Bump the python-dependencies group with 2 updates (#286)

dependabot[bot] · jku · web-flow · commit 8e22261dbb15 · 2025-05-13T13:26:03.000+03:00
* Bump the python-dependencies group with 2 updates Bumps the python-dependencies group with 2 updates: [securesystemslib[crypto]](https://github.com/secure-systems-lab/securesystemslib) and [ruff](https://github.com/astral-sh/ruff). Updates `securesystemslib[crypto]` from 1.2.0 to 1.3.0 - [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases) - [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md) - [Commits](secure-systems-lab/securesystemslib@v1.2.0...v1.3.0) Updates `ruff` from 0.11.5 to 0.11.6 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.11.5...0.11.6) --- updated-dependencies: - dependency-name: securesystemslib[crypto] dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: ruff dependency-version: 0.11.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> * lint: Update securesystemslib annotations securesystemslib now has actual annotations, make sure we respect them. There are no functional changes (the added assert cannot in practice happen: the API is just weird). Signed-off-by: Jussi Kukkonen <jkukkonen@google.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jussi Kukkonen <jkukkonen@google.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jussi Kukkonen <jkukkonen@google.com>
diff --git a/pyproject.toml b/pyproject.toml
@@ -5,7 +5,7 @@ build-backend = "hatchling.build"
 [project]
 name = "tuf-conformance"
 dependencies = [
-    "securesystemslib[crypto]==1.2.0",
+    "securesystemslib[crypto]==1.3.0",
     "tuf==6.0.0",
     "pytest==8.3.5"
 ]
@@ -15,7 +15,7 @@ requires-python = ">= 3.10"
 [project.optional-dependencies]
 lint = [
     "mypy==1.15.0",
-    "ruff==0.11.5"
+    "ruff==0.11.6"
 ]
 
 [tool.hatch.version]
diff --git a/tuf_conformance/_internal/repository_simulator.py b/tuf_conformance/_internal/repository_simulator.py
@@ -169,7 +169,7 @@ def new_signer(
                 f"Test ran out of {keytype}/{scheme} keys (NUM_SIGNERS = {NUM_SIGNERS})"
             )
 
-    def add_signer(self, role: str, signer: CryptoSigner) -> None:
+    def add_signer(self, role: str, signer: Signer) -> None:
         if role not in self.signers:
             self.signers[role] = {}
         keyid = signer.public_key.keyid
@@ -448,7 +448,7 @@ def add_key(
         self,
         role: str,
         delegator_name: str = Root.type,
-        signer: CryptoSigner | None = None,
+        signer: Signer | None = None,
     ) -> None:
         """add new public key to delegating metadata and store the signer for role"""
         if signer is None:
diff --git a/tuf_conformance/test_basic.py b/tuf_conformance/test_basic.py
@@ -13,9 +13,11 @@
 
 def recalculate_keyid(key: Key) -> None:
     """method to recalculate keyid: needed if key content is modified"""
-    data: bytes = encode_canonical(key.to_dict()).encode()
+    canonical_key = encode_canonical(key.to_dict())
+    assert canonical_key
+
     hasher = digest("sha256")
-    hasher.update(data)
+    hasher.update(canonical_key.encode())
     key.keyid = hasher.hexdigest()
 
 
