Increase security and reformat

core/security/__init__.py

@@ -1,2 +1 @@
 """Security helpers shared across transport adapters."""
-

core/security/attachments.py

@@ -101,7 +101,9 @@ def validate_attachment_metadata(
         raise ValueError(f"blocked_mime_type:{normalized_type}")
 
     allow_unmatched = bool(getattr(settings, "ATTACHMENT_ALLOW_UNKNOWN_MIME", False))
-    if not any(fnmatch(normalized_type, pattern) for pattern in _allowed_mime_patterns()):
+    if not any(
+        fnmatch(normalized_type, pattern) for pattern in _allowed_mime_patterns()
+    ):
         if not allow_unmatched:
             raise ValueError(f"unsupported_mime_type:{normalized_type}")
 

core/security/command_policy.py

@@ -68,15 +68,13 @@ def _omemo_facts(ctx: CommandSecurityContext) -> tuple[str, str]:
     message_meta = dict(ctx.message_meta or {})
     payload = dict(ctx.payload or {})
     xmpp_meta = dict(message_meta.get("xmpp") or {})
-    status = str(
-        xmpp_meta.get("omemo_status")
-        or payload.get("omemo_status")
-        or ""
-    ).strip().lower()
+    status = (
+        str(xmpp_meta.get("omemo_status") or payload.get("omemo_status") or "")
+        .strip()
+        .lower()
+    )
     client_key = str(
-        xmpp_meta.get("omemo_client_key")
-        or payload.get("omemo_client_key")
-        or ""
+        xmpp_meta.get("omemo_client_key") or payload.get("omemo_client_key") or ""
     ).strip()
     return status, client_key
 
@@ -160,7 +158,8 @@ def evaluate_command_policy(
     service = _normalize_service(context.service)
     channel = _normalize_channel(context.channel_identifier)
     allowed_services = [
-        item.lower() for item in _normalize_list(getattr(policy, "allowed_services", []))
+        item.lower()
+        for item in _normalize_list(getattr(policy, "allowed_services", []))
     ]
     global_allowed_services = [
         item.lower()