Question
Is a client's dependency on an older official Google Gemini SDK still supported, or has the canonical path moved?
Target surface
Product/surface: the old Gemini Python SDK as a dependency choice. The decision is whether an installable, previously official package remains a safe support path this quarter. The invariant tested is simple: installability is not the same as current support.
Short finding
The Google Gemini Python SDK has been explicitly deprecated. The repository was renamed with a "deprecated-" prefix and the README directs users to the unified google-genai SDK. The old package remains installable on PyPI, meaning teams may not notice the support path has moved unless they check the repository directly.
What FoldEngine checked
- Repository deprecation notice and renamed repository.
- Migration guidance to the unified SDK.
- PyPI package availability versus actual support status.
- Corresponding JavaScript SDK deprecation pattern.
Watch signal table
| Signal | Previous | Current | Status |
|---|---|---|---|
| Repository naming | generative-ai-python | deprecated-generative-ai-python | Moved |
| README guidance | Install and use | Migrate to google-genai | Moved |
| Active development | Commits visible | No new feature commits | Stale |
| PyPI availability | Installable | Still installable | Misleading |
| Security patches | Assumed | Uncertain | Risk |
Stability Ledger entry
This sample represents one private Dependency Watch ledger entry. A real cycle would record what was rechecked, what changed since the last entry, what improved, what regressed, what remained unresolved, what new dependency or trust risks appeared, and the next closure move. This sample is witness-backed by visible public evidence; it does not claim automated monitoring or a dedicated runner.
What FoldEngine did not check
- Client-specific usage patterns or migration blockers.
- Unified SDK compatibility with specific client code.
- Live migration execution.
- Security vulnerability scanning of the deprecated package.
Evidence boundary / receipt-style summary
- Artifact kind
- dependency_watch_report
- Evidence surface
- Public GitHub repository and PyPI status
- Private access
- None
- Watch cadence
- Quarterly
Seed candidates
Seed A — Inventory all import locations
Hypothesis: Knowing every location that imports the deprecated SDK scopes the migration effort.
Value: high · Risk: low
Evidence required: grep/search result listing all import sites.
Verification: Import inventory covers all repositories using the old SDK.
Seed B — Migrate to google-genai SDK
Hypothesis: Migrating to the canonical SDK restores the supported path for security patches and new features.
Value: high · Risk: medium
Evidence required: Migration plan with API compatibility notes per import site.
Verification: All import sites migrated; deprecated package removed from manifest.
Decision receipt: BLOCK
The dependency is explicitly deprecated. Continued use means no guaranteed security patches and a diverging API surface.
- Decision
- Block
- Expires
- 30 days from issuance
What must change:
- Import locations inventoried
- Migration to google-genai SDK completed or scheduled
Governed next steps
-
Priority 1 — Seed A: Import inventory
Unlock: Codebase access available.
Exit: All import sites documented.
-
Priority 2 — Seed B: SDK migration
Unlock: Import inventory complete (Seed A).
Exit: Deprecated package removed from all manifests; tests pass on new SDK.