gh-148200: Update Modules/_hacl/ for Cygwin

[vstinner]

This pulls an updated version of HACL* that fixes Lib_Memzero0.c on Cygwin, via an upstream fix.

• Issue: CYGWIN: warning on missing safe memzero() is printed #148200

[vstinner]

I regenerated the SBOM with:

sed -i -e s/8ba599b2f6c9701b3dc961db895b0856a2210f76/504c2987452f87fe44bce9b9f12e19d6e051761f/g Misc/sbom.spdx.json 
make regen-sbom

[vstinner]

cc @protz @picnixz

[vstinner]

Hum. It seems like the checksums of the hacl-star package is outdated in Misc/sbom.spdx.json, but I don't know how to regenerate it. I expected python3.14 ./Tools/build/generate_sbom.py to update it, but I already ran this command.

[StanFromIreland]

Running with the CI envvar generates the correct checksum:

stan@stanlaptop:~/dev/cpython{update_hacl}$ CI=1 make regen-sbom
python3.15 ./Tools/build/generate_sbom.py
stan@stanlaptop:~/dev/cpython{update_hacl}$ git diff
diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json
index f42487bebee..cea3abebd17 100644
--- a/Misc/sbom.spdx.json
+++ b/Misc/sbom.spdx.json
@@ -1024,7 +1024,7 @@
       "checksums": [
         {
           "algorithm": "SHA256",
-          "checksumValue": "61e48893f37cb2280d106cefacf6fb5afe84edf625fec39572d0ee94e1018f26"
+          "checksumValue": "d6db56a5d061dcc0890eabdbb5f58a9fa6c606d9f2fbbe9d626925b870ffadfb"
         }
       ],
       "downloadLocation": "https://github.com/hacl-star/hacl-star/archive/504c2987452f87fe44bce9b9f12e19d6e051761f.zip",

[StanFromIreland]

Yeah it's intentional:

cpython/Tools/build/generate_sbom.py

Line 193 in ef34850

if "checksums" not in package or "CI" in os.environ:

[vstinner]

Ah yes, CI=1 make regen-sbom regenerates properly the checksums. https://devguide.python.org/developer-workflow/sbom/#updating-a-dependency documentation should maybe document CI=1.

cc @sethmlarson