Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

django 3 end-of-life #173

Closed
felschr opened this issue Oct 23, 2023 · 7 comments
Closed

django 3 end-of-life #173

felschr opened this issue Oct 23, 2023 · 7 comments

Comments

@felschr
Copy link

felschr commented Oct 23, 2023

django 3 support is scheduled to end on 2024-04-01: https://endoflife.date/django

Etebase server should be updated to django 4 (or 5 once released) to prevent issues e.g. with downstream packages.

Downstream NixOS issue: NixOS/nixpkgs#262907

@tasn
Copy link
Member

tasn commented Oct 23, 2023

Thanks! I can't believe it's already been this long that Django 3 is EOL. :)

@felschr
Copy link
Author

felschr commented Mar 24, 2024

EOL has been pushed back slightly to 2024-04-30.
Still, it's just a little more than a month away.

@s1ls
Copy link

s1ls commented Jun 1, 2024

I don't think I'll be using etesync in future as it can't be trusted if it continues using an insecure database backend.
Or is there anything done here?

Edit: Saw your lack of free time, apologies for my harsh words, I'll consider contributing

@shimunn
Copy link

shimunn commented Jun 1, 2024

Etesync is end to end encrypted, precisely for this reason, not having to trust the server. Additionally for an software to be eol does not imply insecure straight away.

@s1ls
Copy link

s1ls commented Jun 2, 2024

True, but as Django has not to few CVEs I wouldn't count on it's security (if its an unmaintained version)

@tasn
Copy link
Member

tasn commented Jun 3, 2024

The annoying this is that we don't really use Django almost at all, it's just for the ORM.

I could have sworn there was a ticket somewhere else by someone working on converting the queries to SQLAlchemy.

@tasn tasn closed this as completed in da613b4 Jun 3, 2024
@tasn
Copy link
Member

tasn commented Jun 3, 2024

Done, sorry for the delay!

I was hoping we would be on SQLAlchemy by now, but I guess upgrading it to version 4 until that happens is better.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants