From 2746c698e33fabd2eb886b0994141b29f14f1d91 Mon Sep 17 00:00:00 2001
From: "Gregory P. Smith" <68491+gpshead@users.noreply.github.com>
Date: Sun, 23 Nov 2025 01:34:48 -0800
Subject: [PATCH 1/2] [security] Add a cooldown period to dependabot
 (GH-141866)

See https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns and the description in the comment.
---
 .github/dependabot.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index c8a3165d690364..7f3376f8ddb1e2 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -12,6 +12,11 @@ updates:
         update-types:
           - "version-update:semver-minor"
           - "version-update:semver-patch"
+    cooldown:
+      # https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
+      # Cooldowns protect against supply chain attacks by avoiding the
+      # highest-risk window immediately after new releases.
+      default-days: 14
   - package-ecosystem: "pip"
     directory: "/Tools/"
     schedule:
@@ -19,3 +24,5 @@ updates:
     labels:
       - "skip issue"
       - "skip news"
+    cooldown:
+      default-days: 14

From 614a28b3da1c898f29c34c14f59bf2d496dbd31d Mon Sep 17 00:00:00 2001
From: "Gregory P. Smith" <68491+gpshead@users.noreply.github.com>
Date: Sun, 23 Nov 2025 01:52:26 -0800
Subject: [PATCH 2/2] gh-98552: Revert (unneeded, already done elsewhere)
 "flush std streams in the multiprocessing forkserver before fork (#141849)"
 (#141871)

Revert (unneeded, already done elsewhere) "gh-98552: flush std streams in the multiprocessing forkserver before fork (#141849)"

This reverts commit 58badb1711e12b6e8b5240ab96cdd01b95012de7.
---
 Lib/multiprocessing/forkserver.py                             | 1 -
 .../Library/2025-11-22-18-00-38.gh-issue-98552.d5KNy-.rst     | 4 ----
 2 files changed, 5 deletions(-)
 delete mode 100644 Misc/NEWS.d/next/Library/2025-11-22-18-00-38.gh-issue-98552.d5KNy-.rst

diff --git a/Lib/multiprocessing/forkserver.py b/Lib/multiprocessing/forkserver.py
index 8a4e8d835b0c91..cc8947c5e04fb1 100644
--- a/Lib/multiprocessing/forkserver.py
+++ b/Lib/multiprocessing/forkserver.py
@@ -326,7 +326,6 @@ def sigchld_handler(*_unused):
                                     len(fds)))
                         child_r, child_w, *fds = fds
                         s.close()
-                        util._flush_std_streams()
                         pid = os.fork()
                         if pid == 0:
                             # Child
diff --git a/Misc/NEWS.d/next/Library/2025-11-22-18-00-38.gh-issue-98552.d5KNy-.rst b/Misc/NEWS.d/next/Library/2025-11-22-18-00-38.gh-issue-98552.d5KNy-.rst
deleted file mode 100644
index 37a71ac1fff3f3..00000000000000
--- a/Misc/NEWS.d/next/Library/2025-11-22-18-00-38.gh-issue-98552.d5KNy-.rst
+++ /dev/null
@@ -1,4 +0,0 @@
-The :mod:`multiprocessing` forkserver process now flushes stdout and stderr
-before it forks to avoid the confusion children inheriting any buffered but
-not yet written output data.  Normally there is none, but when using
-:func:`multiprocessing.set_forkserver_preload` there *could* be.