Skip to content

Commit ad383ac

Browse files
vparfonovclaude
authored andcommitted
Replace check-spelling with crate-ci/typos for spell checking
The check-spelling action (v0.0.26) is no longer maintained due to a security incident affecting the maintainer's account. Replace with crate-ci/typos (v1.33.1), a maintained Rust-based spell checker. Changes: - Replace dead check-spelling@v0.0.26 with crate-ci/typos@v1.33.1 - Add _typos.toml config with same word allowlist as previous setup - Make spell check non-blocking (continue-on-error: true) since code is open source and all issues are publicly visible anyway - Fix typo: rate-lmiting → rate-limiting in Go source and generated docs Note: typos does not support SARIF output, so findings will only appear in workflow logs instead of GitHub's Security tab dashboard. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
1 parent d2691e4 commit ad383ac

6 files changed

Lines changed: 142 additions & 27 deletions

File tree

Lines changed: 130 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,130 @@
1+
[files]
2+
extend-exclude = [
3+
"vendor/",
4+
".bingo/",
5+
".github/actions/spelling/",
6+
"bundle/",
7+
"*.go",
8+
"*.yaml",
9+
"*.yml",
10+
"*.json",
11+
"*.sh",
12+
"*.bash",
13+
"*.toml",
14+
"*.sum",
15+
"*.mod",
16+
"*.png",
17+
"*.jpg",
18+
"*.svg",
19+
"*.ico",
20+
"*.pb.go",
21+
"*.pb",
22+
"*.proto",
23+
"*.csv",
24+
"*.log",
25+
"*.lock",
26+
"*.cfg",
27+
"*.conf",
28+
"*.ini",
29+
"*.xml",
30+
"Makefile",
31+
"Dockerfile*",
32+
"LICENSE",
33+
"go.sum",
34+
"go.mod",
35+
".cache/",
36+
"tmp/",
37+
"config/",
38+
"hack/",
39+
"test/",
40+
"internal/",
41+
"api/",
42+
"cmd/",
43+
"must-gather/collection-scripts/",
44+
]
45+
46+
[default]
47+
check-filename = false
48+
49+
[default.extend-words]
50+
# Carry forward from .codespellignore
51+
coo = "coo"
52+
notin = "notin"
53+
fileds = "fileds"
54+
55+
# Project-specific terms
56+
CLF = "CLF"
57+
CLO = "CLO"
58+
VIAQ = "VIAQ"
59+
viaq = "viaq"
60+
DCR = "DCR"
61+
dcr = "dcr"
62+
Dcr = "Dcr"
63+
HEC = "HEC"
64+
hec = "hec"
65+
OTLP = "OTLP"
66+
otlp = "otlp"
67+
SASL = "SASL"
68+
sasl = "sasl"
69+
OIDC = "OIDC"
70+
OVN = "OVN"
71+
WIF = "WIF"
72+
73+
# Syslog/systemd fields
74+
CMDLINE = "CMDLINE"
75+
DEVLINK = "DEVLINK"
76+
DEVNODE = "DEVNODE"
77+
LOGINUID = "LOGINUID"
78+
MSGID = "MSGID"
79+
PROCID = "PROCID"
80+
SYSNAME = "SYSNAME"
81+
UDEV = "UDEV"
82+
83+
# Timestamp format strings
84+
SSSSSSZ = "SSSSSSZ"
85+
SSSZ = "SSSZ"
86+
87+
# TLS cipher suite components
88+
DHE = "DHE"
89+
90+
# Protocol and format terms
91+
ASIM = "ASIM"
92+
iostream = "iostream"
93+
uucp = "uucp"
94+
95+
# Code/config identifiers in doc examples
96+
baz = "baz"
97+
containerspass = "containerspass"
98+
grault = "grault"
99+
inputname = "inputname"
100+
lpr = "lpr"
101+
nologformat = "nologformat"
102+
plugh = "plugh"
103+
waldo = "waldo"
104+
Otel = "Otel"
105+
106+
# Fragments from camelCase/PascalCase splitting
107+
Ded = "Ded"
108+
DETERMIN = "DETERMIN"
109+
110+
# Technical terms
111+
gnuplot = "gnuplot"
112+
adoc = "adoc"
113+
deconflict = "deconflict"
114+
nolint = "nolint"
115+
govet = "govet"
116+
templated = "templated"
117+
topk = "topk"
118+
zstd = "zstd"
119+
unparseable = "unparseable"
120+
121+
# Kubernetes/OpenShift terms
122+
clusterrole = "clusterrole"
123+
configmap = "configmap"
124+
rolebinding = "rolebinding"
125+
serviceaccount = "serviceaccount"
126+
containername = "containername"
127+
podname = "podname"
128+
apiservers = "apiservers"
129+
sourcetype = "sourcetype"
130+
bucketnames = "bucketnames"

.github/workflows/spelling.yml

Lines changed: 8 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -18,32 +18,17 @@ jobs:
1818
permissions:
1919
contents: read
2020
pull-requests: read
21-
actions: read
22-
security-events: write
2321
runs-on: ubuntu-latest
24-
if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'"
2522
concurrency:
2623
group: spelling-${{ github.event.pull_request.number || github.ref }}
2724
cancel-in-progress: true
2825
steps:
29-
- name: check-spelling
30-
id: spelling
31-
uses: check-spelling/check-spelling@cfb6f7e75bbfc89c71eaa30366d0c166f1bd9c8c # v0.0.26
26+
- name: Checkout
27+
uses: actions/checkout@v4
3228
with:
33-
config: .github/actions/spelling
34-
check_file_names: 1
35-
only_check_changed_files: 1
36-
suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }}
37-
checkout: true
38-
post_comment: 0
39-
use_sarif: ${{ (!github.event.pull_request || (github.event.pull_request.head.repo.full_name == github.repository)) && 1 }}
40-
extra_dictionaries: |
41-
cspell:k8s/dict/k8s.txt
42-
cspell:golang/dict/go.txt
43-
cspell:docker/src/docker-words.txt
44-
cspell:shell/dict/shell-all-words.txt
45-
cspell:html/dict/html.txt
46-
cspell:filetypes/filetypes.txt
47-
cspell:software-terms/dict/softwareTerms.txt
48-
extra_dictionary_limit: 10
49-
check_extra_dictionaries: ""
29+
ref: ${{ github.event.pull_request.head.sha }}
30+
- name: Spell Check
31+
uses: crate-ci/typos@v1.33.1
32+
continue-on-error: true
33+
with:
34+
config: .github/actions/spelling/_typos.toml

api/observability/v1/filter_api_audit_types.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ import auditv1 "k8s.io/apiserver/pkg/apis/audit/v1"
5454
// - User events (ie. non-system and non-serviceaccount) are forwarded
5555
// - Read-only system events (get/list/watch etc) are dropped
5656
// - Service account write events that occur within the same namespace as the service account are dropped
57-
// - All other events are forwarded, subject to any configured [rate limits][#rate-lmiting]
57+
// - All other events are forwarded, subject to any configured [rate limits][#rate-limiting]
5858
//
5959
// If you want to disable these defaults, end your rules list with rule that has only a `level` field.
6060
// An empty rule matches any event, and prevents the defaults from taking effect.

bundle/manifests/observability.openshift.io_clusterlogforwarders.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1165,7 +1165,7 @@ spec:
11651165
- User events (ie. non-system and non-serviceaccount) are forwarded
11661166
- Read-only system events (get/list/watch etc) are dropped
11671167
- Service account write events that occur within the same namespace as the service account are dropped
1168-
- All other events are forwarded, subject to any configured [rate limits][#rate-lmiting]
1168+
- All other events are forwarded, subject to any configured [rate limits][#rate-limiting]
11691169
11701170
If you want to disable these defaults, end your rules list with rule that has only a `level` field.
11711171
An empty rule matches any event, and prevents the defaults from taking effect.

config/crd/bases/observability.openshift.io_clusterlogforwarders.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1165,7 +1165,7 @@ spec:
11651165
- User events (ie. non-system and non-serviceaccount) are forwarded
11661166
- Read-only system events (get/list/watch etc) are dropped
11671167
- Service account write events that occur within the same namespace as the service account are dropped
1168-
- All other events are forwarded, subject to any configured [rate limits][#rate-lmiting]
1168+
- All other events are forwarded, subject to any configured [rate limits][#rate-limiting]
11691169
11701170
If you want to disable these defaults, end your rules list with rule that has only a `level` field.
11711171
An empty rule matches any event, and prevents the defaults from taking effect.

docs/reference/operator/api_observability_v1.adoc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -762,7 +762,7 @@ Events that do not match any rule in the policy are filtered as follows:
762762
- User events (ie. non-system and non-serviceaccount) are forwarded
763763
- Read-only system events (get/list/watch etc) are dropped
764764
- Service account write events that occur within the same namespace as the service account are dropped
765-
- All other events are forwarded, subject to any configured [rate limits][#rate-lmiting]
765+
- All other events are forwarded, subject to any configured [rate limits][#rate-limiting]
766766

767767
If you want to disable these defaults, end your rules list with rule that has only a `level` field.
768768
An empty rule matches any event, and prevents the defaults from taking effect.

0 commit comments

Comments
 (0)