May 20, 2010
9:52 p.m.
On May 20, 2010, at 12:53 PM, Guido van Rossum wrote:
Sounds good to me, since this is (a) a security fix that will make some vendors happy, and (b) only a C-level API. I expect that some apps embedding Python will use this API unconditionally and this break with earlier Python versions; this could be intentional because of the vulnerability (else why would they change their code to call the new API), or they can use an #if to check for a version >= 2.6.6.
I concur, as long as the new API availability is clearly spelled out in the release notes, NEWS, and C API documentation. Maybe even provide an example #ifdef in the latter. Should we start thinking about releasing 2.6.6 soonish? -Barry