PEP 602 states under 1½ year of full support, 3½ more years of security fixes,
For the next forty two months (3½ years) it receives security updates and source-only releases are made on an as-needed basis (no fixed cadence).
That means installers for the latest 3.7.10 release are not available. Please reconsider this policy in order to improve the security profile of python. From the latest survey [0] 72% of users are using 3.7 or 3.8, and about half of users are using Windows or macOS. Under “Python installation and upgrade” section of the survey, something like 34% [1] are getting python from python.org with the note “Windows users tend to install Python from Python.org”, and typically that is the hardest platform to compile for.
My take, and feedback I hear from users, is that a source downloads are not very helpful for the very people most exposed to security flaws: users on Windows with no devops support.
Is there a large maintenaner burden to upload installers for security updates?
Matti
[0] https://www.jetbrains.com/lp/python-developers-survey-2020
[1] not clear what 34% means since the total for that category is > %100