🧹 Update spellcheck to the latest (#72)

* 🧹 Update spellcheck to the latest
* 🧹 format readme

---------

Signed-off-by: Tim Smith <[email protected]>
Co-authored-by: Christoph Hartmann <[email protected]>

.github/actions/spelling/excludes.txt

@@ -46,4 +46,5 @@ ignore$
 \.webp$
 \.woff2?$
 \.zip$
-^\.github/
+^\.github/actions/spelling/
+^\Q.github/workflows/spelling.yml\E$

.github/actions/spelling/expect.txt

@@ -1,4 +1,12 @@
 buildx
+cla
 codeql
+dfd
+healthz
 myapp
+nginx
+notsigned
+prcomment
+readyz
+softprops
 tibdex

.github/actions/spelling/line_forbidden.patterns

@@ -1,4 +1,4 @@
-# Detect common combinations of valid words that are in fact invalid. 
+# Detect common combinations of valid words that are in fact invalid.
 # Useful for brand capitalizations
 
 #
@@ -9,6 +9,10 @@
 \sthe Mondoo Platform\b
 \sMondoo platform\b
 
+# s.b. Compliance Hub
+\scompliance hub\b
+\sCompliance hubplatform\b
+
 #
 # Industry Terms
 #
@@ -44,6 +48,17 @@
 # Product Names
 #
 
+# s.b. Jira
+\bJIRA\b
+
+# s.b. MariaDB
+\bMaria DB\b
+\bmariaDB\b
+# \bmariaDb\b causes failures in MQL queries
+
+# s.b. PostgreSQL
+\bPostgreSql\b
+
 # s.b. Firefox
 \bFireFox\b
 
@@ -87,6 +102,7 @@
 
 # s.b. Red Hat
 \bRedHat\b
+\bRedhat\b
 
 # s.b. AlmaLinux
 \bAlma Linux\b
@@ -159,6 +175,10 @@
 \bVcenter\b
 \bVCenter\b
 
+# s.b. vSphere
+\bVsphere\b
+\bVSphere\b
+
 # s.b. ESXi
 \bEsxi\b
 
@@ -370,18 +390,17 @@
 \bCloudBuild\b
 \bCloud build\b
 
-# disabled for now in this repo due to false positives
 # s.b. Cloud Run
-# \bCloudRun\b
-# \bCloud run\b
+\bCloudRun\b
+\bCloud run\b
 
 #
 # Azure Products
 #
 
 # s.b. Key Vault
 \bKey vault\b
-# \bKeyVault\b # disabled for now in this repo due to false positives
+\bKeyVault\b
 
 # s.b. Ampere
 \bampere\b
@@ -418,6 +437,8 @@
 
 # s.b. Cosmos DB
 \bCosmosDB\b
+\bCosmoDB\b
+\bCosmo DB\b
 
 # s.b. SignalR Service
 \bSignalR service\b

.github/actions/spelling/patterns.txt

@@ -66,3 +66,4 @@ uid:\s.*$
 aws_session_token\s+\=(\s+)?.+
 aws_access_key_id\s+\=(\s+)?.+
 aws_secret_access_key\s+\=(\s+)?.+
+

.github/dependabot.yml

@@ -1,6 +1,7 @@
+---
 version: 2
 updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
+  - package-ecosystem: github-actions
+    directory: /
     schedule:
-      interval: "weekly"
+      interval: weekly

.github/workflows/spell-check.yaml

@@ -23,12 +23,12 @@ jobs:
     steps:
       - name: check-spelling
         id: spelling
-        uses: check-spelling/[email protected].21
+        uses: check-spelling/[email protected].22
         with:
           suppress_push_for_open_pull_request: 1
           checkout: true
           post_comment: 0
-          dictionary_source_prefixes: '{"mondoo": "https://raw.githubusercontent.com/mondoohq/spellcheck-dictionary/main/", "cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20220816/dictionaries/"}'
+          dictionary_source_prefixes: '{"mondoo": "https://raw.githubusercontent.com/mondoohq/spellcheck-dictionary/main/", "cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20230509/dictionaries/"}'
           extra_dictionaries: cspell:aws/aws.txt
             cspell:filetypes/filetypes.txt
             cspell:software-terms/src/software-terms.txt
@@ -46,7 +46,7 @@ jobs:
     if: (success() || failure()) && needs.spelling.outputs.followup
     steps:
       - name: comment
-        uses: check-spelling/[email protected].21
+        uses: check-spelling/[email protected].22
         with:
           checkout: true
           task: ${{ needs.spelling.outputs.followup }}

README.md

@@ -23,18 +23,18 @@ To create a service account on Mondoo Platform:
 
 1. Log in to [Mondoo Platform](https://console.mondoo.com)
 2. Select the Space you want to integrate with your repository.
-3. Click on **Settings** and then **Service Accounts**.
-4. Click **ADD ACCOUNT**.
-5. Select the **Base64-encoded** checkbox, and then click on the **GENERATE NEW CREDENTIALS** button.
+3. Select **Settings** and then **Service Accounts**.
+4. Select **ADD ACCOUNT**.
+5. Select the **Base64-encoded** checkbox, and then select the **GENERATE NEW CREDENTIALS** button.
 6. Copy the base64 encoded credentials and then move on to the next section.
 
 ### Add new GitHub Actions Secrets
 
-1. Click on **Settings** in your GitHub repository.
-2. Under the **Security** section click on **Actions**.
-3. Click **New repository secret**.
+1. Select **Settings** in your GitHub repository.
+2. Under the **Security** section select **Actions**.
+3. Select **New repository secret**.
 4. Name the secret `MONDOO_SERVICE_ACCOUNT` and paste the base64 encoded credentials from the previous section into the value input.
-5. Click **Add secret**.
+5. Select **Add secret**.
 
 ## Examples Workflows
 

github-org/README.md

@@ -59,19 +59,19 @@ jobs:
 
 ## Using App Tokens
 
-GitHub implements an [aggressive API rate limit](https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting) which will impact organizational scans for orgs with a large number of repositories. Normal access tokens are limited to 5,000 requests per hour. By using a GitHub App Token you can increase this limit to 15,000 per hour.
+> GitHub implements an [aggressive API rate limit](https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting) which will impact organizational scans for orgs with a large number of repositories. Normal access tokens are limited to 5,000 requests per hour. By using a GitHub App Token you can increase this limit to 15,000 per hour.
 
 To leverage an App Token:
 
-1. As a GitHub Organization Owner, go to your Organizational Settings and then under "Developer Settings" select "GitHub Apps". The URL is `https://github.com/organizations/<org_name>/settings/apps`
-2. Click the _New GitHub App_ button
-3. Name the app what ever you like, we suggest "Mondoo Org Scan (Internal)" and give it a description
-4. Set the _Homepage URL_ to anything, we suggest "https://mondoo.com"
-5. Uncheck the "Active" button under "Webhook".
+1. As a GitHub Organization Owner, go to your Organizational Settings and then under "Developer Settings" select "GitHub Apps". The URL is `https://github.com/organizations/<org_name>/settings/apps`.
+2. Select **New GitHub App**.
+3. Name the app what ever you like, we suggest "Mondoo Org Scan (Internal)" and give it a description.
+4. Set the **Homepage URL** to anything, we suggest "https://mondoo.com".
+5. Uncheck the **Active** button under **Webhook**.
 6. Set the permissions for your Repo, Org and Account to allow Mondoo to scan the resources.
-7. Select the "Only on this account" button and then click "Create GitHub App" to finish.
-8. Record the App ID, then scroll down and click the "Generate a private key" button. This will download the private key that you will use later.
-9. Now, click "Install App" and then "Install" next to the Org your planning to scan. You can choose All Repositories or only the rep running this action, then click "Install".
+7. Select the **Only on this account** button and then select **Create GitHub App** to finish.
+8. Record the App ID, then scroll down and select the **Generate a private key** button. This will download the private key that you will use later.
+9. Now, select **Install App** and then **Install** next to the Org your planning to scan. You can choose All Repositories or only the rep running this action, then select **Install**.
 10. Finally, update your action to include the github-app-token action and use it's output token. This will require you to add the Apps ID and Private Key to Action Secrets. The new action will look like:
 
 ```

github-org/action.yaml

@@ -1,5 +1,5 @@
-name: "Mondoo Github Organization Action"
-description: "Scan Github organizations for misconfigurations with Mondoo"
+name: "Mondoo GitHub Organization Action"
+description: "Scan GitHub organizations for misconfigurations with Mondoo"
 branding:
   icon: "shield"
   color: "purple"

github-repo/action.yaml

@@ -1,5 +1,5 @@
-name: "Mondoo Github Repository Action"
-description: "Scan Github repository for misconfigurations with Mondoo"
+name: "Mondoo GitHub Repository Action"
+description: "Scan GitHub repository for misconfigurations with Mondoo"
 branding:
   icon: "shield"
   color: "purple"