Comprehensively modernize a Python project — upgrade Python version (EOL awareness, 3.14 free-threaded/no-GIL guidance), migrate to uv + pyproject.toml (PEP 621) + ruff, modernize Docker (multi-stage, slim-bookworm, non-root), and run security/vulnerability audits (pip-audit, bandit, trivy). Use when user asks to "modernize Python", "upgrade Python version", "migrate to uv", "set up ruff", "fix Docker", "security audit", "check vulnerabilities", or "PEP 621".
pyproject.toml (PEP 621 [project] table)uv as the package and environment managerruff as the single tool for linting and formatting (replaces black, flake8, isort, pyupgrade)Dockerfile — multi-stage build, slim-bookworm base, non-root user, uv-based installspip-audit for dependency CVEs, bandit for source code, trivy for container images).python-version file to pin the Python versionUse this skill when the project has any of:
setup.py or setup.cfg (legacy packaging)requirements.txt without a pyproject.tomlPipfile / Pipfile.lock (pipenv)black, flake8, isort, pyupgrade configurationsDockerfile using a full-fat base image, pip install, or running as rootpython3 --version
# Also check config files:
cat .python-version 2>/dev/null
grep -i "python" pyproject.toml setup.cfg setup.py Dockerfile 2>/dev/null | head -20
| Version | Status | EOL Date | Notes |
|---|---|---|---|
| 3.8 | EOL | Oct 2024 | No longer receives any patches — upgrade immediately |
| 3.9 | EOL | Oct 2025 | No longer receiving security patches — upgrade immediately |
| 3.10 | Security-only | Oct 2026 | Only critical security fixes; plan upgrade |
| 3.11 | Security-only | Oct 2027 | Acceptable floor for existing projects |
| 3.12 | Bugfix | Oct 2028 | Solid choice; actively maintained |
| 3.13 | Bugfix | Oct 2029 | Experimental free-threaded support (PEP 703) |
| 3.14 | Current | Oct 2030 | Officially supported free-threaded build (PEP 779); recommended for new projects |
| 3.15 | Prerelease | Oct 2031 | Not yet released |
Rule of thumb: The minimum
requires-pythonfor any actively maintained project should be>= 3.11. For new projects, target>= 3.12or>= 3.13.
Python 3.14 (released Oct 2025) introduces an officially supported free-threaded build that disables the GIL (Global Interpreter Lock), enabling true multi-core parallelism for threads.
Choose the free-threaded (python3.14t) build when the project:
multiprocessing to work around the GIL and would benefit from shared-memory threadingStay with the standard (GIL-enabled) build when:
How to verify free-threading at runtime:
import sys
# Check if the interpreter was built with free-threading
if hasattr(sys, "_is_gil_enabled"):
print(f"GIL enabled: {sys._is_gil_enabled()}")