From the archive `python-gentoo-patches-2.7.18_p8.tar.xz` found at
https://dev.gentoo.org/~mgorny/dist/python/, I copied
`0024-3.6-bpo-42967-only-use-as-a-query-string-separator-G.patch`.
This reduces the amount of packages that are required to use
builtins.fetchurl to fetch. Without this change, mime-types
would not be able to use fetchzip when mime-types support is
added to python3.
Python 3.9 has a new module `zoneinfo` which requires tzdata. By default
it searches TZPATH for folders containing `zoneinfo`.
This commit makes the dependency on tzdata pure.
The issue manifests itself as the following on `aarch64-darwin`:
```
>>> import ctypes
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/nix/store/i8cq0xrjirz1rcp65wzcyhj6ypzlw9il-python3-3.7.10/lib/python3.7/ctypes/__init__.py", line 551, in <module>
_reset_cache()
File "/nix/store/i8cq0xrjirz1rcp65wzcyhj6ypzlw9il-python3-3.7.10/lib/python3.7/ctypes/__init__.py", line 273, in _reset_cache
CFUNCTYPE(c_int)(lambda: None)
MemoryError
```
The commit we backport is included in Python 3.8, and it reverts
the change that was introduced all the way back in Python 2.7.
Now that `buildEnv` is ready, always put `makeWrapper` in
`nativeBuildInputs`, rather than `buildInputs` or (worse) mucking around
with setup hooks by hand.
(C.f. #112276, which didn't catch these because the manual setup hook
sourcing is such a hack to being with!)
Fixes#114687
The package set is an attribute of the interpreter. The function to
build an environment (`buildEnv`/`withPackages`) is part of the
interpreter. The interpreter is passed to itself, and needs to be
updated when overridden.
For cross-compilation we splice the package set, and for that the
various `build/host` interpreters and sets need to be available. We
select these currently through `pkgs.${pythonAttr}`. The `pythonAttr`
attribute was not fixed for `pythonFull`.
https://github.com/NixOS/rfcs/pull/83https://github.com/NixOS/nixpkgs/pull/104201
We need a better solution for this because this is very brittle.
Thanks to the Gentoo team maintaining a fork of python2¹ we can easily
apply their backported patch for this security vulnerability.
[1] https://gitweb.gentoo.org/fork/cpython.git/