Postgres Pro
Downloads
Home   >   mailing lists

Re: Switching PL/Python to Python 3 by default in PostgreSQL 12 - Mailing list pgsql-hackers

From Steven Pousty
Subject Re: Switching PL/Python to Python 3 by default in PostgreSQL 12
Date
Msg-id CAKmB1PH14XjWpNYiAFM=h6uuVwNbUyhnaUiwVQni4pJZ1SQ7jw@mail.gmail.com
Whole thread Raw
In response to Re: Switching PL/Python to Python 3 by default in PostgreSQL 12  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: Switching PL/Python to Python 3 by default in PostgreSQL 12  (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
List pgsql-hackers
Tree view
The point of the links I sent from the Python community is that they wanted Python extinct in the wild as of Jan 1 next year. They are never fixing it, even for a security vulnerability.

It seems to me we roll out breaking changes with major versions. So yes, if the user chooses to upgrade to 12 and they haven't migrated their code to Python 2 it might not work. 

I don't have a good answer to no changes except regressions. I do hope, given how much our users expect us to be secure, that we weigh the consequences of making our default Python a version which is dead to the community a month or so after Postgresql 12s release. We can certainly take the stance of leave the Python version be, but it seems that we should then come up with a plan if there is a security vulnerability found in Python 2 after Jan 1st 2020. 

If Python 2 wasn't our default choice then I would be much more comfortable letting this just pass without mention. 

All that aside, I think allowing the admin set the default version of plpythonu to be an excellent idea. 

Thanks 
Steve 



On Sun, Jul 7, 2019, 8:26 AM Tom Lane <tgl@sss.pgh.pa.us> wrote:
Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes:
> On 2019-07-07 00:34, Steven Pousty wrote:
>> Why would it be a 13 or later issue?

> Because PostgreSQL 12 is feature frozen and in beta, and this issue is
> not a regression.

More to the point: it does not seem to me that we should change what
"plpythonu" means until Python 2 is effectively extinct in the wild.
Which is surely some years away yet.  If we change it sooner than
that, the number of people complaining that we broke perfectly good
installations will vastly outweigh the number of people who are
happy because we saved them one keystroke per function definition.

As a possibly relevant comparison, I get the impression that most
packagers of Python are removing the versionless "python" executable
name and putting *nothing* in its place.  You have to write python2
or python3 nowadays.  Individuals might still be setting up symlinks
so that "python" does what they want, but it's not happening at the
packaging/distro level.

(This comparison suggests that maybe what we should be thinking
about is a way to make it easier to change what "plpythonu" means
at the local-opt-in level.)

                        regards, tom lane

pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Broken defenses against dropping a partitioning column
Next
From: Tomas Vondra
Date:
Subject: Re: [PATCH] Incremental sort (was: PoC: Partial sort)