Refactor tests to use assertions consistently and improve type hints

* Initial plan

* Address review feedback: Kafka SSL context, SIGHUP handler safety, test formatting

Co-authored-by: seanthegeek <44679+seanthegeek@users.noreply.github.com>
Agent-Logs-Url: https://github.com/domainaware/parsedmarc/sessions/8f2fd48f-32a4-4258-9a89-06f7c7ac29bf

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: seanthegeek <44679+seanthegeek@users.noreply.github.com>

CHANGELOG.md

@@ -1,18 +1,5 @@
 # Changelog
 
-## 9.3.1
-
-### Breaking changes
-
-- Elasticsearch and OpenSearch now verify SSL certificates by default when `ssl = True`, even without a `cert_path`
-- Added `skip_certificate_verification` option to the `elasticsearch` and `opensearch` configuration sections for consistency with `splunk_hec`
-
-### Fixed
-
-- Splunk HEC `skip_certificate_verification` now works correctly
-- SMTP TLS reports no longer fail when saving to multiple output targets (e.g. Elasticsearch and OpenSearch) due to in-place mutation of the report dict
-- Output client initialization errors now identify which module failed (e.g. "OpenSearch: ConnectionError..." instead of generic "Output client error")
-
 ## 9.3.0
 
 ### Added

docker-compose.dashboard-dev.yml

@@ -27,7 +27,7 @@ services:
   grafana:
     image: grafana/grafana:latest
     environment:
-      - GRAFANA_PASSWORD=${GRAFANA_PASSWORD}
+      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
       - GF_INSTALL_PLUGINS=grafana-piechart-panel,grafana-worldmap-panel
     ports:
       - "127.0.0.1:3000:3000"
@@ -41,7 +41,5 @@ services:
       - SPLUNK_START_ARGS=--accept-license
       - "SPLUNK_GENERAL_TERMS=--accept-sgt-current-at-splunk-com"
       - SPLUNK_PASSWORD=${SPLUNK_PASSWORD}
-      - SPLUNK_HEC_TOKEN=${SPLUNK_HEC_TOKEN}
     ports:
       - "127.0.0.1:8000:8000"
-      - "127.0.0.1:8088:8088"

docs/source/usage.md

@@ -273,8 +273,6 @@ The full set of configuration options are:
     (Default: `True`)
   - `timeout` - float: Timeout in seconds (Default: 60)
   - `cert_path` - str: Path to a trusted certificates
-  - `skip_certificate_verification` - bool: Skip certificate
-    verification (not recommended)
   - `index_suffix` - str: A suffix to apply to the index names
   - `index_prefix` - str: A prefix to apply to the index names
   - `monthly_indexes` - bool: Use monthly indexes instead of daily indexes
@@ -302,8 +300,6 @@ The full set of configuration options are:
     (Default: `True`)
   - `timeout` - float: Timeout in seconds (Default: 60)
   - `cert_path` - str: Path to a trusted certificates
-  - `skip_certificate_verification` - bool: Skip certificate
-    verification (not recommended)
   - `index_suffix` - str: A suffix to apply to the index names
   - `index_prefix` - str: A prefix to apply to the index names
   - `monthly_indexes` - bool: Use monthly indexes instead of daily indexes

parsedmarc/cli.py

@@ -505,10 +505,6 @@ def _parse_config_file(config_file, opts):
             opts.elasticsearch_ssl = bool(elasticsearch_config.getboolean("ssl"))
         if "cert_path" in elasticsearch_config:
             opts.elasticsearch_ssl_cert_path = elasticsearch_config["cert_path"]
-        if "skip_certificate_verification" in elasticsearch_config:
-            opts.elasticsearch_skip_certificate_verification = bool(
-                elasticsearch_config.getboolean("skip_certificate_verification")
-            )
         if "user" in elasticsearch_config:
             opts.elasticsearch_username = elasticsearch_config["user"]
         if "password" in elasticsearch_config:
@@ -548,10 +544,6 @@ def _parse_config_file(config_file, opts):
             opts.opensearch_ssl = bool(opensearch_config.getboolean("ssl"))
         if "cert_path" in opensearch_config:
             opts.opensearch_ssl_cert_path = opensearch_config["cert_path"]
-        if "skip_certificate_verification" in opensearch_config:
-            opts.opensearch_skip_certificate_verification = bool(
-                opensearch_config.getboolean("skip_certificate_verification")
-            )
         if "user" in opensearch_config:
             opts.opensearch_username = opensearch_config["user"]
         if "password" in opensearch_config:
@@ -861,95 +853,77 @@ def _init_output_clients(opts):
     """
     clients = {}
 
-    try:
-        if opts.s3_bucket:
-            clients["s3_client"] = s3.S3Client(
-                bucket_name=opts.s3_bucket,
-                bucket_path=opts.s3_path,
-                region_name=opts.s3_region_name,
-                endpoint_url=opts.s3_endpoint_url,
-                access_key_id=opts.s3_access_key_id,
-                secret_access_key=opts.s3_secret_access_key,
-            )
-    except Exception as e:
-        raise RuntimeError(f"S3: {e}") from e
+    if opts.s3_bucket:
+        clients["s3_client"] = s3.S3Client(
+            bucket_name=opts.s3_bucket,
+            bucket_path=opts.s3_path,
+            region_name=opts.s3_region_name,
+            endpoint_url=opts.s3_endpoint_url,
+            access_key_id=opts.s3_access_key_id,
+            secret_access_key=opts.s3_secret_access_key,
+        )
 
-    try:
-        if opts.syslog_server:
-            clients["syslog_client"] = syslog.SyslogClient(
-                server_name=opts.syslog_server,
-                server_port=int(opts.syslog_port),
-                protocol=opts.syslog_protocol or "udp",
-                cafile_path=opts.syslog_cafile_path,
-                certfile_path=opts.syslog_certfile_path,
-                keyfile_path=opts.syslog_keyfile_path,
-                timeout=opts.syslog_timeout if opts.syslog_timeout is not None else 5.0,
-                retry_attempts=opts.syslog_retry_attempts
-                if opts.syslog_retry_attempts is not None
-                else 3,
-                retry_delay=opts.syslog_retry_delay
-                if opts.syslog_retry_delay is not None
-                else 5,
-            )
-    except Exception as e:
-        raise RuntimeError(f"Syslog: {e}") from e
+    if opts.syslog_server:
+        clients["syslog_client"] = syslog.SyslogClient(
+            server_name=opts.syslog_server,
+            server_port=int(opts.syslog_port),
+            protocol=opts.syslog_protocol or "udp",
+            cafile_path=opts.syslog_cafile_path,
+            certfile_path=opts.syslog_certfile_path,
+            keyfile_path=opts.syslog_keyfile_path,
+            timeout=opts.syslog_timeout if opts.syslog_timeout is not None else 5.0,
+            retry_attempts=opts.syslog_retry_attempts
+            if opts.syslog_retry_attempts is not None
+            else 3,
+            retry_delay=opts.syslog_retry_delay
+            if opts.syslog_retry_delay is not None
+            else 5,
+        )
 
     if opts.hec:
         if opts.hec_token is None or opts.hec_index is None:
             raise ConfigurationError(
                 "HEC token and HEC index are required when using HEC URL"
             )
-        try:
-            verify = True
-            if opts.hec_skip_certificate_verification:
-                verify = False
-            clients["hec_client"] = splunk.HECClient(
-                opts.hec, opts.hec_token, opts.hec_index, verify=verify
-            )
-        except Exception as e:
-            raise RuntimeError(f"Splunk HEC: {e}") from e
+        verify = True
+        if opts.hec_skip_certificate_verification:
+            verify = False
+        clients["hec_client"] = splunk.HECClient(
+            opts.hec, opts.hec_token, opts.hec_index, verify=verify
+        )
 
-    try:
-        if opts.kafka_hosts:
-            ssl_context = None
-            if opts.kafka_skip_certificate_verification:
-                logger.debug("Skipping Kafka certificate verification")
-                ssl_context = create_default_context()
-                ssl_context.check_hostname = False
-                ssl_context.verify_mode = CERT_NONE
-            clients["kafka_client"] = kafkaclient.KafkaClient(
-                opts.kafka_hosts,
-                username=opts.kafka_username,
-                password=opts.kafka_password,
-                ssl_context=ssl_context,
-            )
-    except Exception as e:
-        raise RuntimeError(f"Kafka: {e}") from e
+    if opts.kafka_hosts:
+        ssl_context = None
+        if opts.kafka_skip_certificate_verification:
+            logger.debug("Skipping Kafka certificate verification")
+            ssl_context = create_default_context()
+            ssl_context.check_hostname = False
+            ssl_context.verify_mode = CERT_NONE
+        clients["kafka_client"] = kafkaclient.KafkaClient(
+            opts.kafka_hosts,
+            username=opts.kafka_username,
+            password=opts.kafka_password,
+            ssl_context=ssl_context,
+        )
 
-    try:
-        if opts.gelf_host:
-            clients["gelf_client"] = gelf.GelfClient(
-                host=opts.gelf_host,
-                port=int(opts.gelf_port),
-                mode=opts.gelf_mode,
-            )
-    except Exception as e:
-        raise RuntimeError(f"GELF: {e}") from e
+    if opts.gelf_host:
+        clients["gelf_client"] = gelf.GelfClient(
+            host=opts.gelf_host,
+            port=int(opts.gelf_port),
+            mode=opts.gelf_mode,
+        )
 
-    try:
-        if (
-            opts.webhook_aggregate_url
-            or opts.webhook_forensic_url
-            or opts.webhook_smtp_tls_url
-        ):
-            clients["webhook_client"] = webhook.WebhookClient(
-                aggregate_url=opts.webhook_aggregate_url,
-                forensic_url=opts.webhook_forensic_url,
-                smtp_tls_url=opts.webhook_smtp_tls_url,
-                timeout=opts.webhook_timeout,
-            )
-    except Exception as e:
-        raise RuntimeError(f"Webhook: {e}") from e
+    if (
+        opts.webhook_aggregate_url
+        or opts.webhook_forensic_url
+        or opts.webhook_smtp_tls_url
+    ):
+        clients["webhook_client"] = webhook.WebhookClient(
+            aggregate_url=opts.webhook_aggregate_url,
+            forensic_url=opts.webhook_forensic_url,
+            smtp_tls_url=opts.webhook_smtp_tls_url,
+            timeout=opts.webhook_timeout,
+        )
 
     # Elasticsearch and OpenSearch mutate module-level global state via
     # connections.create_connection(), which cannot be rolled back if a later
@@ -957,84 +931,76 @@ def _init_output_clients(opts):
     # successfully first; this minimises the window for partial-init problems
     # during config reload.
     if opts.save_aggregate or opts.save_forensic or opts.save_smtp_tls:
-        try:
-            if opts.elasticsearch_hosts:
-                es_aggregate_index = "dmarc_aggregate"
-                es_forensic_index = "dmarc_forensic"
-                es_smtp_tls_index = "smtp_tls"
-                if opts.elasticsearch_index_suffix:
-                    suffix = opts.elasticsearch_index_suffix
-                    es_aggregate_index = "{0}_{1}".format(es_aggregate_index, suffix)
-                    es_forensic_index = "{0}_{1}".format(es_forensic_index, suffix)
-                    es_smtp_tls_index = "{0}_{1}".format(es_smtp_tls_index, suffix)
-                if opts.elasticsearch_index_prefix:
-                    prefix = opts.elasticsearch_index_prefix
-                    es_aggregate_index = "{0}{1}".format(prefix, es_aggregate_index)
-                    es_forensic_index = "{0}{1}".format(prefix, es_forensic_index)
-                    es_smtp_tls_index = "{0}{1}".format(prefix, es_smtp_tls_index)
-                elastic_timeout_value = (
-                    float(opts.elasticsearch_timeout)
-                    if opts.elasticsearch_timeout is not None
-                    else 60.0
-                )
-                elastic.set_hosts(
-                    opts.elasticsearch_hosts,
-                    use_ssl=opts.elasticsearch_ssl,
-                    ssl_cert_path=opts.elasticsearch_ssl_cert_path,
-                    skip_certificate_verification=opts.elasticsearch_skip_certificate_verification,
-                    username=opts.elasticsearch_username,
-                    password=opts.elasticsearch_password,
-                    api_key=opts.elasticsearch_api_key,
-                    timeout=elastic_timeout_value,
-                )
-                elastic.migrate_indexes(
-                    aggregate_indexes=[es_aggregate_index],
-                    forensic_indexes=[es_forensic_index],
-                )
-                clients["elasticsearch"] = _ElasticsearchHandle()
-        except Exception as e:
-            raise RuntimeError(f"Elasticsearch: {e}") from e
+        if opts.elasticsearch_hosts:
+            es_aggregate_index = "dmarc_aggregate"
+            es_forensic_index = "dmarc_forensic"
+            es_smtp_tls_index = "smtp_tls"
+            if opts.elasticsearch_index_suffix:
+                suffix = opts.elasticsearch_index_suffix
+                es_aggregate_index = "{0}_{1}".format(es_aggregate_index, suffix)
+                es_forensic_index = "{0}_{1}".format(es_forensic_index, suffix)
+                es_smtp_tls_index = "{0}_{1}".format(es_smtp_tls_index, suffix)
+            if opts.elasticsearch_index_prefix:
+                prefix = opts.elasticsearch_index_prefix
+                es_aggregate_index = "{0}{1}".format(prefix, es_aggregate_index)
+                es_forensic_index = "{0}{1}".format(prefix, es_forensic_index)
+                es_smtp_tls_index = "{0}{1}".format(prefix, es_smtp_tls_index)
+            elastic_timeout_value = (
+                float(opts.elasticsearch_timeout)
+                if opts.elasticsearch_timeout is not None
+                else 60.0
+            )
+            elastic.set_hosts(
+                opts.elasticsearch_hosts,
+                use_ssl=opts.elasticsearch_ssl,
+                ssl_cert_path=opts.elasticsearch_ssl_cert_path,
+                username=opts.elasticsearch_username,
+                password=opts.elasticsearch_password,
+                api_key=opts.elasticsearch_api_key,
+                timeout=elastic_timeout_value,
+            )
+            elastic.migrate_indexes(
+                aggregate_indexes=[es_aggregate_index],
+                forensic_indexes=[es_forensic_index],
+            )
+            clients["elasticsearch"] = _ElasticsearchHandle()
 
-        try:
-            if opts.opensearch_hosts:
-                os_aggregate_index = "dmarc_aggregate"
-                os_forensic_index = "dmarc_forensic"
-                os_smtp_tls_index = "smtp_tls"
-                if opts.opensearch_index_suffix:
-                    suffix = opts.opensearch_index_suffix
-                    os_aggregate_index = "{0}_{1}".format(os_aggregate_index, suffix)
-                    os_forensic_index = "{0}_{1}".format(os_forensic_index, suffix)
-                    os_smtp_tls_index = "{0}_{1}".format(os_smtp_tls_index, suffix)
-                if opts.opensearch_index_prefix:
-                    prefix = opts.opensearch_index_prefix
-                    os_aggregate_index = "{0}{1}".format(prefix, os_aggregate_index)
-                    os_forensic_index = "{0}{1}".format(prefix, os_forensic_index)
-                    os_smtp_tls_index = "{0}{1}".format(prefix, os_smtp_tls_index)
-                opensearch_timeout_value = (
-                    float(opts.opensearch_timeout)
-                    if opts.opensearch_timeout is not None
-                    else 60.0
-                )
-                opensearch.set_hosts(
-                    opts.opensearch_hosts,
-                    use_ssl=opts.opensearch_ssl,
-                    ssl_cert_path=opts.opensearch_ssl_cert_path,
-                    skip_certificate_verification=opts.opensearch_skip_certificate_verification,
-                    username=opts.opensearch_username,
-                    password=opts.opensearch_password,
-                    api_key=opts.opensearch_api_key,
-                    timeout=opensearch_timeout_value,
-                    auth_type=opts.opensearch_auth_type,
-                    aws_region=opts.opensearch_aws_region,
-                    aws_service=opts.opensearch_aws_service,
-                )
-                opensearch.migrate_indexes(
-                    aggregate_indexes=[os_aggregate_index],
-                    forensic_indexes=[os_forensic_index],
-                )
-                clients["opensearch"] = _OpenSearchHandle()
-        except Exception as e:
-            raise RuntimeError(f"OpenSearch: {e}") from e
+        if opts.opensearch_hosts:
+            os_aggregate_index = "dmarc_aggregate"
+            os_forensic_index = "dmarc_forensic"
+            os_smtp_tls_index = "smtp_tls"
+            if opts.opensearch_index_suffix:
+                suffix = opts.opensearch_index_suffix
+                os_aggregate_index = "{0}_{1}".format(os_aggregate_index, suffix)
+                os_forensic_index = "{0}_{1}".format(os_forensic_index, suffix)
+                os_smtp_tls_index = "{0}_{1}".format(os_smtp_tls_index, suffix)
+            if opts.opensearch_index_prefix:
+                prefix = opts.opensearch_index_prefix
+                os_aggregate_index = "{0}{1}".format(prefix, os_aggregate_index)
+                os_forensic_index = "{0}{1}".format(prefix, os_forensic_index)
+                os_smtp_tls_index = "{0}{1}".format(prefix, os_smtp_tls_index)
+            opensearch_timeout_value = (
+                float(opts.opensearch_timeout)
+                if opts.opensearch_timeout is not None
+                else 60.0
+            )
+            opensearch.set_hosts(
+                opts.opensearch_hosts,
+                use_ssl=opts.opensearch_ssl,
+                ssl_cert_path=opts.opensearch_ssl_cert_path,
+                username=opts.opensearch_username,
+                password=opts.opensearch_password,
+                api_key=opts.opensearch_api_key,
+                timeout=opensearch_timeout_value,
+                auth_type=opts.opensearch_auth_type,
+                aws_region=opts.opensearch_aws_region,
+                aws_service=opts.opensearch_aws_service,
+            )
+            opensearch.migrate_indexes(
+                aggregate_indexes=[os_aggregate_index],
+                forensic_indexes=[os_forensic_index],
+            )
+            clients["opensearch"] = _OpenSearchHandle()
 
     return clients
 
@@ -1563,7 +1529,6 @@ def _main():
         elasticsearch_index_prefix=None,
         elasticsearch_ssl=True,
         elasticsearch_ssl_cert_path=None,
-        elasticsearch_skip_certificate_verification=False,
         elasticsearch_monthly_indexes=False,
         elasticsearch_username=None,
         elasticsearch_password=None,
@@ -1576,7 +1541,6 @@ def _main():
         opensearch_index_prefix=None,
         opensearch_ssl=True,
         opensearch_ssl_cert_path=None,
-        opensearch_skip_certificate_verification=False,
         opensearch_monthly_indexes=False,
         opensearch_username=None,
         opensearch_password=None,
@@ -1702,6 +1666,12 @@ def _main():
     # Initialize output clients
     try:
         clients = _init_output_clients(opts)
+    except elastic.ElasticsearchError as e:
+        logger.exception("Elasticsearch Error: {0}".format(e))
+        exit(1)
+    except opensearch.OpenSearchError as e:
+        logger.exception("OpenSearch Error: {0}".format(e))
+        exit(1)
     except ConfigurationError as e:
         logger.critical(str(e))
         exit(1)

parsedmarc/constants.py

@@ -1,3 +1,3 @@
-__version__ = "9.3.1"
+__version__ = "9.3.0"
 
 USER_AGENT = f"parsedmarc/{__version__}"

parsedmarc/elastic.py

@@ -268,7 +268,6 @@ def set_hosts(
     *,
     use_ssl: bool = False,
     ssl_cert_path: Optional[str] = None,
-    skip_certificate_verification: bool = False,
     username: Optional[str] = None,
     password: Optional[str] = None,
     api_key: Optional[str] = None,
@@ -281,7 +280,6 @@ def set_hosts(
         hosts (str | list[str]): A single hostname or URL, or list of hostnames or URLs
         use_ssl (bool): Use an HTTPS connection to the server
         ssl_cert_path (str): Path to the certificate chain
-        skip_certificate_verification (bool): Skip certificate verification
         username (str): The username to use for authentication
         password (str): The password to use for authentication
         api_key (str): The Base64 encoded API key to use for authentication
@@ -293,11 +291,10 @@ def set_hosts(
     if use_ssl:
         conn_params["use_ssl"] = True
         if ssl_cert_path:
-            conn_params["ca_certs"] = ssl_cert_path
-        if skip_certificate_verification:
-            conn_params["verify_certs"] = False
-        else:
             conn_params["verify_certs"] = True
+            conn_params["ca_certs"] = ssl_cert_path
+        else:
+            conn_params["verify_certs"] = False
     if username and password:
         conn_params["http_auth"] = username + ":" + password
     if api_key:
@@ -738,7 +735,6 @@ def save_smtp_tls_report_to_elasticsearch(
         index_date = begin_date.strftime("%Y-%m")
     else:
         index_date = begin_date.strftime("%Y-%m-%d")
-    report = report.copy()
     report["begin_date"] = begin_date
     report["end_date"] = end_date
 

parsedmarc/opensearch.py

@@ -271,7 +271,6 @@ def set_hosts(
     *,
     use_ssl: Optional[bool] = False,
     ssl_cert_path: Optional[str] = None,
-    skip_certificate_verification: bool = False,
     username: Optional[str] = None,
     password: Optional[str] = None,
     api_key: Optional[str] = None,
@@ -287,7 +286,6 @@ def set_hosts(
         hosts (str|list[str]): A single hostname or URL, or list of hostnames or URLs
         use_ssl (bool): Use an HTTPS connection to the server
         ssl_cert_path (str): Path to the certificate chain
-        skip_certificate_verification (bool): Skip certificate verification
         username (str): The username to use for authentication
         password (str): The password to use for authentication
         api_key (str): The Base64 encoded API key to use for authentication
@@ -302,11 +300,10 @@ def set_hosts(
     if use_ssl:
         conn_params["use_ssl"] = True
         if ssl_cert_path:
-            conn_params["ca_certs"] = ssl_cert_path
-        if skip_certificate_verification:
-            conn_params["verify_certs"] = False
-        else:
             conn_params["verify_certs"] = True
+            conn_params["ca_certs"] = ssl_cert_path
+        else:
+            conn_params["verify_certs"] = False
     normalized_auth_type = (auth_type or "basic").strip().lower()
     if normalized_auth_type == "awssigv4":
         if not aws_region:
@@ -767,7 +764,6 @@ def save_smtp_tls_report_to_opensearch(
         index_date = begin_date.strftime("%Y-%m")
     else:
         index_date = begin_date.strftime("%Y-%m-%d")
-    report = report.copy()
     report["begin_date"] = begin_date
     report["end_date"] = end_date
 

parsedmarc/splunk.py

@@ -58,7 +58,7 @@ class HECClient(object):
         self.source = source
         self.session = requests.Session()
         self.timeout = timeout
-        self.verify = verify
+        self.session.verify = verify
         self._common_data: dict[str, Union[str, int, float, dict]] = dict(
             host=self.host, source=self.source, index=self.index
         )
@@ -124,12 +124,10 @@ class HECClient(object):
                 data["event"] = new_report.copy()
                 json_str += "{0}\n".format(json.dumps(data))
 
-        if not self.verify:
+        if not self.session.verify:
             logger.debug("Skipping certificate verification for Splunk HEC")
         try:
-            response = self.session.post(
-                self.url, data=json_str, verify=self.verify, timeout=self.timeout
-            )
+            response = self.session.post(self.url, data=json_str, timeout=self.timeout)
             response = response.json()
         except Exception as e:
             raise SplunkError(e.__str__())
@@ -163,12 +161,10 @@ class HECClient(object):
             data["event"] = report.copy()
             json_str += "{0}\n".format(json.dumps(data))
 
-        if not self.verify:
+        if not self.session.verify:
             logger.debug("Skipping certificate verification for Splunk HEC")
         try:
-            response = self.session.post(
-                self.url, data=json_str, verify=self.verify, timeout=self.timeout
-            )
+            response = self.session.post(self.url, data=json_str, timeout=self.timeout)
             response = response.json()
         except Exception as e:
             raise SplunkError(e.__str__())
@@ -202,12 +198,10 @@ class HECClient(object):
             data["event"] = report.copy()
             json_str += "{0}\n".format(json.dumps(data))
 
-        if not self.verify:
+        if not self.session.verify:
             logger.debug("Skipping certificate verification for Splunk HEC")
         try:
-            response = self.session.post(
-                self.url, data=json_str, verify=self.verify, timeout=self.timeout
-            )
+            response = self.session.post(self.url, data=json_str, timeout=self.timeout)
             response = response.json()
         except Exception as e:
             raise SplunkError(e.__str__())

tests.py

@@ -3,7 +3,6 @@
 
 from __future__ import absolute_import, print_function, unicode_literals
 
-import io
 import os
 import signal
 import sys
@@ -203,7 +202,9 @@ class Test(unittest.TestCase):
                     sample_content, offline=OFFLINE_MODE
                 )
                 assert email_result["report_type"] == "forensic"
-            result = parsedmarc.parse_report_file(sample_path, offline=OFFLINE_MODE)
+            result = parsedmarc.parse_report_file(
+                sample_path, offline=OFFLINE_MODE
+            )
             assert result["report_type"] == "forensic"
             parsedmarc.parsed_forensic_reports_to_csv(result["report"])
             print("Passed!")
@@ -216,7 +217,9 @@ class Test(unittest.TestCase):
             if os.path.isdir(sample_path):
                 continue
             print("Testing {0}: ".format(sample_path), end="")
-            result = parsedmarc.parse_report_file(sample_path, offline=OFFLINE_MODE)
+            result = parsedmarc.parse_report_file(
+                sample_path, offline=OFFLINE_MODE
+            )
             assert result["report_type"] == "smtp_tls"
             parsedmarc.parsed_smtp_tls_reports_to_csv(result["report"])
             print("Passed!")
@@ -1278,22 +1281,6 @@ class TestImapFallbacks(unittest.TestCase):
 
 
 class TestMailboxWatchSince(unittest.TestCase):
-    def setUp(self):
-        from parsedmarc.log import logger as _logger
-
-        _logger.disabled = True
-        self._stdout_patch = patch("sys.stdout", new_callable=io.StringIO)
-        self._stderr_patch = patch("sys.stderr", new_callable=io.StringIO)
-        self._stdout_patch.start()
-        self._stderr_patch.start()
-
-    def tearDown(self):
-        from parsedmarc.log import logger as _logger
-
-        _logger.disabled = False
-        self._stderr_patch.stop()
-        self._stdout_patch.stop()
-
     def testWatchInboxPassesSinceToMailboxFetch(self):
         mailbox_connection = SimpleNamespace()
 
@@ -1308,9 +1295,7 @@ class TestMailboxWatchSince(unittest.TestCase):
         ) as mocked:
             with self.assertRaises(_BreakLoop):
                 parsedmarc.watch_inbox(
-                    mailbox_connection=cast(
-                        parsedmarc.MailboxConnection, mailbox_connection
-                    ),
+                    mailbox_connection=cast(parsedmarc.MailboxConnection, mailbox_connection),
                     callback=callback,
                     check_timeout=1,
                     batch_size=10,
@@ -1386,22 +1371,6 @@ class _DummyMailboxConnection(parsedmarc.MailboxConnection):
 
 
 class TestMailboxPerformance(unittest.TestCase):
-    def setUp(self):
-        from parsedmarc.log import logger as _logger
-
-        _logger.disabled = True
-        self._stdout_patch = patch("sys.stdout", new_callable=io.StringIO)
-        self._stderr_patch = patch("sys.stderr", new_callable=io.StringIO)
-        self._stdout_patch.start()
-        self._stderr_patch.start()
-
-    def tearDown(self):
-        from parsedmarc.log import logger as _logger
-
-        _logger.disabled = False
-        self._stderr_patch.stop()
-        self._stdout_patch.stop()
-
     def testBatchModeAvoidsExtraFullFetch(self):
         connection = _DummyMailboxConnection()
         parsedmarc.get_dmarc_reports_from_mailbox(
@@ -1951,22 +1920,6 @@ certificate_path = /tmp/msgraph-cert.pem
 class TestSighupReload(unittest.TestCase):
     """Tests for SIGHUP-driven configuration reload in watch mode."""
 
-    def setUp(self):
-        from parsedmarc.log import logger as _logger
-
-        _logger.disabled = True
-        self._stdout_patch = patch("sys.stdout", new_callable=io.StringIO)
-        self._stderr_patch = patch("sys.stderr", new_callable=io.StringIO)
-        self._stdout_patch.start()
-        self._stderr_patch.start()
-
-    def tearDown(self):
-        from parsedmarc.log import logger as _logger
-
-        _logger.disabled = False
-        self._stderr_patch.stop()
-        self._stdout_patch.stop()
-
     _BASE_CONFIG = """[general]
 silent = true