliang

--
components: 2to3 (2.x to 3.x conversion tool)
messages: 339337
nosy: 18z, bigbigliang, christian.heimes, krnick, serhiy.storchaka, vstinner, 
xtreak
priority: normal
severity: normal
status: open
title: An arbitrary execution vulnerability exists in the built-in function 
getattr
type: security
versions: Python 2.7, Python 3.5, Python 3.6, Python 3.7, Python 3.8, Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36502] The behavior of str.isspace() for U+00A0 and U+202F is different from what is documented

[amazon kurodaju]

amazon kurodaju  added the comment:

Do you mean read the statement as follows?

Whitespace characters are characters that satisfy either one of:
1. Character type is "Other"
2. Character type is "Separator"
3. Characters with "WS", "B", or "S" bidirectional property

If that's the case, this is also not reflect the behavior as most of characters 
in "Other" are not whitespace characters and in fact str.isspace() returns 
False for those characters.

--
nosy: +amazon kurodaju

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33261] inspect.isgeneratorfunction fails on hand-created methods

[Petr Viktorin]

Petr Viktorin  added the comment:


New changeset fcef60f59d04c63b3540b4c4886226098c1bacd1 by Petr Viktorin (Jeroen 
Demeyer) in branch 'master':
bpo-33261: guard access to __code__ attribute in inspect (GH-6448)
https://github.com/python/cpython/commit/fcef60f59d04c63b3540b4c4886226098c1bacd1


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue35866] concurrent.futures deadlock

[STINNER Victor]

STINNER Victor  added the comment:

Any update on this issue? I don't understand why the example hangs.

--
nosy: +vstinner

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36505] PYTHON-CAN with vector

[SilentGhost]

SilentGhost  added the comment:

Hi tejesh, this is a bug tracker for development of CPython. If you have a 
problem with your code I'd suggest trying StackOverflow or python-help mailing 
list.

--
nosy: +SilentGhost
resolution:  -> not a bug
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36505] PYTHON-CAN with vector

[tejesh]

New submission from tejesh :

Hi team,

I am trying to send CAN message from python
I can able to send CAN message with the time period(Limited duration). But, I 
want to send particular number of times(example: I want to send only 2 CAN 
Messages).
How can I send??

Can please help me to resolve this issue ASAP..

--
components: Build
messages: 339332
nosy: tejesh
priority: normal
severity: normal
status: open
title: PYTHON-CAN with vector
type: resource usage
versions: Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Re: How call method from a method in same class?

[dboland9]

Cameron,

Again, thanks for the help. I agree with everything you wrote, but... The code 
was thrown together to produce the error so I could illustrate the problem. It 
was by design junk. But it did produce the error, I got some great answers to 
my situation, so I am very grateful for the help.

Dave,
April 1, 2019 10:30 PM, "Cameron Simpson" mailto:c...@cskk.id.au)> wrote:
 On 01Apr2019 22:02, Dave mailto:dbola...@offilive.com)> wrote:
 As classes get more complex, it is good to call a function to do some >of the 
processing, and make
the code easier to follow. My question is >how to do that? I've attached some 
silly code to
illustrate the >point. The error is: name 'validScale' is not defined. Well, 
yes it >is, but maybe
not the correct way. Suggestions? 

It is and it isn't. See below:
 class TempConverter():
""" Temperature Converter converts a tempeature from one scale
to another scale. For example: 32, F, C will return
0 degrees C
""" 

[...]
 def validScale(self, scaleName):
if scaleName.upper == 'F' or 'C' or 'K':
return True
else:
return False

def convertTemp(self):
""" Converts temperature scale if scales valid."""
if validScale(self.scale):
scaleValid = True 

[...]

It is an instance method, so:

if self.validScale(self.scale)

would resolve the name. However, there are several things worth discussing here.

First up, validScale itself returns a Boolean, so just return the test result. 
Change:

if scaleName.upper == 'F' or 'C' or 'K':
return True
else:
return False

into:

return scaleName.upper == 'F' or 'C' or 'K'

Second, the condition is buggy. You want this:

return scaleName.upper() in ('F', 'C', 'K')

i.e. you need to call (the "()") the .upper method, and you need to check if 
the result is in your
collection of valid results.

This expression:

value == A or B or C

means: True if value == A, otherwise B if B is true, otherwise C.

The next thing to observe is that you're testing whether self.scale is valid. 
Normal practice would
be to make that test in __init__, and raise a ValueError if it is not so:

def __init__(self, .scale...):
if scale.upper() not in ('F', 'C', 'K'):
raise ValueError("invalid scale %r: expected one of F, C or K" % (scale,))
why recite the scale in the message? Because it makes the offending value 
obvious. In particular,
if for example you called this incorrectly and had the temperature in there 
instead of the scale
that will be trivial to debug from the message.

Of course, you actually want to be able to test any scal evalue for validity, 
not just the one
stuffed into your instance (.scale). So lets revisit the validScale method:

def validScale(self, scale):
return scaleName.upper() in ('F', 'C', 'K')

You'll notice that it doesn't depend in "self". Or, for that matter, the class. 
So this is a
"static" method: a function defined in the class for conceptual clarity, but 
not with any
dependence on the class itself or a particular class instance. So:

@staticmethod
def validScale(scale):
return scaleName.upper() in ('F', 'C', 'K')

In __init__, and elsewhere, you can still call this from the instance:

def __init__(self, .scale...):
if not self.validScale(scale):
raise ValueError("invalid scale %r: expected one of F, C or K" % (scale,))
You can also call this from _outside_ the class, for example for other 
validation:

scale = input("Enter a temperate scale name (F, C or K): ")
if not TempConverter.validScale(scale):
print("Bad! Bad user!")
 newScaleValid = True 

Again, validScale returns a Boolean. So you could have just gone:

newScaleValid = self.validScale(newScale)
 if scaleValid and newScaleValid:
print('Scale converted')
else:
msg = "There was and error with the scales entered.n"
msg = msg + "You entered: " + self.scale
msg = msg + ' ' 'and' + self.newScale
print(msg)

if __name__ == "__main__":
myclass = TempConverter(32, 'f', 'c')
myclass.convertTemp() 

My personal inclination would be do define a Temperature class with a convert 
function to be used
like this:

temp = Temperature(32, 'f')
tempC = temp.convert('c')

This reduces the complexity of the class and IMO makes it easier to use 
elsewhere.

BTW, you get an instance back from tempConverter(...), not a class. So don't 
call it "myclass".

Cheers,
Cameron Simpson mailto:c...@cskk.id.au)>
-- 
https://mail.python.org/mailman/listinfo/python-list

[issue21269] Provide args and kwargs attributes on mock call objects

[Karthikeyan Singaravelan]

Karthikeyan Singaravelan  added the comment:

Thanks @kakshay for the patch.

--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

EuroSciPy 2019 - CfP is open

[Alexander CS Hendorf [EuroSciPy 2019]]

=

*** Apologise for multiple posting ***

Dear Colleagues,

We are delighted to invite you to join us for the 12th European Conference on 
Python in Science. 
The EuroSciPy 2019 Conference will take place from September 2 to September 6 
in Bilbao, Basque Country, Spain. 

The EuroSciPy meeting is a cross-disciplinary gathering focused on the use and 
development of the Python language in scientific research. This event strives 
to bring together both users and developers of scientific tools, as well as 
academic research and state of the art industry.

The conference will be structured as it follows:
Sep, 2-3 : Tutorials and Hands-on
Sep, 4-5 : Main Conference
Sep, 6 : Sprints
--

TOPICS OF INTEREST:

Presentations of scientific tools and libraries using the Python language, 
including but not limited to:
Algorithms implemented or exposed in Python
Astronomy
Data Visualisation
Deep Learning & AI
Earth, Ocean and Geo Science
General-purpose Python tools that can be of special interest to the scientific 
community.
Image Processing
Materials Science
Parallel computing
Political and Social Sciences
Project Jupyter
Reports on the use of Python in scientific achievements or ongoing projects.
Robotics & IoT
Scientific data flow and persistence
Scientific visualization
Simulation
Statistics
Vector and array manipulation
Web applications and portals for science and engineering
3D Printing
---

CALL FOR PROPOSALS:

EuroScipy will accept three different kinds of contributions:

Regular Talks: standard talks for oral presentations, allocated in time slots 
of `15`, or `30` minutes, depending on your preference and scheduling 
constraints. Each time slot considers a Q session at the end of the talk (at 
least, 5 mins). 
Hands-on Tutorials: These are beginner or advanced training sessions to dive 
into the subject with all details. These sessions are 90 minutes long, we 
expect participants to bring their own laptop for the tutorials. 
For a sneak peak of last years tutorials, here are the videos: 
https://www.youtube.com/channel/UCruMegFU9dg2doEGOUaAWTg
Poster: EuroScipy will host two poster sessions during the two days of Main 
Conference. We warmly encourage students and participants to present their work 
and/or preliminary results as posters. 

Proposals should be submitted using the EuroScipy submission system at 
https://pretalx.com/euroscipy-2019/cfp. Submission deadline is April, 28 2019.

--

REGISTRATION & FEES:

The registration fees will be as moderate as in previous years, we'll keep you 
posted.

--

IMPORTANT DATES:


Mar 26  Call for talks, posters & tutorials
Apr 28  Submission deadline for talks and tutorials
May 20  Notifications of submission acceptance
Sept 2  Start of EuroSciPy Tutorial
Sept 4  Start of EuroSciPy Main Conference
Sept 6  EuroSciPy Sprints

--


Best regards,
EuroScipy 2019 Organising Committee,
Email: i...@euroscipy.org 
Website: http://www.euroscipy.org/2019 
twitter: @euroscipy

-- 
https://mail.python.org/mailman/listinfo/python-announce-list

Support the Python Software Foundation:
http://www.python.org/psf/donations/

Sphinx-2.0.0 released

[Komiya Takeshi]

Hi all,

I'm delighted to announce the release of Sphinx 2.0.0 final, now available on
the Python package index at .

It includes about 22 new features, 28 bug fixes and 22 incompatible
changes.

For the full changelog, go to
.
Thanks to all collaborators and contributers!

What is it?
===

Sphinx is a tool that makes it easy to create intelligent and beautiful
documentation for Python projects (or other documents consisting of
multiple reStructuredText source files).

Website: http://sphinx-doc.org/
IRC: #sphinx-doc on irc.freenode.net

Enjoy!
-- 
https://mail.python.org/mailman/listinfo/python-announce-list

Support the Python Software Foundation:
http://www.python.org/psf/donations/

pytest 4.4 released!

[Bruno Oliveira]

The pytest team is proud to announce the 4.4.0 release!

pytest is a mature Python testing tool with more than a 2000 tests
against itself, passing on many different interpreters and platforms.

This release contains a number of bugs fixes and improvements, so users are
encouraged
to take a look at the CHANGELOG:

https://docs.pytest.org/en/latest/changelog.html

For complete documentation, please visit:

https://docs.pytest.org/en/latest/

As usual, you can upgrade from pypi via:

pip install -U pytest

Thanks to all who contributed to this release, among them:

* Anthony Sottile
* ApaDoctor
* Bernhard M. Wiedemann
* Brian Skinn
* Bruno Oliveira
* Daniel Hahler
* Gary Tyler
* Jeong YunWon
* Miro Hrončok
* Takafumi Arakaki
* henrykironde
* smheidrich


Happy testing,
The Pytest Development Team
-- 
https://mail.python.org/mailman/listinfo/python-announce-list

Support the Python Software Foundation:
http://www.python.org/psf/donations/

pygame 1.9.5 has been released into the wild!

[René Dudfield]

[image: pygame 1.9.5] 
TLDR; Some highlights.

Every single source file has been heavily modified and moved in this
release. Initial (source code only) support for SDL2 has been merged in. We
also support compiling with SDL1 in the same code base, so the migration to
pygame 2 is easier. pygame 2 will be released with SDL2 being the default
backend when some remaining issues are ironed out. The 1.9.x releases will
continue with SDL1 until then. Also, the C API of pygame is undergoing a
transformation with lots of cleanups. Then there have been plenty of other
cleanups all throughout the python code as well. There's still lots to
clean up, but things should be significantly easier for people to contribute
 ( hello and thanks new
contributors!). The documentation has been improved with better examples
links, search functionality, and improved navigation. Support for older
Macs, and newer Macs has been improved. The mask, midi, draw, and math
modules have gotten lots of polish with rough edges removed.
Thanks

A very special thanks to the people who have volunteered commits to pygame
since the last release. In alphabetical order...

(@alphaCTzo7G ) | Amos Bastian (@amosbastian
) | Andrey Lopukhov (@andreyx86
) | Augusto Noronha (@augusto2112
) | Bernardo Sulzbach (@bernardosulzbach
) | (@Bottersnike
) | Cai Q.T. (@CAIQT
) | (@Cerealdragon
) | Charles (@charlesej
) | (@ChrisWeissNike
) | (@cmtrapp02
) | Daniel Molina (@daniel-molina
) | David Caughell (@DavidCaughell
) | David Lönnhager (@dlon
) | (@dr0id ) | burmer (
@dtschirmer ) | (@e1000
) | xFly_Dragon (@husano896
) | (@IchMageBaume
) | René Dudfield (@illume
) | (@LambdaGoblin
) | Lenard Lindstrom (@llindstrom
) | François Magimel (@Linkid
) | (@LiquidFenrir
) | Mark Hurley (@markph0204
) | Marius Gedminas (@mgedmin
) | (@metulburr )
| Michael Farrell (@micolous ) | Dominik
George (@Natureshadow ) | Nik (@nikolas
) | Nunu-Willump (@Nunu-Willump
) | (@pleboulanger
) | Rebecca Chen (@rchen152
) | (@robertpfeiffer
) | Sett (@sw00 )
|

Quite a few new people have helped out with this release 珞

An equally special thanks to everyone else who has contributed in other
ways. Thanks to claudeb, imallet, and deshipu for moderating the discord
chat to keep it friendly. Thanks to the twitter folk, and the stackoverflow
Q people. Thanks to everyone who puts their game up on the pygame website
for others to look at. Thanks to people making tutorials and sharing
articles & books they've written. Thanks to the people working on
stuntcat(the community game), and for those who have supported it
financially. Thanks to the r/pygame mods and community. Thanks to pyladies
groups for running fun sessions, and for making things better. Thanks to
the teachers providing feedback, and for doing something fun with their
students. Thanks to Debian, pyweek, ludumdare, Raspberrypi, and all the
other community groups. 

More details.

#945  Vector: Explain slices and
swizzling
#944  Update surface
documentation
#937  Make mask offset boundary
checking consistent
#936  Update midi documentation
#931  Fix drawing 1 pixel wide
off-surface ellipses
#929  Use SDL_RWops instead of
pg_FopenUTF8.
#928  Fix LayeredDirty's
inconsistent use of its source rect
#927  Workaround for locale
errors with PyPy
#926  Update dependencies for
manylinux builds.
#924  Upload .whl binaries to a
github draft release when creating tag.
#923 

PyDev 7.2.0 Released

[Fabio Zadrozny]

PyDev 7.2.0 Release Highlights
---

* Debugger improvements (updated to pydevd 1.6.0).

* Fixed issue quoting/unquoting parameters for subprocess.
* Fixed exception breakpoints for Django and Jinja2.
* Console hook import compatibility with matplotlib and pylab fixed.

* Fixed issue where pipenv executable search was being executed over and
over when it was not found.

About PyDev
---

PyDev is an open-source Python IDE on top of Eclipse for Python, Jython and
IronPython development, now also available for Python on Visual Studio Code.

It comes with goodies such as code completion, syntax highlighting, syntax
analysis, code analysis, refactor, debug, interactive console, etc.

It is also available as a standalone through LiClipse with goodies such as
multiple cursors, theming and support for many other languages, such as
Django Templates, Jinja2, Html, JavaScript, etc.

Links:

PyDev: http://pydev.org
PyDev Blog: http://pydev.blogspot.com
PyDev on VSCode: http://pydev.org/vscode
LiClipse: http://www.liclipse.com
PyVmMonitor - Python Profiler: http://www.pyvmmonitor.com/

Cheers,

Fabio Zadrozny
-- 
https://mail.python.org/mailman/listinfo/python-announce-list

Support the Python Software Foundation:
http://www.python.org/psf/donations/

[issue34677] Event scheduler page example

[Karthikeyan Singaravelan]

Karthikeyan Singaravelan  added the comment:

enter takes a relative time and priority is taken into consideration only when 
time is equal. So in the example enter(0.001, 2) is executed first and there is 
some delay in executing enter(0.001, 2). You can also view the queue with 
s.queue which is a heap. So even though they look similar the first call is 
scheduled earlier than the second one even with lower priority. 

Your report is correct if the example used enterabs where the time is absolute 
and then the two events are ordered based on priority with keyword executed 
first in the heapq used . In your script you can print s.sched and maybe add 
the same to the report?

# enter and s.sched prints different time with positional scheduled to be 
executed first in time.

➜  cpython git:(master) cat /tmp/bar.py
import sched, time
s = sched.scheduler(time.time, time.sleep)

def print_time(a='default'):
print("From print_time", time.time(), a)

def print_some_times():
print(time.time())
s.enter(0.001, 2, print_time, argument=('positional',))
s.enter(0.001, 1, print_time, kwargs={'a': 'keyword'})
print(s.queue)
s.run()
print(time.time())

print_some_times()
➜  cpython git:(master) ./python.exe /tmp/bar.py
1554204002.401897
[Event(time=1554204002.40309, priority=2, action=, argument=('positional',), kwargs={}), 
Event(time=1554204002.403158, priority=1, action=, argument=(), kwargs={'a': 'keyword'})]
>From print_time 1554204002.40331 positional
>From print_time 1554204002.403441 keyword
1554204002.403517

# enterabs and s.sched prints same time with keyword ordered first based on 
priority with time being equal.

➜  cpython git:(master) cat /tmp/baz.py
import sched, time
s = sched.scheduler(time.time, time.sleep)

def print_time(a='default'):
print("From print_time", time.time(), a)

def print_some_times():
print(time.time())
s.enterabs(0.001, 2, print_time, argument=('positional',))
s.enterabs(0.001, 1, print_time, kwargs={'a': 'keyword'})
print(s.queue)
s.run()
print(time.time())

print_some_times()
➜  cpython git:(master) ./python.exe /tmp/baz.py
1554204136.854676
[Event(time=0.001, priority=1, action=, 
argument=(), kwargs={'a': 'keyword'}), Event(time=0.001, priority=2, 
action=, argument=('positional',), 
kwargs={})]
>From print_time 1554204136.855422 keyword
>From print_time 1554204136.855669 positional
1554204136.855788

--
nosy: +giampaolo.rodola, xtreak

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue36260] Cpython/Lib vulnerability found and request a patch submission

[Serhiy Storchaka]

Serhiy Storchaka  added the comment:

I am against such trivial methods in ZipFile. Its interface is already 
complicate. The advantage of Python is that you do not need tons of methods for 
every possible query -- you can just combine few Python features into a 
one-line expression.

As for the documentation change, it could be useful to add more general note 
about possible pitfalls. What happen when interrupt extracting or adding to the 
archive, what happen when extract into existing tree or overwrite an existing 
file, what happen when the file system does not support some file names, what 
happen when extract to case-insensitive file system, what happen when extract 
encrypted file with wrong password, etc. We do not have to tell the user what 
he should not do, just to warn about the possible consequences.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com