Revert "Revert "Reapply "ref: enable local_partial_types=True (#89854)" (#90001)"" (#90272)

This reverts commit 89cf46b. This
commit was reverted as part of an incident as it went out in a suspect
release, but this change was not a contributing factor.

Refs #90001

Author: markstory

pyproject.toml

@@ -62,6 +62,7 @@ warn_unused_configs = true
 warn_unused_ignores = true
 warn_redundant_casts = true
 enable_error_code = ["ignore-without-code", "redundant-self"]
+local_partial_types = true  # compat with dmypy
 
 [tool.django-stubs]
 django_settings_module = "sentry.conf.server_mypy"

src/sentry/api/endpoints/organization_details.py

@@ -57,10 +57,8 @@
     REQUIRE_SCRUB_DEFAULTS_DEFAULT,
     REQUIRE_SCRUB_IP_ADDRESS_DEFAULT,
     ROLLBACK_ENABLED_DEFAULT,
-    SAFE_FIELDS_DEFAULT,
     SAMPLING_MODE_DEFAULT,
     SCRAPE_JAVASCRIPT_DEFAULT,
-    SENSITIVE_FIELDS_DEFAULT,
     TARGET_SAMPLE_RATE_DEFAULT,
     ObjectStatus,
 )
@@ -124,8 +122,8 @@
         ACCOUNT_RATE_LIMIT_DEFAULT,
     ),
     ("dataScrubber", "sentry:require_scrub_data", bool, REQUIRE_SCRUB_DATA_DEFAULT),
-    ("sensitiveFields", "sentry:sensitive_fields", list, SENSITIVE_FIELDS_DEFAULT),
-    ("safeFields", "sentry:safe_fields", list, SAFE_FIELDS_DEFAULT),
+    ("sensitiveFields", "sentry:sensitive_fields", list, None),
+    ("safeFields", "sentry:safe_fields", list, None),
     (
         "scrapeJavaScript",
         "sentry:scrape_javascript",

src/sentry/api/serializers/models/organization.py

@@ -46,11 +46,8 @@
     REQUIRE_SCRUB_IP_ADDRESS_DEFAULT,
     RESERVED_ORGANIZATION_SLUGS,
     ROLLBACK_ENABLED_DEFAULT,
-    SAFE_FIELDS_DEFAULT,
     SAMPLING_MODE_DEFAULT,
     SCRAPE_JAVASCRIPT_DEFAULT,
-    SENSITIVE_FIELDS_DEFAULT,
-    STREAMLINE_UI_ONLY,
     TARGET_SAMPLE_RATE_DEFAULT,
     ObjectStatus,
 )
@@ -645,9 +642,8 @@ def serialize(  # type: ignore[explicit-override, override]
             "dataScrubberDefaults": bool(
                 obj.get_option("sentry:require_scrub_defaults", REQUIRE_SCRUB_DEFAULTS_DEFAULT)
             ),
-            "sensitiveFields": obj.get_option("sentry:sensitive_fields", SENSITIVE_FIELDS_DEFAULT)
-            or [],
-            "safeFields": obj.get_option("sentry:safe_fields", SAFE_FIELDS_DEFAULT) or [],
+            "sensitiveFields": obj.get_option("sentry:sensitive_fields", None) or [],
+            "safeFields": obj.get_option("sentry:safe_fields", None) or [],
             "storeCrashReports": convert_crashreport_count(
                 obj.get_option("sentry:store_crash_reports")
             ),
@@ -699,7 +695,7 @@ def serialize(  # type: ignore[explicit-override, override]
             "rollbackEnabled": bool(
                 obj.get_option("sentry:rollback_enabled", ROLLBACK_ENABLED_DEFAULT)
             ),
-            "streamlineOnly": obj.get_option("sentry:streamline_ui_only", STREAMLINE_UI_ONLY),
+            "streamlineOnly": obj.get_option("sentry:streamline_ui_only", None),
             "trustedRelays": [
                 # serialize trusted relays info into their external form
                 _relay_internal_to_external(raw)

src/sentry/auth/authenticators/__init__.py

@@ -1,12 +1,19 @@
-from .base import AuthenticatorInterface  # NOQA
+from __future__ import annotations
+
+from typing import TYPE_CHECKING
+
+from .base import AuthenticatorInterface
 from .recovery_code import RecoveryCodeInterface
 from .sms import SmsInterface
 from .totp import TotpInterface
 from .u2f import U2fInterface
 
-AUTHENTICATOR_INTERFACES = {}
-AUTHENTICATOR_INTERFACES_BY_TYPE = {}
-AUTHENTICATOR_CHOICES = []
+if TYPE_CHECKING:
+    from django.utils.functional import _StrPromise
+
+AUTHENTICATOR_INTERFACES: dict[str, type[AuthenticatorInterface]] = {}
+AUTHENTICATOR_INTERFACES_BY_TYPE: dict[int, type[AuthenticatorInterface]] = {}
+AUTHENTICATOR_CHOICES: list[tuple[int, str | _StrPromise]] = []
 
 
 def register_authenticator(cls: type[AuthenticatorInterface]) -> None:

src/sentry/auth/providers/oauth2.py

@@ -26,8 +26,8 @@ def _get_redirect_url() -> str:
 
 
 class OAuth2Login(AuthView):
-    authorize_url = None
-    client_id = None
+    authorize_url: str | None = None
+    client_id: str | None = None
     scope = ""
 
     def __init__(self, authorize_url=None, client_id=None, scope=None, *args, **kwargs):
@@ -71,9 +71,9 @@ def dispatch(self, request: HttpRequest, helper) -> HttpResponse:
 
 
 class OAuth2Callback(AuthView):
-    access_token_url = None
-    client_id = None
-    client_secret = None
+    access_token_url: str | None = None
+    client_id: str | None = None
+    client_secret: str | None = None
 
     def __init__(self, access_token_url=None, client_id=None, client_secret=None, *args, **kwargs):
         super().__init__(*args, **kwargs)

src/sentry/auth/system.py

@@ -44,9 +44,9 @@ class SystemToken:
 
     id = "<system>"
     token = "<system.secret-key>"
-    application = None
-    organization_id = None
-    scoping_organization_id = None
+    application: None = None
+    organization_id: None = None
+    scoping_organization_id: None = None
 
     @classmethod
     def from_request(cls, request: HttpRequest, token: str) -> SystemToken | None:

src/sentry/conf/server.py

@@ -12,7 +12,7 @@
 import tempfile
 from collections.abc import Callable, Mapping, MutableSequence
 from datetime import datetime, timedelta
-from typing import Any, Final, Union, overload
+from typing import Any, Final, Literal, Union, overload
 from urllib.parse import urlparse
 
 import sentry
@@ -359,7 +359,7 @@ def env(
 # Once relay's fully rolled out, that can be deleted.
 # Until then, the safest and easiest thing to do is to disable this check
 # to leave things the way they were with Django <1.9.
-DATA_UPLOAD_MAX_MEMORY_SIZE = None
+DATA_UPLOAD_MAX_MEMORY_SIZE: int | None = None
 
 TEMPLATES = [
     {
@@ -616,7 +616,7 @@ def env(
 # this breaks certain IDP flows where we need cookies sent to us on a redirected POST
 # request, and `Lax` doesnt permit this.
 # See here: https://docs.djangoproject.com/en/2.1/ref/settings/#session-cookie-samesite
-SESSION_COOKIE_SAMESITE = None
+SESSION_COOKIE_SAMESITE: Literal["Strict", "Lax", None] = None
 
 BITBUCKET_CONSUMER_KEY = ""
 BITBUCKET_CONSUMER_SECRET = ""
@@ -747,7 +747,7 @@ def SOCIAL_AUTH_DEFAULT_USERNAME() -> str:
 CELERY_EAGER_PROPAGATES_EXCEPTIONS = True
 CELERY_IGNORE_RESULT = True
 CELERY_SEND_EVENTS = False
-CELERY_RESULT_BACKEND = None
+CELERY_RESULT_BACKEND: str | None = None
 CELERY_TASK_RESULT_EXPIRES = 1
 CELERY_DISABLE_RATE_LIMITS = True
 CELERY_DEFAULT_QUEUE = "default"
@@ -3215,9 +3215,6 @@ def custom_parameter_sort(parameter: dict) -> tuple[str, int]:
 # Similarity-v1: uses hardcoded set of event properties for diffing
 SENTRY_SIMILARITY_INDEX_REDIS_CLUSTER = "default"
 
-# Unused legacy option, there to satisfy getsentry CI. Remove from getsentry, then here
-SENTRY_SIMILARITY2_INDEX_REDIS_CLUSTER = None
-
 # How long the migration phase for grouping lasts
 SENTRY_GROUPING_UPDATE_MIGRATION_PHASE = 30 * 24 * 3600  # 30 days
 
@@ -3280,7 +3277,7 @@ def custom_parameter_sort(parameter: dict) -> tuple[str, int]:
 # Zero Downtime Migrations settings as defined at
 # https://github.com/tbicr/django-pg-zero-downtime-migrations#settings
 ZERO_DOWNTIME_MIGRATIONS_RAISE_FOR_UNSAFE = True
-ZERO_DOWNTIME_MIGRATIONS_LOCK_TIMEOUT = None
+ZERO_DOWNTIME_MIGRATIONS_LOCK_TIMEOUT: str | None = None
 ZERO_DOWNTIME_MIGRATIONS_STATEMENT_TIMEOUT: str | None = None
 ZERO_DOWNTIME_MIGRATIONS_LOCK_TIMEOUT_FORCE = False
 ZERO_DOWNTIME_MIGRATIONS_IDEMPOTENT_SQL = False
@@ -3413,7 +3410,7 @@ def custom_parameter_sort(parameter: dict) -> tuple[str, int]:
 SENTRY_PROFILE_CHUNKS_FUTURES_MAX_LIMIT = 10000
 
 # How long we should wait for a gateway proxy request to return before giving up
-GATEWAY_PROXY_TIMEOUT = None
+GATEWAY_PROXY_TIMEOUT: int | None = None
 
 SENTRY_SLICING_LOGICAL_PARTITION_COUNT = 256
 # This maps a Sliceable for slicing by name and (lower logical partition, upper physical partition)

src/sentry/constants.py

@@ -691,14 +691,11 @@ class InsightModules(Enum):
 ACCOUNT_RATE_LIMIT_DEFAULT = 0
 REQUIRE_SCRUB_DATA_DEFAULT = False
 REQUIRE_SCRUB_DEFAULTS_DEFAULT = False
-SENSITIVE_FIELDS_DEFAULT = None
-SAFE_FIELDS_DEFAULT = None
 ATTACHMENTS_ROLE_DEFAULT = settings.SENTRY_DEFAULT_ROLE
 DEBUG_FILES_ROLE_DEFAULT = "admin"
 EVENTS_ADMIN_ROLE_DEFAULT = settings.SENTRY_DEFAULT_ROLE
 REQUIRE_SCRUB_IP_ADDRESS_DEFAULT = False
 SCRAPE_JAVASCRIPT_DEFAULT = True
-TRUSTED_RELAYS_DEFAULT = None
 JOIN_REQUESTS_DEFAULT = True
 HIDE_AI_FEATURES_DEFAULT = False
 GITHUB_COMMENT_BOT_DEFAULT = True
@@ -709,7 +706,6 @@ class InsightModules(Enum):
 TARGET_SAMPLE_RATE_DEFAULT = 1.0
 SAMPLING_MODE_DEFAULT = "organization"
 ROLLBACK_ENABLED_DEFAULT = True
-STREAMLINE_UI_ONLY = None
 
 # `sentry:events_member_admin` - controls whether the 'member' role gets the event:admin scope
 EVENTS_MEMBER_ADMIN_DEFAULT = True

src/sentry/deletions/__init__.py

@@ -80,6 +80,7 @@
 
 from __future__ import annotations
 
+import functools
 from typing import TYPE_CHECKING, Any
 
 if TYPE_CHECKING:
@@ -193,9 +194,7 @@ def load_defaults(manager: DeletionTaskManager) -> None:
     # fmt: on
 
 
-_default_manager = None
-
-
+@functools.cache
 def get_manager() -> DeletionTaskManager:
     """
     Get the deletions default_manager
@@ -205,13 +204,10 @@ def get_manager() -> DeletionTaskManager:
     """
     from sentry.deletions.base import ModelDeletionTask
 
-    global _default_manager
-
-    if _default_manager is None:
-        _default_manager = DeletionTaskManager(default_task=ModelDeletionTask)
-        load_defaults(_default_manager)
+    default_manager = DeletionTaskManager(default_task=ModelDeletionTask)
+    load_defaults(default_manager)
 
-    return _default_manager
+    return default_manager
 
 
 def get(

src/sentry/filestore/gcs.py

@@ -226,22 +226,25 @@ def _try_upload():
 
 
 class GoogleCloudStorage(Storage):
-    project_id = None
-    credentials = None
-    bucket_name = None
-    file_name_charset = "utf-8"
-    file_overwrite = True
-    download_url = "https://www.googleapis.com"
-    # The max amount of memory a returned file can take up before being
-    # rolled over into a temporary file on disk. Default is 0: Do not roll over.
-    max_memory_size = 0
-
-    def __init__(self, **settings):
-        # check if some of the settings we've provided as class attributes
-        # need to be overwritten with values passed in here
-        for name, value in settings.items():
-            if hasattr(self, name):
-                setattr(self, name, value)
+    def __init__(
+        self,
+        project_id=None,
+        credentials=None,
+        bucket_name=None,
+        file_name_charset="utf-8",
+        file_overwrite=True,
+        download_url="https://www.googleapis.com",
+        # The max amount of memory a returned file can take up before being
+        # rolled over into a temporary file on disk. Default is 0: Do not roll over.
+        max_memory_size=0,
+    ):
+        self.project_id = project_id
+        self.credentials = credentials
+        self.bucket_name = bucket_name
+        self.file_name_charset = file_name_charset
+        self.file_overwrite = file_overwrite
+        self.download_url = download_url
+        self.max_memory_size = max_memory_size
 
         self._bucket = None
         self._client = None

src/sentry/filestore/s3.py

@@ -255,28 +255,28 @@ class S3Boto3Storage(Storage):
     connection_response_error = ClientError
     file_class = S3Boto3StorageFile
     # If config provided in init, signature_version and addressing_style settings/args are ignored.
-    config = None
+    config: Config | None = None
 
     # used for looking up the access and secret key from env vars
     access_key_names = ["AWS_S3_ACCESS_KEY_ID", "AWS_ACCESS_KEY_ID"]
     secret_key_names = ["AWS_S3_SECRET_ACCESS_KEY", "AWS_SECRET_ACCESS_KEY"]
 
-    access_key = None
-    secret_key = None
+    access_key: str | None = None
+    secret_key: str | None = None
     file_overwrite = True
     object_parameters: dict[str, str] = {}
-    bucket_name = None
+    bucket_name: str | None = None
     auto_create_bucket = False
     default_acl = "public-read"
     bucket_acl = default_acl
     querystring_auth = True
     querystring_expire = 3600
-    signature_version = None
+    signature_version: str | None = None
     reduced_redundancy = False
     location = ""
     encryption = False
     custom_domain: str | None = None
-    addressing_style = None
+    addressing_style: str | None = None
     secure_urls = True
     file_name_charset = "utf-8"
     gzip = False
@@ -289,8 +289,8 @@ class S3Boto3Storage(Storage):
         "image/svg+xml",
     )
     url_protocol = "https:"
-    endpoint_url = None
-    region_name = None
+    endpoint_url: str | None = None
+    region_name: str | None = None
     use_ssl = True
 
     def __init__(self, acl=None, bucket=None, **settings):

src/sentry/identity/oauth2.py

@@ -244,8 +244,8 @@ def record_event(event: IntegrationPipelineViewType, provider: str):
 
 
 class OAuth2LoginView(PipelineView):
-    authorize_url = None
-    client_id = None
+    authorize_url: str | None = None
+    client_id: str | None = None
     scope = ""
 
     def __init__(self, authorize_url=None, client_id=None, scope=None, *args, **kwargs):
@@ -294,9 +294,9 @@ def dispatch(self, request: HttpRequest, pipeline: Pipeline) -> HttpResponseBase
 
 
 class OAuth2CallbackView(PipelineView):
-    access_token_url = None
-    client_id = None
-    client_secret = None
+    access_token_url: str | None = None
+    client_id: str | None = None
+    client_secret: str | None = None
 
     def __init__(self, access_token_url=None, client_id=None, client_secret=None, *args, **kwargs):
         super().__init__(*args, **kwargs)