In article <5432be77.40...@stoneleaf.us>, Ethan Furman <et...@stoneleaf.us> wrote: > With the incredibly long life span of 2.7, which bugs should we *not* fix? > > For example, in http://bugs.python.org/issue22297 I mentioned one reason to > not fix that bug was that the fix was not in > 3.1-3.3, but 2.7 will outlive all those plus a couple more. > > So, what are the current guidelines on what to fix? Is it still security > only, with the rest being carrots for switching?
Python release families are in one of four states: 1. in-development feature: the default branch, unreleased = 3.5 2. maintenance: currently released and actively maintained, bug fixes, no compatibility breaks, no new features without very compelling use cases, discussion, and release manager approval. = 2.7.x and 3.4.x 3. security: "fixing issues exploitable by attackers such as crashes, privilege escalation and, optionally, other issues such as denial of service attacks. Any other changes are not considered a security risk and thus not backported to a security branch." = 3.2.x and 3.3.x 4. retired: no fixes of any kind from python-dev = all other releases So 2.7.x is not "security only" and wouldn't reach that stage until 2020 under current policy. http://legacy.python.org/dev/peps/pep-0373/#id5 https://docs.python.org/devguide/devcycle.html#branches -- Ned Deily, n...@acm.org _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
