Stop compiling Python using --with-system-expat
#1925
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The upstream Python test suite (which gets run when compiling with PGO enabled) fails with the `libexpat` in Ubuntu 22.04. In #1661 previously added what I hoped would be a temporarily workaround until the failures were fixed upstream, however, the Python maintainers say they don't guarantee compatibility with distro `expat`, and that it's up to us to test for compatibility and patch if we want to use the distro version. However, this isn't viable given that we're neither a Linux distro maintainer, a CPython maintainer or an expat maintainer. Instead, like the upstream Docker Hub Python images, we will switch the `expat` bundled within the CPython sources, which is actually what the upstream CPython project tests in its CI. This means users won't get security updates for free via the base image, and will instead need to update their Python patch versions instead as newer versions are vendored in CPython. However, this is the least worst alternative for now. I'm doing this now, since otherwise I'll need to generate another patch series for the soon to be released Python 3.14. Note: This change only affects Python versions compiled/released after this merges. Existing Python versions on S3 are unaffected for now (unless they ever get recompiled in the future). For more details, see: python/cpython#125067 (comment) GUS-W-17414073.
Member
Author
|
Dry-run (non-upload) builds of the latest patch release of each major - to confirm the release manager identities are correct for each major:
|
Malax
approved these changes
Oct 6, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The upstream Python test suite (which gets run when compiling with PGO enabled) fails with the
libexpatin Ubuntu 22.04.In #1661, I previously added what I hoped would be a temporarily workaround until the failures were fixed upstream, however, the Python maintainers say they don't guarantee compatibility with distro
expat, and that it's up to us to test for compatibility and patch if we want to use the distro version. However, this isn't viable given that we're neither a Linux distro maintainer, a CPython maintainer or an expat maintainer.Instead, like the upstream Docker Hub Python images (who were also affected by this issue), we will switch the
expatbundled within the CPython sources, which is actually what the upstream CPython project tests in its CI. This means users won't get security updates for free via the base image, and will instead need to update their Python patch versions instead as newer versions are vendored in CPython. However, this is the least worst alternative for now.I'm doing this now, since otherwise I'll need to generate another patch series for the soon to be released Python 3.14.
Note: This change only affects Python versions compiled/released after this merges. Existing Python versions on S3 are unaffected for now (unless they ever get recompiled in the future).
For more details, see:
python/cpython#125067 (comment)
GUS-W-17414073.