> On May 19, 2020, at 09:20, Manuel Jacob <m...@manueljacob.de> wrote: > > Hi, > > The issue came up in a reply to a patch I've sent a few days ago. I'm sending > a new mail to discuss this topic more generally. > > Mercurial is not usable on Python versions prior to 2.7.4. The issue was > raised in > https://www.mercurial-scm.org/pipermail/mercurial/2020-May/051937.html. I've > sent a patch fixing it (that I didn't really propose for inclusion, for > reasons described in the patch): > https://www.mercurial-scm.org/pipermail/mercurial-devel/2020-May/141666.html. > Instead of committing the patch, I propose that the minimum Python version > should be raised to Python 2.7.4 in the stable branch. > > Some security features of Python 3.x were backported to Python 2.7.9 (see PEP > 466). If we require at least Python 2.7.9, we can make raise the minimum > security standard of Mercurial (quote from mercurial.sslutil: "Depending on > the version of Python being used, SSL/TLS support is either modern/secure or > legacy/insecure. Many operations in this module have separate code paths > depending on support in Python."). Therefore, I propose to raise the minimum > Python version to 2.7.9 in the default branch.
I'm a fan of doing that. > Alternatively, we could drop Python 2 support completely. I suspect this is still premature, given the Windows Py3 situation is (as far as I know) a bit rough. I'd like to do so before the end of the year though. > > -Manuel > _______________________________________________ > Mercurial-devel mailing list > Mercurial-devel@mercurial-scm.org > https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel _______________________________________________ Mercurial-devel mailing list Mercurial-devel@mercurial-scm.org https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel
