On 7/25/19 9:20 AM, Paul Gevers wrote: > Source: python-django > Control: found -1 python-django/2:2.2.3-5 > Severity: important > User: debian...@lists.debian.org > Usertags: breaks > X-Debbugs-CC: debian...@lists.debian.org > Affects: django-maintenancemode django-restricted-resource > Affects: django-tables django-testscenarios factory-boy lava > Affects: python-django python-django-debug-toolbar python-django-mptt > Affects: python-sparkpost django-sekizai > > Dear maintainers, > > Your package is trying to fix a CVE, but at the same time dropping > Python 2 support. There is a multitude of packages that need updating > for that because they (test-) depend on python-django. I think it is > smart to revert the Python 2 removal and have the security fix migrate > to testing.
Hi, I respectfully don't agree. We need to drop Python 2 support *now* for all the Django packages. I did a lot of that work already (at least a dozen of packages are fixed already), there's not so much remaining. Also, Django 2.2 does *not* have Python 2 support upstream anymore, so there's no way we can maintain this by ourselves. Cheers, Thomas Goirand (zigo) _______________________________________________ Python-modules-team mailing list Python-modules-team@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/python-modules-team
