Refs #29708 -- Removed PickleSerializer per deprecation timeline.

2025-10-31 09:41:08 +00:00 · 2023-01-12 14:43:48 +01:00
parent 23c8787439
commit b119f4329c
6 changed files with 5 additions and 107 deletions
--- a/django/contrib/sessions/serializers.py
+++ b/django/contrib/sessions/serializers.py
@@ -1,6 +1,3 @@
-# RemovedInDjango50Warning.
-from django.core.serializers.base import PickleSerializer as BasePickleSerializer
 from django.core.signing import JSONSerializer as BaseJSONSerializer

 JSONSerializer = BaseJSONSerializer
-PickleSerializer = BasePickleSerializer
--- a/django/core/serializers/base.py
+++ b/django/core/serializers/base.py
@@ -1,38 +1,14 @@
 """
 Module for abstract serializer/unserializer base classes.
 """
-import pickle
-import warnings
 from io import StringIO

 from django.core.exceptions import ObjectDoesNotExist
 from django.db import models
-from django.utils.deprecation import RemovedInDjango50Warning

 DEFER_FIELD = object()


-class PickleSerializer:
-    """
-    Simple wrapper around pickle to be used in signing.dumps()/loads() and
-    cache backends.
-    """
-
-    def __init__(self, protocol=None):
-        warnings.warn(
-            "PickleSerializer is deprecated due to its security risk. Use "
-            "JSONSerializer instead.",
-            RemovedInDjango50Warning,
-        )
-        self.protocol = pickle.HIGHEST_PROTOCOL if protocol is None else protocol
-
-    def dumps(self, obj):
-        return pickle.dumps(obj, self.protocol)
-
-    def loads(self, data):
-        return pickle.loads(data)
-
-
 class SerializerDoesNotExist(KeyError):
    """The requested serializer was not found."""