mirror of
https://github.com/microsoft/PowerToys.git
synced 2025-12-15 19:27:56 +01:00
bf16e10baf
## Summary of the Pull Request - #39572 updated check-spelling but ignored: > 🐣 Breaking Changes [Code Scanning action requires a Code Scanning Ruleset](https://github.com/check-spelling/check-spelling/wiki/Breaking-Change:-Code-Scanning-action-requires-a-Code-Scanning-Ruleset) If you use SARIF reporting, then instead of the workflow yielding an ❌ when it fails, it will rely on [github-advanced-security 🤖](https://github.com/apps/github-advanced-security) to report the failure. You will need to adjust your checks for PRs. This means that check-spelling hasn't been properly doing its job 😦. I'm sorry, I should have pushed a thing to this repo earlier,... Anyway, as with most refreshes, this comes with a number of fixes, some are fixes for typos that snuck in before the 0.0.25 upgrade, some are for things that snuck in after, some are based on new rules in spell-check-this, and some are hand written patterns based on running through this repository a few times. About the 🐣 **breaking change**: someone needs to create a ruleset for this repository (see [Code Scanning action requires a Code Scanning Ruleset: Sample ruleset ](https://github.com/check-spelling/check-spelling/wiki/Breaking-Change:-Code-Scanning-action-requires-a-Code-Scanning-Ruleset#sample-ruleset)). The alternative to adding a ruleset is to change the condition to not use sarif for this repository. In general, I think the github integration from sarif is prettier/more helpful, so I think that it's the better choice. You can see an example of it working in: - https://github.com/check-spelling-sandbox/PowerToys/pull/23 --------- Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Co-authored-by: Mike Griese <migrie@microsoft.com> Co-authored-by: Dustin L. Howett <dustin@howett.net>
201 lines
7.4 KiB
YAML
201 lines
7.4 KiB
YAML
# spelling.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p
|
|
name: Spell checking
|
|
|
|
# Comment management is handled through a secondary job, for details see:
|
|
# https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions
|
|
#
|
|
# `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment
|
|
# (in odd cases, it might actually run just to collapse a comment, but that's fairly rare)
|
|
# it needs `contents: write` in order to add a comment.
|
|
#
|
|
# `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment
|
|
# or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment)
|
|
# it needs `pull-requests: write` in order to manipulate those comments.
|
|
|
|
# Updating pull request branches is managed via comment handling.
|
|
# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
|
|
#
|
|
# These elements work together to make it happen:
|
|
#
|
|
# `on.issue_comment`
|
|
# This event listens to comments by users asking to update the metadata.
|
|
#
|
|
# `jobs.update`
|
|
# This job runs in response to an issue_comment and will push a new commit
|
|
# to update the spelling metadata.
|
|
#
|
|
# `with.experimental_apply_changes_via_bot`
|
|
# Tells the action to support and generate messages that enable it
|
|
# to make a commit to update the spelling metadata.
|
|
#
|
|
# `with.ssh_key`
|
|
# In order to trigger workflows when the commit is made, you can provide a
|
|
# secret (typically, a write-enabled github deploy key).
|
|
#
|
|
# For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key
|
|
|
|
# SARIF reporting
|
|
#
|
|
# Access to SARIF reports is generally restricted (by GitHub) to members of the repository.
|
|
#
|
|
# Requires enabling `security-events: write`
|
|
# and configuring the action with `use_sarif: 1`
|
|
#
|
|
# For information on the feature, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-SARIF-output
|
|
|
|
# Minimal workflow structure:
|
|
#
|
|
# on:
|
|
# push:
|
|
# ...
|
|
# pull_request_target:
|
|
# ...
|
|
# jobs:
|
|
# # you only want the spelling job, all others should be omitted
|
|
# spelling:
|
|
# # remove `security-events: write` and `use_sarif: 1`
|
|
# # remove `experimental_apply_changes_via_bot: 1`
|
|
# ... otherwise adjust the `with:` as you wish
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "**"
|
|
tags-ignore:
|
|
- "**"
|
|
pull_request_target:
|
|
branches:
|
|
- "**"
|
|
types:
|
|
- "opened"
|
|
- "reopened"
|
|
- "synchronize"
|
|
issue_comment:
|
|
types:
|
|
- "created"
|
|
|
|
jobs:
|
|
spelling:
|
|
name: Check Spelling
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
actions: read
|
|
security-events: write
|
|
outputs:
|
|
followup: ${{ steps.spelling.outputs.followup }}
|
|
runs-on: ubuntu-latest
|
|
if: ${{ contains(github.event_name, 'pull_request') || github.event_name == 'push' }}
|
|
concurrency:
|
|
group: spelling-${{ github.event.pull_request.number || github.ref }}
|
|
# note: If you use only_check_changed_files, you do not want cancel-in-progress
|
|
cancel-in-progress: true
|
|
steps:
|
|
- name: check-spelling
|
|
id: spelling
|
|
uses: check-spelling/check-spelling@c635c2f3f714eec2fcf27b643a1919b9a811ef2e # v0.0.25
|
|
with:
|
|
config: .github/actions/spell-check
|
|
suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }}
|
|
checkout: true
|
|
check_file_names: 1
|
|
spell_check_this: microsoft/PowerToys@main
|
|
post_comment: 0
|
|
use_magic_file: 1
|
|
report-timing: 1
|
|
warnings: bad-regex,binary-file,deprecated-feature,ignored-expect-variant,large-file,limited-references,no-newline-at-eof,noisy-file,non-alpha-in-dictionary,token-is-substring,unexpected-line-ending,whitespace-in-dictionary,minified-file,unsupported-configuration,no-files-to-check,unclosed-block-ignore-begin,unclosed-block-ignore-end
|
|
experimental_apply_changes_via_bot: 1
|
|
use_sarif: 1
|
|
check_extra_dictionaries: ""
|
|
dictionary_source_prefixes: >
|
|
{
|
|
"cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20241114/dictionaries/"
|
|
}
|
|
extra_dictionaries: |
|
|
cspell:software-terms/softwareTerms.txt
|
|
cspell:cpp/stdlib-c.txt
|
|
cspell:cpp/stdlib-cpp.txt
|
|
cspell:filetypes/filetypes.txt
|
|
cspell:php/php.txt
|
|
cspell:dart/dart.txt
|
|
cspell:dotnet/dotnet.txt
|
|
cspell:powershell/powershell.txt
|
|
cspell:csharp/csharp.txt
|
|
cspell:python/python/python-lib.txt
|
|
cspell:node/node.txt
|
|
cspell:golang/go.txt
|
|
cspell:npm/npm.txt
|
|
cspell:fullstack/fullstack.txt
|
|
cspell:css/css.txt
|
|
cspell:java/java.txt
|
|
cspell:typescript/typescript.txt
|
|
cspell:html/html.txt
|
|
cspell:r/r.txt
|
|
cspell:aws/aws.txt
|
|
cspell:cpp/compiler-msvc.txt
|
|
cspell:python/common/extra.txt
|
|
cspell:scala/scala.txt
|
|
|
|
comment-push:
|
|
name: Report (Push)
|
|
# If your workflow isn't running on push, you can remove this job
|
|
runs-on: ubuntu-latest
|
|
needs: spelling
|
|
permissions:
|
|
actions: read
|
|
contents: write
|
|
if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push'
|
|
steps:
|
|
- name: comment
|
|
uses: check-spelling/check-spelling@c635c2f3f714eec2fcf27b643a1919b9a811ef2e # v0.0.25
|
|
with:
|
|
config: .github/actions/spell-check
|
|
checkout: true
|
|
spell_check_this: microsoft/PowerToys@main
|
|
task: ${{ needs.spelling.outputs.followup }}
|
|
|
|
comment-pr:
|
|
name: Report (PR)
|
|
# If you workflow isn't running on pull_request*, you can remove this job
|
|
runs-on: ubuntu-latest
|
|
needs: spelling
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
pull-requests: write
|
|
if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request')
|
|
steps:
|
|
- name: comment
|
|
uses: check-spelling/check-spelling@c635c2f3f714eec2fcf27b643a1919b9a811ef2e # v0.0.25
|
|
with:
|
|
config: .github/actions/spell-check
|
|
checkout: true
|
|
spell_check_this: check-spelling/spell-check-this@prerelease
|
|
task: ${{ needs.spelling.outputs.followup }}
|
|
experimental_apply_changes_via_bot: ${{ github.repository_owner != 'microsoft' && 1 }}
|
|
|
|
update:
|
|
name: Update PR
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
actions: read
|
|
runs-on: ubuntu-latest
|
|
if: ${{
|
|
github.repository_owner != 'microsoft' &&
|
|
github.event_name == 'issue_comment' &&
|
|
github.event.issue.pull_request &&
|
|
contains(github.event.comment.body, '@check-spelling-bot apply') &&
|
|
contains(github.event.comment.body, 'https://')
|
|
}}
|
|
concurrency:
|
|
group: spelling-update-${{ github.event.issue.number }}
|
|
cancel-in-progress: false
|
|
steps:
|
|
- name: apply spelling updates
|
|
uses: check-spelling/check-spelling@c635c2f3f714eec2fcf27b643a1919b9a811ef2e # v0.0.25
|
|
with:
|
|
experimental_apply_changes_via_bot: ${{ github.repository_owner != 'microsoft' && 1 }}
|
|
checkout: true
|
|
ssh_key: "${{ secrets.CHECK_SPELLING }}"
|