:mod:`xml.parsers.expat`: Fixed a crash caused by unbounded C recursion when converting deeply nested XML content models with :meth:`~xml.parsers.expat.xmlparser.ElementDeclHandler`. This addresses :cve:`2026-4224`.
Reject control characters in :class:`http.cookies.Morsel` :meth:`~http.cookies.Morsel.update` and :meth:`~http.cookies.BaseCookie.js_output`. This addresses :cve:`2026-3644`.
Reject leading dashes in URLs passed to :func:`webbrowser.open`.
Fix an unlikely crash when parsing an invalid type comments for function parameters. Found by OSS Fuzz in :oss-fuzz:`492782951`.
Propagate result type and uniqueness information through
_BINARY_OP_EXTEND in the tier 2 optimizer, enabling elimination of
downstream type guards and selection of inplace float operations.
Initialize _PyInterpreterFrame.visited when copying interpreter frames
so incremental GC does not read an uninitialized byte from generator and
frame-object copies.
Cache pickle.dumps and pickle.loads per interpreter in the XIData
framework, avoiding repeated module lookups on every cross-interpreter data
transfer. This speeds up
:class:`~concurrent.futures.InterpreterPoolExecutor` for mutable types
(list, dict) by 1.7x--3.3x.
Fix :func:`sys.set_lazy_imports_filter` so relative lazy imports pass the resolved imported module name to the filter callback. Patch by Pablo Galindo.
Constant-fold _CONTAINS_OP_SET for :class:`frozenset`. Patch by Donghee
Na.
Fix a bug that could cause applications with specific allocation patterns to leak memory via Huge Pages if compiled with Huge Page support. Patch by Pablo Galindo
Make :c:func:`PySet_Contains` attempt a lock-free lookup, similar to :meth:`!set.__contains__`. This avoids acquiring the set object mutex in the normal case.
Allow the count argument of :meth:`bytes.replace` to be a keyword.
Fix a crash in :meth:`~object.__get__` for :c:expr:`METH_METHOD` descriptors when an invalid (non-type) object is passed as the second argument. Patch by Steven Sun.
Optimize compact integer arithmetic in the JIT by mutating
uniquely-referenced operands in place, avoiding allocation of a new int
object. Speeds up the pyperformance spectral_norm benchmark by ~10%.
Fix type slot assignment incase of multiple slots for same name in type object implementation. Patch by Kumar Aditya.
Set frame pointers in aarch64-unknown-linux-gnu JIT code, allowing most
native profilers and debuggers to unwind through them. Patch by Diego Russo
Adds a null check to handle when the JIT optimizer runs out of space when
dealing with contradictions in make_bottom.
Ensure -X lazy_imports=none` and PYTHON_LAZY_IMPORTS=none` override
:attr:`module.__lazy_modules__`. Patch by Hugo van Kemenade.
Fixed multiple error handling issues in the :mod:`!_remote_debugging` module including a double-free in code object caching, memory leaks on allocation failure, missing exception checks in binary format varint decoding, reference leaks on error paths in frame chain processing, and inconsistent thread status error reporting across platforms. Patch by Pablo Galindo.
Optimize float arithmetic in the JIT by mutating uniquely-referenced
operands in place, avoiding allocation of a new float object. Speeds up the
pyperformance nbody benchmark by ~19%.
Fix a bug which could cause constant values to be partially corrupted in AArch64 JIT code. This issue is theoretical, and hasn't actually been observed in unmodified Python interpreters.
Fixed a memory leak in :exc:`SyntaxError` when re-initializing it.
Fixed reference leaks in :mod:`socket` when audit hooks raise exceptions in :func:`socket.getaddrinfo` and :meth:`!socket.sendto`.
:class:`memoryview` now supports the :c:expr:`float complex` and
:c:expr:`double complex` C types: formatting characters 'F' and 'D'
respectively. Patch by Sergey B Kirpichev.
Fix potential Undefined Behavior in :c:func:`PyUnicodeWriter_WriteASCII` by adding a zero-length check. Patch by Shamil Abdulaev.
Fix wrong type in _Py_atomic_load_uint16 in the C11 atomics backend
(pyatomic_std.h), which used a 32-bit atomic load instead of 16-bit.
Found by Mohammed Zuhaib.
Fixed a bug where :meth:`select.epoll.close`, :meth:`select.kqueue.close`, and :meth:`select.devpoll.close` silently ignored errors.
Comparison of code objects now handles errors correctly.
Remove the GET_ITER_YIELD_FROM instruction, modifying SEND to pair
with GET_ITER when compiling yield from expressions.
Add Base32 support to :mod:`binascii` and improve the performance of the Base32 converters in :mod:`base64`. Patch by James Seo.
Improve multithreaded scaling of PyMutex in low-contention scenarios by reloading the lock's internal state, without slowing down high-contention scenarios.
Fixed segmentation fault when called repr for BaseExceptionGroup with empty or 1-size tuple args.
Fix :func:`repr` for lists and tuples containing NULLs.
Fixed sys.lazy_modules to include lazy modules without submodules. Patch
by Bartosz Sławecki.
Fix free-threading scaling bottleneck in :func:`sys.intern` and :c:func:`PyObject_SetAttr` by avoiding the interpreter-wide lock when the string is already interned and immortalized.
python --help-env sections are now sorted by environment variable name.
python --help-xoptions is now sorted by -X option name.
:exc:`AttributeError`s and :exc:`KeyError`s raised in :meth:`!keys` or
:meth:`!__getitem__` during dictionary unpacking ({**mymapping} or
func(**mymapping)) are no longer masked by :exc:`TypeError`.
Support tracing from function entrypoints in the JIT. Patch by Ken Jin.
Fix GC tracking in structseq.__replace__().
Fix out-of-bounds access when invoking faulthandler on a CPython build compiled without support for VLAs.
Avoid a pathological case where repeated calls at a specific stack depth could be significantly slower.
Improve scaling of :func:`classmethod` and :func:`staticmethod` calls in the
free-threaded build by avoiding the descriptor __get__ call.
Fix an unlikely crash in the parser when certain errors were erroneously not propagated. Found by OSS Fuzz in :oss-fuzz:`491369109`.
Improve scaling of type attribute lookups in the :term:`free-threaded build` by avoiding contention on the internal type lock.
Make :meth:`bytearray.resize` thread-safe in the free-threaded build by using a critical section and calling the lock-held variant of the resize function.
In free-threaded build, fix race condition when calling :meth:`!__sizeof__` on a :class:`list`
Eliminate redundant refcounting for MATCH_CLASS in the JIT.
Add :mod:`math.integer` to :term:`REPL` auto-completion of imports.
Optimize _ITER_CHECK_RANGE and _ITER_CHECK_LIST in the JIT
Add tracking to the JIT optimizer to determine whether a reference is uniquely owned or shared
Fix a crash when calling :class:`SimpleNamespace.__replace__() <types.SimpleNamespace>` on non-namespace instances. Patch by Bénédikt Tran.
Set frame pointers in x86_64-unknown-linux-gnu JIT code, allowing most
native profilers and debuggers to unwind through them.
Fix an out of bounds read when a single NUL character is read from the standard input. Patch by Shamil Abdulaev.
Add support for module attributes in the :term:`REPL` auto-completion of imports.
Fix a regression introduced in 3.14.3 and 3.13.12 where the
:mod:`multiprocessing` forkserver start method would fail with
:exc:`BrokenPipeError` when the parent process had a very large
:data:`sys.argv`. The argv is now passed to the forkserver as separate
command-line arguments rather than being embedded in the -c command
string, avoiding the operating system's per-argument length limit.
:func:`base64.b32encode` now always raises :exc:`ValueError` instead of :exc:`AssertionError` for the value of map01 with invalid length.
Add the padded parameter in functions related to Base32 and Base64 codecs in the :mod:`binascii` and :mod:`base64` modules. In the encoding functions it controls whether the pad character can be added in the output, in the decoding functions it controls whether padding is required in input. Padding of input no longer required in :func:`base64.urlsafe_b64decode` by default.
:mod:`itertools`: Fix a crash in :func:`itertools.groupby` when the grouper iterator is concurrently mutated.
Accepted range for the bytes_per_sep argument of :meth:`bytes.hex`,
:meth:`bytearray.hex`, :meth:`memoryview.hex`, and :func:`binascii.b2a_hex`
is now increased, so passing sys.maxsize and -sys.maxsize is now
valid.
:mod:`ssl`: fix a crash when an SNI callback tries to use an SSL object that has already been garbage-collected. Patch by Bénédikt Tran.
Fix :func:`annotationlib.get_annotations` hanging indefinitely when called
with eval_str=True on a callable that has a circular __wrapped__
chain (e.g. f.__wrapped__ = f). Cycle detection using an id-based
visited set now stops the traversal and falls back to the globals found so
far, mirroring the approach of :func:`inspect.unwrap`.
:mod:`sqlite3`: fix a crash when :meth:`sqlite3.Connection.create_collation` fails with SQLITE_BUSY. Patch by Bénédikt Tran.
:mod:`sqlite3`: properly raise :exc:`MemoryError` instead of :exc:`SystemError` when a context callback fails to be allocated. Patch by Bénédikt Tran.
Make :meth:`asyncio.SelectorEventLoop` stream transport's :meth:`~asyncio.WriteTransport.get_write_buffer_size` O(1) by maintaining a running byte counter instead of iterating the buffer on every call.
Fix merging of :class:`collections.OrderedDict` and :class:`frozendict`.
Add support for merging :class:`collections.UserDict` and :class:`frozendict`.
Fix struct.pack('f', float): use :c:func:`PyFloat_Pack4` to raise
:exc:`OverflowError`. Patch by Sergey B Kirpichev and Victor Stinner.
:mod:`json`: Add the array_hook parameter to :func:`~json.load` and
:func:`~json.loads` functions: allow a callback for JSON literal array types
to customize Python lists in the resulting decoded object. Passing combined
:class:`frozendict` to object_pairs_hook param and :class:`tuple` to
array_hook will yield a deeply nested immutable Python structure
representing the JSON data.
Add the wrapcol parameter to :mod:`base64` functions :func:`~base64.b16encode`, :func:`~base64.b32encode`, :func:`~base64.b32hexencode`, :func:`~base64.b85encode` and :func:`~base64.z85encode`, and :mod:`binascii` functions :func:`~binascii.b2a_base32` and :func:`~binascii.b2a_base85`. Add the ignorechars parameter to :mod:`base64` functions :func:`~base64.b16decode`, :func:`~base64.b32decode`, :func:`~base64.b32hexdecode`, :func:`~base64.b85decode` and :func:`~base64.z85decode`, and :mod:`binascii` functions :func:`~binascii.a2b_hex`, :func:`~binascii.unhexlify`, :func:`~binascii.a2b_base32` and :func:`~binascii.a2b_base85`.
The :mod:`ensurepip` module no longer looks for pip-*.whl wheel packages
in the current directory.
Support :class:`frozendict` in :mod:`plistlib`, for serialization only. Patch by Hugo van Kemenade.
Support half-floats (type code 'e' of the :mod:`struct` module) in the
:mod:`array` module. Patch by Sergey B Kirpichev.
Fix incorrect contextvars handling in server tasks created by :mod:`asyncio`. Patch by Kumar Aditya.
Support the :c:expr:`float complex` and :c:expr:`double complex` C types in
the :mod:`array` module: formatting characters 'F' and 'D'
respectively. Patch by Sergey B Kirpichev.
In importlib.metadata, when a distribution file is corrupt and there is no
metadata file, calls to Distribution.metadata() (including implicit
calls from other properties like .name and .requires) will now raise
a MetadataNotFound Exception. This allows callers to distinguish between
missing metadata and a degenerate (empty) metadata. Previously, if the file
was missing, an empty PackageMetadata would be returned and would be
indistinguishable from the presence of an empty file.
Cached FastPath objects in importlib.metadata are now cleared on fork, avoiding broken references to zip files during fork.
Nested :exc:`AttributeError` suggestions now include property-backed attributes on nested objects without executing the property getter.
On Windows, :func:`sysconfig.get_platform` now gets the platform from the
_sysconfig module instead of parsing :data:`sys.version` string. Patch
by Victor Stinner.
Fix a bug in :func:`termios.tcsetwinsize` where passing a sequence that
raises an exception in __getitem__ would cause a :exc:`SystemError`
instead of propagating the original exception.
Update bundled libexpat to version 2.7.5.
:mod:`zoneinfo`: fix crashes when deleting _weak_cache from a
:class:`zoneinfo.ZoneInfo` subclass.
Make concurrent iteration over :class:`itertools.zip_longest` safe under free-threading.
Errors when calling :func:`functools.partial` with a malformed keyword will no longer crash the interpreter.
Limit the size of :func:`encodings.search_function` cache. Found by OSS Fuzz in :oss-fuzz:`493449985`.
All :option:`-X` options from the Python command line are now propagated to
child processes spawned by :mod:`multiprocessing`, not just a hard-coded
subset. This makes the behavior consistent between default "spawn" and
"forkserver" start methods and the old "fork" start method. The options
that were previously not propagated are: context_aware_warnings,
cpu_count, disable-remote-debug, int_max_str_digits,
lazy_imports, no_debug_ranges, pathconfig_warnings, perf,
perf_jit, presite, pycache_prefix, thread_inherit_context,
and warn_default_encoding.
Added the alphabet parameter in :func:`~binascii.b2a_base64`,
:func:`~binascii.a2b_base64`, :func:`~binascii.b2a_base85` and
:func:`~binascii.a2b_base85` and a number of *_ALPHABET constants in the
:mod:`binascii` module. Removed :func:`!b2a_z85` and :func:`!a2b_z85`.
Fix translation in :func:`base64.b64decode` when altchars overlaps with the standard ones.
Non-:exc:`AttributeError` exceptions raised during dialect attribute lookup in :mod:`csv` are no longer silently suppressed.
:mod:`zoneinfo`: Fix heap buffer overflow reads from malformed TZif data. Found by OSS Fuzz, issues :oss-fuzz:`492245058` and :oss-fuzz:`492230068`.
Changed some implementation details in :class:`struct.Struct`: calling it with non-ASCII string format will now raise a :exc:`ValueError` instead of :exc:`UnicodeEncodeError`, calling it with non-ASCII bytes format will now raise a :exc:`ValueError` instead of :exc:`struct.error`, getting the :attr:`!format` attribute of uninitialized object will now raise an :exc:`AttributeError` instead of :exc:`RuntimeError`.
asyncio: Fix :func:`asyncio.Server.serve_forever` shutdown regression. Since
3.12, cancelling serve_forever() could hang waiting for a handler
blocked on a read from a client that never closed (effectively requiring two
interrupts to stop); the shutdown sequence now ensures client streams are
closed so serve_forever() exits promptly and handlers observe EOF.
The profiling.sampling module now supports differential flamegraph
visualization via --diff-flamegraph to compare two profiling runs.
Functions are colored red (regressions), blue (improvements), gray
(neutral), or purple (new). Elided stacks show code paths that disappeared
between runs.
Request signature during mock autospec with FORWARDREF annotation
format. This prevents runtime errors when an annotation uses a name that is
not defined at runtime.
Avoid undefined behaviour from signed integer overflow when parsing format strings in the :mod:`struct` module. Found by OSS Fuzz in :oss-fuzz:`488466741`.
Add application/efi MIME type to :mod:`mimetypes`.
Add a few Microsoft-specific MIME types.
:mod:`asyncio`: Make sure that :meth:`loop.call_at <asyncio.loop.call_at>` and :meth:`loop.call_later <asyncio.loop.call_later>` trigger scheduled events on time when the clock resolution becomes too small.
Add application/sql and application/vnd.sqlite3 into mimetypes.
Fix infinite recursion in :class:`collections.defaultdict` __repr__ when
a defaultdict contains itself. Based on analysis by KowalskiThomas in
:gh:`145492`.
Add :meth:`~object.__repr__` support to :class:`logging.Formatter` and :class:`logging.Filter`, showing the format string and filter name respectively.
Resolved a performance regression in multiprocessing.connection.wait on
Windows that caused infinite busy loops when called with no objects. The
function now properly yields control to the OS to conserve CPU resources.
Patch By Shrey Naithani
Detect Android sysconfig ABI correctly on 32-bit ARM Android on 64-bit ARM kernel
Fix unittest.util.sorted_list_difference() to deduplicate remaining
elements when one input list is exhausted before the other.
Now :mod:`functools` is safer in free-threaded build when using keywords in :func:`functools.partial`
Base64 decoder (see :func:`binascii.a2b_base64`, :func:`base64.b64decode`, etc) no longer ignores excess data after the first padded quad in non-strict (default) mode. Instead, in conformance with RFC 4648, section 3.3, it now ignores the pad character, "=", if it is present before the end of the encoded data.
Allows omitting the internal library _pyrepl with limited loss of
functionality. This allows complete removal of the modern REPL, which is an
unsupported configuration, but still desirable for some distributions.
Made the tag parameter of :class:`xml.etree.ElementTree.Element` and the parent and tag parameters of :func:`xml.etree.ElementTree.SubElement` positional-only, matching the behavior of the C accelerator.
Fix crash in :meth:`xml.parsers.expat.xmlparser.ExternalEntityParserCreate`
when an allocation fails. The error paths could dereference NULL
handlers and double-decrement the parent parser's reference count.
:meth:`wave.Wave_write.setframerate` now validates the frame rate after
rounding to an integer, preventing values like 0.5 from being accepted
and causing confusing errors later. Patch by Michiel Beijen.
Add %n and %t support to :meth:`~datetime.datetime.strptime`.
Fix inconsistent display of long multiline pasted content in the REPL.
:func:`multiprocessing.freeze_support` no longer sets the default start method as a side effect, which previously caused a subsequent :func:`multiprocessing.set_start_method` call to raise :exc:`RuntimeError`.
Make concurrent iteration over :class:`itertools.accumulate` safe under free-threading.
Calling the Struct.__new__() without required argument now is
deprecated. Calling :meth:`~object.__init__` method on initialized
:class:`~struct.Struct` objects is deprecated.
Fix a race condition between :class:`zoneinfo.ZoneInfo` creation and :func:`zoneinfo.ZoneInfo.clear_cache` that could raise :exc:`KeyError`.
Don't change :class:`tarfile.TarInfo` type from AREGTYPE to DIRTYPE
when parsing GNU long name or link headers.
:func:`getpass.getpass` with non-empty echo_char now handles keyboard
shortcuts including Ctrl+A/E (cursor movement), Ctrl+K/U (kill line), Ctrl+W
(erase word), and Ctrl+V (literal next) by reading the terminal's control
character settings and processing them appropriately in non-canonical mode.
Patch by Sanyam Khurana.
:func:`traceback.format_exception_only` now colorizes exception notes.
Improve :exc:`AttributeError` suggestions for classes with a custom :meth:`~object.__dir__` method returning a list of unsortable values. Patch by Bénédikt Tran.
The :mod:`netrc` security check is now run once per parse rather than once per entry.
Add fancycompleter and enable it by default when using pyrepl. This gives colored tab completion.
Add an expand keyword argument for :func:`pprint.pprint`, :func:`pprint.pformat`, :func:`pprint.pp` by passing on all kwargs and :class:`pprint.PrettyPrinter`. Contributed by Stefan Todoran and Semyon Moroz.
Optional argument with :ref:`nargs` equals to argparse.REMAINDER now
consumes all remaining arguments including '--'.
Add support for floating point audio wave files in :mod:`wave`.
Make the target time of :meth:`timeit.Timer.autorange` configurable and add
--target-time option to the command-line interface of :mod:`timeit`.
Expand :mod:`argparse` documentation for type=bool with a demonstration
of the surprising behavior and pointers to common alternatives.
Fix text wrapping and formatting of -X option descriptions in the
:manpage:`python(1)` man page by using proper roff markup.
The Android testbed's emulator RAM has been increased from 2 GB to 4 GB.
Fix a race condition in regrtest: make sure that the temporary directory is created in the worker process. Previously, temp_cwd() could fail on Windows if the "build" directory was not created. Patch by Victor Stinner.
The Android testbed can now be built for 32-bit ARM and x86 targets.
The iOS XCframework build script now ensures libpython isn't included in installed app content, and is more robust in identifying standard library binary content that requires processing.
The Android build script was modified to improve parity with other platform build scripts.
The clean target for the Apple/iOS XCframework build script is now more selective when targeting a single architecture.
The Apple/iOS build script has been moved to the Platforms directory.
Fix building the jit stencils on Windows when the interpreter is built with a different clang version. Patch by Chris Eibl.
Update to WASI SDK 32.
When Python build is optimized with GCC using PGO, use
-fprofile-update=atomic option to use atomic operations when updating
profile information. This option reduces the risk of gcov Data Files (.gcda)
corruption which can cause random GCC crashes. Patch by Victor Stinner.
Add :option:`--disable-epoll` to configure
Remove support for ancient ARM platforms (ARMv4L and ARMv5L OABI boards), using mixed-endian representation for doubles. Patch by Sergey B Kirpichev.
Fix building without stropts.h or empty stropts.h
Fix REPL cursor position on Windows when module completion suggestion line hits console width.
Invoke :program:`osascript` with absolute path in :mod:`webbrowser` and :mod:`!turtledemo`.
Properly identify the main thread in the Gecko profiler collector by using a status flag from the interpreter state instead of relying on :func:`threading.main_thread` in the collector process.
Remove :file:`Misc/indent.pro`, a configuration file for GNU :manpage:`indent(1)`.
Remove :file:`Misc/vgrindefs` and :file:`Misc/Porting`.
The :c:data:`Py_mod_abi` slot is now mandatory for modules created from a slots array (using :c:func:`PyModule_FromSlotsAndSpec` or the :c:func:`PyModExport_* <PyModExport_modulename>` export hook).
The following macros are :term:`soft deprecated`: :c:macro:`Py_ALIGNED`, :c:macro:`PY_FORMAT_SIZE_T`, :c:macro:`Py_LL`, :c:macro:`Py_ULL`, :c:macro:`PY_LONG_LONG`, :c:macro:`PY_LLONG_MIN`, :c:macro:`PY_LLONG_MAX`, :c:macro:`PY_ULLONG_MAX`, :c:macro:`PY_INT32_T`, :c:macro:`PY_UINT32_T`, :c:macro:`PY_INT64_T`, :c:macro:`PY_UINT64_T`, :c:macro:`PY_SIZE_MAX`, :c:macro:`Py_UNICODE_SIZE`, :c:macro:`Py_VA_COPY`.
The macro :c:macro:`Py_UNICODE_WIDE`, which was scheduled for removal, is :term:`soft deprecated` instead.
:c:func:`PyUnicodeWriter_WriteUCS4` now accepts a pointer to a constant
buffer of Py_UCS4.
:c:func:`PyUnicodeWriter_WriteRepr` now supports NULL argument.
Use GCC dialect alternatives for inline assembly in object.h so that the
Python headers compile correctly with -masm=intel.