1. Forum
  2. Usenet
  3. LINUX.GENTOO.DEV

  • Re: [gentoo-dev] Last rites: =app-doc/python-docs-3.8*, =dev-lang/pytho

    From Eli Schwartz@21:1/5 to All on Wed Jun 4 05:00:01 2025
    This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------BAap65JmO69ZFD54M6HUWKj7
    Content-Type: text/plain; charset=UTF-8
    Content-Transfer-Encoding: quoted-printable

    On 6/3/25 1:24 PM, Michał Górny wrote:
    # Michał Górny <mgorny@gentoo.org> (2025-06-03)
    # Vulnerable EOL version of CPython.  Security backports require
    # too much effort.  Removal on 2025-07-03.
    =app-doc/python-docs-3.8*
    =dev-lang/python-3.8*


    IMO it's quite interesting to have old pythons available for reasons not related to running a stable system with them. It's not a valid eclass
    target, even. Anyone going out of their way to build and run it knows
    what they are getting into. I've used it myself for research purposes
    and found it very helpful to have old baselines, and the alternatives
    aren't pretty -- either pyenv or Ubuntu+deadsnakes.

    If we just need to make absolutely sure no one uses it by accident, I'd
    rather do what we do for sys-libs/glibc and sys-devel/gcc and have a
    permanent mask without planned removal, at least for the interpreter.


    --
    Eli Schwartz

    --------------BAap65JmO69ZFD54M6HUWKj7--

    -----BEGIN PGP SIGNATURE-----

    wnsEABYIACMWIQTnFNnmK0TPZHnXm3qEp9ErcA0vVwUCaD+1PgUDAAAAAAAKCRCEp9ErcA0vV2jl APwNy6TLHQrlgjSJoaC3+tooDZ3LnK8jBszwKL4056wuvwD/Vu3/sngH+DiJ7EqQMgGR/mruN+x+ +TVDz+ew6i7Btwo=
    =8WuF
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jay Faulkner@21:1/5 to Eli Schwartz on Wed Jun 4 15:30:01 2025
    On 6/3/25 7:53 PM, Eli Schwartz wrote:
    On 6/3/25 1:24 PM, Michał Górny wrote:
    # Michał Górny <mgorny@gentoo.org> (2025-06-03)
    # Vulnerable EOL version of CPython.  Security backports require
    # too much effort.  Removal on 2025-07-03.
    =app-doc/python-docs-3.8*
    =dev-lang/python-3.8*

    IMO it's quite interesting to have old pythons available for reasons not related to running a stable system with them. It's not a valid eclass
    target, even. Anyone going out of their way to build and run it knows
    what they are getting into. I've used it myself for research purposes
    and found it very helpful to have old baselines, and the alternatives
    aren't pretty -- either pyenv or Ubuntu+deadsnakes.

    While I generally agree with the usefulness of this as a python
    developer running gentoo, traditionally I've fetched and overlayed old
    ebuilds when needed. Maybe we should just have a old-pythons unofficial
    overlay for folks like us?


    -JayF

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?=@21:1/5 to Eli Schwartz on Wed Jun 4 15:50:01 2025
    On Tue, 2025-06-03 at 22:53 -0400, Eli Schwartz wrote:
    On 6/3/25 1:24 PM, Michał Górny wrote:
    # Michał Górny <mgorny@gentoo.org> (2025-06-03)
    # Vulnerable EOL version of CPython.  Security backports require
    # too much effort.  Removal on 2025-07-03.
    =app-doc/python-docs-3.8*
    =dev-lang/python-3.8*


    IMO it's quite interesting to have old pythons available for reasons not related to running a stable system with them. It's not a valid eclass
    target, even. Anyone going out of their way to build and run it knows
    what they are getting into. I've used it myself for research purposes
    and found it very helpful to have old baselines, and the alternatives
    aren't pretty -- either pyenv or Ubuntu+deadsnakes.

    If we just need to make absolutely sure no one uses it by accident, I'd rather do what we do for sys-libs/glibc and sys-devel/gcc and have a permanent mask without planned removal, at least for the interpreter.


    Well, I don't mind keeping them forever masked. Though I would really preferred if someone backported the security patches from 3.9 to keep
    this working properly.

    --
    Best regards,
    Michał Górny


    -----BEGIN PGP SIGNATURE-----

    iQFGBAABCgAwFiEEx2qEUJQJjSjMiybFY5ra4jKeJA4FAmhATk8SHG1nb3JueUBn ZW50b28ub3JnAAoJEGOa2uIyniQOmS0H/RRHPtis6xUMqvkhQH+ncuE3pHJ6yNUE qbCJ2Tc67PuIXHlYp/bUhxqXG64ADU4A/w63KMNYu+tGxSEx4ZrQXxJR4d6V8zGn 6B2i9w9J5pyTGeawcisfz6qxgEUE0y9Fbld4WscIT50XU0QGeEsXvc3DqI9EhCXv J9nFg2t4PvFHld79NHX7ise0H3V7FVMYZAYWJPboCY66k8tSF2E8ZDhqjrlCR8GD ycmUzBeLbnoy0MbnqqjFhlMWegmrzk84+aK152+hIrBCfXvAlwOBOCWUCzKsXukR xpMEywjbYZjVwi5G7V21W/cz4Q0+75/VqGILuxwcdQpdTCKgVJHnq1M=
    =bs46
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ionen Wolkens@21:1/5 to Jay Faulkner on Thu Jun 5 02:30:01 2025
    On Wed, Jun 04, 2025 at 06:28:42AM -0700, Jay Faulkner wrote:

    On 6/3/25 7:53 PM, Eli Schwartz wrote:
    On 6/3/25 1:24 PM, Michał Górny wrote:
    # Michał Górny <mgorny@gentoo.org> (2025-06-03)
    # Vulnerable EOL version of CPython.  Security backports require
    # too much effort.  Removal on 2025-07-03.
    =app-doc/python-docs-3.8*
    =dev-lang/python-3.8*

    IMO it's quite interesting to have old pythons available for reasons not related to running a stable system with them. It's not a valid eclass target, even. Anyone going out of their way to build and run it knows
    what they are getting into. I've used it myself for research purposes
    and found it very helpful to have old baselines, and the alternatives aren't pretty -- either pyenv or Ubuntu+deadsnakes.

    While I generally agree with the usefulness of this as a python
    developer running gentoo, traditionally I've fetched and overlayed old ebuilds when needed. Maybe we should just have a old-pythons unofficial overlay for folks like us?

    If someone wants to maintain it, sure.. but just lazy ebuild copies
    without maintenance will just end up broken sooner or later. These kind
    of "I want to keep old versions" overlays often end up becoming stinky.

    If we opt to keep the in-tree (even masked) it also means someone needs
    to keep these in working condition and it adds to the workload -- albeit
    being able to ignore security issues w/ mask would simplify things.
    --
    ionen

    -----BEGIN PGP SIGNATURE-----

    iQEzBAABCAAdFiEEx3SLh1HBoPy/yLVYskQGsLCsQzQFAmhA4tgACgkQskQGsLCs QzRojwf/SspYSV4P7FnSO17ckFdemYx+mhsnc9vZX5odKqV9qZXuEN16vXj5D/lK 9BeeOZuIVDe6R4BY1bWHEZelMIODo0CT2ZsOIPi0ZMZNy2tRCMfYSWldqDRHk18h sVrP25m/mbHenwoL3UYg2l59qW58SpYxq9EZ81X2W29HA3p6V8c8MPRVhXUyv4R7 nNAkQGWmMZCRZc+R5pGZpHZEFCFwGBtRvMBTVI3vliCvuOIQPBbcL99lIPE/t7dz 5XWq5Nfsbbyfe/BAe+V4Z5G8WZl6zti6AVFEheGyJUWDZqSPI7GH2DPtORWYl47A xBQj9hZwkUOgyIDhXXsms5m7hssjXQ==
    =O1cb
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)