Message325595
> Any reason to not take the current patch for our vendored copy and give it some exposure at least on platforms that rely on it (maybe just Windows)? I don't see any reason to wait on another group to "release" it when we need to manually apply the update to our own repo anyway.
My policy is upstream fix: first, get a change merged upstream.
If we start with a downstream patch:
* only Windows and macOS will get the fix
* upstream may require changes making the change incompatible, for example change the default limits
* I would prefer to keep Modules/expat/ as close as possible to the upstream
Python is vulnerable for years, it's not like there is an urgency to fix it. |
|
Date |
User |
Action |
Args |
2018-09-17 23:11:11 | vstinner | set | recipients:
+ vstinner, barry, georg.brandl, rhettinger, pitrou, scoder, larry, christian.heimes, benjamin.peterson, jwilk, ned.deily, djc, mcepl, ezio.melotti, Arfrever, eli.bendersky, martin.panter, serhiy.storchaka, franck, steve.dower, rsandwick3 |
2018-09-17 23:11:11 | vstinner | set | messageid: <1537225871.65.0.956365154283.issue17239@psf.upfronthosting.co.za> |
2018-09-17 23:11:11 | vstinner | link | issue17239 messages |
2018-09-17 23:11:11 | vstinner | create | |
|