Pyinstaller

-------------------

Bugfix
~~~~~~

* (GNU/Linux) Fix resolving binary dependencies linked using ``$ORIGIN``.
(:issue:`8868`)
* (Linux) Fix discovery and collection of Python shared library when using
``uv``-installed or ``rye``-installed Python that happens to be of same
version as the system-installed Python. (:issue:`8850`)
* (Linux/musl) Prevent ``ld-musl-x86_64.so.1`` from being collected.
(:issue:`8868`)
* (Windows) Add a retry loop to ``onefile`` temporary directory cleanup
as an attempt to mitigate situations when bundled DLLs and python
extension modules remain locked by the OS and/or anti-virus program
for a short while after the application process exits. (:issue:`8870`)
* (Windows) Fix Qt run-time hooks failing to add the top-level application
directory to ``PATH`` when the latter already contains a sub-directory
of the top-level application directory (for example, ``pywin32_system32``
sub-directory added to ``PATH`` by ``pywin32`` run-time hook). This
failure prevented QtNetwork from discovering bundled OpenSSL DLLs, and
caused it to (attempt to) load them from other locations that happened
to be in ``PATH``. (:issue:`8857`)
* Fix macOS's default icons being missing from wheels (regression introduced in
v6.11.0) (:issue:`8855`)
* Prevent :mod:`tkinter` from being collected if it is unusable.
(:issue:`8868`)


Hooks
~~~~~

* Prevent ``IPython`` from being packaged redundantly if ``matplotlib`` is
imported. (:issue:`8868`)

-------------------

Features
~~~~~~~~

* Implement a mechanism that allows hooks to inform PyInstaller's binary
dependency analysis that it should not create symbolic links to top-level
application directory for certain shared libraries (applicable to platforms
where such symbolic links are created in the first place). This mechanism
is intended as a work around for corner cases when such symbolic links
disrupt run-time discovery of other shared libraries that are stored in
the linked library's true location. (:issue:`8761`)


Bugfix
~~~~~~

* (Windows) Allow PyInstaller to be launched from SYSTEM user's home
directory (``%WINDIR%\system32\config\systemprofile``) and its
sub-directories, as an exception to general prohibition of running
from Windows directory and its sub-directories (which was introduced
in :issue:`8570`). (:issue:`8816`)
* (Windows) Attempt to mitigate timing issues that prevented console
hiding/minimization mechanism (:issue:`7735`) from taking effect when
Windows Terminal is used as the default terminal app. (:issue:`8798`)
* (Windows) Fix binary dependency analysis for files found under
SYSTEM user's home directory (``%WINDIR%\system32\config\systemprofile``)
when running PyInstaller as SYSTEM user. (:issue:`8810`)
* (Windows) Fix regression with PyInstaller 6.x and ``numpy`` < 1.26
that resulted in duplicated shared libraries bundled with ``numpy``
PyPI wheels. (:issue:`8736`)
* (Windows) Fix the leak of ``VCRUNTIME140.dll`` in ``onefile`` applications
with splash screen enabled, this time in scenarios with full application
restart (regression introduced by :issue:`8650`). (:issue:`8701`)
* Fix a regression when trying to use ``runpy.run_path`` to run a python
script bundled with the frozen application. (:issue:`8767`)


Hooks
~~~~~

* Add hook for ``PySide6.QtGraphsWidgets``, which was introduced with
``PySide6`` v6.8.0. (:issue:`8828`)
* Tweak the ``setuptools`` hook to minimize collection of vendored
packages/modules and their (meta)data when using ``setuptools`` >= 71.0;
the aim is to have the run-time behavior of collected vendored package
closely match the behavior of its non-vendored counterpart. (:issue:`8737`)
* Update ``babel`` hook to collect all submodules that are needed to
unpickle the bundled locale data files. (:issue:`8750`)
* Update and modernize PyInstaller's copy of ``numpy`` hook for compatibility
with ``numpy`` 1.24.x, 1.25.x, 1.26x, and 2.x. Set the priority of
PyInstaller's copy of ``numpy`` hook to 1 (using the new hook priority
mechanism from :issue:`8740`), so that it overrides the upstream hook, in
attempt to address the following issues:

- fix duplication of shared libraries bundled with ``numpy`` < 1.26
PyPI wheels on Windows, which is caused by changed behavior of
PyInstaller's binary dependency analysis in PyInstaller 6.x (both the
old version of PyInstaller's numpy hook and its upstream counterpart
were written for behavior of v5 and earlier).

- avoid triggering a warning about ``numpy`` base dist not being
found when using ``pip``-installed ``numpy`` with Anaconda python.

- with ``numpy`` >= 1.26 on Windows, collect the load-order file from
``numpy.libs`` directory (if available) along with the shared libraries.
This should minimize potential issues when using ``pip``-installed
``numpy`` >= 1.26 with Anaconda python 3.8 and 3.9. (:issue:`8799`)


Bootloader
~~~~~~~~~~

* (AIX) Fix errors when compiling bootloader under AIX (regression
introduced in PyInstaller v6.8). (:issue:`8819`)
* (Cygwin) Fix missing-variable-error when compiling bootloader under
Cygwin (regression introduced in PyInstaller v6.8). (:issue:`8814`)


Documentation
~~~~~~~~~~~~~

* Document the caveats of enabling the hiding/minimization mechanism in
the frozen application when Windows Terminal is configured as the default
terminal app on the run-time system. (:issue:`8798`)


PyInstaller Core
~~~~~~~~~~~~~~~~

* (Windows) Pin ``pefile != 2024.8.26`` due to performance regression in
``pefile`` 2024.8.26 that heavily impacts PyInstaller's binary dependency
analysis and binary-vs-data classification. (:issue:`8762`)


Bootloader build
~~~~~~~~~~~~~~~~

* Relax the check for ``libdl`` to accommodate platforms which put the
``libdl``
symbols in ``libc`` but don't provide the placeholders needed to adhere to
the
POSIX requirement that ``-ldl`` should always be available, most notably
OpenWRT. (:issue:`7552`)

-------------------

Features
~~~~~~~~

* (Linux) Extend the mechanism for collection of ``.hmac`` files from
:issue:`8288` to also include ``.hmac`` files in the ``fipscheck`` directory.
(:issue:`8719`)
* Add support for Python 3.13. (:issue:`8198`)

* Introduce new :envvar:`PYINSTALLER_RESET_ENVIRONMENT` environment variable, to
be used by application developers when trying to launch
:data:`sys.executable`-based process that is supposed to outlive the current
application process (which includes the :ref:`application restart scenario
<independent subprocess>`). This is considered the official and preferred
approach at spawning new independent instances of the same application (as
opposed to modifying the private :envvar:`_PYI_ARCHIVE_FILE` environment
variable). (:issue:`8634`)
* The splash screen in splash-screen enabled frozen application can now
be disabled by the user at run-time, using the new
:envvar:`PYINSTALLER_SUPPRESS_SPLASH_SCREEN` environment variable. If the
environment variable is set to ``1``, the splash screen is not shown,
and functions from :mod:`pyi_splash` become no-op without raising errors
or displaying warning messages. (:issue:`8634`)


Bugfix
~~~~~~

* (Windows) Attempt to work around the leak of ``VCRUNTIME140.dll`` in
``onefile`` applications with splash screen enabled in scenarios where
the OS and/or anti-virus program injects additional DLLs into the process
that also depend on ``VCRUNTIME140.dll``. (:issue:`7106`)
* (Windows) Fix regression in PyInstaller 6.x that caused console-enabled
onefile to applications fail to clean up their temporary directory during
system session shutdown (i.e., when user logs off or initiates system shutdown
or restart). For console-enabled onefile applications, this used to work up
until PyInstaller 6.0 by means of installed console handler; however, due to
contemporary bootloader executables being linked against ``user32.dll``, the
console handler does not receive ``CTRL_LOGOFF_EVENT`` and
``CTRL_SHUTDOWN_EVENT`` console events anymore (for the same reason, this did
not work for builds with splash screen, even between v5.3 and 6.0). Instead,
session shutdown is now handled by means of hidden window and handling of
``WM_QUERYENDSESSION`` and ``WM_ENDSESSION`` event messages. (:issue:`8648`)
* (Windows) Improve handling of ``CTRL_CLOSE_EVENT`` console event in
``onefile`` builds for compatibility with Windows Terminal in order to
avoid leaking temporary files when user closes the terminal window
(or tab). Upon receiving the event, the parent process now gives the child
process a 500-millisecond grace period to exit, after which it terminates
the child process and proceeds with the cleanup (previously, the parent
process indefinitely waited for the child to exit, under assumption that
the ``CTRL_CLOSE_EVENT`` will also cause the child to exit at the same
time – which was the case with ``conhost.exe``, but is not the case with
Windows Terminal, where the child appears to receive event only after
OS already terminated the parent process). (:issue:`8640`)
* (Windows) The windowed/noconsole ``onefile`` builds should now clean up
their temporary directories during session shutdown (i.e., when user logs
off or initiates system shutdown or restart). (:issue:`8648`)
* Fix the implementation of ``PyiFrozenResourceReader.files()`` when called
with (sub)module name, it should return the path to the module's parent
(package) directory, instead of a sub-directory with module's name.
(:issue:`8659`)
* The ``MERGE`` dependency processing code now uses both source and destination
path as a bookkeeping key (instead of just source path). This fixes issues
when using ``MERGE`` with application TOCs that contain entries for a file
that is collected more than once, with different destination names.
(:issue:`8687`)
* The splash screen is now automatically suppressed in worker sub-processes
spawned via :data:`sys.executable`. The splash screen is not shown, and
functions from :mod:`pyi_splash` become no-op without raising errors or
displaying warning messages. (:issue:`8634`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* Attempting to restart the application by spawning new process via
:data:`sys.executable` and exiting the current process now requires the
:envvar:`PYINSTALLER_RESET_ENVIRONMENT` environment variable to be set prior
to spawning the process. See :ref:`independent subprocess`. (:issue:`8634`)


Deprecations
~~~~~~~~~~~~

* The ``-m`` shorthand for :option:`--manifest` will be removed in v7.0.
(:issue:`2560`)


Hooks
~~~~~

* Clean up the ``multiprocessing`` run-time hook. Due to changes in detection
of inherited PyInstaller environments, we do not need to restore (the now
renamed) ``_MEIPASS2`` environment variable anymore, and we can remove
all our custom ``Popen`` overrides. (:issue:`8634`)
* Implement support for ``setuptools`` >= 71.0.0 and its new approach to
vendoring its dependencies. (:issue:`8720`)


Bootloader
~~~~~~~~~~

* (Linux) When frozen executable is launched via dynamic linker/loader
invocation (e.g., ``/lib64/ld-linux-x86-64.so.2 /path/to/executable``),
the loader executable's name is now captured and passed on to ``execvp``
call when restarting the process (``onedir`` mode) or starting the
child process (``onefile`` mode). This ensures that the restarted/spawned
process also uses the specified dynamic loader instead of the one
encoded in executable's ELF headers. (:issue:`8662`)
* (Windows) In debug-enabled bootloader variants, copies of debug/warning/error
messages are now submitted to ``OutputDebugString`` win32 API in addition
to their primary output mechanism (i.e., ``stderr`` or message dialog).
This applies to both console and noconsole/windowed bootloader variants.
(Previously, ``OutputDebugString`` was used only for debug messages in
debug-enabled noconsole/windowed bootloader variant, where it serves as
the primary output mechanism.) (:issue:`8642`)
* (Windows) The ``onefile`` parent process now sets up invisible window
to receive and handle ``WM_QUERYENDSESSION`` and ``WM_ENDSESSION``
event messages, which allows it properly clean up temporary files during
session shutdown (i.e., user logging off, or initiating system shutdown
or restart). Cleanup during session shutdown should now work in both
console-enabled and windowed/noconsole builds, and regardless of whether
splash screen is used or not. (:issue:`8648`)
* (Windows) The parent process of a ``onefile`` application with enabled
splash screen now attempts to pre-load a system-wide copy of
``VCRUNTIME140.dll``, preferring it over the bundled copy (which would
be loaded as dependency of Tcl/Tk DLLs during splash screen setup).
If a system-wide copy is available, the OS and/or anti-virus
programs might inject other 3rd party DLLs into the process that
also depend on ``VCRUNTIME140.dll`` (for example, Trend Micro's User Mode
Hooking component has been observed to do that). Such externally loaded
DLLs prevent the bootloader from unloading the ``VCRUNTIME140.dll``
during the clean-up phase, and if the bundled copy was loaded, it would
also prevent its removal from the application's temporary directory.
(:issue:`8650`)
* Bootloader's debug/error/warning messages are now always formatted in
the temporary buffer (even when they are written to ``stderr``), in
order to ensure their atomicity and avoid interleaving of message parts
in multi-process scenarios. (:issue:`8642`)
* Change the prefix of debug/warning/error messages from `[{PID}]` to
`[PYI-{PID}:{SEVERITY}]`, and apply it consistently across all
bootloader-generated messages. (:issue:`8642`)
* Implemented explicit tracking of (sub)process level via newly-introduced
:envvar:`_PYI_PARENT_PROCESS_LEVEL` environment variable. This allows us to
reliably distinguish between different process types: in ``onedir``
applications, between the main application process and worker sub-process(es)
spawned via :data:`sys.executable`; in ``onefile`` applications, between the
parent process, the main application process, and worker sub-process(es)
spawned via :data:`sys.executable`. (:issue:`8634`)
* Reworked the detection of inherited PyInstaller environments, which now has
reversed logic compared to original implementation. Up until now, a process
running the bootloader was considered a (new) top-level process of a frozen
application unless the ``_MEIPASS2`` environment was set. Because bootloader
was clearing the ``_MEIPASS2`` environment variable prior to running the
python code in the main application process, this meant that application's
responsibility to restore the ``_MEIPASS2`` environment variable before
spawning worker sub-process via :data:`sys.executable` to, for example,
prevent a onefile application from unpacking itself again. In the new
implementation, the default assumption is that the process is a worker
sub-process of the same (instance of) application, unless the path to
PKG/CArchive has changed (which implies that a different executable is used),
as tracked by newly-introduced :envvar:`_PYI_ARCHIVE_FILE` environment variable.
This means that no additional action is needed to spawn worker sub-processes
via :data:`sys.executable` in multiprocessing scenarios, but on the other hand,
:ref:`attempting to restart the application <independent subprocess>` now
requires :envvar:`PYINSTALLER_RESET_ENVIRONMENT` environment variable to be
set before spawning the new application process. To prevent issues when
launching applications built with older version of PyInstaller as
subprocesses, the ``_MEIPASS2`` environment variable was renamed to
:envvar:`_PYI_APPLICATION_HOME_DIR`; note that this refers to the internally-used
environment variable, and does **not** affect the PyInstaller-specific
``sys._MEIPASS`` attribute. (:issue:`8634`)


Module Loader
~~~~~~~~~~~~~

* The ``PyiFrozenImporter`` has been reworked from being a monolithic
`meta path finder
<https://docs.python.org/3/glossary.html#term-meta-path-finder>`_
(with fused `loader <https://docs.python.org/3/glossary.html#term-loader>`_
part)
into path-instanced `path entry finder
<https://docs.python.org/3/glossary.html#term-path-entry-finder>`_
(with fused loader part), registered with python's default
`path based finder
<https://docs.python.org/3/glossary.html#term-path-based-finder>`_.
The new path-instanced design enables proper handling of run-time
:data:`sys.path`
modifications; i.e., modules within the PYZ archive can now be resolved
based on entries in :data:`sys.path` that are anchored to the top-level
application directory (``sys._MEIPASS``). This in turn also facilitates
full support for PEP420 namespace packages that are split across
different :data:`sys.path` locations; both within the PYZ archive, on
filesystem within top-level application directory tree, and/or in
fully-external locations. (:issue:`8695`)


Documentation
~~~~~~~~~~~~~

* Add a note about splash screen suppression to the splash screen
documentation. (:issue:`8634`)
* Extend the Advanced Topics section with new subsection,
:ref:`bootloader environment variables`, which documents all public and
private environment variables used by PyInstaller's bootloader.
(:issue:`8634`)
* Extend the Common Issues and Pitfalls section with :ref:`new subsection
<independent subprocess>` that describes the new requirements for launching a
:data:`sys.executable`-based process that is supposed to outlive the current
application process, which includes the application restart scenario.
(:issue:`8634`)

------------------

Bugfix
~~~~~~

* (Windows) Work around the problem with ``libgcc_s_dw2-1.dll`` and
``libwinpthread-1.dll`` DLLs files not being removed from application's
temporary directory when building splash-screen-enabled onefile
application with 32-bit msys2/mingw32 environment. (:issue:`8587`)
* (Windows) Work around the problem with ``VCRUNTIME140.dll`` DLL file not
being removed from application's temporary directory when building
splash-screen-enabled onefile application with UPX enabled. (:issue:`7106`)
* Re-allow ``hiddenimports`` with hyphenated names during Analysis (was blocked
in v6.8.0) (:issue:`8601`)


Hooks
~~~~~

* Add work-around for incompatibility between ``scipy`` and ``numpy`` 2.0.0
(the ``ModuleNotFoundError: No module named 'numpy.f2py'`` error).
(:issue:`8622`)
* Update ``django`` hook to account for possibility of the deprecated
``DEFAULT_FILE_STORAGE`` setting being set to ``None``. (:issue:`8633`)
* Update ``scipy`` hooks for compatibility with ``scipy`` 1.14.0.
(:issue:`8622`)


Bootloader
~~~~~~~~~~

* (Windows) Implement last-ditch attempt at force-unloading bundled DLLs
from onefile parent process: if onefile application fails to remove its
temporary directory, it now iterates over all DLLs loaded in the process,
identifies the ones that originate from its temporary directory, and
attempts to force-unload them, before trying to remove the temporary
directory again. This should work around for issues with Tcl/Tk DLLs
used by splash screen, which may load additional DLLs, and fail to
automatically unload them when they are unloaded themselves. (:issue:`8587`)
* Fix the order in which Tcl and Tk shared library are unloaded from the
splash-screen enabled frozen application, to prevent the process from
crashing during application cleanup (observed on Windows). (:issue:`8587`)

------------------

Bugfix
~~~~~~

* (macOS) When running ``codesign`` utility on macOS, use hard-coded absolute
path (``/usr/bin/codesign``) to avoid errors when user has the ``codesign``
from `sigtool <https://github.com/thefloweringash/sigtool>`_ in their
``PATH``. (:issue:`8581`)
* (Windows) When setting up DLL search paths for binary dependency analysis,
consider the directory where python executable is located (i.e.,
``os.path.dirname(sys._base_executable)``) in addition to directory pointed to
by ``sys.base_prefix``, in case the two differ. This fixes discovery of
``python3.dll`` when using python that was locally built from source (i.e.,
using ``PCbuild\build.bat`` script that comes with python's source code).
(:issue:`8569`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* Attempting to do a build whilst inside ``C:\Windows`` is now blocked.
(:issue:`8570`)
* Invalid hiddenimports (e.g. filenames instead of module names) are now a build
error. (:issue:`8570`)


Deprecations
~~~~~~~~~~~~

* Adding a Python environment's ``site-packages`` directory to
``pathex``/``--paths`` will be blocked in v7.0 (:issue:`8570`)
* Running PyInstaller with escalated privileges (e.g. using sudo or in a *run as
admin* terminal) will be blocked in v7.0. True admin users will be unaffected.
(:issue:`8570`)


Bootloader
~~~~~~~~~~

* (POSIX) Bootloader now attempts to create the run-time temporary directory
given via :option:`--runtime-tmpdir` option (instead of requiring the
directory to already exist), in order to match the behavior on Windows. A
relative run-time temporary directory is now resolved to an absolute full path
before being used to construct the application's temporary directory path.
(:issue:`8557`)
* (Windows) Bootloader now verifies the run-time temporary directory given via
:option:`--runtime-tmpdir` option, and raises an error if either the drive is
invalid or if the directory cannot be created (instead of creating the
application's temporary directory in the root of the current drive).
(:issue:`8557`)
* (Windows) Instead of converting bootloader's debug and error messages from
UTF-8 to local ANSI codepage and displaying them via ANSI API (e.g.,
``fprintf``, ``DebugMessageA``), the bootloader now attempts to convert those
messages to wide-character strings and displays them via wide-character API
(e.g., ``fwprintf``, ``DebugMessageW``). (:issue:`8557`)
* A major refactor and cleanup of bootloader's code. (:issue:`8557`)
* The splash screen resources in ``onefile`` builds are now extracted
into the application's temporary directory (instead of being extracted into a
sub-directory within the application's temporary directory); therefore, they
are now extracted only once, and are shared with the application itself, if
necessary. (:issue:`8557`)

------------------

Bugfix
~~~~~~

* (POSIX) Fix ``PyInstaller.depend.bindepend.resolve_library_path`` for
cases when ``ldconfig`` cache is not available (e.g., ``musl libc`` on
Alpine Linux). In such cases, the search code now distinguishes between
the case when fully suffixed library name is given (i.e., search for
exact match) and the case when library name has no suffix (i.e., search
for library with matching basename). (:issue:`8422`)
* (Windows) Fix mangling of path to the entry-point script when the script
is in the current working directory, and the path to this directory
contains two or more consecutive ``$`` or ``%`` characters. (:issue:`8434`)


Incompatible Changes
~~~~~~~~~~~~~~~~~~~~

* PyInstaller does not attempt to expand environment variables in paths
given via :option:`--workpath`, :option:`--distpath`, :option:`--specpath`,
and :option:`--additional-hooks-dir` anymore (note that other paths were
never subject to environment variable expansion in the first place).
Expansion of the starting tilde (``~``) into user's home directory is
still performed, as a work-around for tilde not being expanded by the
shell when passing arguments as ``--workpath=~/path/abc`` instead of
``--workpath ~/path/abc``. (:issue:`8441`)


Hooks
~~~~~

* Have ``sqlalchemy`` hook collect all dialects and plugins that are
registered via ``sqlalchemy.dialects`` and ``sqlalchemy.plugins``
entry-points. This ensures collection of 3rd party dialects and plugins
that may be available in the build environment (e.g., ``ibm-db-sa``).
(:issue:`8465`)
* The ``pywin32-ctypes`` hook now always collects the
``win32ctypes.core.ctypes``
modules, so that the ``ctypes`` backend is always available (i.e., even
if we also collect the ``cffi`` backend due to availability of ``cffi``
in the build environment). This fixes issues when ``cffi`` ends up
unavailable at run-time in spite of being available in the build environment
at build time (for example, due to explicit exclusion via
:option:`--exclude-module`
option). (:issue:`8544`)
* Update ``pkg_resources`` hook for compatibility with ``setuptools`` v70.0.0
and later (fix ``ModuleNotFoundError: No module named
'pkg_resources.extern'``). (:issue:`8554`)