all: Make modern pylint happier.

python2.7 with pylint 1.9.5 python3.9 with pylint 2.6.0 Also, reduce the script of unused argument silencing.

all: Make modern pylint happier.
python2.7 with pylint 1.9.5 python3.9 with pylint 2.6.0 Also, reduce the script of unused argument silencing.
d14f0222 · Vincent Pelletier · e8fa4135 · d14f0222 · d14f0222 · d14f0222
Commit d14f0222 authored Jan 30, 2021 by Vincent Pelletier
6 changed files
--- a/.pylintrc
+++ b/.pylintrc
@@ -7,14 +7,19 @@ max-nested-blocks=6
 max-module-lines=1500
 [MESSAGES CONTROL]
-disable=C0103,C0330,R0903,R0914,R0912,R0915,R0902
+disable=
-# C0103 "Invalid name "%s" (should match %s)"
+  invalid-name,
-# C0330 bad-continuation
+  bad-continuation,
-# R0903 too-few-public-methods
+  bad-whitespace,
-# R0914 too-many-locals
+  too-few-public-methods,
-# R0912 too-many-branches
+  too-many-locals,
-# R0915 too-many-statements
+  too-many-branches,
-# R0902 too-many-instance-attributes
+  too-many-statements,
+  too-many-instance-attributes,
+  useless-object-inheritance,
+  unnecessary-pass,
+  raise-missing-from,
+  super-with-arguments
 [FORMAT]
 indent-string="  "
--- a/caucase/ca.py
+++ b/caucase/ca.py
@@ -48,7 +48,6 @@ _AUTO_SIGNED_NO = 0
 _AUTO_SIGNED_YES = 1
 _AUTO_SIGNED_PASSTHROUGH = 2
 _SUBJECT_OID_DICT = {
-  # pylint: disable=bad-whitespace
  'C' : x509.oid.NameOID.COUNTRY_NAME,
  'O' : x509.oid.NameOID.ORGANIZATION_NAME,
  'OU': x509.oid.NameOID.ORGANIZATIONAL_UNIT_NAME,
@@ -57,7 +56,6 @@ _SUBJECT_OID_DICT = {
  'L' : x509.oid.NameOID.LOCALITY_NAME,
  'SN': x509.oid.NameOID.SURNAME,
  'GN': x509.oid.NameOID.GIVEN_NAME,
-  # pylint: enable=bad-whitespace
 }
 _BACKUP_MAGIC = b'caucase\0'
 _CONFIG_NAME_AUTO_SIGN_CSR_AMOUNT = 'auto_sign_csr_amount'
@@ -203,7 +201,6 @@ class CertificateAuthority(object):
    digest = self._digest_list[0]
    ca_key_pair_list = []
    ca_certificate_chain = []
-    previous_crt = None
    previous_crt_pem = None
    previous_key = None
    for pem_key_pair in self._storage.getCAKeyPairList():
@@ -212,10 +209,9 @@ class CertificateAuthority(object):
        pem_key_pair['key_pem'],
      )
      crt_pem = pem_key_pair['crt_pem']
-      crt = utils.load_ca_certificate(pem_key_pair['crt_pem'])
      key = utils.load_privatekey(pem_key_pair['key_pem'])
      ca_key_pair_list.append({
-        'crt': crt,
+        'crt': utils.load_ca_certificate(pem_key_pair['crt_pem']),
        'key': key,
      })
      if previous_key is not None:
@@ -227,7 +223,6 @@ class CertificateAuthority(object):
          previous_key,
          digest,
        ))
-      previous_crt = crt
      previous_crt_pem = crt_pem
      previous_key = key
    self._ca_key_pairs_list = ca_key_pair_list
@@ -384,7 +379,6 @@ class CertificateAuthority(object):
        encipher_only = decipher_only = False
      builder = builder.add_extension(
        x509.KeyUsage(
-          # pylint: disable=bad-whitespace
          digital_signature =key_usage.digital_signature,
          content_commitment=key_usage.content_commitment,
          key_encipherment  =key_usage.key_encipherment,
@@ -394,7 +388,6 @@ class CertificateAuthority(object):
          crl_sign          =False,
          encipher_only     =encipher_only,
          decipher_only     =decipher_only,
-          # pylint: enable=bad-whitespace
        ),
        # "SHOULD mark this extension critical"
        critical=key_usage_extension.critical,
@@ -532,7 +525,6 @@ class CertificateAuthority(object):
            ),
            Extension(
              x509.KeyUsage(
-                # pylint: disable=bad-whitespace
                digital_signature =False,
                content_commitment=False,
                key_encipherment  =False,
@@ -542,7 +534,6 @@ class CertificateAuthority(object):
                crl_sign          =True,
                encipher_only     =False,
                decipher_only     =False,
-                # pylint: enable=bad-whitespace
              ),
              critical=True, # "SHOULD mark this extension critical"
            ),

--- a/caucase/http.py
+++ b/caucase/http.py
@@ -366,7 +366,6 @@ def getSSLContext(
          extensions=[
            Extension(
              x509.KeyUsage(
-                # pylint: disable=bad-whitespace
                digital_signature =True,
                content_commitment=False,
                key_encipherment  =True,
@@ -376,7 +375,6 @@ def getSSLContext(
                crl_sign          =False,
                encipher_only     =False,
                decipher_only     =False,
-                # pylint: enable=bad-whitespace
              ),
              critical=True,
            ),

--- a/caucase/test.py
+++ b/caucase/test.py
@@ -336,23 +336,19 @@ class CaucaseTest(unittest.TestCase):
    self._client_dir = client_dir = os.path.join(data_dir, 'client')
    os.mkdir(client_dir)
-    # pylint: disable=bad-whitespace
    self._client_ca_crt      = os.path.join(client_dir, 'cas.crt.pem')
    self._client_ca_dir      = os.path.join(client_dir, 'cas_crt')
    self._client_user_ca_crt = os.path.join(client_dir, 'cau.crt.pem')
    self._client_crl         = os.path.join(client_dir, 'cas.crl.pem')
    self._client_user_crl    = os.path.join(client_dir, 'cau.crl.pem')
-    # pylint: enable=bad-whitespace
    self._server_event = threading.Event()
    self._server_dir = server_dir = os.path.join(data_dir, 'server')
    os.mkdir(server_dir)
-    # pylint: disable=bad-whitespace
    self._server_db          = os.path.join(server_dir, 'caucase.sqlite')
    self._server_key         = os.path.join(server_dir, 'server.key.pem')
    self._server_backup_path = os.path.join(server_dir, 'backup')
    self._server_cors_store  = os.path.join(server_dir, 'cors.key')
-    # pylint: enable=bad-whitespace
    # Using a BytesIO for caucased output here, because stdout/stderr do not
    # necessarily have a known encoding, for example when output is a pipe
    # (to a file, ...). caucased must deal with this.
@@ -447,7 +443,6 @@ class CaucaseTest(unittest.TestCase):
        ),
        Extension(
          x509.KeyUsage(
-            # pylint: disable=bad-whitespace
            digital_signature =False,
            content_commitment=False,
            key_encipherment  =False,
@@ -457,7 +452,6 @@ class CaucaseTest(unittest.TestCase):
            crl_sign          =True,
            encipher_only     =False,
            decipher_only     =False,
-            # pylint: enable=bad-whitespace
          ),
          critical=True, # "SHOULD mark this extension critical"
        ),
@@ -499,7 +493,6 @@ class CaucaseTest(unittest.TestCase):
      extensions=[
        Extension(
          x509.KeyUsage(
-            # pylint: disable=bad-whitespace
            digital_signature =True,
            content_commitment=False,
            key_encipherment  =True,
@@ -509,7 +502,6 @@ class CaucaseTest(unittest.TestCase):
            crl_sign          =False,
            encipher_only     =False,
            decipher_only     =False,
-            # pylint: enable=bad-whitespace
          ),
          critical=True,
        ),
@@ -1305,7 +1297,6 @@ class CaucaseTest(unittest.TestCase):
        )
        self.assertTrue(extension.critical)
    requested_key_usage = x509.KeyUsage(
-      # pylint: disable=bad-whitespace
      digital_signature =True,
      content_commitment=True,
      key_encipherment  =True,
@@ -1315,10 +1306,8 @@ class CaucaseTest(unittest.TestCase):
      crl_sign          =True,
      encipher_only     =True,
      decipher_only     =False,
-      # pylint: enable=bad-whitespace
    )
    expected_key_usage = x509.KeyUsage(
-      # pylint: disable=bad-whitespace
      digital_signature =True,
      content_commitment=True,
      key_encipherment  =True,
@@ -1328,7 +1317,6 @@ class CaucaseTest(unittest.TestCase):
      crl_sign          =False,
      encipher_only     =True,
      decipher_only     =False,
-      # pylint: enable=bad-whitespace
    )
    requested_extended_usage = x509.ExtendedKeyUsage([
      x509.oid.ExtendedKeyUsageOID.OCSP_SIGNING,

--- a/caucase/utils.py
+++ b/caucase/utils.py
@@ -349,7 +349,11 @@ def _verifyCertificateChain(cert, trusted_cert_list, crl):
  # seems to be a rare implementation of it, so we keep using this module.
  # BUT it MUST NOT be used anywhere outside this function (hence the
  # bad-style local import). Use "cryptography".
+  # Also, older pylint (last version suppoting 2.7 ?) does not support
+  # import-outside-toplevel but does not detect anything wrong here.
+  # pylint: disable=bad-option-value, import-outside-toplevel
  from OpenSSL import crypto
+  # pylint: enable=import-outside-toplevel, bad-option-value
  store = crypto.X509Store()
  assert trusted_cert_list
  for trusted_cert in trusted_cert_list:

--- a/caucase/wsgi.py
+++ b/caucase/wsgi.py
@@ -36,12 +36,12 @@ import jwt
 from . import utils
 from . import exceptions
-# pylint: disable=import-error
+# pylint: disable=import-error,no-name-in-module
 if sys.version_info >= (3, ): # pragma: no cover
  from html import escape
 else: # pragma: no cover
  from cgi import escape
-# pylint: enable=import-error
+# pylint: enable=import-error,no-name-in-module
 __all__ = ('Application', 'CORSTokenManager')
@@ -172,9 +172,16 @@ class InsufficientStorage(ApplicationError):
  """
  No storage slot available (not necessarily out of disk space)
  """
-  # httplib lacks the textual description for 507, although it has the
+  # python2.7's httplib lacks the textual description for 507, although it
-  # constant...
+  # has the constant.
+  # And modern pylint on python3 complain that
+  # http.client.INSUFFICIENT_STORAGE, an enum item, is not suitable for %i
+  # (spoiler: it is suitable).
+  # Also, older pylint (last version suppoting 2.7 ?) does not support
+  # bad-string-format-type but does not detect anything wrong here.
+  # pylint: disable=bad-option-value, bad-string-format-type
  status = '%i Insufficient Storage' % (httplib.INSUFFICIENT_STORAGE, )
+  # pylint: enable=bad-string-format-type, bad-option-value
 STATUS_OK = _getStatus(httplib.OK)
 STATUS_CREATED = _getStatus(httplib.CREATED)
@@ -876,10 +883,11 @@ class Application(object):
      'application/hal+json',
    )
-  def getCORSForm(self, context, environ): # pylint: disable=unused-argument
+  def getCORSForm(self, context, environ):
    """
    Handle GET /cors .
    """
+    _ = context # Silence pylint
    if environ['wsgi.url_scheme'] != 'https':
      return (
        STATUS_FOUND,
@@ -910,10 +918,11 @@ class Application(object):
      ],
    )
-  def postCORSForm(self, context, environ): # pylint: disable=unused-argument
+  def postCORSForm(self, context, environ):
    """
    Handle POST /cors .
    """
+    _ = context # Silence pylint
    if environ['wsgi.url_scheme'] != 'https':
      raise NotFound
    if environ.get('CONTENT_TYPE') != 'application/x-www-form-urlencoded':
@@ -1009,41 +1018,31 @@ class Application(object):
      raise NotFound
    return (STATUS_NO_CONTENT, header_list, [])
-  def getCACertificate(
+  def getCACertificate(self, context, environ):
-    self,
-    context,
-    environ,
-  ): # pylint: disable=unused-argument
    """
    Handle GET /{context}/crt/ca.crt.pem urls.
    """
+    _ = environ # Silence pylint
    return self._returnFile(
      context.getCACertificate(),
      'application/x-x509-ca-cert',
    )
-  def getCACertificateChain(
+  def getCACertificateChain(self, context, environ):
-    self,
-    context,
-    environ,
-  ): # pylint: disable=unused-argument
    """
    Handle GET /{context}/crt/ca.crt.json urls.
    """
+    _ = environ # Silence pylint
    return self._returnFile(
      json.dumps(context.getValidCACertificateChain()).encode('utf-8'),
      'application/json',
    )
-  def getCertificate(
+  def getCertificate(self, context, environ, subpath):
-    self,
-    context,
-    environ,
-    subpath,
-  ): # pylint: disable=unused-argument
    """
    Handle GET /{context}/crt/{crt_id} urls.
    """
+    _ = environ # Silence pylint
    return self._returnFile(
      context.getCertificate(self._getCSRID(subpath)),
      'application/pkix-cert',