Spelling #3083
Spelling #3083
Conversation
|
I’ll dig into this further and make a checklist (as we did with the previous round) tomorrow. |
|
There are definitely some paths that are third party and should be excluded, what’s the best way to deal with that? |
|
Give me a list, I'll add them to excludes and I'll rebase to drop them. Also, if you can identify the source, I can queue fixing them too. |
|
Better split the commits per add-on rather than word, the changelogs should be updated. |
|
Exclusions:
For the third I don't think there's anywhere else to submit the fixes, for the second you could submit them (if any) here: https://github.com/veggiespam/ImageLocationScanner |
|
@kingthorin I've dropped both things. I've forked the imagelocationscanner, and I don't think that this code: is present there. Afaict, src.com.fasteasytrade.jrandtest was http://jrandtest.sourceforge.net/ in 2005. I can't find Zur Aougav on the internet after 2005... There was a fork in 2012 for a few dozen cleanup commits by @cryptopony / @joe-invincible: https://github.com/cryptopony/jrandtest I can't find any activity for this entity post 2012. |
|
For ILS my main concern was that https://github.com/zaproxy/zap-extensions/blob/main/addOns/imagelocationscanner/src/main/java/com/veggiespam/imagelocationscanner/ILS.java is sourced from https://github.com/veggiespam/ImageLocationScanner/blob/master/src/com/veggiespam/imagelocationscanner/ILS.java. OH I think I buggered up the path earlier, it seems to have an extra leading "imagelocationscanner".....sorry! |
* currency * inferring * successfully Signed-off-by: Josh Soref <[email protected]>
* not tested * occurred Signed-off-by: Josh Soref <[email protected]>
* exception Signed-off-by: Josh Soref <[email protected]>
|
For my reference, I used something approximating this to split this PR: a=$(git status|grep modified:|head -1|perl -pne 's{^\s*modified:\s*([^/]+/[^/]+).*}{$1}');
git add $a;
git commit -m 'spelling: '$a'
'"$(git log --oneline --graph main..jsoref/spelling -- $a|sort -k3|perl -pne 's/.*:/*/')"'
Signed-off-by: Josh Soref <[email protected]>'; |
|
Thanks @jsoref! |
$ for ADDON in `git log -51 --pretty=oneline|cut -d' ' -f3|tac`; do echo "- [ ] $ADDON";done
|
|
I got through the A section, will try to do more tomorrow. |
addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/PathTraversalScanRule.java
Outdated
Show resolved
Hide resolved
|
I've made it through the Rs. Hopefully more later this evening, or tomorrow. |
|
For reference, the name thing was me picking poorly to match the more common instance (common because each translation had the spelling): https://github.com/zaproxy/zap-extensions/compare/e714b2de23dffdd2ab924ba35a3969dbe620a0d2..c32b107189f75708155ac4a977e7fa2fc49fe74e#diff-ed10369a90a008893244ea3c7bbe8839bccee40d462eb2ca2a9f0319f901f024L17 |
|
The build/test failure can be fixed via: diff --git a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/PathTraversalScanRuleUnitTest.java b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/PathTraversalScanRuleUnitTest.java
index 1db9fd37b..afae3253a 100644
--- a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/PathTraversalScanRuleUnitTest.java
+++ b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/PathTraversalScanRuleUnitTest.java
@@ -374,7 +374,7 @@ class PathTraversalScanRuleUnitTest extends ActiveScannerTest<PathTraversalScanR
@Override
protected Response serve(IHTTPSession session) {
String value = getFirstParamValue(session, param);
- if (value.equals("thishouldnonexistentandhopefullyitwillnot") && passInitialCheck) {
+ if (value.equals("ThisShouldNotExistAndHopefullyItWillNot") && passInitialCheck) {
return newFixedLengthResponse("Error");
}
return newFixedLengthResponse(content);
|
|
I've made it through everything and updated earlier checklist comments/entries. |
I've dropped |
* access * criteria * datadoesnotexist * earlier * expression * for our * initial * launch * reflected * response * should * stripped * targeted * vulnerabilities Signed-off-by: Josh Soref <[email protected]>
* abcdefghijklmnopqrstuvwxyz * boolean * empty * forwarded * implementation * internationalization * logs * parentheses * penetration * threshold Signed-off-by: Josh Soref <[email protected]>
* 0123456789 * abcdefghijklmnopqrstuvwxyz * analyzed * attack * attribute * comparison * concurrency * consecutive * constructor * entry * heartbeat * hirshberg * identifiable * language * length * management * mysql * naive * nonexistentfilemsg * nonexistentparentmsg * padding * param * query * read * remote * repositories * response * specific * successfully * vulnerabilities Signed-off-by: Josh Soref <[email protected]>
* lock * unsuccessful Signed-off-by: Josh Soref <[email protected]>
* additional * contexts * extension * include * pending * pluggable * progress * threshold * unknown Signed-off-by: Josh Soref <[email protected]>
|
When I said ‘drop the word altogether’ I meant the word in that sentence (it didn’t need input, inputted, etc at all it made sense without it). However if you think dropping it totally is a good move too then I’m fine with that. |
|
fuzzdb-project/fuzzdb#201 (I didn't cross check to confirm that everything from this PR is in there, I probably should, but ...) |
|
Hi @jsoref, just so you know I'm going to work on breaking this up/cherry picking parts and getting them merged. As you can see here there's quite a few conflicts from the code moving along, which is fine but I'd like to get a bunch of this done where it isn't controversial. As I work through things I'll try to maintain your authorship in the git info and create the PRs myself (so don't be surprised if you get notifications that seem slightly confusing 😉 ) |
|
I'm absolutely fine w/ that. And I don't particularly care about losing attribution. My general goal is to not run into spelling errors when I'm using programs or their documentation or their samples or their derivatives or suffer from their consequences when trying to debug problems stemming from them. Thanks for taking this on. |
|
How many more batches are pending? |
|
Umm probably two. I haven’t looked deeply yet. But still need to tackle the 6 rule add-ons. |
|
I believe this can be closed now.
|
|
Thank you both again! |
|
I'm going to run a new pass to see how things went, there are a couple of places where it looks like whitespace wrapping appears to be harsher than it should have been. |
Could you provide an example? |
|
That might have been me manually wrapping things, if you're referring to HTML. |
|
Oh I suspect that's just spotlessApply wrapping to length but not being able to consider context. (Ex: Pulling up/back the following line) |
|
Yeah, it felt like a robot. |
|
So, check-spelling is tunable, but w/ some default settings, here are the special things it doesn't like: The list comes from files that aren't excluded and text in lines that isn't matched by a pattern. I don't have any time left for the day. I suspect that means I won't look further until spring... beyond that, here are some leftovers from this PR that seem like they might want to be consumed: |
Why? That doesn't have to be spelt correctly (and I'd argue being as is is less likely to exist than if it was correctly spelt). |
|
@jsoref thanks for running things again. I'll fire in another PR with a few tweaks as I go through things. |
This PR corrects misspellings identified by the check-spelling action.
The misspellings have been reported at jsoref@c6de09c#commitcomment-55052899
The action reports that the changes in this PR would make it happy: jsoref@2a5bd29
Note: this PR does not include the action. If you're interested in running a spell check on every PR and push, that can be offered separately.