hswong3i
commented
1 year ago @Shrews shall we also backport this for 2.0 and 2.1? Therefore we could release a new version to pypi with yank the incompatible legacy versions?
Closed Shrews closed 1 year ago
hswong3i
commented
1 year ago @Shrews shall we also backport this for 2.0 and 2.1? Therefore we could release a new version to pypi with yank the incompatible legacy versions?
Shrews
commented
1 year ago @hswong3i The 2.1 and earlier releases will receive only security fixes. Those branches will not receive this change.
hswong3i
commented
1 year ago Yes as a human being we all respecting the community policy for just patching for security for 2.0/2.1 release, but as a platform and tool as pypi.org and pip couldn't understand this.
If we only hotfix 2.2/2.3 release, pypi.org and pip will still report 2.1.x as suitable and available version for installation, which not sync with what we claimed in document for human...
Shall we give an exception for solving a technical issue by technical but not by documentation only?
hswong3i
commented
1 year ago P.S. as a rpm/deb packager with OBS, I had already EXCLUDE all 2.x build for legacy OS with Python 3.6 but just provide 1.4.9. So basically I am respecting community policy and already solve the problem for my own daily use case under my own controlled environment.
But this didn't solve the unexpected behavior if people follow our document and install with pip directly. We could patch the document with sorry, but patch the code could solve the root cause...
Fixes #1196