Re: Should non-security 2.7 bugs be fixed?

Sun, 19 Jul 2015 15:58:15 -0700 

On 7/19/2015 1:53 AM, dieter wrote:

Mark Lawrence <breamore...@yahoo.co.uk> writes:

...

If the vast majority of Python programmers are focused on 2.7, why are
volunteers to help fix 2.7 bugs so scarce?


I have not done much work related to Python bug fixing. But, I had
bad experience with other open source projects: many of my patches
(and bug reports) have been ignored over decades. This caused me
to change my attitude: I now report bugs (sometimes with patches)
and publish a potential solution in a separate package
(--> "dm.zopepatches.*", "dm.zodbpatches.*"). This way, affected
people can use a solution even if the core developpers don't care.



Patches uploaded to the cpython tracker are public and can be and 
sometimes are used by other people without or before being officially 
applied.  Separate packages are fine too.



 From my point of view: if you want help with fixing bugs,
you must ensure that there is a high probability that those contributions
really find their way into the main development lines.
As I understand from other messages in this thread, this is also
a problem with Python bug fixing.



Yes.  There are two competing proposals (PEPs) for improvement waiting 
for a decision from an appointed judge.



Does they all consider it perfect (or sufficient) as is?


I have not much blame for Python 2.7. I see a few minor points

   *  "pdb" is quite weak - but I could fix some (but
      by far not all) aspects in "dm.pdb".


This is not a security issue, so enhancements cannot go in 2.7.


   *  "https" has been weakly handled in earlier versions,
      but someone has done the Python 3 backport work in
      an external package before the backport finally arrived in
      Python 2.7.


This was determined to be an internet security fix.


Should the core developers who do not personally use 2.7 stop
backporting, because no one cares if they do?


I am grateful that the above mentioned "https" backport
was finally integrated into Python 2.7 -- even though
I find it acceptable to use an external package to get it.

Thus, there are people who care. Of course, I will not tell
core developers that they must do backporting. If they don't
more external packages will come into existence which contain
(unofficial) backports.



Some core developers have backported new modules they wrote as external 
packages.  Thank you for your comments.


--
Terry Jan Reedy

--
https://mail.python.org/mailman/listinfo/python-list























					Reply via email to