On 11 October 2016 at 02:18, Kevin Kofler wrote:
> Charalampos Stratakis wrote:
>> tox is THE main reason for multiple interpreters in Fedora.
>>
>> So no the comments are not contradictory but it seems there is a lack of
>> (technical) understanding of the actual situation here, but I may be wron
Dne 11.10.2016 v 12:57 Petr Viktorin napsal(a):
>
> The alternative to packaging those Pythons in Fedora is putting them
> in some COPR. I believe this would send a bad message. If we want to
> make Fedora friendly for Python developers, we should make
> cross-version testing officially supported
On Tue, Oct 11, 2016 at 09:50:13AM +0200, Vít Ondruch wrote:
>
>
> Dne 11.10.2016 v 01:59 Zbigniew Jędrzejewski-Szmek napsal(a):
> > On Mon, Oct 10, 2016 at 10:29:16AM +0200, Vít Ondruch wrote:
> >>
> >> Dne 9.10.2016 v 05:42 Nick Coghlan napsal(a):
> >>> On 8 October 2016 at 23:13, Kevin Kofler
On 10/10/2016 06:18 PM, Kevin Kofler wrote:
Charalampos Stratakis wrote:
tox is THE main reason for multiple interpreters in Fedora.
So no the comments are not contradictory but it seems there is a lack of
(technical) understanding of the actual situation here, but I may be wrong
here, so pleas
I'd like to apologize for the wording "No security fixes will be
applied". It was meant as a warning to users who might install the
package without knowing what it is for, not as a declaration that we
won't maintain the package properly.
The "python26" package is meant to provide just that --
Dne 11.10.2016 v 01:59 Zbigniew Jędrzejewski-Szmek napsal(a):
> On Mon, Oct 10, 2016 at 10:29:16AM +0200, Vít Ondruch wrote:
>>
>> Dne 9.10.2016 v 05:42 Nick Coghlan napsal(a):
>>> On 8 October 2016 at 23:13, Kevin Kofler wrote:
These python[23][1-9] packages are entirely unnecessary and sh
On Mon, Oct 10, 2016 at 10:29:16AM +0200, Vít Ondruch wrote:
>
>
> Dne 9.10.2016 v 05:42 Nick Coghlan napsal(a):
> > On 8 October 2016 at 23:13, Kevin Kofler wrote:
> >> These python[23][1-9] packages are entirely unnecessary and should go away
> >> ASAP.
> > They're not unnecessary for Python d
Charalampos Stratakis wrote:
> Nevertheless, at the link that I posted before, you can see for yourself
> the exact use case, so that should make things clear enough. Contradictory
> or not (as I said maybe the original descriptions possibly need to be
> rephrased), arguing about that does not real
+1
There is no need to keep broken deprecated stuff in fedora repositories. If
somebody really wants to use this, use a COPR. Or use the distro with
conservative risky update policy you are developing against (CentOS, RHEL,
Debian, Ubuntu, …).
___
deve
- Original Message -
From: "Kevin Kofler"
To: devel@lists.fedoraproject.org
Sent: Monday, October 10, 2016 6:18:19 PM
Subject: Re: including EOL and vulnerable software in Fedora
> If no package is allowed to require the old Pythons (and IMHO, "Recommends:"
>
Charalampos Stratakis wrote:
> tox is THE main reason for multiple interpreters in Fedora.
>
> So no the comments are not contradictory but it seems there is a lack of
> (technical) understanding of the actual situation here, but I may be wrong
> here, so please correct me if you think so.
>
> to
Charalampos Stratakis wrote:
> If people's issues is just the CVE's, and then everything will be fine, we
> can go and fix all the CVE's discovered so far.
That would be a good start.
Kevin Kofler
___
devel mailing list -- devel@lists.fedoraproj
- Original Message -
From: "Kevin Kofler"
To: devel@lists.fedoraproject.org
Sent: Monday, October 10, 2016 4:14:30 PM
Subject: Re: including EOL and vulnerable software in Fedora
> Your explanation does not solve the inherent contradiction between:
>> churchyard (i
Petr Viktorin wrote:
> Indeed, there's a disconnect here. The old Pythons are intended for
> *upstream* development/testing.
Your explanation does not solve the inherent contradiction between:
>> churchyard (in the FESCo tracker):
>> | These packages are not intended to be used as dependencies fo
On 10/09/2016 05:39 PM, Kevin Kofler wrote:
Nick Coghlan wrote:
They're not unnecessary for Python developers, as if you want to make
sure you're not accidentally using any features from later versions of
Python, the only way to reliably check that is to actually test your
code on those older ve
On Mon, Oct 10, 2016 at 11:32:43AM +0200, Dominik 'Rathann' Mierzejewski wrote:
> On Monday, 10 October 2016 at 11:07, Florian Weimer wrote:
> > On 10/07/2016 06:43 PM, Dominik 'Rathann' Mierzejewski wrote:
> >
> > > I was made aware that EOL software with known security bugs that will
> > > not b
- Original Message -
From: "Dominik 'Rathann' Mierzejewski"
To: devel@lists.fedoraproject.org, python-de...@lists.fedoraproject.org
Sent: Friday, October 7, 2016 9:23:51 PM
Subject: Re: including EOL and vulnerable software in Fedora
> How do you propose we
On Monday, 10 October 2016 at 11:07, Florian Weimer wrote:
> On 10/07/2016 06:43 PM, Dominik 'Rathann' Mierzejewski wrote:
>
> > I was made aware that EOL software with known security bugs that will
> > not be fixed upstream (due to EOL status) was reviewed and accepted into
> > Fedora recently.
>
- Original Message -
From: "Kevin Kofler"
To: devel@lists.fedoraproject.org
Sent: Saturday, October 8, 2016 3:13:10 PM
Subject: Re: including EOL and vulnerable software in Fedora
> * should not be necessary to run software, software for Python n.m usually
> runs ju
On 10/07/2016 06:43 PM, Dominik 'Rathann' Mierzejewski wrote:
I was made aware that EOL software with known security bugs that will
not be fixed upstream (due to EOL status) was reviewed and accepted into
Fedora recently.
Fedora relies on EOLed components pretty much across the system
(includ
This seems highly unlikely
Charalampos Stratakis
Associate Software Engineer
Python Maintenance Team, Red Hat
- Original Message -
From: "Kevin Kofler"
To: devel@lists.fedoraproject.org
Sent: Sunday, October 9, 2016 5:39:00 PM
Subject: Re: including EOL and vulnerable software
On Mon, Oct 10, 2016 at 10:29 AM, Vít Ondruch wrote:
>
>
> Dne 9.10.2016 v 05:42 Nick Coghlan napsal(a):
>> On 8 October 2016 at 23:13, Kevin Kofler wrote:
>>> These python[23][1-9] packages are entirely unnecessary and should go away
>>> ASAP.
>> They're not unnecessary for Python developers, as
Dne 9.10.2016 v 05:42 Nick Coghlan napsal(a):
> On 8 October 2016 at 23:13, Kevin Kofler wrote:
>> These python[23][1-9] packages are entirely unnecessary and should go away
>> ASAP.
> They're not unnecessary for Python developers, as if you want to make
> sure you're not accidentally using any
Nick Coghlan wrote:
> They're not unnecessary for Python developers, as if you want to make
> sure you're not accidentally using any features from later versions of
> Python, the only way to reliably check that is to actually test your
> code on those older versions. Tools like "tox" make that rela
On Sat, Oct 8, 2016 at 11:42 PM, Nick Coghlan wrote:
> On 8 October 2016 at 23:13, Kevin Kofler wrote:
>> These python[23][1-9] packages are entirely unnecessary and should go away
>> ASAP.
>
> They're not unnecessary for Python developers, as if you want to make
> sure you're not accidentally us
On 8 October 2016 at 23:13, Kevin Kofler wrote:
> These python[23][1-9] packages are entirely unnecessary and should go away
> ASAP.
They're not unnecessary for Python developers, as if you want to make
sure you're not accidentally using any features from later versions of
Python, the only way to
Dominik 'Rathann' Mierzejewski wrote:
> My proposal is:
> 1. Prevent EOL software with known security vulnerabilities from
> entering Fedora in the first place, i.e. make it a review bullet point
> (if the package is EOL it MUST NOT have any known security
> vulnerabilties). If existing packages ar
On Friday, 07 October 2016 at 19:35, Zbigniew Jędrzejewski-Szmek wrote:
> On Fri, Oct 07, 2016 at 06:43:10PM +0200, Dominik 'Rathann' Mierzejewski
> wrote:
> > Dear All,
> > I was made aware that EOL software with known security bugs that will
> > not be fixed upstream (due to EOL status) was revi
On Fri, Oct 07, 2016 at 06:43:10PM +0200, Dominik 'Rathann' Mierzejewski wrote:
> Dear All,
> I was made aware that EOL software with known security bugs that will
> not be fixed upstream (due to EOL status) was reviewed and accepted into
> Fedora recently. This came on the back of the FPC ticket [
Dear All,
I was made aware that EOL software with known security bugs that will
not be fixed upstream (due to EOL status) was reviewed and accepted into
Fedora recently. This came on the back of the FPC ticket [1] asking to
make some changes in the Python Packaging Guidelines. I did go back and
re-
30 matches
Mail list logo
