vor 4 Jahren · be6e468130
--- a/django/utils/crypto.py
+++ b/django/utils/crypto.py
@@ -4,10 +4,8 @@ Django's standard crypto functions and utilities.
 
				 import hashlib
			
 
				 import hmac
			
 
				 import secrets
			
 
				-import warnings
			
 
				 
			
 
				 from django.conf import settings
			
 
				-from django.utils.deprecation import RemovedInDjango40Warning
			
 
				 from django.utils.encoding import force_bytes
			
 
				 
			
 
				 
			
@@ -46,13 +44,10 @@ def salted_hmac(key_salt, value, secret=None, *, algorithm='sha1'):
 
				     return hmac.new(key, msg=force_bytes(value), digestmod=hasher)
			
 
				 
			
 
				 
			
 
				-NOT_PROVIDED = object()  # RemovedInDjango40Warning.
			
 
				 RANDOM_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
			
 
				 
			
 
				 
			
 
				-# RemovedInDjango40Warning: when the deprecation ends, replace with:
			
 
				-#   def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
			
 
				-def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
			
 
				+def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
			
 
				     """
			
 
				     Return a securely generated random string.
			
 
				 
			
@@ -63,12 +58,6 @@ def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
 
				       * length: 12, bit length =~ 71 bits
			
 
				       * length: 22, bit length =~ 131 bits
			
 
				     """
			
 
				-    if length is NOT_PROVIDED:
			
 
				-        warnings.warn(
			
 
				-            'Not providing a length argument is deprecated.',
			
 
				-            RemovedInDjango40Warning,
			
 
				-        )
			
 
				-        length = 12
			
 
				     return ''.join(secrets.choice(allowed_chars) for i in range(length))
			
 
				 
			
 
				 
			
--- a/docs/releases/4.0.txt
+++ b/docs/releases/4.0.txt
@@ -302,6 +302,9 @@ to remove usage of these features.
 
				 
			
 
				 * The ``providing_args`` argument for ``django.dispatch.Signal`` is removed.
			
 
				 
			
 
				+* The ``length`` argument for ``django.utils.crypto.get_random_string()`` is
			
 
				+  required.
			
 
				+
			
 
				 * The ``list`` message for ``ModelMultipleChoiceField`` is removed.
			
 
				 
			
 
				 * Support for passing raw column aliases to ``QuerySet.order_by()`` is removed.
			
--- a/tests/utils_tests/test_crypto.py
+++ b/tests/utils_tests/test_crypto.py
@@ -1,12 +1,10 @@
 
				 import hashlib
			
 
				 import unittest
			
 
				 
			
 
				-from django.test import SimpleTestCase, ignore_warnings
			
 
				+from django.test import SimpleTestCase
			
 
				 from django.utils.crypto import (
			
 
				-    InvalidAlgorithm, constant_time_compare, get_random_string, pbkdf2,
			
 
				-    salted_hmac,
			
 
				+    InvalidAlgorithm, constant_time_compare, pbkdf2, salted_hmac,
			
 
				 )
			
 
				-from django.utils.deprecation import RemovedInDjango40Warning
			
 
				 
			
 
				 
			
 
				 class TestUtilsCryptoMisc(SimpleTestCase):
			
@@ -185,14 +183,3 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase):
 
				     def test_default_hmac_alg(self):
			
 
				         kwargs = {'password': b'password', 'salt': b'salt', 'iterations': 1, 'dklen': 20}
			
 
				         self.assertEqual(pbkdf2(**kwargs), hashlib.pbkdf2_hmac(hash_name=hashlib.sha256().name, **kwargs))
			
 
				-
			
 
				-
			
 
				-class DeprecationTests(SimpleTestCase):
			
 
				-    @ignore_warnings(category=RemovedInDjango40Warning)
			
 
				-    def test_get_random_string(self):
			
 
				-        self.assertEqual(len(get_random_string()), 12)
			
 
				-
			
 
				-    def test_get_random_string_warning(self):
			
 
				-        msg = 'Not providing a length argument is deprecated.'
			
 
				-        with self.assertRaisesMessage(RemovedInDjango40Warning, msg):
			
 
				-            get_random_string()