[Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance)
R. David Murray
rdmurray at bitdance.com
Wed Nov 25 15:39:54 EST 2015
On Thu, 26 Nov 2015 09:17:02 +1300, Robert Collins <robertc at robertcollins.net> wrote:
> On 26 November 2015 at 08:57, Barry Warsaw <barry at python.org> wrote:
> > There's a lot to process in this thread, but as I see it, the issue breaks
> > down to these questions:
> >
> > * How should PEP 493 be implemented?
> >
> > * What should the default be?
> >
> > * How should PEP 493 be worded to express the right tone to redistributors?
> >
> > Let me take on the implementation details here.
> >
> > On Nov 24, 2015, at 04:04 PM, M.-A. Lemburg wrote:
> >
> >>I would still find having built-in support for the recommendations
> >>in the Python stdlib a better approach
> >
> > As would I.
>
> For what its worth: a PEP telling distributors to patch the standard
> library is really distasteful to me.
>
> We've spent a long time trying to build close relations such that when
> something doesn't work distributors can share their needs with us and
> we can make Python out of the box be a good fit. This seems to fly in
> the exact opposite direction: we're explicitly making it so that
> Python builds on these vendor's platforms will not be the same as you
> get by checking out the Python source code.
I think we should include the environment variable support in CPython
and be done with it (nuke the PEP otherwise). Which is what I've
thought from the beginning :)
--David
More information about the Python-Dev
mailing list