delta/cpython-git.git/Lib/difflib.py, branch faster-bytes-iter github.com: python/cpython.git bpo-40394 - difflib.SequenceMatched.find_longest_match default args (GH-19742) 2020-04-30T03:42:45+00:00 lrjball 50599110+lrjball@users.noreply.github.com 2020-04-30T03:42:45+00:00 3209cbd99b6d65aa18b3beb124fac9c792b8993d * bpo-40394 - difflib.SequenceMatched.find_longest_match default args Added default args to find_longest_match, as well as related tests. 
* bpo-40394 - difflib.SequenceMatched.find_longest_match default args

Added default args to find_longest_match, as well as related tests.
 bpo-39481: PEP 585 for difflib, filecmp, fileinput (#19422) 2020-04-10T04:47:31+00:00 Ethan Smith ethan@ethanhs.me 2020-04-10T04:47:31+00:00 e3ec44d692d9442e640cf5b2d8708157a65cec3e 






bpo-38738: Fix formatting of True and False. (GH-17083)
2019-11-12T14:57:03+00:00

Serhiy Storchaka
storchaka@gmail.com

2019-11-12T14:57:03+00:00

138ccbb02216ca086047c3139857fb44f3dab1f9

* "Return true/false" is replaced with "Return ``True``/``False``"
  if the function actually returns a bool.
* Fixed formatting of some True and False literals (now in monospace).
* Replaced "True/False" with "true/false" if it can be not only bool.
* Replaced some 1/0 with True/False if it corresponds the code.
* "Returns <bool>" is replaced with "Return <bool>".





* "Return true/false" is replaced with "Return ``True``/``False``"
  if the function actually returns a bool.
* Fixed formatting of some True and False literals (now in monospace).
* Replaced "True/False" with "true/false" if it can be not only bool.
* Replaced some 1/0 with True/False if it corresponds the code.
* "Returns <bool>" is replaced with "Return <bool>".







Fix difflib `?` hint in diff output when dealing with tabs (#15201)
2019-08-21T18:59:25+00:00

Anthony Sottile
asottile@umich.edu

2019-08-21T18:59:26+00:00

e1c638da6a065af6803028ced1afcc679e63f59d












Revert "bpo-35603: Escape table header of make_table output that can cause potential XSS. (GH-11341)" (GH-11356)
2019-01-02T12:49:25+00:00

Serhiy Storchaka
storchaka@gmail.com

2019-01-02T12:49:25+00:00

830ddc74c495ac1a5c03172a31006074967571a3

This reverts commit 78de01198b047347abc5e458851bb12c48429e24.




This reverts commit 78de01198b047347abc5e458851bb12c48429e24.






bpo-35603: Escape table header of make_table output that can cause potential XSS. (GH-11341)
2018-12-29T08:53:14+00:00

Xtreak
tir.karthi@gmail.com

2018-12-29T08:53:14+00:00

78de01198b047347abc5e458851bb12c48429e24












bpo-33224: PEP 479 fix for difflib.mdiff() (GH-6381)
2018-04-05T18:19:57+00:00

Raymond Hettinger
rhettinger@users.noreply.github.com

2018-04-05T18:19:57+00:00

01b731fc2b04744a11e32f93aba8bfb9ddb3dd29















bpo-32981: Fix catastrophic backtracking vulns (#5955)
2018-03-04T05:33:32+00:00

Jamie Davis
davisjam@vt.edu

2018-03-04T05:33:32+00:00

0e6c8ee2358a2e23117501826c008842acb835ac

* Prevent low-grade poplib REDOS (CVE-2018-1060)

The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.

Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.

A 2KB evil response from the mail server would result in small slowdowns
(milliseconds vs. microseconds) accumulated over many apop calls.
This is a potential DOS vector via accumulated slowdowns.

Replace it with a similar non-vulnerable regex.

The new regex is RFC compliant.
The old regex was non-compliant in edge cases.

* Prevent difflib REDOS (CVE-2018-1061)

The default regex for IS_LINE_JUNK is susceptible to
catastrophic backtracking.
This is a potential DOS vector.

Replace it with an equivalent non-vulnerable regex.

Also introduce unit and REDOS tests for difflib.

Co-authored-by: Tim Peters <tim.peters@gmail.com>
Co-authored-by: Christian Heimes <christian@python.org>





* Prevent low-grade poplib REDOS (CVE-2018-1060)

The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.

Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.

A 2KB evil response from the mail server would result in small slowdowns
(milliseconds vs. microseconds) accumulated over many apop calls.
This is a potential DOS vector via accumulated slowdowns.

Replace it with a similar non-vulnerable regex.

The new regex is RFC compliant.
The old regex was non-compliant in edge cases.

* Prevent difflib REDOS (CVE-2018-1061)

The default regex for IS_LINE_JUNK is susceptible to
catastrophic backtracking.
This is a potential DOS vector.

Replace it with an equivalent non-vulnerable regex.

Also introduce unit and REDOS tests for difflib.

Co-authored-by: Tim Peters <tim.peters@gmail.com>
Co-authored-by: Christian Heimes <christian@python.org>







bpo-29762: More use "raise from None". (#569)
2017-04-05T06:37:24+00:00

Serhiy Storchaka
storchaka@gmail.com

2017-04-05T06:37:24+00:00

5affd23e6f42125998724787025080a24839266e

This hides unwanted implementation details from tracebacks.




This hides unwanted implementation details from tracebacks.






#27364: fix "incorrect" uses of escape character in the stdlib.
2016-09-08T17:59:53+00:00

R David Murray
rdmurray@bitdance.com

2016-09-08T17:59:53+00:00

44b548dda872c0d4f30afd6b44fd74b053a55ad8

And most of the tools.

Patch by Emanual Barry, reviewed by me, Serhiy Storchaka, and
Martin Panter.





And most of the tools.

Patch by Emanual Barry, reviewed by me, Serhiy Storchaka, and
Martin Panter.