linux/poky.git - Mirror of git.yoctoproject.org/poky

	Commit message (Collapse)	Author	Age	Files	Lines
*	python3: Upgrade 3.13.5 -> 3.13.6	Peter Marko	2025-08-11	1	-11/+15
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Changelog: https://docs.python.org/3/whatsnew/changelog.html#python-3-13-6-final Handles CVE-2025-8194 and 4 other vulnerabilities without CVE numbers. Refresh patches via devtool. (From OE-Core rev: 55b31ad3cf221dc07ef0ef1bc50c02f7c2e628ef) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
*	python3: backport the full fix for importlib scanning invalid distributions	Ross Burton	2025-05-01	1	-0/+160
	Even with our fixes in deterministic_imports.patch the importlib.metadata package scan was still returning Distribution objects for empty directories. This interacts badly with rebuilds when recipes are changing as when a recipe is removed from the sysroot directories are not removed[1]. In particular this breaks python3-meson-python-native rebuilds when Meson upgrades from 1.7 to 1.8: the site-packages directory has an empty meson-1.7.dist-info/ and populated meson-1.8.dist-info/. Whilst it's deterministic to return the empty 1.7 first, this breaks pypa/build as it looks through the distributions in order. We had discussed this with upstream previously and there's a more comprehensive fix upstream (actually in importlib_metadata, not cpython) which ensures that valid distribution objects are listed first. So we can drop our patch and replace it with a backport to fix these rebuilds. [1] oe-core 4f94d929639 ("sstate/staging: Handle directory creation race issue") (From OE-Core rev: 73de8daa6293403f5b92d313af32882c47bce396) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>