not sure that's really standard compliant behaviour, but I guess
we have to fix that anyway...

Fix by renaming the variable.

In a different module, Neal fixed it by renaming _self to self.  There's
already a variable named 'self' here, so I used selfptr.

(I'm committing this on a Mac without Tk, but it's a simple search-and-replace.
<crosses fingers>, so  I'll watch the buildbots and see what happens.)

the output required more than one line.  "Small" dicts got
displayed in seemingly random order (the hash-induced order
produced by dict.__repr__).  None of this was documented.
Now pprint functions always sort dicts by key, and the docs
promise it.

This was proposed and agreed to during the PyCon 2006 core
sprint -- I just didn't have time for it before now.

Prevent an invalid memory read from test_coding in case the done flag is set.
In that case, the loop isn't entered.  I wonder if rather than setting
the done flag in the cases before the loop, if they should just exit early.

This code looks like it should be refactored.

Backport candidate (also the early break above if decoding_fgets fails)

he didn't know this), so merged in some changes I made during
review.  Nothing material apart from changing a new `mask` local
from int to Py_ssize_t.  Mostly this is repairing comments that
were made incorrect, and adding new comments.  Also a few
minor code rewrites for clarity or helpful succinctness.

but disabled then because str and unicode strings gave different
results.  The implementations were repaired later during the
sprint, but the new test remained disabled.

[ 1456209 ] dictresize() vulnerability ( <- backport candidate ).

about extra semi-colons.  It may have been the HP C compiler.
This file will trigger a bunch of those warnings now.

loops here).  Assert that size_t is actually big enough, and
that f->size is at least one.  Wrap a long line.

SimpleXMLRPCServer and DocXMLRPCServer don't look at
the path of the HTTP request at all; you can POST or
GET from / or /RPC2 or /blahblahblah with the same results.
Security scanners that look for /cgi-bin/phf will therefore report
lots of vulnerabilities.

Fix: add a .rpc_paths attribute to the SimpleXMLRPCServer class,
and report a 404 error if the path isn't on the allowed list.

Possibly-controversial aspect of this change: the default makes only
'/' and '/RPC2' legal.  Maybe this will break people's applications
(though I doubt it).  We could just set the default to an empty tuple,
which would exactly match the current behaviour.