Re: including EOL and vulnerable software in Fedora
Dne 11.10.2016 v 01:59 Zbigniew Jędrzejewski-Szmek napsal(a):
On Mon, Oct 10, 2016 at 10:29:16AM +0200, Vít Ondruch wrote:
>
> Dne 9.10.2016 v 05:42 Nick Coghlan napsal(a):
>> On 8 October 2016 at 23:13, Kevin Kofler <kevin.kofler(a)chello.at> wrote:
>>> These python[23][1-9] packages are entirely unnecessary and should go away
>>> ASAP.
>> They're not unnecessary for Python developers, as if you want to make
>> sure you're not accidentally using any features from later versions of
>> Python, the only way to reliably check that is to actually test your
>> code on those older versions.
> While I understand you want to test against older pythons, I don't
> understand how you would do that, since I don't believe that "just"
> older python is enough. You typically need also some additional
> libraries. Therefore I'm afraid this won't stop just with older python,
> but will continue with another set of packages.
Most pure-python packages nowadays support 2.x and 3.x from the same
codebase (at least "libraries", this not true for some "leaf"
programs).
This is contradicting. Either they works and you don't have to test
anything or they are know to not work and you need to test the
compatibility and possibly use different versions.
So if you are lucky and don't need any complied python modules,
Yes, if you are lucky, this is another argument against.
simply
adding site-packages from a similar version to PYTHONPATH should be
enough.
And anyway, once you have python running, then you have pip,
pip is independent package, so you don't have pip out of the box ...
Vít