python
diff --git a/‎.gitattributes‎
Lines changed: 5 additions & 1 deletion b/‎.gitattributes‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 6 additions & 6 deletions b/‎.github/CODEOWNERS‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎.github/actionlint.yaml‎
Lines changed: 0 additions & 5 deletions b/‎.github/actionlint.yaml‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎.github/dependabot.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/dependabot.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/add-issue-header.yml‎
Lines changed: 3 additions & 1 deletion b/‎.github/workflows/add-issue-header.yml‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 39 additions & 29 deletions b/‎.github/workflows/build.yml‎
Lines changed: 39 additions & 29 deletions
diff --git a/‎.github/workflows/documentation-links.yml‎
Lines changed: 0 additions & 28 deletions b/‎.github/workflows/documentation-links.yml‎
Lines changed: 0 additions & 28 deletions
@@ -34,6 +34,9 @@ Lib/test/xmltestdata/*                     noeol
 Lib/venv/scripts/common/activate text eol=lf
 Lib/venv/scripts/posix/* text eol=lf
 
+# Prevent GitHub's web conflict editor from converting LF to CRLF
+*.rst text eol=lf
+
 # CRLF files
 [attr]dos text eol=crlf
 
@@ -81,6 +84,7 @@ Include/internal/pycore_uop_ids.h                   generated
 Include/internal/pycore_uop_metadata.h              generated
 Include/opcode.h                                    generated
 Include/opcode_ids.h                                generated
+Include/slots_generated.h                           generated
 Include/token.h                                     generated
 Lib/_opcode_metadata.py                             generated
 Lib/idlelib/help.html                               generated
@@ -96,7 +100,6 @@ Lib/token.py                                        generated
 Misc/sbom.spdx.json                                 generated
 Modules/_testinternalcapi/test_cases.c.h            generated
 Modules/_testinternalcapi/test_targets.h            generated
-Objects/typeslots.inc                               generated
 PC/python3dll.c                                     generated
 Parser/parser.c                                     generated
 Parser/token.c                                      generated
@@ -107,6 +110,7 @@ Python/generated_cases.c.h                          generated
 Python/optimizer_cases.c.h                          generated
 Python/opcode_targets.h                             generated
 Python/record_functions.c.h                         generated
+Python/slots_generated.c                            generated
 Python/stdlib_module_names.h                        generated
 Tools/peg_generator/pegen/grammar_parser.py         generated
 aclocal.m4                                          generated
 
@@ -100,12 +100,12 @@ Lib/test/test_build_details.py          @FFY00
 InternalDocs/                 @AA-Turner
 
 # Tools, Configuration, etc
-Doc/Makefile                  @AA-Turner @hugovk
-Doc/_static/                  @AA-Turner @hugovk
-Doc/conf.py                   @AA-Turner @hugovk
-Doc/make.bat                  @AA-Turner @hugovk
-Doc/requirements.txt          @AA-Turner @hugovk
-Doc/tools/                    @AA-Turner @hugovk
+Doc/Makefile                  @AA-Turner @hugovk @StanFromIreland
+Doc/_static/                  @AA-Turner @hugovk @StanFromIreland
+Doc/conf.py                   @AA-Turner @hugovk @StanFromIreland
+Doc/make.bat                  @AA-Turner @hugovk @StanFromIreland
+Doc/requirements.txt          @AA-Turner @hugovk @StanFromIreland
+Doc/tools/                    @AA-Turner @hugovk @StanFromIreland
 
 # PR Previews
 .readthedocs.yml              @AA-Turner
 
@@ -1,8 +1,3 @@
-self-hosted-runner:
-  # Pending release of actionlint > 1.7.11 for macos-26-intel support
-  # https://github.com/rhysd/actionlint/pull/629
-  labels: ["macos-26-intel"]
-
 config-variables: null
 
 paths:
 
@@ -3,7 +3,7 @@ updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "monthly"
+      interval: "quarterly"
     labels:
       - "skip issue"
       - "skip news"
@@ -24,7 +24,7 @@ updates:
   - package-ecosystem: "pip"
     directory: "/Tools/"
     schedule:
-      interval: "monthly"
+      interval: "quarterly"
     labels:
       - "skip issue"
       - "skip news"
 
@@ -12,6 +12,8 @@ on:
       # Only ever run once
       - opened
 
+permissions:
+  contents: read
 
 jobs:
   add-header:
@@ -20,7 +22,7 @@ jobs:
       issues: write
     timeout-minutes: 5
     steps:
-      - uses: actions/github-script@v8
+      - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         with:
           # language=JavaScript
           script: |
 
@@ -64,7 +64,7 @@ jobs:
         run: |
           apt update && apt install git -yq
           git config --global --add safe.directory "$GITHUB_WORKSPACE"
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 1
           persist-credentials: false
@@ -101,10 +101,10 @@ jobs:
     needs: build-context
     if: needs.build-context.outputs.run-tests == 'true'
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: actions/setup-python@v6
+      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: '3.x'
       - name: Runner image version
@@ -165,13 +165,21 @@ jobs:
         free-threading:
           - false
           - true
+        interpreter:
+          - switch-case
         exclude:
           # Skip Win32 on free-threaded builds
           - { arch: Win32, free-threading: true }
+        include:
+          # msvc::musttail is currently only supported on x64,
+          # and only supported on 3.15+.
+          - { arch: x64, free-threading: false, interpreter: tail-call }
+          - { arch: x64, free-threading: true,  interpreter: tail-call }
     uses: ./.github/workflows/reusable-windows.yml
     with:
       arch: ${{ matrix.arch }}
       free-threading: ${{ matrix.free-threading }}
+      interpreter: ${{ matrix.interpreter }}
 
   build-windows-msi:
     # ${{ '' } is a hack to nest jobs under the same sidebar category.
@@ -198,16 +206,16 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        # macos-26 is Apple Silicon, macos-26-intel is Intel.
-        # macos-26-intel only runs tests against the GIL-enabled CPython.
+        # macos-26 is Apple Silicon, macos-15-intel is Intel.
+        # macos-15-intel only runs tests against the GIL-enabled CPython.
         os:
         - macos-26
-        - macos-26-intel
+        - macos-15-intel
         free-threading:
         - false
         - true
         exclude:
-        - os: macos-26-intel
+        - os: macos-15-intel
           free-threading: true
     uses: ./.github/workflows/reusable-macos.yml
     with:
@@ -270,20 +278,21 @@ jobs:
           # unsupported as it most resembles other 1.1.1-work-a-like ssl APIs
           # supported by important vendors such as AWS-LC.
           - { name: openssl, version: 1.1.1w }
-          - { name: openssl, version: 3.0.19 }
-          - { name: openssl, version: 3.3.6 }
-          - { name: openssl, version: 3.4.4 }
-          - { name: openssl, version: 3.5.5 }
-          - { name: openssl, version: 3.6.1 }
+          - { name: openssl, version: 3.0.20 }
+          - { name: openssl, version: 3.3.7 }
+          - { name: openssl, version: 3.4.5 }
+          - { name: openssl, version: 3.5.6 }
+          - { name: openssl, version: 3.6.2 }
+          - { name: openssl, version: 4.0.0 }
           ## AWS-LC
-          - { name: aws-lc, version: 1.68.0 }
+          - { name: aws-lc, version: 1.72.1 }
     env:
       SSLLIB_VER: ${{ matrix.ssllib.version }}
       MULTISSL_DIR: ${{ github.workspace }}/multissl
       SSLLIB_DIR: ${{ github.workspace }}/multissl/${{ matrix.ssllib.name }}/${{ matrix.ssllib.version }}
       LD_LIBRARY_PATH: ${{ github.workspace }}/multissl/${{ matrix.ssllib.name }}/${{ matrix.ssllib.version }}/lib
     steps:
-    - uses: actions/checkout@v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
     - name: Runner image version
@@ -294,7 +303,7 @@ jobs:
       run: sudo ./.github/workflows/posix-deps-apt.sh
     - name: 'Restore SSL library build'
       id: cache-ssl-lib
-      uses: actions/cache@v5
+      uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
       with:
         path: ./multissl/${{ matrix.ssllib.name }}/${{ matrix.ssllib.version }}
         key: ${{ matrix.os }}-multissl-${{ matrix.ssllib.name }}-${{ matrix.ssllib.version }}
@@ -342,11 +351,11 @@ jobs:
 
     runs-on: ${{ matrix.runs-on }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
       - name: Build and test
-        run: ./Android/android.py ci --fast-ci ${{ matrix.arch }}-linux-android
+        run: python3 Platforms/Android ci --fast-ci ${{ matrix.arch }}-linux-android
 
   build-ios:
     name: iOS
@@ -355,7 +364,7 @@ jobs:
     timeout-minutes: 60
     runs-on: macos-14
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -369,7 +378,7 @@ jobs:
           sudo xcode-select --switch /Applications/Xcode_15.4.app
 
       - name: Build and test
-        run: python3 Apple ci iOS --fast-ci --simulator 'iPhone SE (3rd generation),OS=17.5'
+        run: python3 Platforms/Apple ci iOS --fast-ci --simulator 'iPhone SE (3rd generation),OS=17.5'
 
   build-emscripten:
     name: 'Emscripten'
@@ -390,10 +399,10 @@ jobs:
     needs: build-context
     if: needs.build-context.outputs.run-ubuntu == 'true'
     env:
-      OPENSSL_VER: 3.5.5
+      OPENSSL_VER: 3.5.6
       PYTHONSTRICTEXTENSIONBUILD: 1
     steps:
-    - uses: actions/checkout@v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
     - name: Register gcc problem matcher
@@ -407,7 +416,7 @@ jobs:
         echo "LD_LIBRARY_PATH=${GITHUB_WORKSPACE}/multissl/openssl/${OPENSSL_VER}/lib" >> "$GITHUB_ENV"
     - name: 'Restore OpenSSL build'
       id: cache-openssl
-      uses: actions/cache@v5
+      uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
       with:
         path: ./multissl/openssl/${{ env.OPENSSL_VER }}
         key: ${{ runner.os }}-multissl-openssl-${{ env.OPENSSL_VER }}
@@ -454,7 +463,7 @@ jobs:
         ./python -m venv "$VENV_LOC" && "$VENV_PYTHON" -m pip install -r "${GITHUB_WORKSPACE}/Tools/requirements-hypothesis.txt"
     - name: 'Restore Hypothesis database'
       id: cache-hypothesis-database
-      uses: actions/cache@v5
+      uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
       with:
         path: ${{ env.CPYTHON_BUILDDIR }}/.hypothesis/
         key: hypothesis-database-${{ github.head_ref || github.run_id }}
@@ -481,7 +490,7 @@ jobs:
           -x test_subprocess \
           -x test_signal \
           -x test_sysconfig
-    - uses: actions/upload-artifact@v7
+    - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
       if: always()
       with:
         name: hypothesis-example-db
@@ -498,11 +507,11 @@ jobs:
       matrix:
         os: [ubuntu-24.04]
     env:
-      OPENSSL_VER: 3.5.5
+      OPENSSL_VER: 3.5.6
       PYTHONSTRICTEXTENSIONBUILD: 1
       ASAN_OPTIONS: detect_leaks=0:allocator_may_return_null=1:handle_segv=0
     steps:
-    - uses: actions/checkout@v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         persist-credentials: false
     - name: Runner image version
@@ -512,7 +521,7 @@ jobs:
     - name: Install dependencies
       run: sudo ./.github/workflows/posix-deps-apt.sh
     - name: Set up GCC-10 for ASAN
-      uses: egor-tensin/setup-gcc@v2
+      uses: egor-tensin/setup-gcc@a2861a8b8538f49cf2850980acccf6b05a1b2ae4 # v2.0
       with:
         version: 10
     - name: Configure OpenSSL env vars
@@ -522,7 +531,7 @@ jobs:
         echo "LD_LIBRARY_PATH=${GITHUB_WORKSPACE}/multissl/openssl/${OPENSSL_VER}/lib" >> "$GITHUB_ENV"
     - name: 'Restore OpenSSL build'
       id: cache-openssl
-      uses: actions/cache@v5
+      uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
       with:
         path: ./multissl/openssl/${{ env.OPENSSL_VER }}
         key: ${{ matrix.os }}-multissl-openssl-${{ env.OPENSSL_VER }}
@@ -569,7 +578,7 @@ jobs:
     needs: build-context
     if: needs.build-context.outputs.run-ubuntu == 'true'
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
       - name: Runner image version
@@ -605,6 +614,7 @@ jobs:
       needs.build-context.outputs.run-ci-fuzz == 'true'
       || needs.build-context.outputs.run-ci-fuzz-stdlib == 'true'
     permissions:
+      contents: read
       security-events: write
     strategy:
       fail-fast: false