Potential security vulnerabilities? If I have a library and it works in 2 & 3. But I stopped working on keeping it 2 compliant because 2 is no longer supported. Than I will never bring a single fix to 2, even security fixes.
Due to code divergence it may not be even easy for me to understand if the issue reproduces in 2.
That creates a good business model for someone to come along and charge a premium to fix security bugs in old code. I think it’s more likely something like that will happen, than everyone moving their code to work on 3.x.
There have been several threads on COBOL here on this forum, and the anecdotal consensus is that COBOL developers don't actually get paid much more than developers in any other language.
It sounds like the tax is from choosing to use python at all. Either pay to keep legacy codebases or pay to update. Given a choice between two evils, I choose another language.
