https://git.schokokeks.org/derivepassphrase.git/tree/95dfb499153eb2665384db352331550f5c9f8f0b Recent commits to derivepassphrase.git (95dfb499153eb2665384db352331550f5c9f8f0b) 2026-07-03T21:50:35+02:00 tag:gitlist.org,2012:commit/95dfb499153eb2665384db352331550f5c9f8f0b Fix tiny mistakes across the test suite 2026-07-03T21:50:35+02:00 Marco Ricci software@the13thletter.info <pre>Typos, unwise variable names, and redundancies in the test logic or arguments. &lt;/pre&gt; tag:gitlist.org,2012:commit/6d48281bdbd4485bc9d49736927805f2a7228140 Update tooling (mypy/pyrefly, mkdocstrings overrides) 2026-06-24T18:35:06+02:00 Marco Ricci software@the13thletter.info <pre>Add a pyrefly configuration, which newer versions of hatch and VS Code prefer over mypy. Fix violations that pyrefly complains about, but mypy doesn't, e.g., `del (list_of_variables)`. Remove unnecessary casts -- pyrefly warns on those, but mypy doesn't -- and document those necessary casts explicitly, even if they are a tool deficiency (usually mypy). Conversely, add conversions or tighter type bounds where necessary, usually when interacting with third-party libraries that use too lax typing because mypy doesn't complain (cryptography, click). To be fair, I have caused my fair share of those as well. Finally, fix the "devsetup" mkdocs configuration that should have been showing private members in the API documentation (if document), but wasn't. &lt;/pre&gt; tag:gitlist.org,2012:commit/608b6108f8e6a854e2e0b99d6bec478141ce0896 Run the vault utility `key_to_phrase` tests against the stub SSH agent 2026-06-22T15:03:49+02:00 Marco Ricci software@the13thletter.info <pre>The `key_to_phrase` vault utitilies test set checks the various error conditions that can occur when obtaining an equivalent vault master passphrase from a master SSH key. The test has 10 parametrization instances, and used to run against the `ssh_agent_client_with_test_keys_loaded` fixture, which currently has 8 parametrization instances, making for a total of 80 tests attempted. However, the tests either focus on construction failures or they inject fake agent responses into the client, so in all 80 cases, there is no actual I/O occurring with the agent. For the 5 external agents (the first 50 cases), this is wasteful, and for the 3 internal agents (the remaining 30 cases), the results are identical among them. So cut this down to testing against 1 of the internal agents (the stubbed SSH agent with address support), for a total of 10 test cases, none of which involve external I/O. As a bonus, because the remaining internal agent is guaranteed reentrant, we can do away with the parametrization instance distinction between construction failures and other failures, and with the special handling of potentially non-reentrant agents. To make this work, because some tests simulate broken support for system-specific SSH agent socket providers, our setup code needs to force the use of the respective provider. As a result, only the `UNSET_PROVIDERS`, `UNSET_AF_UNIX_AND_ENSURE_USE`, `UNSET_NATIVE_AND_ENSURE_USE` and `UNSET_WINDLL_AND_ENSURE_USE` constants from our `SystemSupportAction` enum are still in use, the `UNSET_AF_UNIX`, `UNSET_NATIVE` and `UNSET_WINDLL` constants are not. We retire those constants, and remove the "skip the test if that provider is not currently in use" machinery associated with those constants. The remaining "ensure use" machinery is short enough that it can then be inlined at the call sites. &lt;/pre&gt; tag:gitlist.org,2012:commit/c930819d63ed7a9c38ed146716b1db3f8395dba6 Add a pytest marker for external SSH agent use 2026-06-21T22:00:04+02:00 Marco Ricci software@the13thletter.info <pre>This allows finding tests which use external SSH agents more easily, so that they may be better evaluated for necessity of such agent use. &lt;/pre&gt; tag:gitlist.org,2012:commit/e8e4a63dcca200af6cc4d570d7202d6f38b660ea Run vault CLI config management tests against the stub agent where possible 2026-06-21T21:02:26+02:00 Marco Ricci software@the13thletter.info <pre>Several tests for the `vault` CLI check for failures when storing or retrieving a selected SSH key to/from the `vault` settings file. These tests used to run against every known SSH agent, separately, but not truly interact with the agent at all, because all high-level interaction was stubbed out to return error responses anyway. For externally spawned or interfaced SSH agents, this is wasteful. So we now restrict these tests to run against the stubbed agent, which is specifically designed for these purposes. Half of these tests previously falsely claimed that they don't actually need an external agent; now, they no longer lie. The other half never made any claims; now, they do. There may be other tests that request external SSH agents but don't actually require them, but this is somewhat hard to discover exhaustively. These tests were an obvious first group of tests that could be fixed in one go. Other groups (if any) will be left to future commits. &lt;/pre&gt; tag:gitlist.org,2012:commit/958669d2bf797c45408d7f6ffa4c571b81385a1b Use the stub agent for SSH agent client communications faking 2026-06-20T14:39:49+02:00 Marco Ricci software@the13thletter.info <pre>Instead of stubbing all I/O to the stub agent ourselves, use the stub agent's facilities for this. &lt;/pre&gt; tag:gitlist.org,2012:commit/b76c2afc68fd4e0a5164fa9ff258470be947d5e2 Harmonize tests for missing SSH agent communication support 2026-06-20T13:58:03+02:00 Marco Ricci software@the13thletter.info <pre>Use a common parameter set and a common monkeypatching setup. At the moment, this is done by copy-pasting the parametrization and setup code, but this could feasibly be abstracted into a common testing function and common parameter set within the `tests.data` and `tests.data.callables` modules. &lt;/pre&gt; tag:gitlist.org,2012:commit/bad75d455d6e170c20b0405ead16fa732de727e3 Reformat recent test changes for consistent style 2026-06-20T11:36:36+02:00 Marco Ricci software@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/f797d5074181fc4d5a35f04367784543249315e4 Type generators explicitly as generators, not iterators 2026-06-19T22:40:11+02:00 Marco Ricci software@the13thletter.info <pre>For compatibility with `contextlib.contextmanager`, and because it is the more specific type, we annotate generators as `Generator[T, None, None]`, not as `Iterator[T]`. In January 2026, typeshed started shipping type annotations for the Python standard library that deprecate the use of `contextlib.contextmanager` with general functions returning `Iterator[T]`. `contextlib.contextmanager` actually requires a `Generator[T, None, None]` to work, but the `contextlib` and the `typing` documentation has been erroneously suggesting the `Iterator[T]` type as a "shorthand" notation for years. For `contextlib.contextmanager`, the difference matters. So, re-annotate everything explicitly with generators (when producing) or iterables (when consuming), whichever is appropriate. &lt;/pre&gt; tag:gitlist.org,2012:commit/3a69028fe108068a7c7ba6e0cdeeefc18df56e7d Refactor the (SSH agent) testing machinery tests for modularity 2026-06-19T21:31:13+02:00 Marco Ricci software@the13thletter.info <pre>Use pytest parametrization and hypothesis randomization systematically: tests that have exhaustive configurations or error conditions use pytest parametrization, tests with whole classes of configurations or error conditions use hypothesis randomization. Consolidate tests that test the same thing, but under different circumstances, into pytest parametrized tests. Also, use class inheritance to share helper functions for setting up the stub agent environment across all relevant test groups. Consolidating tests usually involves variants of a test for different variants of the stubbed agent. Converting pytest parametrization to a hypothesis strategy usually means settling for a `strategies.sampled_from(existing_parameter_set)` implementation and leaving any smarter generation logic to future edits. &lt;/pre&gt;