Skip to content

Commit 623faf7

Browse files
committed
remove support for legacy --ssl/--no-ssl CLI args
which have enjoyed a lengthy deprecation cycle. The new form is `--ssl-mode=<on,off,auto>`. Fixes #1507. Preparation for release 2.0.
1 parent a2ffb63 commit 623faf7

4 files changed

Lines changed: 9 additions & 52 deletions

File tree

changelog.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,11 @@
1+
Upcoming (TBD)
2+
==============
3+
4+
Breaking Changes
5+
--------
6+
* Remove support for legacy `--ssl/--no-ssl` CLI arguments.
7+
8+
19
1.75.0 (2026/06/20)
210
==============
311

mycli/cli_runner.py

Lines changed: 1 addition & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -64,15 +64,6 @@ def run_from_cli_args(cli_args: 'CliArgs', client_factory: ClientFactory) -> Non
6464
if cli_args.table:
6565
cli_args.format = 'table'
6666

67-
if cli_args.deprecated_ssl is not None:
68-
click.secho(
69-
"Warning: The --ssl/--no-ssl CLI options are deprecated and will be removed in a future release. "
70-
"Please use the \"default_ssl_mode\" config option or --ssl-mode CLI flag instead. "
71-
f"See issue {ISSUES_URL}/1507",
72-
err=True,
73-
fg="yellow",
74-
)
75-
7667
# ssh_port and ssh_config_path have truthy defaults and are not included
7768
if (
7869
any([
@@ -223,25 +214,12 @@ def run_from_cli_args(cli_args: 'CliArgs', client_factory: ClientFactory) -> Non
223214
keepalive_ticks = cli_args.keepalive_ticks if cli_args.keepalive_ticks is not None else mycli.default_keepalive_ticks
224215
ssl_mode = cli_args.ssl_mode or mycli.ssl_mode
225216

226-
# if there is a mismatch between the ssl_mode value and other sources of ssl config, show a warning
227-
# specifically using "is False" to not pickup the case where cli_args.deprecated_ssl is None (not set by the user)
228-
if cli_args.deprecated_ssl and ssl_mode == "off" or cli_args.deprecated_ssl is False and ssl_mode in ("auto", "on"):
229-
click.secho(
230-
f"Warning: The current ssl_mode value of '{ssl_mode}' is overriding the value provided by "
231-
f"either the --ssl/--no-ssl CLI options or a DSN URI parameter (ssl={cli_args.deprecated_ssl}).",
232-
err=True,
233-
fg="yellow",
234-
)
235-
236-
# configure SSL if ssl_mode is auto/on or if
237-
# cli_args.deprecated_ssl = True (from --ssl or a DSN URI) and ssl_mode is None
238-
if ssl_mode in ("auto", "on") or (cli_args.deprecated_ssl and ssl_mode is None):
217+
if ssl_mode in ("auto", "on"):
239218
if cli_args.socket and ssl_mode == 'auto':
240219
ssl = None
241220
else:
242221
ssl = {
243222
"mode": ssl_mode,
244-
"enable": cli_args.deprecated_ssl, # todo: why is this set at all?
245223
"ca": cli_args.ssl_ca and os.path.expanduser(cli_args.ssl_ca),
246224
"cert": cli_args.ssl_cert and os.path.expanduser(cli_args.ssl_cert),
247225
"key": cli_args.ssl_key and os.path.expanduser(cli_args.ssl_key),

mycli/main.py

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -128,13 +128,6 @@ class CliArgs:
128128
type=click.Choice(['auto', 'on', 'off']),
129129
help='Set desired SSL behavior. auto=preferred if TCP/IP, on=required, off=off.',
130130
)
131-
deprecated_ssl: bool | None = clickdc.option(
132-
'--ssl/--no-ssl',
133-
'deprecated_ssl',
134-
default=None,
135-
clickdc=None,
136-
help='Enable SSL for connection (automatically enabled with other flags).',
137-
)
138131
ssl_ca: str | None = clickdc.option(
139132
type=click.Path(exists=True),
140133
help='CA file in PEM format.',

test/pytests/test_main.py

Lines changed: 0 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -349,28 +349,6 @@ def test_ssl_mode_off(executor, capsys):
349349
assert not ssl_cipher
350350

351351

352-
@dbtest
353-
def test_ssl_mode_overrides_ssl(executor, capsys):
354-
runner = CliRunner()
355-
ssl_mode = "off"
356-
sql = "select * from performance_schema.session_status where variable_name = 'Ssl_cipher'"
357-
result = runner.invoke(click_entrypoint, args=CLI_ARGS + ["--csv", "--ssl-mode", ssl_mode, "--ssl"], input=sql)
358-
result_dict = next(csv.DictReader(result.stdout.split("\n")))
359-
ssl_cipher = result_dict.get("VARIABLE_VALUE", None)
360-
assert not ssl_cipher
361-
362-
363-
@dbtest
364-
def test_ssl_mode_overrides_no_ssl(executor, capsys):
365-
runner = CliRunner()
366-
ssl_mode = "on"
367-
sql = "select * from performance_schema.session_status where variable_name = 'Ssl_cipher'"
368-
result = runner.invoke(click_entrypoint, args=CLI_ARGS + ["--csv", "--ssl-mode", ssl_mode, "--no-ssl"], input=sql)
369-
result_dict = next(csv.DictReader(result.stdout.split("\n")))
370-
ssl_cipher = result_dict.get("VARIABLE_VALUE", None)
371-
assert ssl_cipher
372-
373-
374352
@dbtest
375353
def test_reconnect_database_is_selected(executor, capsys):
376354
m = MyCli()

0 commit comments

Comments
 (0)