(original) (raw)
On Jun 8, 2017, at 6:36 AM, Victor Stinner <victor.stinner@gmail.com> wrote:2017-06-08 10:30 GMT+02:00 Cory Benfield <cory@lukasa.co.uk>:This is what I was worried about. Moving to require PyOpenSSL \*also\* locks
us out of Jython support, at least for the time being. That’s another point
in the “con” column for making PyOpenSSL a mandatory dependency.
Even if we do backport MemoryBIO to the next Python 2.7.14, I don't
think that you can require MemoryBIO. What about all existing
operating systems which provide a Python 2.7 without MemoryBIO? You
need to have a workaround anyway. For example, make the new
asynchronous API optional and use the old blocking mode in the
meanwhile.
I mentioned it earlier, but using the current download numbers from PyPI, <2.7.9 is rapidly dropping and is likely going to be single digit %age within the next 6-8 months IIRC. If 2.7.14 follows a similar trajectory, requests can depend on it within like… 2 years? Maybe 3? Likely it will depend on whether 2.7.14 gets into the next Ubuntu LTS or not.
—
Donald Stufft