Fix TSA #2816217: suppress Flawfinder false positive on Cython JoinPy…

…Unicode memcpy (#2029)

* Fix TSA #2816217: suppress Flawfinder false positive on Cython JoinPyUnicode memcpy

Flawfinder's buffer/memcpy rule (CWE-120) fires on any memcpy() call by
default. The flagged call sits inside the Cython 3.x string-join helper
__Pyx_PyUnicode_Join:

    memcpy((char *)result_udata + (char_pos << kind_shift),
           udata,
           (size_t) (ulength << kind_shift));

It is provably safe:
* result_uval was just allocated via PyUnicode_New(result_ulength, max_char)
  and result_udata = PyUnicode_DATA(result_uval) points into that buffer.
* The immediately preceding check
      (PY_SSIZE_T_MAX >> kind_shift) - ulength < char_pos
  guards against char_pos+ulength overflow before the memcpy executes.
* result_ulength is computed by the caller as the sum of input lengths,
  so char_pos + ulength <= result_ulength after each iteration. The byte
  count `ulength << kind_shift` is bounded by the allocated buffer.

Add an inline /* Flawfinder: ignore */ annotation on the flagged line in
the Cython-generated _pydevd_sys_monitoring_cython.c and extend the
existing post-processing block in setup_pydevd_cython.py so the annotation
is re-applied automatically whenever Cython regenerates the .c files.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Fix SyntaxError: add missing closing paren on JoinPyUnicode .replace() call

The merge from main inadvertently dropped the closing ')' of the new

JoinPyUnicode '.replace(...)' call, so the subsequent 'read<end'

'.replace(...)' block was being parsed as continued arguments. Add the

missing ')' (and a blank line) to separate the two calls cleanly.

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Try 6 on this file (#1995)

Add support for space in the python file (#1982)

* Add support for space in the python file itself when using shell expansion.

* Fix linter

* Fix flakey test

Fix arq quoting to work in runInTerminal (#1981)

* Fix arq quoting to work in runInTerminal

* Default was backwards

* Fix ruff errors

* Fix failing tests

* Only strip quotes on the exe

* Try fixing gw worker failures

* Skip certain test because of cmd limitations

* Need to skip all 'code' based tests on windows

update testing for python 3.14 (#1955)

* update testing for python 3.14

* Allow python 3.14 in attach code

* move 3.14 to its own job outside of matrix

* try 3.14.0-rc.2

* allowUnstable

* use 3.14.0-rc.2 but use 3.14 in tests

pydevd: Fix up prefix of attach shared library for Windows (#1939)

Follow-up to #1917, which changed the prefix for Windows. The crux of that contribution was about enabling attaching on Sillicon Mac (in fact, it came from my colleagues at Zed Industries). This however broke .dll lookup per zed-industries/zed#35640 (comment)

Fix debugger stepping actions in forked process (#1921)

* Fix debugger stepping actions in forked process

Fix the debugger stepping state when debugging a process that has been
forked from the main process. The new sys.monitoring mechanism didn't
fully clear the thread local storage after a fork leading to a state
where the forked child process tracked the wrong thread information and
was never updated on the latest continue action.

* Add stepping test for forked process

* Add line ending back in for cleaner diff

* More formatting reversions

Update flags (#1889)

Fix binskim warnings for mac, linux, and pyd files (#1856)

* Add controlflow guard to linux, mac, and pyd files

* Fix manylinux too

* Fix pydevd bits too

Fix matplotlib backend computation (#1811)

* Fix matplotlib backend computation and problem found with just my code fix

* Remove extra logging