Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump pyo3 from 0.16.5 to 0.17.0 #273

Merged
merged 1 commit into from
Aug 25, 2022
Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 24, 2022

Bumps pyo3 from 0.16.5 to 0.17.0.

Release notes

Sourced from pyo3's releases.

PyO3 0.17.0

This release contains a focus on quality improvements over the PyO3 0.16 releases.

There have been new API types added such as PyDictKeys, PyDictValues, PyDictItems, PyCode, PyFrame, and PySuper. The PyMapping and PySequence types have changed so they are more directly compatible with the corresponding Python Mapping and Sequence base classes in the collections.abc module (this is a breaking change).

A new #[pyclass(frozen)] option has been added to opt-out of runtime borrow checking by removing the ability to access &mut self for objects owned by Python.

There have been a number of soundness fixes, both to the PyCapsule type (see the CHANGELOG for more details) and to a number of FFI bindings which had fallen out of sync with newer Python and PyPy releases.

There have been numerous other smaller improvements, changes and fixes. For full details see the CHANGELOG.

Please consult the migration guide for help upgrading.

Thank you to everyone who contributed code, documentation, design ideas, bug reports, and feedback. The following users' commits are included in this release:

@​acshi @​aganders3 @​alex @​birkenfeld @​cjermain @​Cryptex-github @​cuishuang @​davidhewitt @​drewkett @​dswij @​herquan @​hoodmane @​ikrivosheev @​indygreg @​jeertmans @​jinlow @​jonaspleyer @​kngwyu @​mejrs @​messense @​n8henrie @​PigeonF @​PWhiddy @​ravenexp @​savente93 @​yankun1992 @​yodaldevoid

PyO3 0.16.6

This release is a tactical set of soundness fixes identified for the PyCapsule bindings released in PyO3 0.16. To avoid breaking API changes capsules created with PyCapsule::new and PyCapsule::new_with_destructor will now leak their contents (and not call the destructor) if released on a thread other than the one they were created.

PyO3 0.17 will be released shortly with breaking API changes which resolve the PyCapsule issues with better design (e.g. the destructor has a Send bound added). Users are encouraged to upgrade at their earliest convenience.

Thanks to @​saethlin for reporting the issue, and to @​adamreichold and @​davidhewitt for implementing the resolution.

Changelog

Sourced from pyo3's changelog.

[0.17.0] - 2022-08-23

Packaging

  • Update inventory dependency to 0.3 (the multiple-pymethods feature now requires Rust 1.62 for correctness). #2492

Added

  • Add timezone_utc. #1588
  • Implement ToPyObject for [T; N]. #2313
  • Add PyDictKeys, PyDictValues and PyDictItems Rust types. #2358
  • Add append_to_inittab. #2377
  • Add FFI definition PyFrame_GetCode. #2406
  • Add PyCode and PyFrame high level objects. #2408
  • Add FFI definitions Py_fstring_input, sendfunc, and _PyErr_StackItem. #2423
  • Add PyDateTime::new_with_fold, PyTime::new_with_fold, PyTime::get_fold, and PyDateTime::get_fold for PyPy. #2428
  • Accept #[pyo3(name)] on enum variants. #2457
  • Add CompareOp::matches to implement __richcmp__ as the result of a Rust std::cmp::Ordering comparison. #2460
  • Add PySuper type. #2486
  • Support PyPy on Windows with the generate-import-lib feature. #2506
  • Add FFI definitions Py_EnterRecursiveCall and Py_LeaveRecursiveCall. #2511
  • Add PyDict::get_item_with_error. #2536
  • Add #[pyclass(sequence)] option. #2567

Changed

  • Change datetime constructors taking a tzinfo to take Option<&PyTzInfo> instead of Option<&PyObject>: PyDateTime::new, PyDateTime::new_with_fold, PyTime::new, and PyTime::new_with_fold. #1588
  • Move PyTypeObject::type_object method to the PyTypeInfo trait, and deprecate the PyTypeObject trait. #2287
  • Methods of Py and PyAny now accept impl IntoPy<Py<PyString>> rather than just &str to allow use of the intern! macro. #2312
  • Change the deprecated pyproto feature to be opt-in instead of opt-out. #2322
  • Emit better error messages when #[pyfunction] return types do not implement IntoPy. #2326
  • Require T: IntoPy for impl<T, const N: usize> IntoPy<PyObject> for [T; N] instead of T: ToPyObject. #2326
  • Deprecate the ToBorrowedObject trait. #2333
  • Iterators over PySet and PyDict will now panic if the underlying collection is mutated during the iteration. #2380
  • Iterators over PySet and PyDict will now panic if the underlying collection is mutated during the iteration. #2380
  • Allow #[classattr] methods to be fallible. #2385
  • Prevent multiple #[pymethods] with the same name for a single #[pyclass]. #2399
  • Fixup lib_name when using PYO3_CONFIG_FILE. #2404
  • Add a message to the ValueError raised by the #[derive(FromPyObject)] implementation for a tuple struct. #2414
  • Allow #[classattr] methods to take Python argument. #2456
  • Rework PyCapsule type to resolve soundness issues: #2485
    • PyCapsule::new and PyCapsule::new_with_destructor now take name: Option<CString> instead of &CStr.
    • The destructor F in PyCapsule::new_with_destructor must now be Send.
    • PyCapsule::get_context deprecated in favour of PyCapsule::context which doesn't take a py: Python<'_> argument.
    • PyCapsule::set_context no longer takes a py: Python<'_> argument.
    • PyCapsule::name now returns PyResult<Option<&CStr>> instead of &CStr.
  • FromPyObject::extract for Vec<T> no longer accepts Python str inputs. #2500
  • Ensure each #[pymodule] is only initialized once. #2523
  • pyo3_build_config::add_extension_module_link_args now also emits linker arguments for wasm32-unknown-emscripten. #2538
  • Type checks for PySequence and PyMapping now require inputs to inherit from (or register with) collections.abc.Sequence and collections.abc.Mapping respectively. #2477

... (truncated)

Commits
  • 04c1ac8 release: 0.17.0
  • bc03d6a Merge pull request #2580 from davidhewitt/docs-bonanza
  • f753790 guide: note existence of PyFunction::new_closure
  • 86a1116 guide: note hash can have any integer type up to 64 bits
  • c5ecf47 docs: note __richcmp__ disables default __hash__
  • f7ebda8 docs: note with_gil auto-creates thread state
  • fb05e1d guide: additional detail on how to handle foreign errors
  • 580e747 guide: use sentence case, move function signatures to own section
  • af60a35 guide: don't use ::pyo3
  • ef8ccc0 docs: demonstrate NotImplemented in __richcmp__
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Aug 24, 2022
@andfoy
Copy link
Owner

andfoy commented Aug 25, 2022

@dependabot rebase

Bumps [pyo3](https://github.com/pyo3/pyo3) from 0.16.5 to 0.17.0.
- [Release notes](https://github.com/pyo3/pyo3/releases)
- [Changelog](https://github.com/PyO3/pyo3/blob/main/CHANGELOG.md)
- [Commits](PyO3/pyo3@v0.16.5...v0.17.0)

---
updated-dependencies:
- dependency-name: pyo3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/pyo3-0.17.0 branch from 889db2b to 2e0db7f Compare August 25, 2022 00:18
@andfoy andfoy merged commit a1aa030 into main Aug 25, 2022
@dependabot dependabot bot deleted the dependabot/cargo/pyo3-0.17.0 branch August 25, 2022 00:37
@andfoy andfoy added this to the v2.0.8 milestone Sep 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant