Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What's new in Python 2.7.18?

So the final Python 2 release is out. However, I can't find anywhere what has changed with this release. The corresponding news page on GitHub is also empty. Can anyone shed some light on this?

like image 707
planetp Avatar asked Apr 22 '20 13:04

planetp


People also ask

Is Python 2.7 outdated?

As of January 1st, 2020 no new bug reports, fixes, or changes will be made to Python 2, and Python 2 is no longer supported. A few changes were made between when we released Python 2.7.

Which version of Python should I use for 2022?

The latest version Python 3.11 is set to release in October this year and the alpha phase is currently ongoing and generally goes on until May 2022.

Why is Python 2.7 still used?

Mainly for legacy reasons. In fact, many applications out in the wild have been coded in 2. x versions of Python and still need support, update, and new features.


1 Answers

Nice question. You can find out for yourself by downloading and comparing the source code both for 2.7.17 and 2.7.18. Since 2.7 is my favorite flavor of Python I've decided to do it myself; here's a WinMerge screenshot:

enter image description here

Looks like there are some differences. On the other hand, Misc\NEWS clearly states:

What's New in Python 2.7.18 final?

Release date: 2020-04-19

There were no new changes in version 2.7.18.

That, IMHO, is not completely true but before getting into it let's first see what most of those differences are about. Again, the changes are listed inside Misc\NEWS and they relate to version 2.7.18rc1:

What's New in Python 2.7.18 release candidate 1?

Release date: 2020-04-04

Security

  • bpo-38945: Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process.

  • bpo-38804: Fixes a ReDoS vulnerability in :mod:http.cookiejar. Patch by Ben Caller.

Core and Builtins

  • bpo-38535: Fixed line numbers and column offsets for AST nodes for calls without arguments in decorators.

Library

  • bpo-38576: Disallow control characters in hostnames in http.client, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised.

  • bpo-27973: Fix urllib.urlretrieve failing on subsequent ftp transfers from the same host.

Build

  • bpo-38730: Fix problems identified by GCC's -Wstringop-truncation warning.

Windows

  • bpo-37025: AddRefActCtx() was needlessly being checked for failure in PC/dl_nt.c.

macOS

  • bpo-38295: Prevent failure of test_relative_path in test_py_compile on macOS Catalina.

C API

  • bpo-38540: Fixed possible leak in :c:func:PyArg_Parse and similar functions for format units "es#" and "et#" when the macro
    :c:macro:PY_SSIZE_T_CLEAN is not defined.

So, it looks like 2.7.18 is just a wrap-around of 2.7.18rc1 but is that all? To be exact, there are a few changes that belong to 2.7.18 and have to do with marking it as the final release of Python 2 and warn the user about the EOL of the product. For example, in tools\templates\layout.html you can find the block below:

{% block header %} {%- if outdated %} {% trans %}This document is for an old version of Python that is {% endtrans %}{% trans %}no longer supported{% endtrans %}. {% trans %}You should upgrade and read the {% endtrans %} {% trans %} Python documentation for the current stable release{% endtrans %}. {%- endif %} {% endblock %}

So, I believe, the reasoning behind that final version is twofold: (a) finalize the changes of 2.7.18rc1 and (b) mark it as the final release of Python 2 and let the user know about it.

like image 125
dpant Avatar answered Oct 12 '22 06:10

dpant