diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index d3ccf45313..b4bc8eaad8 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -13,7 +13,7 @@ This release is API compatible but contains a major internal change in the HTTP the fetcher at Updater initialization and explicitly depending on requests * ngclient: TLS certificate source was changed. Certificates now come from operating system certificate store instead of `certifi` (#2762) -* Test infrastucture has improved and should now be more usable externally, e.g. in +* Test infrastructure has improved and should now be more usable externally, e.g. in distro test suites (#2749) ## v5.1.0 @@ -789,7 +789,7 @@ Note: This is a backwards-incompatible pre-release. * Minor bug fixes, such as catching correct type and number of exceptions, detection of slow retrieval attack, etc. -* Do not list Root's hash and lenth in Snapshot (only its version number). +* Do not list Root's hash and length in Snapshot (only its version number). * Allow user to configure hashing algorithm used to generate hashed bin delegations. diff --git a/docs/_posts/2022-05-04-ngclient-design.md b/docs/_posts/2022-05-04-ngclient-design.md index 3c5623f662..73014daf5b 100644 --- a/docs/_posts/2022-05-04-ngclient-design.md +++ b/docs/_posts/2022-05-04-ngclient-design.md @@ -7,7 +7,7 @@ We recently released a new TUF client implementation, `ngclient`, in Python-TUF. # Simpler implementation, "correct" abstractions -The legacy code had a few problems that could be summarized as non-optimal abstractions: Significant effort had been put to code re-use, but not enough attention had been paid to ensure the expectations and promises of that shared code were the same in all cases of re-use. This combined with Pythons type ambiguity, use of dictionaries as "blob"-like data structures and extensive use of global state meant touching the shared functions was a gamble: there was no way to be sure something wouldn't break. +The legacy code had a few problems that could be summarized as non-optimal abstractions: Significant effort had been put to code reuse, but not enough attention had been paid to ensure the expectations and promises of that shared code were the same in all cases of reuse. This combined with Pythons type ambiguity, use of dictionaries as "blob"-like data structures and extensive use of global state meant touching the shared functions was a gamble: there was no way to be sure something wouldn't break. During the redesign, we really concentrated on finding abstractions that fit the processes we wanted to implement. It may be worth mentioning that in some cases this meant abstractions that have no equivalent in the TUF specification: some of the issues in the legacy implementation look like the result of mapping the TUF specifications [_Detailed client workflow_](https://theupdateframework.github.io/specification/latest/#detailed-client-workflow) directly into code. diff --git a/examples/manual_repo/hashed_bin_delegation.py b/examples/manual_repo/hashed_bin_delegation.py index 0c90651fad..144a612e7d 100644 --- a/examples/manual_repo/hashed_bin_delegation.py +++ b/examples/manual_repo/hashed_bin_delegation.py @@ -7,7 +7,7 @@ 'repository_lib'. (see ADR-0010 for details about repository library design) Contents: -- Re-usable hash bin delegation helpers +- Reusable hash bin delegation helpers - Basic hash bin delegation example See 'basic_repo.py' for a more comprehensive TUF metadata API example. @@ -133,7 +133,7 @@ def find_hash_bin(path: str) -> str: # Keys # ---- # Given that the primary concern of hash bin delegation is to reduce network -# overhead, it is acceptable to re-use one signing key for all delegated +# overhead, it is acceptable to reuse one signing key for all delegated # targets roles (bin-n). However, we do use a different key for the delegating # targets role (bins). Considering the high responsibility but also low # volatility of the bins role, it is recommended to require signature diff --git a/tests/simple_server.py b/tests/simple_server.py index 7b6f6096ec..2979f63ae3 100755 --- a/tests/simple_server.py +++ b/tests/simple_server.py @@ -8,8 +8,8 @@ import socketserver from http.server import SimpleHTTPRequestHandler -# Allow re-use so you can re-run tests as often as you want even if the -# tests re-use ports. Otherwise TCP TIME-WAIT prevents reuse for ~1 minute +# Allow reuse so you can re-run tests as often as you want even if the +# tests reuse ports. Otherwise TCP TIME-WAIT prevents reuse for ~1 minute socketserver.TCPServer.allow_reuse_address = True httpd = socketserver.TCPServer(("localhost", 0), SimpleHTTPRequestHandler) diff --git a/tests/test_api.py b/tests/test_api.py index 5f2e7f8c98..7b80d36041 100644 --- a/tests/test_api.py +++ b/tests/test_api.py @@ -105,7 +105,7 @@ def test_generic_read(self) -> None: (Timestamp.type, Timestamp), (Targets.type, Targets), ]: - # Load JSON-formatted metdata of each supported type from file + # Load JSON-formatted metadata of each supported type from file # and from out-of-band read JSON string path = os.path.join(self.repo_dir, "metadata", metadata + ".json") md_obj = Metadata.from_file(path) @@ -181,7 +181,7 @@ def test_to_from_bytes(self) -> None: with open(path, "rb") as f: metadata_bytes = f.read() md_obj = Metadata.from_bytes(metadata_bytes) - # Comparate that from_bytes/to_bytes doesn't change the content + # Compare that from_bytes/to_bytes doesn't change the content # for two cases for the serializer: noncompact and compact. # Case 1: test noncompact by overriding the default serializer. diff --git a/tests/test_examples.py b/tests/test_examples.py index 208603ff64..462a660fbc 100644 --- a/tests/test_examples.py +++ b/tests/test_examples.py @@ -48,7 +48,7 @@ def tearDown(self) -> None: def _run_script_and_assert_files( self, script_name: str, filenames_created: list[str] ) -> None: - """Run script in exmple dir and assert that it created the + """Run script in example dir and assert that it created the files corresponding to the passed filenames inside a 'tmp*' test dir at CWD.""" script_path = str(self.repo_examples_dir / script_name) diff --git a/tests/test_metadata_eq_.py b/tests/test_metadata_eq_.py index 428c5ed590..4768c86761 100644 --- a/tests/test_metadata_eq_.py +++ b/tests/test_metadata_eq_.py @@ -27,7 +27,7 @@ ) -class TestMetadataComparisions(unittest.TestCase): +class TestMetadataComparisons(unittest.TestCase): """Test __eq__ for all classes inside tuf/api/metadata.py.""" metadata: ClassVar[dict[str, bytes]] diff --git a/tests/test_repository.py b/tests/test_repository.py index f5179e52fd..5f43e8e3b8 100644 --- a/tests/test_repository.py +++ b/tests/test_repository.py @@ -209,7 +209,7 @@ def test_do_snapshot_after_snapshot_key_change(self) -> None: self.assertEqual(2, snapshot_versions[-1].signed.version) def test_do_timestamp(self) -> None: - # Expect no-op because snpashot has not changed and timestamp is still valid + # Expect no-op because snapshot has not changed and timestamp is still valid created, _ = self.repo.do_timestamp() self.assertFalse(created) diff --git a/tests/test_trusted_metadata_set.py b/tests/test_trusted_metadata_set.py index 076a205cc2..bd8113eb4a 100644 --- a/tests/test_trusted_metadata_set.py +++ b/tests/test_trusted_metadata_set.py @@ -152,17 +152,17 @@ def test_update_metadata_output(self) -> None: ) snapshot = self.trusted_set.update_snapshot(self.metadata["snapshot"]) targets = self.trusted_set.update_targets(self.metadata["targets"]) - delegeted_targets_1 = self.trusted_set.update_delegated_targets( + delegated_targets_1 = self.trusted_set.update_delegated_targets( self.metadata["role1"], "role1", "targets" ) - delegeted_targets_2 = self.trusted_set.update_delegated_targets( + delegated_targets_2 = self.trusted_set.update_delegated_targets( self.metadata["role2"], "role2", "role1" ) self.assertIsInstance(timestamp, Timestamp) self.assertIsInstance(snapshot, Snapshot) self.assertIsInstance(targets, Targets) - self.assertIsInstance(delegeted_targets_1, Targets) - self.assertIsInstance(delegeted_targets_2, Targets) + self.assertIsInstance(delegated_targets_1, Targets) + self.assertIsInstance(delegated_targets_2, Targets) def test_out_of_order_ops(self) -> None: # Update snapshot before timestamp @@ -193,7 +193,7 @@ def test_out_of_order_ops(self) -> None: self.trusted_set.update_targets(self.metadata[Targets.type]) - # Update snapshot after sucessful targets update + # Update snapshot after successful targets update with self.assertRaises(RuntimeError): self.trusted_set.update_snapshot(self.metadata[Snapshot.type]) diff --git a/tests/test_updater_delegation_graphs.py b/tests/test_updater_delegation_graphs.py index ecdecdd19e..770a1b3d71 100644 --- a/tests/test_updater_delegation_graphs.py +++ b/tests/test_updater_delegation_graphs.py @@ -399,7 +399,7 @@ def test_hash_bins_graph_traversal( ) -> None: """Test that delegated roles are traversed in the order of appearance in the delegator's metadata, using pre-order depth-first search and that - they correctly reffer to the corresponding hash bin prefixes""" + they correctly refer to the corresponding hash bin prefixes""" try: exp_files = [*TOP_LEVEL_ROLE_NAMES, *test_data.visited_order] @@ -440,37 +440,37 @@ class SuccinctRolesTestCase: # In each test case target_path is a path to a random target we want to # fetch and expected_target_bin is the bin we are expecting to visit. succinct_bins_graph = { - "bin amount = 2, taget bin index 0": SuccinctRolesTestCase( + "bin amount = 2, target bin index 0": SuccinctRolesTestCase( bit_length=1, target_path="boo", expected_target_bin="bin-0", ), - "bin amount = 2, taget bin index 1": SuccinctRolesTestCase( + "bin amount = 2, target bin index 1": SuccinctRolesTestCase( bit_length=1, target_path="too", expected_target_bin="bin-1", ), - "bin amount = 4, taget bin index 0": SuccinctRolesTestCase( + "bin amount = 4, target bin index 0": SuccinctRolesTestCase( bit_length=2, target_path="foo", expected_target_bin="bin-0", ), - "bin amount = 4, taget bin index 1": SuccinctRolesTestCase( + "bin amount = 4, target bin index 1": SuccinctRolesTestCase( bit_length=2, target_path="doo", expected_target_bin="bin-1", ), - "bin amount = 4, taget bin index 2": SuccinctRolesTestCase( + "bin amount = 4, target bin index 2": SuccinctRolesTestCase( bit_length=2, target_path="too", expected_target_bin="bin-2", ), - "bin amount = 4, taget bin index 3": SuccinctRolesTestCase( + "bin amount = 4, target bin index 3": SuccinctRolesTestCase( bit_length=2, target_path="bar", expected_target_bin="bin-3", ), - "bin amount = 256, taget bin index fc": SuccinctRolesTestCase( + "bin amount = 256, target bin index fc": SuccinctRolesTestCase( bit_length=8, target_path="bar", expected_target_bin="bin-fc", diff --git a/tests/test_updater_key_rotations.py b/tests/test_updater_key_rotations.py index b78113d67d..f79c3dd997 100644 --- a/tests/test_updater_key_rotations.py +++ b/tests/test_updater_key_rotations.py @@ -209,7 +209,7 @@ def test_root_rotation(self, root_versions: list[MdVersion]) -> None: MdVersion(keys=[2], threshold=1, sigs=[1, 3, 4], res=UnsignedMetadataError), "3-of-5, one key signature wrong: not signed with 3 expected keys": MdVersion(keys=[0, 1, 3, 4, 5], threshold=3, sigs=[0, 2, 4], res=UnsignedMetadataError), - "2-of-5, one key signature mising: threshold not reached": + "2-of-5, one key signature missing: threshold not reached": MdVersion(keys=[0, 1, 3, 4, 5], threshold=3, sigs=[0, 4], res=UnsignedMetadataError), "3-of-5, sign first combo": MdVersion(keys=[0, 1, 2, 3, 4], threshold=3, sigs=[0, 2, 4]), diff --git a/tests/test_updater_top_level_update.py b/tests/test_updater_top_level_update.py index 68a2a74eaf..76c74d4b57 100644 --- a/tests/test_updater_top_level_update.py +++ b/tests/test_updater_top_level_update.py @@ -820,7 +820,7 @@ def test_expired_metadata(self) -> None: - Repository bumps snapshot and targets to v2 on day 0 - Timestamp v2 expiry set to day 21 - Second updater refresh performed on day 18, - it is successful and timestamp/snaphot final versions are v2""" + it is successful and timestamp/snapshot final versions are v2""" now = datetime.datetime.now(timezone.utc) self.sim.timestamp.expires = now + datetime.timedelta(days=7) diff --git a/tests/utils.py b/tests/utils.py index 1f6d9ad9f1..bbfb07dbaa 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -261,7 +261,7 @@ def _start_redirect_thread(self) -> None: @staticmethod def _log_queue_worker(stream: IO, line_queue: queue.Queue) -> None: """ - Worker function to run in a seprate thread. + Worker function to run in a separate thread. Reads from 'stream', puts lines in a Queue (Queue is thread-safe). """ @@ -356,7 +356,7 @@ def clean(self) -> None: Calls flush_log to check for logged information, but not yet flushed. """ - # If there is anything logged, flush it before closing the resourses. + # If there is anything logged, flush it before closing the resources. self.flush_log() self._kill_server_process() diff --git a/tuf/api/exceptions.py b/tuf/api/exceptions.py index f74be40a4e..d5ba2ecce0 100644 --- a/tuf/api/exceptions.py +++ b/tuf/api/exceptions.py @@ -63,7 +63,7 @@ class DownloadHTTPError(DownloadError): Returned by FetcherInterface implementations for HTTP errors. Args: - message: The HTTP error messsage + message: The HTTP error message status_code: The HTTP status code """ diff --git a/tuf/ngclient/config.py b/tuf/ngclient/config.py index 82eed82715..3a41fad451 100644 --- a/tuf/ngclient/config.py +++ b/tuf/ngclient/config.py @@ -29,7 +29,7 @@ class UpdaterConfig: Args: max_root_rotations: Maximum number of root rotations. max_delegations: Maximum number of delegations. - root_max_length: Maxmimum length of a root metadata file. + root_max_length: Maximum length of a root metadata file. timestamp_max_length: Maximum length of a timestamp metadata file. snapshot_max_length: Maximum length of a snapshot metadata file. targets_max_length: Maximum length of a targets metadata file. diff --git a/tuf/ngclient/updater.py b/tuf/ngclient/updater.py index 020f67a298..2504c86aa4 100644 --- a/tuf/ngclient/updater.py +++ b/tuf/ngclient/updater.py @@ -90,7 +90,7 @@ class Updater: download both metadata and targets. Default is ``Urllib3Fetcher`` config: ``Optional``; ``UpdaterConfig`` could be used to setup common configuration options. - bootstrap: ``Optional``; initial root metadata. A boostrap root should + bootstrap: ``Optional``; initial root metadata. A bootstrap root should always be provided. If it is not, the current root.json in the metadata cache is used as the initial root.