The 2020 results are in: The managed open source survey. Download now

How Tidelift helps urllib3 maintainer Seth Larson support more Python versions and release streams

Kate Mancuso
by Kate Mancuso
on September 29, 2020

One of the most popular packages on PyPI, urllib3, is continuing to maintain backwards compatibility with Python 2 and 3.5, while charging ahead on a second release stream taking advantage of new features in Python 3.6.

Lead maintainer Seth Michael Larson attributes the increased ability of the project to support more Python versions and release streams to the income the project receives from the Tidelift Subscription.

“Tidelift supporting urllib3 means we’re able to innovate while also knowing we’ll always have maintainer time available to support existing users,” Seth said.

Both branches will continue receiving important security and bug fixes, making the product safer to use in production systems that support sensitive data. This is great news for anyone using Python, because urllib3 is a much depended-upon Python package: it’s been downloaded over 2 billion times and is the second most downloaded package on PyPI.

The recently published v2.0 Roadmap includes a feature spotlight, migration guides, and a release schedule. Features include modern security by default, optimizing for Python 3.6+ by dropping Python 2.7 and 3.5, and adding options for capturing tracing and telemetry data. The urllib3 team is also looking to keep the API 99% backwards compatible so that migrating to the new version should include no changes for most users.

Supporting older versions is important for enterprise customers who often have a complex web of dependencies and need more time to do a new release. At the same time, supporting multiple branches simultaneously can be tiring for maintainers. Subscribing to Tidelift can help the maintainers of your essential dependencies continue to support the version you’re using for longer.

Want to learn more?

Check out a free demo of the Tidelift Subscription, where we explain how you can get customizable catalogs of known-good, proactively maintained open source components backed by maintainers like Seth.

New call-to-action