Merge branch 'main' into gh-72

Author: zooba

.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,6 +7,18 @@ assignees: ''
 
 ---
 
+**Install source and version**
+- [ ] Installed from the Windows Store
+- [ ] Installed with the MSIX from python\.org
+- [ ] Installed with the MSI from python\.org
+- [ ] Installed with `winget install 9NQ7512CXL7T`
+
+Version: <!-- for example, 25.0 -->
+
+<!--
+Note that the only WinGet command we support is the one shown above. Any issues encountered when you have installed using a different WinGet command should be reported first at https://github.com/microsoft/winget-pkgs/issues/
+-->
+
 **Describe the bug**
 A clear and concise description of what the bug is.
 

.github/workflows/build.yml

@@ -40,20 +40,20 @@ jobs:
     - name: Set up NuGet
       uses: nuget/setup-nuget@v2.0.1
 
-    - name: Set up Python 3.14.0b1
+    - name: Set up Python 3.14.0
       run: |
-        nuget install python -Version 3.14.0-b1 -x -o .
+        nuget install python -Version 3.14.0 -x -o .
         $py = Get-Item python\tools
         Write-Host "Adding $py to PATH"
         "$py" | Out-File $env:GITHUB_PATH -Encoding UTF8 -Append
       working-directory: ${{ runner.temp }}
 
-    - name: Check Python version is 3.14.0b1
+    - name: Check Python version is 3.14.0
       run: >
         python -c "import sys;
         print(sys.version);
         print(sys.executable);
-        sys.exit(0 if sys.version_info[:5] == (3, 14, 0, 'beta', 1) else 1)"
+        sys.exit(0 if sys.version_info[:5] == (3, 14, 0, 'final', 0) else 1)"
 
     - name: Install build dependencies
       run: python -m pip install "pymsbuild>=1.2.0b1"
@@ -130,7 +130,7 @@ jobs:
         gcm pythonw
 
     - name: 'Show help output'
-      run: pymanager
+      run: pymanager help
 
     - name: 'Install default runtime'
       run: pymanager install default

_msbuild.py

@@ -78,6 +78,7 @@ class ResourceFile(CSourceFile):
     CFunction('file_locked_delete'),
     CFunction('package_get_root'),
     CFunction('shortcut_create'),
+    CFunction('shortcut_default_cwd'),
     CFunction('shortcut_get_start_programs'),
     CFunction('hide_file'),
     CFunction('fd_supports_vt100'),
@@ -97,7 +98,11 @@ def main_exe(name):
         VersionInfo(FileDescription="Python Install Manager"),
         CPP_SETTINGS,
         ItemDefinition('ClCompile', PreprocessorDefinitions=Prepend(f'EXE_NAME=L"{name}";')),
-        ItemDefinition('Link', SubSystem='CONSOLE', DelayLoadDLLs=f"{DLL_NAME}.dll"),
+        ItemDefinition('Link',
+            SubSystem='CONSOLE',
+            DelayLoadDLLs=f'{DLL_NAME}.dll;ole32.dll;shell32.dll;advapi32.dll',
+            DisableSpecificWarnings=Prepend('4199;'),
+        ),
         INCLUDE_TMPDIR,
         Manifest('default.manifest'),
         ResourceFile('pyicon.rc'),
@@ -115,7 +120,11 @@ def mainw_exe(name):
     return CProject(name,
         VersionInfo(FileDescription="Python Install Manager (windowed)"),
         CPP_SETTINGS,
-        ItemDefinition('Link', SubSystem='WINDOWS', DelayLoadDLLs=f"{DLL_NAME}.dll"),
+        ItemDefinition('Link',
+            SubSystem='WINDOWS',
+            DelayLoadDLLs=f'{DLL_NAME}.dll;ole32.dll;shell32.dll;advapi32.dll',
+            DisableSpecificWarnings=Prepend('4199;'),
+        ),
         INCLUDE_TMPDIR,
         ItemDefinition('ClCompile', PreprocessorDefinitions=Prepend(f'EXE_NAME=L"{name}";')),
         ItemDefinition('ClCompile', PreprocessorDefinitions=Prepend("PY_WINDOWED=1;")),

_msbuild_test.py

@@ -44,6 +44,7 @@
         CFunction('file_locked_delete'),
         CFunction('package_get_root'),
         CFunction('shortcut_create'),
+        CFunction('shortcut_default_cwd'),
         CFunction('shortcut_get_start_programs'),
         CFunction('hide_file'),
         CFunction('fd_supports_vt100'),

ci/release.yml

@@ -64,10 +64,10 @@ stages:
       vmImage: 'windows-latest'
 
     variables:
-    - ${{ if eq(parameters.Sign, 'true') }}:
-      - group: CPythonSign
     - ${{ if eq(parameters.TestSign, 'true') }}:
       - group: CPythonTestSign
+    - ${{ elseif eq(parameters.Sign, 'true') }}:
+      - group: CPythonSign
     - ${{ if eq(parameters.Publish, 'true') }}:
       - group: PythonOrgPublish
 
@@ -87,11 +87,20 @@ stages:
       displayName: 'Install Nuget'
 
     - powershell: |
-        nuget install -o host_python -x -noninteractive -prerelease python
-        Write-Host "##vso[task.prependpath]$(gi host_python\python\tools)"
-      displayName: 'Install host Python'
+        nuget install python -Version 3.14.0 -x -noninteractive -o host_python
+        $py = Get-Item host_python\python\tools
+        Write-Host "Adding $py to PATH"
+        Write-Host "##vso[task.prependpath]$py"
+      displayName: Set up Python 3.14.0
       workingDirectory: $(Build.BinariesDirectory)
 
+    - powershell: >
+        python -c "import sys;
+        print(sys.version);
+        print(sys.executable);
+        sys.exit(0 if sys.version_info[:5] == (3, 14, 0, 'final', 0) else 1)"
+      displayName: Check Python version is 3.14.0
+
     - powershell: |
         python -m pip install "pymsbuild>=1.2.0b1"
       displayName: 'Install build dependencies'
@@ -122,6 +131,26 @@ stages:
         displayName: 'Install signing tool and generate files'
         workingDirectory: $(Build.BinariesDirectory)
 
+      - task: AzureCLI@2
+        displayName: 'Azure Login (1/2)'
+        inputs:
+          azureSubscription: 'Python Signing'
+          scriptType: 'ps'
+          scriptLocation: 'inlineScript'
+          inlineScript: |
+            "##vso[task.setvariable variable=AZURE_CLIENT_ID;issecret=true]${env:servicePrincipalId}" 
+            "##vso[task.setvariable variable=AZURE_ID_TOKEN;issecret=true]${env:idToken}"
+            "##vso[task.setvariable variable=AZURE_TENANT_ID;issecret=true]${env:tenantId}"
+          addSpnToEnvironment: true
+
+      - powershell: >
+          az login --service-principal
+          -u $(AZURE_CLIENT_ID)
+          --tenant $(AZURE_TENANT_ID)
+          --allow-no-subscriptions
+          --federated-token $(AZURE_ID_TOKEN)
+        displayName: 'Azure Login (2/2)'
+
     - powershell: |
         python make.py
       displayName: 'Build package'
@@ -142,10 +171,6 @@ stages:
           }
         displayName: 'Sign binaries'
         workingDirectory: $(LAYOUT_DIR)
-        env:
-          AZURE_CLIENT_ID: $(TrustedSigningClientId)
-          AZURE_CLIENT_SECRET: $(TrustedSigningSecret)
-          AZURE_TENANT_ID: $(TrustedSigningTenantId)
 
     - powershell: |
         python make-msix.py
@@ -177,10 +202,6 @@ stages:
           }
         displayName: 'Sign MSIX package'
         workingDirectory: $(DIST_DIR)
-        env:
-          AZURE_CLIENT_ID: $(TrustedSigningClientId)
-          AZURE_CLIENT_SECRET: $(TrustedSigningSecret)
-          AZURE_TENANT_ID: $(TrustedSigningTenantId)
 
       - powershell: >
           dir *.msi | %{
@@ -192,28 +213,23 @@ stages:
           }
         displayName: 'Sign MSI package'
         workingDirectory: $(DIST_DIR)
-        env:
-          AZURE_CLIENT_ID: $(TrustedSigningClientId)
-          AZURE_CLIENT_SECRET: $(TrustedSigningSecret)
-          AZURE_TENANT_ID: $(TrustedSigningTenantId)
 
-    - ${{ if eq(parameters.Sign, 'true') }}:
-      - powershell: Write-Host "##vso[build.addbuildtag]signed"
-        displayName: 'Add signed build tag'
-    - ${{ elseif eq(parameters.TestSign, 'true') }}:
+    - ${{ if eq(parameters.TestSign, 'true') }}:
       - powershell: Write-Host "##vso[build.addbuildtag]test-signed"
         displayName: 'Add test-signed build tag'
+    - ${{ elseif eq(parameters.Sign, 'true') }}:
+      - powershell: Write-Host "##vso[build.addbuildtag]signed"
+        displayName: 'Add signed build tag'
 
     - publish: $(DIST_DIR)
       artifact: dist
       displayName: Publish distribution artifacts
 
     - ${{ if eq(parameters.PostTest, 'true') }}:
-      - ${{ if eq(parameters.Sign, 'true') }}:
+      - ${{ if and(ne(parameters.TestSign, 'true'), eq(parameters.Sign, 'true')) }}:
         - powershell: |
             $msix = dir "$(DIST_DIR)\*.msix" | ?{ -not ($_.BaseName -match '.+-store') } | select -first 1
             Add-AppxPackage $msix
-            Get-AppxPackage PythonSoftwareFoundation.PythonManager
           displayName: 'Install signed MSIX'
 
       - ${{ else }}:
@@ -222,53 +238,62 @@ stages:
             cp $msix "${msix}.zip"
             Expand-Archive "${msix}.zip" (mkdir -Force $env:TEST_MSIX)
             Add-AppxPackage -Register "${env:TEST_MSIX}\appxmanifest.xml"
-            Get-AppxPackage PythonSoftwareFoundation.PythonManager
           displayName: 'Register unsigned MSIX'
           env:
             TEST_MSIX: $(TEST_MSIX_DIR)
 
       - powershell: |
-          gcm pymanager
-          gcm pywmanager
-          # These are likely present due to the machine configuration,
+          $p = Get-AppxPackage PythonSoftwareFoundation.PythonManager
+          $p
+          Set-AppxPackageAutoUpdateSettings $p.PackageFamilyName -CheckOnLaunch $false
+          Set-AppxPackageAutoUpdateSettings $p.PackageFamilyName -ShowPrompt $false
+          Set-AppxPackageAutoUpdateSettings $p.PackageFamilyName -PauseUpdates -HoursToPause 1
+          Get-AppxPackageAutoUpdateSettings $p.PackageFamilyName
+        displayName: 'Update MSIX settings'
+
+      - powershell: |
+          # Some of these are likely present due to the machine configuration,
           # but we'll check for them anyway.
-          gcm py
-          gcm python
-          gcm pyw
-          gcm pythonw
+          gcm pymanager, pywmanager, py, python, pyw, pythonw | Format-Table -AutoSize
         displayName: 'Ensure global commands are present'
 
       - powershell: |
-          pymanager
+          pymanager help
         displayName: 'Show help output'
+        timeoutInMinutes: 1
 
       - powershell: |
           pymanager install -vv default
         displayName: 'Install default runtime'
+        timeoutInMinutes: 5
         env:
           PYMANAGER_DEBUG: true
 
       - powershell: |
           pymanager list
         displayName: 'List installed runtimes'
+        timeoutInMinutes: 1
         env:
           PYMANAGER_DEBUG: true
 
       - powershell: |
           pymanager --list-paths
         displayName: 'List installed runtimes (legacy)'
+        timeoutInMinutes: 1
         env:
           PYMANAGER_DEBUG: true
 
       - powershell: |
           pymanager exec -m site
         displayName: 'Launch default runtime'
+        timeoutInMinutes: 1
         env:
           PYMANAGER_DEBUG: true
 
       - powershell: |
           pymanager uninstall -y default
         displayName: 'Uninstall runtime'
+        timeoutInMinutes: 3
         env:
           PYMANAGER_DEBUG: true
 
@@ -282,6 +307,7 @@ stages:
           pymanager install --configure -y
           if ($?) { pymanager list }
         displayName: 'Emulate first launch'
+        timeoutInMinutes: 5
         env:
           PYTHON_MANAGER_INCLUDE_UNMANAGED: false
           PYTHON_MANAGER_CONFIG: .\test-config.json
@@ -293,13 +319,27 @@ stages:
           pymanager list --source .\bundle
           pymanager install --source .\bundle 3 3-32 3-64 3-arm64
         displayName: 'Offline bundle download and install'
+        timeoutInMinutes: 5
         env:
           PYMANAGER_DEBUG: true
 
       - powershell: |
           Get-AppxPackage PythonSoftwareFoundation.PythonManager | Remove-AppxPackage
         displayName: 'Remove MSIX'
 
+    - powershell: |
+        $files = gci -File * -EA SilentlyContinue
+        $hashes = $files  | `
+            Sort-Object Name | `
+            Format-Table Name, @{
+              Label="MD5";
+              Expression={(Get-FileHash $_ -Algorithm MD5).Hash}
+            }, Length -AutoSize | `
+            Out-String -Width 4096
+        $hashes
+      workingDirectory: $(DIST_DIR)
+      displayName: 'Generate hashes (MD5)'
+
     - ${{ if eq(parameters.Publish, 'true') }}:
       - ${{ if eq(parameters.Sign, 'true') }}:
         - task: DownloadSecureFile@1

ci/repartition-index.yml

@@ -45,6 +45,8 @@ stages:
     - powershell: |
         cd (mkdir -Force index)
         python "$(Build.SourcesDirectory)\scripts\repartition-index.py" --windows-default
+        # Show the report
+        cat index-windows.txt
       displayName: 'Repartition index'
       workingDirectory: $(Build.BinariesDirectory)
 

make.py

@@ -2,7 +2,7 @@
 import subprocess
 import sys
 from subprocess import check_call as run
-from _make_helper import get_dirs, rmtree, unlink
+from _make_helper import get_dirs, rmtree
 
 # Clean DEBUG flag in case it affects build
 os.environ["PYMANAGER_DEBUG"] = ""