enable pyupgrade (UP) linter (#298)

* enable pyupgrade linter The main rule we're interested in is UP035, which helps prevent using deprecated imports. Specifically some of the `typing` imports which now live in `collections.abc`. I disabled two rules which consider some optional args as unnecessary, as there were many occurrences and it seemed opinionated. Signed-off-by: Spencer Schrock <sschrock@google.com> * autofix pyupgrade violations Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com>
sigstore · Aug 21, 2024 · 79b5e91 · 79b5e91
1 parent e18b1d5
commit 79b5e91
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 20 deletions.
diff --git a/pyproject.toml b/pyproject.toml
@@ -112,9 +112,13 @@ line-ending = "lf"
 skip-magic-trailing-comma = true
 
 [tool.ruff.lint]
-select = ["B", "D", "E", "F", "I", "N", "PLC", "PLE", "PT", "SIM", "W"]
-# TODO: selectively enable back most of these in subsequent PRs
-ignore = ["B024", "D100", "D101", "D102", "D103", "D104", "D105", "D107", "D417"]
+select = ["B", "D", "E", "F", "I", "N", "PLC", "PLE", "PT", "SIM", "UP", "W"]
+ignore = [
+  # TODO: selectively enable back most of these in subsequent PRs
+  "B024", "D100", "D101", "D102", "D103", "D104", "D105", "D107", "D417",
+  # Unnecessary arguments can help with clarity
+  "UP012", "UP015"
+]
 
 [tool.ruff.lint.flake8-tidy-imports]
 ban-relative-imports = "all"

diff --git a/src/model_signing/model.py b/src/model_signing/model.py
@@ -13,8 +13,9 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+from collections.abc import Callable, Iterable
 import pathlib
-from typing import Callable, Iterable, TypeAlias
+from typing import TypeAlias
 
 from model_signing.manifest import manifest
 from model_signing.serialization import serialization

diff --git a/src/model_signing/serialization/serialize_by_file_shard.py b/src/model_signing/serialization/serialize_by_file_shard.py
@@ -69,8 +69,7 @@ def _endpoints(step: int, end: int) -> Iterable[int]:
     Yields:
         Values in the range, from `step` and up to `end`.
     """
-    for value in range(step, end, step):
-        yield value
+    yield from range(step, end, step)
     yield end
 
 

diff --git a/src/model_signing/signature/key.py b/src/model_signing/signature/key.py
@@ -13,8 +13,6 @@
 # limitations under the License.
 """Functionality to sign and verify models with keys."""
 
-from typing import Optional
-
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import ec
 from cryptography.hazmat.primitives.hashes import SHA256
@@ -32,7 +30,7 @@
 
 
 def load_ec_private_key(
-    path: str, password: Optional[str] = None
+    path: str, password: str | None = None
 ) -> ec.EllipticCurvePrivateKey:
     private_key: ec.EllipticCurvePrivateKey
     with open(path, "rb") as fd:
@@ -50,7 +48,7 @@ def __init__(self, private_key: ec.EllipticCurvePrivateKey):
         self._private_key = private_key
 
     @classmethod
-    def from_path(cls, private_key_path: str, password: Optional[str] = None):
+    def from_path(cls, private_key_path: str, password: str | None = None):
         private_key = load_ec_private_key(private_key_path, password)
         return cls(private_key)
 

diff --git a/src/model_signing/signature/pki.py b/src/model_signing/signature/pki.py
@@ -13,7 +13,7 @@
 # limitations under the License.
 """Functionality to sign and verify models with certificates."""
 
-from typing import Optional, Self
+from typing import Self
 
 import certifi
 from cryptography import x509
@@ -67,10 +67,8 @@ def __init__(
         cert_pub_key = self._signing_cert.public_key()
         if pub_key != cert_pub_key:
             raise ValueError(
-                (
-                    "the private key's public key does not match the"
-                    " signing certificates public key"
-                )
+                "the private key's public key does not match the"
+                " signing certificates public key"
             )
         self._cert_chain = cert_chain
 
@@ -129,9 +127,7 @@ def __init__(
             self._store.add_cert(ssl_crypto.X509.from_cryptography(c))
 
     @classmethod
-    def from_paths(
-        cls, root_cert_paths: Optional[list[str]] | None = None
-    ) -> Self:
+    def from_paths(cls, root_cert_paths: list[str] | None = None) -> Self:
         crypto_trust_roots: list[x509.Certificate] = []
         if root_cert_paths:
             crypto_trust_roots = _load_multiple_certs(root_cert_paths)
@@ -171,14 +167,14 @@ def verify(self, bundle: bundle_pb.Bundle) -> None:
         )
         if not usage.value.digital_signature:
             raise VerificationError(
-                ("the certificate is not valid for digital signature usage")
+                "the certificate is not valid for digital signature usage"
             )
         ext_usage = signing_cert_crypto.extensions.get_extension_for_class(
             x509.ExtendedKeyUsage
         )
         if crypto_oid.ExtendedKeyUsageOID.CODE_SIGNING not in ext_usage.value:
             raise VerificationError(
-                ("the certificate is not valid for code signing usage")
+                "the certificate is not valid for code signing usage"
             )
 
         # Verify the contents with a key verifier