From 4d7b693bd341eabe369e57eb070379019ae25301 Mon Sep 17 00:00:00 2001 From: Lukas Puehringer Date: Tue, 21 Mar 2023 11:52:28 +0100 Subject: [PATCH] gpg: set default in function to allow global patch Patching globals to modify function behavior is an anti-pattern and should not be recommended to a user!! But it seems acceptable in tests (see #542). For this to work, the global must not be used before being modified, which, AFAIK, is not possible, if the global is defined and used (e.g. in a function signature) in the same scope. This commit changes the relevant function to access the default value in local scope, so that it global can be imported and modified before it. More invasive but probably more correct solutions would be: - move either GPG_TIMEOUT or is_available_gnupg to a different module, or - call relevant functions in tests with an explicit timeout arg Signed-off-by: Lukas Puehringer --- securesystemslib/gpg/constants.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/securesystemslib/gpg/constants.py b/securesystemslib/gpg/constants.py index ea659747..cc69f2b1 100644 --- a/securesystemslib/gpg/constants.py +++ b/securesystemslib/gpg/constants.py @@ -20,7 +20,7 @@ import os import shlex import subprocess # nosec -from typing import List +from typing import List, Optional log = logging.getLogger(__name__) @@ -28,8 +28,11 @@ @functools.lru_cache(maxsize=3) -def is_available_gnupg(gnupg: str, timeout=GPG_TIMEOUT) -> bool: +def is_available_gnupg(gnupg: str, timeout: Optional[int] = None) -> bool: """Returns whether gnupg points to a gpg binary.""" + if timeout is None: + timeout = GPG_TIMEOUT + gpg_version_cmd = shlex.split(f"{gnupg} --version") try: subprocess.run( # nosec