Refs #31359 -- Made get_random_string()'s length argument required.

Per deprecation timeline.

django/utils/crypto.py

@@ -4,10 +4,8 @@ Django's standard crypto functions and utilities.
 import hashlib
 import hmac
 import secrets
-import warnings
 
 from django.conf import settings
-from django.utils.deprecation import RemovedInDjango40Warning
 from django.utils.encoding import force_bytes
 
 
@@ -46,13 +44,10 @@ def salted_hmac(key_salt, value, secret=None, *, algorithm='sha1'):
     return hmac.new(key, msg=force_bytes(value), digestmod=hasher)
 
 
-NOT_PROVIDED = object()  # RemovedInDjango40Warning.
 RANDOM_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
 
 
-# RemovedInDjango40Warning: when the deprecation ends, replace with:
+def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
-#   def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
-def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
     """
     Return a securely generated random string.
 
@@ -63,12 +58,6 @@ def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
       * length: 12, bit length =~ 71 bits
       * length: 22, bit length =~ 131 bits
     """
-    if length is NOT_PROVIDED:
-        warnings.warn(
-            'Not providing a length argument is deprecated.',
-            RemovedInDjango40Warning,
-        )
-        length = 12
     return ''.join(secrets.choice(allowed_chars) for i in range(length))
 
 

docs/releases/4.0.txt

@@ -302,6 +302,9 @@ to remove usage of these features.
 
 * The ``providing_args`` argument for ``django.dispatch.Signal`` is removed.
 
+* The ``length`` argument for ``django.utils.crypto.get_random_string()`` is
+  required.
+
 * The ``list`` message for ``ModelMultipleChoiceField`` is removed.
 
 * Support for passing raw column aliases to ``QuerySet.order_by()`` is removed.

tests/utils_tests/test_crypto.py

@@ -1,12 +1,10 @@
 import hashlib
 import unittest
 
-from django.test import SimpleTestCase, ignore_warnings
+from django.test import SimpleTestCase
 from django.utils.crypto import (
-    InvalidAlgorithm, constant_time_compare, get_random_string, pbkdf2,
+    InvalidAlgorithm, constant_time_compare, pbkdf2, salted_hmac,
-    salted_hmac,
 )
-from django.utils.deprecation import RemovedInDjango40Warning
 
 
 class TestUtilsCryptoMisc(SimpleTestCase):
@@ -185,14 +183,3 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase):
     def test_default_hmac_alg(self):
         kwargs = {'password': b'password', 'salt': b'salt', 'iterations': 1, 'dklen': 20}
         self.assertEqual(pbkdf2(**kwargs), hashlib.pbkdf2_hmac(hash_name=hashlib.sha256().name, **kwargs))
-
-
-class DeprecationTests(SimpleTestCase):
-    @ignore_warnings(category=RemovedInDjango40Warning)
-    def test_get_random_string(self):
-        self.assertEqual(len(get_random_string()), 12)
-
-    def test_get_random_string_warning(self):
-        msg = 'Not providing a length argument is deprecated.'
-        with self.assertRaisesMessage(RemovedInDjango40Warning, msg):
-            get_random_string()