Merge branch 'upstream' into dev-auto-select

Author: znsoooo

.github/CODEOWNERS

@@ -63,9 +63,10 @@
 .azure-pipelines/             @AA-Turner
 
 # GitHub & related scripts
-.github/                               @ezio-melotti @hugovk @AA-Turner @webknjaz
-Tools/build/compute-changes.py         @AA-Turner @hugovk @webknjaz
-Tools/build/verify_ensurepip_wheels.py @AA-Turner @pfmoore @pradyunsg
+.github/                                    @ezio-melotti @hugovk @AA-Turner @webknjaz
+Tools/build/compute-changes.py              @AA-Turner @hugovk @webknjaz
+Lib/test/test_tools/test_compute_changes.py @AA-Turner @hugovk @webknjaz
+Tools/build/verify_ensurepip_wheels.py      @AA-Turner @pfmoore @pradyunsg
 
 # Pre-commit
 .pre-commit-config.yaml       @hugovk
@@ -110,6 +111,7 @@ Doc/tools/                    @AA-Turner @hugovk
 .readthedocs.yml              @AA-Turner
 
 # Sections
+Doc/c-api/                    @ZeroIntensity
 Doc/reference/                @willingc @AA-Turner
 Doc/whatsnew/                 @AA-Turner
 
@@ -287,11 +289,17 @@ Programs/_bootstrap_python.c  @ericsnowcurrently
 Programs/python.c             @ericsnowcurrently
 
 # JIT
+.github/workflows/jit.yml     @savannahostrowski
 Include/internal/pycore_jit.h @brandtbucher @savannahostrowski @diegorusso
 Python/jit.c                  @brandtbucher @savannahostrowski @diegorusso
 Tools/jit/                    @brandtbucher @savannahostrowski @diegorusso
 InternalDocs/jit.md           @brandtbucher @savannahostrowski @diegorusso @AA-Turner
 
+# Lazy imports (PEP 810)
+Objects/lazyimportobject.c                  @yhg1s @DinoV @pablogsal
+Include/internal/pycore_lazyimportobject.h  @yhg1s @DinoV @pablogsal
+Lib/test/test_lazy_import                   @yhg1s @DinoV @pablogsal
+
 # Micro-op / μop / Tier 2 Optimiser
 Python/optimizer.c            @markshannon @Fidget-Spinner
 Python/optimizer_analysis.c   @markshannon @tomasr8 @Fidget-Spinner @savannahostrowski
@@ -417,18 +425,19 @@ Lib/dataclasses.py            @ericvsmith
 Lib/test/test_dataclasses/    @ericvsmith
 
 # Dates and times
-Doc/**/*time.rst                 @pganssle @abalkin
-Doc/library/zoneinfo.rst         @pganssle
-Include/datetime.h               @pganssle @abalkin
-Include/internal/pycore_time.h   @pganssle @abalkin
-Lib/test/test_zoneinfo/          @pganssle
-Lib/zoneinfo/                    @pganssle
-Lib/*time.py                     @pganssle @abalkin
-Lib/test/datetimetester.py       @pganssle @abalkin
-Lib/test/test_*time.py           @pganssle @abalkin
-Modules/*zoneinfo*               @pganssle
-Modules/*time*                   @pganssle @abalkin
-Python/pytime.c                  @pganssle @abalkin
+Doc/**/*time.rst                 @pganssle @abalkin @StanFromIreland
+Doc/library/datetime-*           @pganssle @StanFromIreland
+Doc/library/zoneinfo.rst         @pganssle @StanFromIreland
+Include/datetime.h               @pganssle @abalkin @StanFromIreland
+Include/internal/pycore_time.h   @pganssle @abalkin @StanFromIreland
+Lib/test/test_zoneinfo/          @pganssle @StanFromIreland
+Lib/zoneinfo/                    @pganssle @StanFromIreland
+Lib/*time.py                     @pganssle @abalkin @StanFromIreland
+Lib/test/datetimetester.py       @pganssle @abalkin @StanFromIreland
+Lib/test/test_*time.py           @pganssle @abalkin @StanFromIreland
+Modules/*zoneinfo*               @pganssle @StanFromIreland
+Modules/*time*                   @pganssle @abalkin @StanFromIreland
+Python/pytime.c                  @pganssle @abalkin @StanFromIreland
 
 # Dbm
 Doc/library/dbm.rst           @corona10 @erlend-aasland @serhiy-storchaka
@@ -467,8 +476,9 @@ Lib/test/test_functools.py    @rhettinger
 Modules/_functoolsmodule.c    @rhettinger
 
 # Garbage collector
-Modules/gcmodule.c            @pablogsal
-Doc/library/gc.rst            @pablogsal
+Modules/gcmodule.c                @pablogsal
+Doc/library/gc.rst                @pablogsal
+InternalDocs/garbage_collector.md @pablogsal
 
 # Gettext
 Doc/library/gettext.rst       @tomasr8

.github/ISSUE_TEMPLATE/documentation.yml

@@ -8,8 +8,9 @@ body:
         > [!NOTE]
         > Trivial changes (for example typos) don’t require an issue before opening a PR.
   - type: textarea
+    id: description
     attributes:
       label: "Documentation"
-      description: "A clear and concise description of the issue."
+      description: "A clear and concise description of the issue. Include a link to the page."
     validations:
       required: true

.github/workflows/build.yml

@@ -111,8 +111,6 @@ jobs:
         run: echo "IMAGE_OS_VERSION=${ImageOS}-${ImageVersion}" >> "$GITHUB_ENV"
       - name: Install dependencies
         run: sudo ./.github/workflows/posix-deps-apt.sh
-      - name: Add ccache to PATH
-        run: echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
       - name: Configure CPython
         run: |
           # Build Python with the libpython dynamic library
@@ -242,14 +240,21 @@ jobs:
         # BOLT currently crashes during instrumentation on aarch64
         - os: ubuntu-24.04-arm
           bolt: true
+        include:
+        # Enable CPU-intensive tests on ARM (default build only)
+        - os: ubuntu-24.04-arm
+          bolt: false
+          free-threading: false
+          test-opts: '-u cpu'
     uses: ./.github/workflows/reusable-ubuntu.yml
     with:
       bolt-optimizations: ${{ matrix.bolt }}
       free-threading: ${{ matrix.free-threading }}
       os: ${{ matrix.os }}
+      test-opts: ${{ matrix.test-opts || '' }}
 
-  build-ubuntu-ssltests-openssl:
-    name: 'Ubuntu SSL tests with OpenSSL'
+  build-ubuntu-ssltests:
+    name: 'Ubuntu SSL tests'
     runs-on: ${{ matrix.os }}
     timeout-minutes: 60
     needs: build-context
@@ -258,16 +263,25 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-24.04]
-        # Keep 1.1.1w in our list despite it being upstream EOL and otherwise
-        # unsupported as it most resembles other 1.1.1-work-a-like ssl APIs
-        # supported by important vendors such as AWS-LC.
-        openssl_ver: [1.1.1w, 3.0.18, 3.3.5, 3.4.3, 3.5.4, 3.6.0]
-        # See Tools/ssl/make_ssl_data.py for notes on adding a new version
+        ssllib:
+          # See Tools/ssl/make_ssl_data.py for notes on adding a new version
+          ## OpenSSL
+          # Keep 1.1.1w in our list despite it being upstream EOL and otherwise
+          # unsupported as it most resembles other 1.1.1-work-a-like ssl APIs
+          # supported by important vendors such as AWS-LC.
+          - { name: openssl, version: 1.1.1w }
+          - { name: openssl, version: 3.0.19 }
+          - { name: openssl, version: 3.3.6 }
+          - { name: openssl, version: 3.4.4 }
+          - { name: openssl, version: 3.5.5 }
+          - { name: openssl, version: 3.6.1 }
+          ## AWS-LC
+          - { name: aws-lc, version: 1.68.0 }
     env:
-      OPENSSL_VER: ${{ matrix.openssl_ver }}
+      SSLLIB_VER: ${{ matrix.ssllib.version }}
       MULTISSL_DIR: ${{ github.workspace }}/multissl
-      OPENSSL_DIR: ${{ github.workspace }}/multissl/openssl/${{ matrix.openssl_ver }}
-      LD_LIBRARY_PATH: ${{ github.workspace }}/multissl/openssl/${{ matrix.openssl_ver }}/lib
+      SSLLIB_DIR: ${{ github.workspace }}/multissl/${{ matrix.ssllib.name }}/${{ matrix.ssllib.version }}
+      LD_LIBRARY_PATH: ${{ github.workspace }}/multissl/${{ matrix.ssllib.name }}/${{ matrix.ssllib.version }}/lib
     steps:
     - uses: actions/checkout@v6
       with:
@@ -278,95 +292,37 @@ jobs:
       run: echo "::add-matcher::.github/problem-matchers/gcc.json"
     - name: Install dependencies
       run: sudo ./.github/workflows/posix-deps-apt.sh
-    - name: Configure OpenSSL env vars
-      run: |
-        echo "MULTISSL_DIR=${GITHUB_WORKSPACE}/multissl" >> "$GITHUB_ENV"
-        echo "OPENSSL_DIR=${GITHUB_WORKSPACE}/multissl/openssl/${OPENSSL_VER}" >> "$GITHUB_ENV"
-        echo "LD_LIBRARY_PATH=${GITHUB_WORKSPACE}/multissl/openssl/${OPENSSL_VER}/lib" >> "$GITHUB_ENV"
-    - name: 'Restore OpenSSL build'
-      id: cache-openssl
+    - name: 'Restore SSL library build'
+      id: cache-ssl-lib
       uses: actions/cache@v5
       with:
-        path: ./multissl/openssl/${{ env.OPENSSL_VER }}
-        key: ${{ matrix.os }}-multissl-openssl-${{ env.OPENSSL_VER }}
-    - name: Install OpenSSL
-      if: steps.cache-openssl.outputs.cache-hit != 'true'
-      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --openssl "$OPENSSL_VER" --system Linux
-    - name: Add ccache to PATH
-      run: |
-        echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
-    - name: Configure CPython
-      run: ./configure CFLAGS="-fdiagnostics-format=json" --config-cache --enable-slower-safety --with-pydebug --with-openssl="$OPENSSL_DIR"
-    - name: Build CPython
-      run: make -j4
-    - name: Display build info
-      run: make pythoninfo
-    - name: SSL tests
-      run: ./python Lib/test/ssltests.py
-
-  build-ubuntu-ssltests-awslc:
-    name: 'Ubuntu SSL tests with AWS-LC'
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-    needs: build-context
-    if: needs.build-context.outputs.run-ubuntu == 'true'
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-24.04]
-        awslc_ver: [1.55.0]
-    env:
-      AWSLC_VER: ${{ matrix.awslc_ver}}
-      MULTISSL_DIR: ${{ github.workspace }}/multissl
-      OPENSSL_DIR: ${{ github.workspace }}/multissl/aws-lc/${{ matrix.awslc_ver }}
-      LD_LIBRARY_PATH: ${{ github.workspace }}/multissl/aws-lc/${{ matrix.awslc_ver }}/lib
-    steps:
-    - uses: actions/checkout@v6
-      with:
-        persist-credentials: false
-    - name: Runner image version
-      run: echo "IMAGE_OS_VERSION=${ImageOS}-${ImageVersion}" >> "$GITHUB_ENV"
-    - name: Register gcc problem matcher
-      run: echo "::add-matcher::.github/problem-matchers/gcc.json"
-    - name: Install dependencies
-      run: sudo ./.github/workflows/posix-deps-apt.sh
-    - name: Configure SSL lib env vars
-      run: |
-        echo "MULTISSL_DIR=${GITHUB_WORKSPACE}/multissl" >> "$GITHUB_ENV"
-        echo "OPENSSL_DIR=${GITHUB_WORKSPACE}/multissl/aws-lc/${AWSLC_VER}" >> "$GITHUB_ENV"
-        echo "LD_LIBRARY_PATH=${GITHUB_WORKSPACE}/multissl/aws-lc/${AWSLC_VER}/lib" >> "$GITHUB_ENV"
-    - name: 'Restore AWS-LC build'
-      id: cache-aws-lc
-      uses: actions/cache@v5
-      with:
-        path: ./multissl/aws-lc/${{ matrix.awslc_ver }}
-        key: ${{ matrix.os }}-multissl-aws-lc-${{ matrix.awslc_ver }}
-    - name: Install AWS-LC
-      if: steps.cache-aws-lc.outputs.cache-hit != 'true'
+        path: ./multissl/${{ matrix.ssllib.name }}/${{ matrix.ssllib.version }}
+        key: ${{ matrix.os }}-multissl-${{ matrix.ssllib.name }}-${{ matrix.ssllib.version }}
+    - name: Install SSL Library
+      if: steps.cache-ssl-lib.outputs.cache-hit != 'true'
       run: |
         python3 Tools/ssl/multissltests.py \
           --steps=library \
           --base-directory "$MULTISSL_DIR" \
-          --awslc ${{ matrix.awslc_ver }} \
+          '--${{ matrix.ssllib.name }}' '${{ matrix.ssllib.version }}' \
           --system Linux
-    - name: Add ccache to PATH
-      run: |
-        echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
     - name: Configure CPython
       run: |
         ./configure CFLAGS="-fdiagnostics-format=json" \
           --config-cache \
           --enable-slower-safety \
           --with-pydebug \
-          --with-openssl="$OPENSSL_DIR" \
+          --with-openssl="$SSLLIB_DIR" \
           --with-builtin-hashlib-hashes=blake2 \
           --with-ssl-default-suites=openssl
     - name: Build CPython
-      run: make -j
+      run: make -j4
     - name: Display build info
       run: make pythoninfo
-    - name: Verify python is linked to AWS-LC
-      run: ./python -c 'import ssl; print(ssl.OPENSSL_VERSION)' | grep AWS-LC
+    - name: Verify python is linked to the right lib
+      run: |
+        ./python -c 'import ssl; print(ssl.OPENSSL_VERSION)' \
+          | grep -iE '${{ matrix.ssllib.name }}.*${{ matrix.ssllib.version }}'
     - name: SSL tests
       run: ./python Lib/test/ssltests.py
 
@@ -428,7 +384,7 @@ jobs:
     needs: build-context
     if: needs.build-context.outputs.run-ubuntu == 'true'
     env:
-      OPENSSL_VER: 3.0.18
+      OPENSSL_VER: 3.5.5
       PYTHONSTRICTEXTENSIONBUILD: 1
     steps:
     - uses: actions/checkout@v6
@@ -452,9 +408,6 @@ jobs:
     - name: Install OpenSSL
       if: steps.cache-openssl.outputs.cache-hit != 'true'
       run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --openssl "$OPENSSL_VER" --system Linux
-    - name: Add ccache to PATH
-      run: |
-        echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
     - name: Setup directory envs for out-of-tree builds
       run: |
         echo "CPYTHON_RO_SRCDIR=$(realpath -m "${GITHUB_WORKSPACE}"/../cpython-ro-srcdir)" >> "$GITHUB_ENV"
@@ -539,7 +492,7 @@ jobs:
       matrix:
         os: [ubuntu-24.04]
     env:
-      OPENSSL_VER: 3.0.18
+      OPENSSL_VER: 3.5.5
       PYTHONSTRICTEXTENSIONBUILD: 1
       ASAN_OPTIONS: detect_leaks=0:allocator_may_return_null=1:handle_segv=0
     steps:
@@ -570,11 +523,8 @@ jobs:
     - name: Install OpenSSL
       if: steps.cache-openssl.outputs.cache-hit != 'true'
       run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --openssl "$OPENSSL_VER" --system Linux
-    - name: Add ccache to PATH
-      run: |
-        echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
     - name: Configure CPython
-      run: ./configure --config-cache --with-address-sanitizer --without-pymalloc
+      run: ./configure --config-cache --with-address-sanitizer --without-pymalloc --with-openssl="$OPENSSL_DIR"
     - name: Build CPython
       run: make -j4
     - name: Display build info
@@ -698,8 +648,7 @@ jobs:
     - build-windows-msi
     - build-macos
     - build-ubuntu
-    - build-ubuntu-ssltests-awslc
-    - build-ubuntu-ssltests-openssl
+    - build-ubuntu-ssltests
     - build-ios
     - build-wasi
     - test-hypothesis
@@ -716,8 +665,7 @@ jobs:
         allowed-failures: >-
           build-android,
           build-windows-msi,
-          build-ubuntu-ssltests-awslc,
-          build-ubuntu-ssltests-openssl,
+          build-ubuntu-ssltests,
           test-hypothesis,
           cifuzz,
         allowed-skips: >-
@@ -748,8 +696,7 @@ jobs:
             !fromJSON(needs.build-context.outputs.run-ubuntu)
             && '
             build-ubuntu,
-            build-ubuntu-ssltests-awslc,
-            build-ubuntu-ssltests-openssl,
+            build-ubuntu-ssltests,
             test-hypothesis,
             build-asan,
             build-san,