fix(types): T3 — narrow str|None at 12 sites; fix LANRow/DeckyRow subscript in mutator tests

2026-05-01 01:47:04 -04:00
parent 65a2bdf0e7
commit 0f90dcfd3e
9 changed files with 22 additions and 15 deletions
--- a/decnet/web/db/mysql/database.py
+++ b/decnet/web/db/mysql/database.py
@@ -41,13 +41,13 @@ def build_mysql_url(
    Component args override env vars. Password is percent-encoded so special
    characters (``@``, ``:``, ``/``…) don't break URL parsing.
    """
-    host = host or os.environ.get("DECNET_DB_HOST", "localhost")
-    port = port or int(os.environ.get("DECNET_DB_PORT", "3306"))
-    database = database or os.environ.get("DECNET_DB_NAME", "decnet")
-    user = user or os.environ.get("DECNET_DB_USER", "decnet")
+    host = host or os.environ.get("DECNET_DB_HOST") or "localhost"
+    port = port or int(os.environ.get("DECNET_DB_PORT") or "3306")
+    database = database or os.environ.get("DECNET_DB_NAME") or "decnet"
+    user = user or os.environ.get("DECNET_DB_USER") or "decnet"

    if password is None:
-        password = os.environ.get("DECNET_DB_PASSWORD", "")
+        password = os.environ.get("DECNET_DB_PASSWORD") or ""

    # Allow empty passwords during tests (pytest sets PYTEST_* env vars).
    # Outside tests, an empty MySQL password is almost never intentional.
--- a/decnet/web/router/attackers/api_get_attackers.py
+++ b/decnet/web/router/attackers/api_get_attackers.py
@@ -78,6 +78,7 @@ async def get_attackers(
    _ips = {row["ip"] for row in _data if row.get("ip")}
    _behaviors = await repo.get_behaviors_for_ips(_ips) if _ips else {}
    for row in _data:
-        row["behavior"] = _behaviors.get(row.get("ip"))
+        _ip: str | None = row.get("ip")
+        row["behavior"] = _behaviors.get(_ip) if _ip is not None else None

    return {"total": _total, "limit": limit, "offset": offset, "data": _data}
--- a/decnet/web/router/canary/api_tokens.py
+++ b/decnet/web/router/canary/api_tokens.py
@@ -121,6 +121,8 @@ async def api_create_token(
        instrumenter_name = None
    else:
        # Upload-driven token.
+        if req.blob_uuid is None:
+            raise HTTPException(status_code=400, detail="blob_uuid required")
        blob = await repo.get_canary_blob(req.blob_uuid)
        if blob is None:
            raise HTTPException(status_code=404, detail="blob not found")
@@ -156,6 +158,8 @@ async def api_create_token(
    })
    await planter.plant(req.decky_name, artifact, token_uuid=token_uuid, repo=repo)
    row = await repo.get_canary_token(token_uuid)
+    if row is None:
+        raise HTTPException(status_code=500, detail="token insert succeeded but row not found")
    return _row_to_response(row)


--- a/decnet/web/router/fleet/api_deploy_deckies.py
+++ b/decnet/web/router/fleet/api_deploy_deckies.py
@@ -62,7 +62,7 @@ async def api_deploy_deckies(req: DeployIniRequest, admin: dict = Depends(requir
        # because DecnetConfig.deckies has min_length=1.
        try:
            iface = ini.interface or detect_interface()
-            subnet_cidr, gateway = ini.subnet, ini.gateway
+            subnet_cidr, gateway = ini.subnet or "", ini.gateway or ""
            if not subnet_cidr or not gateway:
                detected_subnet, detected_gateway = detect_subnet(iface)
                subnet_cidr = subnet_cidr or detected_subnet