←back to thread

Deprecations via warnings don't work for Python libraries

(sethmlarson.dev)
45 points scolby33 | 9 comments | 08 Dec 25 18:13 UTC | HN request time: 0.001s | source | bottom
1. shadowgovt ◴[10 Dec 25 18:35 UTC] No.46221571[source]
The secret trick I've used on rare occasion, but when necessary, is the "ten second rule."

Users don't notice a deprecation warning. But they might notice adding a "time.sleep(10)" immediately at the top of the function. And that gives them one last grace period to change out their software before it breaks-breaks.

replies(2): >>46221755 #>>46222476 #
2. odie5533 ◴[10 Dec 25 18:47 UTC] No.46221755[source]
This will just waste CI compute and not solve anything.
replies(2): >>46221850 #>>46221923 #
3. shadowgovt ◴[10 Dec 25 18:54 UTC] No.46221850[source]
It's worked in the past. But it does require someone at your org to care that CI times are spiking, which is not always a thing you can rely upon.

In addition: if CI is the only place the issue shows up, and never in a user interaction... Why does that software exist in the first place? In that context, the slowdown may be serving as a useful signal to the project to drop the entire dependency.

ETA: To be clear, I don't do this as a substitute for a regular deprecation cycle (clear documentation, clear language-supported warnings / annotations, clear timeline to deprecate); I do it in addition before the final yank that actually breaks end-users.

4. pavel_lishin ◴[10 Dec 25 18:58 UTC] No.46221923[source]
Are you saying you wouldn't notice if your CI suddenly started taking twice as long, ten times as long, a hundred times as long to run?
5. minitech ◴[10 Dec 25 19:33 UTC] No.46222476[source]
This is so much worse than just making the breaking change.
replies(1): >>46222702 #
6. shadowgovt ◴[10 Dec 25 19:48 UTC] No.46222702[source]
It depends on how we define "worse."

A breaking change causes a full-stop to a service.

An intentional slowdown lets the service continue to operate at degraded performance.

I concur that it's less clear for debugging purposes (although any reasonable debugging infrastructure should allow you to break and see what function you're in when the program hangs; definitely not as clear as the program crashing because the called function is gone, however).

replies(1): >>46222878 #
7. minitech ◴[10 Dec 25 19:59 UTC] No.46222878{3}[source]
A breaking change in a dependency doesn’t cause a full-stop to a service at all. The old version continues to work. Making subtly harmful changes so that new broken versions sneak in is just a bad idea and totally unnecessary.
replies(1): >>46224473 #
8. shadowgovt ◴[10 Dec 25 21:58 UTC] No.46224473{4}[source]
> A breaking change in a dependency doesn’t cause a full-stop to a service at all

From the article:

"We still received feedback from users that this removal was unexpected and was breaking dependent libraries."

I think we may be assuming different floors on service maintainer competency; with so many users pulling in dependencies across an arbitrarily-wide version window with no testing, such changes do break services.

replies(1): >>46224565 #
9. minitech ◴[10 Dec 25 22:07 UTC] No.46224565{5}[source]
It’s not necessary to cater to the absolute least competent end user to begin with, but inserting slowdown bugs does not even achieve that. (Note that the bit about the breaking of dependent libraries you’re quoting is still not actually a service being affected.)