Re: Django 1.6's lifespan for security updates?

Discussion to be continued on django-developers: https://groups.google.com/d/topic/django-developers/69fOquu8v-U/discussion On Thursday, March 19, 2015 at 12:18:46 PM UTC-4, Carl Meyer wrote: > > On 03/19/2015 01:01 AM, Russell Keith-Magee wrote: > > On Thu, Mar 19, 2015 at 12:05 PM, James Benne

Re: Django 1.6's lifespan for security updates?

On 03/19/2015 01:01 AM, Russell Keith-Magee wrote: > On Thu, Mar 19, 2015 at 12:05 PM, James Bennett > wrote: > Way, way, *way* back in the day, there was unofficial bugfix support > for pre-magic-removal versions of Django run on the basis of "some > peop

Re: Django 1.6's lifespan for security updates?

> On Mar 19, 2015, at 3:18 AM, Russell Keith-Magee > wrote: > > >> On Thu, Mar 19, 2015 at 2:27 PM, Mike Dewhirst wrote: >> Maybe ... some effort to solve the infrastructure issue would make it worth >> kickstarter funding. >> >> A couple of colleagues are pushing me towards Docker as a

Re: Django 1.6's lifespan for security updates?

On Thu, Mar 19, 2015 at 2:27 PM, Mike Dewhirst wrote: > Maybe ... some effort to solve the infrastructure issue would make it > worth kickstarter funding. > > A couple of colleagues are pushing me towards Docker as a packaged Python > 3.4 environment but that is beyond my interest atm. > > I am r

Re: Django 1.6's lifespan for security updates?

On Thu, Mar 19, 2015 at 12:05 PM, James Bennett wrote: > On Wed, Mar 11, 2015 at 3:54 PM, Tim Graham wrote: > >> Having managed the last few security releases for Django, I'll say it's >> one of my least favorite tasks and I'm quite looking forward to dropping >> support for 1.4 (which supports

Re: Django 1.6's lifespan for security updates?

Maybe ... some effort to solve the infrastructure issue would make it worth kickstarter funding. A couple of colleagues are pushing me towards Docker as a packaged Python 3.4 environment but that is beyond my interest atm. I am running a dedicated production server on Ubuntu 14.04 which more

Re: Django 1.6's lifespan for security updates?

On Wed, Mar 11, 2015 at 3:54 PM, Tim Graham wrote: > Having managed the last few security releases for Django, I'll say it's > one of my least favorite tasks and I'm quite looking forward to dropping > support for 1.4 (which supports Python 2.5) and 1.6 (Python 2.6). But, if > there's sufficient

Re: Django 1.6's lifespan for security updates?

Hey Tim, I can definitely relate. It's not fun maintaining security releases (or fixes of any sort) for older versions of the software. Been there (am there now). We're trying to encourage people to move to Python 2.7 so that we can upgrade, but this is the enterprise. It's not an easy task. (

Django 1.6's lifespan for security updates?

Hi, According to https://docs.djangoproject.com/en/1.7/internals/release-process/#supported-versions, it appears that when Django 1.8 is released, Django 1.6 will no longer receive security updates. I wanted to verify that this is true, and ask whether there's a possibility of an extension on

Re: Django 1.6's lifespan for security updates?

Having managed the last few security releases for Django, I'll say it's one of my least favorite tasks and I'm quite looking forward to dropping support for 1.4 (which supports Python 2.5) and 1.6 (Python 2.6). But, if there's sufficient interest that we could raise funds to support this effort

Re: Django 1.6's lifespan for security updates?

On Wednesday, March 11, 2015 at 12:00:25 PM UTC-4, Carl Meyer wrote: > > It certainly sounds like there's an opportunity here for someone to > provide extra-extended security-backport support for certain Django > releases (beyond the ~3.5 years we'll typically support an LTS release > under cu

Re: Django 1.6's lifespan for security updates?

Hi Stephen, On 03/11/2015 06:28 AM, Stephen Gallagher wrote: > So, here's the basic problem. The distributions that are packaging > python 2.6 are, basically Red Hat Enterprise Linux 6 and its clones > (CentOS, Scientific Linux, Oracle, etc.) and SUSE Linux Enterprise > Server 11. These two distri

Re: Django 1.6's lifespan for security updates?

On Wed, Mar 11, 2015 at 12:53 PM, Andreas Kuhne wrote: > I think the main thing here is that python 2.6 has already reached end of > life in October 2013. That's 1 ½ years ago! So opting for a dead version of > python to be used is not really the right way to go for the django > developers IMHO. I

Re: Django 1.6's lifespan for security updates?

You should really decouple yourself from the distro's choices, saving headaches in the future. Let me expand on Avraham's suggestion. There is little difficulty in having more than one version of python on a box. The main caution here is that the distrio's use of python might depend on that pyth

Re: Django 1.6's lifespan for security updates?

2015-03-11 13:28 GMT+01:00 Stephen Gallagher : > > On Tuesday, March 10, 2015 at 6:01:28 PM UTC-4, Carl Meyer wrote: >> >> I sympathize with your situation, but Python 2.6 reached end-of-life on >> October 29, 2013 (a year and a half ago now), and since then has been >> unsupported and not receivi

Re: Django 1.6's lifespan for security updates?

On Tuesday, March 10, 2015 at 6:01:28 PM UTC-4, Carl Meyer wrote: > > I sympathize with your situation, but Python 2.6 reached end-of-life on > October 29, 2013 (a year and a half ago now), and since then has been > unsupported and not receiving security updates. I don't think the Django > core

Re: Django 1.6's lifespan for security updates?

each django deployed on the machines with python 2.6 should already be on the project virtualenv I suggest to compile python 2.7 yourself and create the virtualenvs based on the compiled python, no need to replace it system-wide On Wed, Mar 11, 2015 at 12:00 AM, Carl Meyer wrote: > Hi Christian

Re: Django 1.6's lifespan for security updates?

Hi Christian, On 03/10/2015 01:44 PM, Christian Hammond wrote: > According to > https://docs.djangoproject.com/en/1.7/internals/release-process/#supported-versions, > it appears that when Django 1.8 is released, Django 1.6 will no longer > receive security updates. I wanted to verify that this is