Use hatch and ruff (#20)

Mostly a clean-up release. 

- Use `hatch` and `ruff` instead of `poetry` and many different/slow linters
- Properly format code according to ruff suggestions, enable `black` preview

.github/workflows/dev.yml

@@ -6,9 +6,9 @@ name: dev workflow
 on:
   # Triggers the workflow on push or pull request events but only for the master branch
   push:
-    branches: [ master,main,release ]
+    branches: [ master, main, release ]
   pull_request:
-    branches: [ master,main,release ]
+    branches: [ master, main, release ]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
@@ -35,19 +35,15 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-          pip install poetry tox tox-gh-actions
+          pip install hatch
 
-      - name: test with tox
+      - name: Run tests with coverage
         run:
-          tox
+          hatch run test:test-cov
 
       - name: Build documentation
         run: |
-          poetry install
-          poetry run mkdocs build
-
-      - name: list files
-        run: ls -l .
+          hatch run docs:build
 
   publish_dev_build:
     # if test failed, we should not publish
@@ -62,14 +58,14 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-          pip install poetry tox tox-gh-actions
+          pip install hatch
 
-      - name: test with tox
+      - name: Run tests coverage
         run:
-          tox
+          hatch run test:cov
 
       - name: list files
-        run: ls -l .
+        run: ls -lhrt .
 
       - uses: codecov/codecov-action@v3
         with:
@@ -78,9 +74,7 @@ jobs:
 
       - name: Build wheels and source tarball
         run: |
-          poetry version $(poetry version --short)-dev.$GITHUB_RUN_NUMBER
-          poetry version --short
-          poetry build
+          hatch build
 
       - name: publish to Test PyPI
         uses: pypa/gh-action-pypi-publish@release/v1

.github/workflows/release.yml

@@ -49,12 +49,11 @@ jobs:
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-          pip install tox-gh-actions poetry
+          pip install hatch
 
       - name: Build documentation
         run: |
-          poetry install
-          poetry run mkdocs build
+          hatch run docs:build
 
       - name: Publish documentation
         uses: peaceiris/actions-gh-pages@v3
@@ -64,7 +63,7 @@ jobs:
 
       - name: Build wheels and source tarball
         run: >-
-          poetry build
+          hatch build
 
       - name: Show temporary files
         run: >-

.gitignore

@@ -107,3 +107,9 @@ ENV/
 
 # mkdocs build dir
 site/
+
+# profiling data
+prof/
+
+# hatch-vcs
+_version.py

.pre-commit-config.yaml

@@ -1,37 +1,18 @@
 repos:
--   repo: https://github.com/Lucas-C/pre-commit-hooks
-    rev: v1.5.4
-    hooks:
-    -   id: forbid-crlf
-    -   id: remove-crlf
-    -   id: forbid-tabs
-    -   id: remove-tabs
 -   repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.4.0
     hooks:
     - id: trailing-whitespace
       args: [--markdown-linebreak-ext=md]
-    - id: end-of-file-fixer
     - id: check-merge-conflict
     - id: check-yaml
       args: [--unsafe]
-    - id: debug-statements
-    - id: mixed-line-ending
-      args: [--fix=lf]
     - id: no-commit-to-branch
 -   repo: https://github.com/pre-commit/pygrep-hooks
     rev: v1.10.0
     hooks:
-    - id: python-check-blanket-noqa
-    - id: python-check-blanket-type-ignore
-    - id: python-no-eval
     - id: python-use-type-annotations
     - id: text-unicode-replacement-char
--   repo: https://github.com/asottile/pyupgrade
-    rev: v3.10.1
-    hooks:
-    -   id: pyupgrade
-        args: [--py38-plus]
 - repo: https://github.com/myint/docformatter
   rev: v1.7.5
   hooks:
@@ -40,37 +21,18 @@ repos:
       - --in-place
       - --wrap-summaries=100
       - --wrap-descriptions=100
--   repo: https://github.com/hadialqattan/pycln
-    rev: v2.2.2
-    hooks:
-    -   id: pycln
-        args: [--config=pyproject.toml]
--   repo: https://github.com/pre-commit/mirrors-isort
-    rev: v5.10.1
-    hooks:
-    - id: isort
 -   repo: https://github.com/psf/black
-    rev: 23.7.0
+    rev: 23.9.1
     hooks:
     - id: black
--   repo: https://github.com/pycqa/flake8
-    rev: 6.1.0
-    hooks:
-    -   id: flake8
-        additional_dependencies:
-            - flake8-typing-imports==1.14.0
 -   repo: https://github.com/asottile/blacken-docs
     rev: 1.16.0
     hooks:
         - id: blacken-docs
--   repo: https://github.com/pycqa/pydocstyle
-    rev: 6.3.0
+-   repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.0.291
     hooks:
-    -   id: pydocstyle
-        additional_dependencies:
-            - toml
-        args:
-            - --add-ignore=D107
+        - id: ruff
 -   repo: https://github.com/pre-commit/mirrors-mypy
     rev: v1.5.1
     hooks:

CONTRIBUTING.md

@@ -52,11 +52,11 @@ Ready to contribute? Here's how to set up `jwskate` for local development.
     $ git clone [email protected]:your_name_here/jwskate.git
 ```
 
-3. Ensure [poetry](https://python-poetry.org/docs/) is installed.
+3. Ensure [hatch](https://hatch.pypa.io/) is installed.
 4. Install dependencies and start your virtualenv:
 
 ```
-    $ poetry install -E test -E doc -E dev
+    $ hatch env create
 ```
 
 5. Create a branch for local development:
@@ -67,11 +67,10 @@ Ready to contribute? Here's how to set up `jwskate` for local development.
 
 Now you can make your changes locally.
 
-6. When you're done making changes, check that your changes pass the tests, including testing other Python versions,
-   with tox:
+6. When you're done making changes, check that your changes pass the tests:
 
 ```
-    $ tox
+    $ hatch run test:test
 ```
 
 7. Commit your changes and push your branch to GitHub:
@@ -91,29 +90,5 @@ Before you submit a pull request, check that it meets these guidelines:
 1. The pull request should include tests.
 2. If the pull request adds functionality, the docs should be updated. Put your new functionality into a function with a
    docstring, and add the feature to the list in README.md.
-3. The pull request should work for Python 3.6, 3.7, 3.8, 3.9 and for PyPy. Check
+3. The pull request should work for Python 3.8+ and for PyPy. Check
    https://github.com/guillp/jwskate/actions and make sure that the tests pass for all supported Python versions.
-
-## Tips\`\`\`
-
-```
-$ pytest tests.test_jwskate
-```
-
-```To run a subset of tests.
-
-
-## Deploying
-
-A reminder for the maintainers on how to deploy.
-Make sure all your changes are committed (including an entry in HISTORY.md).
-Then run:
-
-```
-
-$ poetry patch # possible: major / minor / patch $ git push $ git push --tags
-
-```
-
-Travis will then deploy to PyPI if tests pass.
-```

jwskate/enums.py

@@ -77,7 +77,7 @@ class KeyManagementAlgs:
     A128GCMKW = "A128GCMKW"
     A192GCMKW = "A192GCMKW"
     A256GCMKW = "A256GCMKW"
-    dir = "dir"
+    dir = "dir"  # noqa: A003
 
     PBES2_HS256_A128KW = "PBES2-HS256+A128KW"
     PBES2_HS384_A192KW = "PBES2-HS384+A192KW"

jwskate/jwa/base.py

@@ -18,6 +18,10 @@ class PublicKeyRequired(AttributeError):
     """Raised when a private key is provided for an operation that requires a public key."""
 
 
+class InvalidKey(ValueError):
+    """Raised when an unsuitable key is provided to an algorithm."""
+
+
 class BaseAlg:
     """Base class for all algorithms.
 
@@ -73,6 +77,9 @@ def check_key(cls, key: bytes) -> None:
         Returns:
           Returns `None`. Raises an exception if the key is not suitable
 
+        Raises:
+            InvalidKey: if the key is not suitable for this algorithm
+
         """
         pass
 
@@ -91,9 +98,10 @@ def supports_key(cls, key: bytes) -> bool:
         """
         try:
             cls.check_key(key)
-            return True
-        except Exception:
+        except InvalidKey:
             return False
+        else:
+            return True
 
 
 Kpriv = TypeVar("Kpriv")
@@ -195,9 +203,7 @@ def sign(self, data: bytes | SupportsBytes) -> BinaPy:
         """
         raise NotImplementedError
 
-    def verify(
-        self, data: bytes | SupportsBytes, signature: bytes | SupportsBytes
-    ) -> bool:
+    def verify(self, data: bytes | SupportsBytes, signature: bytes | SupportsBytes) -> bool:
         """Verify a signature against some data.
 
         Args:
@@ -228,13 +234,12 @@ def check_key(cls, key: bytes) -> None:
           key: the key to check
 
         Raises:
-            ValueError: if the key is not suitable
+            InvalidKey: if the key is not suitable
 
         """
         if len(key) * 8 != cls.key_size:
-            raise ValueError(
-                f"This key size of {len(key) * 8} bits doesn't match the expected key size of {cls.key_size} bits"
-            )
+            msg = f"This key size of {len(key) * 8} bits doesn't match the expected key size of {cls.key_size} bits"
+            raise InvalidKey(msg)
 
     @classmethod
     def generate_key(cls) -> BinaPy:
@@ -295,9 +300,12 @@ def decrypt(
         """Decrypt and verify a ciphertext with Authenticated Encryption.
 
         This needs:
+
         - the raw encrypted Data (`ciphertext`) and Authentication Tag (`auth_tag`) that were produced by encryption,
-        - the same Initialisation Vector (`iv`) and optional Additional Authentication Data that were provided for encryption.
-        and returns the resulting clear text data.
+        - the same Initialisation Vector (`iv`) and optional Additional Authentication Data that were provided for
+        encryption.
+
+        Returns the resulting clear text data.
 
         Args:
           ciphertext: the data to decrypt

jwskate/jwa/ec.py

@@ -4,11 +4,8 @@
 from dataclasses import dataclass
 from typing import ClassVar
 
-from binapy import BinaPy
 from cryptography.hazmat.primitives.asymmetric import ec
 
-from jwskate import KeyTypes
-
 
 @dataclass
 class EllipticCurve: