ci: install dependencies for mypy type checking

Also fix type errors in fuzz tests.

.gitea/workflows/ci.yml

@@ -29,8 +29,10 @@ jobs:
           git clone --depth 1 --branch "${GITHUB_REF_NAME}" \
             "https://oauth2:${{ github.token }}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" .
 
-      - name: Install dev tools
+      - name: Install dependencies
-        run: pip install -q ruff mypy
+        run: |
+          pip install -q -r requirements.txt
+          pip install -q ruff mypy
 
       - name: Python syntax check
         run: python -m py_compile run.py wsgi.py app/*.py app/**/*.py

tests/fuzz/run_fuzz.py

@@ -195,6 +195,7 @@ class FlaskPasteFuzzer:
         start = time.perf_counter()
 
         try:
+            assert parsed.hostname is not None
             conn = http.client.HTTPConnection(parsed.hostname, parsed.port, timeout=timeout)
             hdrs = headers or {}
             if data:
@@ -319,15 +320,15 @@ class FlaskPasteFuzzer:
         errors = []
 
         # Paste content fuzzing
-        payloads = [
+        payloads: list[bytes] = [
             b"normal text",
             b"\x00" * 100,  # Null bytes
             b"\xff" * 100,  # High bytes
             os.urandom(1000),  # Random binary
             b"A" * 100000,  # Large payload
             "".join(random.choices(string.printable, k=1000)).encode(),
-            "\u202e" * 100,  # RTL override
+            ("\u202e" * 100).encode("utf-8"),  # RTL override
-            "A\u0300" * 100,  # Combining characters
+            ("A\u0300" * 100).encode("utf-8"),  # Combining characters
         ]
 
         for payload in payloads:
@@ -841,7 +842,7 @@ class FlaskPasteFuzzer:
         report.append(f"Total requests: {total_requests}")
         report.append(f"Total findings: {len(self.findings)}")
 
-        by_severity = {}
+        by_severity: dict[str, int] = {}
         for f in self.findings:
             by_severity[f.severity] = by_severity.get(f.severity, 0) + 1