The social problem is that maintaining backward compatibility with boring technology is considered harmful by the current Python community. There was an active campaign to extract pledges from popular Python library authors to break compatibility with Python 2 by a certain date. This means that if you are volunteering to maintain what you want kept, you had better not tell anyone about it.
Do you have any URIs or back up links? Encouragement to actively break compatibility sounds like "inciting murder" vs. a more tame "don't expend effort (go to medical school)" to save folks.
{ Oh, and before anyone jumps on me, this is only an analogy as it relates to freshman moral philosophy courses, not an attempt by me to over-dramatize - that is more the fault of said courses trying to engage 18 year olds. :-) I'm mostly interested in the active-passive details of the pledge campaign. }
Not updating the system is usually a solution to such problems.
At best there is a nginx or an API in front that acts a reverse proxy to clean-up/normalize the incoming requests and prevent directly exposing the service.
Example: banks, airlines, hospitals, air traffic controllers, electricity companies, etc
All critical services that nobody wants to touch, as it works +/-
Guess what, all those places can just use Python 3.12 for as long as it's maintained and if they REALLY can't update, they can:
a) make the system air gapped
b) pay a Python consulting company to back port security fixes
c) hire a Python core dev to do the system, directly
OOOOR, they can just update to Python 3.13 and migrate to the equivalent Python package that's not part of the core. For sure they already use other Python packages already.
We're making a mountain out of a molehill, also on behalf of places that have plenty of money to spend if push comes to shove.