Please do the opposite. Let all deprecation warnings last at least a decade, just include in the warning that it is not maintained.

But more to the point, go out of your way to avoid breaking backwards compatibility. If it's possible to achieve the same functionality a different way, just modify the deprecated function to use the new function in the background.

My biggest problem with the whole static typing trend is that it makes developers feel empowered to break backwards compatibility when it would be trivial to keep things working.

edit: Not that it is always trivial to avoid breaking backwards compatibility, but there are so many times that it would be.

[delayed]

> That would probably not trigger anyone’s midnight pager, but it would make it clear that relying on the deprecated functionality is a bug lurking in the code.

How do you know? This is a wild assertion. This idea is terrible. I thought it was common knowledge that difficult to reproduce, seemingly random bugs are much more difficult to find and fix than compiler errors.

If you're ready to break your api, break your api. Don't play games with me. If more people actually removed deprecated APIs in a timely manner, then people will start taking it more seriously.

This isn't a good idea regardless of why it's being deprecated.

If it's no longer being maintained then put a depreciation warning and let it break on its own. Changing a deprecated feature just means you could maintain it but don't want to.

Alternatively if you want to aggressively push people to migrate to the new version, have a clear development roadmap and force a hard error at the end of the depreciation window so you know in advance how long you can expect it to work and can document your code accordingly.

This wishy-washy half-broken behaviour doesn't help anyone

Having a deprecated API just randomly return failures is an awful idea!

Better to give an actual timeline (future version & date) for when deprecated functionality / functions will be removed, and in the meantime, if the language supports it, mark those functions as deprecated (e.g. C++ [[deprecated]] attribute) so that developers see compilation warnings if they failed to read the release notes.

Don't make it return a different result.

Instead, if you must, add a sleep within the function for 1 ms in the first release, 2 ms in the second release, and so on. But maybe just fix the tooling instead to make deprecations actually visible.

It would help a lot if core Python libraries like urllib, NumPy, and others used SemVer. Removing a function is a breaking change. The root of this post is from urllib breaking something in a minor release. Get rid of the pseudo SemVer where you can deprecate functions and then break in minor releases. Maybe after that the rest of the community could hope their code will work long term if they don’t increment major versions.

The various projects that say something is deprecated but then don't give a removal timeline or keep delaying the removal (or even explicitly say it won't be removed, just remain deprecated) are the cause of this problem.

IMO, any deprecation should go in the following steps:

1. Decide that you want to deprecate the thing. This also includes steps on how to migrate away from the thing, what to use instead, and how to keep the existing behaviour if needed. This step would also decide on the overall timeline, starting with the decision and ending with the removal.

2. Make the code give out big warnings for the deprecation. If there's a standard build system, it should have support for deprecation warnings.

3. Break the build in an easy to fix way. If there is too much red tape to take one of the recommended steps, the old API is still there, just under a `deprecated` flag or path. Importantly, this means that at this step, 'fixing' the build doesn't require any change in dependencies or (big) change in code. This should be a one line change to make it work.

4. Remove the deprecated thing. This step is NOT optional! Actually remove it. Keep it part of your compiler / library / etc in a way to give an error but still delete it. Fixing the build now requires some custom code or extra dependency. It is no longer a trivial fix (as trivial as the previous step at least).

Honestly, the build system should provide the tools for this. Being able to say that some item is deprecated and should warn or it is deprecated and should only be accessible if a flag is set or it is removed and the error message should say "function foo() was removed in v1.4.5. Refer to the following link:..." instead of just "function foo() not found"

If the build system has the option to treat warnings as errors, it should also have the option to ignore specific warnings from being treated as such (so that package updates can still happen while CI keeps getting the warning). The warning itself shouldn't be ignored.

I get that it's nice to be able to deprecate/remove things.

But intentionally breaking my users runtime in a way that's really hard and annoying to find? Is the author OK? This reads like a madman to me.

How are you supposed to deal with recalcitrant users? I work for an organization that is ending support for several long running APIs. And by support I mean turn off the servers, you must move to an entirely new platform.

We’ve sent out industry alerts, updated documentation and emailed all user. The problem is the contact information goes stale. The developer who initially registered and set up the keys, has moved on. The service has been running in production for years without problems and we’ve maintained backwards compatibility.

So do we just turn it off? We’ve put messages in the responses. But if it’s got 200ok we know no one is looking at those. We’ve discussed doing brownouts where we fail everything for an hour with clear error messages as to what is happening.

Is there a better approach? I can’t imagine returning wrong data on purpose randomly. That seems insane.

> What if we intentionally made deprecated functions return the wrong result … sometimes? Every time it intentionally returns the wrong result, it logs the deprecation warning.1

What if we found that a highway overpass construction material was suboptimal, and we want people to use superior materials, so, every now and then, we send a chunk of concrete plummeting down to the ground, to kill a motorist?

Thanks to deprecating like we mean it, they're going to replace that overpass sooner than they would otherwise. You'll thank me later.

From the https://sethmlarson.dev/deprecations-via-warnings-dont-work-... that the post opens with:

> This API was emitting warnings for over 3 years in a top-3 Python package by downloads urging libraries and users to stop using the API and that was not enough. We still received feedback from users that this removal was unexpected and was breaking dependent libraries.

Entirely predictable.

Even many of those who saw the deprecation logging, and bothered to make a conscious decision, didn't think you'd actually break the API.

> We ended up adding the APIs back and creating a hurried release to fix the issue.

Entirely predictable.

Save yourself some anguish, and don't break API unnecessarily. Treat it like a guarantee, as much as possible.

If it's a real problem for ongoing development, consider using SemVer and multiple versions, like the linked article suggests. (With the deprecated branch getting minimal maintenance: maybe only select bug fixes, or only critical security fixes, maybe with a sunset on even those, and a deprecation warning for the entire library when it's no longer supported.)

No. Breaking other people's code is why we have this broken software world where new bugs (and security holes) are added everywhere all the time since no software is allowed to just exist without monthly rewrites. We need a culture where breaking backwards compatibility in published APIs is almost unthinkable, not something anyone would want to be caught doing.

It is wild to realize that this is the same author as https://entropicthoughts.com/you-want-technology-with-warts

I had the same clever idea once. Deprecation warning, and it would (by the power of a C-Macro) auto-turn off when the relase x was reached, with louder and louder warnings before.

One day I came back from holidays. I had just broken a big go-live where the release number passed x. Date missed, next possibility in a few weeks. The team was pissed.

Yes they COULD have fixed the warnings. But breaking the go live was quite of of proportion for not doing so.

I don't think deprecation should come with hostile signalling like this, but if it did, it should be consistent, and escalating with subsequent releases, performance regressions on the deprecated path, starting at least one release after the deprecation warning, not wrong results.

And it should be explicitly mentioned in the deprecation warnings.

(You don't want to break systems, but you want something people who care about the system will investigate, and will quickly find and understand the source of and understand what to do.)

This is a bad idea. But in the same spirit, a bad but less bad idea: require the user to actively enable the deprecated feature via config or something, but have a known schedule to eventually expire it (with a hard error, not randomly incorrect data) and force the user to re-enable it. Causes some pain but not random, hard to track down bug. More like dealing with expiring certs - eventually, the user will want a permanent fix.

> The response.getheader method in urllib has been deprecated since 2023 … When the method was eventually removed, lots of code broke.

Two years doesn't seem long to me for a widely used project, unless you have an LTS version that people needing more stability can use, or you are upfront that your API support is two years or less. Of course API support of less than two years is fine, especially for a project that people aren't paying for, but personally I would be quite explicit from the outset (in fact I am with some bits I have out there: “this is a personal project and may change or vanish on a whim, use it in any workflow you depend on being stable at your own risk”). Or am I expecting a bit much there?

If using semver or similar you are fine to break the API at a major release point, that is what a major release means, though it would be preferable for you to not immediately stop all support for the previous major version.

> What if we intentionally made deprecated functions return the wrong result … sometimes?

Hell no. A complete break is far preferable. Making your entire API essentially a collection of undefined (or vaguely undefined) behaviours is basically evil. You effectively render all other projects that have yours as a dependency, also just collections of vaguely defined behaviours. If your API isn't set in stone, say so then people have nothing to complain about unless they specifically ask you to keep something stable (and by “ask you to keep something stable” I mean “offer to pay for your support in that matter”).

> Users that are very sensitive to the correctness of the results…

That is: any user with any sense.

> might want to swap the wrong result for an artificial delay instead.

That is definitely more palatable. A very short delay to start with, getting longer until final deprecation. How short/long is going to be very dependent on use case and might be very difficult to judge: the shortest needs to be long enough to be noticeable to someone paying attention and testing between updating dependencies and releasing, but short enough that it doesn't completely break anything if someone updates and releases quickly, perhaps to bring in a bugfix that has begun to affect their project.

This is still evil, IMO, but a much lesser evil. I'd still prefer the complete break, but then again I'm the sort of person who would pay attention to deprecation notices, so unless you are a hidden nested dependency I'd not be affected.

The article has a new note at the bottom:

> In case the sarcasm isn’t clear, it’s better to leave the warts.

Code churn is an evil, negative value activity. Design sanely and carefully before settling upon a published, standard contract. Churn of external-facing APIs should be extremely rare to solve essential critical problems, not for pseudo-maintenance bikeshedding. Also, the "it's a hobby" excuse doesn't fly.

tl;dr: Stop changing and breaking shit unnecessarily.

Please don’t do this. If you want to remove the function, remove it and insist on its removal when people complain. Don’t gradually break people.

Occasionally returning wrong results is irresponsible, of course, but how about making deprecated APIs grow gradually slower?

This is silly and ignores how things are "deprecated" in every other practice on earth. Do we still install knob and tube electricity? Absolutely not. Is there still some out there that somebody is supporting some? Of course.

Does this mean that people and places shouldn't migrate out of older practices? No. But people have different priorities. And sure, we may treat "squeaky wheel policies" as a bad idea, but quite frankly that is far and away the most common policy out there.

To that end, please don't go out of your way to insist that your priority is everyone else's priority.

Ugh, I am finding it hard to express how much I hate this.

Software developers have enough treadmills they need to stay on. Deliberately breaking backward compatibility in the name of "deprecating something old" doesn't have to be one of them. Please don't be that platform or library that deprecates and removes things and makes me have to dust off that old software I wrote in 2005 to move over to a different set of APIs just to keep it working.

Instead randomly trigger kill self process. That's a safer way than random wrong returns.

Well written, but author is at the risk of tripping over Poe's Law, especially if readers don't read to the bottom.

Author's point is that their modest proposal (and its sibling, introducing intentional delays in resolving the deprecated API pieces) is a bad idea. Instead, author suggests that making the API change at all is begging the question "Who does this API serve?" It is, perhaps, okay actually if the old system never gets deprecated.

Chaotic Evil code.

Wow, tell me you've never shipped anything important / heavily used without telling me that.

I expected this to suggest a tick-tock deprecation cycle, where one version deprecated and the next removed, but this is definitely an idea that belongs on the domain "entropicthoughts.com"

sure - because i rewrite all my code every year!

What about a sleep? Each release that the feature gets more deprecated, the program adds a couple milliseconds of just blocking. Less destructive, and gives a nice slow ramp up with real but non-destructive consequences.

Profoundly awful idea.

Another idea is to make the deprecation warning increasingly scary sounding.

Jesus, what a terrible idea. This is such a terrible idea that I would not hire this guy based on this post alone.

What I want from code is for it to a) work, and b) if that's not possible, to fail predictably and loudly.

Returning the wrong result is neither of the above. It doesn't draw attention to the deprecation warnings as OP intended--instead, it causes a mysterious and non-deterministic error, literally the worst kind of thing to debug. The idea that this is going to work out in any way calls into question the writer's judgment in general. Why on earth would you intentionally introduce the hardest kind of bug to debug into your codebase?