diff --git a/UPDATING.md b/UPDATING.md
index 36f364514..7ecb299fc 100644
--- a/UPDATING.md
+++ b/UPDATING.md
@@ -24,7 +24,6 @@ assists people when migrating to a new version.
 
 ## Next
 
-- [23785](https://github.com/apache/superset/pull/23785) Deprecated the following feature flags: `CLIENT_CACHE`, `DASHBOARD_CACHE`, `DASHBOARD_FILTERS_EXPERIMENTAL`, `DASHBOARD_NATIVE_FILTERS`, `DASHBOARD_NATIVE_FILTERS_SET`, `DISABLE_DATASET_SOURCE_EDIT`, `ENABLE_EXPLORE_JSON_CSRF_PROTECTION`, `REMOVE_SLICE_LEVEL_LABEL_COLORS`. It also removed `DASHBOARD_EDIT_CHART_IN_NEW_TAB` as the feature is supported without the need for a feature flag.
 - [23652](https://github.com/apache/superset/pull/23652) Enables GENERIC_CHART_AXES feature flag by default.
 - [23226](https://github.com/apache/superset/pull/23226) Migrated endpoint `/estimate_query_cost/<int:database_id>` to `/api/v1/sqllab/estimate/`. Corresponding permissions are can estimate query cost on SQLLab. Make sure you add/replace the necessary permissions on any custom roles you may have.
 - [22809](https://github.com/apache/superset/pull/22809): Migrated endpoint `/superset/sql_json` and `/superset/results/` to `/api/v1/sqllab/execute/` and `/api/v1/sqllab/results/` respectively. Corresponding permissions are `can sql_json on Superset` to `can execute on SQLLab`, `can results on Superset` to `can results on SQLLab`. Make sure you add/replace the necessary permissions on any custom roles you may have.
@@ -50,6 +49,7 @@ assists people when migrating to a new version.
 
 ### Breaking Changes
 
+- [23785](https://github.com/apache/superset/pull/23785) Deprecated the following feature flags: `CLIENT_CACHE`, `DASHBOARD_CACHE`, `DASHBOARD_FILTERS_EXPERIMENTAL`, `DASHBOARD_NATIVE_FILTERS`, `DASHBOARD_NATIVE_FILTERS_SET`, `DISABLE_DATASET_SOURCE_EDIT`, `ENABLE_EXPLORE_JSON_CSRF_PROTECTION`, `REMOVE_SLICE_LEVEL_LABEL_COLORS`. It also removed `DASHBOARD_EDIT_CHART_IN_NEW_TAB` as the feature is supported without the need for a feature flag.
 - [22801](https://github.com/apache/superset/pull/22801): The Thumbnails feature has been changed to execute as the currently logged in user by default, falling back to the selenium user for anonymous users. To continue always using the selenium user, please add the following to your `superset_config.py`: `THUMBNAILS_EXECUTE_AS = ["selenium"]`
 - [22799](https://github.com/apache/superset/pull/22799): Alerts & Reports has been changed to execute as the owner of the alert/report by default, giving priority to the last modifier and then the creator if either is contained within the list of owners, otherwise the first owner will be used. To continue using the selenium user, please add the following to your `superset_config.py`: `ALERT_REPORTS_EXECUTE_AS = ["selenium"]`
 - [23651](https://github.com/apache/superset/pull/23651): Removes UX_BETA feature flag.
diff --git a/superset/config.py b/superset/config.py
index afb6504ee..63cabf1c4 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -834,7 +834,6 @@ BACKUP_COUNT = 30
 #     database,
 #     query,
 #     schema=None,
-#     user=None,  # TODO(john-bodley): Deprecate in 3.0.
 #     client=None,
 #     security_manager=None,
 #     log_params=None,
@@ -1188,7 +1187,6 @@ DB_CONNECTION_MUTATOR = None
 #
 #    def SQL_QUERY_MUTATOR(
 #        sql,
-#        user_name=user_name,  # TODO(john-bodley): Deprecate in 3.0.
 #        security_manager=security_manager,
 #        database=database,
 #    ):
diff --git a/superset/connectors/sqla/models.py b/superset/connectors/sqla/models.py
index 5f487f60f..8833d6f6c 100644
--- a/superset/connectors/sqla/models.py
+++ b/superset/connectors/sqla/models.py
@@ -117,7 +117,7 @@ from superset.models.helpers import (
 from superset.sql_parse import ParsedQuery, sanitize_clause
 from superset.superset_typing import AdhocColumn, AdhocMetric, Metric, QueryObjectDict
 from superset.utils import core as utils
-from superset.utils.core import GenericDataType, get_username, MediumText
+from superset.utils.core import GenericDataType, MediumText
 
 config = app.config
 metadata = Model.metadata  # pylint: disable=no-member
@@ -829,8 +829,6 @@ class SqlaTable(
         if sql_query_mutator and not mutate_after_split:
             sql = sql_query_mutator(
                 sql,
-                # TODO(john-bodley): Deprecate in 3.0.
-                user_name=get_username(),
                 security_manager=security_manager,
                 database=self.database,
             )
diff --git a/superset/db_engine_specs/base.py b/superset/db_engine_specs/base.py
index 221872f54..1b46bb35b 100644
--- a/superset/db_engine_specs/base.py
+++ b/superset/db_engine_specs/base.py
@@ -68,7 +68,7 @@ from superset.errors import ErrorLevel, SupersetError, SupersetErrorType
 from superset.sql_parse import ParsedQuery, Table
 from superset.superset_typing import ResultSetColumnType
 from superset.utils import core as utils
-from superset.utils.core import ColumnSpec, GenericDataType, get_username
+from superset.utils.core import ColumnSpec, GenericDataType
 from superset.utils.hashing import md5_sha_from_str
 from superset.utils.network import is_hostname_valid, is_port_open
 
@@ -1393,7 +1393,6 @@ class BaseEngineSpec:  # pylint: disable=too-many-public-methods
         if sql_query_mutator and not mutate_after_split:
             sql = sql_query_mutator(
                 sql,
-                user_name=get_username(),  # TODO(john-bodley): Deprecate in 3.0.
                 security_manager=security_manager,
                 database=database,
             )
diff --git a/superset/models/core.py b/superset/models/core.py
index 592207fab..ee50f0634 100755
--- a/superset/models/core.py
+++ b/superset/models/core.py
@@ -551,7 +551,6 @@ class Database(
     ) -> pd.DataFrame:
         sqls = self.db_engine_spec.parse_sql(sql)
         engine = self._get_sqla_engine(schema)
-        username = utils.get_username()
         mutate_after_split = config["MUTATE_AFTER_SPLIT"]
         sql_query_mutator = config["SQL_QUERY_MUTATOR"]
 
@@ -568,7 +567,6 @@ class Database(
                     engine.url,
                     sql,
                     schema,
-                    get_username(),
                     __name__,
                     security_manager,
                 )
@@ -579,7 +577,6 @@ class Database(
                 if mutate_after_split:
                     sql_ = sql_query_mutator(
                         sql_,
-                        user_name=username,
                         security_manager=security_manager,
                         database=None,
                     )
@@ -590,7 +587,6 @@ class Database(
             if mutate_after_split:
                 last_sql = sql_query_mutator(
                     sqls[-1],
-                    user_name=username,
                     security_manager=security_manager,
                     database=None,
                 )
diff --git a/superset/models/helpers.py b/superset/models/helpers.py
index 558ad15fc..32c6f5ff6 100644
--- a/superset/models/helpers.py
+++ b/superset/models/helpers.py
@@ -883,7 +883,6 @@ class ExploreMixin:  # pylint: disable=too-many-public-methods
         if sql_query_mutator := config["SQL_QUERY_MUTATOR"]:
             sql = sql_query_mutator(
                 sql,
-                user_name=utils.get_username(),  # TODO(john-bodley): Deprecate in 3.0.
                 security_manager=security_manager,
                 database=self.database,
             )
diff --git a/superset/sql_lab.py b/superset/sql_lab.py
index 0f373a351..5cb52d4d1 100644
--- a/superset/sql_lab.py
+++ b/superset/sql_lab.py
@@ -53,7 +53,6 @@ from superset.sql_parse import CtasMethod, insert_rls, ParsedQuery
 from superset.sqllab.limiting_factor import LimitingFactor
 from superset.utils.celery import session_scope
 from superset.utils.core import (
-    get_username,
     json_iso_dttm_ser,
     override_user,
     QuerySource,
@@ -255,7 +254,6 @@ def execute_sql_statement(  # pylint: disable=too-many-arguments,too-many-statem
     # Hook to allow environment-specific mutation (usually comments) to the SQL
     sql = SQL_QUERY_MUTATOR(
         sql,
-        user_name=get_username(),  # TODO(john-bodley): Deprecate in 3.0.
         security_manager=security_manager,
         database=database,
     )
@@ -266,7 +264,6 @@ def execute_sql_statement(  # pylint: disable=too-many-arguments,too-many-statem
                 query.database.sqlalchemy_uri,
                 query.executed_sql,
                 query.schema,
-                get_username(),
                 __name__,
                 security_manager,
                 log_params,
diff --git a/superset/sql_validators/presto_db.py b/superset/sql_validators/presto_db.py
index 10ef1fc1e..c5ecf4c96 100644
--- a/superset/sql_validators/presto_db.py
+++ b/superset/sql_validators/presto_db.py
@@ -24,7 +24,7 @@ from superset import app, security_manager
 from superset.models.core import Database
 from superset.sql_parse import ParsedQuery
 from superset.sql_validators.base import BaseSQLValidator, SQLValidationAnnotation
-from superset.utils.core import get_username, QuerySource
+from superset.utils.core import QuerySource
 
 MAX_ERROR_ROWS = 10
 
@@ -57,7 +57,6 @@ class PrestoDBSQLValidator(BaseSQLValidator):
         if sql_query_mutator := config["SQL_QUERY_MUTATOR"]:
             sql = sql_query_mutator(
                 sql,
-                user_name=get_username(),  # TODO(john-bodley): Deprecate in 3.0.
                 security_manager=security_manager,
                 database=database,
             )