Circular ImportError: sigstore.models and sigstore._internal.rekor dependency loop

[SequeI]

When attempting to install and use sigstore-python directly from the Git repository (e.g., main branch or a recent commit), I'm encountering an ImportError due to a circular dependency between sigstore.models and sigstore._internal.rekor.

This issue prevents the successful initialization of the sigstore library, manifesting as soon as sigstore.models is imported.

Traceback (most recent call last):
  File "<frozen runpy>", line 189, in _run_module_as_main
  File "<frozen runpy>", line 148, in _get_module_details
  File "<frozen runpy>", line 112, in _get_module_details
  File "/model-transparency/src/model_signing/__init__.py", line 124, in <module>
    from model_signing import signing
  File "/model-transparency/src/model_signing/signing.py", line 54, in <module>
    from model_signing._signing import sign_sigstore as sigstore
  File "/model-transparency/src/model_signing/_signing/sign_sigstore.py", line 23, in <module>
    from sigstore import models as sigstore_models
  File "/.local/share/hatch/env/virtual/model-signing/-_BIuW3L/model-signing/lib/python3.13/site-packages/sigstore/models.py", line 65, in <module>
    from sigstore._internal.rekor.checkpoint import verify_checkpoint
  File "/.local/share/hatch/env/virtual/model-signing/-_BIuW3L/model-signing/lib/python3.13/site-packages/sigstore/_internal/rekor/__init__.py", line 32, in <module>
    from sigstore.models import LogEntry
ImportError: cannot import name 'LogEntry' from partially initialized module 'sigstore.models' (most likely due to a circular import) (/.local/share/hatch/env/virtual/model-signing/-_BIuW3L/model-signing/lib/python3.13/site-packages/sigstore/models.py)

this seems to be the main issue currently. Found while preparing model_transparency for the new release of this python client.

[jku]

Agreed, looks like a bug that appeared when RekorV2Client was added

Note that the newest release should still be fine.

[SequeI]

Correct, I can fix this if need be, whether it is putting LogEntry into a common util file or something. Not sure of the significance of it being in models.py or anything so let me know, since I am working on model_transparency atm anyway and testing off the current branch.

[jku]

I expect a well placed if typing.TYPE_CHECKING: will do the trick (to avoid the import). A PR is very welcome but I'll definitely have a look anyway in the next days.