diff --git a/.github/actions/spelling/excludes.txt b/.github/actions/spelling/excludes.txt index c013ab5..5977f03 100644 --- a/.github/actions/spelling/excludes.txt +++ b/.github/actions/spelling/excludes.txt @@ -1,50 +1,83 @@ # See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-excludes (?:^|/)(?i)COPYRIGHT (?:^|/)(?i)LICEN[CS]E +(?:^|/)3rdparty/ (?:^|/)go\.sum$ (?:^|/)package(?:-lock|)\.json$ +(?:^|/)Pipfile$ +(?:^|/)pyproject.toml +(?:^|/)requirements(?:-dev|-doc|-test|)\.txt$ (?:^|/)vendor/ ignore$ \.a$ \.ai$ +\.all-contributorsrc$ \.avi$ \.bmp$ \.bz2$ +\.cer$ +\.class$ +\.coveragerc$ +\.crl$ \.crt$ +\.csr$ \.dll$ +\.docx?$ +\.drawio$ \.DS_Store$ \.eot$ +\.eps$ \.exe$ \.gif$ +\.git-blame-ignore-revs$ \.gitattributes$ +\.gitkeep$ \.graffle$ \.gz$ \.icns$ \.ico$ +\.ipynb$ \.jar$ +\.jks$ \.jpe?g$ \.key$ \.lib$ \.lock$ \.map$ \.min\.. +\.mo$ \.mod$ \.mp[34]$ \.o$ \.ocf$ \.otf$ +\.p12$ +\.parquet$ \.pdf$ \.pem$ +\.pfx$ \.png$ \.psd$ +\.pyc$ +\.pylintrc$ +\.qm$ \.s$ -\.svg$ +\.sig$ +\.so$ +\.svgz?$ +\.sys$ +\.tar$ +\.tgz$ \.tiff?$ \.ttf$ \.wav$ \.webm$ \.webp$ \.woff2?$ +\.xcf$ +\.xlsx?$ +\.xpm$ +\.xz$ \.zip$ ^\.github/actions/spelling/ ^\Q.github/workflows/spelling.yml\E$ diff --git a/.github/actions/spelling/line_forbidden.patterns b/.github/actions/spelling/line_forbidden.patterns index d52a2b6..7d4f3e6 100644 --- a/.github/actions/spelling/line_forbidden.patterns +++ b/.github/actions/spelling/line_forbidden.patterns @@ -1,6 +1,32 @@ # Detect common combinations of valid words that are in fact invalid. # Useful for brand capitalizations +# +# Catch placeholder text +# + +\b[Ll]orem [Ii]psum\b + +# +# Terms to avoid +# + +# s.b. Allow list +\s[Ww]hitelist\b +\s[Ww]hitelisting\b +\s[Ww]hitelisted\b +\s[Ww]hite list\b +\s[Ww]hite listing\b +\s[Ww]hite listed\b + +# s.b. Block list +\s[Bb]lacklist\b +\s[Bb]lacklisting\b +\s[Bb]lacklisted\b +\s[Bb]lack list\b +\s[Bb]lack listing\b +\s[Bb]lack listed\b + # # Our Terms # @@ -10,40 +36,48 @@ \sMondoo platform\b # s.b. Compliance Hub -\scompliance hub\b -\sCompliance hubplatform\b +\s[Cc]ompliance hub\b + +# +# Compliance Terms +# + +# s.b. SOC 2 +\bSOC2\b + +# s.b. ISO 270001 +\bISO270001\b # # Industry Terms # # s.b. Side scanning -\bSidescanning\b -\bsidescanning\b +\b[Ss]idescanning\b # s.b. DevOps \bDev Ops\b \bDevops\b # s.b. SaaS -\bSaas\b -\bsaas\b +\b[Ss]aas\b # s.b. Docker Hub -\bDockerHub\b -\bDockerhub\b +\bDocker[Hh]ub\b # s.b. REST API -\bRest API\b -\brest API\b +\b[Rr]est API\b \brest api\b # s.b. DevSecOps -\bDevsecops\b +\bDevsec[Oo]ps\b # s.b. on-premises \bon-premise\b +# s.b. email +\be-mail\b + # # Product Names # @@ -104,6 +138,10 @@ \bRedHat\b \bRedhat\b +# s.b. EuroLinux +\bEurolinux\b +\bEuro Linux\b + # s.b. AlmaLinux \bAlma Linux\b @@ -115,6 +153,7 @@ # s.b. CircleCI \bCircleCi\b +\bCircle CI\b # s.b. AppArmor \bApparmor\b @@ -140,6 +179,39 @@ \bOpenssl\b \bopenSSL\b +# s.b. CloudBees +\b[Cc]loudbees\b + +# s.b. System76 +\bSystem 76\b + +# s.b. VirtualBox +\b[Vv]irtualbox\b +\bVirtual Box\b + +# s.b. SentinelOne +\bSentinal[Oo]ne\b +\bSentinelone\b +\bSentinal One\b + +# s.b. CrowdStrike +\bCrowd Strike\b +\b[Cc]rowdstrike\b + +# +# HashiCorp Products +# + +# s.b. HashiCorp +\bHashicorp\b + +# s.b. Terraform +\bTerraForm\b + +# s.b. Vagrantfile +\bVagrant file\b +\bVagrantFile\b + # # Microsoft Products # @@ -147,6 +219,14 @@ # s.b. Microsoft \bMicroSoft\b +# s.b. PowerPoint +\bPower Point\b +\bPowerpoint\b + +# s.b. OneNote +\bOne Note\b +\bOnenote\b + # s.b. Windows Server \bWindows server\b @@ -163,6 +243,25 @@ \bgroup policy object\b \bGroup Policy object\b +# s.b. Power BI +\bPowerBI\b + +# s.b. SharePoint +\bSharepoint\b +\bShare Point\b + +# s.b. BitLocker +\bBitlocker\b +\bbitLocker\b + +# s.b. VS Code +\bVSCode\b +\bVScode\b + +# s.b. LinkedIn +\bLinked In\b +\bLinkedin\b + # # VMware Products # @@ -200,13 +299,13 @@ # s.b. CloudFormation \bCloudformation\b +\bCloud Formation\b # s.b. CloudFront \bCloudfront\b # s.b. CloudHSM -\bCloudHsm\b -\bCloudhsm\b +\bCloud[Hh]sm\b # s.b. CloudSearch \bCloudsearch\b @@ -243,6 +342,9 @@ # s.b. CodeStar \bCodestar\b +# s.b. AWS Config +\bAWS config\b + # s.b. Copilot \bCoPilot\b @@ -265,6 +367,7 @@ # s.b. Fargate \bFarGate\b +\bFar Gate\b # s.b. FinSpace \bFinSpace\b @@ -281,6 +384,9 @@ # s.b. Honeycode \bHoneyCode\b +# s.b. Lambda +\bLamba\b + # s.b. Lightsail \bLightSail\b @@ -315,6 +421,9 @@ # s.b. SiteWise \bSitewise\b +# s.b. StackSets +\bStacksets\b + # s.b. WorkDocs \bWorkdocs\b @@ -325,11 +434,21 @@ # GCP Products # -# s.b. Pub/Sub -\bPubSub\b +# s.b. AlloyDB +\bAlloy DB\b -# s.b. Cloud SQL -\bCloudSQL\b +# s.b. AppEngine +\bApp Engine\b + +# s.b. BigLake +\bBig Lake\b + +# s.b. BigQuery +\bBig Query\b + +# s.b. Cloud Build +\bCloudBuild\b +\bCloud build\b # s.b. Cloud CDN \bCloudCDN\b @@ -337,67 +456,60 @@ # s.b. Cloud Functions \bCloud functions\b -# s.b. Vertex AI -\bVertexAI\b +# s.b. Cloud Run +\bCloudRun\b +\bCloud run\b -# s.b. Dialogflow -\bDialogFlow\b +# s.b. Cloud SQL +\bCloudSQL\b + +# s.b. Compute Engine +\bComputeEngine\b +\bCompute engine\b # s.b. Dataplex \bDataPlex\b -# s.b. BigLake -\bBig Lake\b +# s.b. Datastream +\bDataStream\b +\bData Stream\b -# s.b. AlloyDB -\bAlloy DB\b +# s.b. Dialogflow +\bDialogFlow\b # s.b. Firestore \bFireStore\b -# s.b. Datastream -\bDataStream\b -\bData Stream\b +# s.b. gVNIC +\bGVNIC\b + +# s.b. Knative +\bKNative\b # s.b. Memorystore \bMemoryStore\b \bMemory Store\b +# s.b. Pub/Sub +\bPubSub\b + # s.b. TensorFlow \bTensor Flow\b -# s.b. AppEngine -\bApp Engine\b - -# s.b. AppEngine -\bApp Engine\b - -# s.b. Compute Engine -\bComputeEngine\b -\bCompute engine\b +# s.b. Vertex AI +\bVertexAI\b # s.b. VMware Engine \bVMware engine\b \bVMWare Engine\b -# s.b. Knative -\bKNative\b - -# s.b. BigQuery -\bBig Query\b - -# s.b. Cloud Build -\bCloudBuild\b -\bCloud build\b - -# s.b. Cloud Run -\bCloudRun\b -\bCloud run\b - # # Azure Products # +# s.b. Azure Pipelines +\bAzure DevOps Pipelines\b + # s.b. Key Vault \bKey vault\b \bKeyVault\b @@ -523,3 +635,11 @@ # Reject duplicate words \s([A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})\s\g{-1}\s +# s.b. it's or its +\bits['’] + +# s.b. understand +\bunder stand\b + +# find spaces before a comma +( )+, diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt index 3c3a1d4..75f0ac1 100644 --- a/.github/actions/spelling/patterns.txt +++ b/.github/actions/spelling/patterns.txt @@ -39,7 +39,7 @@ Key Vault Vault \broot root\b # AWS resources -(ami|subnet|vpc|sg)-[0-9a-fA-F]{17} +(ami|subnet|vpc|sg|fs)-[0-9a-fA-F]{17} # http and https URLs https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*) @@ -53,8 +53,8 @@ HKEY_[\w\\]* # mime types \bapplication\/\S* -# skip mql uids -uid:\s.*$ +# mql certificate IDs +certificate:\w* # ARN values \barn:\S* @@ -66,3 +66,53 @@ uid:\s.*$ aws_session_token\s+\=(\s+)?.+ aws_access_key_id\s+\=(\s+)?.+ aws_secret_access_key\s+\=(\s+)?.+ + +# PGP +\b(?:[0-9A-F]{4} ){9}[0-9A-F]{4}\b +# GPG keys +\b(?:[0-9A-F]{4} ){5}(?: [0-9A-F]{4}){5}\b + +# uuid +\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b + +# curl arguments +\b(?:\\n|)curl(?:\s+-[a-zA-Z]{1,2}\b)*(?:\s+-[a-zA-Z]{3,})(?:\s+-[a-zA-Z]+)* + +# set arguments +\bset(?:\s+-[abefimouxE]{1,2})*\s+-[abefimouxE]{3,}(?:\s+-[abefimouxE]+)* + +# tar arguments +\b(?:\\n|)g?tar(?:\.exe|)(?:(?:\s+--[-a-zA-Z]+|\s+-[a-zA-Z]+|\s[ABGJMOPRSUWZacdfh-pr-xz]+\b)(?:=[^ ]*|))+ + +# file permissions +['"`\s][-bcdLlpsw](?:[-r][-w][-Ssx]){2}[-r][-w][-SsTtx]\+?['"`\s] + +# score score is valid in MQL docs +score score + +# macOS temp folders +/var/folders/\w\w/[+\w]+/(?:T|-Caches-)/ + +# ssh +(?:ssh-\S+|-nistp256) [-a-zA-Z=;:\/0-9+]{12,} + +# kubernetes object suffix +-[0-9a-f]{10}-\w{5}\s + +# sed regular expressions +sed 's/(?:[^/]*?[a-zA-Z]{3,}[^/]*?/){2} + +# UNIX device paths +\/dev\/\w* + +# AWS RDS instance types +db.\w{2}.\w* + +# uuid +[<({"'>][0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[<'"})>] + +# rsa private keys +MII[BCEJ]\w* + +# UID in MQL policy +- uid: \S* diff --git a/.github/actions/spelling/reject.txt b/.github/actions/spelling/reject.txt index 122f5ad..2a34fd6 100644 --- a/.github/actions/spelling/reject.txt +++ b/.github/actions/spelling/reject.txt @@ -1,5 +1,6 @@ ad-hoc ^attache$ +^bellow$ benefitting occurences? ^dependan.*