Add support for Python3.10

.github/workflows/unit_tests.yml

@@ -35,7 +35,7 @@ jobs:
       fail-fast: false # Don't cancel other jobs if one fails
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        python-version: ['3.11', '3.12']
+        python-version: ['3.10', '3.11', '3.12']
     steps:
     - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
     - name: Set up Hatch

pyproject.toml

@@ -15,6 +15,7 @@ classifiers = [
   "License :: OSI Approved :: Apache Software License",
   "Programming Language :: Python :: 3 :: Only",
   "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3.10",
   "Programming Language :: Python :: 3.11",
   "Programming Language :: Python :: 3.12",
   "Development Status :: 3 - Alpha",
@@ -30,7 +31,7 @@ dependencies = [
   "sigstore",
   "typing_extensions",
 ]
-requires-python = ">=3.11"
+requires-python = ">=3.10"
 keywords = [
   "machine learning",
   "artificial intelligence",
@@ -61,7 +62,7 @@ parallel = true
 randomize = true
 
 [[tool.hatch.envs.hatch-test.matrix]]
-python = ["3.11", "3.12"]
+python = ["3.10", "3.11", "3.12"]
 
 [tool.hatch.envs.docs]
 description = """Custom environment for pdoc.

src/model_signing/hashing/file.py

@@ -48,6 +48,7 @@
 
 import hashlib
 import pathlib
+import sys
 from typing import BinaryIO
 
 from typing_extensions import override
@@ -192,11 +193,24 @@
 
     @override
     def compute(self) -> hashing.Digest:
-        # https://github.com/python/typeshed/issues/2166
-        # pytype: disable=wrong-arg-types
-        digest = hashlib.file_digest(self._fd, self._algorithm)
-        # pytype: enable=wrong-arg-types
-        return hashing.Digest(self.digest_name, digest.digest())
+        if sys.version_info >= (3, 11):
+            # https://github.com/python/typeshed/issues/2166
+            # pytype: disable=wrong-arg-types
+            digest = hashlib.file_digest(self._fd, self._algorithm)
+            # pytype: enable=wrong-arg-types
+            return hashing.Digest(self.digest_name, digest.digest())
+
+        # Polyfill for Python 3.10
+        # https://github.com/python/cpython/blob/4deb32a992/Lib/hashlib.py#L195
+        hasher = hashlib.new(self._algorithm)
+        buffer = bytearray(2**18)
+        view = memoryview(buffer)
+        while True:
+            size = self._fd.readinto(buffer)
+            if size == 0:
+                break
+            hasher.update(view[:size])
+        return hashing.Digest(self.digest_name, hasher.digest())
 
     @property
     @override

src/model_signing/manifest/manifest.py

@@ -55,13 +55,19 @@
 from collections.abc import Iterable, Iterator
 import dataclasses
 import pathlib
-from typing import Self
+import sys
 
 from typing_extensions import override
 
 from model_signing.hashing import hashing
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 @dataclasses.dataclass(frozen=True)
 class ResourceDescriptor:
     """A description of any content from any `Manifest`.

src/model_signing/signing/as_bytes.py

@@ -18,14 +18,20 @@
 the hash computed from somewhere else and want to avoid the in-toto types.
 """
 
-from typing import Self
+import sys
 
 from typing_extensions import override
 
 from model_signing.manifest import manifest as manifest_module
 from model_signing.signing import signing
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 class BytesPayload(signing.SigningPayload):
     """A payload that is a view into the bytes of a digest."""
 

src/model_signing/signing/empty_signing.py

@@ -21,14 +21,20 @@
 """
 
 import pathlib
-from typing import Self
+import sys
 
 from typing_extensions import override
 
 from model_signing.manifest import manifest
 from model_signing.signing import signing
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 class EmptySigningPayload(signing.SigningPayload):
     """An empty signing payload, mostly just for testing."""
 

src/model_signing/signing/in_toto.py

@@ -20,7 +20,8 @@
 """
 
 import pathlib
-from typing import Any, Final, Self
+import sys
+from typing import Any, Final
 
 from in_toto_attestation.v1 import statement
 from typing_extensions import override
@@ -31,6 +32,12 @@
 from model_signing.signing import signing
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 class IntotoPayload(signing.SigningPayload):
     """A generic payload in in-toto format.
 

src/model_signing/signing/in_toto_signature.py

@@ -16,7 +16,7 @@
 
 import json
 import pathlib
-from typing import Self
+import sys
 
 from sigstore_protobuf_specs.dev.sigstore.bundle import v1 as bundle_pb
 from typing_extensions import override
@@ -28,19 +28,25 @@
 from model_signing.signing import signing
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 class IntotoSignature(signing.Signature):
     def __init__(self, bundle: bundle_pb.Bundle):
         self._bundle = bundle
 
     @override
     def write(self, path: pathlib.Path) -> None:
         path.write_text(self._bundle.to_json())
 
     @classmethod
     @override
     def read(cls, path: pathlib.Path) -> Self:
         bundle = bundle_pb.Bundle().from_json(path.read_text())
         return cls(bundle)
 
     def to_manifest(self) -> manifest_module.Manifest:
         payload = json.loads(self._bundle.dsse_envelope.payload)
@@ -54,7 +60,7 @@
     @override
     def sign(self, payload: signing.SigningPayload) -> IntotoSignature:
         if not isinstance(payload, in_toto.IntotoPayload):
             raise TypeError("only IntotoPayloads are supported")
         bundle = self._sig_signer.sign(payload.statement)
         return IntotoSignature(bundle)
 
@@ -66,6 +72,6 @@
     @override
     def verify(self, signature: signing.Signature) -> manifest_module.Manifest:
         if not isinstance(signature, IntotoSignature):
             raise TypeError("only IntotoSignature is supported")
         self._sig_verifier.verify(signature._bundle)
         return signature.to_manifest()

src/model_signing/signing/signing.py

@@ -43,11 +43,17 @@
 
 import abc
 import pathlib
-from typing import Self
+import sys
 
 from model_signing.manifest import manifest
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 class SigningPayload(metaclass=abc.ABCMeta):
     """Generic payload that we can sign."""
 

src/model_signing/signing/sigstore.py

@@ -16,7 +16,7 @@
 
 import json
 import pathlib
-from typing import Self
+import sys
 
 from google.protobuf import json_format
 from sigstore import dsse as sigstore_dsse
@@ -33,6 +33,12 @@
 from model_signing.signing import signing
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 _IN_TOTO_JSON_PAYLOAD_TYPE: str = "application/vnd.in-toto+json"
 _IN_TOTO_STATEMENT_TYPE: str = "https://in-toto.io/Statement/v1"
 

tests/signing/empty_signing_test.py

@@ -13,7 +13,7 @@
 # limitations under the License.
 
 import pathlib
-from typing import Self
+import sys
 
 import pytest
 from typing_extensions import override
@@ -25,6 +25,12 @@
 from tests import test_support
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 class TestEmptySigningPayload:
     def test_build_from_digest_manifest(self):
         digest = hashing.Digest("test", b"test_digest")

tests/signing/sigstore_test.py

@@ -16,7 +16,7 @@
 
 import json
 import pathlib
-from typing import Self
+import sys
 from unittest import mock
 
 import pytest
@@ -31,6 +31,12 @@
 from model_signing.signing import sigstore
 
 
+if sys.version_info >= (3, 11):
+    from typing import Self
+else:
+    from typing_extensions import Self
+
+
 class MockedSigstoreBundle:
     """Mocked SigstoreBundle that just records the signed payload."""