Important: This is the last release of PyInstaller supporting Python 2.7.
Python 2 is end-of-life, many packages are about to drop support for Python 2.7 <https://python3statement.org/>_ - or already did it.
Security
* [SECURITY] (Win32) Fix CVE-2019-16784: Local Privilege Escalation caused by
insecure directory permissions of sys._MEIPATH. This security fix effects all
Windows software frozen by PyInstaller in "onefile" mode.
While PyInstaller itself was not vulnerable, all Windows software frozen
by PyInstaller in "onefile" mode is vulnerable.
If you are using PyInstaller to freeze Windows software using "onefile"
mode, you should upgrade PyInstaller and rebuild your software.
Features
(Windows): Applications built in windowed mode have their debug messages
sent to any attached debugger or DebugView instead of message boxes.
(:issue:[#4288](https://github.com/pyinstaller/pyinstaller/issues/4288))
Better error message when file exists at path we want to be dir.
(:issue:[#4591](https://github.com/pyinstaller/pyinstaller/issues/4591))
Bugfix
* (Windows) Allow usage of `VSVersionInfo` as version argument to EXE again.
(:issue:`[#4381](https://github.com/pyinstaller/pyinstaller/issues/4381)`, :issue:`[#4539](https://github.com/pyinstaller/pyinstaller/issues/4539)`)
* (Windows) Fix MSYS2 dll's are not found by modulegraph. (:issue:`[#4125](https://github.com/pyinstaller/pyinstaller/issues/4125)`,
:issue:`[#4417](https://github.com/pyinstaller/pyinstaller/issues/4417)`)
* (Windows) The temporary copy of bootloader used add resources, icons, etc.
is not created in --workpath instead of in %TEMP%. This fixes issues on
systems where the anti-virus cleans %TEMP% immediately. (:issue:`[#3869](https://github.com/pyinstaller/pyinstaller/issues/3869)`)
* Do not fail the build when ``ldconfig`` is missing/inoperable.
(:issue:`[#4261](https://github.com/pyinstaller/pyinstaller/issues/4261)`)
* Fixed loading of IPython extensions. (:issue:`[#4271](https://github.com/pyinstaller/pyinstaller/issues/4271)`)
* Fixed pre-find-module-path hook for `distutils` to be compatible with
`virtualenv >= 16.3`. (:issue:`[#4064](https://github.com/pyinstaller/pyinstaller/issues/4064)`, :issue:`[#4372](https://github.com/pyinstaller/pyinstaller/issues/4372)`)
* Improve error reporting when the Python library can't be found.
</tr></table>
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps pyinstaller from 4.7 to 4.8.
Release notes
Sourced from pyinstaller's releases.
Changelog
Sourced from pyinstaller's changelog.
... (truncated)
Commits
fcff15eRelease v4.8.4f52ec7Bindepend: Add Termux-specific libraries search path.34c0b6ctests: repin numpy version63bf31ahooks: numpy: do not exclude distutils and numpy.distutils anymore14a14f9tests: scipy: remove obsolete version checkbf33973tests: remove xfail annotations from scipy testsa73951dbootloader: lock the PKG sideload modec11d8d3bootloader: refactor the PKG cookie search code45df9ebbuilding: embed special signature to activate PKG sideload mode4eba86adocs: re-pin sphinx versionDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)