Fix typos and add Codespell GitHub Actions

kianmeng · kianmeng · commit dd72f4593b08 · 2022-06-22T21:58:10.000+08:00
diff --git a/.codespellignore b/.codespellignore
@@ -0,0 +1,4 @@
+deriver
+exampel
+failer
+spawnve
diff --git a/bin/lint b/bin/lint
@@ -11,6 +11,7 @@ export LANG="${ENCODING:-en_US.UTF-8}"
 set -x
 
 # Actually run our tests.
+python -m codespell_lib -S "*.po,*.js,*.json,*.svg,*.scss" -I .codespellignore
 python -m flake8 .
 python -m black --check *.py warehouse/ tests/
 python -m isort --check *.py warehouse/ tests/
diff --git a/docs/development/malware-checks.rst b/docs/development/malware-checks.rst
@@ -59,7 +59,7 @@ directory, and exported from ``__init__.py``. The checks in
 `tests/common/checks/`_ can serve as templates for developing new checks. Simply
 copy/paste the desired check template into `warehouse/malware/checks/`_ and edit
 the `dunder init file`_ to get started. Complex checks that consist of more than
-a signle file should be housed in a subdirectory of `warehouse/malware/checks/`_.
+a single file should be housed in a subdirectory of `warehouse/malware/checks/`_.
 
 All malware check classes should inherit from
 ``warehouse.malware.checks.base.MalwareCheckBase``, define a `scan` method, and
@@ -88,7 +88,7 @@ the following ``kwargs`` for ``"event_hook"`` checks:
 * ``file_url``: the file url when the ``hooked_object`` is a ``File``
 
 All verdicts **must** be associated with a particular object. For
-``"event_hook"`` checks, the ``obj_id`` should be propogated to verdicts
+``"event_hook"`` checks, the ``obj_id`` should be propagated to verdicts
 generated by that check. The `MalwareVerdict model`_ contains more information
 about required and optional verdict fields.
 
diff --git a/docs/development/token-scanning.rst b/docs/development/token-scanning.rst
@@ -33,7 +33,7 @@ GitHub's Token scanning feature used to be called "Token Scanning" and is now
 "Secret Scanning". You may find the 2 names. GitHub scans public commits with
 the regex above (actually the limit to at least 130 characters long). For all
 tokens identified within a "push" event, they send us reports in bulk. The
-format is explained thouroughly in `their doc
+format is explained thoroughly in `their doc
 <https://docs.github.com/en/developers/overview/secret-scanning>`_ as well as
 in the `warehouse implementation ticket
 <https://github.com/pypa/warehouse/issues/6051>`_.
diff --git a/requirements/lint.in b/requirements/lint.in
@@ -23,3 +23,4 @@ types-requests
 types-setuptools
 types-sqlalchemy-utils
 types-stdlib-list
+codespell
diff --git a/requirements/lint.txt b/requirements/lint.txt
@@ -51,6 +51,10 @@ click==8.1.3 \
     # via
     #   black
     #   curlylint
+codespell==2.1.0 \
+    --hash=sha256:19d3fe5644fef3425777e66f225a8c82d39059dcfe9edb3349a8a2cf48383ee5 \
+    --hash=sha256:b864c7d917316316ac24272ee992d7937c3519be4569209c5b60035ac5d569b5
+    # via -r requirements/lint.in
 curlylint==0.13.1 \
     --hash=sha256:008b9d160f3920404ac12efb05c0a39e209cb972f9aafd956b79c5f4e2162752 \
     --hash=sha256:9546ea82cdfc9292fd6fe49dca28587164bd315782a209c0a46e013d7f38d2fa
diff --git a/tests/frontend/setup.js b/tests/frontend/setup.js
@@ -40,7 +40,7 @@ import "@babel/polyfill";
 // Monkeypatch the global fetch API
 fetch = require("jest-fetch-mock");  // eslint-disable-line no-global-assign
 
-// Make TextEncoder and cryto available in the global scope
+// Make TextEncoder and crypto available in the global scope
 // in the same way as in a browser environment
 window.TextEncoder = require("util").TextEncoder;
 const WebCrypto = require("node-webcrypto-ossl");
diff --git a/tests/unit/email/test_init.py b/tests/unit/email/test_init.py
@@ -420,7 +420,7 @@ def test_send_admin_new_organization_requested_email(
         admin_user = pretend.stub(
             id="admin",
             username="admin",
-            name="PyPI Adminstrator",
+            name="PyPI Administrator",
             email="admin@pypi.org",
             primary_email=pretend.stub(email="admin@pypi.org", verified=True),
         )
@@ -524,7 +524,7 @@ def test_send_admin_new_organization_approved_email(
         admin_user = pretend.stub(
             id="admin",
             username="admin",
-            name="PyPI Adminstrator",
+            name="PyPI Administrator",
             email="admin@pypi.org",
             primary_email=pretend.stub(email="admin@pypi.org", verified=True),
         )
@@ -628,7 +628,7 @@ def test_send_admin_new_organization_declined_email(
         admin_user = pretend.stub(
             id="admin",
             username="admin",
-            name="PyPI Adminstrator",
+            name="PyPI Administrator",
             email="admin@pypi.org",
             primary_email=pretend.stub(email="admin@pypi.org", verified=True),
         )
diff --git a/tests/unit/integration/github/test_utils.py b/tests/unit/integration/github/test_utils.py
@@ -52,7 +52,7 @@ def test_invalid_token_leak_request():
         ),
         (
             {"type": "failer", "token": "a", "url": "b"},
-            "Cannot extract token from recieved match",
+            "Cannot extract token from received match",
             "extraction",
         ),
     ],
@@ -594,7 +594,7 @@ def metrics_increment(key):
         origin="github",
     )
     assert metrics == {
-        "warehouse.token_leak.github.recieved": 1,
+        "warehouse.token_leak.github.received": 1,
         "warehouse.token_leak.github.processed": 1,
         "warehouse.token_leak.github.valid": 1,
     }
@@ -637,7 +637,7 @@ def metrics_increment(key):
         origin="github",
     )
     assert metrics == {
-        "warehouse.token_leak.github.recieved": 1,
+        "warehouse.token_leak.github.received": 1,
         "warehouse.token_leak.github.error.format": 1,
     }
 
@@ -667,7 +667,7 @@ def metrics_increment(key):
         origin="github",
     )
     assert metrics == {
-        "warehouse.token_leak.github.recieved": 1,
+        "warehouse.token_leak.github.received": 1,
         "warehouse.token_leak.github.error.invalid": 1,
     }
 
diff --git a/tests/unit/integration/vulnerabilities/osv/test_views.py b/tests/unit/integration/vulnerabilities/osv/test_views.py
@@ -169,7 +169,7 @@ def find_service(self, *a, **k):
         assert response.status_int == 400
         assert metrics == {
             (
-                "warehouse.vulnerabilties.error.payload.json_error",
+                "warehouse.vulnerabilities.error.payload.json_error",
                 ("origin:osv",),
             ): 1,
         }
diff --git a/tests/unit/macaroons/test_security_policy.py b/tests/unit/macaroons/test_security_policy.py
@@ -263,7 +263,7 @@ def test_permits_valid_macaroon(self, monkeypatch):
 
     @pytest.mark.parametrize(
         "invalid_permission",
-        ["admin", "moderator", "manage:user", "manage:project", "nonexistant"],
+        ["admin", "moderator", "manage:user", "manage:project", "nonexistent"],
     )
     def test_denies_valid_macaroon_for_incorrect_permission(
         self, monkeypatch, invalid_permission
diff --git a/tests/unit/macaroons/test_services.py b/tests/unit/macaroons/test_services.py
@@ -84,7 +84,7 @@ def test_find_from_raw(self, user_service, macaroon_service):
         "raw_macaroon",
         [
             "pypi-aaaa",  # Invalid macaroon
-            # Macaroon properly formatted but not found. The string is purposedly cut to
+            # Macaroon properly formatted but not found. The string is purposely cut to
             # avoid triggering the github token disclosure feature that this very
             # function implements.
             "py"
diff --git a/warehouse/admin/views/verdicts.py b/warehouse/admin/views/verdicts.py
@@ -118,7 +118,7 @@ def validate_fields(request, validators):
 
 def generate_query(db, params):
     """
-    Returns an SQLAlchemy query wth request params applied as filters.
+    Returns an SQLAlchemy query with request params applied as filters.
     """
     query = db.query(MalwareVerdict)
     if params.get("check_name"):
diff --git a/warehouse/email/services.py b/warehouse/email/services.py
@@ -80,7 +80,7 @@ def send(self, recipient, message):
         )
 
     def last_sent(self, to, subject):
-        # We don't store previously sent emails, so nothing to comapre against
+        # We don't store previously sent emails, so nothing to compare against
         return None
 
 
diff --git a/warehouse/i18n/__init__.py b/warehouse/i18n/__init__.py
@@ -27,7 +27,7 @@
         "fr",  # French
         "ja",  # Japanese
         "pt_BR",  # Brazilian Portugeuse
-        "uk",  # Ukranian
+        "uk",  # Ukrainian
         "el",  # Greek
         "de",  # German
         "zh_Hans",  # Simplified Chinese
diff --git a/warehouse/integrations/github/utils.py b/warehouse/integrations/github/utils.py
@@ -104,7 +104,7 @@ def from_api_record(cls, record, *, matchers=TOKEN_LEAK_MATCHERS):
             extracted_token = matcher.extract(record["token"])
         except ExtractionFailedError:
             raise InvalidTokenLeakRequestError(
-                "Cannot extract token from recieved match", reason="extraction"
+                "Cannot extract token from received match", reason="extraction"
             )
 
         return cls(
@@ -217,7 +217,7 @@ def _analyze_disclosure(request, disclosure_record, origin):
 
     metrics = request.find_service(IMetricsService, context=None)
 
-    metrics.increment(f"warehouse.token_leak.{origin}.recieved")
+    metrics.increment(f"warehouse.token_leak.{origin}.received")
 
     try:
         disclosure = TokenLeakDisclosureRequest.from_api_record(
diff --git a/warehouse/integrations/vulnerabilities/osv/views.py b/warehouse/integrations/vulnerabilities/osv/views.py
@@ -53,7 +53,7 @@ def report_vulnerabilities(request):
         vulnerability_reports = request.json_body
     except json.decoder.JSONDecodeError:
         metrics.increment(
-            "warehouse.vulnerabilties.error.payload.json_error", tags=["origin:osv"]
+            "warehouse.vulnerabilities.error.payload.json_error", tags=["origin:osv"]
         )
         return Response(status=400)
 
diff --git a/warehouse/legacy/api/json.py b/warehouse/legacy/api/json.py
@@ -164,7 +164,7 @@ def json_release(release, request):
         for r, fs in releases.items()
     }
 
-    # Serialize a list of vulnerabilties for this release
+    # Serialize a list of vulnerabilities for this release
     vulnerabilities = [
         {
             "id": vulnerability_record.id,
diff --git a/warehouse/macaroons/services.py b/warehouse/macaroons/services.py
@@ -99,7 +99,7 @@ def find_userid(self, raw_macaroon):
 
     def find_from_raw(self, raw_macaroon):
         """
-        Returns a DB macaroon matching the imput, or raises InvalidMacaroonError
+        Returns a DB macaroon matching the input, or raises InvalidMacaroonError
         """
         m = self._deserialize_raw_macaroon(raw_macaroon)
         dm = self.find_macaroon(m.identifier.decode())
diff --git a/warehouse/malware/checks/setup_patterns/setup_py_rules.yara b/warehouse/malware/checks/setup_patterns/setup_py_rules.yara
@@ -121,7 +121,7 @@ rule networking_in_setup {
 
 /* Patterns that indicate or suggest an attempt to deserialize data.
  *
- * These indicators are clasified as "indeterminate" to reflect that some
+ * These indicators are classified as "indeterminate" to reflect that some
  * legitimate use cases may exist.
  */
 rule deserialization_in_setup {
@@ -146,7 +146,7 @@ rule deserialization_in_setup {
 
 /* Patterns that indicate or suggest an attempt to perform metaprogramming.
  *
- * These indicators are clasified as "indeterminate" to reflect that some
+ * These indicators are classified as "indeterminate" to reflect that some
  * legitimate use cases may exist.
  */
 rule metaprogramming_in_setup {
diff --git a/warehouse/migrations/versions/1ce6d45d7ef_readd_the_unique_constraint_on_pep426_.py b/warehouse/migrations/versions/1ce6d45d7ef_readd_the_unique_constraint_on_pep426_.py
@@ -10,7 +10,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 """
-readd the unique constraint on pep426 normalization
+re-add the unique constraint on pep426 normalization
 
 Revision ID: 1ce6d45d7ef
 Revises: 23a3c4ffe5d
diff --git a/warehouse/predicates.py b/warehouse/predicates.py
@@ -38,9 +38,7 @@ def __call__(self, info, request):
 class HeadersPredicate:
     def __init__(self, val: List[str], config):
         if not val:
-            raise ConfigurationError(
-                "Excpected at least one value in headers predicate"
-            )
+            raise ConfigurationError("Expected at least one value in headers predicate")
 
         self.sub_predicates = [
             predicates.HeaderPredicate(subval, config) for subval in val
diff --git a/warehouse/rate_limiting/__init__.py b/warehouse/rate_limiting/__init__.py
@@ -102,7 +102,7 @@ def resets_in(self, *identifiers):
             reset = datetime.fromtimestamp(resets_at, tz=timezone.utc)
 
             # If our current datetime is either greater than or equal to when
-            # the limit resets, then we will skipp it since it has either
+            # the limit resets, then we will skip it since it has either
             # already reset, or it is resetting now.
             if current >= reset:
                 continue
diff --git a/warehouse/static/sass/blocks/_centered-heading.scss b/warehouse/static/sass/blocks/_centered-heading.scss
@@ -13,7 +13,7 @@
  */
 
 /*
-  A heading aligned in the center, with a sub title and horziontal rule:
+  A heading aligned in the center, with a sub title and horizontal rule:
 
   <div class="centered-heading">
     <h1 class="centered-heading__title">Title</h1>
diff --git a/warehouse/static/sass/blocks/_lede-paragraph.scss b/warehouse/static/sass/blocks/_lede-paragraph.scss
@@ -13,7 +13,7 @@
  */
 
 /*
-  A lede paragaph.  Use to highlight important sections in the text.
+  A lede paragraph.  Use to highlight important sections in the text.
 
   <p class="lede-paragraph">I will be larger than my counterparts</p>
 */
diff --git a/warehouse/static/sass/tools/bourbon/functions/_is-light.scss b/warehouse/static/sass/tools/bourbon/functions/_is-light.scss
@@ -15,7 +15,7 @@
 
 @charset "UTF-8";
 
-/// Programatically determines whether a color is light or dark.
+/// Programmatically determines whether a color is light or dark.
 ///
 /// @link http://robots.thoughtbot.com/closer-look-color-lightness
 ///
diff --git a/warehouse/static/sass/tools/bourbon/functions/_transition-property-name.scss b/warehouse/static/sass/tools/bourbon/functions/_transition-property-name.scss
@@ -27,7 +27,7 @@
 }
 
 @function transition-property-name($prop, $vendor: false) {
-  // put other properties that need to be prefixed here aswell
+  // put other properties that need to be prefixed here as well
   @if $vendor and $prop == transform {
     @return unquote('-'+$vendor+'-'+$prop);
   }
diff --git a/warehouse/static/sass/tools/neat/grid/_span-columns.scss b/warehouse/static/sass/tools/neat/grid/_span-columns.scss
@@ -27,7 +27,7 @@
 ///   `$columns` also accepts decimals for when it's necessary to break out of the standard grid. E.g. Passing `2.4` in a standard 12 column grid will divide the row into 5 columns.
 ///
 /// @param {String} $display [block]
-///   Sets the display property of the element. By default it sets the display propert of the element to `block`.
+///   Sets the display property of the element. By default it sets the display property of the element to `block`.
 ///
 ///   If passed `block-collapse`, it also removes the margin gutter by adding it to the element width.
 ///
diff --git a/warehouse/templates/email/token-compromised-leak/body.html b/warehouse/templates/email/token-compromised-leak/body.html
@@ -51,7 +51,7 @@ <h3>How do you know this?</h3>
 <p>
   This is an automated message. Our partner {{ origin }} analyzes all the data it
   receives for unintentional {{ site_name }} token publications and warns us every time
-  it finds one. We check every disclosure we recieve and take action when the token
+  it finds one. We check every disclosure we receive and take action when the token
   appears
   valid.
 </p>
diff --git a/warehouse/templates/email/token-compromised-leak/body.txt b/warehouse/templates/email/token-compromised-leak/body.txt
@@ -48,7 +48,7 @@ How do you know this?
 
 This is an automated message. Our partner {{ origin }} analyzes all the data it receives
 for unintentional {{ site_name }} token publications and warns us every time it finds
-one. We check every disclosure we recieve and take action when the token appears valid.
+one. We check every disclosure we receive and take action when the token appears valid.
 
 For more information, see our FAQ at {{ request.help_url(_anchor='compromised-token') }}
 

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +deriver
 +exampel
 +failer
 +spawnve
Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@ def test_invalid_token_leak_request():`
`52`	`52`	`),`
`53`	`53`	`(`
`54`	`54`	`{"type": "failer", "token": "a", "url": "b"},`
`55`		`- "Cannot extract token from recieved match",`
	`55`	`+ "Cannot extract token from received match",`
`56`	`56`	`"extraction",`
`57`	`57`	`),`
`58`	`58`	`],`
`@@ -594,7 +594,7 @@ def metrics_increment(key):`
`594`	`594`	`origin="github",`
`595`	`595`	`)`
`596`	`596`	`assert metrics == {`
`597`		`- "warehouse.token_leak.github.recieved": 1,`
	`597`	`+ "warehouse.token_leak.github.received": 1,`
`598`	`598`	`"warehouse.token_leak.github.processed": 1,`
`599`	`599`	`"warehouse.token_leak.github.valid": 1,`
`600`	`600`	`}`
`@@ -637,7 +637,7 @@ def metrics_increment(key):`
`637`	`637`	`origin="github",`
`638`	`638`	`)`
`639`	`639`	`assert metrics == {`
`640`		`- "warehouse.token_leak.github.recieved": 1,`
	`640`	`+ "warehouse.token_leak.github.received": 1,`
`641`	`641`	`"warehouse.token_leak.github.error.format": 1,`
`642`	`642`	`}`
`643`	`643`
`@@ -667,7 +667,7 @@ def metrics_increment(key):`
`667`	`667`	`origin="github",`
`668`	`668`	`)`
`669`	`669`	`assert metrics == {`
`670`		`- "warehouse.token_leak.github.recieved": 1,`
	`670`	`+ "warehouse.token_leak.github.received": 1,`
`671`	`671`	`"warehouse.token_leak.github.error.invalid": 1,`
`672`	`672`	`}`
`673`	`673`
Original file line number	Diff line number	Diff line change
`@@ -169,7 +169,7 @@ def find_service(self, a, *k):`
`169`	`169`	`assert response.status_int == 400`
`170`	`170`	`assert metrics == {`
`171`	`171`	`(`
`172`		`- "warehouse.vulnerabilties.error.payload.json_error",`
	`172`	`+ "warehouse.vulnerabilities.error.payload.json_error",`
`173`	`173`	`("origin:osv",),`
`174`	`174`	`): 1,`
`175`	`175`	`}`