Smoosh lintage

pre-commit: disable WPS332

This action runs on Python 3.11.

more lintage

Disable WPS326; ignore a WPS504.

ignore WPS462

Produces poor suggestions here.

oidc-exchange: simplify

oidc-exchange: noqa -> pylint disable

oidc-exchange: add-trailing-comma fixes

Author: woodruffw

.pre-commit-config.yaml

@@ -110,6 +110,8 @@ repos:
       WPS110,
       WPS111,
       WPS305,
+      WPS326,
+      WPS332,
       WPS347,
       WPS360,
       WPS421,
@@ -120,6 +122,7 @@ repos:
       WPS440,
       WPS441,
       WPS453,
+      WPS462,
     - --select
     - WPS
     additional_dependencies:

oidc-exchange.py

@@ -5,12 +5,13 @@
 from typing import NoReturn
 from urllib.parse import urlparse
 
-import id  # noqa: W0622
+import id  # pylint: disable=W0622
 import requests
 
 _GITHUB_STEP_SUMMARY = Path(os.getenv("GITHUB_STEP_SUMMARY"))
 
-_TOKEN_RETRIEVAL_FAILED_MESSAGE = dedent("""
+_TOKEN_RETRIEVAL_FAILED_MESSAGE = dedent(
+    """
     OIDC token retrieval failed: {identity_error}
 
     This generally indicates a workflow configuration error, such as insufficient
@@ -21,7 +22,7 @@
     permissions:
       id-token: write
     ```
-    """
+    """,
 )
 
 
@@ -31,7 +32,8 @@ def die(msg: str) -> NoReturn:
 
     # NOTE: `msg` is Markdown formatted, so we emit only the header line to
     # avoid clogging the console log with a full Markdown formatted document.
-    print(f"::error::OIDC exchange failure: {msg.splitlines()[0]}", file=sys.stderr)
+    header = msg.splitlines()[0]
+    print(f"::error::OIDC exchange failure: {header}", file=sys.stderr)
     sys.exit(1)
 
 
@@ -59,20 +61,20 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
             # This index does not support OIDC.
             die(
                 "audience retrieval failed: repository at "
-                f"{domain} does not indicate OIDC support"
+                f"{domain} does not indicate OIDC support",
             )
         case other:
             # Unknown: the index may or may not support OIDC, but didn't respond with
             # something we expect. This can happen if the index is broken, in maintenance mode,
             # misconfigured, etc.
             die(
                 "audience retrieval failed: repository at "
-                f"{domain} responded with unexpected {other}"
+                f"{domain} responded with unexpected {other}",
             )
 
 
 repository_url = get_normalized_input("repository-url")
-if not repository_url:
+if not repository_url:  # noqa: WPS504
     # Easy case: no explicit repository URL, which means we're using PyPI and we can just
     # hardcode the exchange endpoint and OIDC audience.
     token_exchange_url = "https://pypi.org/_/oidc/github/mint-token"
@@ -109,14 +111,15 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
         # Token exchange failure normally produces a JSON error response, but
         # we might have hit a server error instead.
         die(
-            dedent(f"""
+            dedent(
+                f"""
                 Token request failed: the index produced an unexpected
                 {mint_token_resp.status_code} response.
 
                 This strongly suggests a server configuration or downtime issue; wait
                 a few minutes and try again.
-                """
-            )
+                """,
+            ),
         )
 
     reasons = "\n".join(
@@ -125,24 +128,26 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
     )
 
     # NOTE: Can't `dedent(...)` here because `reasons` is newline-delimited.
-    die(f"""
+    die(
+        f"""
 Token request failed: the server refused the request for the following reasons:
 
 {reasons}
-        """
+        """,
     )
 
 mint_token_payload = mint_token_resp.json()
 pypi_token = mint_token_payload.get("token")
 if pypi_token is None:
     die(
-        dedent("""
+        dedent(
+            """
             Token response error: the index gave us an invalid response.
 
             This strongly suggests a server configuration or downtime issue; wait
             a few minutes and try again.
-            """
-        )
+            """,
+        ),
     )
 
 # Mask the newly minted PyPI token, so that we don't accidentally leak it in logs.