[build-system]
# hatchling pinned for reproducibility: version should be kept up-to-date
requires = ["hatchling==1.13.0"]
build-backend = "hatchling.build"

[project]
name = "tuf"
description = "A secure updater framework for Python"
readme = "README.md"
license = { text = "MIT OR Apache-2.0" }
requires-python = ">=3.7"
authors = [
  { email = "theupdateframework@googlegroups.com" },
]
keywords = [
  "authentication",
  "compromise",
  "key",
  "revocation",
  "secure",
  "update",
  "updater",
]
classifiers = [
  "Development Status :: 5 - Production/Stable",
  "Intended Audience :: Developers",
  "License :: OSI Approved :: Apache Software License",
  "License :: OSI Approved :: MIT License",
  "Natural Language :: English",
  "Operating System :: MacOS :: MacOS X",
  "Operating System :: Microsoft :: Windows",
  "Operating System :: POSIX",
  "Operating System :: POSIX :: Linux",
  "Programming Language :: Python",
  "Programming Language :: Python :: 3",
  "Programming Language :: Python :: 3.7",
  "Programming Language :: Python :: 3.8",
  "Programming Language :: Python :: 3.9",
  "Programming Language :: Python :: 3.10",
  "Programming Language :: Python :: 3.11",
  "Programming Language :: Python :: Implementation :: CPython",
  "Topic :: Security",
  "Topic :: Software Development",
]
dependencies = [
  "requests>=2.19.1",
  "securesystemslib>=0.26.0",
]
dynamic = ["version"]

[project.urls]
Documentation = "https://theupdateframework.readthedocs.io/en/stable/"
Homepage = "https://www.updateframework.com"
Issues = "https://github.com/theupdateframework/python-tuf/issues"
Source = "https://github.com/theupdateframework/python-tuf"

[tool.hatch.version]
path = "tuf/__init__.py"

[tool.hatch.build.targets.sdist]
include = [
  "/docs",
  "/examples",
  "/tests",
  "/tuf",
  "/requirements",
  "/tox.ini",
  "/setup.py",
]

[tool.hatch.build.targets.wheel]
# The testing phase changes the current working directory to `tests` but the test scripts import
# from `tests` so the root directory must be added to Python's path for editable installations
dev-mode-dirs = ["."]

# Black section
# Read more here: https://black.readthedocs.io/en/stable/usage_and_configuration/the_basics.html#configuration-via-a-file
[tool.black]
line-length=80

# Isort section
# Read more here: https://pycqa.github.io/isort/docs/configuration/config_files.html
[tool.isort]
profile="black"
line_length=80
known_first_party = ["tuf"]

# Pylint section

# Minimal pylint configuration file for Secure Systems Lab Python Style Guide:
#     https://github.com/secure-systems-lab/code-style-guidelines
#
# Based on Google Python Style Guide pylintrc and pylint defaults:
#     https://google.github.io/styleguide/pylintrc
#     http://pylint.pycqa.org/en/latest/technical_reference/features.html

[tool.pylint.message_control]
# Disable the message, report, category or checker with the given id(s).
# NOTE: To keep this config as short as possible we only disable checks that
# are currently in conflict with our code. If new code displeases the linter
# (for good reasons) consider updating this config file, or disable checks with.
disable=[
  "fixme",
  "too-few-public-methods",
  "too-many-arguments",
  "format",
  "duplicate-code"
]

[tool.pylint.basic]
good-names = ["i","j","k","v","e","f","fn","fp","_type","_"]
# Regexes for allowed names are copied from the Google pylintrc
# NOTE: Pylint captures regex name groups such as 'snake_case' or 'camel_case'.
# If there are multiple groups it enfoces the prevalent naming style inside
# each modules. Names in the exempt capturing group are ignored.
function-rgx="^(?:(?P<exempt>setUp|tearDown|setUpModule|tearDownModule)|(?P<camel_case>_?[A-Z][a-zA-Z0-9]*)|(?P<snake_case>_?[a-z][a-z0-9_]*))$"
method-rgx="(?x)^(?:(?P<exempt>_[a-z0-9_]+__|runTest|setUp|tearDown|setUpTestCase|tearDownTestCase|setupSelf|tearDownClass|setUpClass|(test|assert)_*[A-Z0-9][a-zA-Z0-9_]*|next)|(?P<camel_case>_{0,2}[A-Z][a-zA-Z0-9_]*)|(?P<snake_case>_{0,2}[a-z][a-z0-9_]*))$"
argument-rgx="^[a-z][a-z0-9_]*$"
attr-rgx="^_{0,2}[a-z][a-z0-9_]*$"
class-attribute-rgx="^(_?[A-Z][A-Z0-9_]*|__[a-z0-9_]+__|_?[a-z][a-z0-9_]*)$"
class-rgx="^_?[A-Z][a-zA-Z0-9]*$"
const-rgx="^(_?[A-Z][A-Z0-9_]*|__[a-z0-9_]+__|_?[a-z][a-z0-9_]*)$"
inlinevar-rgx="^[a-z][a-z0-9_]*$"
module-rgx="^(_?[a-z][a-z0-9_]*|__init__)$"
no-docstring-rgx="(__.*__|main|test.*|.*test|.*Test)$"
variable-rgx="^[a-z][a-z0-9_]*$"
docstring-min-length=10

[tool.pylint.logging]
logging-format-style="old"

[tool.pylint.miscellaneous]
notes="TODO"

[tool.pylint.STRING]
check-quote-consistency="yes"

# mypy section
# Read more here: https://mypy.readthedocs.io/en/stable/config_file.html#using-a-pyproject-toml-file
[tool.mypy]
warn_unused_configs = "True"
warn_redundant_casts = "True"
warn_unused_ignores = "True"
warn_unreachable = "True"
strict_equality = "True"
disallow_untyped_defs = "True"
disallow_untyped_calls = "True"
show_error_codes = "True"
disable_error_code = ["attr-defined"]

[[tool.mypy.overrides]]
module = [
  "requests.*",
  "securesystemslib.*",
]
ignore_missing_imports = "True"

[tool.pydocstyle]
inherit = false
ignore = "D400,D415,D213,D205,D202,D107,D407,D413,D212,D104,D406,D105,D411,D401,D200,D203"