From 94e1c299abfae9d62adca6734cf17c17854d90e7 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Thu, 14 Mar 2024 22:21:55 -0700 Subject: [PATCH] Update the spellcheck patterns - Catch more - Skip more Signed-off-by: Tim Smith --- .github/actions/spelling/expect.txt | 17 ---------- .../actions/spelling/line_forbidden.patterns | 5 +++ .github/actions/spelling/patterns.txt | 32 +++++++++++++++++-- 3 files changed, 34 insertions(+), 20 deletions(-) diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index cf7b3fd65..69f90a1cf 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -12,7 +12,6 @@ AKIAI AKIAIOSFODNN alswrv amazonses -AMIIBCg ampl anya APK @@ -32,14 +31,12 @@ autoscaler backupconfiguration badssm baf -BAQEFAAOCAQ bba bbeb bccbcb bdc bdn BGhg -Bgkqhki bigquery BJHy BMDH @@ -60,7 +57,6 @@ cdzrr Ceph certificatechains cfee -cffae cim classname clientid @@ -86,7 +82,6 @@ cyclonedx CYEXAMPLEKEY datacompute datapath -dbf dcea Ddos debconf @@ -106,13 +101,11 @@ efc efcfc Ehd eig -EIP EKfj ekm Ekoslaq enableforcedlogoff enablesecuritysignature -ENM ERXy Eso euleros @@ -123,7 +116,6 @@ externalsender EZel FAgb falsey -fbcaaa FBTJf FCAHd fcb @@ -155,7 +147,6 @@ hostkeys hvm iac iap -Iavfv Iiwic Ijoi IKTK @@ -173,11 +164,9 @@ jglt Jhb jira Jivv -jjnhz joq jsonbody JTi -KCAQEAx kembe KEYFILE keyout @@ -214,7 +203,6 @@ Metasploit mfs MFx MHNy -MIIBIj Mjk MKGQ mmvv @@ -304,14 +292,12 @@ sbom scim scsd Scz -sdc SECRETID SECRETVALUE securetty securityimages SEfirewall serviceprincipals -shm singlequeryargument sizeconstraintstatement skype @@ -337,7 +323,6 @@ testname testring testsuite tfblock -tmg tmpkqyme toplevel tpu @@ -380,7 +365,6 @@ xmna Xnp xoxb XPgk -xrl XRu Xsf xssmatchstatement @@ -407,4 +391,3 @@ ZXIt ZXJz zxkk Zzd -zzg diff --git a/.github/actions/spelling/line_forbidden.patterns b/.github/actions/spelling/line_forbidden.patterns index 65f84268f..174a68d93 100644 --- a/.github/actions/spelling/line_forbidden.patterns +++ b/.github/actions/spelling/line_forbidden.patterns @@ -638,3 +638,8 @@ # Reject duplicate words \s([A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})\s\g{-1}\s +# s.b. it's or its +\bits['’] + +# s.b. understand +\bunder stand\b diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt index 7442dac2b..75f0ac146 100644 --- a/.github/actions/spelling/patterns.txt +++ b/.github/actions/spelling/patterns.txt @@ -39,7 +39,7 @@ Key Vault Vault \broot root\b # AWS resources -(ami|subnet|vpc|sg)-[0-9a-fA-F]{17} +(ami|subnet|vpc|sg|fs)-[0-9a-fA-F]{17} # http and https URLs https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*) @@ -53,8 +53,8 @@ HKEY_[\w\\]* # mime types \bapplication\/\S* -# skip mql uids -uid:\s.*$ +# mql certificate IDs +certificate:\w* # ARN values \barn:\S* @@ -90,3 +90,29 @@ aws_secret_access_key\s+\=(\s+)?.+ # score score is valid in MQL docs score score +# macOS temp folders +/var/folders/\w\w/[+\w]+/(?:T|-Caches-)/ + +# ssh +(?:ssh-\S+|-nistp256) [-a-zA-Z=;:\/0-9+]{12,} + +# kubernetes object suffix +-[0-9a-f]{10}-\w{5}\s + +# sed regular expressions +sed 's/(?:[^/]*?[a-zA-Z]{3,}[^/]*?/){2} + +# UNIX device paths +\/dev\/\w* + +# AWS RDS instance types +db.\w{2}.\w* + +# uuid +[<({"'>][0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[<'"})>] + +# rsa private keys +MII[BCEJ]\w* + +# UID in MQL policy +- uid: \S*