chore(backend): deprecation sweep — Pydantic V1 -> V2, utcnow -> tz-aware

Two low-risk Pydantic V1 idioms that will be hard errors in V3: - Query(regex=...) -> Query(pattern=...) (audit_routes, control_generator_routes) - class Config: from_attributes=True -> model_config = ConfigDict(...) in source_policy_router.py (schemas.py is intentionally skipped — it is the Phase 1 schema-split target and the ConfigDict conversion is most efficient to do during that split). Naive -> aware datetime sweep across 47 files: - datetime.utcnow() -> datetime.now(timezone.utc) - default=datetime.utcnow -> default=lambda: datetime.now(timezone.utc) - onupdate=datetime.utcnow -> onupdate=lambda: datetime.now(timezone.utc) All SQLAlchemy DateTime columns in the project already declare timezone=True, so the DB schema expects aware datetimes. Before this commit, the in-Python side was generating naive values and the driver was silently coercing them. This is a latent-bug fix, not a behavior change at the DB boundary. Verified: - 173/173 pytest compliance/tests/ pass (same as baseline) - tests/contracts/test_openapi_baseline.py passes (360 paths, 484 operations unchanged) - DeprecationWarning count dropped from 158 -> 35 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 13:09:59 +02:00
parent 512b7a0f6c
commit cb90d0db0c
47 changed files with 260 additions and 261 deletions
--- a/backend-compliance/compliance/api/isms_routes.py
+++ b/backend-compliance/compliance/api/isms_routes.py
@@ -13,7 +13,7 @@ Provides endpoints for ISO 27001 certification-ready ISMS management:

 import uuid
 import hashlib
-from datetime import datetime, date
+from datetime import datetime, date, timezone
 from typing import Optional

 from fastapi import APIRouter, HTTPException, Query, Depends
@@ -102,7 +102,7 @@ def log_audit_trail(
        new_value=new_value,
        change_summary=change_summary,
        performed_by=performed_by,
-        performed_at=datetime.utcnow(),
+        performed_at=datetime.now(timezone.utc),
        checksum=create_signature(f"{entity_type}|{entity_id}|{action}|{performed_by}")
    )
    db.add(trail)
@@ -190,7 +190,7 @@ async def update_isms_scope(
        setattr(scope, field, value)

    scope.updated_by = updated_by
-    scope.updated_at = datetime.utcnow()
+    scope.updated_at = datetime.now(timezone.utc)

    # Increment version if significant changes
    version_parts = scope.version.split(".")
@@ -221,11 +221,11 @@ async def approve_isms_scope(

    scope.status = ApprovalStatusEnum.APPROVED
    scope.approved_by = data.approved_by
-    scope.approved_at = datetime.utcnow()
+    scope.approved_at = datetime.now(timezone.utc)
    scope.effective_date = data.effective_date
    scope.review_date = data.review_date
    scope.approval_signature = create_signature(
-        f"{scope.scope_statement}|{data.approved_by}|{datetime.utcnow().isoformat()}"
+        f"{scope.scope_statement}|{data.approved_by}|{datetime.now(timezone.utc).isoformat()}"
    )

    log_audit_trail(db, "isms_scope", scope.id, "ISMS Scope", "approve", data.approved_by)
@@ -403,7 +403,7 @@ async def approve_policy(

    policy.reviewed_by = data.reviewed_by
    policy.approved_by = data.approved_by
-    policy.approved_at = datetime.utcnow()
+    policy.approved_at = datetime.now(timezone.utc)
    policy.effective_date = data.effective_date
    policy.next_review_date = date(
        data.effective_date.year + (policy.review_frequency_months // 12),
@@ -412,7 +412,7 @@ async def approve_policy(
    )
    policy.status = ApprovalStatusEnum.APPROVED
    policy.approval_signature = create_signature(
-        f"{policy.policy_id}|{data.approved_by}|{datetime.utcnow().isoformat()}"
+        f"{policy.policy_id}|{data.approved_by}|{datetime.now(timezone.utc).isoformat()}"
    )

    log_audit_trail(db, "isms_policy", policy.id, policy.policy_id, "approve", data.approved_by)
@@ -634,9 +634,9 @@ async def approve_soa_entry(
        raise HTTPException(status_code=404, detail="SoA entry not found")

    entry.reviewed_by = data.reviewed_by
-    entry.reviewed_at = datetime.utcnow()
+    entry.reviewed_at = datetime.now(timezone.utc)
    entry.approved_by = data.approved_by
-    entry.approved_at = datetime.utcnow()
+    entry.approved_at = datetime.now(timezone.utc)

    log_audit_trail(db, "soa", entry.id, entry.annex_a_control, "approve", data.approved_by)
    db.commit()
@@ -812,7 +812,7 @@ async def close_finding(
    finding.verification_method = data.verification_method
    finding.verification_evidence = data.verification_evidence
    finding.verified_by = data.closed_by
-    finding.verified_at = datetime.utcnow()
+    finding.verified_at = datetime.now(timezone.utc)

    log_audit_trail(db, "audit_finding", finding.id, finding.finding_id, "close", data.closed_by)
    db.commit()
@@ -1080,7 +1080,7 @@ async def approve_management_review(

    review.status = "approved"
    review.approved_by = data.approved_by
-    review.approved_at = datetime.utcnow()
+    review.approved_at = datetime.now(timezone.utc)
    review.next_review_date = data.next_review_date
    review.minutes_document_path = data.minutes_document_path

@@ -1392,7 +1392,7 @@ async def run_readiness_check(
    # Save check result
    check = ISMSReadinessCheckDB(
        id=generate_id(),
-        check_date=datetime.utcnow(),
+        check_date=datetime.now(timezone.utc),
        triggered_by=data.triggered_by,
        overall_status=overall_status,
        certification_possible=certification_possible,