[Nix-dev] RFC: Removing Python 2.6 since it is insecure
James Cook
james.cook at utoronto.ca
Fri Jul 10 07:12:01 CEST 2015
Let's have the conversation at
https://github.com/NixOS/nixpkgs/pull/8733 . My initial message
copied below.
James
Python 2.6 is not receiving security updates as of October 2013. I
think it's a bad idea to have insecure software hanging around, so
this pull request deletes it.
If people really want to keep it, can we make it impossible to
accidentally install, e.g. make it require a
iUnderstandPython26IsInsecureButIWantItAnyway config option to be set
to true?
Paging @bjornfor as a random person who's touched Python stuff
recently. (I'm making this change fairly blindly.)
It looks like cudatoolkit explicitly depends on Python 2.6, but this
override has been copied and pasted from version to version. Paging
@jb55 as a random person who's modified cudatoolkit stuff.
Paging @geerds who posted on nix-dev about using Python 2.6 last year.
More information about the nix-dev
mailing list