Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-14 Thread Chris Jerdonek 
Oh, that makes your original email make much more sense (at least to me). I
also interpreted it to mean you were interested in extending the EOL date
out further, rather than pointing out that it should probably already have
been switched from “bugfix” to “security” status.

—Chris

On Wed, Mar 14, 2018 at 8:46 AM Michael Scott Cuthbert 
wrote:

> >* it still is in the time period before
> *>* EOL that other recent versions have gone to security only.
> *
> Again, not relevant.
>
> You might want to read http://python3statement.org/. 
> 
>
> I’m guessing my first message was unclear or able to be misunderstood in
> some part — I’m one of the frequent contributors to python3statement.org
> and have moved my own Python projects to Py3 only (the main one, music21,
> gets its 3.4+-only release this Saturday).  I have NO desire to prolong the
> 2.7 pain.
>
> What I am referring to is the number of “needs backport to 2.7” tags for
> non-security-related bug-fixes in the issue tracker. (
> https://github.com/python/cpython/pulls?q=is%3Apr+is%3Aopen+label%3A%22needs+backport+to+2.7%22
> )
> My question was between now and 1 Jan 2020 should we still be fixing things
> in 2.7 that we’re not fixing in 3.5, or leave 2.7 in a security-only mode
> for the next 21 months?  Looking at what has been closed recently, without
> getting a bpo for actually backporting, it appears that we’re sort of doing
> this in practice anyhow.
>
> Thanks! and even if my message was read differently than I intended, glad
> that it had a good effect.
>
> Michael Cuthbert (https://music21-mit.blogspot.com)
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/chris.jerdonek%40gmail.com
>
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-14 Thread Terry Reedy 

On 3/14/2018 9:16 AM, Michael Scott Cuthbert wrote:

I’m guessing my first message was unclear or able to be misunderstood in 
some part — I’m one of the frequent contributors to python3statement.org 
 and have moved my own Python projects to 
Py3 only (the main one, music21, gets its 3.4+-only release this 
Saturday).  I have NO desire to prolong the 2.7 pain.


Yes, sorry I mis-read you -- though like you I am happy about the 
resulting decision/clarification.


What I am referring to is the number of “needs backport to 2.7” tags for 
non-security-related bug-fixes in the issue tracker. 
(https://github.com/python/cpython/pulls?q=is%3Apr+is%3Aopen+label%3A%22needs+backport+to+2.7%22 
) 


14 is a small fraction of open fixes, which is perhaps your point.

My question was between now and 1 Jan 2020 should we still be fixing 
things in 2.7 that we’re not fixing in 3.5, or leave 2.7 in a 
security-only mode for the next 21 months?  Looking at what has been 
closed recently, without getting a bpo for actually backporting, it 
appears that we’re sort of doing this in practice anyhow.


The only people who can do substantive backports are those currently 
familiar with 2.7 and the old code and some of the subtle semantic 
differences.  It seems that a decreasing fraction of those still want to 
backport fixes.


Thanks! and even if my message was read differently than I intended, 
glad that it had a good effect.


--
Terry Jan Reedy


___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-14 Thread Steve Holden 
Speaking from the sidelines, I'd say that any further backporting of
non-security fixes would appear to be throwing good development effort away,

This software is less than two years from the extremely well-heralded end
of its life and people are expecting enhancements? It's a cold, ungrateful
world we live in!

It might be useful to retain the issues for the benefit of those who way
wish to maintain the release after EOL, or at least get a list of them
before the tags are wiped.

regards
 Steve

Steve Holden

On Wed, Mar 14, 2018 at 1:16 PM, Michael Scott Cuthbert 
wrote:

> >* it still is in the time period before
> *>* EOL that other recent versions have gone to security only.
> *
> Again, not relevant.
>
> You might want to read http://python3statement.org/. 
> 
>
> I’m guessing my first message was unclear or able to be misunderstood in
> some part — I’m one of the frequent contributors to python3statement.org
> and have moved my own Python projects to Py3 only (the main one, music21,
> gets its 3.4+-only release this Saturday).  I have NO desire to prolong the
> 2.7 pain.
>
> What I am referring to is the number of “needs backport to 2.7” tags for
> non-security-related bug-fixes in the issue tracker. (
> https://github.com/python/cpython/pulls?q=is%3Apr+is%
> 3Aopen+label%3A%22needs+backport+to+2.7%22
> )
> My question was between now and 1 Jan 2020 should we still be fixing things
> in 2.7 that we’re not fixing in 3.5, or leave 2.7 in a security-only mode
> for the next 21 months?  Looking at what has been closed recently, without
> getting a bpo for actually backporting, it appears that we’re sort of doing
> this in practice anyhow.
>
> Thanks! and even if my message was read differently than I intended, glad
> that it had a good effect.
>
> Michael Cuthbert (https://music21-mit.blogspot.com)
>
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/
> steve%40holdenweb.com
>
>
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-14 Thread Michael Scott Cuthbert 
> it still is in the time period before
> EOL that other recent versions have gone to security only.

Again, not relevant.

You might want to read 
http://python3statement.org/.


I’m guessing my first message was unclear or able to be misunderstood in some 
part — I’m one of the frequent contributors to 
python3statement.org and have moved my own Python 
projects to Py3 only (the main one, music21, gets its 3.4+-only release this 
Saturday).  I have NO desire to prolong the 2.7 pain.

What I am referring to is the number of “needs backport to 2.7” tags for 
non-security-related bug-fixes in the issue tracker. 
(https://github.com/python/cpython/pulls?q=is%3Apr+is%3Aopen+label%3A%22needs+backport+to+2.7%22)
 My question was between now and 1 Jan 2020 should we still be fixing things in 
2.7 that we’re not fixing in 3.5, or leave 2.7 in a security-only mode for the 
next 21 months?  Looking at what has been closed recently, without getting a 
bpo for actually backporting, it appears that we’re sort of doing this in 
practice anyhow.

Thanks! and even if my message was read differently than I intended, glad that 
it had a good effect.

Michael Cuthbert (https://music21-mit.blogspot.com)
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-12 Thread Matěj Cepl 
On 2018-03-12, 13:13 GMT, Nick Coghlan wrote:
> +1 from me, as even if commercial redistributors do decide 
> they want to collaborate on a post-2020 Python 2.7 maintenance 
> branch, there's no technical reason that that needs to live 
> under the "python" GitHub organisation, and some solid 
> logistical reasons for it to live somewhere more explicitly 
> vendor managed.

It would be good to have some email list of the commercial 
redistributors (Linux distro maintainers + people from Anaconda 
etc.). Could python.org host it?

Best,

Matěj
-- 
https://matej.ceplovi.cz/blog/, Jabber: mc...@ceplovi.cz
GPG Finger: 3C76 A027 CA45 AD70 98B5  BC1D 7920 5802 880B C9D8
 
..every Man has a Property in his own Person. This no Body has
any Right to but himself. The Labour of his Body, and the Work of
his Hands, we may say, are properly his.  The great and chief
end therefore, of Mens uniting into Commonwealths, and putting
themselves under Government, is the Preservation of their
Property.
-- John Locke, "A Treatise Concerning Civil Government"

___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-12 Thread Nick Coghlan 
On 11 March 2018 at 11:54, Guido van Rossum  wrote:

> Let's not play games with semantics. The way I see the situation for 2.7
> is that EOL is January 1st, 2020, and there will be no updates, not even
> source-only security patches, after that date. Support (from the core devs,
> the PSF, and python.org) stops completely on that date. If you want
> support for 2.7 beyond that day you will have to pay a commercial vendor.
> Of course it's open source so people are also welcome to fork it. But the
> core devs have toiled long enough, and the 2020 EOL date (an extension from
> the originally annouced 2015 EOL!) was announced with sufficient lead time
> and fanfare that I don't feel bad about stopping to support it at all.
>

+1 from me, as even if commercial redistributors do decide they want to
collaborate on a post-2020 Python 2.7 maintenance branch, there's no
technical reason that that needs to live under the "python" GitHub
organisation, and some solid logistical reasons for it to live somewhere
more explicitly vendor managed.

For example, a 2.7 vendor branch would need its own issue tracker that's
independent of bugs.python.org, since the ability to report bugs against
2.7 will be removed from bpo (and all remaining 2.7-only bugs will be
closed).

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-11 Thread Benjamin Peterson 
Sounds good to me. I've updated the PEP to say 2.7 is completely dead on Jan 1 
2020. The final release may not literally be on January 1st, but we certainly 
don't want to support 2.7 through all of 2020.

On Sat, Mar 10, 2018, at 18:54, Guido van Rossum wrote:
> Let's not play games with semantics. The way I see the situation for 2.7 is
> that EOL is January 1st, 2020, and there will be no updates, not even
> source-only security patches, after that date. Support (from the core devs,
> the PSF, and python.org) stops completely on that date. If you want support
> for 2.7 beyond that day you will have to pay a commercial vendor. Of course
> it's open source so people are also welcome to fork it. But the core devs
> have toiled long enough, and the 2020 EOL date (an extension from the
> originally annouced 2015 EOL!) was announced with sufficient lead time and
> fanfare that I don't feel bad about stopping to support it at all.
> 
> On Sat, Mar 10, 2018 at 5:36 PM, Terry Reedy  wrote:
> 
> > On 3/10/2018 4:59 PM, Michael Scott Cuthbert wrote:
> >
> >> I notice on https://devguide.python.org that Python 3.5 is in “security”
> >> status with an EOL of 2020-09-13 but Python 2.7 is in “bugfix” and has a
> >> likely earlier EOL.
> >>
> >
> > There is no relation between the two, or between 2.7 and any other
> > version.  2.7 is a completely special case.
> >
> >  Will there be a period where Py2.7 is in security-only status before
> >> hitting EOL?
> >>
> >
> > https://www.python.org/dev/peps/pep-0373 gives the public status.  When
> > Benjamin Peterson want to add something, he will.
> >
> > Already, the main emphasis is on security, build, and test infrastructure
> > fixes.  Backporting bug and doc fixes is at developer discretion.
> >
> >  Even if the EOL is set at the last possible date of 2020-12-31,
> >>
> >
> > Benjamin Peterson will decide when he decides.  He has not yet announced a
> > date for a 2018 release.
> >
> > People have mostly proposed either Jan 1 or sometime late spring related
> > to PyCon.  If you want something definite for your own planning, I
> > recommend that you assume Jan 1.
> >
> > it still is in the time period before EOL that other recent versions have
> >> gone to security only.
> >>
> >
> > Again, not relevant.
> >
> > You might want to read http://python3statement.org/.
> >
> > Some major projects (like Django, I believe) have already put their last
> > 2.x compatible version into bug-fix only mode and expect to stop patching
> > it before 2020.
> >
> > --
> > Terry Jan Reedy
> >
> >
> > ___
> > Python-Dev mailing list
> > Python-Dev@python.org
> > https://mail.python.org/mailman/listinfo/python-dev
> > Unsubscribe: https://mail.python.org/mailman/options/python-dev/guido%
> > 40python.org
> >
> 
> 
> 
> -- 
> --Guido van Rossum (python.org/~guido)
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: 
> https://mail.python.org/mailman/options/python-dev/benjamin%40python.org
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-10 Thread Terry Reedy 

On 3/10/2018 8:54 PM, Guido van Rossum wrote:
Let's not play games with semantics. The way I see the situation for 2.7 
is that EOL is January 1st, 2020, and there will be no updates, not even 
source-only security patches, after that date. Support (from the core 
devs, the PSF, and python.org ) stops completely on 
that date.


+1 from me.  If so, then that should be added to the PEP and announced 
at PyCon, to end major questions* and speculation.


* There are still minor details of when patches are cutoff (is that EOL, 
on Jan 1?) and when the rc and final releases appear (whenever ready 
after cutoff?)


--
Terry Jan Reedy

___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-10 Thread Guido van Rossum 
Let's not play games with semantics. The way I see the situation for 2.7 is
that EOL is January 1st, 2020, and there will be no updates, not even
source-only security patches, after that date. Support (from the core devs,
the PSF, and python.org) stops completely on that date. If you want support
for 2.7 beyond that day you will have to pay a commercial vendor. Of course
it's open source so people are also welcome to fork it. But the core devs
have toiled long enough, and the 2020 EOL date (an extension from the
originally annouced 2015 EOL!) was announced with sufficient lead time and
fanfare that I don't feel bad about stopping to support it at all.

On Sat, Mar 10, 2018 at 5:36 PM, Terry Reedy  wrote:

> On 3/10/2018 4:59 PM, Michael Scott Cuthbert wrote:
>
>> I notice on https://devguide.python.org that Python 3.5 is in “security”
>> status with an EOL of 2020-09-13 but Python 2.7 is in “bugfix” and has a
>> likely earlier EOL.
>>
>
> There is no relation between the two, or between 2.7 and any other
> version.  2.7 is a completely special case.
>
>  Will there be a period where Py2.7 is in security-only status before
>> hitting EOL?
>>
>
> https://www.python.org/dev/peps/pep-0373 gives the public status.  When
> Benjamin Peterson want to add something, he will.
>
> Already, the main emphasis is on security, build, and test infrastructure
> fixes.  Backporting bug and doc fixes is at developer discretion.
>
>  Even if the EOL is set at the last possible date of 2020-12-31,
>>
>
> Benjamin Peterson will decide when he decides.  He has not yet announced a
> date for a 2018 release.
>
> People have mostly proposed either Jan 1 or sometime late spring related
> to PyCon.  If you want something definite for your own planning, I
> recommend that you assume Jan 1.
>
> it still is in the time period before EOL that other recent versions have
>> gone to security only.
>>
>
> Again, not relevant.
>
> You might want to read http://python3statement.org/.
>
> Some major projects (like Django, I believe) have already put their last
> 2.x compatible version into bug-fix only mode and expect to stop patching
> it before 2020.
>
> --
> Terry Jan Reedy
>
>
> ___
> Python-Dev mailing list
> Python-Dev@python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/guido%
> 40python.org
>



-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-10 Thread Terry Reedy 

On 3/10/2018 4:59 PM, Michael Scott Cuthbert wrote:
I notice on https://devguide.python.org that Python 3.5 is in “security” 
status with an EOL of 2020-09-13 but Python 2.7 is in “bugfix” and has a 
likely earlier EOL.


There is no relation between the two, or between 2.7 and any other 
version.  2.7 is a completely special case.



 Will there be a period where Py2.7 is in security-only status before hitting 
EOL?


https://www.python.org/dev/peps/pep-0373 gives the public status.  When 
Benjamin Peterson want to add something, he will.


Already, the main emphasis is on security, build, and test 
infrastructure fixes.  Backporting bug and doc fixes is at developer 
discretion.



 Even if the EOL is set at the last possible date of 2020-12-31,


Benjamin Peterson will decide when he decides.  He has not yet announced 
a date for a 2018 release.


People have mostly proposed either Jan 1 or sometime late spring related 
to PyCon.  If you want something definite for your own planning, I 
recommend that you assume Jan 1.


it still is in the time period before 
EOL that other recent versions have gone to security only.


Again, not relevant.

You might want to read http://python3statement.org/.

Some major projects (like Django, I believe) have already put their last 
2.x compatible version into bug-fix only mode and expect to stop 
patching it before 2020.


--
Terry Jan Reedy


___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Python 2.7 -- bugfix or security before EOL?

2018-03-10 Thread Michael Scott Cuthbert 
I notice on https://devguide.python.org that Python 3.5 is in “security” status 
with an EOL of 2020-09-13 but Python 2.7 is in “bugfix” and has a likely 
earlier EOL.  Will there be a period where Py2.7 is in security-only status 
before hitting EOL?  Even if the EOL is set at the last possible date of 
2020-12-31, it still is in the time period before EOL that other recent 
versions have gone to security only.

(obviously recognizing that Py2.7 EOL is not just another EOL)

I tried searching in archives for anything related to this status, but couldn’t 
find anything.  apologies if I missed a discussion.

- Michael Cuthbert

___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com