Important: This is the last release of PyInstaller supporting Python 2.7.
Python 2 is end-of-life, many packages are about to drop support for Python 2.7 <https://python3statement.org/>_ - or already did it.
Security
* [SECURITY] (Win32) Fix CVE-2019-16784: Local Privilege Escalation caused by
insecure directory permissions of sys._MEIPATH. This security fix effects all
Windows software frozen by PyInstaller in "onefile" mode.
While PyInstaller itself was not vulnerable, all Windows software frozen
by PyInstaller in "onefile" mode is vulnerable.
If you are using PyInstaller to freeze Windows software using "onefile"
mode, you should upgrade PyInstaller and rebuild your software.
Features
(Windows): Applications built in windowed mode have their debug messages
sent to any attached debugger or DebugView instead of message boxes.
(:issue:[#4288](https://github.com/pyinstaller/pyinstaller/issues/4288))
Better error message when file exists at path we want to be dir.
(:issue:[#4591](https://github.com/pyinstaller/pyinstaller/issues/4591))
Bugfix
* (Windows) Allow usage of `VSVersionInfo` as version argument to EXE again.
(:issue:`[#4381](https://github.com/pyinstaller/pyinstaller/issues/4381)`, :issue:`[#4539](https://github.com/pyinstaller/pyinstaller/issues/4539)`)
* (Windows) Fix MSYS2 dll's are not found by modulegraph. (:issue:`[#4125](https://github.com/pyinstaller/pyinstaller/issues/4125)`,
:issue:`[#4417](https://github.com/pyinstaller/pyinstaller/issues/4417)`)
* (Windows) The temporary copy of bootloader used add resources, icons, etc.
is not created in --workpath instead of in %TEMP%. This fixes issues on
systems where the anti-virus cleans %TEMP% immediately. (:issue:`[#3869](https://github.com/pyinstaller/pyinstaller/issues/3869)`)
* Do not fail the build when ``ldconfig`` is missing/inoperable.
(:issue:`[#4261](https://github.com/pyinstaller/pyinstaller/issues/4261)`)
* Fixed loading of IPython extensions. (:issue:`[#4271](https://github.com/pyinstaller/pyinstaller/issues/4271)`)
* Fixed pre-find-module-path hook for `distutils` to be compatible with
`virtualenv >= 16.3`. (:issue:`[#4064](https://github.com/pyinstaller/pyinstaller/issues/4064)`, :issue:`[#4372](https://github.com/pyinstaller/pyinstaller/issues/4372)`)
* Improve error reporting when the Python library can't be found.
</tr></table>
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xlwings/git-xl/network/alerts).
Bumps pyinstaller from 3.3.1 to 3.6.
Release notes
Sourced from pyinstaller's releases.
Changelog
Sourced from pyinstaller's changelog.
... (truncated)
Commits
6d4cce1
Release 3.6.9649913
Doc: Rebuild man-pages for release 3.6.51bcee4
Update versions in README.3058682
Update CREDITS for release 3.62232b5b
Preparing release 3.695ff39d
pyproject.toml: Update config for towncrier.0d7ac32
Hooks: Fix numpy and scipy hooks to find dlls in extra locations.2c16311
Hooks: Add hook for sklearn.mixture.9882f87
Add more options to funding.yml.ddec556
Tests/CI: Use new label in .pyup.yml.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xlwings/git-xl/network/alerts).