On Thu, Sep 09, 2010 at 11:25:30AM +0200, Matthias Klose wrote: > >Sometimes 2to3 will find a place in your source code that needs to be > >changed, but 2to3 cannot fix automatically. In this case, 2to3 will > >print a warning beneath the diff for a file. You should address the > >warning in order to have compliant 3.x code. > > so what? 2to3 will never be a tool which results should be used without > inspection. >
So if a patch comes out that fixes a security bug in foo.py(2), that is incompatable with 2to3, then it needs fixing twice. Which is why I've asked the secruity team for input. > >and: > >Note The lib2to3 API should be considered unstable and may change > >drastically in the future. > > wrong. lib2to3 in python2.6 is stable. > That was taken from: http://docs.python.org/library/2to3.html Do you have further information? A reference would certainly be useful. > >I'm copying in the security team; could you have a look at the thread > >starting at > >http://lists.debian.org/debian-release/2010/08/msg01107.html and pass > >any comments? > > nice. you are pointing to the very beginning of *this* thread, what > do you want to tell us? > I'd like their comments as to if they see the use of 2to3 etc to be supportable for them and if they have any comments. > If you are saying that you only will allow python3-* packages > for squeeze where the python3 code is built using 2to3, then please > say so, and such packages can be prepared (and as I understand Piotr > are already prepared). > And the concerns raised are to do with that process. Which is why we're asking for details. Neil -- <jmtd> irssiproxy appears to be crack cut with washing up powder -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
