lint: ruff clean — fix unused imports + per-file ignores for main.py/test_email.py

Author: AmmarSaleh50

app/auth.py

@@ -13,7 +13,6 @@
 from argon2 import PasswordHasher
 from argon2.exceptions import VerifyMismatchError
 
-from . import db
 from .config import get_settings
 
 

app/routers/files.py

@@ -16,7 +16,6 @@
 """
 from __future__ import annotations
 
-import mimetypes
 import os
 import unicodedata
 from typing import Any, Optional

app/routers/settings.py

@@ -1,4 +1,4 @@
-from fastapi import APIRouter, Depends, HTTPException
+from fastapi import APIRouter, Depends
 
 import httpx
 

pyproject.toml

@@ -48,3 +48,12 @@ testpaths = ["tests"]
 [tool.ruff]
 line-length = 100
 target-version = "py312"
+extend-exclude = ["scripts/_deprecated", "migrations/_archive"]
+
+[tool.ruff.lint.per-file-ignores]
+# main.py imports the routers + mcp_http AFTER setting the httpx log level —
+# httpx logs the full request URL at INFO, which leaks the Telegram bot token.
+# Imports must come after `logging.getLogger("httpx").setLevel(WARNING)`.
+"app/main.py" = ["E402"]
+# Test helper class with single-line method bodies — common pytest idiom.
+"tests/services/test_email.py" = ["E702"]

scripts/run_migrations.py

@@ -114,7 +114,6 @@ def _strip_outer_transaction(sql: str) -> str:
 
     # Track $$-quoted regions so we don't touch plpgsql block syntax inside them.
     in_dollar = False
-    dollar_tag = ""
 
     # First pass: find indices of leading BEGIN and trailing COMMIT (only when
     # at outermost level, only at file boundaries).

tests/mcp/test_bearer_user_binding.py

@@ -13,9 +13,6 @@
 """
 from __future__ import annotations
 
-import base64
-import hashlib
-import secrets
 from uuid import UUID
 
 import pytest

tests/services/test_oauth.py

@@ -14,7 +14,6 @@
 import base64
 import hashlib
 from datetime import datetime, timedelta, timezone
-from uuid import UUID
 
 import pytest
 

tests/services/test_secrets.py

@@ -1,4 +1,3 @@
-import os
 import pytest
 from cryptography.fernet import Fernet
 

tests/test_auth_user_dep.py

@@ -4,7 +4,6 @@
 Legacy `b"authed"` cookies fall back to the sentinel user (migration grace).
 """
 import pytest
-from uuid import UUID
 
 
 @pytest.mark.asyncio
@@ -62,7 +61,8 @@ async def test_sentinel_user_uses_env_overrides(monkeypatch):
 async def test_require_user_returns_db_user_from_new_cookie_payload(client, db_conn):
     """The new cookie payload carries user_id; require_user looks up users table."""
     from app.auth import require_user, _signer, SENTINEL_USER_ID
-    import json, time
+    import json
+    import time
 
     # The sentinel user already exists in the DB (seeded by Phase 1 migration).
     payload = json.dumps({"u": str(SENTINEL_USER_ID), "iat": int(time.time())}).encode()
@@ -78,7 +78,8 @@ async def test_require_user_unknown_user_id_in_cookie_raises_401(client, db_conn
     """A signed cookie with a user_id that doesn't exist in users → 401."""
     from fastapi import HTTPException
     from app.auth import require_user, _signer
-    import json, time
+    import json
+    import time
     from uuid import uuid4
 
     unknown = str(uuid4())

tests/test_phase1_schema.py

@@ -7,7 +7,6 @@
 - The operator seed row exists after migrations.
 - Two users can have the same course code (composite PK on (user_id, code)).
 """
-from datetime import datetime, timezone, date
 from uuid import UUID, uuid4
 
 import pytest