Here's the link to PEP 405:
1. Are you doing web development? If so, use Python 2.
2. If not, do you need or want to use PyPy? If so, use Python 2.
3. If not, are the libraries you want available for Python 3? If so, use Python 3.
4. Otherwise, use Python 2.
Short version: Python 2.x is the status quo,
Python 3.x is the present and future of the language
How would one know what to recommend while knowing nothing about `jcurbo`s intentions/designs/requirements?
The stackoverflow and wikipedia communities sometimes get flack about maintaining strict objectivity, and I know the HN community is allowed to be different, but surely you agree that there is no right answer to `jcurbo`s question. And if there is no right answer, surely offering information from a trusted source can be just as helpful (if not moreso).
tl;dr: Python 3.
For someone learning Python? Just give them your best suggestion. Look, it's fairly easy.
Learn Python 3. There are differences, and you might run into issues later on, but once you get to that point, you'll know enough to do something about it.
See, when someone asks whether to learn Python 2 or Python 3, that's what they are asking for. If they are learning for specific reasons (for a job, lets say), then instead of trying to answer, you ask follow up questions. But for learning a language, they are seeking advice from experienced people.
So, when those same experienced people, who already know Python 2 and/or Python 3 tell them to learn Python 2 and/or Python 3, they are being told: we don't know.
And how is someone inexperienced supposed to know which one to learn when experienced people don't know?
Basically, if you can't answer the question because you feel you lack information, ask. Otherwise, answering the question "Learn Python 2 or 3?" with the answer "Learn Python 2 or 3." isn't helpful.
"At the time of writing (July 4, 2010), the final 2.7 release is out, with a statement of extended support for this end-of-life release. The 2.x branch will see no new major releases after that."
Since what I am working on doesn't involve major libraries (like numpy) I see no reason to stay on 2.x and I think I'm safe to look at 3.x for future stuff.
So yes, there are pages doing this new style web right now, but that doesn't change that the mojority of web stuff is the older style. So yeah, the current state of affairs is that the web is mostly outdated.
This is necessarily true always, unless that which is being examined is stagnant.
As someone who was learning Python for fun personal projects rather than serious business projects, I decided to use Python 3 wherever possible, while familiarizing myself with Python 2.7 just in case. It turns out the two versions really aren't all that different. A lot of people will still recommend starting with Python 2.7, since it really is such a small jump from there to using Py3k; I essentially did the opposite. Both approaches work. Finding tooling for Python 3 might still be a challenge (I remember having to fix one or two bugs in IPython before it would run at all), and the usefulness of these tools to a beginner is really the biggest reason why you might want to stick with 2.7 for the moment. But if you're adventurous, I do highly recommend Py3k. Especially with the upcoming 3.3 release (due later this year), I'd argue that Python 3 finally has enough new features (and enough library support) to justify using it full-time.
(When will it be possible to know, beyond doubt, that Python 3 is ready for prime time? When third-party implementations like PyPy and Jython make the jump. I don't know about Jython (which just recently made it to 2.7), but PyPy's working on it as we speak.)
If you're coming from the Ruby scene, think of virtualenv as Python's take on RVM.
I would say start on 2.7, as most of the popular Python libraries are still Python 2.x only, and 2.7 backports some Python 3 features, so you (and your code) will be ready for 3 whenever the world switches over :)
However, I can't find that warning anymore in the second edition, so not sure if he's changed his mind or not.
Make sure you install Python 2 not Python 3.
If you need to ship and launch a software that absolutely depends on libraries that only work with Python 2, it should be rather easy to not use the newer features and go with Python 2.
I use a number of zsh functions and hooks as porcelain to virtualenv so that it behaves like oh-my-zsh bundler support  (which I've shamelessly ripped of and tweaked too) i.e being inside foo directory is sufficient. This works especially well since new tabs open straight into the current tab's wd.
An operating system design with a seamless, straightforward, easy-to-use mechanism for handling all potential dependency conflicts on a multi-purpose, multi-user system is a very hard problem. Any solution is likely to be complex and potentially confusing to users, such as debian alternatives or the modules environment system. Every language has its own library management system: cpan, pip, rubygems, leiningen, etc., and they all profit off the assumption that they are managing a single set of requirements and dependencies. Operating Systems do not have that luxury.
On the other hand from the user perspective, they may not even have root on a system and as such may not even be able to install libraries without contacting a system administrator. Maybe it's a shared hosting environment, maybe it's a research compute cluster, maybe there are SOX restrictions on developers, whatever. Virtual environments focus directly on giving the user/app what they need and isolating that user from everything else.
100 different users can use virtualenv to create 100 different, completely not-compatible python environments and they're all happy. How would an Operating System do that, without essentially duplicating what virtualenv already does? (Not saying that OS developers aren't going to try, which Zed Shaw will then ridicule, but that's another story). For sandboxing in general, at what point do you create the sandbox? Usually for each individual app and usedr you don't want to have to answer questions about whether you still want the C++ compiler available or whether a virtualized /etc/passwd is needed. Those are the sort of questions you have to answer when designing OS-level sandboxes.
This, I think, is backwards: virtualenv must do it already because the os doesn't. I concede that creating something now may be too late not to suffer the "15 competing standards" effect.
And as for whether virtualenv should have been part of the OS... it already is in some cases, to the extent that any userland tool is part of the OS.
$ uname -o
$ which virtualenv
Don't get me wrong, pip is great for what it does. It just is not anywhere near what we should find acceptable because of the things it does not do.
Those libraries will eventually need security updates.
On Linux for example, which hosts most servers, you upgrade python libraries with yum update/apt-get update/you-name-it.
Single central package database, security updates are marked as security, makes upgrades easy and you never miss one.
With VirtualEnv your dependencies are installed outside the score of the package manager. It means you have to keep track of security updates yourself.
If you don't, and one lib has a well known security bug, you'll be hit and you most likely had no chance to update because "you didn't know".
That's why I'm asking. I know a lot of companies hosting python things and using VirtualEnv because "its easy", but they entirely discard updates. I'm not sure that is wise. I was hoping someone had a solution.
Not really. In many cases distro provided packages are unsuitable, either because they are just outdated, or because they have some strange patches merged in. So people are already managing their python packages with pip, virtualenv makes it easier.
If you want to use distro packages, then virtualenv allows you to use those (it does that by default). You only need to install into virtualenv those libraries that are unavailable/unusable from distro packages.
> I know a lot of companies hosting python things and using VirtualEnv because "its easy", but they entirely discard updates.
Discarding updates (without due care) is bad sysadmining regardless of what kind of package management is in use. Virtualenv is no magic bullet, nor is it an excuse for sloppy procedures.
As much as it's hackish, it's possible to update virtualenv's libs. But tracking the security update is another story.
If not tracking hundred of libs manually is bad sysadmining, well, I'd like you to be my sysadmin and track them.
There's even a bigger issue here: many of those libs have zero tracking. That means even if their author fixes a security bug in the source, he probably won't mark it.
And you, not being a sloppy sysadmin, how will you deal with that? It's pretty obvious to me that you just don't deal with it.
Then one day one of those libs will be widely used, have a bad bug and everyone will scour their systems to update.. but of course the damage will already have been done.
If at some point you need to upgrade one of the libraries due to a security vulnerability, you would change the dependency in the requirements file and roll out a new version of your app to all your servers.
If you have multiple apps, then repeat the process for each app.
Generally it would be a bad idea to rely on a single installed version because often times the API can change between versions and different apps may target different versions of a library. It's preferable that each one has its own dependencies isolated in a virtualenv unless you have a really rigorous process for keeping all your apps updated to the latest library versions.
(Also because the build process for your project involves accessing the internet. Yuck.)
Of course this is true for setting up any development environment. You have to get the dev environment from somewhere at some point to bootstrap the process.
Your entire parentheical screams FUD, and obviously disingenuous FUD at that.
RVM allows you to do that plus it allows you to install and manage multiple versions of Ruby itself. Want to have side-by-side Ruby environments of 1.8.6 and 1.9.3? No problem.
FWIW, when creating a virtualenv the -p flag lets you choose a python binary (and therefore version).
Rvm also integrates into your shell so that when you cd into a project directory with a .rvmrc file, it will source the file and load the proper ruby and gemset for that project.
Virtualenv is much closer to ruby's bundler gem than rvm.
In my experience, pythonbrew is to virtualenv as rvm is to rbenv.