Security threatened by Python 2 end of life

Final release of Python 2 live

Python 2.7.18 is the very final maintenance release of the Python 2 line. Being the very final release is a milestone to be recorded. However, it does raise the question of why it comes almost 4 months after Python 2’s official end of life. 

When Python 3 arrived in December 2008 it was as a backwards incompatible major release and there was a lot of resistance to upgrading. The End of Life (EOL) date for Python 2.7 was originally scheduled for 2015 but in 2014 this was extended by a further 5 years to 2020 to give the community more time to migrate. It reached its EOL on January 1st, 2020.

As we reported in Final Releases of Python 2.7 Scheduled Beyond Its End of Life  the fact that Python 2.7.18 has appeared this week is not just a case of it being late. The release date was chosen by Python 2.7 maintainer, Benjamin Peterson  to coincide with PyCon 2020 in order that:. 

attendees can enjoy some collective catharsis.

Benjamin Peterson
Python 2.7 maintainer

Due to the corona virus pandemic PyCon 2020 which would have been taking place right now in Pittsburgh, Pennsylvania, had to be cancelled, so depriving the community its chance for giving Python 2 a final emotional send off.

Benjamin Peterson’s blog post on Aril 20, 2020 announcing the availability of Python 2.7.18 invites the community to download it as a “unique commemorative release” explaining:

Python 2.7 has been under active development since the release of Python 2.6, more than 11 years ago. Over all those years, CPython’s core developers and contributors sedulously applied bug fixes to the 2.7 branch, no small task as the Python 2 and 3 branches diverged. There were large changes midway through Python 2.7’s life such as PEP 466’s feature backports to the ssl module and hash randomization. Traditionally, these features would never have been added to a branch in maintenance mode, but exceptions were made to keep Python 2 users secure. 

Benjamin Peterson
Python 2.7 maintainer

His post concludes with forward-looking sentiment:

Python 3 would be nowhere without the dedication of the wider community. Library maintainers followed CPython by maintaining Python 2 support for many years but also threw their weight behind the Python 3 statement [a strong exhortation to transition to Python 3.x and notification of dropping support for Python 2.7] Linux distributors chased Python 2 out of their archives. Users migrated hundreds of millions of lines of code, developed porting guides, and kept Python 2 in their brain while Python 3 gained 10 years of improvements.

Benjamin Peterson
Python 2.7 maintainer

Finally, thank you to GvR for creating Python 0.9, 1, 2, and 3.

Long live Python 3+!

It seems to me that 2.7.18’s arrival post-mortem is indeed one of those Pythonesque moments that many Pythonistas cherish and to mark the occasion I went to look for the Monty Python Big Foot – and found this video snippet.

If you find this inclusion mystifying, what you need to know that when Guido Rossum created the language it was the popular UK television show Monty Python’s Flying Circus that inspired not only the language’s name but also those of many of it tools and motifs.  

Python 2 will no doubt linger on. Indeed a  survey from Active State found that fewer than half its respondents had planned for Python2 EOL and that for over a third half of their Python apps were on the Python 2 branch.

In the early years of Python 3 there were some justifiable reasons for sticking with the established and well embedded Python 2 – mainly many of its popular librairies were slow to have Ptyjon 3 counterparts. This excuse ran out quite a while ago.

Also it isn’t nearly as hard as to switch as some diehards would have you belive. The main differences are that print “hello world” becomes print(“hello world”) and there are major changes to the way that objects are implemented. You might think that changing the way objects work would be a big problem but as most Pythonistas aren’t even aware that it is object oriented it isn’t – only joking…

There are plenty of useful resources online to help in making the switch, such as the Cheat Sheet: Writing Python 2-3 compatible code

More Information

Share with