diff --git a/.github/workflows/verify-templating.yml b/.github/workflows/verify-templating.yml
index 2e1fb7872..e822ba6bb 100644
--- a/.github/workflows/verify-templating.yml
+++ b/.github/workflows/verify-templating.yml
@@ -3,6 +3,7 @@ name: Verify Templating
on:
pull_request:
push:
+ workflow_dispatch:
defaults:
run:
@@ -14,9 +15,5 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- - name: Apply Templates
- run: ./apply-templates.sh
- - name: Check Git Status
- run: |
- status="$(git status --short)"
- [ -z "$status" ]
+ - run: ./apply-templates.sh
+ - run: git diff --exit-code
diff --git a/3.10/alpine3.19/Dockerfile b/3.10/alpine3.19/Dockerfile
deleted file mode 100644
index 7aa6b919f..000000000
--- a/3.10/alpine3.19/Dockerfile
+++ /dev/null
@@ -1,159 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM alpine:3.19
-
-# ensure local python is preferred over distribution python
-ENV PATH /usr/local/bin:$PATH
-
-# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
-# last attempted removal of LANG broke many users:
-# https://github.com/docker-library/python/pull/570
-ENV LANG C.UTF-8
-
-# runtime dependencies
-RUN set -eux; \
- apk add --no-cache \
- ca-certificates \
- tzdata \
- ;
-
-ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.10.14
-
-RUN set -eux; \
- \
- apk add --no-cache --virtual .build-deps \
- gnupg \
- tar \
- xz \
- \
- bluez-dev \
- bzip2-dev \
- dpkg-dev dpkg \
- expat-dev \
- findutils \
- gcc \
- gdbm-dev \
- libc-dev \
- libffi-dev \
- libnsl-dev \
- libtirpc-dev \
- linux-headers \
- make \
- ncurses-dev \
- openssl-dev \
- pax-utils \
- readline-dev \
- sqlite-dev \
- tcl-dev \
- tk \
- tk-dev \
- util-linux-dev \
- xz-dev \
- zlib-dev \
- ; \
- \
- wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
- wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
- GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
- gpg --batch --verify python.tar.xz.asc python.tar.xz; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" python.tar.xz.asc; \
- mkdir -p /usr/src/python; \
- tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
- rm python.tar.xz; \
- \
- cd /usr/src/python; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
- ./configure \
- --build="$gnuArch" \
- --enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
- --enable-option-checking=fatal \
- --enable-shared \
- --with-lto \
- --with-system-expat \
- --without-ensurepip \
- ; \
- nproc="$(nproc)"; \
-# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
-# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
- EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
- LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
- make -j "$nproc" \
- "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
- "LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
- ; \
-# https://github.com/docker-library/python/issues/784
-# prevent accidental usage of a system installed libpython of the same version
- rm python; \
- make -j "$nproc" \
- "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
- "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
- python \
- ; \
- make install; \
- \
- cd /; \
- rm -rf /usr/src/python; \
- \
- find /usr/local -depth \
- \( \
- \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
- -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
- \) -exec rm -rf '{}' + \
- ; \
- \
- find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \
- | tr ',' '\n' \
- | sort -u \
- | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
- | xargs -rt apk add --no-network --virtual .python-rundeps \
- ; \
- apk del --no-network .build-deps; \
- \
- python3 --version
-
-# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
-RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
- dst="$(echo "$src" | tr -d 3)"; \
- [ -s "/usr/local/bin/$src" ]; \
- [ ! -e "/usr/local/bin/$dst" ]; \
- ln -svT "$src" "/usr/local/bin/$dst"; \
- done
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
-CMD ["python3"]
diff --git a/3.10/alpine3.20/Dockerfile b/3.10/alpine3.20/Dockerfile
index 5f9f99ecd..b46a12d48 100644
--- a/3.10/alpine3.20/Dockerfile
+++ b/3.10/alpine3.20/Dockerfile
@@ -22,7 +22,8 @@ RUN set -eux; \
;
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.10.14
+ENV PYTHON_VERSION 3.10.17
+ENV PYTHON_SHA256 4c68050f049d1b4ac5aadd0df5f27941c0350d2a9e7ab0907ee5eb5225d9d6b0
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -58,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -73,12 +74,10 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
@@ -88,7 +87,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -96,7 +94,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -119,41 +116,26 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.12/alpine3.19/Dockerfile b/3.10/alpine3.21/Dockerfile
similarity index 77%
rename from 3.12/alpine3.19/Dockerfile
rename to 3.10/alpine3.21/Dockerfile
index 71322b243..3c03960a8 100644
--- a/3.12/alpine3.19/Dockerfile
+++ b/3.10/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
@@ -21,8 +21,9 @@ RUN set -eux; \
tzdata \
;
-ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.12.4
+ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
+ENV PYTHON_VERSION 3.10.17
+ENV PYTHON_SHA256 4c68050f049d1b4ac5aadd0df5f27941c0350d2a9e7ab0907ee5eb5225d9d6b0
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -58,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -73,12 +74,10 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
@@ -88,7 +87,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -96,7 +94,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -119,38 +116,26 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.10/bookworm/Dockerfile b/3.10/bookworm/Dockerfile
index 2032d8564..ddc2cfe13 100644
--- a/3.10/bookworm/Dockerfile
+++ b/3.10/bookworm/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.10.14
+ENV PYTHON_VERSION 3.10.17
+ENV PYTHON_SHA256 4c68050f049d1b4ac5aadd0df5f27941c0350d2a9e7ab0907ee5eb5225d9d6b0
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -49,8 +51,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -58,7 +59,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -66,7 +66,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -89,41 +88,26 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.10/bullseye/Dockerfile b/3.10/bullseye/Dockerfile
index 467af6af1..ef1ad6771 100644
--- a/3.10/bullseye/Dockerfile
+++ b/3.10/bullseye/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.10.14
+ENV PYTHON_VERSION 3.10.17
+ENV PYTHON_SHA256 4c68050f049d1b4ac5aadd0df5f27941c0350d2a9e7ab0907ee5eb5225d9d6b0
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -49,8 +51,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -58,7 +59,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -66,7 +66,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -89,41 +88,26 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.10/slim-bookworm/Dockerfile b/3.10/slim-bookworm/Dockerfile
index f1deffa26..8c3a84d47 100644
--- a/3.10/slim-bookworm/Dockerfile
+++ b/3.10/slim-bookworm/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.10.14
+ENV PYTHON_VERSION 3.10.17
+ENV PYTHON_SHA256 4c68050f049d1b4ac5aadd0df5f27941c0350d2a9e7ab0907ee5eb5225d9d6b0
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -75,8 +76,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -85,7 +85,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -93,7 +92,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -123,50 +121,26 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.10/slim-bullseye/Dockerfile b/3.10/slim-bullseye/Dockerfile
index 0ae48abd8..eee742510 100644
--- a/3.10/slim-bullseye/Dockerfile
+++ b/3.10/slim-bullseye/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.10.14
+ENV PYTHON_VERSION 3.10.17
+ENV PYTHON_SHA256 4c68050f049d1b4ac5aadd0df5f27941c0350d2a9e7ab0907ee5eb5225d9d6b0
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -75,8 +76,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -85,7 +85,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -93,7 +92,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -123,50 +121,26 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.11/alpine3.20/Dockerfile b/3.11/alpine3.20/Dockerfile
index 2b4773d74..6bfbfc584 100644
--- a/3.11/alpine3.20/Dockerfile
+++ b/3.11/alpine3.20/Dockerfile
@@ -22,7 +22,8 @@ RUN set -eux; \
;
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.11.9
+ENV PYTHON_VERSION 3.11.12
+ENV PYTHON_SHA256 849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -58,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -73,12 +74,10 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
@@ -88,7 +87,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -96,7 +94,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -119,41 +116,26 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.13-rc/alpine3.20/Dockerfile b/3.11/alpine3.21/Dockerfile
similarity index 76%
rename from 3.13-rc/alpine3.20/Dockerfile
rename to 3.11/alpine3.21/Dockerfile
index e30123757..858ce0232 100644
--- a/3.13-rc/alpine3.20/Dockerfile
+++ b/3.11/alpine3.21/Dockerfile
@@ -4,11 +4,16 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.20
+FROM alpine:3.21
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
+# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
+# last attempted removal of LANG broke many users:
+# https://github.com/docker-library/python/pull/570
+ENV LANG C.UTF-8
+
# runtime dependencies
RUN set -eux; \
apk add --no-cache \
@@ -16,8 +21,9 @@ RUN set -eux; \
tzdata \
;
-ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.13.0b4
+ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
+ENV PYTHON_VERSION 3.11.12
+ENV PYTHON_SHA256 849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09
RUN set -eux; \
\
@@ -29,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -53,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -68,12 +74,10 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
@@ -83,7 +87,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -91,7 +94,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -114,38 +116,26 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.11/bookworm/Dockerfile b/3.11/bookworm/Dockerfile
index 599103eaa..943aa0150 100644
--- a/3.11/bookworm/Dockerfile
+++ b/3.11/bookworm/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.11.9
+ENV PYTHON_VERSION 3.11.12
+ENV PYTHON_SHA256 849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -49,8 +51,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -58,7 +59,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -66,7 +66,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -89,41 +88,26 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.11/bullseye/Dockerfile b/3.11/bullseye/Dockerfile
index 4995b5feb..cad17e31e 100644
--- a/3.11/bullseye/Dockerfile
+++ b/3.11/bullseye/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.11.9
+ENV PYTHON_VERSION 3.11.12
+ENV PYTHON_SHA256 849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -49,8 +51,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -58,7 +59,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -66,7 +66,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -89,41 +88,26 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.11/slim-bookworm/Dockerfile b/3.11/slim-bookworm/Dockerfile
index d1c50ca24..1d77b85f6 100644
--- a/3.11/slim-bookworm/Dockerfile
+++ b/3.11/slim-bookworm/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.11.9
+ENV PYTHON_VERSION 3.11.12
+ENV PYTHON_SHA256 849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -75,8 +76,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -85,7 +85,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -93,7 +92,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -123,50 +121,26 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.11/slim-bullseye/Dockerfile b/3.11/slim-bullseye/Dockerfile
index 726c05375..250c1c031 100644
--- a/3.11/slim-bullseye/Dockerfile
+++ b/3.11/slim-bullseye/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.11.9
+ENV PYTHON_VERSION 3.11.12
+ENV PYTHON_SHA256 849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -75,8 +76,7 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -85,7 +85,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -93,7 +92,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -123,50 +121,26 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==65.5.1' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.12/alpine3.20/Dockerfile b/3.12/alpine3.20/Dockerfile
index 946ab5929..a7c1b0de9 100644
--- a/3.12/alpine3.20/Dockerfile
+++ b/3.12/alpine3.20/Dockerfile
@@ -22,7 +22,8 @@ RUN set -eux; \
;
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.12.4
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -58,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -73,22 +74,37 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(apk --print-arch)"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ x86_64|aarch64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ x86) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -96,7 +112,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -119,38 +134,17 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.11/alpine3.19/Dockerfile b/3.12/alpine3.21/Dockerfile
similarity index 73%
rename from 3.11/alpine3.19/Dockerfile
rename to 3.12/alpine3.21/Dockerfile
index 289821071..38dfd364a 100644
--- a/3.11/alpine3.19/Dockerfile
+++ b/3.12/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
@@ -21,8 +21,9 @@ RUN set -eux; \
tzdata \
;
-ENV GPG_KEY A035C8C19219BA821ECEA86B64E628F8D684696D
-ENV PYTHON_VERSION 3.11.9
+ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -58,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -73,22 +74,37 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(apk --print-arch)"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ x86_64|aarch64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ x86) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -96,7 +112,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -119,41 +134,17 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.12/bookworm/Dockerfile b/3.12/bookworm/Dockerfile
index aac5f7d98..c85c9bf80 100644
--- a/3.12/bookworm/Dockerfile
+++ b/3.12/bookworm/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.12.4
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -49,16 +51,32 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -66,7 +84,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -89,38 +106,17 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.12/bullseye/Dockerfile b/3.12/bullseye/Dockerfile
index b5d8407aa..af9f71f1a 100644
--- a/3.12/bullseye/Dockerfile
+++ b/3.12/bullseye/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.12.4
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -49,16 +51,32 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -66,7 +84,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -89,38 +106,17 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.12/slim-bookworm/Dockerfile b/3.12/slim-bookworm/Dockerfile
index 25cf51069..426f71f4d 100644
--- a/3.12/slim-bookworm/Dockerfile
+++ b/3.12/slim-bookworm/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.12.4
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -75,17 +76,33 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -93,7 +110,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -123,47 +139,17 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.12/slim-bullseye/Dockerfile b/3.12/slim-bullseye/Dockerfile
index c1bd0983a..960607d0f 100644
--- a/3.12/slim-bullseye/Dockerfile
+++ b/3.12/slim-bullseye/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.12.4
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -75,17 +76,33 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -93,7 +110,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -123,47 +139,17 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.12/windows/windowsservercore-1809/Dockerfile b/3.12/windows/windowsservercore-1809/Dockerfile
index 1132ef54d..aacfeb49e 100644
--- a/3.12/windows/windowsservercore-1809/Dockerfile
+++ b/3.12/windows/windowsservercore-1809/Dockerfile
@@ -11,13 +11,20 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
# https://github.com/docker-library/python/pull/557
ENV PYTHONIOENCODING UTF-8
-ENV PYTHON_VERSION 3.12.4
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 67b5635e80ea51072b87941312d00ec8927c4db9ba18938f7ad2d27b328b95fb
RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
Write-Host ('Downloading {0} ...' -f $url); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
\
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
Write-Host 'Installing ...'; \
# https://docs.python.org/3/using/windows.html#installing-without-ui
$exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
@@ -28,7 +35,7 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
'PrependPath=1', \
'Shortcuts=0', \
'Include_doc=0', \
- 'Include_pip=0', \
+ 'Include_pip=1', \
'Include_test=0' \
) \
).ExitCode; \
@@ -48,34 +55,8 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
Remove-Item python.exe -Force; \
Remove-Item $env:TEMP/Python*.log -Force; \
\
- Write-Host 'Complete.'
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN Write-Host ('Downloading get-pip.py ({0}) ...' -f $env:PYTHON_GET_PIP_URL); \
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
- Invoke-WebRequest -Uri $env:PYTHON_GET_PIP_URL -OutFile 'get-pip.py'; \
- Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_GET_PIP_SHA256); \
- if ((Get-FileHash 'get-pip.py' -Algorithm sha256).Hash -ne $env:PYTHON_GET_PIP_SHA256) { \
- Write-Host 'FAILED!'; \
- exit 1; \
- }; \
- \
$env:PYTHONDONTWRITEBYTECODE = '1'; \
\
- Write-Host ('Installing pip=={0} ...' -f $env:PYTHON_PIP_VERSION); \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- ('pip=={0}' -f $env:PYTHON_PIP_VERSION) \
- ; \
- Remove-Item get-pip.py -Force; \
- \
Write-Host 'Verifying pip install ...'; \
pip --version; \
\
diff --git a/3.12/windows/windowsservercore-ltsc2022/Dockerfile b/3.12/windows/windowsservercore-ltsc2022/Dockerfile
index c17d7173a..f8f537a65 100644
--- a/3.12/windows/windowsservercore-ltsc2022/Dockerfile
+++ b/3.12/windows/windowsservercore-ltsc2022/Dockerfile
@@ -11,13 +11,20 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
# https://github.com/docker-library/python/pull/557
ENV PYTHONIOENCODING UTF-8
-ENV PYTHON_VERSION 3.12.4
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 67b5635e80ea51072b87941312d00ec8927c4db9ba18938f7ad2d27b328b95fb
RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
Write-Host ('Downloading {0} ...' -f $url); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
\
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
Write-Host 'Installing ...'; \
# https://docs.python.org/3/using/windows.html#installing-without-ui
$exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
@@ -28,7 +35,7 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
'PrependPath=1', \
'Shortcuts=0', \
'Include_doc=0', \
- 'Include_pip=0', \
+ 'Include_pip=1', \
'Include_test=0' \
) \
).ExitCode; \
@@ -48,34 +55,8 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
Remove-Item python.exe -Force; \
Remove-Item $env:TEMP/Python*.log -Force; \
\
- Write-Host 'Complete.'
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN Write-Host ('Downloading get-pip.py ({0}) ...' -f $env:PYTHON_GET_PIP_URL); \
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
- Invoke-WebRequest -Uri $env:PYTHON_GET_PIP_URL -OutFile 'get-pip.py'; \
- Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_GET_PIP_SHA256); \
- if ((Get-FileHash 'get-pip.py' -Algorithm sha256).Hash -ne $env:PYTHON_GET_PIP_SHA256) { \
- Write-Host 'FAILED!'; \
- exit 1; \
- }; \
- \
$env:PYTHONDONTWRITEBYTECODE = '1'; \
\
- Write-Host ('Installing pip=={0} ...' -f $env:PYTHON_PIP_VERSION); \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- ('pip=={0}' -f $env:PYTHON_PIP_VERSION) \
- ; \
- Remove-Item get-pip.py -Force; \
- \
Write-Host 'Verifying pip install ...'; \
pip --version; \
\
diff --git a/3.12/windows/windowsservercore-ltsc2025/Dockerfile b/3.12/windows/windowsservercore-ltsc2025/Dockerfile
new file mode 100644
index 000000000..6e2a0d13f
--- /dev/null
+++ b/3.12/windows/windowsservercore-ltsc2025/Dockerfile
@@ -0,0 +1,65 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM mcr.microsoft.com/windows/servercore:ltsc2025
+
+SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+
+# https://github.com/docker-library/python/pull/557
+ENV PYTHONIOENCODING UTF-8
+
+ENV PYTHON_VERSION 3.12.10
+ENV PYTHON_SHA256 67b5635e80ea51072b87941312d00ec8927c4db9ba18938f7ad2d27b328b95fb
+
+RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
+ Write-Host ('Downloading {0} ...' -f $url); \
+ [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
+ Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
+ \
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
+ Write-Host 'Installing ...'; \
+# https://docs.python.org/3/using/windows.html#installing-without-ui
+ $exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
+ -ArgumentList @( \
+ '/quiet', \
+ 'InstallAllUsers=1', \
+ 'TargetDir=C:\Python', \
+ 'PrependPath=1', \
+ 'Shortcuts=0', \
+ 'Include_doc=0', \
+ 'Include_pip=1', \
+ 'Include_test=0' \
+ ) \
+ ).ExitCode; \
+ if ($exitCode -ne 0) { \
+ Write-Host ('Running python installer failed with exit code: {0}' -f $exitCode); \
+ Get-ChildItem $env:TEMP | Sort-Object -Descending -Property LastWriteTime | Select-Object -First 1 | Get-Content; \
+ exit $exitCode; \
+ } \
+ \
+# the installer updated PATH, so we should refresh our local value
+ $env:PATH = [Environment]::GetEnvironmentVariable('PATH', [EnvironmentVariableTarget]::Machine); \
+ \
+ Write-Host 'Verifying install ...'; \
+ Write-Host ' python --version'; python --version; \
+ \
+ Write-Host 'Removing ...'; \
+ Remove-Item python.exe -Force; \
+ Remove-Item $env:TEMP/Python*.log -Force; \
+ \
+ $env:PYTHONDONTWRITEBYTECODE = '1'; \
+ \
+ Write-Host 'Verifying pip install ...'; \
+ pip --version; \
+ \
+ Write-Host 'Complete.'
+
+CMD ["python"]
diff --git a/3.13-rc/alpine3.19/Dockerfile b/3.13/alpine3.20/Dockerfile
similarity index 74%
rename from 3.13-rc/alpine3.19/Dockerfile
rename to 3.13/alpine3.20/Dockerfile
index 4e3fea87f..5b2fe3f23 100644
--- a/3.13-rc/alpine3.19/Dockerfile
+++ b/3.13/alpine3.20/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.20
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
@@ -17,7 +17,8 @@ RUN set -eux; \
;
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.13.0b4
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041
RUN set -eux; \
\
@@ -29,7 +30,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -53,6 +53,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -68,22 +69,37 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(apk --print-arch)"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ x86_64|aarch64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ x86) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -91,7 +107,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -114,38 +129,17 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.13/alpine3.21/Dockerfile b/3.13/alpine3.21/Dockerfile
new file mode 100644
index 000000000..42837829e
--- /dev/null
+++ b/3.13/alpine3.21/Dockerfile
@@ -0,0 +1,145 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.21
+
+# ensure local python is preferred over distribution python
+ENV PATH /usr/local/bin:$PATH
+
+# runtime dependencies
+RUN set -eux; \
+ apk add --no-cache \
+ ca-certificates \
+ tzdata \
+ ;
+
+ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041
+
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ gnupg \
+ tar \
+ xz \
+ \
+ bluez-dev \
+ bzip2-dev \
+ dpkg-dev dpkg \
+ findutils \
+ gcc \
+ gdbm-dev \
+ libc-dev \
+ libffi-dev \
+ libnsl-dev \
+ libtirpc-dev \
+ linux-headers \
+ make \
+ ncurses-dev \
+ openssl-dev \
+ pax-utils \
+ readline-dev \
+ sqlite-dev \
+ tcl-dev \
+ tk \
+ tk-dev \
+ util-linux-dev \
+ xz-dev \
+ zlib-dev \
+ ; \
+ \
+ wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
+ wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
+ GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
+ gpg --batch --verify python.tar.xz.asc python.tar.xz; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" python.tar.xz.asc; \
+ mkdir -p /usr/src/python; \
+ tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
+ rm python.tar.xz; \
+ \
+ cd /usr/src/python; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ ./configure \
+ --build="$gnuArch" \
+ --enable-loadable-sqlite-extensions \
+ --enable-option-checking=fatal \
+ --enable-shared \
+ --with-lto \
+ --with-ensurepip \
+ ; \
+ nproc="$(nproc)"; \
+# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
+# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
+ EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
+ LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(apk --print-arch)"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ x86_64|aarch64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ x86) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
+ make -j "$nproc" \
+ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
+ "LDFLAGS=${LDFLAGS:-}" \
+ ; \
+# https://github.com/docker-library/python/issues/784
+# prevent accidental usage of a system installed libpython of the same version
+ rm python; \
+ make -j "$nproc" \
+ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
+ "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
+ python \
+ ; \
+ make install; \
+ \
+ cd /; \
+ rm -rf /usr/src/python; \
+ \
+ find /usr/local -depth \
+ \( \
+ \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
+ -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
+ \) -exec rm -rf '{}' + \
+ ; \
+ \
+ find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+ | xargs -rt apk add --no-network --virtual .python-rundeps \
+ ; \
+ apk del --no-network .build-deps; \
+ \
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
+
+# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
+RUN set -eux; \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
+ dst="$(echo "$src" | tr -d 3)"; \
+ [ -s "/usr/local/bin/$src" ]; \
+ [ ! -e "/usr/local/bin/$dst" ]; \
+ ln -svT "$src" "/usr/local/bin/$dst"; \
+ done
+
+CMD ["python3"]
diff --git a/3.13-rc/bookworm/Dockerfile b/3.13/bookworm/Dockerfile
similarity index 71%
rename from 3.13-rc/bookworm/Dockerfile
rename to 3.13/bookworm/Dockerfile
index a2406f875..21bfb2371 100644
--- a/3.13-rc/bookworm/Dockerfile
+++ b/3.13/bookworm/Dockerfile
@@ -20,11 +20,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.13.0b4
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -44,16 +46,32 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -61,7 +79,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -84,38 +101,17 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.13-rc/bullseye/Dockerfile b/3.13/bullseye/Dockerfile
similarity index 71%
rename from 3.13-rc/bullseye/Dockerfile
rename to 3.13/bullseye/Dockerfile
index 2243cb21a..17a2df6f7 100644
--- a/3.13-rc/bullseye/Dockerfile
+++ b/3.13/bullseye/Dockerfile
@@ -20,11 +20,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.13.0b4
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -44,16 +46,32 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -61,7 +79,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -84,38 +101,17 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.13-rc/slim-bookworm/Dockerfile b/3.13/slim-bookworm/Dockerfile
similarity index 73%
rename from 3.13-rc/slim-bookworm/Dockerfile
rename to 3.13/slim-bookworm/Dockerfile
index 2a4eb8912..2e20f91d3 100644
--- a/3.13-rc/slim-bookworm/Dockerfile
+++ b/3.13/slim-bookworm/Dockerfile
@@ -20,7 +20,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.13.0b4
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -51,6 +51,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -70,17 +71,33 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -88,7 +105,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -118,47 +134,17 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.13-rc/slim-bullseye/Dockerfile b/3.13/slim-bullseye/Dockerfile
similarity index 73%
rename from 3.13-rc/slim-bullseye/Dockerfile
rename to 3.13/slim-bullseye/Dockerfile
index 9c55b11de..1a1fd9b87 100644
--- a/3.13-rc/slim-bullseye/Dockerfile
+++ b/3.13/slim-bullseye/Dockerfile
@@ -20,7 +20,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY 7169605F62C751356D054A26A821E680E5FA6305
-ENV PYTHON_VERSION 3.13.0b4
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -51,6 +51,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -70,17 +71,33 @@ RUN set -eux; \
--enable-option-checking=fatal \
--enable-shared \
--with-lto \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -88,7 +105,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -118,47 +134,17 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.13-rc/windows/windowsservercore-1809/Dockerfile b/3.13/windows/windowsservercore-1809/Dockerfile
similarity index 63%
rename from 3.13-rc/windows/windowsservercore-1809/Dockerfile
rename to 3.13/windows/windowsservercore-1809/Dockerfile
index bdbbcf5b8..44eecbd41 100644
--- a/3.13-rc/windows/windowsservercore-1809/Dockerfile
+++ b/3.13/windows/windowsservercore-1809/Dockerfile
@@ -11,13 +11,20 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
# https://github.com/docker-library/python/pull/557
ENV PYTHONIOENCODING UTF-8
-ENV PYTHON_VERSION 3.13.0b4
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 698f2df46e1a3dd92f393458eea77bd94ef5ff21f0d5bf5cf676f3d28a9b4b6c
RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
Write-Host ('Downloading {0} ...' -f $url); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
\
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
Write-Host 'Installing ...'; \
# https://docs.python.org/3/using/windows.html#installing-without-ui
$exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
@@ -28,7 +35,7 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
'PrependPath=1', \
'Shortcuts=0', \
'Include_doc=0', \
- 'Include_pip=0', \
+ 'Include_pip=1', \
'Include_test=0' \
) \
).ExitCode; \
@@ -48,34 +55,8 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
Remove-Item python.exe -Force; \
Remove-Item $env:TEMP/Python*.log -Force; \
\
- Write-Host 'Complete.'
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN Write-Host ('Downloading get-pip.py ({0}) ...' -f $env:PYTHON_GET_PIP_URL); \
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
- Invoke-WebRequest -Uri $env:PYTHON_GET_PIP_URL -OutFile 'get-pip.py'; \
- Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_GET_PIP_SHA256); \
- if ((Get-FileHash 'get-pip.py' -Algorithm sha256).Hash -ne $env:PYTHON_GET_PIP_SHA256) { \
- Write-Host 'FAILED!'; \
- exit 1; \
- }; \
- \
$env:PYTHONDONTWRITEBYTECODE = '1'; \
\
- Write-Host ('Installing pip=={0} ...' -f $env:PYTHON_PIP_VERSION); \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- ('pip=={0}' -f $env:PYTHON_PIP_VERSION) \
- ; \
- Remove-Item get-pip.py -Force; \
- \
Write-Host 'Verifying pip install ...'; \
pip --version; \
\
diff --git a/3.13-rc/windows/windowsservercore-ltsc2022/Dockerfile b/3.13/windows/windowsservercore-ltsc2022/Dockerfile
similarity index 63%
rename from 3.13-rc/windows/windowsservercore-ltsc2022/Dockerfile
rename to 3.13/windows/windowsservercore-ltsc2022/Dockerfile
index 85cafa265..fd81d6410 100644
--- a/3.13-rc/windows/windowsservercore-ltsc2022/Dockerfile
+++ b/3.13/windows/windowsservercore-ltsc2022/Dockerfile
@@ -11,13 +11,20 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
# https://github.com/docker-library/python/pull/557
ENV PYTHONIOENCODING UTF-8
-ENV PYTHON_VERSION 3.13.0b4
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 698f2df46e1a3dd92f393458eea77bd94ef5ff21f0d5bf5cf676f3d28a9b4b6c
RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
Write-Host ('Downloading {0} ...' -f $url); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
\
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
Write-Host 'Installing ...'; \
# https://docs.python.org/3/using/windows.html#installing-without-ui
$exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
@@ -28,7 +35,7 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
'PrependPath=1', \
'Shortcuts=0', \
'Include_doc=0', \
- 'Include_pip=0', \
+ 'Include_pip=1', \
'Include_test=0' \
) \
).ExitCode; \
@@ -48,34 +55,8 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
Remove-Item python.exe -Force; \
Remove-Item $env:TEMP/Python*.log -Force; \
\
- Write-Host 'Complete.'
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.1.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN Write-Host ('Downloading get-pip.py ({0}) ...' -f $env:PYTHON_GET_PIP_URL); \
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
- Invoke-WebRequest -Uri $env:PYTHON_GET_PIP_URL -OutFile 'get-pip.py'; \
- Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_GET_PIP_SHA256); \
- if ((Get-FileHash 'get-pip.py' -Algorithm sha256).Hash -ne $env:PYTHON_GET_PIP_SHA256) { \
- Write-Host 'FAILED!'; \
- exit 1; \
- }; \
- \
$env:PYTHONDONTWRITEBYTECODE = '1'; \
\
- Write-Host ('Installing pip=={0} ...' -f $env:PYTHON_PIP_VERSION); \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- ('pip=={0}' -f $env:PYTHON_PIP_VERSION) \
- ; \
- Remove-Item get-pip.py -Force; \
- \
Write-Host 'Verifying pip install ...'; \
pip --version; \
\
diff --git a/3.13/windows/windowsservercore-ltsc2025/Dockerfile b/3.13/windows/windowsservercore-ltsc2025/Dockerfile
new file mode 100644
index 000000000..2f1c1813c
--- /dev/null
+++ b/3.13/windows/windowsservercore-ltsc2025/Dockerfile
@@ -0,0 +1,65 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM mcr.microsoft.com/windows/servercore:ltsc2025
+
+SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+
+# https://github.com/docker-library/python/pull/557
+ENV PYTHONIOENCODING UTF-8
+
+ENV PYTHON_VERSION 3.13.3
+ENV PYTHON_SHA256 698f2df46e1a3dd92f393458eea77bd94ef5ff21f0d5bf5cf676f3d28a9b4b6c
+
+RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
+ Write-Host ('Downloading {0} ...' -f $url); \
+ [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
+ Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
+ \
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
+ Write-Host 'Installing ...'; \
+# https://docs.python.org/3/using/windows.html#installing-without-ui
+ $exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
+ -ArgumentList @( \
+ '/quiet', \
+ 'InstallAllUsers=1', \
+ 'TargetDir=C:\Python', \
+ 'PrependPath=1', \
+ 'Shortcuts=0', \
+ 'Include_doc=0', \
+ 'Include_pip=1', \
+ 'Include_test=0' \
+ ) \
+ ).ExitCode; \
+ if ($exitCode -ne 0) { \
+ Write-Host ('Running python installer failed with exit code: {0}' -f $exitCode); \
+ Get-ChildItem $env:TEMP | Sort-Object -Descending -Property LastWriteTime | Select-Object -First 1 | Get-Content; \
+ exit $exitCode; \
+ } \
+ \
+# the installer updated PATH, so we should refresh our local value
+ $env:PATH = [Environment]::GetEnvironmentVariable('PATH', [EnvironmentVariableTarget]::Machine); \
+ \
+ Write-Host 'Verifying install ...'; \
+ Write-Host ' python --version'; python --version; \
+ \
+ Write-Host 'Removing ...'; \
+ Remove-Item python.exe -Force; \
+ Remove-Item $env:TEMP/Python*.log -Force; \
+ \
+ $env:PYTHONDONTWRITEBYTECODE = '1'; \
+ \
+ Write-Host 'Verifying pip install ...'; \
+ pip --version; \
+ \
+ Write-Host 'Complete.'
+
+CMD ["python"]
diff --git a/3.14-rc/alpine3.20/Dockerfile b/3.14-rc/alpine3.20/Dockerfile
new file mode 100644
index 000000000..c90a9b7e6
--- /dev/null
+++ b/3.14-rc/alpine3.20/Dockerfile
@@ -0,0 +1,138 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.20
+
+# ensure local python is preferred over distribution python
+ENV PATH /usr/local/bin:$PATH
+
+# runtime dependencies
+RUN set -eux; \
+ apk add --no-cache \
+ ca-certificates \
+ tzdata \
+ ;
+
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 71adbcec3ac9edf93308e55cfb4184f2eb4b16fda2bb0a5a382929ed29c8386d
+
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ gnupg \
+ tar \
+ xz \
+ \
+ bluez-dev \
+ bzip2-dev \
+ dpkg-dev dpkg \
+ findutils \
+ gcc \
+ gdbm-dev \
+ libc-dev \
+ libffi-dev \
+ libnsl-dev \
+ libtirpc-dev \
+ linux-headers \
+ make \
+ ncurses-dev \
+ openssl-dev \
+ pax-utils \
+ readline-dev \
+ sqlite-dev \
+ tcl-dev \
+ tk \
+ tk-dev \
+ util-linux-dev \
+ xz-dev \
+ zlib-dev \
+ ; \
+ \
+ wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
+ mkdir -p /usr/src/python; \
+ tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
+ rm python.tar.xz; \
+ \
+ cd /usr/src/python; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ ./configure \
+ --build="$gnuArch" \
+ --enable-loadable-sqlite-extensions \
+ --enable-option-checking=fatal \
+ --enable-shared \
+ --with-lto \
+ --with-ensurepip \
+ ; \
+ nproc="$(nproc)"; \
+# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
+# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
+ EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
+ LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(apk --print-arch)"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ x86_64|aarch64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ x86) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
+ make -j "$nproc" \
+ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
+ "LDFLAGS=${LDFLAGS:-}" \
+ ; \
+# https://github.com/docker-library/python/issues/784
+# prevent accidental usage of a system installed libpython of the same version
+ rm python; \
+ make -j "$nproc" \
+ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
+ "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
+ python \
+ ; \
+ make install; \
+ \
+ cd /; \
+ rm -rf /usr/src/python; \
+ \
+ find /usr/local -depth \
+ \( \
+ \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
+ -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
+ \) -exec rm -rf '{}' + \
+ ; \
+ \
+ find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+ | xargs -rt apk add --no-network --virtual .python-rundeps \
+ ; \
+ apk del --no-network .build-deps; \
+ \
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
+
+# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
+RUN set -eux; \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
+ dst="$(echo "$src" | tr -d 3)"; \
+ [ -s "/usr/local/bin/$src" ]; \
+ [ ! -e "/usr/local/bin/$dst" ]; \
+ ln -svT "$src" "/usr/local/bin/$dst"; \
+ done
+
+CMD ["python3"]
diff --git a/3.14-rc/alpine3.21/Dockerfile b/3.14-rc/alpine3.21/Dockerfile
new file mode 100644
index 000000000..667014ebf
--- /dev/null
+++ b/3.14-rc/alpine3.21/Dockerfile
@@ -0,0 +1,138 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM alpine:3.21
+
+# ensure local python is preferred over distribution python
+ENV PATH /usr/local/bin:$PATH
+
+# runtime dependencies
+RUN set -eux; \
+ apk add --no-cache \
+ ca-certificates \
+ tzdata \
+ ;
+
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 71adbcec3ac9edf93308e55cfb4184f2eb4b16fda2bb0a5a382929ed29c8386d
+
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .build-deps \
+ gnupg \
+ tar \
+ xz \
+ \
+ bluez-dev \
+ bzip2-dev \
+ dpkg-dev dpkg \
+ findutils \
+ gcc \
+ gdbm-dev \
+ libc-dev \
+ libffi-dev \
+ libnsl-dev \
+ libtirpc-dev \
+ linux-headers \
+ make \
+ ncurses-dev \
+ openssl-dev \
+ pax-utils \
+ readline-dev \
+ sqlite-dev \
+ tcl-dev \
+ tk \
+ tk-dev \
+ util-linux-dev \
+ xz-dev \
+ zlib-dev \
+ ; \
+ \
+ wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
+ mkdir -p /usr/src/python; \
+ tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
+ rm python.tar.xz; \
+ \
+ cd /usr/src/python; \
+ gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
+ ./configure \
+ --build="$gnuArch" \
+ --enable-loadable-sqlite-extensions \
+ --enable-option-checking=fatal \
+ --enable-shared \
+ --with-lto \
+ --with-ensurepip \
+ ; \
+ nproc="$(nproc)"; \
+# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
+# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
+ EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
+ LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(apk --print-arch)"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ x86_64|aarch64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ x86) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
+ make -j "$nproc" \
+ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
+ "LDFLAGS=${LDFLAGS:-}" \
+ ; \
+# https://github.com/docker-library/python/issues/784
+# prevent accidental usage of a system installed libpython of the same version
+ rm python; \
+ make -j "$nproc" \
+ "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
+ "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
+ python \
+ ; \
+ make install; \
+ \
+ cd /; \
+ rm -rf /usr/src/python; \
+ \
+ find /usr/local -depth \
+ \( \
+ \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
+ -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
+ \) -exec rm -rf '{}' + \
+ ; \
+ \
+ find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \
+ | tr ',' '\n' \
+ | sort -u \
+ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+ | xargs -rt apk add --no-network --virtual .python-rundeps \
+ ; \
+ apk del --no-network .build-deps; \
+ \
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
+
+# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
+RUN set -eux; \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
+ dst="$(echo "$src" | tr -d 3)"; \
+ [ -s "/usr/local/bin/$src" ]; \
+ [ ! -e "/usr/local/bin/$dst" ]; \
+ ln -svT "$src" "/usr/local/bin/$dst"; \
+ done
+
+CMD ["python3"]
diff --git a/3.8/bookworm/Dockerfile b/3.14-rc/bookworm/Dockerfile
similarity index 57%
rename from 3.8/bookworm/Dockerfile
rename to 3.14-rc/bookworm/Dockerfile
index de736cf3a..422f4857f 100644
--- a/3.8/bookworm/Dockerfile
+++ b/3.14-rc/bookworm/Dockerfile
@@ -9,11 +9,6 @@ FROM buildpack-deps:bookworm
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
-# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
-# last attempted removal of LANG broke many users:
-# https://github.com/docker-library/python/pull/570
-ENV LANG C.UTF-8
-
# runtime dependencies
RUN set -eux; \
apt-get update; \
@@ -24,18 +19,13 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.8.19
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 71adbcec3ac9edf93308e55cfb4184f2eb4b16fda2bb0a5a382929ed29c8386d
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
- wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
- GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
- gpg --batch --verify python.tar.xz.asc python.tar.xz; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" python.tar.xz.asc; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
mkdir -p /usr/src/python; \
tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
rm python.tar.xz; \
@@ -48,16 +38,33 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-lto \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -65,7 +72,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -83,47 +89,22 @@ RUN set -eux; \
\( \
\( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
-o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
- -o \( -type f -a -name 'wininst-*.exe' \) \
\) -exec rm -rf '{}' + \
; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 57.5.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.8/bullseye/Dockerfile b/3.14-rc/bullseye/Dockerfile
similarity index 57%
rename from 3.8/bullseye/Dockerfile
rename to 3.14-rc/bullseye/Dockerfile
index cf7ac01b5..fa88cc23b 100644
--- a/3.8/bullseye/Dockerfile
+++ b/3.14-rc/bullseye/Dockerfile
@@ -9,11 +9,6 @@ FROM buildpack-deps:bullseye
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
-# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
-# last attempted removal of LANG broke many users:
-# https://github.com/docker-library/python/pull/570
-ENV LANG C.UTF-8
-
# runtime dependencies
RUN set -eux; \
apt-get update; \
@@ -24,18 +19,13 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.8.19
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 71adbcec3ac9edf93308e55cfb4184f2eb4b16fda2bb0a5a382929ed29c8386d
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
- wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
- GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
- gpg --batch --verify python.tar.xz.asc python.tar.xz; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" python.tar.xz.asc; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
mkdir -p /usr/src/python; \
tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
rm python.tar.xz; \
@@ -48,16 +38,33 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-lto \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -65,7 +72,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -83,47 +89,22 @@ RUN set -eux; \
\( \
\( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
-o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
- -o \( -type f -a -name 'wininst-*.exe' \) \
\) -exec rm -rf '{}' + \
; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 57.5.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.8/slim-bookworm/Dockerfile b/3.14-rc/slim-bookworm/Dockerfile
similarity index 59%
rename from 3.8/slim-bookworm/Dockerfile
rename to 3.14-rc/slim-bookworm/Dockerfile
index 715265a74..ce1fc8f3d 100644
--- a/3.8/slim-bookworm/Dockerfile
+++ b/3.14-rc/slim-bookworm/Dockerfile
@@ -9,11 +9,6 @@ FROM debian:bookworm-slim
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
-# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
-# last attempted removal of LANG broke many users:
-# https://github.com/docker-library/python/pull/570
-ENV LANG C.UTF-8
-
# runtime dependencies
RUN set -eux; \
apt-get update; \
@@ -24,8 +19,8 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.8.19
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 71adbcec3ac9edf93308e55cfb4184f2eb4b16fda2bb0a5a382929ed29c8386d
RUN set -eux; \
\
@@ -39,7 +34,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,12 +50,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
- wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
- GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
- gpg --batch --verify python.tar.xz.asc python.tar.xz; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" python.tar.xz.asc; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
mkdir -p /usr/src/python; \
tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
rm python.tar.xz; \
@@ -74,17 +63,34 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-lto \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -92,7 +98,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -104,7 +109,6 @@ RUN set -eux; \
\( \
\( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
-o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
- -o \( -type f -a -name 'wininst-*.exe' \) \
\) -exec rm -rf '{}' + \
; \
\
@@ -123,50 +127,17 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 57.5.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.8/slim-bullseye/Dockerfile b/3.14-rc/slim-bullseye/Dockerfile
similarity index 59%
rename from 3.8/slim-bullseye/Dockerfile
rename to 3.14-rc/slim-bullseye/Dockerfile
index f1535b2bc..166362488 100644
--- a/3.8/slim-bullseye/Dockerfile
+++ b/3.14-rc/slim-bullseye/Dockerfile
@@ -9,11 +9,6 @@ FROM debian:bullseye-slim
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
-# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
-# last attempted removal of LANG broke many users:
-# https://github.com/docker-library/python/pull/570
-ENV LANG C.UTF-8
-
# runtime dependencies
RUN set -eux; \
apt-get update; \
@@ -24,8 +19,8 @@ RUN set -eux; \
; \
rm -rf /var/lib/apt/lists/*
-ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.8.19
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 71adbcec3ac9edf93308e55cfb4184f2eb4b16fda2bb0a5a382929ed29c8386d
RUN set -eux; \
\
@@ -39,7 +34,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,12 +50,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
- wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
- GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
- gpg --batch --verify python.tar.xz.asc python.tar.xz; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" python.tar.xz.asc; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
mkdir -p /usr/src/python; \
tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
rm python.tar.xz; \
@@ -74,17 +63,34 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-lto \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+ amd64|arm64) \
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+ i386) \
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -92,7 +98,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -104,7 +109,6 @@ RUN set -eux; \
\( \
\( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
-o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
- -o \( -type f -a -name 'wininst-*.exe' \) \
\) -exec rm -rf '{}' + \
; \
\
@@ -123,50 +127,17 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 57.5.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.11/windows/windowsservercore-1809/Dockerfile b/3.14-rc/windows/windowsservercore-1809/Dockerfile
similarity index 60%
rename from 3.11/windows/windowsservercore-1809/Dockerfile
rename to 3.14-rc/windows/windowsservercore-1809/Dockerfile
index 6a7ba02a5..74bba95e6 100644
--- a/3.11/windows/windowsservercore-1809/Dockerfile
+++ b/3.14-rc/windows/windowsservercore-1809/Dockerfile
@@ -11,13 +11,20 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
# https://github.com/docker-library/python/pull/557
ENV PYTHONIOENCODING UTF-8
-ENV PYTHON_VERSION 3.11.9
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 944e24cde04e4067ae728578afc8fbc78d9a0d735e9c9348720c857d61bd8e1e
RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
Write-Host ('Downloading {0} ...' -f $url); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
\
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
Write-Host 'Installing ...'; \
# https://docs.python.org/3/using/windows.html#installing-without-ui
$exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
@@ -28,7 +35,7 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
'PrependPath=1', \
'Shortcuts=0', \
'Include_doc=0', \
- 'Include_pip=0', \
+ 'Include_pip=1', \
'Include_test=0' \
) \
).ExitCode; \
@@ -48,37 +55,8 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
Remove-Item python.exe -Force; \
Remove-Item $env:TEMP/Python*.log -Force; \
\
- Write-Host 'Complete.'
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN Write-Host ('Downloading get-pip.py ({0}) ...' -f $env:PYTHON_GET_PIP_URL); \
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
- Invoke-WebRequest -Uri $env:PYTHON_GET_PIP_URL -OutFile 'get-pip.py'; \
- Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_GET_PIP_SHA256); \
- if ((Get-FileHash 'get-pip.py' -Algorithm sha256).Hash -ne $env:PYTHON_GET_PIP_SHA256) { \
- Write-Host 'FAILED!'; \
- exit 1; \
- }; \
- \
$env:PYTHONDONTWRITEBYTECODE = '1'; \
\
- Write-Host ('Installing pip=={0} ...' -f $env:PYTHON_PIP_VERSION); \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- ('pip=={0}' -f $env:PYTHON_PIP_VERSION) \
- ('setuptools=={0}' -f $env:PYTHON_SETUPTOOLS_VERSION) \
- ; \
- Remove-Item get-pip.py -Force; \
- \
Write-Host 'Verifying pip install ...'; \
pip --version; \
\
diff --git a/3.11/windows/windowsservercore-ltsc2022/Dockerfile b/3.14-rc/windows/windowsservercore-ltsc2022/Dockerfile
similarity index 60%
rename from 3.11/windows/windowsservercore-ltsc2022/Dockerfile
rename to 3.14-rc/windows/windowsservercore-ltsc2022/Dockerfile
index c8f45026c..c32811229 100644
--- a/3.11/windows/windowsservercore-ltsc2022/Dockerfile
+++ b/3.14-rc/windows/windowsservercore-ltsc2022/Dockerfile
@@ -11,13 +11,20 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
# https://github.com/docker-library/python/pull/557
ENV PYTHONIOENCODING UTF-8
-ENV PYTHON_VERSION 3.11.9
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 944e24cde04e4067ae728578afc8fbc78d9a0d735e9c9348720c857d61bd8e1e
RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
Write-Host ('Downloading {0} ...' -f $url); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
\
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
Write-Host 'Installing ...'; \
# https://docs.python.org/3/using/windows.html#installing-without-ui
$exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
@@ -28,7 +35,7 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
'PrependPath=1', \
'Shortcuts=0', \
'Include_doc=0', \
- 'Include_pip=0', \
+ 'Include_pip=1', \
'Include_test=0' \
) \
).ExitCode; \
@@ -48,37 +55,8 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
Remove-Item python.exe -Force; \
Remove-Item $env:TEMP/Python*.log -Force; \
\
- Write-Host 'Complete.'
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 24.0
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 65.5.1
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN Write-Host ('Downloading get-pip.py ({0}) ...' -f $env:PYTHON_GET_PIP_URL); \
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
- Invoke-WebRequest -Uri $env:PYTHON_GET_PIP_URL -OutFile 'get-pip.py'; \
- Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_GET_PIP_SHA256); \
- if ((Get-FileHash 'get-pip.py' -Algorithm sha256).Hash -ne $env:PYTHON_GET_PIP_SHA256) { \
- Write-Host 'FAILED!'; \
- exit 1; \
- }; \
- \
$env:PYTHONDONTWRITEBYTECODE = '1'; \
\
- Write-Host ('Installing pip=={0} ...' -f $env:PYTHON_PIP_VERSION); \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- ('pip=={0}' -f $env:PYTHON_PIP_VERSION) \
- ('setuptools=={0}' -f $env:PYTHON_SETUPTOOLS_VERSION) \
- ; \
- Remove-Item get-pip.py -Force; \
- \
Write-Host 'Verifying pip install ...'; \
pip --version; \
\
diff --git a/3.14-rc/windows/windowsservercore-ltsc2025/Dockerfile b/3.14-rc/windows/windowsservercore-ltsc2025/Dockerfile
new file mode 100644
index 000000000..8845be9da
--- /dev/null
+++ b/3.14-rc/windows/windowsservercore-ltsc2025/Dockerfile
@@ -0,0 +1,65 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
+FROM mcr.microsoft.com/windows/servercore:ltsc2025
+
+SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
+
+# https://github.com/docker-library/python/pull/557
+ENV PYTHONIOENCODING UTF-8
+
+ENV PYTHON_VERSION 3.14.0a7
+ENV PYTHON_SHA256 944e24cde04e4067ae728578afc8fbc78d9a0d735e9c9348720c857d61bd8e1e
+
+RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
+ Write-Host ('Downloading {0} ...' -f $url); \
+ [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
+ Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
+ \
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+ \
+ Write-Host 'Installing ...'; \
+# https://docs.python.org/3/using/windows.html#installing-without-ui
+ $exitCode = (Start-Process python.exe -Wait -NoNewWindow -PassThru \
+ -ArgumentList @( \
+ '/quiet', \
+ 'InstallAllUsers=1', \
+ 'TargetDir=C:\Python', \
+ 'PrependPath=1', \
+ 'Shortcuts=0', \
+ 'Include_doc=0', \
+ 'Include_pip=1', \
+ 'Include_test=0' \
+ ) \
+ ).ExitCode; \
+ if ($exitCode -ne 0) { \
+ Write-Host ('Running python installer failed with exit code: {0}' -f $exitCode); \
+ Get-ChildItem $env:TEMP | Sort-Object -Descending -Property LastWriteTime | Select-Object -First 1 | Get-Content; \
+ exit $exitCode; \
+ } \
+ \
+# the installer updated PATH, so we should refresh our local value
+ $env:PATH = [Environment]::GetEnvironmentVariable('PATH', [EnvironmentVariableTarget]::Machine); \
+ \
+ Write-Host 'Verifying install ...'; \
+ Write-Host ' python --version'; python --version; \
+ \
+ Write-Host 'Removing ...'; \
+ Remove-Item python.exe -Force; \
+ Remove-Item $env:TEMP/Python*.log -Force; \
+ \
+ $env:PYTHONDONTWRITEBYTECODE = '1'; \
+ \
+ Write-Host 'Verifying pip install ...'; \
+ pip --version; \
+ \
+ Write-Host 'Complete.'
+
+CMD ["python"]
diff --git a/3.8/alpine3.19/Dockerfile b/3.8/alpine3.19/Dockerfile
deleted file mode 100644
index 1f53fd959..000000000
--- a/3.8/alpine3.19/Dockerfile
+++ /dev/null
@@ -1,159 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM alpine:3.19
-
-# ensure local python is preferred over distribution python
-ENV PATH /usr/local/bin:$PATH
-
-# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
-# last attempted removal of LANG broke many users:
-# https://github.com/docker-library/python/pull/570
-ENV LANG C.UTF-8
-
-# runtime dependencies
-RUN set -eux; \
- apk add --no-cache \
- ca-certificates \
- tzdata \
- ;
-
-ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.8.19
-
-RUN set -eux; \
- \
- apk add --no-cache --virtual .build-deps \
- gnupg \
- tar \
- xz \
- \
- bluez-dev \
- bzip2-dev \
- dpkg-dev dpkg \
- expat-dev \
- findutils \
- gcc \
- gdbm-dev \
- libc-dev \
- libffi-dev \
- libnsl-dev \
- libtirpc-dev \
- linux-headers \
- make \
- ncurses-dev \
- openssl-dev \
- pax-utils \
- readline-dev \
- sqlite-dev \
- tcl-dev \
- tk \
- tk-dev \
- util-linux-dev \
- xz-dev \
- zlib-dev \
- ; \
- \
- wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
- wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
- GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
- gpg --batch --verify python.tar.xz.asc python.tar.xz; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" python.tar.xz.asc; \
- mkdir -p /usr/src/python; \
- tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
- rm python.tar.xz; \
- \
- cd /usr/src/python; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
- ./configure \
- --build="$gnuArch" \
- --enable-loadable-sqlite-extensions \
- --enable-optimizations \
- --enable-option-checking=fatal \
- --enable-shared \
- --with-system-expat \
- --without-ensurepip \
- ; \
- nproc="$(nproc)"; \
-# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
-# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
- EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
- LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
- make -j "$nproc" \
- "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
- "LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
- ; \
-# https://github.com/docker-library/python/issues/784
-# prevent accidental usage of a system installed libpython of the same version
- rm python; \
- make -j "$nproc" \
- "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
- "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
- python \
- ; \
- make install; \
- \
- cd /; \
- rm -rf /usr/src/python; \
- \
- find /usr/local -depth \
- \( \
- \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
- -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
- -o \( -type f -a -name 'wininst-*.exe' \) \
- \) -exec rm -rf '{}' + \
- ; \
- \
- find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \
- | tr ',' '\n' \
- | sort -u \
- | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
- | xargs -rt apk add --no-network --virtual .python-rundeps \
- ; \
- apk del --no-network .build-deps; \
- \
- python3 --version
-
-# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
-RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
- dst="$(echo "$src" | tr -d 3)"; \
- [ -s "/usr/local/bin/$src" ]; \
- [ ! -e "/usr/local/bin/$dst" ]; \
- ln -svT "$src" "/usr/local/bin/$dst"; \
- done
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 57.5.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
-CMD ["python3"]
diff --git a/3.8/alpine3.20/Dockerfile b/3.8/alpine3.20/Dockerfile
deleted file mode 100644
index 17c80943c..000000000
--- a/3.8/alpine3.20/Dockerfile
+++ /dev/null
@@ -1,159 +0,0 @@
-#
-# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
-#
-# PLEASE DO NOT EDIT IT DIRECTLY.
-#
-
-FROM alpine:3.20
-
-# ensure local python is preferred over distribution python
-ENV PATH /usr/local/bin:$PATH
-
-# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
-# last attempted removal of LANG broke many users:
-# https://github.com/docker-library/python/pull/570
-ENV LANG C.UTF-8
-
-# runtime dependencies
-RUN set -eux; \
- apk add --no-cache \
- ca-certificates \
- tzdata \
- ;
-
-ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.8.19
-
-RUN set -eux; \
- \
- apk add --no-cache --virtual .build-deps \
- gnupg \
- tar \
- xz \
- \
- bluez-dev \
- bzip2-dev \
- dpkg-dev dpkg \
- expat-dev \
- findutils \
- gcc \
- gdbm-dev \
- libc-dev \
- libffi-dev \
- libnsl-dev \
- libtirpc-dev \
- linux-headers \
- make \
- ncurses-dev \
- openssl-dev \
- pax-utils \
- readline-dev \
- sqlite-dev \
- tcl-dev \
- tk \
- tk-dev \
- util-linux-dev \
- xz-dev \
- zlib-dev \
- ; \
- \
- wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
- wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
- GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
- gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
- gpg --batch --verify python.tar.xz.asc python.tar.xz; \
- gpgconf --kill all; \
- rm -rf "$GNUPGHOME" python.tar.xz.asc; \
- mkdir -p /usr/src/python; \
- tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
- rm python.tar.xz; \
- \
- cd /usr/src/python; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
- ./configure \
- --build="$gnuArch" \
- --enable-loadable-sqlite-extensions \
- --enable-optimizations \
- --enable-option-checking=fatal \
- --enable-shared \
- --with-system-expat \
- --without-ensurepip \
- ; \
- nproc="$(nproc)"; \
-# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
-# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0
- EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; \
- LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
- make -j "$nproc" \
- "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
- "LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
- ; \
-# https://github.com/docker-library/python/issues/784
-# prevent accidental usage of a system installed libpython of the same version
- rm python; \
- make -j "$nproc" \
- "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
- "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
- python \
- ; \
- make install; \
- \
- cd /; \
- rm -rf /usr/src/python; \
- \
- find /usr/local -depth \
- \( \
- \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
- -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
- -o \( -type f -a -name 'wininst-*.exe' \) \
- \) -exec rm -rf '{}' + \
- ; \
- \
- find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \
- | tr ',' '\n' \
- | sort -u \
- | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
- | xargs -rt apk add --no-network --virtual .python-rundeps \
- ; \
- apk del --no-network .build-deps; \
- \
- python3 --version
-
-# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
-RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
- dst="$(echo "$src" | tr -d 3)"; \
- [ -s "/usr/local/bin/$src" ]; \
- [ ! -e "/usr/local/bin/$dst" ]; \
- ln -svT "$src" "/usr/local/bin/$dst"; \
- done
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 57.5.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
-CMD ["python3"]
diff --git a/3.9/alpine3.20/Dockerfile b/3.9/alpine3.20/Dockerfile
index 1277007df..35e8fef9c 100644
--- a/3.9/alpine3.20/Dockerfile
+++ b/3.9/alpine3.20/Dockerfile
@@ -22,7 +22,8 @@ RUN set -eux; \
;
ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.9.19
+ENV PYTHON_VERSION 3.9.22
+ENV PYTHON_SHA256 8c136d199d3637a1fce98a16adc809c1d83c922d02d41f3614b34f8b6e7d38ec
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -58,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -73,11 +74,9 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- --enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
@@ -87,7 +86,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -95,7 +93,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -118,41 +115,26 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==58.1.0' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 58.1.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.9/alpine3.19/Dockerfile b/3.9/alpine3.21/Dockerfile
similarity index 77%
rename from 3.9/alpine3.19/Dockerfile
rename to 3.9/alpine3.21/Dockerfile
index 85fd8e7f5..a5f0d963f 100644
--- a/3.9/alpine3.19/Dockerfile
+++ b/3.9/alpine3.21/Dockerfile
@@ -4,7 +4,7 @@
# PLEASE DO NOT EDIT IT DIRECTLY.
#
-FROM alpine:3.19
+FROM alpine:3.21
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
@@ -22,7 +22,8 @@ RUN set -eux; \
;
ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.9.19
+ENV PYTHON_VERSION 3.9.22
+ENV PYTHON_SHA256 8c136d199d3637a1fce98a16adc809c1d83c922d02d41f3614b34f8b6e7d38ec
RUN set -eux; \
\
@@ -34,7 +35,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -58,6 +58,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -73,11 +74,9 @@ RUN set -eux; \
./configure \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
- --enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit()
@@ -87,7 +86,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -95,7 +93,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -118,41 +115,26 @@ RUN set -eux; \
; \
apk del --no-network .build-deps; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==58.1.0' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 58.1.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.9/bookworm/Dockerfile b/3.9/bookworm/Dockerfile
index fee64ea24..98de1f753 100644
--- a/3.9/bookworm/Dockerfile
+++ b/3.9/bookworm/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.9.19
+ENV PYTHON_VERSION 3.9.22
+ENV PYTHON_SHA256 8c136d199d3637a1fce98a16adc809c1d83c922d02d41f3614b34f8b6e7d38ec
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -48,8 +50,7 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -57,7 +58,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -65,7 +65,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -88,41 +87,26 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==58.1.0' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 58.1.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.9/bullseye/Dockerfile b/3.9/bullseye/Dockerfile
index 2076c3668..afc057b96 100644
--- a/3.9/bullseye/Dockerfile
+++ b/3.9/bullseye/Dockerfile
@@ -25,11 +25,13 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.9.19
+ENV PYTHON_VERSION 3.9.22
+ENV PYTHON_SHA256 8c136d199d3637a1fce98a16adc809c1d83c922d02d41f3614b34f8b6e7d38ec
RUN set -eux; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -48,8 +50,7 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -57,7 +58,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -65,7 +65,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -88,41 +87,26 @@ RUN set -eux; \
\
ldconfig; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==58.1.0' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 58.1.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.9/slim-bookworm/Dockerfile b/3.9/slim-bookworm/Dockerfile
index 30e44e95a..19b1b68ce 100644
--- a/3.9/slim-bookworm/Dockerfile
+++ b/3.9/slim-bookworm/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.9.19
+ENV PYTHON_VERSION 3.9.22
+ENV PYTHON_SHA256 8c136d199d3637a1fce98a16adc809c1d83c922d02d41f3614b34f8b6e7d38ec
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -74,8 +75,7 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -84,7 +84,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -92,7 +91,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -122,50 +120,26 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==58.1.0' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 58.1.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/3.9/slim-bullseye/Dockerfile b/3.9/slim-bullseye/Dockerfile
index 5e6517b00..ed73ba93a 100644
--- a/3.9/slim-bullseye/Dockerfile
+++ b/3.9/slim-bullseye/Dockerfile
@@ -25,7 +25,8 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568
-ENV PYTHON_VERSION 3.9.19
+ENV PYTHON_VERSION 3.9.22
+ENV PYTHON_SHA256 8c136d199d3637a1fce98a16adc809c1d83c922d02d41f3614b34f8b6e7d38ec
RUN set -eux; \
\
@@ -39,7 +40,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -56,6 +56,7 @@ RUN set -eux; \
; \
\
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
@@ -74,8 +75,7 @@ RUN set -eux; \
--enable-optimizations \
--enable-option-checking=fatal \
--enable-shared \
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
@@ -84,7 +84,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -92,7 +91,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -122,50 +120,26 @@ RUN set -eux; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*; \
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ 'setuptools==58.1.0' \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION 23.0.1
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION 58.1.0
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py
-ENV PYTHON_GET_PIP_SHA256 ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7
-
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/Dockerfile-linux.template b/Dockerfile-linux.template
index 456a31de3..7c62579cf 100644
--- a/Dockerfile-linux.template
+++ b/Dockerfile-linux.template
@@ -19,7 +19,7 @@ FROM buildpack-deps:{{ env.variant }}
# ensure local python is preferred over distribution python
ENV PATH /usr/local/bin:$PATH
-{{ if [ "3.8", "3.9", "3.10", "3.11", "3.12" ] | index(rcVersion) then ( -}}
+{{ if rcVersion | IN("3.9", "3.10", "3.11", "3.12") then ( -}}
{{ # only set LANG on versions less than 3.13 -}}
# cannot remove LANG even though https://bugs.python.org/issue19846 is fixed
# last attempted removal of LANG broke many users:
@@ -51,34 +51,42 @@ RUN set -eux; \
rm -rf /var/lib/apt/lists/*
{{ ) end -}}
+{{
+ def should_pgp:
+ # https://github.com/docker-library/python/issues/977
+ # https://peps.python.org/pep-0761/
+ # https://discuss.python.org/t/pep-761-deprecating-pgp-signatures-for-cpython-artifacts/67180
+ rcVersion | IN("3.9", "3.10", "3.11", "3.12", "3.13")
+-}}
+{{ if should_pgp then ( -}}
ENV GPG_KEY {{
{
- # gpg: key B26995E310250568: public key "\xc5\x81ukasz Langa (GPG langa.pl) <lukasz@langa.pl>" imported
- "3.8": "E3FF2839C048B25C084DEBE9B26995E310250568",
- # https://www.python.org/dev/peps/pep-0569/#release-manager-and-crew
-
# gpg: key B26995E310250568: public key "\xc5\x81ukasz Langa (GPG langa.pl) <lukasz@langa.pl>" imported
"3.9": "E3FF2839C048B25C084DEBE9B26995E310250568",
- # https://www.python.org/dev/peps/pep-0596/#release-manager-and-crew
+ # https://peps.python.org/pep-0596/#release-manager-and-crew
# gpg: key 64E628F8D684696D: public key "Pablo Galindo Salgado <pablogsal@gmail.com>" imported
"3.10": "A035C8C19219BA821ECEA86B64E628F8D684696D",
- # https://www.python.org/dev/peps/pep-0619/#release-manager-and-crew
+ # https://peps.python.org/pep-0619/#release-manager-and-crew
# gpg: key 64E628F8D684696D: public key "Pablo Galindo Salgado <pablogsal@gmail.com>" imported
"3.11": "A035C8C19219BA821ECEA86B64E628F8D684696D",
- # https://www.python.org/dev/peps/pep-0664/#release-manager-and-crew
+ # https://peps.python.org/pep-0664/#release-manager-and-crew
# gpg: key A821E680E5FA6305: public key "Thomas Wouters <thomas@python.org>" imported
"3.12": "7169605F62C751356D054A26A821E680E5FA6305",
- # https://www.python.org/dev/peps/pep-0693/#release-manager-and-crew
+ # https://peps.python.org/pep-0693/#release-manager-and-crew
# gpg: key A821E680E5FA6305: public key "Thomas Wouters <thomas@python.org>" imported
"3.13": "7169605F62C751356D054A26A821E680E5FA6305",
# https://peps.python.org/pep-0719/#release-manager-and-crew
}[rcVersion]
}}
+{{ ) else "" end -}}
ENV PYTHON_VERSION {{ .version }}
+{{ if .checksums.source.sha256 then ( -}}
+ENV PYTHON_SHA256 {{ .checksums.source.sha256 }}
+{{ ) else "" end -}}
RUN set -eux; \
\
@@ -91,7 +99,6 @@ RUN set -eux; \
bluez-dev \
bzip2-dev \
dpkg-dev dpkg \
- expat-dev \
findutils \
gcc \
gdbm-dev \
@@ -125,7 +132,6 @@ RUN set -eux; \
libbz2-dev \
libc6-dev \
libdb-dev \
- libexpat1-dev \
libffi-dev \
libgdbm-dev \
liblzma-dev \
@@ -143,12 +149,17 @@ RUN set -eux; \
\
{{ ) else "" end -}}
wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; \
+{{ if .checksums.source.sha256 then ( -}}
+ echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; \
+{{ ) else "" end -}}
+{{ if should_pgp then ( -}}
wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; \
GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; \
gpg --batch --verify python.tar.xz.asc python.tar.xz; \
gpgconf --kill all; \
rm -rf "$GNUPGHOME" python.tar.xz.asc; \
+{{ ) else "" end -}}
mkdir -p /usr/src/python; \
tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; \
rm python.tar.xz; \
@@ -159,24 +170,21 @@ RUN set -eux; \
--build="$gnuArch" \
--enable-loadable-sqlite-extensions \
{{
- # skip optimizations on alpine on riscv64 (except python 3.8 and 3.9)
- # only 3.8 and 3.9 complete building on riscv64 with optimizations, 3.10-3.13rc all hit the 3 hour limit
- if (is_alpine | not) or ( [ "3.8", "3.9" ] | index(rcVersion) ) then (
+ # https://github.com/docker-library/python/pull/980 (fixing PGO runs tests that fail, but shouldn't)
+ # https://github.com/python/cpython/issues/90548 (alpine failures; not likely to be fixed any time soon)
+ if is_alpine then "" else (
-}}
--enable-optimizations \
-{{ ) else ( -}}
- $(test "$gnuArch" != 'riscv64-linux-musl' && echo '--enable-optimizations') \
{{ ) end -}}
--enable-option-checking=fatal \
--enable-shared \
{{
# <3.10 does not have -fno-semantic-interposition enabled and --with-lto does nothing for performance
- if [ "3.8", "3.9" ] | index(rcVersion) then "" else (
+ if rcVersion == "3.9" then "" else (
-}}
--with-lto \
{{ ) end -}}
- --with-system-expat \
- --without-ensurepip \
+ --with-ensurepip \
; \
nproc="$(nproc)"; \
{{ if is_alpine then ( -}}
@@ -190,10 +198,44 @@ RUN set -eux; \
{{ if is_slim or is_alpine then ( -}}
LDFLAGS="${LDFLAGS:--Wl},--strip-all"; \
{{ ) else "" end -}}
+{{
+ # Enabling frame-pointers only makes sense for Python 3.12 and newer as those have perf profiler support
+ if rcVersion | IN("3.9", "3.10", "3.11") then "" else (
+-}}
+{{ if is_alpine then ( -}}
+ arch="$(apk --print-arch)"; \
+{{ ) else ( -}}
+ arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; \
+{{ ) end -}}
+# https://docs.python.org/3.12/howto/perf_profiling.html
+# https://github.com/docker-library/python/pull/1000#issuecomment-2597021615
+ case "$arch" in \
+{{ if is_alpine then ( -}}
+ x86_64|aarch64) \
+{{ ) else ( -}}
+ amd64|arm64) \
+{{ ) end -}}
+ # only add "-mno-omit-leaf" on arches that support it
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/x86-Options.html#index-momit-leaf-frame-pointer-2
+ # https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/AArch64-Options.html#index-momit-leaf-frame-pointer
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; \
+ ;; \
+{{ if is_alpine then ( -}}
+ x86) \
+{{ ) else ( -}}
+ i386) \
+{{ ) end -}}
+ # don't enable frame-pointers on 32bit x86 due to performance drop.
+ ;; \
+ *) \
+ # other arches don't support "-mno-omit-leaf"
+ EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; \
+ ;; \
+ esac; \
+{{ ) end -}}
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:-}" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
; \
# https://github.com/docker-library/python/issues/784
# prevent accidental usage of a system installed libpython of the same version
@@ -201,7 +243,6 @@ RUN set -eux; \
make -j "$nproc" \
"EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" \
"LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" \
- "PROFILE_TASK=${PROFILE_TASK:-}" \
python \
; \
make install; \
@@ -221,14 +262,6 @@ RUN set -eux; \
\( \
\( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \
-o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \
-{{ if [ "3.8" ] | index(env.version) then ( -}}
- -o \( -type f -a -name 'wininst-*.exe' \) \
-{{
- ) else
- # "wininst-*.exe" is not installed for Unix platforms on Python 3.9+: https://github.com/python/cpython/pull/14511
- ""
- end
--}}
\) -exec rm -rf '{}' + \
; \
\
@@ -259,58 +292,28 @@ RUN set -eux; \
{{ ) else "" end -}}
{{ ) end -}}
\
- python3 --version
+ export PYTHONDONTWRITEBYTECODE=1; \
+ python3 --version; \
+{{ if .setuptools then ( -}}
+ \
+ pip3 install \
+ --disable-pip-version-check \
+ --no-cache-dir \
+ --no-compile \
+ {{ "setuptools==\( .setuptools.version )" | @sh }} \
+ # https://github.com/docker-library/python/issues/1023
+ 'wheel<0.46' \
+ ; \
+{{ ) else "" end -}}
+ pip3 --version
# make some useful symlinks that are expected to exist ("/usr/local/bin/python" and friends)
RUN set -eux; \
- for src in idle3 pydoc3 python3 python3-config; do \
+ for src in idle3 pip3 pydoc3 python3 python3-config; do \
dst="$(echo "$src" | tr -d 3)"; \
[ -s "/usr/local/bin/$src" ]; \
[ ! -e "/usr/local/bin/$dst" ]; \
ln -svT "$src" "/usr/local/bin/$dst"; \
done
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION {{ .pip.version }}
-{{ if .setuptools then ( -}}
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION {{ .setuptools.version }}
-{{ ) else "" end -}}
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL {{ ."get-pip".url }}
-ENV PYTHON_GET_PIP_SHA256 {{ ."get-pip".sha256 }}
-
-RUN set -eux; \
- \
-{{ if is_slim then ( -}}
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends wget; \
- \
-{{ ) else "" end -}}
- wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \
- echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \
- \
-{{ if is_slim then ( -}}
- apt-mark auto '.*' > /dev/null; \
- [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- rm -rf /var/lib/apt/lists/*; \
- \
-{{ ) else "" end -}}
- export PYTHONDONTWRITEBYTECODE=1; \
- \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- "pip==$PYTHON_PIP_VERSION" \
-{{ if .setuptools then ( -}}
- "setuptools==$PYTHON_SETUPTOOLS_VERSION" \
-{{ ) else "" end -}}
- ; \
- rm -f get-pip.py; \
- \
- pip --version
-
CMD ["python3"]
diff --git a/Dockerfile-windows.template b/Dockerfile-windows.template
index aac1b3ea3..add70eac7 100644
--- a/Dockerfile-windows.template
+++ b/Dockerfile-windows.template
@@ -6,11 +6,22 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
ENV PYTHONIOENCODING UTF-8
ENV PYTHON_VERSION {{ .version }}
+{{ if .checksums.windows.sha256 then ( -}}
+ENV PYTHON_SHA256 {{ .checksums.windows.sha256 }}
+{{ ) else "" end -}}
RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($env:PYTHON_VERSION -replace '[a-z]+[0-9]*$', ''), $env:PYTHON_VERSION); \
Write-Host ('Downloading {0} ...' -f $url); \
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
Invoke-WebRequest -Uri $url -OutFile 'python.exe'; \
+{{ if .checksums.windows.sha256 then ( -}}
+ \
+ Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_SHA256); \
+ if ((Get-FileHash python.exe -Algorithm sha256).Hash -ne $env:PYTHON_SHA256) { \
+ Write-Host 'FAILED!'; \
+ exit 1; \
+ }; \
+{{ ) else "" end -}}
\
Write-Host 'Installing ...'; \
# https://docs.python.org/3/using/windows.html#installing-without-ui
@@ -22,7 +33,7 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
'PrependPath=1', \
'Shortcuts=0', \
'Include_doc=0', \
- 'Include_pip=0', \
+ 'Include_pip=1', \
'Include_test=0' \
) \
).ExitCode; \
@@ -42,41 +53,8 @@ RUN $url = ('https://www.python.org/ftp/python/{0}/python-{1}-amd64.exe' -f ($en
Remove-Item python.exe -Force; \
Remove-Item $env:TEMP/Python*.log -Force; \
\
- Write-Host 'Complete.'
-
-# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value '<VERSION>'"
-ENV PYTHON_PIP_VERSION {{ .pip.version }}
-{{ if .setuptools then ( -}}
-# https://github.com/docker-library/python/issues/365
-ENV PYTHON_SETUPTOOLS_VERSION {{ .setuptools.version }}
-{{ ) else "" end -}}
-# https://github.com/pypa/get-pip
-ENV PYTHON_GET_PIP_URL {{ ."get-pip".url }}
-ENV PYTHON_GET_PIP_SHA256 {{ ."get-pip".sha256 }}
-
-RUN Write-Host ('Downloading get-pip.py ({0}) ...' -f $env:PYTHON_GET_PIP_URL); \
- [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; \
- Invoke-WebRequest -Uri $env:PYTHON_GET_PIP_URL -OutFile 'get-pip.py'; \
- Write-Host ('Verifying sha256 ({0}) ...' -f $env:PYTHON_GET_PIP_SHA256); \
- if ((Get-FileHash 'get-pip.py' -Algorithm sha256).Hash -ne $env:PYTHON_GET_PIP_SHA256) { \
- Write-Host 'FAILED!'; \
- exit 1; \
- }; \
- \
$env:PYTHONDONTWRITEBYTECODE = '1'; \
\
- Write-Host ('Installing pip=={0} ...' -f $env:PYTHON_PIP_VERSION); \
- python get-pip.py \
- --disable-pip-version-check \
- --no-cache-dir \
- --no-compile \
- ('pip=={0}' -f $env:PYTHON_PIP_VERSION) \
-{{ if .setuptools then ( -}}
- ('setuptools=={0}' -f $env:PYTHON_SETUPTOOLS_VERSION) \
-{{ ) else "" end -}}
- ; \
- Remove-Item get-pip.py -Force; \
- \
Write-Host 'Verifying pip install ...'; \
pip --version; \
\
diff --git a/README.md b/README.md
index 617f64ae7..3d5b277d3 100644
--- a/README.md
+++ b/README.md
@@ -12,15 +12,4 @@ For more information about the full official images change lifecycle, see [the "
For outstanding `python` image PRs, check [PRs with the "library/python" label on the official-images repository](https://github.com/docker-library/official-images/labels/library%2Fpython). For the current "source of truth" for [`python`](https://hub.docker.com/_/python/), see [the `library/python` file in the official-images repository](https://github.com/docker-library/official-images/blob/master/library/python).
----
-
-- [](https://github.com/docker-library/python/actions?query=workflow%3A%22GitHub+CI%22+branch%3Amaster)
-- [](https://doi-janky.infosiftr.net/job/update.sh/job/python/)
-
-| Build | Status | Badges | (per-arch) |
-|:-:|:-:|:-:|:-:|
-| [](https://doi-janky.infosiftr.net/job/multiarch/job/amd64/job/python/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/arm32v5/job/python/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/arm32v6/job/python/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/arm32v7/job/python/) |
-| [](https://doi-janky.infosiftr.net/job/multiarch/job/arm64v8/job/python/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/i386/job/python/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/mips64le/job/python/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/ppc64le/job/python/) |
-| [](https://doi-janky.infosiftr.net/job/multiarch/job/s390x/job/python/) | [](https://doi-janky.infosiftr.net/job/multiarch/job/windows-amd64/job/python/) | [](https://doi-janky.infosiftr.net/job/put-shared/job/light/job/python/) |
-
<!-- THIS FILE IS GENERATED BY https://github.com/docker-library/docs/blob/master/generate-repo-stub-readme.sh -->
diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh
index 32b6adef4..f6f64ca36 100755
--- a/generate-stackbrew-library.sh
+++ b/generate-stackbrew-library.sh
@@ -2,7 +2,7 @@
set -Eeuo pipefail
declare -A aliases=(
- [3.12]='3 latest'
+ [3.13]='3 latest'
)
self="$(basename "$BASH_SOURCE")"
@@ -44,17 +44,19 @@ dirCommit() {
getArches() {
local repo="$1"; shift
- local officialImagesUrl='https://github.com/docker-library/official-images/raw/master/library/'
+ local officialImagesBase="${BASHBREW_LIBRARY:-https://github.com/docker-library/official-images/raw/HEAD/library}/"
- eval "declare -g -A parentRepoToArches=( $(
- find -name 'Dockerfile' -exec awk '
+ local parentRepoToArchesStr
+ parentRepoToArchesStr="$(
+ find -name 'Dockerfile' -exec awk -v officialImagesBase="$officialImagesBase" '
toupper($1) == "FROM" && $2 !~ /^('"$repo"'|scratch|.*\/.*)(:|$)/ {
- print "'"$officialImagesUrl"'" $2
+ printf "%s%s\n", officialImagesBase, $2
}
' '{}' + \
| sort -u \
- | xargs bashbrew cat --format '[{{ .RepoName }}:{{ .TagName }}]="{{ join " " .TagEntry.Architectures }}"'
- ) )"
+ | xargs -r bashbrew cat --format '["{{ .RepoName }}:{{ .TagName }}"]="{{ join " " .TagEntry.Architectures }}"'
+ )"
+ eval "declare -g -A parentRepoToArches=( $parentRepoToArchesStr )"
}
getArches 'python'
@@ -134,18 +136,26 @@ for version; do
;;
esac
+ # https://github.com/docker-library/python/pull/931 (riscv64 builds on 3.11+ take way too long 😞)
case "$version" in
- 3.8 | 3.9) ;;
- *)
- if [ "$version" != '3.10' ]; then
- # https://github.com/docker-library/python/pull/931
- variantArches="$(sed <<<" $variantArches " -e 's/ riscv64 / /g')"
- fi
- # https://github.com/python/cpython/issues/93619 + https://peps.python.org/pep-0011/
- variantArches="$(sed <<<" $variantArches " -e 's/ mips64le / /g')"
- ;;
+ 3.9 | 3.10) ;;
+ *) variantArches="$(sed <<<" $variantArches " -e 's/ riscv64 / /g')" ;;
esac
+ # https://github.com/python/cpython/issues/93619 (Linking error when building 3.11 beta on mips64le) + https://peps.python.org/pep-0011/ (mips is not even tier 3)
+ case "$version" in
+ 3.9) ;;
+ *) variantArches="$(sed <<<" $variantArches " -e 's/ mips64le / /g')" ;;
+ esac
+
+ # https://github.com/docker-library/python/issues/1014 (ensurepip failing on s390x 3.14.0a6 Alpine images)
+ if [[ "$variant" == alpine* ]]; then
+ case "$version" in
+ 3.9 | 3.10 | 3.11 | 3.12 | 3.13) ;;
+ *) variantArches="$(sed <<<" $variantArches " -e 's/ s390x / /g')" ;;
+ esac
+ fi
+
sharedTags=()
for windowsShared in windowsservercore nanoserver; do
if [[ "$variant" == "$windowsShared"* ]]; then
diff --git a/versions.json b/versions.json
index 577402c4f..ef3e40b11 100644
--- a/versions.json
+++ b/versions.json
@@ -1,12 +1,9 @@
{
"3.10": {
- "get-pip": {
- "sha256": "ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7",
- "url": "https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py",
- "version": "https://github.com/pypa/get-pip/commit/e03e1607ad60522cf34a92e834138eb89f57667c"
- },
- "pip": {
- "version": "23.0.1"
+ "checksums": {
+ "source": {
+ "sha256": "4c68050f049d1b4ac5aadd0df5f27941c0350d2a9e7ab0907ee5eb5225d9d6b0"
+ }
},
"setuptools": {
"version": "65.5.1"
@@ -16,19 +13,16 @@
"slim-bookworm",
"bullseye",
"slim-bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
- "version": "3.10.14"
+ "version": "3.10.17"
},
"3.11": {
- "get-pip": {
- "sha256": "ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7",
- "url": "https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py",
- "version": "https://github.com/pypa/get-pip/commit/e03e1607ad60522cf34a92e834138eb89f57667c"
- },
- "pip": {
- "version": "24.0"
+ "checksums": {
+ "source": {
+ "sha256": "849da87af4df137710c1796e276a955f7a85c9f971081067c8f565d15c352a09"
+ }
},
"setuptools": {
"version": "65.5.1"
@@ -38,85 +32,82 @@
"slim-bookworm",
"bullseye",
"slim-bullseye",
- "alpine3.20",
- "alpine3.19",
- "windows/windowsservercore-ltsc2022",
- "windows/windowsservercore-1809"
+ "alpine3.21",
+ "alpine3.20"
],
- "version": "3.11.9"
+ "version": "3.11.12"
},
"3.12": {
- "get-pip": {
- "sha256": "ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7",
- "url": "https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py",
- "version": "https://github.com/pypa/get-pip/commit/e03e1607ad60522cf34a92e834138eb89f57667c"
- },
- "pip": {
- "version": "24.0"
+ "checksums": {
+ "source": {
+ "sha256": "07ab697474595e06f06647417d3c7fa97ded07afc1a7e4454c5639919b46eaea"
+ },
+ "windows": {
+ "sha256": "67b5635e80ea51072b87941312d00ec8927c4db9ba18938f7ad2d27b328b95fb"
+ }
},
"variants": [
"bookworm",
"slim-bookworm",
"bullseye",
"slim-bullseye",
+ "alpine3.21",
"alpine3.20",
- "alpine3.19",
+ "windows/windowsservercore-ltsc2025",
"windows/windowsservercore-ltsc2022",
"windows/windowsservercore-1809"
],
- "version": "3.12.4"
+ "version": "3.12.10"
},
- "3.13-rc": {
- "get-pip": {
- "sha256": "ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7",
- "url": "https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py",
- "version": "https://github.com/pypa/get-pip/commit/e03e1607ad60522cf34a92e834138eb89f57667c"
- },
- "pip": {
- "version": "24.1.1"
+ "3.13": {
+ "checksums": {
+ "source": {
+ "sha256": "40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041"
+ },
+ "windows": {
+ "sha256": "698f2df46e1a3dd92f393458eea77bd94ef5ff21f0d5bf5cf676f3d28a9b4b6c"
+ }
},
"variants": [
"bookworm",
"slim-bookworm",
"bullseye",
"slim-bullseye",
+ "alpine3.21",
"alpine3.20",
- "alpine3.19",
+ "windows/windowsservercore-ltsc2025",
"windows/windowsservercore-ltsc2022",
"windows/windowsservercore-1809"
],
- "version": "3.13.0b4"
+ "version": "3.13.3"
},
- "3.8": {
- "get-pip": {
- "sha256": "ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7",
- "url": "https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py",
- "version": "https://github.com/pypa/get-pip/commit/e03e1607ad60522cf34a92e834138eb89f57667c"
- },
- "pip": {
- "version": "23.0.1"
- },
- "setuptools": {
- "version": "57.5.0"
+ "3.14-rc": {
+ "checksums": {
+ "source": {
+ "sha256": "71adbcec3ac9edf93308e55cfb4184f2eb4b16fda2bb0a5a382929ed29c8386d"
+ },
+ "windows": {
+ "sha256": "944e24cde04e4067ae728578afc8fbc78d9a0d735e9c9348720c857d61bd8e1e"
+ }
},
"variants": [
"bookworm",
"slim-bookworm",
"bullseye",
"slim-bullseye",
+ "alpine3.21",
"alpine3.20",
- "alpine3.19"
+ "windows/windowsservercore-ltsc2025",
+ "windows/windowsservercore-ltsc2022",
+ "windows/windowsservercore-1809"
],
- "version": "3.8.19"
+ "version": "3.14.0a7"
},
"3.9": {
- "get-pip": {
- "sha256": "ee09098395e42eb1f82ef4acb231a767a6ae85504a9cf9983223df0a7cbd35d7",
- "url": "https://github.com/pypa/get-pip/raw/e03e1607ad60522cf34a92e834138eb89f57667c/public/get-pip.py",
- "version": "https://github.com/pypa/get-pip/commit/e03e1607ad60522cf34a92e834138eb89f57667c"
- },
- "pip": {
- "version": "23.0.1"
+ "checksums": {
+ "source": {
+ "sha256": "8c136d199d3637a1fce98a16adc809c1d83c922d02d41f3614b34f8b6e7d38ec"
+ }
},
"setuptools": {
"version": "58.1.0"
@@ -126,9 +117,9 @@
"slim-bookworm",
"bullseye",
"slim-bullseye",
- "alpine3.20",
- "alpine3.19"
+ "alpine3.21",
+ "alpine3.20"
],
- "version": "3.9.19"
+ "version": "3.9.22"
}
}
diff --git a/versions.sh b/versions.sh
index ccd045303..f574d65d2 100755
--- a/versions.sh
+++ b/versions.sh
@@ -2,10 +2,6 @@
set -Eeuo pipefail
shopt -s nullglob
-# https://github.com/docker-library/python/issues/365
-minimumSetuptoolsVersion='57.5.0'
-# for historical reasons, setuptools gets pinned to either the version bundled with each Python version or this, whichever is higher
-
cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
versions=( "$@" )
@@ -17,32 +13,64 @@ else
fi
versions=( "${versions[@]%/}" )
-getPipCommit="$(
- wget -qO- --header 'Accept: application/json' 'https://github.com/pypa/get-pip/commits/main/public/get-pip.py.atom' \
- | jq -r '.payload | first(.commitGroups[].commits[].oid)'
-)"
-getPipUrl="https://github.com/pypa/get-pip/raw/$getPipCommit/public/get-pip.py"
-getPipSha256="$(wget -qO- "$getPipUrl" | sha256sum | cut -d' ' -f1)"
-export getPipCommit getPipUrl getPipSha256
-
-has_linux_version() {
- local dir="$1"; shift
+declare -A checksums=()
+check_file() {
local dirVersion="$1"; shift
local fullVersion="$1"; shift
+ local type="${1:-source}" # "source" or "windows"
- if ! wget -q -O /dev/null -o /dev/null --spider "https://www.python.org/ftp/python/$dirVersion/Python-$fullVersion.tar.xz"; then
- return 1
+ local filename="Python-$fullVersion.tar.xz"
+ if [ "$type" = 'windows' ]; then
+ filename="python-$fullVersion-amd64.exe"
+ fi
+ local url="https://www.python.org/ftp/python/$dirVersion/$filename"
+
+ local sigstore
+ if sigstore="$(
+ wget -qO- -o/dev/null "$url.sigstore" \
+ | jq -r '
+ .messageSignature.messageDigest
+ | if .algorithm != "SHA2_256" then
+ error("sigstore bundle not using SHA2_256")
+ else .digest end
+ '
+ )" && [ -n "$sigstore" ]; then
+ sigstore="$(base64 -d <<<"$sigstore" | hexdump -ve '/1 "%02x"')"
+ checksums["$fullVersion"]="$(jq <<<"${checksums["$fullVersion"]:-null}" --arg type "$type" --arg sha256 "$sigstore" '.[$type].sha256 = $sha256')"
+ return 0
fi
- return 0
-}
-
-has_windows_version() {
- local dir="$1"; shift
- local dirVersion="$1"; shift
- local fullVersion="$1"; shift
+ # TODO is this even necessary/useful? the sigstore-based version above is *much* faster, supports all current versions (not just 3.12+ like this), *and* should be more reliable 🤔
+ local sbom
+ if sbom="$(
+ wget -qO- -o/dev/null "$url.spdx.json" \
+ | jq --arg filename "$filename" '
+ first(
+ .packages[]
+ | select(
+ .name == "CPython"
+ and .packageFileName == $filename
+ )
+ )
+ | .checksums
+ | map({
+ key: (.algorithm // empty | ascii_downcase),
+ value: (.checksumValue // empty),
+ })
+ | if length < 1 then
+ error("no checksums found for \($filename)")
+ else . end
+ | from_entries
+ | if has("sha256") then . else
+ error("missing sha256 for \($filename); have \(.)")
+ end
+ '
+ )" && [ -n "sbom" ]; then
+ checksums["$fullVersion"]="$(jq <<<"${checksums["$fullVersion"]:-null}" --arg type "$type" --argjson sums "$sbom" '.[$type] += $sums')"
+ return 0
+ fi
- if ! wget -q -O /dev/null -o /dev/null --spider "https://www.python.org/ftp/python/$dirVersion/python-$fullVersion-amd64.exe"; then
+ if ! wget -q -O /dev/null -o /dev/null --spider "$url"; then
return 1
fi
@@ -80,9 +108,9 @@ for version in "${versions[@]}"; do
rcPossible="${possible%%[a-z]*}"
# varnish is great until it isn't (usually the directory listing we scrape below is updated/uncached significantly later than the release being available)
- if has_linux_version "$version" "$rcPossible" "$possible"; then
+ if check_file "$rcPossible" "$possible"; then
fullVersion="$possible"
- if has_windows_version "$version" "$rcPossible" "$possible"; then
+ if check_file "$rcPossible" "$possible" windows; then
hasWindows=1
fi
break
@@ -101,9 +129,9 @@ for version in "${versions[@]}"; do
|| true
) )
for possibleVersion in "${possibleVersions[@]}"; do
- if has_linux_version "$version" "$rcPossible" "$possibleVersion"; then
+ if check_file "$rcPossible" "$possibleVersion"; then
fullVersion="$possibleVersion"
- if has_windows_version "$version" "$rcPossible" "$possible"; then
+ if check_file "$rcPossible" "$possible" windows; then
hasWindows=1
fi
break
@@ -126,19 +154,15 @@ for version in "${versions[@]}"; do
wget -qO- "https://github.com/python/cpython/raw/v$fullVersion/Lib/ensurepip/__init__.py" \
| grep -E '^[^[:space:]]+_VERSION[[:space:]]*='
)"
- pipVersion="$(sed -nre 's/^_PIP_VERSION[[:space:]]*=[[:space:]]*"(.*?)".*/\1/p' <<<"$ensurepipVersions")"
- if [ -z "$pipVersion" ]; then
- echo >&2 "error: $version: missing pip version"
- exit 1
- fi
- if ! wget -q -O /dev/null -o /dev/null --spider "https://pypi.org/pypi/pip/$pipVersion/json"; then
- echo >&2 "error: $version: pip version ($pipVersion) seems to be invalid?"
- exit 1
- fi
+ # Note: We don't extract the pip version here, since our policy is now to use the pip version
+ # that is installed during the Python build (which is the version bundled in ensurepip), and
+ # to not support overriding it.
+
+ # TODO remove setuptools version handling entirely once Python 3.11 is EOL
setuptoolsVersion="$(sed -nre 's/^_SETUPTOOLS_VERSION[[:space:]]*=[[:space:]]*"(.*?)".*/\1/p' <<<"$ensurepipVersions")"
case "$rcVersion" in
- 3.8 | 3.9 | 3.10 | 3.11)
+ 3.9 | 3.10 | 3.11)
if [ -z "$setuptoolsVersion" ]; then
echo >&2 "error: $version: missing setuptools version"
exit 1
@@ -148,14 +172,6 @@ for version in "${versions[@]}"; do
exit 1
fi
- # TODO remove this once Python 3.8 is either "new enough setuptools" or EOL
- setuptoolsVersion="$(
- {
- echo "$setuptoolsVersion"
- echo "$minimumSetuptoolsVersion"
- } | sort -rV | head -1
- )"
-
# https://github.com/docker-library/python/issues/781 (TODO remove this if 3.10 and 3.11 embed a newer setuptools and this section no longer applies)
if [ "$setuptoolsVersion" = '65.5.0' ]; then
setuptoolsVersion='65.5.1'
@@ -171,22 +187,12 @@ for version in "${versions[@]}"; do
;;
esac
- # TODO wheelVersion, somehow: https://github.com/docker-library/python/issues/365#issuecomment-914669320
-
- echo "$version: $fullVersion (pip $pipVersion${setuptoolsVersion:+, setuptools $setuptoolsVersion}${hasWindows:+, windows})"
+ echo "$version: $fullVersion"
export fullVersion pipVersion setuptoolsVersion hasWindows
- json="$(jq <<<"$json" -c '
- .[env.version] = {
+ doc="$(jq -nc '
+ {
version: env.fullVersion,
- pip: {
- version: env.pipVersion,
- },
- "get-pip": {
- version: "https://github.com/pypa/get-pip/commit/\(env.getPipCommit)",
- url: env.getPipUrl,
- sha256: env.getPipSha256,
- },
variants: [
(
"bookworm",
@@ -194,12 +200,13 @@ for version in "${versions[@]}"; do
empty
| ., "slim-" + .), # https://github.com/docker-library/ruby/pull/142#issuecomment-320012893
(
+ "3.21",
"3.20",
- "3.19",
empty
| "alpine" + .),
if env.hasWindows != "" then
(
+ "ltsc2025",
"ltsc2022",
"1809",
empty
@@ -212,6 +219,12 @@ for version in "${versions[@]}"; do
},
} else {} end
')"
+
+ if [ -n "${checksums["$fullVersion"]:-}" ]; then
+ doc="$(jq <<<"$doc" -c --argjson checksums "${checksums["$fullVersion"]}" '.checksums = $checksums')"
+ fi
+
+ json="$(jq <<<"$json" -c --argjson doc "$doc" '.[env.version] = $doc')"
done
jq <<<"$json" -S . > versions.json