Merge pull request #1442 from jku/fix-sign-return-value

Metadata API: Fix Metadata.sign() return value annotation

Author: joshuagl

tests/test_api.py

@@ -188,12 +188,14 @@ def test_sign_verify(self):
 
         sslib_signer = SSlibSigner(self.keystore['snapshot'])
         # Append a new signature with the unrelated key and assert that ...
-        metadata_obj.sign(sslib_signer, append=True)
+        sig = metadata_obj.sign(sslib_signer, append=True)
         # ... there are now two signatures, and
         self.assertEqual(len(metadata_obj.signatures), 2)
         # ... both are valid for the corresponding keys.
         targets_key.verify_signature(metadata_obj)
         snapshot_key.verify_signature(metadata_obj)
+        # ... the returned (appended) signature is for snapshot key
+        self.assertEqual(sig.keyid, snapshot_keyid)
 
         sslib_signer = SSlibSigner(self.keystore['timestamp'])
         # Create and assign (don't append) a new signature and assert that ...

tuf/api/metadata.py

@@ -228,7 +228,7 @@ def sign(
         signer: Signer,
         append: bool = False,
         signed_serializer: Optional[SignedSerializer] = None,
-    ) -> Dict[str, Any]:
+    ) -> Signature:
         """Creates signature over 'signed' and assigns it to 'signatures'.
 
         Arguments:
@@ -247,7 +247,7 @@ def sign(
                 Signing errors.
 
         Returns:
-            A securesystemslib-style signature object.
+            Securesystemslib Signature object that was added into signatures.
         """
 
         if signed_serializer is None: