New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Can we drop support for Python < 2.7.9 in 1.3? #1073

Closed
jamadden opened this Issue Jan 9, 2018 · 3 comments

Comments

Projects
None yet
2 participants
@jamadden
Member

jamadden commented Jan 9, 2018

  • gevent version: 1.3

Python 2.7.9 was released 3 years ago. Supporting 2.7.8 and below adds a maintenance burden in testing and support questions. New installations of gevent 1.2 on Python < 2.7.9 have been declining over the past year:

Row yyyymm percent_lt279 download_count  
1 2018-01 10.7 142522  
2 2017-12 9.8 561840  
3 2017-11 12.3 468644  
4 2017-10 33.7 612577  
5 2017-09 47.3 673762  
6 2017-08 54.6 898936  
7 2017-07 62.3 1036779  
8 2017-06 49.4 734535  
9 2017-05 23.9 394873  
10 2017-04 23.9 378429  
11 2017-03 36.3 552546  
12 2017-02 41.9 581182  
13 2017-01 45.5 482429  
SELECT
  STRFTIME_UTC_USEC(timestamp, "%Y-%m") AS yyyymm,
  ROUND(100 * SUM(CASE
        WHEN REGEXP_MATCH(details.python, r"2\.7\.(9|\d\d)") THEN 0
        WHEN REGEXP_MATCH(details.python, r"2\.7\.") THEN 1
        ELSE 0 END) / COUNT(*), 1) AS percent_lt279,
  COUNT(*) AS download_count
FROM
  TABLE_DATE_RANGE(
    [the-psf:pypi.downloads],
    DATE_ADD(CURRENT_TIMESTAMP(), -1, "year"),
    CURRENT_TIMESTAMP()
  )
WHERE
  details.installer.name = 'pip' and file.project = 'gevent' and file.version >= '1.2'
GROUP BY
  yyyymm
ORDER BY
  yyyymm DESC
LIMIT
  100

Taking a look at where those installs are coming from:

Row python_version distro_name distro_version download_count  
1 2.7.6 Ubuntu 14.04 30292  
2 2.7.5 CentOS Linux 7 8992  
3 2.7.6 null null 8047  
4 2.7.5 Red Hat Enterprise Linux Server 7.4 1824  
5 2.7.3 Ubuntu 12.04 1604  
6 2.7.5 CentOS Linux 7.4.1708 1286  
7 2.7.5 null null 474  
8 2.7.5 CentOS Linux 7.3.1611 405  
9 2.7.7 Ubuntu 14.04 369  
10 2.7.6 Ubuntu 12.04 351  
11 2.7.5 Red Hat Enterprise Linux Server 7.3 151  
12 2.7.5 Red Hat Enterprise Linux Server 7.2 148
SELECT
  details.python as python_version,
  details.distro.name as distro_name,
  details.distro.version as distro_version,
  COUNT(*) AS download_count,
FROM
  TABLE_DATE_RANGE( [the-psf:pypi.downloads], DATE_ADD(CURRENT_TIMESTAMP(), -31, "day"), DATE_ADD(CURRENT_TIMESTAMP(), -1, "day") )
WHERE
  details.installer.name = 'pip' and file.project = 'gevent' and file.version >= '1.2'
  AND REGEXP_MATCH(details.python, r'2\.7\.[0-8]($|[^\d])')
GROUP BY
  python_version, distro_name, distro_version
ORDER BY
  download_count DESC
LIMIT
  100

It's likely many of those LTS versions have the 2.7.9 SSL patches in them.

There are at least two options:

  • "Hard" drop 2.7.8 by setting appropriate python_requires metadata, removing it from the testing matrix, and removing the old, insecure _ssl2.py. Users of old Python would continue to install 1.2.2 automatically, given a recent enough pip.
  • "Soft" drop 2.7.8 simply by removing it from the testing matrix and closing bugs involving it as "wontfix". Hard drop in 1.4.

@jamadden jamadden added this to the 1.3a1 milestone Jan 9, 2018

@squeaky-pl

This comment has been minimized.

squeaky-pl commented Jan 15, 2018

I bet large number of those Ubuntu 14.04 installs come from Travis CI tests that use distro Python. They still didnt release 16.04 afaik travis-ci/travis-ci#5821. I would go for soft drop.

@jamadden

This comment has been minimized.

Member

jamadden commented Jan 15, 2018

Travis claims that they install at least Python 2.7.13 in their default python build environment, and as far as I can see, that's true: you actually get 2.7.14 if you just ask for "2.7". One has to specifically ask for the older "precise" image, and even then you get at least 2.7.9.

@jamadden

This comment has been minimized.

Member

jamadden commented Jan 16, 2018

6184dd2 stopped testing it, but left the code in place for now.

@jamadden jamadden closed this Jan 16, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment