signer: Add note about unhandled exceptions

There is (at least currently) no promise that Signer implementations do not raise unexpected errors.
secure-systems-lab · Nov 29, 2022 · 98442f5 · 98442f5
1 parent c3c1ca8
commit 98442f5
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/securesystemslib/signer/_signer.py b/securesystemslib/signer/_signer.py
@@ -33,6 +33,11 @@ class Signer:
         signer = Signer.from_priv_key_uri("envvar:MYPRIVKEY", pub_key)
         sig = signer.sign(b"data")
 
+    Note that signer implementations may raise errors (during both
+    Signer.from_priv_key_uri() and Signer.sign()) that are not documented here:
+    examples could include network errors or file read errors. Applications
+    should use generic try-except here if unexpected raises are not an option.
+
     See SIGNER_FOR_URI_SCHEME for supported private key URI schemes. The
     currently supported default schemes are:
     * envvar: see SSlibSigner for details