Cherry pick bpo-25008 to 3.4

[warsaw]

No description provided.

[ned-deily]

Why are we backporting this to 3.4? 3.4 is in security-fix mode so docs aren't updated or built. This doesn't seem to qualify as a security issue.

[dstufft]

We don't build docs for security-fix Pythons?

[ned-deily]

No, only those in maintenance mode. We don't accept doc fixes for security mode branches unless they have to do with a security fix.

[ned-deily]

http://cpython-devguide.readthedocs.io/devcycle.html#security-branches

[warsaw]

On Feb 24, 2017, at 12:33 PM, Ned Deily wrote: Why are we backporting this to 3.4? 3.4 is in security-fix mode so docs aren't updated or built. This doesn't seem to qualify as a security issue.

Only because aiosmtpd supports 3.4. I thought it was odd that the branch wasn't even protected by CI checks. Looks like merges to 3.4 aren't prohibited by anything else either. Is it worth reverting? (It's not harmful.)

[warsaw]

On Feb 24, 2017, at 12:34 PM, Donald Stufft wrote: We don't build docs for security-fix Pythons?

If we don't, why not? If the docs are available on docs.python.org, shouldn't they get rebuilt?

[dstufft]

I thought it was odd that the branch wasn't even protected by CI checks. Looks like merges to 3.4 aren't prohibited by anything else either. Is it worth reverting? (It's not harmful.)

I think they are protected, you're required to be a member of the @python/python-release-managers team.. which you are :)

[ned-deily]

I believe the branch is protected but you (@warsaw) are in the release manager group so you are able to push things there.

I take that back: they probably are rebuilt if any changes were pushed to the branch. But they're not supposed to be unless the release manager approves as a security fix.

[warsaw]

On Feb 24, 2017, at 12:41 PM, Ned Deily wrote: I believe he branch is protected but you ***@***.***) are in the release manager group so you are able to push things there.

Ah. Fun with process abuse. See, this is why I don't want root any more. :)

I take that back: the probably are rebuilt if any changes were pushed to the branch. But they're not suppose to be unless the release manager approves as a security fix.

Larry's call then whether to revert or not. I'd opt for keeping it, since it would be helpful to someone reading the docs on python.org.

[ned-deily]

Yeah, this particular change isn't a big deal but, on the other hand, there are likely other deprecations and doc updates that would be helpful to 3.4 doc readers but which haven't been backported per policy. I think we shouldn't make a habit of it :)
@larryhastings

[dstufft]

Maybe we can adopt python/core-workflow#32 to automatically add the relevant release manager as either the assigned person or request a review from them on branches that are security only. It'd require a bit of coding though.