diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a0c6c75082..d23438a6c4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,5 +1,5 @@ repos: -- repo: https://github.com/econchick/interrogate + - repo: https://github.com/econchick/interrogate rev: 1.7.0 hooks: - id: interrogate @@ -8,77 +8,92 @@ repos: args: ["-vv", "-i", "-I", "-M", "-C", "-n", "-p", "-f", "60.0"] # args for cut and paste: interrogate -vv -i -I -M -C -n -p -f 60.0 -- repo: https://github.com/pycqa/isort + - repo: https://github.com/pycqa/isort rev: 5.13.2 hooks: - - id: isort - stages: [pre-commit, pre-merge-commit] - exclude: ^fuzz/generated/ + - id: isort + stages: [pre-commit, pre-merge-commit] + exclude: ^fuzz/generated/ -- repo: https://github.com/psf/black-pre-commit-mirror + - repo: https://github.com/psf/black-pre-commit-mirror rev: 24.10.0 hooks: - - id: black - exclude: ^fuzz/generated/ + - id: black + exclude: ^fuzz/generated/ -- repo: https://github.com/asottile/pyupgrade + - repo: https://github.com/asottile/pyupgrade rev: v3.19.1 hooks: - - id: pyupgrade - exclude: ^fuzz/generated/ - args: ["--py38-plus"] + - id: pyupgrade + exclude: ^fuzz/generated/ + args: ["--py38-plus"] -- repo: https://github.com/pycqa/flake8 + - repo: https://github.com/pycqa/flake8 rev: 7.1.1 hooks: - - id: flake8 - exclude: ^fuzz/generated/|bandit\.conf$ + - id: flake8 + exclude: ^fuzz/generated/|bandit\.conf$ -- repo: https://github.com/PyCQA/bandit + - repo: https://github.com/PyCQA/bandit rev: 1.8.0 hooks: - - id: bandit - exclude: ^fuzz/generated/ - args: ["-c", "bandit.conf"] + - id: bandit + exclude: ^fuzz/generated/ + args: ["-c", "bandit.conf"] -- repo: https://github.com/jorisroovers/gitlint + - repo: https://github.com/jorisroovers/gitlint rev: v0.19.1 hooks: - - id: gitlint + - id: gitlint -- repo: https://github.com/pre-commit/mirrors-mypy + - repo: https://github.com/pre-commit/mirrors-mypy rev: v1.14.1 hooks: - - id: mypy - additional_dependencies: - - types-beautifulsoup4 - - types-jsonschema - - types-PyYAML - - types-requests - - types-setuptools - - types-toml - files: | - (?x)^( - cve_bin_tool/parsers/.*| - cve_bin_tool/__init__.py| - cve_bin_tool/async_utils.py| - cve_bin_tool/file.py| - cve_bin_tool/linkify.py| - cve_bin_tool/log.py| - cve_bin_tool/strings.py| - cve_bin_tool/theme.py| - cve_bin_tool/util.py| - cve_bin_tool/validator.py| - cve_bin_tool/version.py| - doc/.*| - test/test_data/.*| - test/__init__.py| - test/test_file.py|s - test/test_requirements.py| - test/test_strings.py| - test/test_triage.py| - test/test_version.py| - test/utils.py| - )$ - + - id: mypy + additional_dependencies: + - types-beautifulsoup4 + - types-jsonschema + - types-PyYAML + - types-requests + - types-setuptools + - types-toml + files: | + (?x)^( + cve_bin_tool/parsers/.*| + cve_bin_tool/__init__.py| + cve_bin_tool/async_utils.py| + cve_bin_tool/file.py| + cve_bin_tool/linkify.py| + cve_bin_tool/log.py| + cve_bin_tool/strings.py| + cve_bin_tool/theme.py| + cve_bin_tool/util.py| + cve_bin_tool/validator.py| + cve_bin_tool/version.py| + doc/.*| + test/test_data/.*| + test/__init__.py| + test/test_file.py|s + test/test_requirements.py| + test/test_strings.py| + test/test_triage.py| + test/test_version.py| + test/utils.py| + )$ + - repo: https://github.com/codespell-project/codespell + rev: v1.16.0 + hooks: + - id: codespell + name: codespell + description: Checks for common misspellings in text files. + args: + [ + "-I", + ".github/actions/spelling/allow.txt", + ".github/actions/spelling/only.txt", + ".github/actions/spelling/expect.txt", + ".github/actions/spelling/excludes.txt", + ] + language: python + types: [text] diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3553e1f587..8aa6995e72 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -209,6 +209,7 @@ CVE Binary Tool uses a few tools to improve code quality and readability: - `gitlint` helps ensure that the commit messages follow [Conventional Commits](https://conventionalcommits.org). - `mypy` helps ensure type definitions are correct when provided. - `interrogate` checks your code base for missing docstrings. +- `codespell` Detects common misspellings in text files. We provide a `dev-requirements.txt` file which includes all the precise versions of tools as they'll be used in GitHub Actions. You an install them all using pip: @@ -317,6 +318,22 @@ You can specify a file or directory if you just want to check the files you chan Interrogate shows some [report examples in their docs](https://interrogate.readthedocs.io/en/latest/#usage) or you can look at the [current cve-bin-tool reports in our linter runs on GitHub Actions](https://github.com/intel/cve-bin-tool/actions/workflows/linting.yml) +### Running codespell by itself + +`codespell` is a spell checker designed to detect and correct common misspellings in text files, including code comments and documentation. + +Run `codespell` in all files of the current directory: +``` +codespell +``` + +Run `codespell` in specific files or directories (specified via their names or glob patterns): +``` +codespell filename some_dir/ *.ext +``` + +for more detailed explanation you can checkout [codespell documentation](https://github.com/codespell-project/codespell) + ### Other linting tools As well as `black` for automatically making sure code adheres to the style guide, we use `flake8` to help us find things like unused imports. The [flake8 documentation](https://flake8.pycqa.org/en/latest/user/index.html) covers what you need to know about running it. diff --git a/dev-requirements.txt b/dev-requirements.txt index facead7fdc..43021f9985 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -4,6 +4,7 @@ isort; python_version < "3.8" isort==5.13.2; python_version >= "3.8" pre-commit; python_version <= "3.8" pre-commit==4.1.0; python_version > "3.8" +codespell==1.16.0 flake8; python_version < "3.8" flake8==7.1.1; python_version >= "3.8" bandit==1.7.10; python_version <= "3.8"