From 3460793302dc9b27a8f36602027401fed3250b02 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Tue, 30 Apr 2024 09:38:10 -0700 Subject: [PATCH] Update the spellcheck config (#240) Signed-off-by: Tim Smith --- .github/actions/spelling/excludes.txt | 35 ++- .../actions/spelling/line_forbidden.patterns | 258 ++++++++++++++---- .github/actions/spelling/only.txt | 1 + .github/actions/spelling/patterns.txt | 59 +++- .github/actions/spelling/reject.txt | 3 + .github/dependabot.yml | 1 + .github/workflows/spell-check.yaml | 1 + 7 files changed, 298 insertions(+), 60 deletions(-) diff --git a/.github/actions/spelling/excludes.txt b/.github/actions/spelling/excludes.txt index c013ab5..5977f03 100644 --- a/.github/actions/spelling/excludes.txt +++ b/.github/actions/spelling/excludes.txt @@ -1,50 +1,83 @@ # See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-excludes (?:^|/)(?i)COPYRIGHT (?:^|/)(?i)LICEN[CS]E +(?:^|/)3rdparty/ (?:^|/)go\.sum$ (?:^|/)package(?:-lock|)\.json$ +(?:^|/)Pipfile$ +(?:^|/)pyproject.toml +(?:^|/)requirements(?:-dev|-doc|-test|)\.txt$ (?:^|/)vendor/ ignore$ \.a$ \.ai$ +\.all-contributorsrc$ \.avi$ \.bmp$ \.bz2$ +\.cer$ +\.class$ +\.coveragerc$ +\.crl$ \.crt$ +\.csr$ \.dll$ +\.docx?$ +\.drawio$ \.DS_Store$ \.eot$ +\.eps$ \.exe$ \.gif$ +\.git-blame-ignore-revs$ \.gitattributes$ +\.gitkeep$ \.graffle$ \.gz$ \.icns$ \.ico$ +\.ipynb$ \.jar$ +\.jks$ \.jpe?g$ \.key$ \.lib$ \.lock$ \.map$ \.min\.. +\.mo$ \.mod$ \.mp[34]$ \.o$ \.ocf$ \.otf$ +\.p12$ +\.parquet$ \.pdf$ \.pem$ +\.pfx$ \.png$ \.psd$ +\.pyc$ +\.pylintrc$ +\.qm$ \.s$ -\.svg$ +\.sig$ +\.so$ +\.svgz?$ +\.sys$ +\.tar$ +\.tgz$ \.tiff?$ \.ttf$ \.wav$ \.webm$ \.webp$ \.woff2?$ +\.xcf$ +\.xlsx?$ +\.xpm$ +\.xz$ \.zip$ ^\.github/actions/spelling/ ^\Q.github/workflows/spelling.yml\E$ diff --git a/.github/actions/spelling/line_forbidden.patterns b/.github/actions/spelling/line_forbidden.patterns index d52a2b6..3f6bacd 100644 --- a/.github/actions/spelling/line_forbidden.patterns +++ b/.github/actions/spelling/line_forbidden.patterns @@ -1,49 +1,88 @@ # Detect common combinations of valid words that are in fact invalid. # Useful for brand capitalizations +# +# Catch placeholder text +# + +\b[Ll]orem [Ii]psum\b + +# PR links left in the release notes +\bhttps:\/\/github.com\/mondoohq\/.*\/pull\/\d* + +# +# Terms to avoid +# + +# s.b. Allow list +\s[Ww]hitelist\b +\s[Ww]hitelisting\b +\s[Ww]hitelisted\b +\s[Ww]hite list\b +\s[Ww]hite listing\b +\s[Ww]hite listed\b + +# s.b. Block list +\s[Bb]lacklist\b +\s[Bb]lacklisting\b +\s[Bb]lacklisted\b +\s[Bb]lack list\b +\s[Bb]lack listing\b +\s[Bb]lack listed\b + # # Our Terms # # s.b. Mondoo Platform -\sthe Mondoo Platform\b \sMondoo platform\b # s.b. Compliance Hub -\scompliance hub\b -\sCompliance hubplatform\b +\s[Cc]ompliance hub\b + +# +# Compliance Terms +# + +# s.b. SOC 2 +\bSOC2\b + +# s.b. ISO 270001 +\bISO270001\b # # Industry Terms # # s.b. Side scanning -\bSidescanning\b -\bsidescanning\b +\b[Ss]idescanning\b # s.b. DevOps \bDev Ops\b \bDevops\b # s.b. SaaS -\bSaas\b -\bsaas\b +\b[Ss]aas\b # s.b. Docker Hub -\bDockerHub\b -\bDockerhub\b +\bDocker[Hh]ub\b # s.b. REST API -\bRest API\b -\brest API\b +\b[Rr]est API\b \brest api\b # s.b. DevSecOps -\bDevsecops\b +\bDevsec[Oo]ps\b # s.b. on-premises \bon-premise\b +# s.b. email +\be-mail\b + +# s.b. APIs +\bapis\b + # # Product Names # @@ -104,6 +143,10 @@ \bRedHat\b \bRedhat\b +# s.b. EuroLinux +\bEurolinux\b +\bEuro Linux\b + # s.b. AlmaLinux \bAlma Linux\b @@ -115,6 +158,7 @@ # s.b. CircleCI \bCircleCi\b +\bCircle CI\b # s.b. AppArmor \bApparmor\b @@ -140,6 +184,62 @@ \bOpenssl\b \bopenSSL\b +# s.b. CloudBees +\b[Cc]loudbees\b + +# s.b. System76 +\bSystem 76\b + +# s.b. VirtualBox +\b[Vv]irtualbox\b +\bVirtual Box\b + +# s.b. SentinelOne +\bSentinal[Oo]ne\b +\bSentinelone\b +\bSentinal One\b + +# s.b. CrowdStrike +\bCrowd Strike\b +\b[Cc]rowdstrike\b + +# +# Kubernetes Terms +# + +# s.b. DaemonSet +\bDaemonset\b + +# s.b. Dockershim +\bDockerShim\b +\bdockershim\b + +# s.b. LimitRange +\bLimitrange\b + +# s.b. Minikube +\bMiniKube\b + +# s.b. ReplicaSet +\bReplicaset\b + +# s.b. StatefulSet +\bStatefulset\b + +# +# HashiCorp Products +# + +# s.b. HashiCorp +\bHashicorp\b + +# s.b. Terraform +\bTerraForm\b + +# s.b. Vagrantfile +\bVagrant file\b +\bVagrantFile\b + # # Microsoft Products # @@ -147,6 +247,14 @@ # s.b. Microsoft \bMicroSoft\b +# s.b. PowerPoint +\bPower Point\b +\bPowerpoint\b + +# s.b. OneNote +\bOne Note\b +\bOnenote\b + # s.b. Windows Server \bWindows server\b @@ -163,6 +271,25 @@ \bgroup policy object\b \bGroup Policy object\b +# s.b. Power BI +\bPowerBI\b + +# s.b. SharePoint +\bSharepoint\b +\bShare Point\b + +# s.b. BitLocker +\bBitlocker\b +\bbitLocker\b + +# s.b. VS Code +\bVSCode\b +\bVScode\b + +# s.b. LinkedIn +\bLinked In\b +\bLinkedin\b + # # VMware Products # @@ -200,13 +327,13 @@ # s.b. CloudFormation \bCloudformation\b +\bCloud Formation\b # s.b. CloudFront \bCloudfront\b # s.b. CloudHSM -\bCloudHsm\b -\bCloudhsm\b +\bCloud[Hh]sm\b # s.b. CloudSearch \bCloudsearch\b @@ -214,7 +341,7 @@ # s.b. CloudShell # we can't check for Cloud Shell since that's what Azure calls it \bCloudshell\b -\bcloudshell\b +# cloudshell results in false positives # s.b. CloudTrail \bCloudtrail\b @@ -243,6 +370,9 @@ # s.b. CodeStar \bCodestar\b +# s.b. AWS Config +\bAWS config\b + # s.b. Copilot \bCoPilot\b @@ -265,6 +395,7 @@ # s.b. Fargate \bFarGate\b +\bFar Gate\b # s.b. FinSpace \bFinSpace\b @@ -281,6 +412,9 @@ # s.b. Honeycode \bHoneyCode\b +# s.b. Lambda +\bLamba\b + # s.b. Lightsail \bLightSail\b @@ -315,6 +449,9 @@ # s.b. SiteWise \bSitewise\b +# s.b. StackSets +\bStacksets\b + # s.b. WorkDocs \bWorkdocs\b @@ -325,11 +462,21 @@ # GCP Products # -# s.b. Pub/Sub -\bPubSub\b +# s.b. AlloyDB +\bAlloy DB\b -# s.b. Cloud SQL -\bCloudSQL\b +# s.b. AppEngine +\bApp Engine\b + +# s.b. BigLake +\bBig Lake\b + +# s.b. BigQuery +\bBig Query\b + +# s.b. Cloud Build +\bCloudBuild\b +\bCloud build\b # s.b. Cloud CDN \bCloudCDN\b @@ -337,70 +484,64 @@ # s.b. Cloud Functions \bCloud functions\b -# s.b. Vertex AI -\bVertexAI\b +# disabled for now in this repo due to false positives +# s.b. Cloud Run +# \bCloudRun\b +# \bCloud run\b -# s.b. Dialogflow -\bDialogFlow\b +# s.b. Cloud SQL +\bCloudSQL\b + +# s.b. Compute Engine +\bComputeEngine\b +\bCompute engine\b # s.b. Dataplex \bDataPlex\b -# s.b. BigLake -\bBig Lake\b +# s.b. Datastream +\bDataStream\b +\bData Stream\b -# s.b. AlloyDB -\bAlloy DB\b +# s.b. Dialogflow +\bDialogFlow\b # s.b. Firestore \bFireStore\b -# s.b. Datastream -\bDataStream\b -\bData Stream\b +# s.b. gVNIC +\bGVNIC\b + +# s.b. Knative +\bKNative\b # s.b. Memorystore \bMemoryStore\b \bMemory Store\b +# s.b. Pub/Sub +\bPubSub\b + # s.b. TensorFlow \bTensor Flow\b -# s.b. AppEngine -\bApp Engine\b - -# s.b. AppEngine -\bApp Engine\b - -# s.b. Compute Engine -\bComputeEngine\b -\bCompute engine\b +# s.b. Vertex AI +\bVertexAI\b # s.b. VMware Engine \bVMware engine\b \bVMWare Engine\b -# s.b. Knative -\bKNative\b - -# s.b. BigQuery -\bBig Query\b - -# s.b. Cloud Build -\bCloudBuild\b -\bCloud build\b - -# s.b. Cloud Run -\bCloudRun\b -\bCloud run\b - # # Azure Products # +# s.b. Azure Pipelines +\bAzure DevOps Pipelines\b + # s.b. Key Vault \bKey vault\b -\bKeyVault\b +# \bKeyVault\b # disabled for now in this repo due to false positives # s.b. Ampere \bampere\b @@ -523,3 +664,12 @@ # Reject duplicate words \s([A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})\s\g{-1}\s +# s.b. it's or its +\bits['’] + +# s.b. understand +\bunder stand\b + +# find spaces before a comma +# Enable this once https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Block-Ignore ships +# ( )+, diff --git a/.github/actions/spelling/only.txt b/.github/actions/spelling/only.txt index cfa27f7..4f966c4 100644 --- a/.github/actions/spelling/only.txt +++ b/.github/actions/spelling/only.txt @@ -1 +1,2 @@ \.md$ +\.mdx$ diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt index 0f6ce24..caeb662 100644 --- a/.github/actions/spelling/patterns.txt +++ b/.github/actions/spelling/patterns.txt @@ -14,8 +14,8 @@ \b([A-Za-z])\g{-1}{3,}\b # ignore funky space IDs that blow up spell checking -api\.mondoo\.app\/space.*\b -console\.mondoo\.com\/space.*\b +api\.mondoo\.app\/.*\b +console\.mondoo\.com\/.*\b # azure subscription ID [0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12} @@ -39,7 +39,7 @@ Key Vault Vault \broot root\b # AWS resources -(ami|subnet|vpc|sg)-[0-9a-fA-F]{17} +(ami|subnet|vpc|sg|fs)-[0-9a-fA-F]{17} # http and https URLs https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*) @@ -53,8 +53,8 @@ HKEY_[\w\\]* # mime types \bapplication\/\S* -# skip mql uids -uid:\s.*$ +# mql certificate IDs +certificate:\w* # ARN values \barn:\S* @@ -67,3 +67,52 @@ aws_session_token\s+\=(\s+)?.+ aws_access_key_id\s+\=(\s+)?.+ aws_secret_access_key\s+\=(\s+)?.+ +# PGP +\b(?:[0-9A-F]{4} ){9}[0-9A-F]{4}\b +# GPG keys +\b(?:[0-9A-F]{4} ){5}(?: [0-9A-F]{4}){5}\b + +# uuid +\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b + +# curl arguments +\b(?:\\n|)curl(?:\s+-[a-zA-Z]{1,2}\b)*(?:\s+-[a-zA-Z]{3,})(?:\s+-[a-zA-Z]+)* + +# set arguments +\bset(?:\s+-[abefimouxE]{1,2})*\s+-[abefimouxE]{3,}(?:\s+-[abefimouxE]+)* + +# tar arguments +\b(?:\\n|)g?tar(?:\.exe|)(?:(?:\s+--[-a-zA-Z]+|\s+-[a-zA-Z]+|\s[ABGJMOPRSUWZacdfh-pr-xz]+\b)(?:=[^ ]*|))+ + +# file permissions +['"`\s][-bcdLlpsw](?:[-r][-w][-Ssx]){2}[-r][-w][-SsTtx]\+?['"`\s] + +# score score is valid in MQL docs +score score + +# macOS temp folders +/var/folders/\w\w/[+\w]+/(?:T|-Caches-)/ + +# ssh +(?:ssh-\S+|-nistp256) [-a-zA-Z=;:\/0-9+]{12,} + +# kubernetes object suffix +-[0-9a-f]{10}-\w{5}\s + +# sed regular expressions +sed 's/(?:[^/]*?[a-zA-Z]{3,}[^/]*?/){2} + +# UNIX device paths +\/dev\/\w* + +# AWS RDS instance types +db.\w{2}.\w* + +# uuid +[<({"'>][0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[<'"})>] + +# rsa private keys +MII[BCEJ]\w* + +# UID in MQL policy +- uid: \S* diff --git a/.github/actions/spelling/reject.txt b/.github/actions/spelling/reject.txt index 0246d0f..83ecc82 100644 --- a/.github/actions/spelling/reject.txt +++ b/.github/actions/spelling/reject.txt @@ -1,5 +1,6 @@ ad-hoc ^attache$ +^bellow$ benefitting occurences? ^dependan.* @@ -9,3 +10,5 @@ Sorce ^untill$ ^untilling$ ^wether.* +deets +organisation diff --git a/.github/dependabot.yml b/.github/dependabot.yml index eb97a8c..f63d52e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,3 +1,4 @@ +--- version: 2 updates: - package-ecosystem: gomod diff --git a/.github/workflows/spell-check.yaml b/.github/workflows/spell-check.yaml index 44a9aae..57be00a 100644 --- a/.github/workflows/spell-check.yaml +++ b/.github/workflows/spell-check.yaml @@ -25,6 +25,7 @@ jobs: id: spelling uses: check-spelling/check-spelling@v0.0.22 with: + disable_checks: noisy-file suppress_push_for_open_pull_request: 1 checkout: true post_comment: 0