mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-11-14 15:36:47 +03:00
python27: mark as vulnerable/insecure due to EOL on 2020-01-01
More information: https://www.activestate.com/products/python/python-2-end-of-life-security-updates/
This commit is contained in:
parent
eb45903a25
commit
d9fbb33f92
@ -351,8 +351,14 @@ in with passthru; stdenv.mkDerivation ({
|
||||
license = lib.licenses.psfl;
|
||||
platforms = lib.platforms.all;
|
||||
maintainers = with lib.maintainers; [ fridh thiagokokada ];
|
||||
# Higher priority than Python 3.x so that `/bin/python` points to `/bin/python2`
|
||||
# in case both 2 and 3 are installed.
|
||||
priority = -100;
|
||||
knownVulnerabilities = [
|
||||
"Python 2.7 has reached its end of life after 2020-01-01. See https://www.python.org/doc/sunset-python-2/."
|
||||
# Quote: That means that we will not improve it anymore after that day,
|
||||
# even if someone finds a security problem in it. You should upgrade to
|
||||
# Python 3 as soon as you can. [..] So, in 2008, we announced that we
|
||||
# would sunset Python 2 in 2015, and asked people to upgrade before
|
||||
# then. Some did, but many did not. So, in 2014, we extended that
|
||||
# sunset till 2020.
|
||||
];
|
||||
};
|
||||
} // crossCompileEnv)
|
||||
|
Loading…
Reference in New Issue
Block a user