Deprecated
★
★
★
★
★
2
reviews
Python @deprecated decorator to deprecate old python classes, functions or methods.
90
Security
50
Quality
28
Maintenance
58
Overall
v1.3.1
PyPI
Python
Oct 30, 2025
by Laurent LAPORTE
No Known Issues
This package has a good security score with no known vulnerabilities.
331
GitHub Stars
4.0/5
Avg Rating
Community Reviews
RECOMMENDED
Solid decorator for deprecation warnings with minimal runtime overhead
The Deprecated package does exactly what it promises with negligible runtime impact. The decorator adds essentially zero overhead in production - I've measured it in hot paths and it's a simple wrapper that emits warnings via the standard warnings module. This means you get all the benefits of Python's built-in warning filters and logging integration without custom machinery.
Configuration is straightforward: you can customize the warning message, specify the version when something was deprecated, and control the warning category. It integrates cleanly with logging infrastructure since it uses stdlib warnings, so your existing warning filters and observability hooks just work. The decorator preserves function signatures and docstrings properly, which matters for introspection and API documentation tools.
The main operational consideration is that it relies on Python's warnings system, so you need to ensure warnings aren't being suppressed in production if you want deprecation notices in logs. Documentation is minimal but the API is simple enough that you won't need much hand-holding. No resource management concerns, no connection pools, no retry logic - it's just a thin wrapper that does one thing well.
Configuration is straightforward: you can customize the warning message, specify the version when something was deprecated, and control the warning category. It integrates cleanly with logging infrastructure since it uses stdlib warnings, so your existing warning filters and observability hooks just work. The decorator preserves function signatures and docstrings properly, which matters for introspection and API documentation tools.
The main operational consideration is that it relies on Python's warnings system, so you need to ensure warnings aren't being suppressed in production if you want deprecation notices in logs. Documentation is minimal but the API is simple enough that you won't need much hand-holding. No resource management concerns, no connection pools, no retry logic - it's just a thin wrapper that does one thing well.
Negligible runtime overhead, safe to use in performance-critical code paths
Uses stdlib warnings module so integrates seamlessly with existing logging and filtering
Preserves function metadata and signatures for proper introspection
Simple API with customizable messages, versions, and warning categories
Relies on warnings not being globally suppressed in production environments
Minimal documentation, though the simple API makes this less critical
Best for: Projects needing clean deprecation warnings with standard library integration and zero performance impact.
Avoid if: You need complex deprecation workflows or run with all warnings suppressed in production.
RECOMMENDED
Simple, effective deprecation with minimal security surface area
The Deprecated package does exactly one thing well: marking code as deprecated with clear warnings to users. From a security perspective, this is a low-risk dependency - it's a single-file package with minimal external dependencies (only wrapt), which significantly reduces supply chain exposure. The decorator approach is non-invasive and doesn't modify runtime behavior beyond issuing warnings.
In daily use, it's straightforward: slap `@deprecated` on functions or classes, customize the warning message and version info, and you're done. The library properly preserves function signatures and docstrings, which is critical for maintaining API contracts during migration periods. Error handling is clean - it doesn't introduce new exception paths or leak sensitive information through its warning messages.
The main security consideration is that deprecation warnings themselves don't expose sensitive data by default, though developers should be cautious about what details they include in custom messages. The package follows secure-by-default principles by keeping things simple and avoiding complex configuration that could introduce vulnerabilities.
In daily use, it's straightforward: slap `@deprecated` on functions or classes, customize the warning message and version info, and you're done. The library properly preserves function signatures and docstrings, which is critical for maintaining API contracts during migration periods. Error handling is clean - it doesn't introduce new exception paths or leak sensitive information through its warning messages.
The main security consideration is that deprecation warnings themselves don't expose sensitive data by default, though developers should be cautious about what details they include in custom messages. The package follows secure-by-default principles by keeping things simple and avoiding complex configuration that could introduce vulnerabilities.
Minimal dependency footprint (only wrapt) reduces supply chain attack surface
Single-file implementation makes security auditing trivial
Clean decorator API that preserves function signatures and introspection
No runtime behavior changes beyond warnings - won't introduce security bugs in deprecated code paths
No built-in mechanism to enforce deprecation policies (removal after X versions)
Warning messages could inadvertently leak implementation details if not carefully crafted
Best for: Projects needing clean, auditable deprecation warnings with minimal dependencies and security overhead.
Avoid if: You need enforcement mechanisms like hard errors after deprecation periods or complex migration tooling.
Write a Review
Sign in to write a review
Sign In
Dependencies
Used By