Major version bump from 3.13.9 to 3.14.3.
Highlights of Python 3.14:
- PEP 649: Deferred evaluation of annotations
- PEP 750: Template string literals (t-strings)
- PEP 758: Exception syntax simplification (no brackets needed)
- PEP 765: Restrict control flow in finally blocks
- PEP 779: Official free-threaded mode support
- PEP 784: Zstandard compression module
- UUID versions 6-8 support with faster generation
- Formally verified HMAC implementation
- Experimental JIT compiler support
- Tail-call interpreter option for performance
Full release notes:
https://www.python.org/downloads/release/python-3143/
Dropped 100-test_hashlib-better-handle-support-for-SHA3.patch (upstreamed)
Adapted 027-fix-host-build-libressl.patch (for
X509_VERIFY_PARAM_get_hostflags() )
Refreshed other patches.
Signed-off-by: Alexandru Ardelean <redacted>
# Note: keep in sync with pip
PYTHON3_VERSION_MAJOR:=3
-PYTHON3_VERSION_MINOR:=13
-PYTHON3_VERSION_MICRO:=9
+PYTHON3_VERSION_MINOR:=14
+PYTHON3_VERSION_MICRO:=3
PYTHON3_VERSION:=$(PYTHON3_VERSION_MAJOR).$(PYTHON3_VERSION_MINOR)
PYTHON3_PIP_PKG_RELEASE:=1
-PYTHON3_PIP_VERSION:=25.2
+PYTHON3_PIP_VERSION:=25.3
include ../python3-version.mk
PKG_NAME:=python3
-PKG_RELEASE:=2
+PKG_RELEASE:=1
PKG_VERSION:=$(PYTHON3_VERSION).$(PYTHON3_VERSION_MICRO)
PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION)
-PKG_HASH:=ed5ef34cda36cfa2f3a340f07cac7e7814f91c7f3c411f6d3562323a866c5c66
+PKG_HASH:=a97d5549e9ad81fe17159ed02c68774ad5d266c72f8d9a0b5a9c371fe85d902b
-PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>, Alexandru Ardelean <ardeleanalex@gmail.com>
+PKG_MAINTAINER:=Alexandru Ardelean <ardeleanalex@gmail.com>
PKG_LICENSE:=Python-2.0.1 0BSD
PKG_LICENSE_FILES:=LICENSE Doc/copyright.rst Doc/license.rst Modules/_ctypes/darwin/LICENSE Modules/_ctypes/libffi_osx/LICENSE Modules/expat/COPYING
PKG_CPE_ID:=cpe:/a:python:python
define Package/python3-light
$(call Package/python3/Default)
TITLE+= light installation
- DEPENDS:=+python3-base +libbz2 +zlib +USE_GLIBC:libcrypt-compat
+ DEPENDS:=+python3-base +libbz2 +zlib +libzstd +USE_GLIBC:libcrypt-compat
endef
define Package/python3-light/config
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2569,6 +2569,7 @@ libinstall: all $(srcdir)/Modules/xxmodu
+@@ -2811,6 +2811,7 @@ libinstall: all $(srcdir)/Modules/xxmodu
echo "Applying app store compliance patch"; \
patch --force --reject-file "$(abs_builddir)/app-store-compliance.rej" --strip 2 --directory "$(DESTDIR)$(LIBDEST)" --input "$(abs_srcdir)/$(APP_STORE_COMPLIANCE_PATCH)" || true ; \
fi
@ # Build PYC files for the 3 optimization levels (0, 1, 2)
-PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \
$(PYTHON_FOR_BUILD) -Wi $(DESTDIR)$(LIBDEST)/compileall.py \
-@@ -2579,6 +2580,7 @@ libinstall: all $(srcdir)/Modules/xxmodu
+@@ -2821,6 +2822,7 @@ libinstall: all $(srcdir)/Modules/xxmodu
$(PYTHON_FOR_BUILD) -Wi $(DESTDIR)$(LIBDEST)/compileall.py \
-o 0 -o 1 -o 2 $(COMPILEALL_OPTS) -d $(LIBDEST)/site-packages -f \
-x badsyntax $(DESTDIR)$(LIBDEST)/site-packages
--- a/Python/initconfig.c
+++ b/Python/initconfig.c
-@@ -326,7 +326,7 @@ int Py_NoSiteFlag = 0; /* Suppress 'impo
+@@ -474,7 +474,7 @@ int Py_NoSiteFlag = 0; /* Suppress 'impo
int Py_BytesWarningFlag = 0; /* Warn on str(bytes) and str(buffer) */
int Py_FrozenFlag = 0; /* Needed by getpath.c */
int Py_IgnoreEnvironmentFlag = 0; /* e.g. PYTHONPATH, PYTHONHOME */
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -746,6 +746,7 @@ profile-gen-stamp: profile-clean-stamp
+@@ -850,6 +850,7 @@ profile-gen-stamp: profile-clean-stamp
# Run task with profile generation build to create profile information.
profile-run-stamp:
@echo "Running code to generate profile data (this can take a while):"
# First, we need to create a clean build with profile generation
# enabled.
-@@ -759,6 +760,7 @@ profile-run-stamp:
+@@ -863,6 +864,7 @@ profile-run-stamp:
# This is an expensive target to build and it does not have proper
# makefile dependency information. So, we create a "stamp" file
# to record its completion and avoid re-running it.
# Compile Python binary with profile guided optimization.
--- a/configure.ac
+++ b/configure.ac
-@@ -1905,7 +1905,7 @@ fi
+@@ -1862,7 +1862,7 @@ fi
AC_ARG_VAR([PROFILE_TASK], [Python args for PGO generation task])
AC_MSG_CHECKING([PROFILE_TASK])
--- a/Lib/ctypes/util.py
+++ b/Lib/ctypes/util.py
-@@ -101,6 +101,8 @@ elif sys.platform == "android":
+@@ -195,6 +195,8 @@ elif sys.platform == "emscripten":
elif os.name == "posix":
# Andreas Degert's find functions, using gcc, /sbin/ldconfig, objdump
import re, tempfile
def _is_elf(filename):
"Return True if the given file is an ELF file"
-@@ -277,6 +279,57 @@ elif os.name == "posix":
+@@ -371,6 +373,57 @@ elif os.name == "posix":
def find_library(name, is64 = False):
return _get_soname(_findLib_crle(name, is64) or _findLib_gcc(name))
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2595,7 +2595,7 @@ python-config: $(srcdir)/Misc/python-con
+@@ -2837,7 +2837,7 @@ python-config: $(srcdir)/Misc/python-con
@ # On Darwin, always use the python version of the script, the shell
@ # version doesn't use the compiler customizations that are provided
@ # in python (_osx_support.py).
--- a/Modules/_hashopenssl.c
+++ b/Modules/_hashopenssl.c
-@@ -45,7 +45,9 @@
+@@ -44,7 +44,9 @@
#define MUNCH_SIZE INT_MAX
#if defined(NID_sha3_224) && defined(NID_sha3_256) && defined(NID_sha3_384) && defined(NID_sha3_512)
#define PY_OPENSSL_HAS_SHA3 1
#endif
-@@ -971,11 +973,15 @@ _hashlib_HASH(PyObject *module, const ch
+@@ -963,11 +965,15 @@ _hashlib_HASH(PyObject *module, const ch
goto exit;
}
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
-@@ -4827,7 +4827,11 @@ _ssl__SSLContext_cert_store_stats_impl(P
+@@ -74,7 +74,10 @@
+ # error "OPENSSL_THREADS is not defined, Python requires thread-safe OpenSSL"
+ #endif
+
+-
++#ifdef LIBRESSL_VERSION_NUMBER
++/* LibreSSL does not define this for some reason, but it does implement it */
++unsigned int X509_VERIFY_PARAM_get_hostflags(X509_VERIFY_PARAM *param);
++#endif
+
+ struct py_ssl_error_code {
+ const char *mnemonic;
+@@ -4896,7 +4899,11 @@ _ssl__SSLContext_cert_store_stats_impl(P
int x509 = 0, crl = 0, ca = 0, i;
store = SSL_CTX_get_cert_store(self->ctx);
if (objs == NULL) {
PyErr_SetString(PyExc_MemoryError, "failed to query cert store");
return NULL;
-@@ -4883,7 +4887,11 @@ _ssl__SSLContext_get_ca_certs_impl(PySSL
+@@ -4952,7 +4959,11 @@ _ssl__SSLContext_get_ca_certs_impl(PySSL
}
store = SSL_CTX_get_cert_store(self->ctx);
+++ /dev/null
-From 5ae0915cc9a314f446bf4baa3b3001253d39a158 Mon Sep 17 00:00:00 2001
-From: Christian Marangi <ansuelsmth@gmail.com>
-Date: Mon, 24 Nov 2025 15:51:33 +0100
-Subject: [PATCH] test_hashlib: better handle support for SHA3
-
-It's possible that the SSL library supports only SHA3 algo and doesn't
-have SHAKE one.
-
-The current test wrongly detect this and set both HASH and HASHXOF to
-None expecting to have the extra SHA3 attributes present but this should
-only be true for SHAKE algo.
-
-To better handle this, move the HASH condition to a dedicated try-expect
-condition and check if HASHXOF is None in the relevant code effectively
-checking if SHA3 is supported by the SSL library but SHAKE algo needs to
-use the sha3module one.
-
-Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
----
- Lib/test/test_hashlib.py | 20 +++++++++++++++-----
- 1 file changed, 15 insertions(+), 5 deletions(-)
-
---- a/Lib/test/test_hashlib.py
-+++ b/Lib/test/test_hashlib.py
-@@ -40,9 +40,13 @@ else:
- openssl_hashlib = import_fresh_module('hashlib', fresh=['_hashlib'])
-
- try:
-- from _hashlib import HASH, HASHXOF, openssl_md_meth_names, get_fips_mode
-+ from _hashlib import HASH
- except ImportError:
- HASH = None
-+
-+try:
-+ from _hashlib import HASHXOF, openssl_md_meth_names, get_fips_mode
-+except ImportError:
- HASHXOF = None
- openssl_md_meth_names = frozenset()
-
-@@ -558,9 +562,14 @@ class HashLibTestCase(unittest.TestCase)
- constructors = self.constructors_to_test[name]
- for hash_object_constructor in constructors:
- m = hash_object_constructor()
-- if HASH is not None and isinstance(m, HASH):
-- # _hashopenssl's variant does not have extra SHA3 attributes
-- continue
-+ if name.startswith('shake_'):
-+ if HASHXOF is not None and isinstance(m, HASHXOF):
-+ # _hashopenssl's variant does not have extra SHA3 attributes
-+ continue
-+ else:
-+ if HASH is not None and isinstance(m, HASH):
-+ # _hashopenssl's variant does not have extra SHA3 attributes
-+ continue
- self.assertEqual(capacity + rate, 1600)
- self.assertEqual(m._capacity_bits, capacity)
- self.assertEqual(m._rate_bits, rate)
-@@ -1057,7 +1066,8 @@ class HashLibTestCase(unittest.TestCase)
- def test_hash_disallow_instantiation(self):
- # internal types like _hashlib.HASH are not constructable
- support.check_disallow_instantiation(self, HASH)
-- support.check_disallow_instantiation(self, HASHXOF)
-+ if HASHXOF is not None:
-+ support.check_disallow_instantiation(self, HASHXOF)
-
- def test_readonly_types(self):
- for algorithm, constructors in self.constructors_to_test.items():
git.99rst.org / openwrt-packages.git / commitdiff