Fix lint issues

* unused-variable: remove variables altogether or name them "_".
* unused-import: remove import
* consider-using-from-import: Use from-import
* Remove version checks for python <=3.3

There are some very minor import order changes: I expect no
functionality changes.

Fixes #432

securesystemslib/rsa_keys.py

@@ -1069,11 +1069,7 @@ def _decrypt(file_contents, password):
     # specified so that the expected derived key is regenerated correctly.
     # Discard the old "salt" and "iterations" values, as we only need the old
     # derived key.
-    (
-        junk_old_salt,  # pylint: disable=unused-variable
-        junk_old_iterations,  # pylint: disable=unused-variable
-        symmetric_key,
-    ) = _generate_derived_key(password, salt, iterations)
+    _, _, symmetric_key = _generate_derived_key(password, salt, iterations)
 
     # Verify the hmac to ensure the ciphertext is valid and has not been altered.
     # See the encryption routine for why we use the encrypt-then-MAC approach.

securesystemslib/schema.py

@@ -748,7 +748,7 @@ def __init__(self, object_name="object", **required):
         """
 
         # Ensure valid arguments.
-        for key, schema in required.items():  # pylint: disable=unused-variable
+        for schema in required.values():
             if not isinstance(schema, Schema):
                 raise exceptions.FormatError(
                     "Expected Schema but" " got " + repr(schema)

securesystemslib/unittest_toolbox.py

@@ -120,7 +120,7 @@ def random_path(self, length=7):
         """Generate a 'random' path consisting of random n-length strings."""
 
         rand_path = "/" + self.random_string(length)
-        for i in range(2):  # pylint: disable=unused-variable
+        for _ in range(2):
             rand_path = os.path.join(rand_path, self.random_string(length))
 
         return rand_path
@@ -130,7 +130,7 @@ def random_string(length=15):
         """Generate a random string of specified length."""
 
         rand_str = ""
-        for letter in range(length):  # pylint: disable=unused-variable
+        for _ in range(length):
             rand_str += random.choice("abcdefABCDEF" + string.digits)  # nosec
 
         return rand_str

tests/check_public_interfaces.py

@@ -29,18 +29,11 @@
   when explicitly invoked.
 """
 
-import inspect  # pylint: disable=unused-import
-import json  # pylint: disable=unused-import
 import os
 import shutil
-import sys
 import tempfile
 import unittest
-
-if sys.version_info >= (3, 3):
-    import unittest.mock as mock  # pylint: disable=consider-using-from-import
-else:
-    import mock
+from unittest import mock
 
 import securesystemslib.exceptions  # pylint: disable=wrong-import-position
 import securesystemslib.gpg.constants  # pylint: disable=wrong-import-position

tests/test_ecdsa_keys.py

@@ -153,10 +153,7 @@ def test_verify_signature(self):
 
         # Generate an RSA key so that we can verify that non-ECDSA keys are
         # rejected.
-        (
-            rsa_pem,
-            junk,  # pylint: disable=unused-variable
-        ) = securesystemslib.rsa_keys.generate_rsa_public_and_private()
+        rsa_pem, _ = securesystemslib.rsa_keys.generate_rsa_public_and_private()
 
         # Verify that a non-ECDSA key (via the PEM argument) is rejected.
         self.assertRaises(

tests/test_formats.py

@@ -220,10 +220,7 @@ def test_schemas(self):
 
         # Iterate 'valid_schemas', ensuring each 'valid_schema' correctly matches
         # its respective 'schema_type'.
-        for schema_name, (  # pylint: disable=unused-variable
-            schema_type,
-            valid_schema,
-        ) in valid_schemas.items():
+        for (schema_type, valid_schema) in valid_schemas.values():
             if not schema_type.matches(  # pylint: disable=no-member
                 valid_schema
             ):
@@ -237,7 +234,7 @@ def test_schemas(self):
         # Test conditions for invalid schemas.
         # Set the 'valid_schema' of 'valid_schemas' to an invalid
         # value and test that it does not match 'schema_type'.
-        for schema_name, (schema_type, valid_schema) in valid_schemas.items():
+        for (schema_type, valid_schema) in valid_schemas.values():
             invalid_schema = 0xBAD
 
             if isinstance(schema_type, securesystemslib.schema.Integer):
@@ -251,9 +248,6 @@ def test_schemas(self):
 
     def test_unix_timestamp_to_datetime(self):
         # Test conditions for valid arguments.
-        UNIX_TIMESTAMP_SCHEMA = (  # pylint: disable=invalid-name,unused-variable
-            securesystemslib.formats.UNIX_TIMESTAMP_SCHEMA
-        )
         self.assertTrue(
             datetime.datetime,
             securesystemslib.formats.unix_timestamp_to_datetime(499137720),
@@ -377,7 +371,6 @@ def test_encode_canonical(self):
         encode = securesystemslib.formats.encode_canonical
         result = []
         output = result.append
-        bad_output = 123  # pylint: disable=unused-variable
 
         self.assertEqual('""', encode(""))
         self.assertEqual("[1,2,3]", encode([1, 2, 3]))

tests/test_gpg.py

@@ -21,24 +21,17 @@
 
 import os
 import shutil
-import sys
 import tempfile
 import unittest
 
-if sys.version_info >= (3, 3):
-    from unittest.mock import (  # pylint: disable=no-name-in-module,import-error
-        patch,
-    )
-else:
-    from mock import patch  # pylint: disable=import-error
-
 # pylint: disable=wrong-import-position
 from collections import OrderedDict
 from copy import deepcopy
+from unittest.mock import patch
 
-import cryptography.hazmat.backends as backends  # pylint: disable=consider-using-from-import
 import cryptography.hazmat.primitives.hashes as hashing
-import cryptography.hazmat.primitives.serialization as serialization  # pylint: disable=consider-using-from-import
+from cryptography.hazmat import backends
+from cryptography.hazmat.primitives import serialization
 
 from securesystemslib import exceptions, process
 from securesystemslib.formats import ANY_PUBKEY_DICT_SCHEMA, GPG_PUBKEY_SCHEMA
@@ -62,12 +55,7 @@
     have_gpg,
 )
 from securesystemslib.gpg.dsa import create_pubkey as dsa_create_pubkey
-
-# pylint: disable=unused-import
 from securesystemslib.gpg.eddsa import ED25519_SIG_LENGTH
-from securesystemslib.gpg.eddsa import create_pubkey as eddsa_create_pubkey
-
-# pylint: enable=unused-import
 from securesystemslib.gpg.exceptions import (
     CommandError,
     KeyExpirationError,

tests/test_hash.py

@@ -21,7 +21,6 @@
 import io
 import logging
 import os
-import sys  # pylint: disable=unused-import
 import tempfile
 import unittest
 

tests/test_interface.py

@@ -17,26 +17,16 @@
   Unit test for 'interface.py'.
 """
 
-import datetime  # pylint: disable=unused-import
-import json  # pylint: disable=unused-import
 import os
 import shutil
 import stat
-import sys
 import tempfile
-import time  # pylint: disable=unused-import
 import unittest
+from unittest import mock
 
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.serialization import load_pem_private_key
 
-# Use external backport 'mock' on versions under 3.3
-if sys.version_info >= (3, 3):
-    import unittest.mock as mock  # pylint: disable=consider-using-from-import
-
-else:
-    import mock
-
 from securesystemslib import (  # pylint: disable=wrong-import-position
     KEY_TYPE_ECDSA,
     KEY_TYPE_ED25519,

tests/test_keys.py

@@ -175,30 +175,23 @@ def test_format_metadata_to_key(self):
         del test_rsakey_dict["keyid"]
 
         # Call format_metadata_to_key by using the default value for keyid_hash_algorithms
-        (
-            rsakey_dict_from_meta_default,
-            junk,  # pylint: disable=unused-variable
-        ) = KEYS.format_metadata_to_key(test_rsakey_dict)
+        rsakey_formatted, _ = KEYS.format_metadata_to_key(test_rsakey_dict)
 
         # Check if the format of the object returned by calling this function with
         # default hash algorithms e.g. securesystemslib.settings.HASH_ALGORITHMS corresponds
         # to RSAKEY_SCHEMA format.
         self.assertTrue(
-            securesystemslib.formats.RSAKEY_SCHEMA.matches(
-                rsakey_dict_from_meta_default
-            ),
+            securesystemslib.formats.RSAKEY_SCHEMA.matches(rsakey_formatted),
             FORMAT_ERROR_MSG,
         )
 
         self.assertTrue(
-            securesystemslib.formats.KEY_SCHEMA.matches(
-                rsakey_dict_from_meta_default
-            ),
+            securesystemslib.formats.KEY_SCHEMA.matches(rsakey_formatted),
             FORMAT_ERROR_MSG,
         )
 
         # Call format_metadata_to_key by using custom value for keyid_hash_algorithms
-        rsakey_dict_from_meta_custom, junk = KEYS.format_metadata_to_key(
+        rsakey_dict_from_meta_custom, _ = KEYS.format_metadata_to_key(
             test_rsakey_dict, keyid_hash_algorithms=["sha384"]
         )
 
@@ -552,10 +545,7 @@ def test_create_rsa_encrypted_pem(self):
     def test_import_rsakey_from_private_pem(self):
         # Try to import an rsakey from a valid PEM.
         private_pem = self.rsakey_dict["keyval"]["private"]
-
-        private_rsakey = KEYS.import_rsakey_from_private_pem(  # pylint: disable=unused-variable
-            private_pem
-        )
+        _ = KEYS.import_rsakey_from_private_pem(private_pem)
 
         # Test for invalid arguments.
         self.assertRaises(
@@ -681,16 +671,14 @@ def test_import_rsakey_from_pem(self):
     def test_import_ecdsakey_from_private_pem(self):
         # Try to import an ecdsakey from a valid PEM.
         private_pem = self.ecdsakey_dict["keyval"]["private"]
-        ecdsakey = KEYS.import_ecdsakey_from_private_pem(  # pylint: disable=unused-variable
-            private_pem
-        )
+        _ = KEYS.import_ecdsakey_from_private_pem(private_pem)
 
         # Test for an encrypted PEM.
         scheme = "ecdsa-sha2-nistp256"
         encrypted_pem = securesystemslib.ecdsa_keys.create_ecdsa_encrypted_pem(
             private_pem, "password"
         )
-        private_ecdsakey = KEYS.import_ecdsakey_from_private_pem(  # pylint: disable=unused-variable
+        _ = KEYS.import_ecdsakey_from_private_pem(
             encrypted_pem.decode("utf-8"), scheme, "password"
         )
 

tests/test_rsa_keys.py

@@ -393,9 +393,7 @@ def test_decrypt_key(self):
             rsa_key, passphrase
         )
 
-        decrypted_rsa_key = securesystemslib.rsa_keys.decrypt_key(  # pylint: disable=unused-variable
-            encrypted_rsa_key, passphrase
-        )
+        _ = securesystemslib.rsa_keys.decrypt_key(encrypted_rsa_key, passphrase)
 
         # Test for invalid arguments.
         self.assertRaises(

tests/test_util.py

@@ -19,18 +19,15 @@
 
 import logging
 import os
-import shutil  # pylint: disable=unused-import
 import stat
-import sys  # pylint: disable=unused-import
 import tempfile
 import timeit
 import unittest
 
-import securesystemslib.exceptions as exceptions  # pylint: disable=consider-using-from-import
 import securesystemslib.hash
 import securesystemslib.settings
-import securesystemslib.unittest_toolbox as unittest_toolbox  # pylint: disable=consider-using-from-import
 import securesystemslib.util
+from securesystemslib import exceptions, unittest_toolbox
 
 logger = logging.getLogger(__name__)
 
@@ -135,9 +132,6 @@ def test_B3_get_file_length(self):
         filepath = self.make_temp_data_file()
 
         # Computing the length of the tempfile.
-        digest_object = securesystemslib.hash.digest_filename(  # pylint: disable=unused-variable
-            filepath, algorithm="sha256"
-        )
         file_length = os.path.getsize(filepath)
 
         # Test: Expected input.