Update pyinstaller to 6.10.0

[pyup-bot]

This PR updates PyInstaller from 5.9.0 to 6.10.0.

Changelog

6.10.0

-------------------

Features
~~~~~~~~

* (Linux) Extend the mechanism for collection of ``.hmac`` files from
:issue:`8288` to also include ``.hmac`` files in the ``fipscheck`` directory.
(:issue:`8719`)
* Add support for Python 3.13. (:issue:`8198`)

* Introduce new :envvar:`PYINSTALLER_RESET_ENVIRONMENT` environment variable, to
be used by application developers when trying to launch
:data:`sys.executable`-based process that is supposed to outlive the current
application process (which includes the :ref:`application restart scenario
<independent subprocess>`). This is considered the official and preferred
approach at spawning new independent instances of the same application (as
opposed to modifying the private :envvar:`_PYI_ARCHIVE_FILE` environment
variable). (:issue:`8634`)
* The splash screen in splash-screen enabled frozen application can now
be disabled by the user at run-time, using the new
:envvar:`PYINSTALLER_SUPPRESS_SPLASH_SCREEN` environment variable. If the
environment variable is set to ``1``, the splash screen is not shown,
and functions from :mod:`pyi_splash` become no-op without raising errors
or displaying warning messages. (:issue:`8634`)


Bugfix
~~~~~~

* (Windows) Attempt to work around the leak of ``VCRUNTIME140.dll`` in
``onefile`` applications with splash screen enabled in scenarios where
the OS and/or anti-virus program injects additional DLLs into the process
that also depend on ``VCRUNTIME140.dll``. (:issue:`7106`)
* (Windows) Fix regression in PyInstaller 6.x that caused console-enabled
onefile to applications fail to clean up their temporary directory during
system session shutdown (i.e., when user logs off or initiates system shutdown
or restart). For console-enabled onefile applications, this used to work up
until PyInstaller 6.0 by means of installed console handler; however, due to
contemporary bootloader executables being linked against ``user32.dll``, the
console handler does not receive ``CTRL_LOGOFF_EVENT`` and
``CTRL_SHUTDOWN_EVENT`` console events anymore (for the same reason, this did
not work for builds with splash screen, even between v5.3 and 6.0). Instead,
session shutdown is now handled by means of hidden window and handling of
``WM_QUERYENDSESSION`` and ``WM_ENDSESSION`` event messages. (:issue:`8648`)
* (Windows) Improve handling of ``CTRL_CLOSE_EVENT`` console event in
``onefile`` builds for compatibility with Windows Terminal in order to
avoid leaking temporary files when user closes the terminal window
(or tab). Upon receiving the event, the parent process now gives the child
process a 500-millisecond grace period to exit, after which it terminates
the child process and proceeds with the cleanup (previously, the parent
process indefinitely waited for the child to exit, under assumption that
the ``CTRL_CLOSE_EVENT`` will also cause the child to exit at the same
time – which was the case with ``conhost.exe``, but is not the case with
Windows Terminal, where the child appears to receive event only after
OS already terminated the parent process). (:issue:`8640`)
* (Windows) The windowed/noconsole ``onefile`` builds should now clean up
their temporary directories during session shutdown (i.e., when user logs
off or initiates system shutdown or restart). (:issue:`8648`)
* Fix the implementation of ``PyiFrozenResourceReader.files()`` when called
with (sub)module name, it should return the path to the module's parent
(package) directory, instead of a sub-directory with module's name.
(:issue:`8659`)
* The ``MERGE`` dependency processing code now uses both source and destination
path as a bookkeeping key (instead of just source path). This fixes issues
when using ``MERGE`` with application TOCs that contain entries for a file
that is collected more than once, with different destination names.
(:issue:`8687`)
* The splash screen is now automatically suppressed in worker sub-processes
spawned via :data:`sys.executable`. The splash screen is not shown, and
functions from :mod:`pyi_splash` become no-op without raising errors or
displaying warning messages. (:issue:`8634`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* Attempting to restart the application by spawning new process via
:data:`sys.executable` and exiting the current process now requires the
:envvar:`PYINSTALLER_RESET_ENVIRONMENT` environment variable to be set prior
to spawning the process. See :ref:`independent subprocess`. (:issue:`8634`)


Deprecations
~~~~~~~~~~~~

* The ``-m`` shorthand for :option:`--manifest` will be removed in v7.0.
(:issue:`2560`)


Hooks
~~~~~

* Clean up the ``multiprocessing`` run-time hook. Due to changes in detection
of inherited PyInstaller environments, we do not need to restore (the now
renamed) ``_MEIPASS2``  environment variable anymore, and we can remove
all our custom ``Popen`` overrides. (:issue:`8634`)
* Implement support for ``setuptools`` >= 71.0.0 and its new approach to
vendoring its dependencies. (:issue:`8720`)


Bootloader
~~~~~~~~~~

* (Linux) When frozen executable is launched via dynamic linker/loader
invocation (e.g., ``/lib64/ld-linux-x86-64.so.2 /path/to/executable``),
the loader executable's name is now captured and passed on to ``execvp``
call when restarting the process (``onedir`` mode) or starting the
child process (``onefile`` mode). This ensures that the restarted/spawned
process also uses the specified dynamic loader instead of the one
encoded in executable's ELF headers. (:issue:`8662`)
* (Windows) In debug-enabled bootloader variants, copies of debug/warning/error
messages are now submitted to ``OutputDebugString`` win32 API in addition
to their primary output mechanism (i.e., ``stderr`` or message dialog).
This applies to both console and noconsole/windowed bootloader variants.
(Previously, ``OutputDebugString`` was used only for debug messages in
debug-enabled noconsole/windowed bootloader variant, where it serves as
the primary output mechanism.) (:issue:`8642`)
* (Windows) The ``onefile`` parent process now sets up invisible window
to receive and handle ``WM_QUERYENDSESSION`` and ``WM_ENDSESSION``
event messages, which allows it properly clean up temporary files during
session shutdown (i.e., user logging off, or initiating system shutdown
or restart). Cleanup during session shutdown should now work in both
console-enabled and windowed/noconsole builds, and regardless of whether
splash screen is used or not. (:issue:`8648`)
* (Windows) The parent process of a ``onefile`` application with enabled
splash screen now attempts to pre-load a system-wide copy of
``VCRUNTIME140.dll``, preferring it over the bundled copy (which would
be loaded as dependency of Tcl/Tk DLLs during splash screen setup).
If a system-wide copy is available, the OS and/or anti-virus
programs might inject other 3rd party DLLs into the process that
also depend on ``VCRUNTIME140.dll`` (for example, Trend Micro's User Mode
Hooking component has been observed to do that). Such externally loaded
DLLs prevent the bootloader from unloading the ``VCRUNTIME140.dll``
during the clean-up phase, and if the bundled copy was loaded, it would
also prevent its removal from the application's temporary directory.
(:issue:`8650`)
* Bootloader's debug/error/warning messages are now always formatted in
the temporary buffer (even when they are written to ``stderr``), in
order to ensure their atomicity and avoid interleaving of message parts
in multi-process scenarios. (:issue:`8642`)
* Change the prefix of debug/warning/error messages from `[{PID}]` to
`[PYI-{PID}:{SEVERITY}]`, and apply it consistently across all
bootloader-generated messages. (:issue:`8642`)
* Implemented explicit tracking of (sub)process level via newly-introduced
:envvar:`_PYI_PARENT_PROCESS_LEVEL` environment variable. This allows us to
reliably distinguish between different process types: in ``onedir``
applications, between the main application process and worker sub-process(es)
spawned via :data:`sys.executable`; in ``onefile`` applications, between the
parent process, the main application process, and worker sub-process(es)
spawned via :data:`sys.executable`. (:issue:`8634`)
* Reworked the detection of inherited PyInstaller environments, which now has
reversed logic compared to original implementation. Up until now, a process
running the bootloader was considered a (new) top-level process of a frozen
application unless the ``_MEIPASS2`` environment was set. Because bootloader
was clearing the ``_MEIPASS2`` environment variable prior to running the
python code in the main application process, this meant that application's
responsibility to restore the ``_MEIPASS2`` environment variable before
spawning worker sub-process via :data:`sys.executable` to, for example,
prevent a onefile application from unpacking itself again. In the new
implementation, the default assumption is that the process is a worker
sub-process of the same (instance of) application, unless the path to
PKG/CArchive has changed (which implies that a different executable is used),
as tracked by newly-introduced :envvar:`_PYI_ARCHIVE_FILE` environment variable.
This means that no additional action is needed to spawn worker sub-processes
via :data:`sys.executable` in multiprocessing scenarios, but on the other hand,
:ref:`attempting to restart the application <independent subprocess>` now
requires :envvar:`PYINSTALLER_RESET_ENVIRONMENT` environment variable to be
set before spawning the new application process. To prevent issues when
launching applications built with older version of PyInstaller as
subprocesses, the ``_MEIPASS2`` environment variable was renamed to
:envvar:`_PYI_APPLICATION_HOME_DIR`; note that this refers to the internally-used
environment variable, and does **not** affect the PyInstaller-specific
``sys._MEIPASS`` attribute. (:issue:`8634`)


Module Loader
~~~~~~~~~~~~~

* The ``PyiFrozenImporter`` has been reworked from being a monolithic
`meta path finder
<https://docs.python.org/3/glossary.html#term-meta-path-finder>`_
(with fused `loader <https://docs.python.org/3/glossary.html#term-loader>`_
part)
into path-instanced `path entry finder
<https://docs.python.org/3/glossary.html#term-path-entry-finder>`_
(with fused loader part), registered with python's default
`path based finder
<https://docs.python.org/3/glossary.html#term-path-based-finder>`_.
The new path-instanced design enables proper handling of run-time
:data:`sys.path`
modifications; i.e., modules within the PYZ archive can now be resolved
based on entries in :data:`sys.path` that are anchored to the top-level
application directory (``sys._MEIPASS``). This in turn also facilitates
full support for PEP420 namespace packages that are split across
different :data:`sys.path` locations; both within the PYZ archive, on
filesystem within top-level application directory tree, and/or in
fully-external locations. (:issue:`8695`)


Documentation
~~~~~~~~~~~~~

* Add a note about splash screen suppression to the splash screen
documentation. (:issue:`8634`)
* Extend the Advanced Topics section with new subsection,
:ref:`bootloader environment variables`, which documents all public and
private environment variables used by PyInstaller's bootloader.
(:issue:`8634`)
* Extend the Common Issues and Pitfalls section with :ref:`new subsection
<independent subprocess>` that describes the new requirements for launching a
:data:`sys.executable`-based process that is supposed to outlive the current
application process, which includes the application restart scenario.
(:issue:`8634`)

6.9.0

------------------

Bugfix
~~~~~~

* (Windows) Work around the problem with ``libgcc_s_dw2-1.dll`` and
``libwinpthread-1.dll`` DLLs files not being removed from application's
temporary directory when building splash-screen-enabled onefile
application with 32-bit msys2/mingw32 environment. (:issue:`8587`)
* (Windows) Work around the problem with ``VCRUNTIME140.dll`` DLL file not
being removed from application's temporary directory when building
splash-screen-enabled onefile application with UPX enabled. (:issue:`7106`)
* Re-allow ``hiddenimports`` with hyphenated names during Analysis (was blocked
in v6.8.0) (:issue:`8601`)


Hooks
~~~~~

* Add work-around for incompatibility between ``scipy`` and ``numpy`` 2.0.0
(the ``ModuleNotFoundError: No module named 'numpy.f2py'`` error).
(:issue:`8622`)
* Update ``django`` hook to account for possibility of the deprecated
``DEFAULT_FILE_STORAGE`` setting being set to ``None``. (:issue:`8633`)
* Update ``scipy`` hooks for compatibility with ``scipy`` 1.14.0.
(:issue:`8622`)


Bootloader
~~~~~~~~~~

* (Windows) Implement last-ditch attempt at force-unloading bundled DLLs
from onefile parent process: if onefile application fails to remove its
temporary directory, it now iterates over all DLLs loaded in the process,
identifies the ones that originate from its temporary directory, and
attempts to force-unload them, before trying to remove the temporary
directory again. This should work around for issues with Tcl/Tk DLLs
used by splash screen, which may load additional DLLs, and fail to
automatically unload them when they are unloaded themselves. (:issue:`8587`)
* Fix the order in which Tcl and Tk shared library are unloaded from the
splash-screen enabled frozen application, to prevent the process from
crashing during application cleanup (observed on Windows). (:issue:`8587`)

6.8.0

------------------

Bugfix
~~~~~~

* (macOS) When running ``codesign`` utility on macOS, use hard-coded absolute
path (``/usr/bin/codesign``) to avoid errors when user has the ``codesign``
from `sigtool <https://github.com/thefloweringash/sigtool>`_ in their
``PATH``. (:issue:`8581`)
* (Windows) When setting up DLL search paths for binary dependency analysis,
consider the directory where python executable is located (i.e.,
``os.path.dirname(sys._base_executable)``) in addition to directory pointed to
by ``sys.base_prefix``, in case the two differ. This fixes discovery of
``python3.dll`` when using python that was locally built from source (i.e.,
using ``PCbuild\build.bat`` script that comes with python's source code).
(:issue:`8569`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* Attempting to do a build whilst inside ``C:\Windows`` is now blocked.
(:issue:`8570`)
* Invalid hiddenimports (e.g. filenames instead of module names) are now a build
error. (:issue:`8570`)


Deprecations
~~~~~~~~~~~~

* Adding a Python environment's ``site-packages`` directory to
``pathex``/``--paths`` will be blocked in v7.0 (:issue:`8570`)
* Running PyInstaller with escalated privileges (e.g. using sudo or in a *run as
admin* terminal) will be blocked in v7.0. True admin users will be unaffected.
(:issue:`8570`)


Bootloader
~~~~~~~~~~

* (POSIX) Bootloader now attempts to create the run-time temporary directory
given via :option:`--runtime-tmpdir` option (instead of requiring the
directory to already exist), in order to match the behavior on Windows. A
relative run-time temporary directory is now resolved to an absolute full path
before being used to construct the application's temporary directory path.
(:issue:`8557`)
* (Windows) Bootloader now verifies the run-time temporary directory given via
:option:`--runtime-tmpdir` option, and raises an error if either the drive is
invalid or if the directory cannot be created (instead of creating the
application's temporary directory in the root of the current drive).
(:issue:`8557`)
* (Windows) Instead of converting bootloader's debug and error messages from
UTF-8 to local ANSI codepage and displaying them via ANSI API (e.g.,
``fprintf``, ``DebugMessageA``), the bootloader now attempts to convert those
messages to wide-character strings and displays them via wide-character API
(e.g., ``fwprintf``, ``DebugMessageW``). (:issue:`8557`)
* A major refactor and cleanup of bootloader's code. (:issue:`8557`)
* The splash screen resources in ``onefile`` builds are now extracted
into the application's temporary directory (instead of being extracted into a
sub-directory within the application's temporary directory); therefore, they
are now extracted only once, and are shared with the application itself, if
necessary. (:issue:`8557`)

6.7.0

------------------

Bugfix
~~~~~~

* (POSIX) Fix ``PyInstaller.depend.bindepend.resolve_library_path`` for
cases when ``ldconfig`` cache is not available (e.g., ``musl libc`` on
Alpine Linux). In such cases, the search code now distinguishes between
the case when fully suffixed library name is given (i.e., search for
exact match) and the case when library name has no suffix (i.e., search
for library with matching basename). (:issue:`8422`)
* (Windows) Fix mangling of path to the entry-point script when the script
is in the current working directory, and the path to this directory
contains two or more consecutive ``$`` or ``%`` characters. (:issue:`8434`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* PyInstaller does not attempt to expand environment variables in paths
given via :option:`--workpath`, :option:`--distpath`, :option:`--specpath`,
and :option:`--additional-hooks-dir` anymore (note that other paths were
never subject to environment variable expansion in the first place).
Expansion of the starting tilde (``~``) into user's home directory is
still performed, as a work-around for tilde not being expanded by the
shell when passing arguments as ``--workpath=~/path/abc`` instead of
``--workpath ~/path/abc``. (:issue:`8441`)


Hooks
~~~~~

* Have ``sqlalchemy`` hook collect all dialects and plugins that are
registered via ``sqlalchemy.dialects`` and ``sqlalchemy.plugins``
entry-points. This ensures collection of 3rd party dialects and plugins
that may be available in the build environment (e.g., ``ibm-db-sa``).
(:issue:`8465`)
* The ``pywin32-ctypes`` hook now always collects the
``win32ctypes.core.ctypes``
modules, so that the ``ctypes`` backend is always available (i.e., even
if we also collect the ``cffi`` backend due to availability of ``cffi``
in the build environment). This fixes issues when ``cffi`` ends up
unavailable at run-time in spite of being available in the build environment
at build time (for example, due to explicit exclusion via
:option:`--exclude-module`
option). (:issue:`8544`)
* Update ``pkg_resources`` hook for compatibility with ``setuptools`` v70.0.0
and later (fix ``ModuleNotFoundError: No module named
'pkg_resources.extern'``). (:issue:`8554`)

6.6.0

------------------

Features
~~~~~~~~

* (Windows) Implement support for resolving executable's true location
when launched via a symbolic link. (:issue:`8300`)
* Implement an option to explicitly specify the bytecode optimization level
for collected python code, independent of the optimization level in the
python process under which PyInstaller is running. At the .spec file level,
this is controlled by optional ``optimize`` argument in the ``Analysis``
constructor. At the CLI level, this is controlled by new
:option:`--optimize` command-line option, which sets the ``optimize``
argument for ``Analysis`` as well as :ref:`interpreter run-time options
<specifying python interpreter options>` in the generated spec file.
See :ref:`bytecode optimization level` for details. (:issue:`8252`)


Bugfix
~~~~~~

* (macOS) Explicitly convert the value of ``version`` argument to ``BUNDLE``
into a string, in order to mitigate cases when user accidentally enters
an integer or a float. The version value ends up being written to
``Info.plist`` as the ``CFBundleShortVersionString`` entry, and if this
entry is not of a string type (for example, is an integer), the
generated .app bundle crashes at start. (:issue:`4466`)
* (Windows) Avoid trying to import ``PySimpleGUI`` in the subprocess that
analyzes dynamic library search modifications made by packages prior to
the binary dependency analysis. When imported for the first time,
``PySimpleGUI`` 5.x displays a "first-run" dialog, which poses a problem
for unattended PyInstaller builds running in a clean environment, for
example, in a CI pipeline. (:issue:`8396`)
* (Windows) Implement a work-around for running PyInstaller under python
process with ``-OO`` (or ``PYTHONOPTIMIZE=2``) with ``cffi`` installed.
We now temporarily disable import of ``cffi`` while importing
``pywin32-ctypes`` in ``PyInstaller.compat`` to ensure that ``ctypes``
backend is always used, as the ``cffi`` backend uses ``pycparser`` and
requires docstrings, which makes it incompatible with the ``-OO`` mode.
(:issue:`6345`)


Hooks
~~~~~

* Update ``PySide6.Qt3DRender`` hook for compatibility with ``PySide6``
6.7.0 (add hidden import for ``PySide6.QtOpenGL`` module). (:issue:`8404`)
* Update ``scipy.special._ufuncs`` hook for compatibility with SciPy 1.13.0
(add ``scipy.special._cdflib`` to hidden imports). (:issue:`8394`)


Bootloader
~~~~~~~~~~

* (Windows) Attempt to shorten the duration of spinning-wheel cursor when
launching applications built in ``windowed`` / ``noconsole`` mode.
(:issue:`8359`)


Documentation
~~~~~~~~~~~~~

* Add a new documentation section, :ref:`bytecode optimization level`,
which the describes the new canonical way to control bytecode
optimization level of the collected python code. (:issue:`8252`)
* Add a note to :ref:`specifying python interpreter options` to inform
user that setting the optimization level to the application's embedded
python interpreter by itself does not result in bytecode optimization of
modules that have been collected in byte-compiled form (i.e., the majority
of them). (:issue:`8252`)

6.5.0

------------------

Features
~~~~~~~~

* (Linux) Extend the mechanism for collection of ``.hmac`` files from
:issue:`8288` to ``.chk`` files that are used by NSS libraries.
(:issue:`8315`)


Bugfix
~~~~~~

* (Linux) Fix collection of ``QtWebEngineProcess`` helper when collecting
Qt (and ``PySide``/``PyQt`` bindings) installed via Linux distribution
packages. In such scenarios, we now force collection of the helper
executable into ``libexec`` directory inside the Qt sub-directory of
the bindings' package directory, in order to match the PyPI wheel layout.
(:issue:`8315`)
* (Linux) Fix regression that caused :func:`locale.getlocale` in
frozen applications created with PyInstaller v6.x to return ``(None, None)``
instead of user-preferred locale. (:issue:`8306`)
* (Windows) Avoid trying to import ``pyqtgraph.canvas`` in the subprocess
that analyzes dynamic library search modifications made by packages prior
to the binary dependency analysis. Trying to import ``pyqtgraph.canvas``
causes python interpreter to crash under certain circumstances (the
issue is present in ``pyqtgraph`` <= 0.13.3). (:issue:`8322`)
* (Windows) Fix collection of ``QtWebEngineProcess`` helper when
collecting ``PySide2`` and Qt installed via Anaconda on Windows.
The helper executable is now collected into top-level ``PySide2``
package directory, in order to match the PyPI wheel layout. (:issue:`8315`)
* (Windows) Suppress warnings about unresolvable UCRT DLLs
(``api-ms-win-*.dll``) on Windows 11. (:issue:`8339`)
* Fix bootloaders not being found when running an Intel build of Python on
Windows ARM64. (:issue:`8219`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* PyInstaller now explicitly disallows attempts to collect multiple Qt
bindings packages (``PySide2``, ``PySide6``, ``PyQt5``, ``PyQt6``) into
a frozen application. When hooks for more than one top-level Qt bindings
package are executed, the build process is aborted with error message.
This restriction applies across all instances of ``Analysis`` within
a single build (i.e., a single .spec file).

If you encounter build errors caused by this new restriction, either
clean up your build environment (remove the bindings that you are not
using), or explicitly exclude the extraneous bindings using
:option:`--exclude-module`
(or equivalent ``excludes`` list passed as argument to ``Analysis`` in
the .spec file).

The automatic exclusion of extraneous bindings needs to be done via hooks on
per-package basis, so please `report problematic packages
<https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues>`_ so that we
can write hooks for them. (:issue:`8329`)


Hooks
~~~~~

* (Linux) When searching for dynamically-loaded NSS libraries during
collection of ``QtWebEnginge``, account for the possibility of said
libraries being either in a separate ``nss`` directory or in the main
library directory. This fixes problems with missing NSS libraries on
contemporary Linux distributions that do not use separate ``nss``
directory (anymore). (:issue:`8315`)
* Add a hook for ``pandas.io.clipboard`` to exclude the conditional
import of ``PyQt5`` from this module; the module primarily uses ``qtpy``
as its Qt bindings abstraction, and the conditional import of ``PyQt5``
interferes with Qt bindings selection done by our ``qtpy`` hook.
(:issue:`8329`)
* Add hook for ``qtpy`` to prevent collection of multiple available Qt
bindings. The hook attempts to select a single Qt bindings package
and exclude all other Qt bindings packages with the help of the
``PyInstaller.utils.hooks.qt.exclude_extraneous_qt_bindings``
helper. (:issue:`8329`)
* Extend hooks for ``matplotlib`` to prevent collection of multiple
available Qt bindings. The new hook for ``matplotlib.backends.qt_compat``
attempts to select a single Qt bindings package via the following
logic implemented in the
``PyInstaller.utils.hooks.qt.exclude_extraneous_qt_bindings``
helper: first, we check if hooks for any Qt bindings package have already
been run; if they had, those bindings are selected. If not, we check for
user-specified bindings in the ``QT_API`` environment variable; if valid
bindings name is specified, those bindings are selected. Otherwise, we
select one of available bindings. Once a Qt bindings package is selected,
the imports of all other Qt bindings packages are excluded from the
hooked package. (:issue:`8329`)
* Have run-time hooks for Qt bindings (``PySide2``, ``PySide6``, ``PyQt5``,
and ``PyQt6``) check for presence of the embedded ``:/qt/etc/qt.conf``
resource, and if not present, inject their own version. This
aims to ensure that the bundled Qt is always relocatable, even if the
package does not perform injection of embedded ``qt.conf`` file (most
notably, this seems to be the case with ``PySide2`` collected from
Linux distribution packages, and ``PySide2`` collected from Anaconda
on Windows, Linux, and macOS). (:issue:`8315`)
* PyInstaller now explicitly disallows attempts to collect multiple Qt
bindings packages (``PySide2``, ``PySide6``, ``PyQt5``, ``PyQt6``) into
a frozen application. When hooks for more than one top-level Qt bindings
package are executed, the build process is aborted with error message
that informs user of the situation and what to do about it (i.e., exclusion
of extraneous packages). The limitation applies to all analyses within a
spec file. (:issue:`8329`)
* Remove run-time hook for ``win32com``, as per discussion in issue:`8309`.
(:issue:`8313`)
* Update hook for ``matplotlib.backends`` to include ``QtAgg`` and ``Gtk4Agg``
in the list of backend candidates. (:issue:`8334`)


Bootloader
~~~~~~~~~~

* Have bootloader set the ``configure_locale`` field in the interpreter
pre-config structure, so that user-preferred locale is set during
interpreter pre-initialization. (:issue:`8306`)


Bootloader build
~~~~~~~~~~~~~~~~

* The target architecture on Windows using MSVC now defaults to that of the
current Python environment – not the current OS. (:issue:`8219`)

6.4.0

------------------

Features
~~~~~~~~

* (Linux) Collect ``.hmac`` files accompanying shared libraries, if such files
are available. This allows frozen application to run on FIPS-enabled Red Hat
Enterprise systems, where HMAC is required by self-check implemented by the
OpenSSL crypto library. Furthermore, ensure that shared libraries with
accompanying ``.hmac`` files are exempted from any additional processing (for
example, when building with :option:`--strip` option) to avoid invalidating
the HMAC. (:issue:`8273`)
* (Windows) Make bootloader codepaths involved in creation of temporary
directories for ``onefile`` builds AppContainer-aware. If the process runs
inside an AppContainer, the temporary directory's DACL needs to explicitly
include the AppContainerSID, otherwise the directory becomes inaccessible to
the process. (:issue:`8291`)
* (Windows) Make Windows implementation of PyInstaller's
``_pyi_rth_utils.tempdir.secure_mkdir`` (used by ``matplotlib`` and
``win32com`` run-time hooks to create temporary directories)
AppContainer-aware. If the process runs inside an AppContainer, the temporary
directory's DACL needs to explicitly include the AppContainerSID, otherwise
the directory becomes inaccessible to the process. (:issue:`8290`)
* Implement strict Qt dependency validation for collection of Qt plugins and QML
components/plugins. We now perform preliminary binary dependency analysis of
the plugins, and automatically exclude plugins that have at least one missing
Qt dependency. This prevents collection of plugins that cannot be used anyway
because of a missing Qt shared library (that is, for example, omitted from a
PyPI wheel). Furthermore, we disallow Qt dependencies of a plugin to be
resolved outside of the primary location of Qt shared libraries, in order to
prevent missing dependencies from pulling in Qt libraries from alternative
locations that happen to be in the search path (for example, when using
``PyQt5`` PyPI wheels while also having a system-installed Qt5 on Linux, a
Homebrew-installed Qt5 on macOS, or a custom Windows Qt5 build that happens to
be in ``PATH``). (:issue:`8226`)


Bugfix
~~~~~~

* (Linux) Prevent collection of ``libcuda.so.1``, which is part of NVIDIA
driver and must match the rest of the driver's components. Collecting
a copy might lead to issues when build and target system use different
versions of NVIDIA driver. (:issue:`8278`)
* (macOS) When validating the macOS SDK version of collected binaries,
handle errors raised by ``osxutils.get_macos_sdk_version``; log a
warning about failed version query, and add the offending binary to
the list of potentially problematic binaries to warn the user about.
(:issue:`8220`)
* Fix ``pkgutil.iter_modules`` override to gracefully handle cases when
the given path corresponds to a module instead of a package. (:issue:`8191`)
* Prevent Qt and QML plugins with missing Qt dependencies in the
``PySide2``, ``PyQt5``, ``PySide6``, and ``PyQt6`` PyPI wheels from
pulling in Qt shared libraries from alternative locations (for example,
system-installed Qt on Linux, Homebrew-installed Qt on macOS, or
a custom Windows Qt build that happens to be in ``PATH``), and resulting
in a frozen application that contains an incompatible mix of Qt libraries.
(:issue:`8087`)
* Switch the hashing function in PyInstaller's binary cache from MD5 to
SHA1, as the former cannot be used on FIPS-enabled Red Hat Enterprise
Linux systems. (:issue:`8288`)
* When trying to run ``pyinstaller`` (or equivalent ``python -m PyInstaller``)
against non-existing script file(s), exit immediately - without trying
to write the .spec file and building it. This prevents us from overwriting
an existing (and customized) .spec file if user makes a typo in the .spec
file's suffix when trying to build it, for example, ``pyinstaller
program.cpes``. (:issue:`8279`)


Hooks
~~~~~

* (macOS) Have ``PySide6`` and ``PyQt6`` run-time hooks prepend
``sys._MEIPASS`` to ``DYLD_LIBRARY_PATH`` in POSIX builds, in order
to ensure that ``QtNetwork`` discovers the bundled copy of the OpenSSL
shared library. (:issue:`8226`)
* Extend the OpenSSL shared library collection in the ``QtNetwork`` hook
helper for ``PySide2``, ``PyQt5``, ``PySide6``, and ``PyQt6`` to
cover all applicable versions of OpenSSL (1.0.2, 1.1.x, 3.x). In
addition to Windows, the OpenSSL shared library is now also collected
on Linux and macOS. (:issue:`8226`)


Bootloader
~~~~~~~~~~

* (Windows) Update the bundled zlib sources to v1.3.1. (:issue:`8292`)


Documentation
~~~~~~~~~~~~~

* Add a new documentation chapter, called :ref:`common issues`, to cover
topics such as launching external programs from frozen applications,
multi-processing via :mod:`multiprocessing` (specifically, the requirement
to call :func:`multiprocessing.freeze_support`), use of symbolic links in
POSIX builds in PyInstaller >= 6.0 and its implications for distribution
(e.g., when copying frozen application, or creating ``zip`` archives),
:data:`sys.stdout` and :data:`sys.stderr` being :data:`None` in Windows
no-console builds. (:issue:`8214`)
* Cleanup docstrings to remove mention of ``exec_command_stdout``.
(:issue:`8173`)
* Update the :ref:`macOS app bundles` section to reflect the layout of
macOS app bundles as produced by PyInstaller 6.0 and later. Add a note
to discourage use of onefile .app bundles. (:issue:`8214`)
* Update the introduction part of the :ref:`understanding pyinstaller hooks`
section. (:issue:`8214`)

6.3.0

------------------

Bugfix
~~~~~~

* (Linux) Optimize the automatic binary-vs-data classification by avoiding
``objdump`` based check on files that do not have ELF signature. This
mitigates noticeably longer analysis times for projects with large number of
(data) files. (:issue:`8148`)
* (Windows) Add Windows error code 110 (``ERROR_OPEN_FAILED``) to the list of
error codes eligible for the retry mechanism that attempts to mitigate build
failures due to anti-virus program interference. (:issue:`8138`)
* (Windows) Fix issue with non-functional :func:`time.sleep()` when building
program with Python <= 3.8.6 or Python 3.9.0. (:issue:`8104`)
* (Windows) Fix issue with splash screen in ``onefile`` mode failing to extract
``VCRUNTIME140.dll`` from the archive due to character-case mismatch. We now
perform case-insensitive comparison between the name listed in splash
dependency list and the names in archive TOC. (:issue:`8103`)
* Fix PEP 597 EncodingWarnings when :envvar:`PYTHONWARNDEFAULTENCODING` is set
to true. (:issue:`8117`)
* Fix pre-safe-import hooks for ``six.moves``, ``urllib3.packages.six.moves``,
and ``setuptools.extern.six.moves`` to gracefully handle cases when the
corresponding ``six`` package is unavailable, as the hook may end up being
executed even in that case. (:issue:`8145`)
* Fix symbolic link tracking in ``MERGE`` processing, so that distinct symbolic
links with same relative target (e.g. ``Current -> A`` symbolic links in Qt
.framework bundles collected on macOS) are properly processed, and kept in the
original TOC upon their first occurrence. (:issue:`8124`)


Hooks
~~~~~

* Add hook for ``gi.repository.DBus``. (:issue:`8149`)
* Add hooks for ``gi.repository.AppIndicator3`` and
``gi.repository.AyatanaAppIndicator3``. (:issue:`8149`)


Bootloader
~~~~~~~~~~

* When setting up embedded Python interpreter configuration, set
``PyConfig.install_signal_handlers=1`` to install signal handlers.
This matches the behavior of PyInstaller 5.x bootloaders, where interpreter
was initialized via ``Py_Initialize()``, which in turn calls
``Py_InitializeEx(1)``, i.e., with ``install_sigs=1``. (:issue:`8105`)

6.2.0

------------------

Features
~~~~~~~~

* (macOS) At the end of analysis, verify the macOS SDK version reported
by binaries to be collected, and warn when the version is either invalid
(0.0.0) or too low (< 10.9.0). Such binaries will likely cause issues
with code-signing and hardened runtime. (:issue:`8043`)
* If the ``argcomplete`` Python module is installed, PyInstaller will use it
enable tab completion for its CLI tools. PyInstaller CLIs can still be used
without this optional dependency. To install ``argcomplete`` with
PyInstaller, you can put ``pyinstaller[completion]`` in your dependencies.
See also `the argcomplete documentation
<https://kislyuk.github.io/argcomplete/>`_. (:issue:`8008`)


Bugfix
~~~~~~

* (macOS) Fix the bug in binary processing and caching that would update
the binary cache index before performing macOS-specific processing
(architecture validation, path rewriting). If, for example, architecture
validation failed during a build, subsequent build attempts with
enabled binary cache (i.e., without the :option:`--clean` option) would
pick up the partially-processed binary file from the cache, bypassing the
architecture validation. NOTE: the existing binary caches need to be
purged manually (using :option:`--clean` option once) for the fix to take
effect! (:issue:`8068`)
* (macOS) Prevent collection of ``.DS_Store`` files, which might be present
in build environment's package directories after user navigated them using
the Finder app. (:issue:`8042`)
* (Windows) Fix marshal error at the start of binary dependency analysis,
caused by inferred DLL search path ending up an instance of
:class:`pathlib.Path` instead of :class:`str`. (:issue:`8081`)
* Bump the required ``packaging`` version to 22.0, which is required for
proper handling of metadata that contains markers with ``extra``\ s.
(:issue:`8061`)
* Fix erroneous DLL parent path preservation when :data:`sys.base_prefix`
itself is a symbolic link. In such case, we need to exclude both
resolved and unresolved path variant for ``sys.base_prefix``, in order to
prevent either from ending up in the list of directories for which DLL
parent paths are preserved. Failing to do so, for example, caused
``_ctypes`` failing to load in an application build on Windows with
Python installed via ``scoop``, due to ``libffi-8.dll`` having spuriously
preserved the parent directory path instead of being collected to top-level
application directory. (:issue:`8023`)
* Fix matching of pre-release versions in
:func:`PyInstaller.utils.hooks.check_requirement` and
:func:`PyInstaller.utils.hooks.is_module_satisfies`. Both functions now
match pre-release versions, which restores the behavior of the old
``pkg_resources``-based implementation from PyInstaller < 6.0
that is implicitly expected by existing hooks. (:issue:`8093`)
* If the entry-point script has no suffix, append the ``.py`` suffix
to the filename passed to the ``compile`` function when byte-compiling
the script for collection. This ensures that the entry-point script
filename never coincides with executable filename, especially in POSIX
builds, where executables have no suffix either (and their name is based
on the entry-point script basename by default). Entry-point script having
the same filename as the executable causes issues when ``traceback``
(and ``linecache``) try to access source code for it, an in the process
end up reading the executable file if it happens to be in the current
working directory. (:issue:`8046`)
* Improve speed of :func:`pkgutil.iter_modules` override, especially in cases
when the function is called multiple times. (:issue:`8058`)
* Load PyInstaller hooks using :pep:`451` ``importlib.abc.Loader.exec_module``
instead of deprecated :pep:`302` ``importlib.abc.Loader.load_module``.
(:issue:`8031`)
* Prevent an attempt at relative import of a missing (optional) sub-module
within a package (e.g., ``from .module import something``) from tricking
the modulegraph/analysis into collecting an unrelated but eponymous
top-level module. (:issue:`8010`)


Hooks
~~~~~

* Add hook for ``PySide6.QtGraphs`` that was introduced in ``PySide6`` 6.6.0.
(:issue:`8021`)
* Add hooks for ``distutils.command.check`` and
``setuptools._distutils.command.check`` that prevent unnecessary
collection of ``docutils`` (which in turn triggers collection of
``pygments``, ``PIL``, etc.). (:issue:`8053`)
* Deduplicate and sort the list of discovered/selected ``matplotlib``
backends before displaying it in log messages, to avoid giving
impression that they are collected multiple times. (:issue:`8009`)
* Update ``PySide6`` hooks for compatibility with ``PySide6`` 6.6.0 and
python 3.12. (:issue:`8021`)

6.1.0

------------------

Features
~~~~~~~~

* Allow users to re-enable the old onedir layout (without contents directory) by
settings the :option:`--contents-directory` option (or the equivalent
``contents_directory`` argument to ``EXE`` in the .spec file) to ``'.'``.
(:issue:`7968`)


Bugfix
~~~~~~

* (macOS) Prevent bootloader from clearing ``DYLD_*`` environment variables
when running in ``onefile`` mode, in order to make behavior consistent
with ``onedir`` mode. (:issue:`7973`)
* (Windows) Fix unintentional randomization of library search path order
in the binary dependency analysis step. The incorrect order of search
paths would result in defunct builds when using both ``pywin32``
and ``PyQt5``, ``PyQt6``, ``PySide2``, or ``PySide6``, as it would prevent
the python's copy of ``VCRUNTIME140_1.dll`` from being collected into
the top-level application directory due to it being shadowed by the
Qt-provided copy. Consequently, the application would fail with
``ImportError: DLL load failed while importing pywintypes: The specified
module could not be found.`` (:issue:`7978`)
* Ensure that ``__main__`` is always in the list of modules to exclude,
to prevent a program or a library that attempts to import ``__main__``
from pulling PyInstaller itself into frozen application bundle.
(:issue:`7956`)
* Fix :func:`PyInstaller.utils.hooks.collect_entry_point` so that it returns
module names (without class names). This matches the behavior of previous
PyInstaller versions that regressed in PyInstaller ``v6.0.0`` during
transition from ``pkg_resources`` to ``importlib.metadata``. (:issue:`7958`)
* Fix ``TypeError: process_collected_binary() got an unexpected keyword
argument 'strip'`` error when UPX compression is enabled. (:issue:`7998`)
* Validate binaries returned by analysis of ``ctypes`` calls in collected
modules; the analysis might return files that are in ``PATH`` but are
not binaries, which then cause errors during binary dependency analysis.
An example of such problematic case is the ``gmsh`` package on Windows,
where ``ctypes.util.find_library('gmsh')`` ends up resolving the python
script called ``gmsh`` in the environment's Scripts directory.
(:issue:`7984`)


Hooks
~~~~~

* Update ``PySide6.QtHttpServer`` hook for compatibility with ``PySide6``
6.5.3 on Windows. (:issue:`7994`)


PyInstaller Core
~~~~~~~~~~~~~~~~

* (macOS) Lower the severity of a missing ``Info.plist`` file in a
collected macOS .framework bundle from an error to a warning (unless
strict collection mode is enabled). While missing ``Info.plist`` in a
collected .framework bundle will cause ``codesign`` to refuse to sign
the generated .app bundle, the user might be interested in building
just the POSIX application or may not plan to sign their .app bundle.
Fixes building with old ``PyQt5`` PyPI wheels (< 5.14.1). (:issue:`7959`)

6.0.0

------------------

Features
~~~~~~~~

* (macOS) PyInstaller now attempts to preserve the ``.framework`` bundles when
collecting shared libraries from them. If a shared library is to be collected
from a ``.framework`` bundle, the ``Info.plist`` is also automatically
collected. The ``.framework`` bundle collection code also attempts to fix the
bundles' structure to conform to code-signing requirements (i.e., creation of
the ``Current`` symbolic link in the ``Versions`` directory, and top-level
contents being symbolic links that point to counterparts in the
``Versions/Current`` directory). Note that other resources (for example from
``Resources`` or ``Helpers`` directories) still need to be explicitly
collected by hooks. (:issue:`7619`)
* (macOS) The file relocation mechanism in ``BUNDLE`` that generates macOS .app
bundles has been completely redesigned. All data files are now placed into
directory structure rooted in ``Contents/Resources``, all shared libraries (as
well as nested .framework bundles) are placed into directory structure rooted
in ``Contents/Frameworks``, and only the the program executable is placed into
the ``Contents/MacOS`` directory. The contents of ``Contents/Resources`` and
``Contents/Frameworks`` directories are cross-linked via symlinks between the
two directory trees in order to maintain illusion of mixed-content directories
(in both directory trees). The cross-linking is done at either file level or
(sub)directory level, depending on the content type of a (sub)directory. For
directories in ``Contents/Frameworks`` that contain a dot in the name, a
work-around is automatically applied: the directory is created with a modified
name that does not include the dot, and next to it, a symbolic link is created
under the original name and pointing to the directory with modified name.
(:issue:`7619`)
* (non-Windows) PyInstaller now attempts to preserve the parent directory
structure for shared libraries discovered and collected by the binary
dependency analysis, instead of automatically collecting them into the
top-level application directory. Due to library search path assumptions
made in various places, symbolic links to collected libraries are created
in the top-level application directory. This complements earlier work
(:issue:`7028`) that implemented DLL parent directory structure
preservation on Windows. (:issue:`7619`)
* (Windows) Add an option to hide or minimize the console window in
console-enabled applications, but only if the program's process owns
the console window (i.e., the program was not launched from an existing
console window). (:issue:`7729`)
* (Windows) The :option:`--add-data` and :option:`--add-binary` options accept
the POSIX syntax of ``--add-data=source:dest`` rather than
``--add-data=source;dest``. The latter will continue to work on Windows to
avoid breaking backwards compatibility but is discouraged in favour of the now
cross platform format. (:issue:`6724`)
* Add automatic binary vs. data file (re)classification step to the analysis
process. PyInstaller now inspects all files passed to ``Analysis`` via
``datas`` and ``binaries`` arguments, as well as all files returned by hooks
via ``datas`` and ``binaries`` hook global variables. The inspection mechanism
is platform-specific, and currently implemented for Windows, Linux, and macOS.
Proper file classification ensures that all collected binary files undergo
binary dependency analysis and any other platform-specific binary processing.
On macOS, it also helps ensuring that the collected files are placed in the
proper directory in the generated .app bundles. (:issue:`7619`)
* Add support for specifying hash randomization seed via ``hash_seed=<value>``
:ref:`run-time option <specifying python interpreter options>` when building
the application. This allows the application to use a fixed seed value or
disable hash randomization altogether by using seed value of 0.
(:issue:`7847`)
* Allow spec files to take custom command line parameters. See :ref:`adding
parameters to spec files <spec_parameters>`. (:issue:`4482`)
* Extend the operation retry mechanism that was initially introduced by
:issue:`7840` to cover all processing steps that are performed during
assembly of a Windows executable. This attempts to mitigate the interference
from anti-virus programs and other security tools, which may temporarily block
write access to the executable for a scan between individual processing steps.
(:issue:`7871`)
* Implement pass-through for `Python's X-options
<https://docs.python.org/3/using/cmdline.html#cmdoption-X>`_ via PyInstaller's
:ref:`run-time options mechanism <specifying python interpreter options>`.
(:issue:`7847`)
* Implement support for creating symbolic links from special ``'SYMLINK'``
TOC entries, either at build-time (``onedir`` mode) or at run-time
(``onefile`` mode). Implement symbolic link preservation support in the
analysis process; if a file and a symbolic link pointing to it are both to be
collected, and if their relative relationship is preserved in the frozen
application, the symbolic link is collected as a ``'SYMLINK'`` entry.
(:issue:`7619`)
* Implement :func:`PyInstaller.utils.hooks.check_requirement` hook utility
function as an :mod:`importlib.metadata`-based replacement for
:func:`PyInstaller.utils.hooks.is_module_satisfies`; the latter is now
just an alias for the former, kept for compatibility with existing hooks.
(:issue:`7943`)
* Restructure onedir mode builds so that everything except the executable (and
``.pkg`` if you're using external PYZ archive mode) are hidden inside a
sub-directory. This sub-directory's name defaults to ``_internal`` but may be
configured with a new :option:`--contents-directory` option. Onefile
applications and macOS ``.app`` bundles are unaffected. (:issue:`7713`)
* The :func:`PyInstaller.utils.hooks.collect_all` hook utility function now
attempts to translate the given importable package name into distribution name
before attempting to collect metadata. This allows the function to handle
cases when the distribution name does not match the importable package name.
(:issue:`7943`)


Bugfix
~~~~~~

* (macOS) ``QtWebEngine`` now works in ``onefile`` builds (previously available
only in ``onedir`` builds). (:issue:`4361`)
* (macOS) Fix the shared library duplication problem where a shared library that
is also referred to via its symbolic links (e.g., a shared library
``libwx_baseu-3.1.5.0.0.dylib`` with symbolic links
``libwx_baseu-3.1.5.dylib`` and ``libwx_baseu-3.0.dylib``) ends up collected
as duplicates and consequently crashes the program. The symbolic links should
now be preserved, thus avoiding the problem. (:issue:`5710`)
* (macOS) In generated .app bundles, the data files from ``PySide2``,
``PySide6``, ``PyQt5``, or ``PyQt6`` directory are now relocated to the
directory structure rooted in ``Contents/Resources`` to ensure compliance with
code-signing requirements. The content cross-linking between
``Contents/Resources`` and ``Contents/Frameworks`` should ensure that ``QML``
components in the ``qml`` sub-directory continue to work in spite of plugins
(shared libraries) being technically separated from their corresponding
metadata files. The automatic work-around for directories with dots in names
should prevent code-signing issues due to some ``QML`` components in Qt5
having dot in their names (e.g. ``QtQuick.2`` and ``QtQuick/Controls.2``.
(:issue:`7619`)
* (macOS) In generated .app bundles, the source .py files are now again
relocated to ``Contents/Resources`` directory (and cross-linked into
``Contents/Frameworks``), which ensures that code-signing does not store
signatures into the files' extended attributes. This reverts the exemption
made in :issue:`7180` to accommodate the ``cv2`` loader script; the problem is
now solved by cross-linking binaries from ``Contents/Frameworks`` to
``Contents/Resources``, which allows the loader to find the extension binary
(or rather, a symbolic link to it) next to the .py file. (:issue:`7619`)
* (macOS) Sandboxing for ``QtWebEngine`` in ``PySide6`` and ``PyQt6`` is not
disabled anymore by the corresponding run-time hooks (see :issue:`6903`), as
it should work out-of-the-box thanks to PyInstaller now preserving the
structure of the ``QtWebEngineCore.framework`` bundle. (:issue:`7619`)
* (macOS) The main process in a program that uses ``QtWebEngine`` is not
mis-identified as ``QtWebEngineCore`` anymore in the application's menu bar.
This applies to ``onedir`` POSIX program builds (i.e. the .app bundles were
not affected by this). (:issue:`5409`)
* (Windows) Avoid aborting the build process if machine type (architecture)
cannot be determined for a DLL in a candidate search path; instead, skip over
such files, and search in other candidate paths. Fixes build errors when a
search path contains an invalid DLL file (for example, a stub file).
(:issue:`7874`)
* (Windows) Prevent PyInstaller's binary dependency analysis from looking for
shared libraries in all :data:`sys.path` locations. Instead, search only
:data:`sys.base_prefix` and ``pywin32`` directories, of available. This, for
example, prevents PyInstaller from picking up incompatible DLLs from
system-installed programs that happen to put their installation directory into
system-wide :envvar:`PYTHONPATH`. (:issue:`5560`)
* (Windows) Remove the use of deprecated ``distutils.sysconfig`` module. The
import of this module seems to cause the python process to crash when
``tensorflow`` is subsequently imported during import analysis.
(:issue:`7347`)
* Fix file duplication when collecting a file and symbolic links pointing at it;
with new symbolic link support, the symbolic links are now properly preserved.
This should help reducing the size of builds made on Linux and macOS with
Anaconda, which provides versioned symbolic links for packaged shared
libraries, and PyInstaller tends to collect them all due to hook helper based
on the packages' metadata. (:issue:`7619`)
* Fix incompatibility between PyInstaller's frozen importer
(``PyiFrozenImporter``) and :mod:`importlib.resources` when trying to look up
the resources of a collected namespace package via
:func:`importlib.resources.files()`. (:issue:`7921`)
* When copying files into ``onedir`` application bundles, use
:func:`shutil.copyfile` instead of :func:`shutil.copy2` to avoid issues
with original permissions/metadata being too restrictive. (:issue:`7938`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* (Linux) Removed support for building LSB-compliant bootloader, due to
lack of support for LSB (Linux Standard Base) in contemporary linux
distributions. (:issue:`7807`)
* (macOS) Due to relocation of all dynamic libraries into directory
structure rooted in the ``Contents/Frameworks`` directory, the
``sys._MEIPASS`` variable as well as the ``os.path.dirname(__file__)``
in the entry-point script now point to ``Contents/Frameworks`` instead of
``Contents/MacOS``, while ``os.path.dirname(sys.executable)`` continues
to point to the ``Contents/MacOS`` directory. The behavior change applies
only to ``onedir`` .app bundles (in ``onefile`` ones, ``sys._MEIPASS``
and ``__file__`` of the entry-point script have always pointed to the
temporary extraction directory and continue to do so). (:issue:`7619`)
* (macOS) The changes made to the macOS .app bundle generation code and the
resulting .app bundle structure (strict relocation of binaries to
``Contents/Frameworks`` and data files to ``Contents/Resources``,
bi-directional cross-linking between ``Contents/Frameworks`` and
``Contents/Resources``, preservation of nested .framework bundles,
automatic work-around for dots in directory names) are likely
incompatible with existing (external) post-processing scripts.
(:issue:`7619`)
* (Windows) Removed command-line options related to processing of the
WinSxS assemblies: ``--win-private-assemblies`` and
``--win-no-prefer-redirects``.
The corresponding arguments to ``Analysis`` are deprecated and raise and
error if set to ``True``. (:issue:`7784`)
* (Windows) Removed support for analyzing and collection of dependencies
referenced via WinSxS (side-by-side) assemblies. This affects binaries
compiled with Visual Studio 2008 and earlier, as VC9 run-time was the
last version to make use of WinSxS. If you require support for such
binaries and you need referenced WinSxS binaries collected with your
application, use older version of PyInstaller. (:issue:`7784`)
* (Windows) Removed support for external application manifest in onedir
builds. Removed the ``--no-embed-manifest`` command-line option and
deprecated the corresponding ``embed_manifest`` argument to ``EXE``
to raise an error if set to ``False``. (:issue:`7784`)
* All of onedir build's contents except for the executable are now moved into a
sub-directory (called ``_internal`` by default). ``sys._MEIPASS`` is adjusted
to
point to this ``_internal`` directory. The breaking implications for this
are:

* Assumptions that ``os.path.dirname(sys.executable) == sys._MEIPASS`` will
 break. Code locating application resources using
 ``os.path.dirname(sys.executable)`` should be adjusted to use ``__file__``
 or ``sys._MEIPASS`` and any code locating the original executable using
 ``sys._MEIPASS`` should use :data:`sys.executable` directly.

* Any custom post processing steps (either in the ``.spec`` file or
 externally) which modify the bundle will likely need adjusting to
 accommodate the new directory. (:issue:`7713`)
* PyInstaller-frozen applications are not affected by the :envvar:`PYTHONUTF8`
environment variable anymore. To permanently enable or disable the UTF8 mode,
use the ``X utf8_mode=1`` or ``X utf_mode=0`` :ref:`run-time option
<specifying python interpreter options>` when building the application.
(:issue:`7847`)
* Remove bytecode encryption (``--key`` and ``cipher`` options).
(:issue:`6999`)
* Remove the ``--ascii`` command-line option, which is an effective no-op under
python 3; the :mod:`codecs` module is always collected due to being listed
among the base modules. (:issue:`7801`)
* Remove the built-in attempt at collection of data files from packages
that are installed as python eggs. Collection of all non-python resources
from packages should be handled in the standardized way via hooks,
regardless of how a package is installed. (:issue:`7784`)
* Remove support for zipped eggs. PyInstaller will not collect python code nor
resources from zipped eggs, nor will it collect zipped eggs as a whole.
(:issue:`7784`)
* Remove the ``requirements_for_package`` hook utility function, which was
primarily used by :func:`~PyInstaller.utils.hooks.collect_all`; the latter
does not include the top-level modules of metadata-declared requirements among
the returned hidden imports anymore. (:issue:`7943`)
* The :func:`PyInstaller.utils.hooks.collect_data_files` hook utility helper
does not collect ``.pyc`` files from ``__pycache__`` directories anymore, even
with ``include_py_files=True`` argument. (:issue:`7943`)
* The :func:`PyInstaller.utils.hooks.is_module_satisfies` helper does not
support the ``version`` and ``version_attribute`` arguments anymore; the
function will raise an error if they are specified. If the distribution
specified in the ``requirements`` string is not found, the function will not
attempt to import the eponymous module and read its version attribute anymore.
(:issue:`7943`)
* The collection of "py files", enabled by the ``include_py_files=True``
argument to the :func:`PyInstaller.utils.hooks.collect_data_files` hook
utility function, is now restricted to only ``.py`` and ``.pyc`` files.
Previously, all suffices from :func:`importlib.machinery.all_suffixes` were
enabled, which resulted in spurious collection of dynamic libraries and
extensions (due to ``.so``, ``.abi3.so``, ``.pyd``, etc. being among those
suffices). (:issue:`7943`)


Bootloader
~~~~~~~~~~

* (Linux, macOS) When extracting files from ``onefile`` archive, the
executable bit is now set only on binaries (files whose TOC type code
was either ``BINARY``, ``EXECUTABLE``, or ``EXTENSION``) or data files
that originally had the executable bit set. Therefore, binaries are now
extracted with permissions bits set to ``0700``, while all other files
have permissions bits set to ``0600``. (:issue:`7950`)
* Use `PEP 587 Python Initialization Configuration API
<https://peps.python.org/pep-0587>`_ to configure the embedded Python
interpreter. (:issue:`7847`)


PyInstaller Core
~~~~~~~~~~~~~~~~

* (Windows) The temporary/intermediate executable files are not generated
with ``.notanexecutable`` suffix anymore, as the retry mechanism from
:issue:`7840` and :issue:`7871` is now the preferred way of dealing with
anti-virus program interference during the build. (:issue:`7871`)
* Avoid collecting ``pathlib`` and ``tokenize`` (and their dependencies,
such as ``urllib``) into ``base_library.zip``. By collecting them into
PYZ archive, only submodules that the application really requires can
be collected, which helps reducing the size of applications that, for
example, do not require the full ``urllib`` package. (:issue:`7836`)
* Drop support for end of life Python 3.7. (:issue:`7733`)


Bootloader build
~~~~~~~~~~~~~~~~

* To enable the passing of extra arguments to the bootloader compiler during
installation via pip,
you can utilize the environment variable ``PYINSTALLER_BOOTLOADER_WAF_ARGS``.
However,
it is essential to ensure that the environment variable
``PYINSTALLER_COMPILE_BOOTLOADER``
is present for this functionality to work correctly. (:issue:`7796`)

5.13.2

-------------------

Bugfix
~~~~~~

* (Windows) Fix ``OSError: exception: access violation reading 0x00000010``
raised by ``matplotlib`` and ``win32com`` run-time hooks when ran in 32-bit
frozen application (regression introduced in ``v5.13.1``). (:issue:`7893`)


Hooks
~~~~~

* Fix the license of the new ``_pyi_rth_utils`` run-time package; it is
now licensed under permissive Apache license, which matches the license
of the run-time hooks that use this run-time package. (:issue:`7894`)


PyInstaller Core
~~~~~~~~~~~~~~~~

* Fix the license of the ``pyi_splash`` run-time module; it is now licensed
under permissive Apache license to avoid unintentionally imposing
additional license restrictions on the frozen applications that make
use of this module. (:issue:`7896`)

5.13.1

-------------------

Security
~~~~~~~~

* (Windows) Ensure that the access to temporary directories created by the
``matplotlib`` and ``win32com`` run-time hooks is restricted to the user
running the frozen application, even if the directory in the ``TMP`` or
``TEMP`` variables points to a system-wide *world writable* location that can
be accessed by all users. (:issue:`7827`)


Bugfix
~~~~~~

* (macOS) Fix :func:`pkgutil.iter_modules` failing to find submodules of a
package that contains data files when running as a macOS .app bundle.
(:issue:`7884`)
* (Windows) Fix ``win32com`` run-time hook to fully isolate the ``gen_py``
cache. This prevents access to the global cache, which results in errors when
the global cache contains some, but not all, required modules. (:issue:`6257`)
* (Windows) Fix splash screen not being able to locate collected Tk resources in
onefile applications created in MSYS2 python environment. (:issue:`7828`)
* (Windows) Fixed bug where GdkPixbuf loaders.cache dll paths are absolute paths
(e.g. ``C:/tools/msys64/mingw64/lib/gdk-pixbuf-2.0/2.10.0/loaders/*.dll``) and
not relative paths (e.g.
``lib\\gdk-pixbuf\\loaders\\libpixbufloader-png.dll``) when the file is
generated in the MSYS2/mingw64 environment. This results in the program
crashing when run on another Windows machine because it cannot find the
GdkPixbuf loader DLLs. (:issue:`7842`)
* Exclude NVIDIA graphics driver libraries from vendoring. (:issue:`7746`)
* Fix error handling in Glib schema compilation helper function. Ignore
character encoding errors when reading stdout/stderr from
``glib-schema-compile`` process; this fixes errors in MSYS2/mingw64
environment, caused by ``U+201C`` and ``U+201D`` quotation marks in the
output. (:issue:`7833`)
* Implement a work-around for un-initialized ``sys._stdlib_dir`` and ensure that
python-frozen stdlib modules in Python >= 3.11 have ``__file__`` attribute
set. (:issue:`7847`)


Hooks
~~~~~

* Add support for commercial PyQt5 and PyQt6 wheels. (:issue:`7770`)


Bootloader
~~~~~~~~~~

* Have bootloader

[pyup-bot]

Closing this in favor of #196