post 2.1.0 release cleanup

ca/django_ca/__init__.py

@@ -24,7 +24,7 @@
 # https://www.python.org/dev/peps/pep-0440/
 # https://www.python.org/dev/peps/pep-0396/
 # https://www.python.org/dev/peps/pep-0386/
-VERSION: VersionTuple = (2, 1, 0)
+VERSION: VersionTuple = (2, 2, 0, "dev", 1)
 
 # __version__ specified in PEP 0396, but we use the PEP 0440 format instead
 __version__ = ".".join([str(e) for e in VERSION[:3]])

ca/django_ca/conf.py

@@ -41,7 +41,7 @@
 from django.utils.translation import gettext_lazy as _
 
 from django_ca import constants
-from django_ca.deprecation import RemovedInDjangoCA220Warning, RemovedInDjangoCA230Warning
+from django_ca.deprecation import RemovedInDjangoCA230Warning
 from django_ca.pydantic import NameModel
 from django_ca.pydantic.type_aliases import (
     CertificateRevocationListReasonCode,
@@ -234,17 +234,7 @@ def _parse_deprecated_name_value(value: Any) -> Optional[x509.Name]:
 
 
 def _subject_validator(value: Any) -> Any:
-    try:
-        return NameModel(value).cryptography
-    except ValueError:
-        parsed_value = _parse_deprecated_name_value(value)
-        warnings.warn(
-            f"{value}: Support for two-element tuples as subject is deprecated and will be removed in "
-            f"django-ca 2.2.",
-            RemovedInDjangoCA220Warning,
-            stacklevel=2,
-        )
-        return parsed_value
+    return NameModel(value).cryptography
 
 
 Subject = Annotated[x509.Name, BeforeValidator(_subject_validator)]

ca/django_ca/deprecation.py

@@ -24,12 +24,6 @@
 F = typing.TypeVar("F", bound=typing.Callable[..., Any])
 
 
-class RemovedInDjangoCA220Warning(PendingDeprecationWarning):
-    """Warning if a feature will be removed in django-ca~=2.2.0."""
-
-    version = "2.2"
-
-
 class RemovedInDjangoCA230Warning(PendingDeprecationWarning):
     """Warning if a feature will be removed in django-ca~=2.3.0."""
 
@@ -42,12 +36,18 @@ class RemovedInDjangoCA240Warning(PendingDeprecationWarning):
     version = "2.4"
 
 
-RemovedInNextVersionWarning = RemovedInDjangoCA220Warning
+class RemovedInDjangoCA250Warning(PendingDeprecationWarning):
+    """Warning if a feature will be removed in django-ca~=2.4.0."""
+
+    version = "2.5"
+
+
+RemovedInNextVersionWarning = RemovedInDjangoCA230Warning
 
 DeprecationWarningType = Union[
-    type[RemovedInDjangoCA220Warning],
     type[RemovedInDjangoCA230Warning],
     type[RemovedInDjangoCA240Warning],
+    type[RemovedInDjangoCA250Warning],
 ]
 
 

ca/django_ca/tests/base/assertions.py

@@ -38,7 +38,7 @@
 
 from django_ca.conf import model_settings
 from django_ca.constants import ReasonFlags
-from django_ca.deprecation import RemovedInDjangoCA220Warning, RemovedInDjangoCA230Warning
+from django_ca.deprecation import RemovedInDjangoCA230Warning
 from django_ca.key_backends.storages.models import StoragesUsePrivateKeyOptions
 from django_ca.models import Certificate, CertificateAuthority, X509CertMixin
 from django_ca.signals import post_create_ca, post_issue_cert, post_sign_cert, pre_create_ca, pre_sign_cert
@@ -502,13 +502,6 @@ def assert_system_exit(code: int) -> Iterator[None]:
     assert excm.value.args == (code,)
 
 
-@contextmanager
-def assert_removed_in_220(match: Optional[Union[str, "re.Pattern[str]"]] = None) -> Iterator[None]:
-    """Assert that a ``RemovedInDjangoCA200Warning`` is emitted."""
-    with pytest.warns(RemovedInDjangoCA220Warning, match=match):
-        yield
-
-
 @contextmanager
 def assert_removed_in_230(match: Optional[Union[str, "re.Pattern[str]"]] = None) -> Iterator[None]:
     """Assert that a ``RemovedInDjangoCA200Warning`` is emitted."""

ca/django_ca/tests/test_deprecation.py

@@ -20,18 +20,18 @@
 
 from django_ca.deprecation import (
     DeprecationWarningType,
-    RemovedInDjangoCA220Warning,
     RemovedInDjangoCA230Warning,
     RemovedInDjangoCA240Warning,
+    RemovedInDjangoCA250Warning,
     deprecate_argument,
     deprecate_function,
     deprecate_type,
 )
 
 WARNING_TYPES: tuple[DeprecationWarningType, ...] = (
-    RemovedInDjangoCA220Warning,
     RemovedInDjangoCA230Warning,
     RemovedInDjangoCA240Warning,
+    RemovedInDjangoCA250Warning,
 )
 
 

ca/django_ca/tests/test_settings.py

@@ -39,13 +39,9 @@
 )
 from django_ca import conf
 from django_ca.conf import CertificateRevocationListProfile, KeyBackendConfigurationModel, model_settings
-from django_ca.tests.base.assertions import (
-    assert_improperly_configured,
-    assert_removed_in_220,
-    assert_removed_in_230,
-)
+from django_ca.tests.base.assertions import assert_improperly_configured, assert_removed_in_230
 from django_ca.tests.base.constants import FIXTURES_DIR
-from django_ca.tests.base.utils import cn, country, state
+from django_ca.tests.base.utils import country, state
 
 SCOPE_ERROR = (
     r"Only one of `only_contains_ca_certs`, `only_contains_user_certs` and `only_contains_attribute_certs` "
@@ -550,53 +546,15 @@ def test_ca_default_subject(settings: SettingsWrapper, value: Any, expected: x50
 @pytest.mark.parametrize(
     ("value", "msg"),
     (
-        ((("CN", ""),), r"Value error, Attribute's length must be >= 1 and <= 64, but it was 0"),
-        ((("CN", "X" * 65),), r"Value error, Attribute's length must be >= 1 and <= 64, but it was 65"),
-    ),
-)
-def test_ca_default_subject_with_invalid_values(settings: SettingsWrapper, value: Any, msg: str) -> None:
-    """Test the check for empty common names."""
-    with assert_improperly_configured(msg):
-        settings.CA_DEFAULT_SUBJECT = value
-
-
-@pytest.mark.parametrize(
-    ("value", "expected"),
-    (
-        ([("CN", "example.com")], x509.Name([cn("example.com")])),
-        ((("C", "AT"), ("CN", "example.com")), x509.Name([country("AT"), cn("example.com")])),
-        ([country("AT"), ("CN", "example.com")], x509.Name([country("AT"), cn("example.com")])),
+        ([{"oid": "CN", "value": ""}], r"Value error, commonName must not be an empty value"),
         (
-            [country("AT"), (NameOID.COMMON_NAME, "example.com")],
-            x509.Name([country("AT"), cn("example.com")]),
+            [{"oid": "CN", "value": "X" * 65}],
+            r"Value error, Attribute's length must be >= 1 and <= 64, but it was 65",
         ),
     ),
 )
-def test_ca_default_subject_with_deprecated_values(
-    settings: SettingsWrapper, value: Any, expected: x509.Name
-) -> None:
-    """Test CA_DEFAULT_SUBJECT with deprecated lists."""
-    msg = r"Support for two-element tuples as subject is deprecated and will be removed in django-ca 2\.2\."
-    with assert_removed_in_220(msg):
-        settings.CA_DEFAULT_SUBJECT = value
-        assert model_settings.CA_DEFAULT_SUBJECT == expected
-
-
-@pytest.mark.parametrize(
-    ("value", "msg"),
-    (
-        ([("invalid", "wrong")], "invalid: Invalid object identifier"),
-        ([["one-element"]], r"Must be lists/tuples with two items, got 1\."),
-        ([(True, "foo")], r"True: Must be a x509.ObjectIdentifier or str\."),
-        ([("CN", True)], r"True: Item values must be strings\."),
-        (["foo"], r"foo: Items must be a x509.NameAttribute, list or tuple\."),
-        ((("C", "AT"), ("C", "DE")), r'<Name\(C=AT,C=DE\)>: Contains multiple "countryName" fields\.'),
-    ),
-)
-def test_ca_default_subject_with_deprecated_invalid_values(
-    settings: SettingsWrapper, value: Any, msg: str
-) -> None:
-    """Test invalid values in the deprecated format."""
+def test_ca_default_subject_with_invalid_values(settings: SettingsWrapper, value: Any, msg: str) -> None:
+    """Test the check for empty common names."""
     with assert_improperly_configured(msg):
         settings.CA_DEFAULT_SUBJECT = value
 
@@ -692,8 +650,6 @@ def test_ca_profiles_override_subject_with_deprecated_values(settings: SettingsW
     ("value", "msg"),
     (
         ("foo", "Input should be a valid dictionary"),  # whole setting is invalid
-        ({"client": {"subject": "foo"}}, r"Value error, foo: Must be a list or tuple\."),
-        ({"client": {"subject": [True]}}, r"True: Items must be a x509.NameAttribute, list or tuple\."),
     ),
 )
 def test_ca_profiles_with_invalid_values(settings: SettingsWrapper, value: Any, msg: str) -> None:

ca/django_ca/utils.py

@@ -33,13 +33,12 @@
 from cryptography.x509.name import _ASN1Type
 from cryptography.x509.oid import NameOID
 
-from django.core.files.storage import Storage, storages
+from django.core.files.storage import storages
 from django.utils import timezone
 
 from django_ca import constants
 from django_ca.conf import model_settings
 from django_ca.constants import MULTIPLE_OIDS, NAME_OID_DISPLAY_NAMES
-from django_ca.deprecation import RemovedInDjangoCA220Warning, deprecate_function
 from django_ca.pydantic.validators import (
     dns_validator,
     email_validator,
@@ -927,17 +926,6 @@ def get_cert_builder(not_after: datetime, serial: Optional[int] = None) -> x509.
     return builder
 
 
-@deprecate_function(RemovedInDjangoCA220Warning)  # deprecated in 2.0.
-def get_storage() -> Storage:  # pragma: no cover
-    """Get the django-ca storage class.
-
-    .. deprecated:: 2.0
-
-       Use ``storages[model_settings.CA_DEFAULT_STORAGE_ALIAS]`` instead.
-    """
-    return storages[model_settings.CA_DEFAULT_STORAGE_ALIAS]
-
-
 def read_file(path: str) -> bytes:
     """Read the file from the given path."""
     storage = storages[model_settings.CA_DEFAULT_STORAGE_ALIAS]

docs/source/changelog/TBR_2.2.0.rst

@@ -0,0 +1,16 @@
+###########
+2.2.0 (TBR)
+###########
+
+********
+Settings
+********
+
+* Dropped support for the old subject format in :ref:`settings-ca-default-subject` and subjects in profiles
+  (deprecated since 1.29.0).
+
+**********
+Python API
+**********
+
+* ``django_ca.utils.get_storage()`` was be removed (deprecated since 2.0).