On Wed, Mar 11, 2015 at 12:53 PM, Andreas Kuhne <andreas.ku...@suitopia.com> wrote: > I think the main thing here is that python 2.6 has already reached end of > life in October 2013. That's 1 ½ years ago! So opting for a dead version of > python to be used is not really the right way to go for the django > developers IMHO. I understand that python 2.6 is available via the package > manager in all of the enterprise distributions you are citing, however, it > should be possible (as someone already suggested) to compile at least 2.7 if > not python 3 yourself and run them in virtualenvs (which you should be doing > anyway).
For enterprise operating systems, the packages that are provided by them, are supported by them. Python 2.6 is still the supported python version in RHEL 6 - its not end of life - and will continue to be supported until (at the earliest) Oct 31, 2016. Up until that point, any security issue in python 2.6 will be backported by the OS vendor, and a new package is released. For instance, in RHEL 6, the supported version of apache is 2.2.15. 2.2.15 is old, it was released March 2010, and has lots of bugs, but when you install it in RHEL 6, you actually get (today) 2.2.15.39.el6, which is patched to fix all security issues between 2.2.15 and 2.2.29 (and possibly bug fixes for things that have yet to be released by httpd project). Using a self compiled python 2.7 would not be supported by the OS vendor, and so would require a separate support contract. For RHEL6, you can "get" python2.7 by using the Fedora SCL collections, but this also isn't covered by the OS support contract (iirc). This is not hypothetical issues. If you build your own python package, you are responsible for building, packaging and supporting it. When there are security issues with the version you have, you need to know about it, and have enough time to deal with it. If your business is not packaging up software, that is a waste of time, it is better to pay someone to do it for you, which is why we have vendor supported OS + packages, you simply need to have the support contract. Obviously, not everyone has these issues. Not everyone cares - move fast and break things is good.. Cheers Tom -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFHbX1Jq3udL3FoEzHNtPHev1Q5ukZ6vdXD1STtKDEP64aheag%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
