[issue41276] Min / Max returns different values depending on parameter order

Calvin Davis added the comment: You say that confusing IDLE with Python is common for beginners, do you mean to suggest that IDLE isn't a Python interpreter? I know IDLE is essentially just an IDE and distinctly different than the python shell, but I wasn't aware the differences would

[issue41289] '%' character in help= for argparse causes ValueError: incomplete format

Neil Godber added the comment: Hi, yes I did just then and indeed this worked. Wasn't aware of this. Further, curiously I am no longer able recreate this issue so I will close this for now. Sorry for the bother. -- stage: -> resolved status: open -> closed

[issue37095] [Feature Request]: Add zstd support in tarfile

Anatol Pomozov added the comment: Is there any progress with this feature development? Arch Linux uses Python tar library for its toolset. Arch devs are looking to add ZSTD support to the toolset but it needs this feature to be implemented. -- nosy: +Anatol Pomozov

[issue41276] Min / Max returns different values depending on parameter order

Terry J. Reedy added the comment: Calvin, min and max are builtin functions and part of 'Interpreter Core'. Confusing IDLE with Python is common for beginners who use IDLE. Do you think I could reduce the confusion by somehow changing the message printed at the top of Shell, before '>>>'?

[issue41210] Docs: More description of reason about LZMA1 data handling with FORMAT_ALONE

Hiroshi Miura added the comment: Lasse Collin gives me explanation of LZMA1 data format and suggestion how to implement. I'd like to change an issue to a documentation issue to add more description about limitation on FORMAT_ALONE and LZMA1. A suggestion from Lasse is as follows: >

[issue41289] '%' character in help= for argparse causes ValueError: incomplete format

Change by Karthikeyan Singaravelan : -- nosy: +paul.j3, rhettinger ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue41288] Pickle crashes using a crafted datetime object

Change by Karthikeyan Singaravelan : -- nosy: +belopolsky, p-ganssle ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue41287] __doc__ attribute is not set in property-derived classes

Change by Karthikeyan Singaravelan : -- nosy: +xtreak ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue41286] Built-in platform module does not offer to check for processor instructions

Boštjan Mejak added the comment: This feature is needed for a chess GUI application because the Stockfish chess engine is offered in different builds: a build that supports the POPCNT processor instruction and a build that doesn't, a build that supports the BMI/BMI2 processor instruction

[issue41289] '%' character in help= for argparse causes ValueError: incomplete format

Eric V. Smith added the comment: Did you try doubling the % char? help='%%-age of the value' -- nosy: +eric.smith ___ Python tracker ___

[issue41289] '%' character in help= for argparse causes ValueError: incomplete format

New submission from Neil Godber : '%' character in help= for argparse causes ValueError: incomplete format. I am attempting to use the percentage character in my help string but get the above error. Presumably argparse assumes % denotes formatting when this is not the case. I have tried

[issue39017] Infinite loop in the tarfile module

Rishi added the comment: Thank you. I have signed the CLA agreement. I have pushed my code changes and also written a testcase for this issue -- ___ Python tracker ___

[issue39017] Infinite loop in the tarfile module

Change by Rishi : -- keywords: +patch pull_requests: +20602 stage: test needed -> patch review pull_request: https://github.com/python/cpython/pull/21454 ___ Python tracker

[issue41288] Pickle crashes using a crafted datetime object

Change by Serhiy Storchaka : -- assignee: -> serhiy.storchaka components: +Extension Modules -Interpreter Core nosy: +serhiy.storchaka ___ Python tracker ___

[issue41288] Pickle crashes using a crafted datetime object

Christian Heimes added the comment: datetime_new assumes that args is a tuple. load_newobj_ex() doesn't check that args is a tuple and kwargs is a dictionary. The demo exploit passes ``True`` as args, which triggers a segfault in PyTuple_GET_SIZE in datetime_new. #0 datetime_new

[issue41208] An exploitable segmentation fault in marshal module

Iman Sharafodin added the comment: @serhiy.storchaka Thank you. Please find it here https://bugs.python.org/issue41288 . -- ___ Python tracker ___

[issue41288] Pickle crashes using a crafted datetime object

New submission from Iman Sharafodin : The following code generates a segfault on the Pickle module [it's a crafted datetime object] (Python 3.10.0a0 (heads/master:b40e434, Jul 4 2020), Python 3.6.11 and Python 3.7.2): import io import pickle hex_string =

[issue41208] An exploitable segmentation fault in marshal module

Serhiy Storchaka added the comment: Thank you. Indeed, it is a pickle specific crash. Please open a new issue and I'll provide a fix. -- ___ Python tracker ___

[issue41287] __doc__ attribute is not set in property-derived classes

New submission from Sergei Izmailov : MRE: class Property(property): pass print(Property(None, None, None, "hello").__doc__) Expected: hello Actual: None -- messages: 373571 nosy: Sergei Izmailov priority: normal severity: normal status: open title: __doc__ attribute is not

[issue41257] mimetypes.guess_extension('video/x-matroska') return wrong value

Ammar Askar added the comment: This looks the same as issue38656, feel free to re-open if its not. -- nosy: +ammar2 resolution: -> duplicate stage: -> resolved status: open -> closed ___ Python tracker

[issue41208] An exploitable segmentation fault in marshal module

Iman Sharafodin added the comment: @serhiy.storchaka you name it, you have it. The following code generates a segfault on the Pickle module [it's a crafted datetime object] (Python 3.10.0a0 (heads/master:b40e434, Jul 4 2020), Python 3.6.11 and Python 3.7.2): import io import pickle

[issue41176] revise Tkinter mainloop dispatching flag behavior

E. Paine added the comment: I have just finished reviewing the proposed PR, and am happy with the content. During the process of developing the PR, we established that the behaviour that should be deprecated is the error after a second of waiting in a thread. Instead, on `WaitForMainloop`

[issue41208] An exploitable segmentation fault in marshal module

Serhiy Storchaka added the comment: It depends. pickle is not vulnerable to the kind of error reported in this issue. If you find some way to crash Python specific to pickle it will likely be fixed if it is possible without significant performance or memory cost. If it depends on arbitrary

[issue41286] Built-in platform module does not offer to check for processor instructions

Eric V. Smith added the comment: What would you use this information for, if it were available from Python code? -- nosy: +eric.smith ___ Python tracker ___

[issue41286] Built-in platform module does not offer to check for processor instructions

Christian Heimes added the comment: Python's standard library doesn't aim to solve all problems. Python also supports a lot of platforms and CPU architectures. We'd have to implement this on major platforms like BSD, Linux, and Windows as well as other supported platforms like AIX or VMS

[issue41208] An exploitable segmentation fault in marshal module

Christian Heimes added the comment: Linux containers like Docker are not a security boundary. They are a merely a mechanism to package, deliver, and run software. Dan Walsh coined the phrase "Containers Don't Contain" a while ago. It's possible to tighten security of containers. This starts

[issue41146] Convert signal.default_int_handler() to Argument Clinic

Change by Serhiy Storchaka : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue41286] Built-in platform module does not offer to check for processor instructions

New submission from Boštjan Mejak : The platform module does not offer to check whether a processor supports the POPCNT or BMI/BMI2 processor instructions. Am I missing something or is it actually missing this feature? -- components: Library (Lib) messages: 373563 nosy: PedanticHacker

[issue41146] Convert signal.default_int_handler() to Argument Clinic

Serhiy Storchaka added the comment: New changeset b0689ae7f9d904bc2126994aedbc552f03479e40 by Serhiy Storchaka in branch 'master': bpo-41146: Convert signal.default_int_handler() to Argument Clinic (GH-21197) https://github.com/python/cpython/commit/b0689ae7f9d904bc2126994aedbc552f03479e40

[issue20175] Derby #6: Convert 50 sites to Argument Clinic across 8 files

Change by Serhiy Storchaka : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue41187] Convert the _msi module to Argument Clinic

Change by Serhiy Storchaka : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue20181] Derby #12: Convert 50 sites to Argument Clinic across 4 files

Change by Serhiy Storchaka : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue20175] Derby #6: Convert 50 sites to Argument Clinic across 8 files

Serhiy Storchaka added the comment: New changeset 545b54d2abbc7970aa66b179a18ff2ac4440a8f9 by Zackery Spytz in branch 'master': bpo-20175: Convert Modules/_multiprocessing to the Argument Clinic (GH-14245) https://github.com/python/cpython/commit/545b54d2abbc7970aa66b179a18ff2ac4440a8f9

[issue41285] memoryview does not support subclassing

Change by Christian Heimes : -- versions: -Python 3.5, Python 3.6, Python 3.7, Python 3.8, Python 3.9 ___ Python tracker ___ ___

[issue20181] Derby #12: Convert 50 sites to Argument Clinic across 4 files

Serhiy Storchaka added the comment: New changeset b7047e59a40649d81061acf0044e74cfd426f064 by Zackery Spytz in branch 'master': bpo-20181: Convert the readline module to the Argument Clinic (#14326) https://github.com/python/cpython/commit/b7047e59a40649d81061acf0044e74cfd426f064

[issue41284] High Level API for json file parsing

Serhiy Storchaka added the comment: json.load() is already a high level API. json.JSONDecoder is more low level API. Not every two lines of code should be added as a function in the stdlib. Also, such API would be too complex because you would need to combine parameters of open() (8

[issue41208] An exploitable segmentation fault in marshal module

STINNER Victor added the comment: This bug tracker is not the right place to report issues of third party web services. I don't see anything wrong with Python according to Python Threat Model: https://python-security.readthedocs.io/security.html#python-security-model That's why pickle starts

[issue41208] An exploitable segmentation fault in marshal module

Iman Sharafodin added the comment: There are many online Python interpreters, we can use this malicious file to escape their sandboxes and get control of their Docker container or system (and abuse them, for example, to conduct a DoS attack), as their fully trust that Python doesn't

[issue41208] An exploitable segmentation fault in marshal module

STINNER Victor added the comment: By design, it is trivial to run arbritrary Python code using pickle. There is no need to exploit a segfault for that. -- ___ Python tracker

[issue41285] memoryview does not support subclassing

Change by Karthikeyan Singaravelan : -- nosy: +skrah ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue41284] High Level API for json file parsing

Karthikeyan Singaravelan added the comment: There was a previous issue to support filepath for json.load https://bugs.python.org/issue36378 . This just expands the json API that could already be done using one more operation. -- nosy: +ezio.melotti, rhettinger, xtreak

[issue41285] memoryview does not support subclassing

New submission from Michiel de Hoon : Currently memoryview does not support subclassing: >>> class B(memoryview): pass ... Traceback (most recent call last): File "", line 1, in TypeError: type 'memoryview' is not an acceptable base type Subclassing memoryview can be useful when - class

[issue41284] High Level API for json file parsing

Rémi Lapeyre added the comment: Hi, using a file object is very common as it makes it possible to use something that is not a file, like an HTTP request or something already in memory. It makes the module serializing / de-serializing the data completely agnostic with regard to the actual

[issue41284] High Level API for json file parsing

Change by Wansoo Kim : -- keywords: +patch pull_requests: +20601 stage: -> patch review pull_request: https://github.com/python/cpython/pull/21453 ___ Python tracker ___

[issue41284] High Level API for json file parsing

New submission from Wansoo Kim : Many Python users use the following snippets to read Json File. ``` with oepn(filepath, 'r') as f: data = json.load(f) ``` I suggest providing this snippet as a function. ``` data = json.read(filepath) ``` Reading Json is very frequent task for python

[issue40275] test.support has way too many imports

Change by Serhiy Storchaka : -- nosy: -serhiy.storchaka ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue40275] test.support has way too many imports

Change by Vinay Sajip : -- nosy: -vinay.sajip ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue40275] test.support has way too many imports

Change by hai shi : -- pull_requests: +20600 pull_request: https://github.com/python/cpython/pull/21452 ___ Python tracker ___ ___

[issue40275] test.support has way too many imports

Change by hai shi : -- pull_requests: +20599 pull_request: https://github.com/python/cpython/pull/21451 ___ Python tracker ___ ___

[issue41283] The parameter name for imghdr.what in the documentation is wrong

New submission from Adam Eltawla : I noticed the parameter name for imghdr.what in the documentation is wrong Link: https://docs.python.org/3.8/library/imghdr.html?highlight=imghdr function imghdr.what(filename, h=None) In reality: def what(file, h=None): It is 'file' not 'filename'.

[issue27534] IDLE: Reduce number and time for user process imports

Cheryl Sabella added the comment: I'm going to close the PR for this as the change is out of date with newer changes to fetch_completions and fetch_completions is being rewritten for #37766. It would be easiest to revisit this once the other changes to fetch_completions are set.

[issue40275] test.support has way too many imports

Change by hai shi : -- pull_requests: +20598 pull_request: https://github.com/python/cpython/pull/21450 ___ Python tracker ___ ___

[issue40275] test.support has way too many imports

Change by hai shi : -- pull_requests: +20597 pull_request: https://github.com/python/cpython/pull/21449 ___ Python tracker ___ ___

[issue40275] test.support has way too many imports

Change by hai shi : -- pull_requests: +20596 pull_request: https://github.com/python/cpython/pull/21448 ___ Python tracker ___ ___

[issue41282] Deprecate and remove distutils

Change by Jason R. Coombs : -- nosy: +steve.dower ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue41282] Deprecate and remove distutils

Jason R. Coombs added the comment: Łukasz, would it be possible to add the deprecation warning and documented deprecation to Python 3.9? -- nosy: +lukasz.langa ___ Python tracker

[issue41282] Deprecate and remove distutils

Change by Jason R. Coombs : -- nosy: +ncoghlan, paul.moore ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue41282] Deprecate and remove distutils

New submission from Jason R. Coombs : Setuptools has adopted distutils as outlined in [pypa/packaging-problems#127](https://github.com/pypa/packaging-problems/issues/127). Although there are some straggling issues, the current release of Setuptools fully obviates distutils if a certain