Josh Soref
bf16e10baf
Updates for check-spelling v0.0.25 ( #40386 )
...
## Summary of the Pull Request
- #39572 updated check-spelling but ignored:
> 🐣 Breaking Changes
[Code Scanning action requires a Code Scanning
Ruleset](https://github.com/check-spelling/check-spelling/wiki/Breaking-Change:-Code-Scanning-action-requires-a-Code-Scanning-Ruleset )
If you use SARIF reporting, then instead of the workflow yielding an ❌
when it fails, it will rely on [github-advanced-security
🤖 ](https://github.com/apps/github-advanced-security ) to report the
failure. You will need to adjust your checks for PRs.
This means that check-spelling hasn't been properly doing its job 😦 .
I'm sorry, I should have pushed a thing to this repo earlier,...
Anyway, as with most refreshes, this comes with a number of fixes, some
are fixes for typos that snuck in before the 0.0.25 upgrade, some are
for things that snuck in after, some are based on new rules in
spell-check-this, and some are hand written patterns based on running
through this repository a few times.
About the 🐣 **breaking change**: someone needs to create a ruleset for
this repository (see [Code Scanning action requires a Code Scanning
Ruleset: Sample ruleset
](https://github.com/check-spelling/check-spelling/wiki/Breaking-Change:-Code-Scanning-action-requires-a-Code-Scanning-Ruleset#sample-ruleset )).
The alternative to adding a ruleset is to change the condition to not
use sarif for this repository. In general, I think the github
integration from sarif is prettier/more helpful, so I think that it's
the better choice.
You can see an example of it working in:
- https://github.com/check-spelling-sandbox/PowerToys/pull/23
---------
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
Co-authored-by: Mike Griese <migrie@microsoft.com >
Co-authored-by: Dustin L. Howett <dustin@howett.net >
2025-07-08 17:16:52 -05:00
dependabot[bot]
0d29f6aca6
Bump check-spelling/check-spelling from 0.0.24 to 0.0.25 ( #39572 )
...
Bumps
[check-spelling/check-spelling](https://github.com/check-spelling/check-spelling )
from 0.0.24 to 0.0.25.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/check-spelling/check-spelling/releases ">check-spelling/check-spelling's
releases</a>.</em></p>
<blockquote>
<h2>Release 0.0.25</h2>
<h2>⏩ Upgrading</h2>
<ul>
<li>🧪 Test first <em>on a branch</em> 🏷️ by changing your workflow
tags/references to this release</li>
<li>See 🐣 <strong>Breaking Changes</strong> for how to adapt your
workflow</li>
<li>See 🐛 <strong>Known Issues</strong> for known issues</li>
</ul>
<h2>🐣 Breaking Changes</h2>
<ul>
<li><a
href="https://github.com/check-spelling/check-spelling/wiki/Breaking-Change:-Code-Scanning-action-requires-a-Code-Scanning-Ruleset ">Code
Scanning action requires a Code Scanning Ruleset</a>
If you use SARIF reporting, then instead of the workflow yielding an ❌
when it fails, it will rely on <a
href="https://github.com/apps/github-advanced-security "><strong>github-advanced-security</strong>
🤖 </a> to report the failure. You will need to adjust your checks for
PRs.</li>
<li><a
href="https://github.com/check-spelling/check-spelling/wiki/Breaking-change:-Dropping-support-for-on:-schedule ">Dropping
support for <code>on: schedule</code></a></li>
<li><a
href="https://github.com/check-spelling/check-spelling/wiki/Breaking-Change:-Dropping-support-for-%60whitelist.txt%60-and-%60advice.txt%60 ">Dropping
support for <code>whitelist.txt</code> and
<code>advice.txt</code></a></li>
<li><a
href="https://github.com/check-spelling/check-spelling/wiki/Breaking-Change%3A-Dropping-support-for-out-of-tree-project-files ">Dropping
support for out of tree project files</a></li>
<li>Dependent actions are referenced by full sha instead of version --
if you're using <a
href="https://docs.github.com/en/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#allowing-select-actions-and-reusable-workflows-to-run ">Allow
specified actions and reusable workflows</a>, you will need to add:
<ul>
<li><code>check-spelling/checkout-merge@46bad523dcb6368efab50ff2729c00443785abca</code>
(if you run <code>on: pull_request</code>/<code>on:
pull_requesrt_target</code> and use <code>with:</code>/<code>checkout:
true</code>)</li>
</ul>
</li>
</ul>
<h2>✨ New Features</h2>
<ul>
<li><a
href="https://github.com/check-spelling/check-spelling/wiki/Feature:-Subrepos ">Check
submodules</a> using <a
href="https://github.com/check-spelling/check-spelling/wiki/Configuration#submodules "><code>submodules</code></a></li>
<li>Provide instructions for when <code>only_check_changed_files</code>
finds unrecognized words (<a
href="https://api.github.com/repos/check-spelling/check-spelling/issues/86 ">#86</a>)</li>
<li>Support <a
href="https://github.com/check-spelling/check-spelling/wiki/Configuration/_edit#unknown_file_word_limit "><code>unknown_file_word_limit</code></a>
to limit the number of times a path in a filename is reported when using
<a
href="https://github.com/check-spelling/check-spelling/wiki/Configuration#check_file_names "><code>check_file_names</code></a></li>
<li>Suggest <a
href="https://github.com/check-spelling/check-spelling/wiki/Configuration#checkout "><code>checkout:
true</code></a> for new <a
href="https://github.com/check-spelling/check-spelling/wiki/Event-descriptions#single-line-file "><code>missing-checkout</code></a>
error case</li>
<li>Suggest ignoring files that trigger <a
href="https://github.com/check-spelling/check-spelling/wiki/Event-descriptions#single-line-file "><code>single-line-file</code></a></li>
</ul>
<h2>Dictionaries</h2>
<ul>
<li>Fix <a
href="https://github.com/check-spelling/check-spelling/wiki/Event-descriptions/#fallback-dictionary-not-found "><code>fallback-dictionary-not-found</code></a>
handling</li>
</ul>
<h3>Hunspell dictionaries</h3>
<ul>
<li>Fix support for <code>.dic</code>/<code>.aff</code> dictionaries by
installing hunspell as needed (<a
href="https://api.github.com/repos/check-spelling/check-spelling/issues/79 ">#79</a>
/ <a
href="https://api.github.com/repos/check-spelling/check-spelling/issues/90 ">#90</a>)</li>
<li>Ensure that <a
href="https://docs.check-spelling.dev/Feature:-Configurable-word-characters.html#spanish ">Spanish</a>
works (a consumer is using this, so it should work reliably)</li>
</ul>
<h2>Fixes</h2>
<ul>
<li>macOS: Consistently use check-spelling dictionary instead of looking
at the system dictionary (<a
href="https://api.github.com/repos/check-spelling/check-spelling/issues/84 ">#84</a>)</li>
<li>Fix <code>check_for_newline_at_eof</code> for <code>allow.txt</code>
(<a
href="https://api.github.com/repos/check-spelling/check-spelling/issues/81 ">#81</a>)</li>
<li>Improve handling of <a
href="https://github.com/check-spelling/check-spelling/wiki/Configuration#ignored "><code>inputs.ignored</code></a>
events</li>
<li>Fix <a
href="https://github.com/check-spelling/check-spelling/wiki/Configuration:-Advanced#debug "><code>inputs.debug</code></a>
handling</li>
<li>Fix <strong>merge</strong> instructions order</li>
<li>Fix pattern for validating expect entries</li>
<li>Fix <a
href="https://github.com/check-spelling/check-spelling/wiki/Event-descriptions/#noisy-file-list "><code>noisy-file-list</code></a>
handling</li>
<li>Fix 504 handling for <a
href="https://github.com/check-spelling/check-spelling/wiki/Configuration#only_check_changed_files "><code>only_check_changed_files</code></a>
when unshallowing</li>
<li>Restore comment (<code>#</code>) support for expect files</li>
<li>Include last character in <a
href="https://github.com/check-spelling/check-spelling/wiki/Event-descriptions/#token-is-substring "><code>token-is-substring</code></a>
warning</li>
</ul>
<h2>Improvements</h2>
<ul>
<li>Line ending detection (<a
href="https://api.github.com/repos/check-spelling/check-spelling/issues/83 ">#83</a>)</li>
<li><a
href="https://www.fileformat.info/info/unicode/char/2019/index.htm ">RSQM</a>
handling</li>
<li>Dictionary download times by skipping delays for <code>30x</code>
redirects</li>
<li>Excludes paths generation</li>
<li>Error handling of various components</li>
<li>Documentation links</li>
<li>GitHub error detection patterns for when check-spelling has
bugs</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c635c2f3f7a72db74f7572391946fe5b54b9ba2deedc53a05c35e2bbcc5bb73164407bd6cb009abbeac6da34a8a9ff41ecae67debf5066...c635c2f3f7https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=check-spelling/check-spelling&package-manager=github_actions&previous-version=0.0.24&new-version=0.0.25 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-10 13:10:57 +08:00
Typpi
60f50d853b
Apply security best practices for GitHub Actions / Dependency ( #38552 )
...
This update aligns with Microsoft's security guidelines by pinning all GitHub Action tags and Docker tags to their full-length commits. This practice ensures immutability and reduces the risk of supply chain attacks. Note that 1st and 2nd party actions do not require hash pinning.
2025-04-15 16:33:05 +08:00
Josh Soref
74a1a6eca2
Upgrade to check-spelling v0.0.24 ( #36235 )
...
This upgrades to [v0.0.24](https://github.com/check-spelling/check-spelling/releases/tag/v0.0.24 ).
A number of GitHub APIs are being turned off shortly, so you need to upgrade or various uncertain outcomes will occur.
There's a new accessibility forbidden pattern:
> Do not use `(click) here` links
> For more information, see:
> * https://www.w3.org/QA/Tips/noClickHere
> * https://webaim.org/techniques/hypertext/link_text
> * https://granicus.com/blog/why-click-here-links-are-bad/
> * https://heyoka.medium.com/dont-use-click-here-f32f445d1021
```pl
(?i)(?:>|\[)(?:(?:click |)here|link|(?:read |)more)(?:</|\]\()
```
There are some minor bugs that I'm aware of and which I've fixed since this release, but I don't expect to make another release this month.
I've added a pair of patterns for includes and pragmas. My argument is that the **compiler** will _generally_ tell you if you've misspelled an include and the **linker** will _generally_ tell you if you misspell a lib.
- There's a caveat here: If your include case-insensitively matches the referenced file (but doesn't properly match it), then unless you either use a case-sensitive file system (as opposed to case-preserving) or beg clang to warn, you won't notice when you make this specific mistake -- this matters in that a couple of Windows headers (e.g. Unknwn.h) have particular case and repositories don't tend to consistently/properly write them.
2024-12-06 10:33:08 -06:00
Jay
949b9a6185
[Spellcheck]Refactor/review entries into different files ( #29832 )
...
* remove files
* add dictionaries
* Create expect.txt
* spelling corrections + move words
* spelling updates
* few more
* import commit from bot
* move names
* undo FZ changed by VS
2023-11-21 15:06:01 +00:00
Josh Soref
0a4d30ae22
[ci]check-spelling 0.0.22 ( #29119 )
...
* spelling: microsoft
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
* spelling: the
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
* [ci]Upgrade check-spelling to v0.0.22
---------
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2023-11-02 17:16:29 +00:00
Jaime Bernardo
45150067b3
Revert "[Deps]Bump check-spelling/check-spelling from 0.0.21 to 0.0.22 ( #28953 )" ( #29016 )
...
This reverts commit d3edd6acc2
2023-10-04 17:25:28 +01:00
dependabot[bot]
d3edd6acc2
[Deps]Bump check-spelling/check-spelling from 0.0.21 to 0.0.22 ( #28953 )
...
Bumps [check-spelling/check-spelling](https://github.com/check-spelling/check-spelling ) from 0.0.21 to 0.0.22.
- [Release notes](https://github.com/check-spelling/check-spelling/releases )
- [Commits](https://github.com/check-spelling/check-spelling/compare/v0.0.21...v0.0.22 )
---
updated-dependencies:
- dependency-name: check-spelling/check-spelling
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-04 13:07:10 +01:00
Josh Soref
150e7d40dd
Check spelling 0 0 21 ( #22335 )
2022-11-29 11:41:22 -08:00
Josh Soref
a397e72eb0
[ci]Upgrade check-spelling to v0.0.20 ( #19574 )
2022-07-27 11:39:46 +01:00
dependabot[bot]
6d97fb2dc8
[ci]Bump check-spelling/check-spelling from 0.0.20.pre.alpha7 to 0.0.20 ( #19610 )
...
Bumps [check-spelling/check-spelling](https://github.com/check-spelling/check-spelling ) from 0.0.20.pre.alpha7 to 0.0.20.
- [Release notes](https://github.com/check-spelling/check-spelling/releases )
- [Commits](https://github.com/check-spelling/check-spelling/compare/v0.0.20-alpha7...v0.0.20 )
---
updated-dependencies:
- dependency-name: check-spelling/check-spelling
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-27 11:37:19 +01:00
Josh Soref
3cb0638c7e
[ci]Upgrade to check-spelling 0.0.20alpha7 ( #19127 )
...
* spelling: added
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: and
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: another
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: color
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: file
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: github
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: not
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: occurrences
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: stamp
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: suppressions
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: the
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: up to
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: whether
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* spelling: whichdoes
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com >
* Upgrade check-spelling to v0.0.20-alpha7
Config based on:
a5001170a7https://github.com/microsoft/wil ), whereas often it's a typo for `will`.
* Update src/runner/main.cpp
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2022-07-01 15:09:41 +01:00
Josh Soref
2a7afa38d0
Fix check-spelling ( #17939 )
...
GitHub apparently changed the behavior of raw.githubusercontent.com.
Previously, https://raw.githubusercontent.com/:org/:repo/HEAD/:path worked.
It no longer works.
Instead, we will use the master branch.
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com >
2022-04-27 09:00:20 -07:00
Josh Soref
0506f06a18
[Check-spelling]Fix comments ( #15715 )
...
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com >
2022-01-24 13:31:29 +00:00
Josh Soref
02de31b7c0
Update check-spelling ( #14873 )
...
* Updating advice
Copying 18764e6cbb/.github/actions/spelling/advice.mdcloses #14854
Adds a couple of other patterns:
* publicKeyToken
* @sha256:
* std::wregex
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com >
Co-authored-by: Jaime Bernardo <jaime@janeasystems.com >
2021-12-12 11:42:04 -08:00
Josh Soref
5027a55e7f
Upgrade check-spelling to v0.0.19 ( #12348 )
...
What is this about:
This updates check-spelling to 0.0.19 for https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p
What is included in the PR:
The expect.txt changes are just churn from when the action was disabled.
2021-07-13 11:23:12 -05:00
