Skip to content
This repository was archived by the owner on Apr 26, 2024. It is now read-only.
This repository was archived by the owner on Apr 26, 2024. It is now read-only.

Proposal: Python / PostgreSQL / Etc. Version Deprecation Policy #8782

Closed
Closed
Proposal: Python / PostgreSQL / Etc. Version Deprecation Policy#8782
@callahad

Description

@callahad
callahad
opened on Nov 19, 2020

Synapse currently claims to support Python 3.5 (EOL Sept. 2020) and Postgres 9.5 (EOL Feb. 2021).

We need to plan for how we will remove support for these platform dependencies in a responsible manner.

Motivation

I'm afraid we're boxing ourselves into a corner where our dependencies might be unsupported on those platform versions, and if a security vulnerability were to arise, we wouldn't be in a position to address it without maintaining an untenable number of forks / backports or forcing all of our customers into an emergency upgrade of their infrastructure.

Articulating a support lifecycle allows our customers to make reasonable plans for managing their infrastructure and allows us to know when we can take advantage of newer platform features.

Proposal

  1. We follow upstream support lifecycles.
    When a version of a language, database, or Linux distribution reaches End of Life, we also withdraw our support for that version.

  2. There is no guaranteed grace period.
    We will not intentionally break compatibility for at least one month after an EOL date, but we explicitly reserve the right to do so should security or other concerns arise in an unmaintained version of a dependency.

  3. This comes into effect March 2021.
    We'll announce with the next Synapse release. Synapse will be allowed to break Py3.5, Pg9.5, and Ubuntu 16.04 starting with our first release in March 2021.

Additional Context

  • Element is happy with this policy, including folks who liaise with large EMS and Professional Services customers.
  • Ubuntu Xenial (16.04 LTS) ships Py3.5 and Pg9.5; it goes EOL Apr. 2021. This seems to align closely enough with the proposed timeline.
  • Platform support lifecycles are relatively long. Python, Postgres, and Ubuntu tend to have annual or biannual releases with five-year support windows. This ensures multiple years of overlap between supported releases; ample time for organizations to validate and deploy new platform versions.
  • Folks who are really stuck on old distros can use our Docker images instead. Or make their own packages.

Questions

  • Is a one month, best-effort grace period sufficient?
  • Do we need to explicitly enumerate our supported Linux distros somewhere given that we do build our own Debian / Ubuntu packages, or can we some how get away without doing that?
  • Does the roll-out (announce next release, implement in March) sound right?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions