On 12/7/19 7:09 AM, David C. Rankin wrote:
On 12/06/2019 05:10 AM, Dave Howorth wrote:
Without an upstream, nothing changes, you just keep packaging the last release. No different than how Gtk+2 is packaged -- which hasn't had an upstream for years -- but there is still a lot of Gtk+2 code in many apps -- as there will be plenty of non-python3 compatible code if python2 was dropped. I don't see any manpower it would require at all. There will be no other changes to the package.
I think the point is that maintenance is done as part of SLE and they guarantee to provide security updates. So unless somebody can guarantee that there are no further security bugs in any python2-related packages, they can't keep them available without committing manpower as and when required.
I see that point, but does that mean SLE is doing security checks on Gtk+2, Gtk+3 (now Gtk+4 is current, the same for GtkSourceview-2, 3 & 4), etc.. I can see SLE continuing with php56, but what of all the other successor versions of core tools that are no 100% backwards compatible with the new version.
Given that php56 is no longer in tumbleweed its safe to say it will be dropped in the next SLE / Leap. (It is possibly already in the SLE Legacy module [i'm too lazy to check]). SLE has alot less GTK stuff, desktop stuff also tends to have less significant security issues (when considering how insecure x11 is to start with). If they were getting significant security issues they'd likely be dropped (many of the lesser gtk2 libs have already been dropped).
The python issue makes no difference to me, I don't use it, but it really strikes me as odd why python2 would be singled out for different treatment than all the other packages and libraries where multiple versions are packaged for openSUSE. I would be a good 20-40% of libraries have multiple versions packaged, there are multiple versions of gcc, so why is python2 special?
Its much easier to maintain multiple gcc versions then a whole python stack the same can be said for multi versioned libraries although atleast in Tumbleweed where we have multi versioned libraries both versions are still maintained or we are trying to remove one. -- Simon Lees (Simotek) http://simotek.net Emergency Update Team keybase.io/simotek SUSE Linux Adelaide Australia, UTC+10:30 GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B