secure-systems-lab · jku · Jan 29, 2025 · Jan 13, 2025 · Jan 14, 2025 · Jan 14, 2025
diff --git a/requirements-lint.txt b/requirements-lint.txt
@@ -1,2 +1,2 @@
 mypy==1.14.1
-ruff==0.8.6
+ruff==0.9.1
diff --git a/securesystemslib/_gpg/common.py b/securesystemslib/_gpg/common.py
@@ -385,8 +385,9 @@ def _assign_certified_key_info(bundle):
 
             if not is_valid:
                 log.info(
-                    "Ignoring invalid User ID self-certificate issued "
-                    "by '{}'.".format(signature["keyid"])
+                    "Ignoring invalid User ID self-certificate issued by '{}'.".format(
+                        signature["keyid"]
+                    )
                 )
                 continue
 
@@ -752,11 +753,9 @@ def parse_signature_packet(
     hashed_subpackets = data[ptr : ptr + hashed_octet_count]
     hashed_subpacket_info = gpg_util.parse_subpackets(hashed_subpackets)
 
-    # Check whether we were actually able to read this much hashed octets
     if len(hashed_subpackets) != hashed_octet_count:  # pragma: no cover
         raise ValueError(
-            "This signature packet seems to be corrupted."
-            "It is missing hashed octets!"
+            "Signature packet contains an unexpected amount of hashed octets"
         )
 
     ptr += hashed_octet_count

diff --git a/securesystemslib/_gpg/eddsa.py b/securesystemslib/_gpg/eddsa.py
@@ -79,8 +79,7 @@ def get_pubkey_params(data):
     # See 9.2. ECC Curve OID
     if curve_oid != ED25519_PUBLIC_KEY_OID:
         raise PacketParsingError(
-            f"bad ed25519 curve OID '{curve_oid}', "
-            f"expected {ED25519_PUBLIC_KEY_OID}'"
+            f"bad ed25519 curve OID '{curve_oid}', expected {ED25519_PUBLIC_KEY_OID}'"
         )
 
     # See 13.3. EdDSA Point Format

diff --git a/securesystemslib/_gpg/util.py b/securesystemslib/_gpg/util.py
@@ -192,7 +192,7 @@ def parse_packet_header(data, expected_type=None):  # noqa: PLR0912
 
         elif length_type == 3:
             raise PacketParsingError(
-                "Old length " "format packets of indeterminate length are not supported"
+                "Old length format packets of indeterminate length are not supported"
             )
 
         else:  # pragma: no cover (unreachable)

diff --git a/tests/check_public_interfaces_gpg.py b/tests/check_public_interfaces_gpg.py
@@ -39,9 +39,9 @@
 class TestPublicInterfacesGPG(unittest.TestCase):
     @classmethod
     def setUpClass(cls):
-        assert (
-            not have_gpg()
-        ), "please remove GnuPG from your environment to run this test case"
+        assert not have_gpg(), (
+            "please remove GnuPG from your environment to run this test case"
+        )
 
     def test_gpg_functions(self):
         """Signing, key export and util functions must raise on missing gpg."""

diff --git a/tests/test_gpg.py b/tests/test_gpg.py
@@ -693,7 +693,7 @@ def test_verify_signature_with_expired_key(self):
         )
         self.assertTrue(
             expected == str(ctx.exception),
-            f"\nexpected: {expected}" "\ngot:      {ctx.exception}",
+            f"\nexpected: {expected}\ngot:      {{ctx.exception}}",
         )
 
 

diff --git a/tox.ini b/tox.ini
@@ -71,6 +71,12 @@ commands =
 
     mypy {[testenv:lint]lint_dirs}
 
+[testenv:fix]
+deps = {[testenv:lint]deps}
+commands =
+    ruff check --fix {[testenv:lint]lint_dirs}
+    ruff format {[testenv:lint]lint_dirs}
+
 # Requires docker running
 [testenv:local-aws-kms]
 deps =