Blacken!

README.rst

@@ -10,6 +10,10 @@ Amazon DynamoDB Encryption Client for Python
    :target: https://pypi.org/project/dynamodb-encryption-sdk
    :alt: Supported Python Versions
 
+.. image:: https://img.shields.io/badge/code_style-black-000000.svg
+   :target: https://github.com/ambv/black
+   :alt: Code style: black
+
 .. image:: https://readthedocs.org/projects/aws-dynamodb-encryption-python/badge/?version=latest
    :target: http://aws-dynamodb-encryption-python.readthedocs.io/en/latest/?badge=latest
    :alt: Documentation Status

doc/conf.py

@@ -1,70 +1,76 @@
 # pylint: disable=invalid-name
 """Sphinx configuration."""
-from datetime import datetime
 import io
 import os
 import re
+from datetime import datetime
 
-VERSION_RE = re.compile(r'''__version__ = ['"]([0-9.]+)['"]''')
+VERSION_RE = re.compile(r"""__version__ = ['"]([0-9.]+)['"]""")
 HERE = os.path.abspath(os.path.dirname(__file__))
 
 
 def read(*args):
     """Reads complete file contents."""
-    return io.open(os.path.join(HERE, *args), encoding='utf-8').read()
+    return io.open(os.path.join(HERE, *args), encoding="utf-8").read()
 
 
 def get_release():
     """Reads the release (full three-part version number) from this module."""
-    init = read('..', 'src', 'dynamodb_encryption_sdk', 'identifiers.py')
+    init = read("..", "src", "dynamodb_encryption_sdk", "identifiers.py")
     return VERSION_RE.search(init).group(1)
 
 
 def get_version():
     """Reads the version (MAJOR.MINOR) from this module."""
     _release = get_release()
-    split_version = _release.split('.')
+    split_version = _release.split(".")
     if len(split_version) == 3:
-        return '.'.join(split_version[:2])
+        return ".".join(split_version[:2])
     return _release
 
 
-project = u'dynamodb-encryption-sdk-python'
+project = u"dynamodb-encryption-sdk-python"
 version = get_version()
 release = get_release()
 
 # Add any Sphinx extension module names here, as strings. They can be extensions
 # coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
-extensions = ['sphinx.ext.autodoc', 'sphinx.ext.doctest',
-              'sphinx.ext.intersphinx', 'sphinx.ext.todo',
-              'sphinx.ext.coverage', 'sphinx.ext.autosummary',
-              'sphinx.ext.napoleon', 'sphinx.ext.viewcode']
+extensions = [
+    "sphinx.ext.autodoc",
+    "sphinx.ext.doctest",
+    "sphinx.ext.intersphinx",
+    "sphinx.ext.todo",
+    "sphinx.ext.coverage",
+    "sphinx.ext.autosummary",
+    "sphinx.ext.napoleon",
+    "sphinx.ext.viewcode",
+]
 napoleon_include_special_with_doc = False
 
 # Add any paths that contain templates here, relative to this directory.
-templates_path = ['_templates']
+templates_path = ["_templates"]
 
-source_suffix = '.rst'  # The suffix of source filenames.
-master_doc = 'index'  # The master toctree document.
+source_suffix = ".rst"  # The suffix of source filenames.
+master_doc = "index"  # The master toctree document.
 
-copyright = u'%s, Amazon' % datetime.now().year  # pylint: disable=redefined-builtin
+copyright = u"%s, Amazon" % datetime.now().year  # pylint: disable=redefined-builtin
 
 # List of directories, relative to source directory, that shouldn't be searched
 # for source files.
-exclude_trees = ['_build']
+exclude_trees = ["_build"]
 
-pygments_style = 'sphinx'
+pygments_style = "sphinx"
 
 autoclass_content = "both"
-autodoc_default_flags = ['show-inheritance', 'members']
-autodoc_member_order = 'bysource'
+autodoc_default_flags = ["show-inheritance", "members"]
+autodoc_member_order = "bysource"
 
-html_theme = 'sphinx_rtd_theme'
-html_static_path = ['_static']
-htmlhelp_basename = '%sdoc' % project
+html_theme = "sphinx_rtd_theme"
+html_static_path = ["_static"]
+htmlhelp_basename = "%sdoc" % project
 
 # Example configuration for intersphinx: refer to the Python standard library.
-intersphinx_mapping = {'python': ('http://docs.python.org/', None)}
+intersphinx_mapping = {"python": ("http://docs.python.org/", None)}
 
 # autosummary
 autosummary_generate = True

examples/src/aws_kms_encrypted_client.py

@@ -12,6 +12,7 @@
 # language governing permissions and limitations under the License.
 """Example showing use of AWS KMS CMP with EncryptedClient."""
 import boto3
+
 from dynamodb_encryption_sdk.encrypted.client import EncryptedClient
 from dynamodb_encryption_sdk.identifiers import CryptoAction
 from dynamodb_encryption_sdk.material_providers.aws_kms import AwsKmsCryptographicMaterialsProvider
@@ -20,51 +21,41 @@
 
 def encrypt_item(table_name, aws_cmk_id):
     """Demonstrate use of EncryptedClient to transparently encrypt an item."""
-    index_key = {
-        'partition_attribute': {'S': 'is this'},
-        'sort_attribute': {'N': '55'}
-    }
+    index_key = {"partition_attribute": {"S": "is this"}, "sort_attribute": {"N": "55"}}
     plaintext_item = {
-        'example': {'S': 'data'},
-        'some numbers': {'N': '99'},
-        'and some binary': {'B': b'\x00\x01\x02'},
-        'leave me': {'S': 'alone'}  # We want to ignore this attribute
+        "example": {"S": "data"},
+        "some numbers": {"N": "99"},
+        "and some binary": {"B": b"\x00\x01\x02"},
+        "leave me": {"S": "alone"},  # We want to ignore this attribute
     }
     # Collect all of the attributes that will be encrypted (used later).
     encrypted_attributes = set(plaintext_item.keys())
-    encrypted_attributes.remove('leave me')
+    encrypted_attributes.remove("leave me")
     # Collect all of the attributes that will not be encrypted (used later).
     unencrypted_attributes = set(index_key.keys())
-    unencrypted_attributes.add('leave me')
+    unencrypted_attributes.add("leave me")
     # Add the index pairs to the item.
     plaintext_item.update(index_key)
 
     # Create a normal client.
-    client = boto3.client('dynamodb')
+    client = boto3.client("dynamodb")
     # Create a crypto materials provider using the specified AWS KMS key.
     aws_kms_cmp = AwsKmsCryptographicMaterialsProvider(key_id=aws_cmk_id)
     # Create attribute actions that tells the encrypted client to encrypt all attributes except one.
     actions = AttributeActions(
-        default_action=CryptoAction.ENCRYPT_AND_SIGN,
-        attribute_actions={
-            'leave me': CryptoAction.DO_NOTHING
-        }
+        default_action=CryptoAction.ENCRYPT_AND_SIGN, attribute_actions={"leave me": CryptoAction.DO_NOTHING}
     )
     # Use these objects to create an encrypted client.
-    encrypted_client = EncryptedClient(
-        client=client,
-        materials_provider=aws_kms_cmp,
-        attribute_actions=actions
-    )
+    encrypted_client = EncryptedClient(client=client, materials_provider=aws_kms_cmp, attribute_actions=actions)
 
     # Put the item to the table, using the encrypted client to transparently encrypt it.
     encrypted_client.put_item(TableName=table_name, Item=plaintext_item)
 
     # Get the encrypted item using the standard client.
-    encrypted_item = client.get_item(TableName=table_name, Key=index_key)['Item']
+    encrypted_item = client.get_item(TableName=table_name, Key=index_key)["Item"]
 
     # Get the item using the encrypted client, transparently decyrpting it.
-    decrypted_item = encrypted_client.get_item(TableName=table_name, Key=index_key)['Item']
+    decrypted_item = encrypted_client.get_item(TableName=table_name, Key=index_key)["Item"]
 
     # Verify that all of the attributes are different in the encrypted item
     for name in encrypted_attributes:
@@ -82,28 +73,16 @@ def encrypt_item(table_name, aws_cmk_id):
 def encrypt_batch_items(table_name, aws_cmk_id):
     """Demonstrate use of EncryptedClient to transparently encrypt multiple items in a batch request."""
     index_keys = [
-        {
-            'partition_attribute': {'S': 'is this'},
-            'sort_attribute': {'N': '55'}
-        },
-        {
-            'partition_attribute': {'S': 'is this'},
-            'sort_attribute': {'N': '56'}
-        },
-        {
-            'partition_attribute': {'S': 'is this'},
-            'sort_attribute': {'N': '57'}
-        },
-        {
-            'partition_attribute': {'S': 'another'},
-            'sort_attribute': {'N': '55'}
-        }
+        {"partition_attribute": {"S": "is this"}, "sort_attribute": {"N": "55"}},
+        {"partition_attribute": {"S": "is this"}, "sort_attribute": {"N": "56"}},
+        {"partition_attribute": {"S": "is this"}, "sort_attribute": {"N": "57"}},
+        {"partition_attribute": {"S": "another"}, "sort_attribute": {"N": "55"}},
     ]
     plaintext_additional_attributes = {
-        'example': {'S': 'data'},
-        'some numbers': {'N': '99'},
-        'and some binary': {'B': b'\x00\x01\x02'},
-        'leave me': {'S': 'alone'}  # We want to ignore this attribute
+        "example": {"S": "data"},
+        "some numbers": {"N": "99"},
+        "and some binary": {"B": b"\x00\x01\x02"},
+        "leave me": {"S": "alone"},  # We want to ignore this attribute
     }
     plaintext_items = []
     for key in index_keys:
@@ -113,43 +92,34 @@ def encrypt_batch_items(table_name, aws_cmk_id):
 
     # Collect all of the attributes that will be encrypted (used later).
     encrypted_attributes = set(plaintext_additional_attributes.keys())
-    encrypted_attributes.remove('leave me')
+    encrypted_attributes.remove("leave me")
     # Collect all of the attributes that will not be encrypted (used later).
     unencrypted_attributes = set(index_keys[0].keys())
-    unencrypted_attributes.add('leave me')
+    unencrypted_attributes.add("leave me")
 
     # Create a normal client.
-    client = boto3.client('dynamodb')
+    client = boto3.client("dynamodb")
     # Create a crypto materials provider using the specified AWS KMS key.
     aws_kms_cmp = AwsKmsCryptographicMaterialsProvider(key_id=aws_cmk_id)
     # Create attribute actions that tells the encrypted client to encrypt all attributes except one.
     actions = AttributeActions(
-        default_action=CryptoAction.ENCRYPT_AND_SIGN,
-        attribute_actions={
-            'leave me': CryptoAction.DO_NOTHING
-        }
+        default_action=CryptoAction.ENCRYPT_AND_SIGN, attribute_actions={"leave me": CryptoAction.DO_NOTHING}
     )
     # Use these objects to create an encrypted client.
-    encrypted_client = EncryptedClient(
-        client=client,
-        materials_provider=aws_kms_cmp,
-        attribute_actions=actions
-    )
+    encrypted_client = EncryptedClient(client=client, materials_provider=aws_kms_cmp, attribute_actions=actions)
 
     # Put the items to the table, using the encrypted client to transparently encrypt them.
-    encrypted_client.batch_write_item(RequestItems={
-        table_name: [{'PutRequest': {'Item': item}} for item in plaintext_items]
-    })
+    encrypted_client.batch_write_item(
+        RequestItems={table_name: [{"PutRequest": {"Item": item}} for item in plaintext_items]}
+    )
 
     # Get the encrypted item using the standard client.
-    encrypted_items = client.batch_get_item(
-        RequestItems={table_name: {'Keys': index_keys}}
-    )['Responses'][table_name]
+    encrypted_items = client.batch_get_item(RequestItems={table_name: {"Keys": index_keys}})["Responses"][table_name]
 
     # Get the item using the encrypted client, transparently decyrpting it.
-    decrypted_items = encrypted_client.batch_get_item(
-        RequestItems={table_name: {'Keys': index_keys}}
-    )['Responses'][table_name]
+    decrypted_items = encrypted_client.batch_get_item(RequestItems={table_name: {"Keys": index_keys}})["Responses"][
+        table_name
+    ]
 
     def _select_index_from_item(item):
         """Find the index keys that match this item."""
@@ -178,6 +148,6 @@ def _select_item_from_index(index, all_items):
             assert decrypted_item[name] == encrypted_item[name] == plaintext_item[name]
 
     # Clean up the item
-    encrypted_client.batch_write_item(RequestItems={
-        table_name: [{'DeleteRequest': {'Key': key}} for key in index_keys]
-    })
+    encrypted_client.batch_write_item(
+        RequestItems={table_name: [{"DeleteRequest": {"Key": key}} for key in index_keys]}
+    )

examples/src/aws_kms_encrypted_item.py

@@ -13,6 +13,7 @@
 """Example showing use of AWS KMS CMP with item encryption functions directly."""
 import boto3
 from boto3.dynamodb.types import Binary
+
 from dynamodb_encryption_sdk.encrypted import CryptoConfig
 from dynamodb_encryption_sdk.encrypted.item import decrypt_python_item, encrypt_python_item
 from dynamodb_encryption_sdk.identifiers import CryptoAction
@@ -23,27 +24,24 @@
 
 def encrypt_item(table_name, aws_cmk_id):
     """Demonstrate use of EncryptedTable to transparently encrypt an item."""
-    index_key = {
-        'partition_attribute': 'is this',
-        'sort_attribute': 55
-    }
+    index_key = {"partition_attribute": "is this", "sort_attribute": 55}
     plaintext_item = {
-        'example': 'data',
-        'some numbers': 99,
-        'and some binary': Binary(b'\x00\x01\x02'),
-        'leave me': 'alone'  # We want to ignore this attribute
+        "example": "data",
+        "some numbers": 99,
+        "and some binary": Binary(b"\x00\x01\x02"),
+        "leave me": "alone",  # We want to ignore this attribute
     }
     # Collect all of the attributes that will be encrypted (used later).
     encrypted_attributes = set(plaintext_item.keys())
-    encrypted_attributes.remove('leave me')
+    encrypted_attributes.remove("leave me")
     # Collect all of the attributes that will not be encrypted (used later).
     unencrypted_attributes = set(index_key.keys())
-    unencrypted_attributes.add('leave me')
+    unencrypted_attributes.add("leave me")
     # Add the index pairs to the item.
     plaintext_item.update(index_key)
 
     # Create a normal table resource.
-    table = boto3.resource('dynamodb').Table(table_name)
+    table = boto3.resource("dynamodb").Table(table_name)
 
     # Use the TableInfo helper to collect information about the indexes.
     table_info = TableInfo(name=table_name)
@@ -60,24 +58,21 @@ def encrypt_item(table_name, aws_cmk_id):
         # are the primary index attributes.
         # These attributes need to be in the form of a DynamoDB JSON structure, so first
         # convert the standard dictionary.
-        attributes=dict_to_ddb(index_key)
+        attributes=dict_to_ddb(index_key),
     )
 
     # Create attribute actions that tells the encrypted table to encrypt all attributes,
     # only sign the primary index attributes, and ignore the one identified attribute to
     # ignore.
     actions = AttributeActions(
-        default_action=CryptoAction.ENCRYPT_AND_SIGN,
-        attribute_actions={'leave me': CryptoAction.DO_NOTHING}
+        default_action=CryptoAction.ENCRYPT_AND_SIGN, attribute_actions={"leave me": CryptoAction.DO_NOTHING}
     )
     actions.set_index_keys(*table_info.protected_index_keys())
 
     # Build the crypto config to use for this item.
     # When using the higher-level helpers, this is handled for you.
     crypto_config = CryptoConfig(
-        materials_provider=aws_kms_cmp,
-        encryption_context=encryption_context,
-        attribute_actions=actions
+        materials_provider=aws_kms_cmp, encryption_context=encryption_context, attribute_actions=actions
     )
 
     # Encrypt the plaintext item directly