Skip to content

build(deps): bump securesystemslib from 1.2.0 to 1.3.0 in the dependencies group #2826

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Apr 22, 2025
Merged

build(deps): bump securesystemslib from 1.2.0 to 1.3.0 in the dependencies group #2826

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
394d47c
build(deps): bump securesystemslib in the dependencies group
dependabot[bot] Apr 21, 2025
ee50fea
annotation fixes
jku Mar 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,6 @@ disable_error_code = ["attr-defined"]
[[tool.mypy.overrides]]
module = [
"requests.*",
"securesystemslib.*",
]
ignore_missing_imports = "True"

Expand Down
2 changes: 1 addition & 1 deletion requirements/pinned.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ cryptography==44.0.2
# via securesystemslib
pycparser==2.22
# via cffi
securesystemslib==1.2.0
securesystemslib==1.3.0
# via -r requirements/main.txt
urllib3==2.4.0
# via -r requirements/main.txt
43 changes: 23 additions & 20 deletions tests/test_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
Key,
SecretsHandler,
Signer,
SSlibKey,
)

from tests import utils
Expand Down Expand Up @@ -244,11 +245,11 @@ class FailingSigner(Signer):
@classmethod
def from_priv_key_uri(
cls,
priv_key_uri: str,
public_key: Key,
secrets_handler: SecretsHandler | None = None,
_priv_key_uri: str,
_public_key: Key,
_secrets_handler: SecretsHandler | None = None,
) -> Signer:
pass
raise RuntimeError("Not a real signer")

@property
def public_key(self) -> Key:
Expand Down Expand Up @@ -469,43 +470,45 @@ def test_signed_verify_delegate(self) -> None:
)

def test_verification_result(self) -> None:
vr = VerificationResult(3, {"a": None}, {"b": None})
key = SSlibKey("", "", "", {"public": ""})
vr = VerificationResult(3, {"a": key}, {"b": key})
self.assertEqual(vr.missing, 2)
self.assertFalse(vr.verified)
self.assertFalse(vr)

# Add a signature
vr.signed["c"] = None
vr.signed["c"] = key
self.assertEqual(vr.missing, 1)
self.assertFalse(vr.verified)
self.assertFalse(vr)

# Add last missing signature
vr.signed["d"] = None
vr.signed["d"] = key
self.assertEqual(vr.missing, 0)
self.assertTrue(vr.verified)
self.assertTrue(vr)

# Add one more signature
vr.signed["e"] = None
vr.signed["e"] = key
self.assertEqual(vr.missing, 0)
self.assertTrue(vr.verified)
self.assertTrue(vr)

def test_root_verification_result(self) -> None:
vr1 = VerificationResult(3, {"a": None}, {"b": None})
vr2 = VerificationResult(1, {"c": None}, {"b": None})
key = SSlibKey("", "", "", {"public": ""})
vr1 = VerificationResult(3, {"a": key}, {"b": key})
vr2 = VerificationResult(1, {"c": key}, {"b": key})

vr = RootVerificationResult(vr1, vr2)
self.assertEqual(vr.signed, {"a": None, "c": None})
self.assertEqual(vr.unsigned, {"b": None})
self.assertEqual(vr.signed, {"a": key, "c": key})
self.assertEqual(vr.unsigned, {"b": key})
self.assertFalse(vr.verified)
self.assertFalse(vr)

vr1.signed["c"] = None
vr1.signed["f"] = None
self.assertEqual(vr.signed, {"a": None, "c": None, "f": None})
self.assertEqual(vr.unsigned, {"b": None})
vr1.signed["c"] = key
vr1.signed["f"] = key
self.assertEqual(vr.signed, {"a": key, "c": key, "f": key})
self.assertEqual(vr.unsigned, {"b": key})
self.assertTrue(vr.verified)
self.assertTrue(vr)

Expand Down Expand Up @@ -678,7 +681,7 @@ def test_root_add_key_and_revoke_key(self) -> None:

# Assert that add_key with old argument order will raise an error
with self.assertRaises(ValueError):
root.signed.add_key(Root.type, key)
root.signed.add_key(Root.type, key) # type: ignore [arg-type]

# Add new root key
root.signed.add_key(key, Root.type)
Expand Down Expand Up @@ -778,7 +781,7 @@ def test_targets_key_api(self) -> None:

# Assert that add_key with old argument order will raise an error
with self.assertRaises(ValueError):
targets.add_key("role1", key)
targets.add_key(Root.type, key) # type: ignore [arg-type]

# Assert that delegated role "role1" does not contain the new key
self.assertNotIn(key.keyid, targets.delegations.roles["role1"].keyids)
Expand Down Expand Up @@ -1178,7 +1181,7 @@ def test_serialization(self) -> None:
self.assertEqual(metadata.signed, payload)

def test_fail_envelope_serialization(self) -> None:
envelope = SimpleEnvelope(b"foo", "bar", ["baz"])
envelope = SimpleEnvelope(b"foo", "bar", []) # type: ignore[arg-type]
with self.assertRaises(SerializationError):
envelope.to_bytes()

Expand All @@ -1193,7 +1196,7 @@ def test_fail_payload_serialization(self) -> None:
def test_fail_payload_deserialization(self) -> None:
payloads = [b"[", b'{"_type": "foo"}']
for payload in payloads:
envelope = SimpleEnvelope(payload, "bar", [])
envelope = SimpleEnvelope(payload, "bar", {})
with self.assertRaises(DeserializationError):
envelope.get_signed()

Expand Down