nvaccess
Consider using self compiled releases of Python 3.7 to keep uptodate with the security fixes.
Briefly discussed in #12064
Is your feature request related to a problem? Please describe.
At the moment NVDA is compiled with Python 3.7 and cannot be updated to more recent version of Python due to this libFFI bug. While Python 3.7 receives security fixes until 2023.06 (Python 3.7 release schedule) new versions are not available as a binary copies so NVDA is stuck on the latest binary release 3.7.9.
Describe the solution you'd like
To be able to take advantage of the security fixes introduced in more recent releases of Python 3.7 I would like to propose to compile later releases ourselves on AppVeyour and use them to build NVDA. In addition to improving security this would also make upgrading to Python 3.8+ less urgent.
Describe alternatives you've considered
Update to more recent version of Python either when bug in libFFI is fixed or by moving affected code paths to C++.
Additional context
None
What would the compile times look like on AppVeyor?
Could AppVeyor be asked to support the latest Python 3.7 self compiled security releases? Or another build system used?
What would the compile times look like on AppVeyor?
Hard to say without testing but assuming that we would compile an installer once and then for every build just install from the ready .msi package I hope it would not be much longer then what we have now.
Could AppVeyor be asked to support the latest Python 3.7 self compiled security releases? Or another build system used?
I've no idea about this one however compiling ourselves has additional advantage namely that contributors can use the same binary on their systems.
I think we can consider closing this given:
- The bug in libFFI has been fixed
- It is planned to incorporate this update of libFFI into new versions of Python 3.11.x
