Stop sending emails/warnings on PGP signature uploads (#15896)

Author: di

tests/unit/email/test_init.py

@@ -1384,77 +1384,6 @@ def test_password_compromised_email(
         ]
 
 
-class TestGPGSignatureUploadedEmail:
-    def test_gpg_signature_uploaded_email(
-        self, pyramid_request, pyramid_config, monkeypatch
-    ):
-        stub_user = pretend.stub(
-            id="id",
-            username="username",
-            name="",
-            email="[email protected]",
-            primary_email=pretend.stub(email="[email protected]", verified=True),
-        )
-        subject_renderer = pyramid_config.testing_add_renderer(
-            "email/gpg-signature-uploaded/subject.txt"
-        )
-        subject_renderer.string_response = "Email Subject"
-        body_renderer = pyramid_config.testing_add_renderer(
-            "email/gpg-signature-uploaded/body.txt"
-        )
-        body_renderer.string_response = "Email Body"
-        html_renderer = pyramid_config.testing_add_renderer(
-            "email/gpg-signature-uploaded/body.html"
-        )
-        html_renderer.string_response = "Email HTML Body"
-
-        send_email = pretend.stub(
-            delay=pretend.call_recorder(lambda *args, **kwargs: None)
-        )
-        pyramid_request.task = pretend.call_recorder(lambda *args, **kwargs: send_email)
-        monkeypatch.setattr(email, "send_email", send_email)
-
-        pyramid_request.db = pretend.stub(
-            query=lambda a: pretend.stub(
-                filter=lambda *a: pretend.stub(
-                    one=lambda: pretend.stub(user_id=stub_user.id)
-                )
-            ),
-        )
-        pyramid_request.user = stub_user
-        pyramid_request.registry.settings = {"mail.sender": "[email protected]"}
-        project_name = "exampleproject"
-        result = email.send_gpg_signature_uploaded_email(
-            pyramid_request, stub_user, project_name=project_name
-        )
-
-        assert result == {"project_name": project_name}
-        assert pyramid_request.task.calls == [pretend.call(send_email)]
-        assert send_email.delay.calls == [
-            pretend.call(
-                f"{stub_user.username} <{stub_user.email}>",
-                {
-                    "subject": "Email Subject",
-                    "body_text": "Email Body",
-                    "body_html": (
-                        "<html>\n<head></head>\n"
-                        "<body><p>Email HTML Body</p></body>\n</html>\n"
-                    ),
-                },
-                {
-                    "tag": "account:email:sent",
-                    "user_id": stub_user.id,
-                    "additional": {
-                        "from_": "[email protected]",
-                        "to": stub_user.email,
-                        "subject": "Email Subject",
-                        "redact_ip": False,
-                    },
-                },
-            )
-        ]
-
-
 class Test2FAonUploadEmail:
     def test_send_two_factor_not_yet_enabled_email(
         self, pyramid_request, pyramid_config, monkeypatch

tests/unit/forklift/test_legacy.py

@@ -3695,7 +3695,7 @@ def test_upload_succeeds_creates_project(
             ("example", "1.0", "add source file example-1.0.tar.gz", user),
         ]
 
-    def test_upload_succeeds_with_signature(
+    def test_upload_succeeds_with_gpg_signature_field(
         self, pyramid_config, db_request, metrics, project_service, monkeypatch
     ):
         user = UserFactory.create()
@@ -3729,20 +3729,9 @@ def test_upload_succeeds_with_signature(
         }.get(svc)
         db_request.user_agent = "warehouse-tests/6.6.6"
 
-        send_email = pretend.call_recorder(lambda *a, **kw: None)
-        monkeypatch.setattr(legacy, "send_gpg_signature_uploaded_email", send_email)
-
         resp = legacy.file_upload(db_request)
 
         assert resp.status_code == 200
-        assert resp.body == (
-            b"GPG signature support has been removed from PyPI and the provided "
-            b"signature has been discarded."
-        )
-
-        assert send_email.calls == [
-            pretend.call(db_request, user, project_name="example"),
-        ]
 
     def test_upload_succeeds_without_two_factor(
         self, pyramid_config, db_request, metrics, project_service, monkeypatch

warehouse/email/__init__.py

@@ -344,11 +344,6 @@ def send_two_factor_not_yet_enabled_email(request, user):
     return {"username": user.username}
 
 
-@_email("gpg-signature-uploaded", repeat_window=datetime.timedelta(days=1))
-def send_gpg_signature_uploaded_email(request, user, *, project_name):
-    return {"project_name": project_name}
-
-
 @_email("account-deleted")
 def send_account_deletion_email(request, user):
     return {"username": user.username}

warehouse/forklift/legacy.py

@@ -47,7 +47,6 @@
 from warehouse.classifiers.models import Classifier
 from warehouse.email import (
     send_api_token_used_in_trusted_publisher_project_email,
-    send_gpg_signature_uploaded_email,
     send_two_factor_not_yet_enabled_email,
 )
 from warehouse.events.tags import EventTag
@@ -452,7 +451,8 @@ def file_upload(request):
         raise _exc_with_message(HTTPBadRequest, "Unknown protocol version.")
 
     # Check if any fields were supplied as a tuple and have become a
-    # FieldStorage. The 'content' field _should_ be a FieldStorage, however.
+    # FieldStorage. The 'content' field _should_ be a FieldStorage, however,
+    # and we don't care about the legacy gpg_signature field.
     # ref: https://github.com/pypi/warehouse/issues/2185
     # ref: https://github.com/pypi/warehouse/issues/2491
     for field in set(request.POST) - {"content", "gpg_signature"}:
@@ -769,17 +769,6 @@ def file_upload(request):
         )
         request.db.add(release)
 
-        if "gpg_signature" in request.POST:
-            warnings.append(
-                "GPG signature support has been removed from PyPI and the "
-                "provided signature has been discarded."
-            )
-            send_gpg_signature_uploaded_email(
-                request,
-                request.user if request.user else project.users,
-                project_name=project.name,
-            )
-
         # TODO: This should be handled by some sort of database trigger or
         #       a SQLAlchemy hook or the like instead of doing it inline in
         #       this view.

warehouse/locale/messages.pot

@@ -1958,34 +1958,6 @@ msgid ""
 "organization"
 msgstr ""
 
-#: warehouse/templates/email/gpg-signature-uploaded/body.html:17
-#: warehouse/templates/email/password-compromised-hibp/body.html:18
-#: warehouse/templates/email/password-compromised/body.html:18
-msgid "What?"
-msgstr ""
-
-#: warehouse/templates/email/gpg-signature-uploaded/body.html:19
-#, python-format
-msgid ""
-"During your recent upload of %(project_name)s to %(site)s, we noticed you"
-" uploaded a GPG signature. However, support for GPG signatures has been "
-"removed from %(site)s."
-msgstr ""
-
-#: warehouse/templates/email/gpg-signature-uploaded/body.html:22
-#: warehouse/templates/email/password-compromised-hibp/body.html:32
-#: warehouse/templates/email/password-compromised/body.html:31
-msgid "What should I do?"
-msgstr ""
-
-#: warehouse/templates/email/gpg-signature-uploaded/body.html:24
-#, python-format
-msgid ""
-"While uploads will continue to work, any signatures uploaded to %(site)s "
-"will be discarded. It is recommended to no longer upload signatures to "
-"%(site)s."
-msgstr ""
-
 #: warehouse/templates/email/new-email-added/body.html:17
 #, python-format
 msgid ""
@@ -2217,6 +2189,11 @@ msgid ""
 "<strong>%(username)s</strong>."
 msgstr ""
 
+#: warehouse/templates/email/password-compromised-hibp/body.html:18
+#: warehouse/templates/email/password-compromised/body.html:18
+msgid "What?"
+msgstr ""
+
 #: warehouse/templates/email/password-compromised/body.html:20
 msgid ""
 "PyPI administrators have determined that your password is compromised. To"
@@ -2231,6 +2208,11 @@ msgid ""
 "reduce the risk for PyPI and its users."
 msgstr ""
 
+#: warehouse/templates/email/password-compromised-hibp/body.html:32
+#: warehouse/templates/email/password-compromised/body.html:31
+msgid "What should I do?"
+msgstr ""
+
 #: warehouse/templates/email/password-compromised/body.html:33
 #, python-format
 msgid ""