Changelog¶

gh-142594: Fix crash in TextIOWrapper.close() when the underlying buffer’s closed property calls detach().

gh-142451: hmac: Ensure that the HMAC.block_size attribute is correctly copied by HMAC.copy. Patch by Bénédikt Tran.

gh-142495: collections.defaultdict now prioritizes __setitem__() when inserting default values from default_factory. This prevents race conditions where a default value would overwrite a value set before default_factory returns.

gh-142651: unittest.mock: fix a thread safety issue where Mock.call_count may return inaccurate values when the mock is called concurrently from multiple threads.

gh-142595: Added type check during initialization of the decimal module to prevent a crash in case of broken stdlib. Patch by Sergey B Kirpichev.

gh-142556: Fix crash when a task gets re-registered during finalization in asyncio. Patch by Kumar Aditya.

gh-123241: Avoid reference count operations in garbage collection of ctypes objects.

gh-112527: The help text for required options in argparse no longer extended with “ (default: None)”.

gh-142346: Fix usage formatting for mutually exclusive groups in argparse when they are preceded by positional arguments or followed or intermixed with other optional arguments.

gh-142315: Pdb can now run scripts from anonymous pipes used in process substitution. Patch by Bartosz Sławecki.

gh-142332: Fix usage formatting for positional arguments in mutually exclusive groups in argparse. in argparse.

gh-142282: Fix winreg.QueryValueEx() to not accidentally read garbage buffer under race condition.

gh-75949: Fix argparse to preserve | separators in mutually exclusive groups when the usage line wraps due to length.

gh-142267: Improve argparse performance by caching the formatter used for argument validation.

gh-68552: MisplacedEnvelopeHeaderDefect and Missing header name defects are now correctly passed to the handle_defect method of policy in FeedParser.

gh-142006: Fix a bug in the email.policy.default folding algorithm which incorrectly resulted in a doubled newline when a line ending at exactly max_line_length was followed by an unfoldable token.

gh-105836: Fix asyncio.run_coroutine_threadsafe() leaving underlying cancelled asyncio task running.

gh-142737: Tracebacks will be displayed in fallback mode even if io.open() is lost. Previously, this would crash the interpreter. Patch by Bartosz Sławecki.

gh-142554: Fix a crash in divmod() when _pylong.int_divmod() does not return a tuple of length two exactly. Patch by Bénédikt Tran.

gh-142531: Fix a free-threaded GC performance regression. If there are many untracked tuples, the GC will run too often, resulting in poor performance. The fix is to include untracked tuples in the “long lived” object count. The number of frozen objects is also now included since the free-threaded GC must scan those too.

gh-142402: Fix reference counting when adjacent literal parts are merged while constructing string.templatelib.Template, preventing the displaced string object from leaking.

gh-133932: Fix crash in the free threading build when clearing frames that hold tagged integers.

gh-142343: Fix SIGILL crash on m68k due to incorrect assembly constraint.

gh-137007: Fix a bug during JIT compilation failure which caused garbage collection debug assertions to fail.

gh-142589: Fix PyUnstable_Object_IsUniqueReferencedTemporary() handling of tagged ints on the interpreter stack.

gh-142571: PyUnstable_CopyPerfMapFile() now checks that opening the file succeeded before flushing.

gh-142454: When calculating the digest of the JIT stencils input, sort the hashed files by filenames before adding their content to the hasher. This ensures deterministic hash input and hence deterministic hash, independent on filesystem order.

gh-141808: When running make clean-retain-profile, keep the generated JIT stencils. That way, the stencils are not generated twice when Profile-guided optimization (PGO) is used. It also allows distributors to supply their own pre-built JIT stencils.

gh-138061: Ensure reproducible builds by making JIT stencil header generation deterministic.

gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing.

gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.

gh-142218: Fix crash when inserting into a split table dictionary with a non str key that matches an existing key.

gh-116738: Fix cmath data race when initializing trigonometric tables with subinterpreters.

gh-139810: Installing with py install 3[.x]-dev will now select final versions as well as prereleases.

gh-141692: Each slice of an iOS XCframework now contains a lib folder that contains a symlink to the libpython dylib. This allows binary modules to be compiled for iOS using dynamic libreary linking, rather than Framework linking.

gh-141442: The iOS testbed now correctly handles test arguments that contain spaces.

gh-140702: The iOS testbed app will now expose the GITHUB_ACTIONS environment variable to iOS apps being tested.

gh-137484: Have Tools/wasm/wasi put the build Python into a directory named after the build triple instead of “build”.

gh-137248: Add a --logdir option to Tools/wasm/wasi for specifying where to write log files.

gh-137243: Have Tools/wasm/wasi detect a WASI SDK install in /opt when it was directly extracted from a release tarball.

gh-140482: Preserve and restore the state of stty echo as part of the test environment.

gh-140082: Update python -m test to set FORCE_COLOR=1 when being run with color enabled so that unittest which is run by it with redirected output will output in color.

gh-139208: Fix regrtest --fast-ci --verbose: don’t ignore the --verbose option anymore. Patch by Victor Stinner.

gh-136442: Use exitcode 1 instead of 5 if unittest.TestCase.setUpClass() raises an exception

gh-139700: Check consistency of the zip64 end of central directory record. Support records with “zip64 extensible data” if there are no bytes prepended to the ZIP file.

gh-139283: sqlite3: correctly handle maximum number of rows to fetch in Cursor.fetchmany and reject negative values for Cursor.arraysize. Patch by Bénédikt Tran.

gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser.

gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran.

gh-136065: Fix quadratic complexity in os.path.expandvars().

gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.

gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.