Use assert to check for None values

This is done only for hinting 'mypy' that we have
ensured these values cannot be None.

'Bandit' raises warnings for assert usage in the code
but we are disabling them since we do not rely upon
'asserts' for any runtime checks but only for type checking.

Signed-off-by: Teodora Sechkova <[email protected]>

Author: sechkova

tuf/ngclient/updater.py

@@ -336,6 +336,7 @@ def _load_snapshot(self) -> None:
             # Local snapshot does not exist or is invalid: update from remote
             logger.debug("Failed to load local snapshot %s", e)
 
+            assert self._trusted_set.timestamp is not None  # nosec
             metainfo = self._trusted_set.timestamp.signed.meta["snapshot.json"]
             length = metainfo.length or self.config.snapshot_max_length
             version = None
@@ -356,6 +357,7 @@ def _load_targets(self, role: str, parent_role: str) -> None:
             # Local 'role' does not exist or is invalid: update from remote
             logger.debug("Failed to load local %s: %s", role, e)
 
+            assert self._trusted_set.snapshot is not None  # nosec
             metainfo = self._trusted_set.snapshot.signed.meta[f"{role}.json"]
             length = metainfo.length or self.config.targets_max_length
             version = None