warehouse: fix fingerprint assignments (pypi#16284)

Signed-off-by: William Woodruff <william@trailofbits.com>

warehouse/forklift/legacy.py

@@ -425,7 +425,7 @@ def _process_attestations(request, artifact_path: Path):
  )
  except Exception as e:
  with sentry_sdk.push_scope() as scope:
- scope.fingerprint = e
+ scope.fingerprint = [e]
  sentry_sdk.capture_message(
  f"Unexpected error while verifying attestation: {e}"
  )

warehouse/oidc/services.py

@@ -266,7 +266,7 @@ def verify_jwt_signature(self, unverified_token: str) -> SignedClaims | None:
  )
  if not isinstance(e, jwt.PyJWTError):
  with sentry_sdk.push_scope() as scope:
- scope.fingerprint = e
+ scope.fingerprint = [e]
  # We expect pyjwt to only raise subclasses of PyJWTError, but
  # we can't enforce this. Other exceptions indicate an abstraction
  # leak, so we log them for upstream reporting.

warehouse/oidc/views.py

@@ -130,7 +130,7 @@ def mint_token_from_oidc(request: Request):
  # an abstraction leak in jwt that we'll log for upstream reporting.
  if not isinstance(e, (jwt.PyJWTError, KeyError)):
  with sentry_sdk.push_scope() as scope:
- scope.fingerprint = e
+ scope.fingerprint = [e]
  sentry_sdk.capture_message(f"jwt.decode raised generic error: {e}")
 
  return _invalid(