Rust-related/RustPython
1
0
Fork 1
mirror of https://github.com/RustPython/RustPython.git synced 2026-06-02 19:39:49 +09:00
Code Issues Packages Projects Releases Wiki Activity
16,338 Commits 9 Branches 48 Tags
0.5.0
Commit Graph

764 Commits

Author SHA1 Message Date
Jeong, YunWon
39a6486a4c Release v0.5.0 2026-03-31 21:06:00 +09:00
dependabot[bot]
106f1c9f37 Bump env_logger from 0.11.9 to 0.11.10 (#7543) 
Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.11.9 to 0.11.10.
- [Release notes](https://github.com/rust-cli/env_logger/releases)
- [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-cli/env_logger/compare/v0.11.9...v0.11.10)

---
updated-dependencies:
- dependency-name: env_logger
  dependency-version: 0.11.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-31 01:29:47 +09:00
dependabot[bot]
c45f69977b Bump schannel from 0.1.28 to 0.1.29 (#7542) 
Bumps [schannel](https://github.com/steffengy/schannel-rs) from 0.1.28 to 0.1.29.
- [Release notes](https://github.com/steffengy/schannel-rs/releases)
- [Commits](https://github.com/steffengy/schannel-rs/compare/v0.1.28...v0.1.29)

---
updated-dependencies:
- dependency-name: schannel
  dependency-version: 0.1.29
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-31 01:29:35 +09:00
Jeong, YunWon
6826557884 ruff from fork (#7532) 2026-03-29 19:26:24 +09:00
Jeong, YunWon
1f6b4c6bf1 ruff 0.15.8 (#7531) 2026-03-29 15:21:09 +09:00
dependabot[bot]
1a9b10ece5 Bump winresource from 0.1.30 to 0.1.31 (#7522) 
Bumps [winresource](https://github.com/BenjaminRi/winresource) from 0.1.30 to 0.1.31.
- [Commits](https://github.com/BenjaminRi/winresource/commits)

---
updated-dependencies:
- dependency-name: winresource
  dependency-version: 0.1.31
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-28 14:47:55 +09:00
dependabot[bot]
dd632363c8 Bump the wasmtime group with 3 updates (#7521) 
Bumps the wasmtime group with 3 updates: [cranelift](https://github.com/bytecodealliance/wasmtime), [cranelift-jit](https://github.com/bytecodealliance/wasmtime) and [cranelift-module](https://github.com/bytecodealliance/wasmtime).


Updates `cranelift` from 0.129.1 to 0.130.0
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/commits)

Updates `cranelift-jit` from 0.129.1 to 0.130.0
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/commits)

Updates `cranelift-module` from 0.129.1 to 0.130.0
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/commits)

---
updated-dependencies:
- dependency-name: cranelift
  dependency-version: 0.130.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: wasmtime
- dependency-name: cranelift-jit
  dependency-version: 0.130.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: wasmtime
- dependency-name: cranelift-module
  dependency-version: 0.130.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: wasmtime
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-28 14:47:42 +09:00
dependabot[bot]
f42ffd61a1 Bump strum from 0.27.2 to 0.28.0 (#7510) 
Bumps [strum](https://github.com/Peternator7/strum) from 0.27.2 to 0.28.0.
- [Release notes](https://github.com/Peternator7/strum/releases)
- [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Peternator7/strum/compare/v0.27.2...v0.28.0)

---
updated-dependencies:
- dependency-name: strum
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-27 11:27:19 +09:00
dependabot[bot]
3f92c3ad1c Bump aws-lc-rs from 1.16.0 to 1.16.2 (#7509) 
Bumps [aws-lc-rs](https://github.com/aws/aws-lc-rs) from 1.16.0 to 1.16.2.
- [Release notes](https://github.com/aws/aws-lc-rs/releases)
- [Commits](https://github.com/aws/aws-lc-rs/compare/v1.16.0...v1.16.2)

---
updated-dependencies:
- dependency-name: aws-lc-rs
  dependency-version: 1.16.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-27 10:55:12 +09:00
dependabot[bot]
82432be962 Bump lz4_flex from 0.12.1 to 0.13.0 (#7497) 
Bumps [lz4_flex](https://github.com/pseitz/lz4_flex) from 0.12.1 to 0.13.0.
- [Release notes](https://github.com/pseitz/lz4_flex/releases)
- [Changelog](https://github.com/PSeitz/lz4_flex/blob/main/CHANGELOG.md)
- [Commits](https://github.com/pseitz/lz4_flex/compare/0.12.1...0.13.0)

---
updated-dependencies:
- dependency-name: lz4_flex
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 17:51:11 +09:00
dependabot[bot]
dc95db7ae3 Bump libsqlite3-sys from 0.36.0 to 0.37.0 (#7485) 
Bumps [libsqlite3-sys](https://github.com/rusqlite/rusqlite) from 0.36.0 to 0.37.0.
- [Release notes](https://github.com/rusqlite/rusqlite/releases)
- [Changelog](https://github.com/rusqlite/rusqlite/blob/master/Changelog.md)
- [Commits](https://github.com/rusqlite/rusqlite/compare/v0.36.0...v0.37.0)

---
updated-dependencies:
- dependency-name: libsqlite3-sys
  dependency-version: 0.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 12:52:02 +09:00
dependabot[bot]
dfcb07cd93 Bump rustls-webpki from 0.103.9 to 0.103.10 (#7479) 
Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.103.9 to 0.103.10.
- [Release notes](https://github.com/rustls/webpki/releases)
- [Commits](https://github.com/rustls/webpki/compare/v/0.103.9...v/0.103.10)

---
updated-dependencies:
- dependency-name: rustls-webpki
  dependency-version: 0.103.10
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-21 22:49:25 +09:00
dependabot[bot]
4abe4c5bf0 Bump aws-lc-fips-sys from 0.13.12 to 0.13.13 (#7478) 
Bumps [aws-lc-fips-sys](https://github.com/aws/aws-lc-rs) from 0.13.12 to 0.13.13.
- [Release notes](https://github.com/aws/aws-lc-rs/releases)
- [Commits](https://github.com/aws/aws-lc-rs/compare/aws-lc-fips-sys/v0.13.12...aws-lc-fips-sys/v0.13.13)

---
updated-dependencies:
- dependency-name: aws-lc-fips-sys
  dependency-version: 0.13.13
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-21 09:46:15 +09:00
dependabot[bot]
5b6a479a1d Bump lexopt from 0.3.1 to 0.3.2 (#7470) 
Bumps [lexopt](https://github.com/blyxxyz/lexopt) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/blyxxyz/lexopt/releases)
- [Changelog](https://github.com/blyxxyz/lexopt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/blyxxyz/lexopt/compare/v0.3.1...v0.3.2)

---
updated-dependencies:
- dependency-name: lexopt
  dependency-version: 0.3.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 22:49:41 +09:00
dependabot[bot]
247044a805 Bump which from 8.0.0 to 8.0.2 (#7469) 
Bumps [which](https://github.com/harryfei/which-rs) from 8.0.0 to 8.0.2.
- [Release notes](https://github.com/harryfei/which-rs/releases)
- [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/harryfei/which-rs/compare/8.0.0...8.0.2)

---
updated-dependencies:
- dependency-name: which
  dependency-version: 8.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 12:43:07 +09:00
Shahar Naveh
68cf736a9f Add cargo shear CI step (#7461) 
* Add `cargo shear` CI step

* Remove some deps

* Move `ruff_python_parser` to dev deps

* Remove `thread_local` crate

* Cleanup `num-integer` usage

* Remove parser fro. wasm

* Remove windows-sys from venv launcher

* Update lock

* Resolve more

* Fix wasm

* Update lock
 2026-03-20 12:42:51 +09:00
dependabot[bot]
2a61237341 Bump lz4_flex from 0.12.0 to 0.12.1 (#7449) 
Bumps [lz4_flex](https://github.com/pseitz/lz4_flex) from 0.12.0 to 0.12.1.
- [Release notes](https://github.com/pseitz/lz4_flex/releases)
- [Changelog](https://github.com/PSeitz/lz4_flex/blob/main/CHANGELOG.md)
- [Commits](https://github.com/pseitz/lz4_flex/compare/0.12.0...0.12.1)

---
updated-dependencies:
- dependency-name: lz4_flex
  dependency-version: 0.12.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-17 12:57:31 +09:00
dependabot[bot]
87f5c7dd29 Bump rustix from 1.1.3 to 1.1.4 (#7444) 
Bumps [rustix](https://github.com/bytecodealliance/rustix) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/bytecodealliance/rustix/releases)
- [Changelog](https://github.com/bytecodealliance/rustix/blob/main/CHANGES.md)
- [Commits](https://github.com/bytecodealliance/rustix/compare/v1.1.3...v1.1.4)

---
updated-dependencies:
- dependency-name: rustix
  dependency-version: 1.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-17 12:57:23 +09:00
dependabot[bot]
cda9f8247f Bump num_enum from 0.7.5 to 0.7.6 in the num_enum group (#7443) 
Bumps the num_enum group with 1 update: [num_enum](https://github.com/illicitonion/num_enum).


Updates `num_enum` from 0.7.5 to 0.7.6
- [Commits](https://github.com/illicitonion/num_enum/compare/0.7.5...0.7.6)

---
updated-dependencies:
- dependency-name: num_enum
  dependency-version: 0.7.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: num_enum
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-17 12:57:14 +09:00
dependabot[bot]
b2b337588d Bump strum_macros from 0.27.2 to 0.28.0 (#7445) 
Bumps [strum_macros](https://github.com/Peternator7/strum) from 0.27.2 to 0.28.0.
- [Release notes](https://github.com/Peternator7/strum/releases)
- [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Peternator7/strum/compare/v0.27.2...v0.28.0)

---
updated-dependencies:
- dependency-name: strum_macros
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-17 12:24:29 +09:00
Jeong, YunWon
03b7c4ebb8 Mark RustPython 0.5.0 2026-03-16 11:32:27 +09:00
Shahar Naveh
0c14ad195e Update ruff to 0.15.6 (#7427) 
* Update ruff to `0.15.6`

* Unmark passing tests
 2026-03-14 20:22:42 +09:00
Jeong, YunWon
40fc7c210d Upgrade pymath to 0.2.0 (#7429) 2026-03-14 20:13:30 +09:00
Jeong, YunWon
be6025ab03 Adapt bitflagset to use enum (#7419) 2026-03-14 09:44:02 +09:00
dependabot[bot]
83e3785a1c Bump memmap2 from 0.9.9 to 0.9.10 (#7415) 
Bumps [memmap2](https://github.com/RazrFalcon/memmap2-rs) from 0.9.9 to 0.9.10.
- [Changelog](https://github.com/RazrFalcon/memmap2-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/RazrFalcon/memmap2-rs/compare/v0.9.9...v0.9.10)

---
updated-dependencies:
- dependency-name: memmap2
  dependency-version: 0.9.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-13 10:19:04 +09:00
dependabot[bot]
f4eaee1a62 Bump quote from 1.0.44 to 1.0.45 (#7414) 
Bumps [quote](https://github.com/dtolnay/quote) from 1.0.44 to 1.0.45.
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](https://github.com/dtolnay/quote/compare/1.0.44...1.0.45)

---
updated-dependencies:
- dependency-name: quote
  dependency-version: 1.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-13 08:53:48 +09:00
dependabot[bot]
021286e9ab Bump the openssl group with 2 updates (#7413) 
Bumps the openssl group with 2 updates: [openssl](https://github.com/rust-openssl/rust-openssl) and [openssl-sys](https://github.com/rust-openssl/rust-openssl).


Updates `openssl` from 0.10.75 to 0.10.76
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](https://github.com/rust-openssl/rust-openssl/compare/openssl-v0.10.75...openssl-v0.10.76)

Updates `openssl-sys` from 0.9.111 to 0.9.112
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](https://github.com/rust-openssl/rust-openssl/compare/openssl-sys-v0.9.111...openssl-sys-v0.9.112)

---
updated-dependencies:
- dependency-name: openssl
  dependency-version: 0.10.76
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: openssl
- dependency-name: openssl-sys
  dependency-version: 0.9.112
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: openssl
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-13 08:53:28 +09:00
Shahar Naveh
b58a910026 Upgrade libc to 0.2.183 (#7406) 2026-03-13 01:21:18 +09:00
dependabot[bot]
3f20619ee0 Bump socket2 from 0.6.2 to 0.6.3 (#7373) 
Bumps [socket2](https://github.com/rust-lang/socket2) from 0.6.2 to 0.6.3.
- [Release notes](https://github.com/rust-lang/socket2/releases)
- [Changelog](https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/socket2/compare/v0.6.2...v0.6.3)

---
updated-dependencies:
- dependency-name: socket2
  dependency-version: 0.6.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-12 11:00:24 +09:00
Jeong, YunWon
0355885651 Fix parking lot hash table after fork (#6963) 
* Use patched parking_lot_core with fork-safe HASHTABLE reset

parking_lot_core's global HASHTABLE retains stale ThreadData after
fork(), causing segfaults when contended locks enter park(). Use the
patched version from youknowone/parking_lot (rustpython branch) which
registers a pthread_atfork handler to reset the hash table.

Unskip test_asyncio TestFork. Add Manager+fork integration test.

* Unskip fork-related flaky tests after parking_lot fix

With parking_lot_core's HASHTABLE now properly reset via
pthread_atfork, fork-related segfaults and connection errors
in multiprocessing tests should be resolved.

Remove skip/expectedFailure markers from:
- test_concurrent_futures/test_wait.py (6 tests)
- test_concurrent_futures/test_process_pool.py (1 test)
- test_multiprocessing_fork/test_manager.py (all WithManagerTest*)
- test_multiprocessing_fork/test_misc.py (5 tests)
- test_multiprocessing_fork/test_threads.py (2 tests)
- _test_multiprocessing.py (2 shared_memory tests)

Keep test_repr_rlock skipped (flaky thread start latency,
not fork-related).
 2026-03-10 12:57:29 +09:00
Jeong, YunWon
e645761142 Implement _tokenize and update tokenize from v3.14.3 (#7392) 
* Base implementation of _tokenize module

Port from PR #6240 by ShaharNaveh, adapted to current codebase.
Uses ruff_python_parser for tokenization via TokenizerIter.

* Update tokenize from v3.14.3

* Rewrite _tokenize with 2-phase model

Replace per-line reparsing with single-pass tokenization:
- Read all lines via readline, parse once, yield tokens
- Fix token type values (COMMENT=65, NL=66, OP=55)
- Fix NEWLINE/NL end positions and implicit newline handling
- Fix DEDENT positions via look-ahead to next non-DEDENT token
- Handle FSTRING_MIDDLE brace unescaping ({{ → {, }} → })
- Emit implicit NL before ENDMARKER when source lacks trailing newline
- Raise IndentationError from lexer errors
- Remove 13 expectedFailure marks for now-passing tests

---------

Co-authored-by: ShaharNaveh <shaharnaveh@users.noreply.github.com>
Co-authored-by: CPython Developers <>
 2026-03-10 12:27:09 +09:00
dependabot[bot]
ae8d8c7926 Bump insta from 1.46.1 to 1.46.3 (#7394) 
Bumps [insta](https://github.com/mitsuhiko/insta) from 1.46.1 to 1.46.3.
- [Release notes](https://github.com/mitsuhiko/insta/releases)
- [Changelog](https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitsuhiko/insta/compare/1.46.1...1.46.3)

---
updated-dependencies:
- dependency-name: insta
  dependency-version: 1.46.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-10 11:50:31 +09:00
ShaharNaveh
5c5aff8fd9 Base implementation of _tokenize module 
Port from PR #6240 by ShaharNaveh, adapted to current codebase.
Uses ruff_python_parser for tokenization via TokenizerIter.
 2026-03-10 11:28:16 +09:00
dependabot[bot]
5b0fb03fc4 Bump syn from 2.0.114 to 2.0.117 (#7393) 
Bumps [syn](https://github.com/dtolnay/syn) from 2.0.114 to 2.0.117.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.114...2.0.117)

---
updated-dependencies:
- dependency-name: syn
  dependency-version: 2.0.117
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-10 10:24:58 +09:00
Shahar Naveh
fbab8fc5be Update ruff to 0.15.5 (#7366) 2026-03-08 10:36:27 +09:00
dependabot[bot]
abfb51efc9 Bump uuid from 1.21.0 to 1.22.0 (#7372) 
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.21.0 to 1.22.0.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/v1.21.0...v1.22.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 20:30:52 +09:00
dependabot[bot]
89889acc08 Bump rustls from 0.23.36 to 0.23.37 (#7374) 
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.36 to 0.23.37.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.36...v/0.23.37)

---
updated-dependencies:
- dependency-name: rustls
  dependency-version: 0.23.37
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 20:29:23 +09:00
dependabot[bot]
9ba155418b Bump aws-lc-fips-sys from 0.13.11 to 0.13.12 (#7338) 
Bumps [aws-lc-fips-sys](https://github.com/aws/aws-lc-rs) from 0.13.11 to 0.13.12.
- [Release notes](https://github.com/aws/aws-lc-rs/releases)
- [Commits](https://github.com/aws/aws-lc-rs/commits/aws-lc-fips-sys/v0.13.12)

---
updated-dependencies:
- dependency-name: aws-lc-fips-sys
  dependency-version: 0.13.12
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-06 00:02:14 +09:00
Shahar Naveh
798f9e80cd Update libc to 0.2.182 (#7247) 
* Update to libc 0.2.182, refactor update script

* Fix typing
 2026-03-04 19:57:53 +09:00
dependabot[bot]
58a0f74c76 Bump aws-lc-rs from 1.15.4 to 1.16.0 (#7298) 
Bumps [aws-lc-rs](https://github.com/aws/aws-lc-rs) from 1.15.4 to 1.16.0.
- [Release notes](https://github.com/aws/aws-lc-rs/releases)
- [Commits](https://github.com/aws/aws-lc-rs/compare/v1.15.4...v1.16.0)

---
updated-dependencies:
- dependency-name: aws-lc-rs
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-01 23:27:40 +09:00
Jiseok CHOI
be29462087 Fix _hashlib.compare_digest to reject non-ASCII strings (#7280) 
Add non-ASCII string check to _hashlib.compare_digest, matching the
behavior of _operator._compare_digest. When both arguments are strings,
non-ASCII characters now correctly raise TypeError.

Also replace the non-constant-time == comparison with constant_time_eq
for proper timing-attack resistance, and return PyResult<bool> instead
of PyResult<PyObjectRef>.
 2026-03-01 10:51:39 +09:00
dependabot[bot]
a4a9b29687 Bump env_logger from 0.11.8 to 0.11.9 (#7267) 
Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.11.8 to 0.11.9.
- [Release notes](https://github.com/rust-cli/env_logger/releases)
- [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-cli/env_logger/compare/v0.11.8...v0.11.9)

---
updated-dependencies:
- dependency-name: env_logger
  dependency-version: 0.11.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-01 00:36:06 +09:00
dependabot[bot]
cc5f9edd43 Bump junction from 1.4.1 to 1.4.2 (#7266) 
Bumps [junction](https://github.com/tesuji/junction) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/tesuji/junction/releases)
- [Changelog](https://github.com/tesuji/junction/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tesuji/junction/compare/v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: junction
  dependency-version: 1.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-01 00:35:48 +09:00
dependabot[bot]
cdc7842bc4 Bump uuid from 1.20.0 to 1.21.0 (#7258) 
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/v1.20.0...v1.21.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-28 22:07:49 +09:00
dependabot[bot]
5c726e1c55 Bump chrono from 0.4.43 to 0.4.44 (#7256) 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.43 to 0.4.44.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.43...v0.4.44)

---
updated-dependencies:
- dependency-name: chrono
  dependency-version: 0.4.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-28 03:34:08 +00:00
dependabot[bot]
32684f9d45 Bump the cranelift group with 3 updates (#7252) 
Bumps the cranelift group with 3 updates: [cranelift](https://github.com/bytecodealliance/wasmtime), [cranelift-jit](https://github.com/bytecodealliance/wasmtime) and [cranelift-module](https://github.com/bytecodealliance/wasmtime).


Updates `cranelift` from 0.128.3 to 0.129.1
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/commits)

Updates `cranelift-jit` from 0.128.3 to 0.129.1
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/commits)

Updates `cranelift-module` from 0.128.3 to 0.129.1
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/RELEASES.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/commits)

---
updated-dependencies:
- dependency-name: cranelift
  dependency-version: 0.129.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cranelift
- dependency-name: cranelift-jit
  dependency-version: 0.129.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cranelift
- dependency-name: cranelift-module
  dependency-version: 0.129.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cranelift
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-28 03:27:28 +00:00
Shahar Naveh
2447d99b12 Specify minor version for pyo3 (#7248) 
* Specify minor version for pyo3

* Auto-format: ruff format

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-02-28 10:34:04 +09:00
Shahar Naveh
4f577e5f99 Update ruff to 0.15.4 (#7246) 
* Update ruff to 0.15.4

* Unmark passing test
 2026-02-27 22:59:41 +09:00
Jeong, YunWon
36cffabeda xz2->liblzma and remove liblzma-sys 2026-02-27 17:39:12 +09:00
dependabot[bot]
9611b88788 Bump keccak from 0.1.5 to 0.1.6 (#7192) 
Bumps [keccak](https://github.com/RustCrypto/sponges) from 0.1.5 to 0.1.6.
- [Commits](https://github.com/RustCrypto/sponges/compare/keccak-v0.1.5...keccak-v0.1.6)

---
updated-dependencies:
- dependency-name: keccak
  dependency-version: 0.1.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 23:14:21 +09:00