Google Drive security update 2021- questions, how does it affect PyDrive2, how to deal with it

[abubelinha]

"Security update for Google Drive": https://support.google.com/drive/answer/10729743

1st paragraph says "the security update will make Google Drive files more secure by updating their links to include a resource key"

So I have two questions here:

(1) I don't really understand at all how this will affect files shared with me by other people.
This is my usual workflow:

• I have created a Gdrive folder (like this one) which I share with a couple of my clients' Google accounts, so they both can edit files inside the folder (basically, they upload and rename images, pdf and audio/video files). They can't edit folder sharing properties, and as I set the folder content to be public, all uploaded files should be public (everybody can view, without a Google account). So this folder is basically a public files repository (intended to be linkable from any website).
• Then, I run a PyDrive2 python script to process all content inside that folder. Based on file names/ids, I create the text and appropriate links to these files inside my clients' web page (an html file which I generate and upload to my server using the same python script).
  My script works based on the public folder id, and then loops through file ids inside that folder.
  I wonder if these ids are supposed to somehow change, or the announced changes do not affect api at all (just the public way of linking the files).
  I mean ... if the ids change, I assume the links will change (so images embedded in the webpage will not be visible anymore).
  But will the api still provide the updated ids to current PyDrive2 scripts? (so that it will be enough with re-running the script to update the public links in my webpage?).
  Or perhaps that announced new "resource key" means we will need to somehow modify PyDrive2 and/or our scripts to use kinda double-id system in the future?
• BTW, not a PyDrive2 question, but I ask just in case anyone knows: In the above scenario, where my clients create and own the files, but they upload them to a public folder which is under my control ... who is the user which can actually decide to apply or not to apply the security update?
  As far as I can tell, my clients cannot avoid the files to be public-visible when they decide to upload them to my public folder (they just can change my own permission: by default I can also edit those files). But I wonder if this security update will change that behaviour somehow.

(2) Regarding my own files (those created and shared by me, not by my clients):
The above link FAQ say I can find them using some Gdrive query tags (is:security_update_applied and is:security_update_removed).
Is it actually possible to somehow use PyDrive2 to change the security update?
Perhaps it is something which depends on a tag that can be changed through the api.

Thanks

[shcheklein]

Consolidating all things related to the security update here. There was a question before on fetch metadata #127 (comment) .

Short answer - I hope, fetch metadata will be enough to get all the information to create a link.

We need to do some experiments first, it can be done through the online API explorer first. If we see that we are missing some information in the API results we can consider adding it. But first, we need someone to scope exactly what is missing.