Skip to content

gh-91349: Replace zlib with zlib-ng in Windows build #131438

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 10 commits into from
Mar 19, 2025
Merged

gh-91349: Replace zlib with zlib-ng in Windows build #131438

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
de56164
gh-91349: Replace zlib with zlib-ng in Windows build
zooba Mar 19, 2025
1347c50
Updated readme.txt
zooba Mar 19, 2025
7fd8f26
Fix includes for PGO build
zooba Mar 19, 2025
f919749
Use correct include dirs
zooba Mar 19, 2025
fb6500d
Add NEWS
zooba Mar 19, 2025
89d44a1
Fix debug reference and some warnings
zooba Mar 19, 2025
08eecb1
Exclude Intel optimizations better on ARM64
zooba Mar 19, 2025
548daa7
Update docs and whatsnew
zooba Mar 19, 2025
f108044
Remove unresolved reference from docs
zooba Mar 19, 2025
085fa10
Include ZLIBNG_VERSION in pythoninfo
zooba Mar 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions Doc/library/zlib.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,18 @@ the following constants:
.. versionadded:: 3.3


.. data:: ZLIBNG_VERSION

The version string of the zlib-ng library that was used for building the
module if zlib-ng was used. When present, the :data:`ZLIB_VERSION` and
:data:`ZLIB_RUNTIME_VERSION` constants reflect the version of the zlib API
provided by zlib-ng.

If zlib-ng was not used to build the module, this constant will be absent.

.. versionadded:: 3.14


.. seealso::

Module :mod:`gzip`
Expand Down
13 changes: 13 additions & 0 deletions Doc/whatsnew/3.14.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1026,6 +1026,7 @@ zipinfo
to produce reproducible output.
(Contributed by Jiahao Li in :gh:`91279`.)


.. Add improved modules above alphabetically, not here at the end.

Optimizations
Expand Down Expand Up @@ -1078,6 +1079,18 @@ uuid
(Contributed by Bénédikt Tran in :gh:`128150`.)


zlib
----

* On Windows, ``zlib-ng`` is now used as the implementation of the
:mod:`zlib` module. This should produce compatible and comparable
results with better performance, though it is worth noting that
``zlib.Z_BEST_SPEED`` (1) may result in significantly less
compression than the previous implementation (while also significantly
reducing the time taken to compress).
(Contributed by Steve Dower in :gh:`91349`.)


Deprecated
==========

Expand Down
2 changes: 1 addition & 1 deletion Lib/test/pythoninfo.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -651,7 +651,7 @@ def collect_zlib(info_add):
except ImportError:
return

attributes = ('ZLIB_VERSION', 'ZLIB_RUNTIME_VERSION')
attributes = ('ZLIB_VERSION', 'ZLIB_RUNTIME_VERSION', 'ZLIBNG_VERSION')
copy_attributes(info_add, zlib, 'zlib.%s', attributes)


Expand Down
2 changes: 2 additions & 0 deletions Misc/NEWS.d/next/Windows/2025-03-19-01-11-56.gh-issue-91349.pmtp-J.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
Replaces our copy of ``zlib`` with ``zlib-ng``, for performance improvements
in :mod:`zlib`.
12 changes: 6 additions & 6 deletions Misc/externals.spdx.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -171,25 +171,25 @@
"versionInfo": "5.2.5"
},
{
"SPDXID": "SPDXRef-PACKAGE-zlib",
"SPDXID": "SPDXRef-PACKAGE-zlib-ng",
"checksums": [
{
"algorithm": "SHA256",
"checksumValue": "e3f3fb32564952006eb18b091ca8464740e5eca29d328cfb0b2da22768e0b638"
"checksumValue": "00bbd88709bc416cb96160ab61d3e1c8f76e106799af7328d0fe434dc7dd5004"
}
],
"downloadLocation": "https://github.com/python/cpython-source-deps/archive/refs/tags/zlib-1.3.1.tar.gz",
"downloadLocation": "https://github.com/python/cpython-source-deps/archive/refs/tags/zlib-ng-2.2.4.tar.gz",
"externalRefs": [
{
"referenceCategory": "SECURITY",
"referenceLocator": "cpe:2.3:a:zlib:zlib:1.3.1:*:*:*:*:*:*:*",
"referenceLocator": "cpe:2.3:a:zlib-ng:zlib-ng:2.2.4:*:*:*:*:*:*:*",
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll admit I just guessed this, in order to unblock my testing (couldn't build at all with an invalid SBOM). If it's not right, let me know

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is likely the CPE that would get used, although we can't be for certain until a CVE exists with it... the only one I could find with some searching is cpe:...:zlib-ng:minizip-ng which is for a different component but at least the organization is a match.

"referenceType": "cpe23Type"
}
],
"licenseConcluded": "NOASSERTION",
"name": "zlib",
"name": "zlib-ng",
"primaryPackagePurpose": "SOURCE",
"versionInfo": "1.3.1"
"versionInfo": "2.2.4"
}
],
"spdxVersion": "SPDX-2.3"
Expand Down
6 changes: 6 additions & 0 deletions Modules/zlibmodule.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2101,6 +2101,12 @@ zlib_exec(PyObject *mod)
PyUnicode_FromString(zlibVersion())) < 0) {
return -1;
}
#ifdef ZLIBNG_VERSION
if (PyModule_Add(mod, "ZLIBNG_VERSION",
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Figured we'd want some way to detect this other than looking at the text in ZLIB_VERSION

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense. annoying to have optional attributes that one would use hasattr or getattr on instead of blindly accessing, but realistically nobody should care as this is more internal informational so this is fine.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, the main place it'll be used is in pythoninfo, which already handles absent attributes.

We have more offensive optional attributes in our extension modules 😆

PyUnicode_FromString(ZLIBNG_VERSION)) < 0) {
return -1;
}
#endif
if (PyModule_AddStringConstant(mod, "__version__", "1.0") < 0) {
return -1;
}
Expand Down
Loading
Loading