Note that this is intended to be the last v5.x release. v6.0 will contain breaking changes from #7619, #7713 and #6999. If you want to avoid unexpected disruption, you may wish to pin pyinstaller (e.g. pip install "pyinstaller<6").
* (Windows) Fix ``OSError: exception: access violation reading 0x00000010``
raised by ``matplotlib`` and ``win32com`` run-time hooks when ran in 32-bit
frozen application (regression introduced in ``v5.13.1``). (:issue:`7893`)
Hooks
* Fix the license of the new ``_pyi_rth_utils`` run-time package; it is
now licensed under permissive Apache license, which matches the license
of the run-time hooks that use this run-time package. (:issue:`7894`)
PyInstaller Core
</code></pre>
<ul>
<li>Fix the license of the <code>pyi_splash</code> run-time module; it is now licensed
under permissive Apache license to avoid unintentionally imposing
additional license restrictions on the frozen applications that make
use of this module. (:issue:<code>7896</code>)</li>
</ul>
<h2>5.13.1 (2023-08-26)</h2>
<p>Security</p>
<pre><code>
* (Windows) Ensure that the access to temporary directories created by the
``matplotlib`` and ``win32com`` run-time hooks is restricted to the user
running the frozen application, even if the directory in the ``TMP`` or
``TEMP`` variables points to a system-wide *world writable* location that can
be accessed by all users. (:issue:`7827`)
Bugfix
(macOS) Fix :func:pkgutil.iter_modules failing to find submodules of a
package that contains data files when running as a macOS .app bundle.
(:issue:7884)
(Windows) Fix win32com run-time hook to fully isolate the gen_py
cache. This prevents access to the global cache, which results in errors when
the global cache contains some, but not all, required modules. (:issue:6257)
</tr></table>
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/oskros/MF_run_counter/network/alerts).
Bumps pyinstaller from 5.1 to 5.13.1.
Release notes
Sourced from pyinstaller's releases.
... (truncated)
Changelog
Sourced from pyinstaller's changelog.
... (truncated)
Commits
bc49d00
Release v5.13.1. [skip ci]550b927
bootloader: always call Py_GetPath before Py_SetPath4f2e030
Add Nvidia libraries to Unix exclusion list (#7746)330ab13
hookutils: qt: look for commercial pyqt to determine layout4c2652c
Make _pyi_rth_utils Python 3.7 compatible.2ecfedf
Fix readthedocs building theme selection. [skip ci]dcb2b17
Fix pkgutil.iter_modules for symbolically linked packages65fd7c4
Fix msys2 dll paths in GdkPixbuf loaders.cache gen (#7842)1e8484b
hookutils: gi: fix error handling in compile_glib_schema_filese7f6380
bootstrap: add a work-around for sys._stdlib_dir not being setDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show