Removing python 2.7

[Pomax]

With the death of Python 2.7 on January 1st of this year, tools that used to rely on it are now forced to update for Python 3. For the Node community, the most important tool in that space is node-gyp, which has thankfully already supported Python 3 for quite a few versions, but the version that is used by npm is not quite recent enough and still has python 2.7 support.

A feature request was filed for npm to update to node-gyp 5.1.0 or higher so that any mention of python 2.7 can finally be removed from node-gyp, but some coordination is probably required to make sure that Node.js gets released with a version of npm that relies on a pure Python 3 version of node-gyp.

As such, I figured I file this issue to see what kind of path forward can be taken to make sure the obsolete Python 2.7 is no longer part of the Node ecosystem.

[MylesBorins]

Wasn't the true end of life delayed until April?

https://www.python.org/psf/press-release/pr20191220/

Fwiw I'm not arguing for or against this initiative, more want to ensure we have appropriate timelines.

On Fri, Feb 21, 2020, 12:04 PM Pomax notifications@github.com wrote:

With the death of Python 2.7 on January 1st of this year, tools that used to rely on it are now forced to update for Python 3. For the Node community, the most important tool in that space is node-gyp, which has thankfully already supported Python 3 for quite a few versions, but the version that is used by npm is not quite recent enough and still has python 2.7 support.

A feature request was filed https://github.com/npm/cli/issues/927 for npm to update to node-gyp 5.1.0 or higher so that any mention of python 2.7 can finally be removed from node-gyp, but some coordination is probably required to make sure that Node.js gets released with a version of npm that relies on a pure Python 3 version of node-gyp.

As such, I figured I file this issue to see what kind of path forward can be taken to make sure the obsolete Python 2.7 is no longer part of the Node ecosystem.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/nodejs/Release/issues/538?email_source=notifications&email_token=AADZYV65LANC2BHMRFYJRPLREACTTA5CNFSM4KZG3GMKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IPLM2LQ, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADZYVZVJ22C56EHEXEWL2TREACTTANCNFSM4KZG3GMA .

[Pomax]

Something that's absolutely worth making sure of - I was going by https://pythonclock.org/ which reports it as already dead, but a press release that pushes the date back to April is certainly more authoritative.

[cclauss]

The "bible" of these things is... https://devguide.python.org/devcycle/#end-of-life-branches and https://devguide.python.org/#status-of-python-branches

[sam-github]

https://github.com/nodejs/node/issues/25789#issuecomment-571293501 discusses the plan wrt. Python 3 support.

the version that is used by npm is not quite recent enough and still has python 2.7 support.

... and it also has Python 3 support, so should work for everybody. This is a good thing.

[Pomax]

It absolutely is, but python 2.7 is now a (currently very low) security risk (but will increase in severity over time), so it's good to make sure that there's a new Node release eventually (preferably sooner than later, of course) that cannot lead to python 2.7 exploits because nothing it comes with even tries to use it.

(Something that will become especially important for users on operating systems that rely on their preinstalled python 2.7, like MacOS. Some of those won't be able to upgrade due to hardware compatibility, some can't even update past Mojave due to software compatibility, etc)

[richardlau]

The most recent versions of Node.js 10.x, 12.x and 14.x contain npm 6.14.4 which includes node-gyp 5.1.0 which supports Python 3 and 2. I'm going to close this out as there doesn't appear to be any further coordination required from the release team.

Discussions about removing support for legacy Python continues in e.g. https://github.com/nodejs/node-gyp/issues/2052, https://github.com/nodejs/node-gyp/issues/2093.