📖 Fix spelling (#3804)

* spelling: accurate Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: administrator Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: analyze Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: andtwenty Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: ascii Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: association Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: at least Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: attestor Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: barbaric Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: bucket Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: by Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: can Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: case-insensitive Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: case-sensitive Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: checking Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: command-line Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: commit Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: committed Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: conclusion Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: corresponding Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: created Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: dataset Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: default Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: defines Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: dependabot Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: dependency Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: depending Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: desired Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: different Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: disclose Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: download Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: each Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: enforce Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: every time Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: exist Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: existing Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: fields Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: files Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: for Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: force-push Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: github Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: gitlab Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: ignoreed Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: implementation Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: implements Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: increase Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: indicates Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: initialized Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: instructions Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: invalid Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: marshal Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: match Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: name Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: nonexistent Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: organization Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: package Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: provenance Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: query Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: readers Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: receive Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: registered Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: remediate Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: representation Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: requests Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: requires Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: return Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: scorecard Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: separator Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: serialization Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: sign up Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: specifications Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: specified Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: success Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: successfully Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: the Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: their Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: twenty Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: unexpected Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: unused Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: unverified Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: validate Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: vendor Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: vulnerabilities Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: vulns Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: will Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: without Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: workflow Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: workflows Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --------- Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
ossf · Jan 26, 2024 · 3b94825 · 3b94825
1 parent da3e5ad
commit 3b94825
Show file tree

Hide file tree

Showing 109 changed files with 258 additions and 258 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -65,7 +65,7 @@ jobs:
     permissions:
       contents: read
     needs: docs_only_check
-    # ideally we put one "if" here, but due to how skipped matrix jobs work, we need one for each each step
+    # ideally we put one "if" here, but due to how skipped matrix jobs work, we need one for each step
     # https://github.com/orgs/community/discussions/9141
     steps:
      - name: Harden Runner

diff --git a/.github/workflows/scdiff.yml b/.github/workflows/scdiff.yml
@@ -30,7 +30,7 @@ jobs:
     if: ${{ (github.event.issue.pull_request) && (contains(github.event.comment.body, '/scdiff generate')) }}
     runs-on: [ubuntu-latest]
     steps:
-      - name: create file of repos to anlayze
+      - name: create file of repos to analyze
         run: |
           cat <<EOF > $HOME/repos.txt
           https://github.com/airbnb/lottie-web

diff --git a/Makefile b/Makefile
@@ -116,7 +116,7 @@ validate-projects: ./cron/internal/data/projects.csv | build-validate-script
 	./cron/internal/data/validate/validate ./cron/internal/data/gitlab-projects-releasetest.csv
 
 tree-status: | all-targets-update-dependencies ## Verify tree is clean and all changes are committed
-	# Verify the tree is clean and all changes are commited
+	# Verify the tree is clean and all changes are committed
 	./scripts/tree-status
 
 ###############################################################################
@@ -255,7 +255,7 @@ build-attestor-docker: ## Build scorecard-attestor Docker image
 build-attestor-docker:
 	DOCKER_BUILDKIT=1 docker build . --file attestor/Dockerfile \
 		--tag scorecard-attestor:latest \
-		--tag scorecard-atttestor:$(GIT_HASH)
+		--tag scorecard-attestor:$(GIT_HASH)
 
 TOKEN_SERVER_DEPS = $(shell find clients/githubrepo/roundtripper/tokens/ -iname "*.go")
 build-github-server: ## Build GitHub token server

diff --git a/README.md b/README.md
@@ -413,7 +413,7 @@ RESULTS
 |         |                        |                                | review dismissal enabled on    |                                                                           |
 |         |                        |                                | branch 'main' Info: Owner      |                                                                           |
 |         |                        |                                | review required on branch      |                                                                           |
-|         |                        |                                | 'main' Info: 'admininistrator' |                                                                           |
+|         |                        |                                | 'main' Info: 'administrator'   |                                                                           |
 |         |                        |                                | PRs need reviews before being  |                                                                           |
 |         |                        |                                | merged on branch 'main'        |                                                                           |
 |---------|------------------------|--------------------------------|--------------------------------|---------------------------------------------------------------------------|
@@ -559,7 +559,7 @@ risk level.
 ### Report Problems
 
 If you have what looks like a bug, please use the
-[Github issue tracking system.](https://github.com/ossf/scorecard/issues) Before
+[GitHub issue tracking system.](https://github.com/ossf/scorecard/issues) Before
 you file an issue, please search existing issues to see if your issue is already
 covered.
 

diff --git a/attestor/policy/attestation_policy.go b/attestor/policy/attestation_policy.go
@@ -120,7 +120,7 @@ func (ap *AttestationPolicy) EvaluateResults(raw *checker.RawResults) (PolicyRes
 
 	if ap.EnsureCodeReviewed {
 		// By default, if code review reqs. aren't specified, we assume
-		// the user wants there to be atleast one reviewer
+		// the user wants there to be at least one reviewer
 		if len(ap.CodeReviewRequirements.RequiredApprovers) == 0 &&
 			ap.CodeReviewRequirements.MinReviewers == 0 {
 			ap.CodeReviewRequirements.MinReviewers = 1

diff --git a/checker/raw_result.go b/checker/raw_result.go
@@ -331,7 +331,7 @@ type Run struct {
 	URL string
 }
 
-// ArchivedStatus definess the archived status.
+// ArchivedStatus defines the archived status.
 type ArchivedStatus struct {
 	Status bool
 	// TODO: add fields, e.g., date of archival.
@@ -348,7 +348,7 @@ type File struct {
 	// TODO: add hash.
 }
 
-// CIIBestPracticesData contains data foor CIIBestPractices check.
+// CIIBestPracticesData contains data for CIIBestPractices check.
 type CIIBestPracticesData struct {
 	Badge clients.BadgeLevel
 }

diff --git a/checks/dependency_update_tool.go b/checks/dependency_update_tool.go
@@ -23,7 +23,7 @@ import (
 	"github.com/ossf/scorecard/v4/probes/zrunner"
 )
 
-// CheckDependencyUpdateTool is the exported name for Automatic-Depdendency-Update.
+// CheckDependencyUpdateTool is the exported name for Dependency-Update-Tool.
 const CheckDependencyUpdateTool = "Dependency-Update-Tool"
 
 //nolint:gochecknoinits

diff --git a/checks/evaluation/branch_protection.go b/checks/evaluation/branch_protection.go
@@ -70,7 +70,7 @@ func BranchProtection(name string, dl checker.DetailLogger,
 		var score levelScore
 		b := r.Branches[i]
 
-		// Protected field only indates that the branch matches
+		// Protected field only indicates that the branch matches
 		// one `Branch protection rules`. All settings may be disabled,
 		// so it does not provide any guarantees.
 		protected := !(b.Protected != nil && !*b.Protected)
@@ -361,7 +361,7 @@ func adminThoroughReviewProtection(branch *clients.BranchRef, dl checker.DetailL
 
 	// nil typically means we do not have access to the value.
 	if branch.BranchProtectionRule.EnforceAdmins != nil {
-		// Note: we don't inrecase max possible score for non-admin viewers.
+		// Note: we don't increase max possible score for non-admin viewers.
 		max++
 		switch *branch.BranchProtectionRule.EnforceAdmins {
 		case true:

diff --git a/checks/evaluation/dangerous_workflow_test.go b/checks/evaluation/dangerous_workflow_test.go
@@ -56,7 +56,7 @@ func TestDangerousWorkflow(t *testing.T) {
 			},
 		},
 		{
-			name: "DangerousWorkflow - no worklflows",
+			name: "DangerousWorkflow - no workflows",
 			findings: []finding.Finding{
 				{
 					Probe:   "hasDangerousWorkflowScriptInjection",

diff --git a/checks/evaluation/pinned_dependencies.go b/checks/evaluation/pinned_dependencies.go
@@ -32,7 +32,7 @@ type pinnedResult struct {
 
 // Structure to host information about pinned github
 // or third party dependencies.
-type worklowPinningResult struct {
+type workflowPinningResult struct {
 	thirdParties pinnedResult
 	gitHubOwned  pinnedResult
 }
@@ -209,7 +209,7 @@ func PinningDependencies(name string, c *checker.CheckRequest,
 		return checker.CreateRuntimeErrorResult(name, e)
 	}
 
-	var wp worklowPinningResult
+	var wp workflowPinningResult
 	pr := make(map[checker.DependencyUseType]pinnedResult)
 	dl := c.Dlogger
 
@@ -269,7 +269,7 @@ func PinningDependencies(name string, c *checker.CheckRequest,
 	// Go through all dependency types
 	// GitHub Actions need to be handled separately since they are not in pr
 	scores = append(scores, createScoreForGitHubActionsWorkflow(&wp, dl)...)
-	// Only exisiting dependencies will be found in pr
+	// Only existing dependencies will be found in pr
 	// We will only score the ecosystem if there are dependencies
 	// This results in only existing ecosystems being included in the final score
 	for t := range pr {
@@ -300,10 +300,10 @@ func PinningDependencies(name string, c *checker.CheckRequest,
 
 func updatePinningResults(dependencyType checker.DependencyUseType,
 	outcome finding.Outcome, snippet *string,
-	wp *worklowPinningResult, pr map[checker.DependencyUseType]pinnedResult,
+	wp *workflowPinningResult, pr map[checker.DependencyUseType]pinnedResult,
 ) {
 	if dependencyType == checker.DependencyUseTypeGHAction {
-		// Note: `Snippet` contains `action/name@xxx`, so we cna use it to infer
+		// Note: `Snippet` contains `action/name@xxx`, so we can use it to infer
 		// if it's a GitHub-owned action or not.
 		gitHubOwned := fileparser.IsGitHubOwnedAction(*snippet)
 		addWorkflowPinnedResult(outcome, wp, gitHubOwned)
@@ -345,7 +345,7 @@ func addPinnedResult(outcome finding.Outcome, r *pinnedResult) {
 	r.total += 1
 }
 
-func addWorkflowPinnedResult(outcome finding.Outcome, w *worklowPinningResult, isGitHub bool) {
+func addWorkflowPinnedResult(outcome finding.Outcome, w *workflowPinningResult, isGitHub bool) {
 	if isGitHub {
 		addPinnedResult(outcome, &w.gitHubOwned)
 	} else {
@@ -359,7 +359,7 @@ func logPinnedResult(dl checker.DetailLogger, p pinnedResult, name string) {
 	})
 }
 
-func createScoreForGitHubActionsWorkflow(wp *worklowPinningResult, dl checker.DetailLogger,
+func createScoreForGitHubActionsWorkflow(wp *workflowPinningResult, dl checker.DetailLogger,
 ) []checker.ProportionalScoreWeighted {
 	if wp.gitHubOwned.total == 0 && wp.thirdParties.total == 0 {
 		return []checker.ProportionalScoreWeighted{}