[coldtea]

Yes, and unless those bugs affect your development in your dev machine you can live without them and only update whenever you feel like it (regarding security, if someone remotely can run their Python code on your dev machine, a security update for your Python version is the last thing that will help).

Or do you mean you use pyenv to handle multiple Python versions in production servers?

[qwertox]

Not on production, but as a publicly accessible, nginx-proxied aiohttp server running on a Raspberry Pi. For personal use, like having a long-lived WebSocket connection to my home server.

I generally thought it was best practice to always update to the latest patch release. I mean, that's what `apt` is doing for the system-installed version.

[coldtea]

>I generally thought it was best practice to always update to the latest patch release. I mean, that's what `apt` is doing for the system-installed version.

Well, if it's publicly accessible, yes. Though even there you don't just "update to the latest patch release" you need to check it first (at least with your test suite), it might break your functionality and even introduce security issues due to that, regardless of what the upstream "semantic" versioning implies.