[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
Chris Angelico
rosuav at gmail.com
Mon Mar 24 06:24:12 CET 2014
On Mon, Mar 24, 2014 at 1:34 PM, Donald Stufft <donald at stufft.io> wrote:
> Right now users have a singular method for determining what the runtime
> environment looks like for Python, the version. There are processes around
> selecting different Python versions for things, upgrading etc. This isn’t
> a new thing for users. Suddenly having to mess with PYTHONPATH or
> having to figure out if their distro used the “official stdlib” or the “official
> unofficial stdlib” just adds massive confusion.
Various distros of Linux ship modified versions of things. On my
current system (Debian Wheezy), the apt-gettable Python is tagged
"2.7.3-4+deb7u1", so there are already at least some patches that
aren't in vanilla 2.7.3. Presumably the distro could happily just ship
the enhanced stdlib, and you don't need to mess with PYTHONPATH; and a
modified sys.version or other detection method could be used to probe
if you need to be sure.
As has already been pointed out, this can already happen, but in an
ad-hoc way. Making it official or semi-official would mean that a
script written for Debian's "Python 2.7.10" would run on Red Hat's
"Python 2.7.10", which would surely be an advantage.
ChrisA
More information about the Python-Dev
mailing list