chore(backend): deprecation sweep — Pydantic V1 -> V2, utcnow -> tz-aware

Two low-risk Pydantic V1 idioms that will be hard errors in V3: - Query(regex=...) -> Query(pattern=...) (audit_routes, control_generator_routes) - class Config: from_attributes=True -> model_config = ConfigDict(...) in source_policy_router.py (schemas.py is intentionally skipped — it is the Phase 1 schema-split target and the ConfigDict conversion is most efficient to do during that split). Naive -> aware datetime sweep across 47 files: - datetime.utcnow() -> datetime.now(timezone.utc) - default=datetime.utcnow -> default=lambda: datetime.now(timezone.utc) - onupdate=datetime.utcnow -> onupdate=lambda: datetime.now(timezone.utc) All SQLAlchemy DateTime columns in the project already declare timezone=True, so the DB schema expects aware datetimes. Before this commit, the in-Python side was generating naive values and the driver was silently coercing them. This is a latent-bug fix, not a behavior change at the DB boundary. Verified: - 173/173 pytest compliance/tests/ pass (same as baseline) - tests/contracts/test_openapi_baseline.py passes (360 paths, 484 operations unchanged) - DeprecationWarning count dropped from 158 -> 35 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 13:09:59 +02:00
parent 512b7a0f6c
commit cb90d0db0c
47 changed files with 260 additions and 261 deletions
--- a/backend-compliance/compliance/api/evidence_routes.py
+++ b/backend-compliance/compliance/api/evidence_routes.py
@@ -10,7 +10,7 @@ Endpoints:

 import logging
 import os
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 from typing import Optional
 from collections import defaultdict
 import uuid as uuid_module
@@ -370,8 +370,8 @@ def _store_evidence(
        mime_type="application/json",
        source="ci_pipeline",
        ci_job_id=ci_job_id,
-        valid_from=datetime.utcnow(),
-        valid_until=datetime.utcnow() + timedelta(days=90),
+        valid_from=datetime.now(timezone.utc),
+        valid_until=datetime.now(timezone.utc) + timedelta(days=90),
        status=EvidenceStatusEnum(parsed["evidence_status"]),
    )
    db.add(evidence)
@@ -455,7 +455,7 @@ def _update_risks(db: Session, *, source: str, control_id: str, ci_job_id: str,
            tool=source,
            control_id=control_id,
            evidence_type=f"ci_{source}",
-            timestamp=datetime.utcnow().isoformat(),
+            timestamp=datetime.now(timezone.utc).isoformat(),
            commit_sha=report_data.get("commit_sha", "unknown") if report_data else "unknown",
            ci_job_id=ci_job_id,
            findings=findings_detail,
@@ -571,7 +571,7 @@ async def get_ci_evidence_status(
    Returns overview of recent evidence collected from CI/CD pipelines,
    useful for dashboards and monitoring.
    """
-    cutoff_date = datetime.utcnow() - timedelta(days=days)
+    cutoff_date = datetime.now(timezone.utc) - timedelta(days=days)

    # Build query
    query = db.query(EvidenceDB).filter(