Python 3.12 update.

.github/workflows/bare.yaml

@@ -94,7 +94,10 @@ jobs:
       run: |
         sudo mv -v /usr/local/bin/git{,.saved}
         sudo chmod -v a-r /usr/local/include/libintl.h
+        sudo chmod -v a-r /usr/local/include/gdbm.h
         sudo chmod -v a-r /usr/local/opt/gettext/lib/libintl.*
+        sudo chmod -v a-r /usr/local/opt/gdbm/lib/libgdbm*
+        sudo chmod -v a-r /usr/local/opt/mpdecimal/lib/libmpdec*
 
     - name: Build Pythia
       timeout-minutes: 30
@@ -103,8 +106,11 @@ jobs:
     # Fix back Homebrew, for working Shellcheck tests and tmate debugging.
     - name: Unhack Homebrew
       run: |
-        sudo chmod -v a+r /usr/local/opt/gettext/lib/libintl*
         sudo chmod -v a+r /usr/local/include/libintl.h
+        sudo chmod -v a-r /usr/local/include/gdbm.h
+        sudo chmod -v a+r /usr/local/opt/gettext/lib/libintl*
+        sudo chmod -v a+r /usr/local/opt/gdbm/lib/libgdbm*
+        sudo chmod -v a+r /usr/local/opt/mpdecimal/lib/libmpdec*
         sudo mv -v /usr/local/bin/git{.saved,}
 
     - name: Test Pythia

.github/workflows/docker.yaml

@@ -45,6 +45,10 @@ jobs:
       run: |
         yum -y upgrade
         yum -y install git-core gcc make m4 patch tar unzip perl perl-Test-Simple perl-IPC-Cmd xz gcc-c++ dejagnu
+        # To avoid linking against libdb and gdmb libraries on Amazon Linux 2.
+        # Can't simply uninstall libdb-devel and gdmb-devel, they are required by perl-IPC-Cmd.
+        rm -v /usr/include/libdb/db.h
+        rm -v /usr/include/gdbm.h
 
     - name: Ubuntu setup
       if: startsWith(matrix.container, 'ubuntu')

build.conf

@@ -10,7 +10,7 @@ DIST_DIR="dist"
 PYTHIA_BUILD_TESTS="${PYTHIA_BUILD_TESTS:-1}"
 
 # Python and lib versions.
-PYTHON_BUILD_VERSION="3.11.9"
+PYTHON_BUILD_VERSION="3.13.0b4"
 LIBFFI_VERSION="3.4.6"
 ZLIB_VERSION="1.3.1"
 BZIP2_VERSION="1.0.8"
@@ -36,18 +36,15 @@ SQLITE_VERSION="3460000"
 BOOTSTRAP_GET_PIP="https://bootstrap.pypa.io/get-pip.py"
 
 # Python modules installed after bootstraping pip.
-PIP_VERSION="24.0"
-SETUPTOOLS_VERSION="70.0.0"
+PIP_VERSION="24.1.2"
+SETUPTOOLS_VERSION="71.0.3"
 # pycparser is explicitly installed to work around setuptools auto dependencies.
 PYCPARSER_VERSION="2.22"
 
 # Python modules that have to be built and/or installed in Pythia.
-PSUTIL_VERSION="5.9.8"
+PSUTIL_VERSION="6.0.0"
 PYWIN32_VERSION="306"
 
-# Pin safety to keep the deps of the test environment under control.
-SAFETY_VERSION="3.2.0"
-
 # Global flags for building required libs.
 BUILD_LIBFFI="no"
 BUILD_ZLIB="no"
@@ -72,7 +69,3 @@ PIP_ARGS=(\
     --index-url="$PIP_INDEX_URL" \
     --no-warn-script-location \
     )
-# Array of safety IDs to ignore.
-# 67599: pip 24.0, https://data.safetycli.com/v/67599/f17/ (disputed).
-# 70612: jinja2 3.1.4, https://data.safetycli.com/v/70612/97c (disputed).
-SAFETY_IGNORED_IDS=(67599 70612)

build.sh

@@ -210,9 +210,12 @@ command_install_python_modules() {
         execute "$PYTHON_BIN" -m pip install "${PIP_ARGS[@]}" "$library"
     done
 
-    # When done, uninstall wheel.
+    echo "# Uninstalling wheel... #"
     execute "$PYTHON_BIN" -m pip uninstall --yes wheel
 
+    echo "# Regenerating requirements.txt file... #"
+    execute "$PYTHON_BIN" -m pip freeze > requirements.txt
+
     echo "::endgroup::"
 }
 
@@ -222,8 +225,6 @@ help_text_test="Run own tests for the newly-build Python distribution."
 command_test() {
     local test_file="test_python_binary_dist.py"
     local python_binary="$PYTHON_BIN"
-    local safety_id_to_ignore
-    declare -a safety_ignore_opts
 
     echo "::group::Chevah tests"
     if [ ! -d "$BUILD_DIR" ]; then
@@ -240,25 +241,12 @@ command_test() {
     execute cp src/chevah-python-tests/get_binaries_deps.sh "$BUILD_DIR"
     execute pushd "$BUILD_DIR"
     execute "$python_binary" "$test_file"
+    execute popd
     echo "::endgroup::"
 
     echo "::group::Security tests"
-    echo "## Testing for outdated packages and security issues... ##"
+    echo "## Testing for outdated packages... ##"
     execute "$python_binary" -m pip list --outdated --format=columns
-    execute "$python_binary" -m pip install "${PIP_ARGS[@]}" \
-        safety=="$SAFETY_VERSION"
-
-    if (( ${#SAFETY_IGNORED_IDS[@]} != 0 )); then
-        (>&2 echo "Following Safety DB IDs are excepted from checks:")
-        (>&2 echo -e "\t${SAFETY_IGNORED_IDS[*]}")
-        for safety_id_to_ignore in "${SAFETY_IGNORED_IDS[@]}"; do
-            safety_ignore_opts+=("-i $safety_id_to_ignore")
-        done
-    fi
-
-    execute "$python_binary" -m safety check --full-report \
-        "${safety_ignore_opts[@]}"
-    execute popd
     echo "::endgroup::"
 
     echo "::group::Shell tests"

pkg_checks.sh

@@ -33,7 +33,7 @@ PACKAGES="$CC make m4 git patch curl sha512sum tar unzip"
 # This is defined as an array of commands and opts, to allow it to be quoted.
 CHECK_CMD=(command -v)
 
-# $CHECK_CMD should exit with 0 only when checked packages is installed.
+# $CHECK_CMD should exit with 0 only when checked package is installed.
 case "$OS" in
     windows)
         # Nothing to actually build on Windows.
@@ -74,7 +74,7 @@ esac
 # External checks with various exit codes are checked below.
 set +o errexit
 
-# If $CHECK_CMD is still (command -v), it's only a check for needed commands.
+# If $CHECK_CMD is still "(command -v)", it's only a check for needed commands.
 if [ -n "$PACKAGES" ]; then
     for package in $PACKAGES ; do
         echo "Checking if $package is available..."

pythia.conf

@@ -1,4 +1,4 @@
-PYTHON_CONFIGURATION="default@3.11.3.f9d9434"
+PYTHON_CONFIGURATION="default@3.13.deadbeef"
 # This is defined as a Bash array of options to be passed to commands.
 BASE_REQUIREMENTS=("chevah-brink==1.0.13" "paver==1.3.4")
 # Use our production server instead of the GitHub releases set by default.

requirements.txt

@@ -0,0 +1,3 @@
+psutil==6.0.0
+pycparser==2.22
+setuptools==71.0.3

src/Python-Windows/chevahbs

@@ -20,7 +20,11 @@ INSTALL_DIR="$3"/lib
 # Construct the relevant download link for the Windows version.
 EXT="amd64.zip"
 ARCHIVE="python-$VER.$EXT"
-LINK="https://www.python.org/ftp/python/$VER/python-$VER-embed-$EXT"
+
+# For beta versions, remove everything after the b for the dir name.
+DIR=${VER%b*}
+
+LINK="https://www.python.org/ftp/python/$DIR/python-$VER-embed-$EXT"
 
 # Download without unpacking (amd64.zip extension is treated specially).
 download_sources "$NAME" "$VER" "$LINK" "$EXT"
@@ -30,5 +34,5 @@ echo "## Extracting ZIP archive to $INSTALL_DIR... ##"
 execute unzip -q "$ARCHIVE" -d "$INSTALL_DIR"
 
 echo "## Adding site-packages to python*._pth file... ##"
-echo "import site" >> "$INSTALL_DIR"/python311._pth
-echo "site.main()" >> "$INSTALL_DIR"/python311._pth
+echo "import site" >> "$INSTALL_DIR"/python313._pth
+echo "site.main()" >> "$INSTALL_DIR"/python313._pth

src/Python-Windows/sha512.sum

@@ -1 +1 @@
-24106fc0e2a798c34840222083f2643c95a0e14c1eb8bb5489dfbcc3eb56d631cc0649c406d75eae173e2d03cd1cf88d246e5903abf62d414fab88e94afa176e  python-3.11.9.amd64.zip
+26f41b11034323f072ae0e0ada544935b266d0767b264c2fac9917bec82337bdc2571d76acce19160275d6411f65e9ad2a4449545e1e70f4e6124d1aba443bde  python-3.13.0b4-amd64.zip

src/Python/chevahbs

@@ -15,17 +15,18 @@ chevahbs_getsources() {
     local name="$1"
     local ver="$2"
     local ext="tgz"
-    local link=https://www.python.org/ftp/python/"$ver"/"$name"-"$ver"."$ext"
+    local dir
+    local link
+
+    # For beta versions, remove everything after the b for the dir name.
+    dir=${ver%b*}
+    link=https://www.python.org/ftp/python/"$dir"/"$name"-"$ver"."$ext"
 
     download_sources "$name" "$ver" "$link" "$ext"
 }
 
 
 chevahbs_patch() {
-    # Our own patch to avoid compiling certain modules.
-    echo "# Applying disabled_modules.patch... #"
-    execute patch < disabled_modules.patch
-
     if [ "$BUILD_LIBEDIT" = "yes" ]; then
         # Adapted from https://bugs.python.org/issue13501.
         echo "# Applying readline_libedit.patch... #"

src/Python/sha512.sum

@@ -1 +1 @@
-33651f373fcc6da9aac895da25300de0f807e3643daff99e8c81e6205d75c67a060d7fd7bbee5ce8b5e142aa2f407284d90b182b5fffd9befc54e6b55b7c08f7  Python-3.11.9.tgz
+0c5a33fed810fbaa2a0ca2a9a817aaca0d2b1aec394f6366f7705903cd344463ebe056d3fabf31197d1ae0578ec1108fb7a317d8a2c1e3e244823fe95e56bbba  Python-3.13.0b4.tgz

src/chevah-python-tests/test_python_binary_dist.py

@@ -139,9 +139,11 @@ def get_allowed_deps():
             '/System/Library/Frameworks/Security.framework/Versions/A/Security',
             '/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration',
             '/usr/lib/libbz2.1.0.dylib',
+            '/usr/lib/libedit.3.dylib',
             '/usr/lib/libffi.dylib',
             '/usr/lib/libiconv.2.dylib',
             '/usr/lib/libncurses.5.4.dylib',
+            '/usr/lib/libpanel.5.4.dylib',
             '/usr/lib/libresolv.9.dylib',
             '/usr/lib/libSystem.B.dylib',
             '/usr/lib/libz.1.dylib',
@@ -461,13 +463,6 @@ def main():
 
     else:
         # Linux / Unix stuff.
-        try:
-            import crypt
-            crypt
-        except:
-            sys.stderr.write('"crypt" is missing.\n')
-            exit_code = 155
-
         # Check for the git revision in Python's sys.version on Linux and Unix.
         try:
             git_rev_cmd = ['git', 'log', '-1', '--no-merges', '--format=%h']
@@ -483,16 +478,6 @@ def main():
                                  "\tGit rev: {0}".format(git_rev) + "\n")
                 exit_code = 158
 
-    if platform_system in [ 'linux', 'sunos' ]:
-        try:
-            import spwd
-            spwd
-        except:
-            sys.stderr.write('"spwd" is missing, but it should be present.\n')
-            exit_code = 161
-        else:
-            print('"spwd" module is present.')
-
     # The readline module is built using libedit only on selected platforms.
     if BUILD_LIBEDIT:
         try: