diff --git a/cargo-crev/CHANGELOG.md b/cargo-crev/CHANGELOG.md index ff4e0110..0d85c976 100644 --- a/cargo-crev/CHANGELOG.md +++ b/cargo-crev/CHANGELOG.md @@ -19,7 +19,7 @@ ## [0.24.0](https://github.com/crev-dev/cargo-crev/compare/v0.23.0...v0.24.3) -- Added `--direct` flag to trust paramaters to use only directly trusted Ids +- Added `--direct` flag to trust parameters to use only directly trusted Ids - Added command "proof reissue" to reissue reviews under a different id. The original proof will be referenced in the new proof under the "original:" field - Fix crash on systems with libgit2 v1.4 @@ -183,7 +183,7 @@ improvements - **BREAKING**: `cargo crev ` was change to `cargo crev ` - Introduces one letter aliases for most (all?) commands -- Commands quering proofs will now print them as a multi-object yaml document +- Commands querying proofs will now print them as a multi-object yaml document for easier parsing - Shortened `=1.2.3` in `latest_t` to just `=` @@ -194,7 +194,7 @@ improvements - `crate mvp` to discovering best reviewers - `crate search` for looking up best reviewed dependency candidates - `crate verify --recursive` -- `CREV_PASSPHRASE_CMD` for users of `pass` and similiar +- `CREV_PASSPHRASE_CMD` for users of `pass` and similar - Multiple flags and arguments to narrow down `crate verify` scope - Handling of `--level ` in many commands - "Tips and tricks" in user @@ -228,7 +228,7 @@ documentation - User Documentation, including Getting Started Guide - `query dir` command - Differential reviews with `diff` and `review --diff` commands -- New options, particularily for +- New options, particularly for `verify` ## [0.7.0](https://github.com/dpc/crev/compare/cargo-crev-v0.6.0...cargo-crev-v0.7.0) - 2019-04-27 diff --git a/cargo-crev/src/deps/print_term.rs b/cargo-crev/src/deps/print_term.rs index 309b6144..1f59c894 100644 --- a/cargo-crev/src/deps/print_term.rs +++ b/cargo-crev/src/deps/print_term.rs @@ -1,4 +1,4 @@ -// Functions related to writeing dependencies in the standard +// Functions related to writing dependencies in the standard // terminal (not in the context of a real terminal application) use super::*; diff --git a/cargo-crev/src/doc/advisories.md b/cargo-crev/src/doc/advisories.md index abb6310f..27d64541 100644 --- a/cargo-crev/src/doc/advisories.md +++ b/cargo-crev/src/doc/advisories.md @@ -16,14 +16,14 @@ Each issue is marked with an ID. It can be any string. Identifiers like URL can be used instead. Issues associated with a crate version, are only stating that this particular -release is affected. The do not imply that this is neccesarily the first or only +release is affected. The do not imply that this is necessarily the first or only version being affected. Also, issues are treated as an open from the first version reported. `crev` will consider all the later versions to be affected as well, until a corresponding *advisory* is found with a matching `id`. -**It is generaly better to report *advisories* instead of issues**. Issues are +**It is generally better to report *advisories* instead of issues**. Issues are most useful when the fixed release is not yet available, so it's impossible to create an advisory associated with a version that does not yet exist. @@ -43,7 +43,7 @@ released in the version 1.4.5, a `range: minor` since the whole minor release was affected (all versions matching 1.4.x, before release containing the advisory). -This simplifies specifing the range, but is not always precise. Had the issue +This simplifies specifying the range, but is not always precise. Had the issue been first introduced in version 1.4.1, the version 1.4.0 would be incorrectly affected as well. This is however rare and overshooting is not a problem. diff --git a/cargo-crev/src/doc/cargo_specific.md b/cargo-crev/src/doc/cargo_specific.md index e43aff00..66a3a5f2 100644 --- a/cargo-crev/src/doc/cargo_specific.md +++ b/cargo-crev/src/doc/cargo_specific.md @@ -1,7 +1,7 @@ # Cargo specific features `crev` is a language and ecosystem agnostic system for reviewing code. While -being quite generic it does not forbit or prevent integrating with particular +being quite generic it does not forbid or prevent integrating with particular features and data available in each ecosystem. Quite the opposite - part of the vision of `crev` is to build well integrated ecosystem-specific tools. `cargo-crev` is exactly such a tool for Rust language and `cargo` package @@ -16,11 +16,11 @@ and/or rely on other reputable reviewers, this will be a difficult target until a critical mass of adoption is reached. To address this problem, `cargo-crev` allows reasoning about trustworthinnes of -crates by the reputation of their autors. +crates by the reputation of their authors. Every crev identity can create and maintain a "known owners" list. Use `cargo crev config edit known` command to edit it. Each line is crates.io username or -group name that will be considered somewhat trustwothy. +group name that will be considered somewhat trustworthy. During dependency verification a `--skip-known-owners` argument can be used to skip crates that have at least one known owner. @@ -28,7 +28,7 @@ skip crates that have at least one known owner. It's important to consider the security implications. crates.io or the personal accounts of reputable crate authors could get compromised. And just because the crate owner is on a list of authors does not mean other co-authors are -neccessarily trustworthy. +necessarily trustworthy. So this feature is definitely a compromise. But it is very useful for filtering out dependencies that are most probably OK, and can be reviewed after code from @@ -38,7 +38,7 @@ less reputable sources is reviewed first. `cargo crev crate verify` will display download counts for both specific crate version and total crate downloads, as a quick estimate of crate popularity. -Crates and versions with particularily low download count at higher risk of +Crates and versions with particularly low download count at higher risk of introducing serious bugs or malicious code. ## Geiger count @@ -53,5 +53,5 @@ the code. `cargo-crev` uses [`tokei`](https://crates.io/crates/tokei) to calculate the total number of Rust code each dependency introduces. Small crates are a good -candidate for imediate review (because it will be quick). Bigger ones can often +candidate for immediate review (because it will be quick). Bigger ones can often be replaced with smaller alternatives. diff --git a/cargo-crev/src/doc/getting_started.md b/cargo-crev/src/doc/getting_started.md index 670740ab..181efed1 100644 --- a/cargo-crev/src/doc/getting_started.md +++ b/cargo-crev/src/doc/getting_started.md @@ -357,7 +357,7 @@ Example. VSCode users can run: $ cargo crev open --cmd "code --wait -n" --cmd-save ``` -`--cmd-save` will make `crev` remember the `--cmd` paramter in the future, so it +`--cmd-save` will make `crev` remember the `--cmd` parameter in the future, so it does not have to be repeated every time. The exact `--cmd` to use for each IDE can vary, and you can ask for help in figuring it out on the `crev`'s gitter channel. You can change the command later with `cargo crev config edit`. @@ -396,7 +396,7 @@ comment: "" # and trustworthiness. # # Your Proofs are cryptographically signed and will circulate in the ecosystem. -# While there is no explicit or implicity legal responsibiltity attached to +# While there is no explicit or implicitly legal responsibiltity attached to # using `crev` system, other people will most probably use it to judge you, # your other work, etc. # diff --git a/cargo-crev/src/doc/glossary.md b/cargo-crev/src/doc/glossary.md index fa379c84..4db07a82 100644 --- a/cargo-crev/src/doc/glossary.md +++ b/cargo-crev/src/doc/glossary.md @@ -7,7 +7,7 @@ The following is glossary of terms commonly used in `crev` and `cargo-crev` An optional part of a *Review*, announcing a significant problem fixed in that package version, advising other users to upgrade. -Notably *Advisories* implicitly denote existance of such issue in all previous +Notably *Advisories* implicitly denote existence of such issue in all previous versions in a certain *VersionRange*. ### *CrevId* @@ -23,7 +23,7 @@ the secret key stored locally and encrypted with a passphrase. An optional part of a *Review*, announcing a significant problem present in a given package version. -Very similiar to *Advisory*. It's generally better to prefer *Advisories*, +Very similar to *Advisory*. It's generally better to prefer *Advisories*, except for cases in which the problem does not have a solution available yet. ### *Level* diff --git a/cargo-crev/src/doc/mod.rs b/cargo-crev/src/doc/mod.rs index 6aca97ed..3555e138 100644 --- a/cargo-crev/src/doc/mod.rs +++ b/cargo-crev/src/doc/mod.rs @@ -4,7 +4,7 @@ /// and [Glossary](`self::user::glossary`) modules. /// /// Please be aware that all user documentation is -/// a continous work in progress, and can be incorrect +/// a continuous work in progress, and can be incorrect /// or stale. /// /// Writing high quality documentation is diff --git a/cargo-crev/src/doc/organizations.md b/cargo-crev/src/doc/organizations.md index 61bd3500..6eacf104 100644 --- a/cargo-crev/src/doc/organizations.md +++ b/cargo-crev/src/doc/organizations.md @@ -64,7 +64,7 @@ reviews. Depending on the code review policy, proofs created by individual contributors can be internal, or publicly available. Sharing code reviews with wider -community can be a proof of a concious approach to security, and a form of +community can be a proof of a conscious approach to security, and a form of giving back to the community. ## Enforcing code review policy diff --git a/cargo-crev/src/doc/tips_and_tricks.md b/cargo-crev/src/doc/tips_and_tricks.md index f5dcf379..05d17224 100644 --- a/cargo-crev/src/doc/tips_and_tricks.md +++ b/cargo-crev/src/doc/tips_and_tricks.md @@ -118,7 +118,7 @@ Check the `cargo crev crate verify --help` output for more helpful flags. 0 unicode-segmentation ``` -`cargo crev crate search ` will query crates.io for crate maching a given +`cargo crev crate search ` will query crates.io for crate matching a given query, and then sort them from the most trustworthy. This features is still new and is planed to be expanded and improved. diff --git a/cargo-crev/src/doc/trust.md b/cargo-crev/src/doc/trust.md index 5e18da99..392867e1 100644 --- a/cargo-crev/src/doc/trust.md +++ b/cargo-crev/src/doc/trust.md @@ -64,7 +64,7 @@ Or in other words: for R to have a given *effective trust* for Y, there has to exist at least on path from R and Y, where every previous node directly trusts the next one at the level at least as high. -That's because any *effective trust level* can only be as high as the higest +That's because any *effective trust level* can only be as high as the highest *effective trust level* ### Depth of the WoT diff --git a/cargo-crev/src/edit.rs b/cargo-crev/src/edit.rs index a0e7ac38..1ba19102 100644 --- a/cargo-crev/src/edit.rs +++ b/cargo-crev/src/edit.rs @@ -25,7 +25,7 @@ fn get_editor_to_use() -> Result { }) } -/// Retruns the edited string, and bool indicating if the file was ever written to/ (saved). +/// Returns the edited string, and bool indicating if the file was ever written to/ (saved). fn edit_text_iteractively_raw(text: &str) -> Result<(String, bool)> { let dir = tempfile::tempdir()?; let file_path = dir.path().join("crev.review.yaml"); @@ -51,7 +51,7 @@ pub fn edit_text_iteractively(text: &str) -> Result { Ok(edit_text_iteractively_raw(text)?.0) } -pub fn edit_text_iteractively_until_writen_to(text: &str) -> Result { +pub fn edit_text_iteractively_until_written_to(text: &str) -> Result { loop { let (text, modified) = edit_text_iteractively_raw(text)?; if !modified { @@ -120,7 +120,7 @@ pub fn edit_proof_content_iteractively( writeln!(&mut text, "# {line}")?; } loop { - text = edit_text_iteractively_until_writen_to(&text)?; + text = edit_text_iteractively_until_written_to(&text)?; match content.apply_draft(&text) { Err(e) => { eprintln!("There was an error parsing content: {e}"); diff --git a/cargo-crev/src/main.rs b/cargo-crev/src/main.rs index c7382f9e..4becc403 100644 --- a/cargo-crev/src/main.rs +++ b/cargo-crev/src/main.rs @@ -721,7 +721,7 @@ fn run_command(command: opts::Command) -> Result { maybe_store(&local, &proof, commit_msg, &args.common)?; } Err(e) => { - eprintln!("Ignoried unknwon proof - {e}"); + eprintln!("Ignoried unknown proof - {e}"); } } } diff --git a/cargo-crev/src/opts.rs b/cargo-crev/src/opts.rs index 81ec58f8..59ea3230 100644 --- a/cargo-crev/src/opts.rs +++ b/cargo-crev/src/opts.rs @@ -8,7 +8,7 @@ use crate::term::Term; #[derive(Debug, StructOpt, Clone, Default)] pub struct CrateSelector { - /// This crate is not neccesarily a dependency of the current cargo project + /// This crate is not necessarily a dependency of the current cargo project #[structopt(long = "unrelated", short = "u")] pub unrelated: bool, @@ -213,7 +213,7 @@ pub struct Diff { #[structopt(long = "dst")] pub dst: Option, - /// This crate is not neccesarily a dependency of the current cargo project + /// This crate is not necessarily a dependency of the current cargo project #[structopt(long = "unrelated", short = "u")] pub unrelated: bool, diff --git a/cargo-crev/src/wot.rs b/cargo-crev/src/wot.rs index b63c05ea..c949d094 100644 --- a/cargo-crev/src/wot.rs +++ b/cargo-crev/src/wot.rs @@ -74,10 +74,10 @@ pub fn print_log(wot_opts: WotOpts) -> Result<()> { write!(io::stdout(), "; ")?; term.print(format_args!("distrusted"), RED)?; } - if edge.ignored_overriden { + if edge.ignored_overridden { write!(io::stdout(), "; ")?; - term.print(format_args!("overriden"), YELLOW)?; - write!(io::stdout(), " by {}", edge.overriden_by.iter().join(", "))?; + term.print(format_args!("overridden"), YELLOW)?; + write!(io::stdout(), " by {}", edge.overridden_by.iter().join(", "))?; } if edge.ignored_too_far { write!(io::stdout(), "; ")?; diff --git a/crev-data/src/id.rs b/crev-data/src/id.rs index 5fc32440..a108003b 100644 --- a/crev-data/src/id.rs +++ b/crev-data/src/id.rs @@ -111,7 +111,7 @@ impl Id { } } -/// A unique ID accompanied by publically identifying data. +/// A unique ID accompanied by publicly identifying data. #[derive(Clone, Debug, Builder, Serialize, Deserialize, PartialEq, Eq, Hash)] pub struct PublicId { #[serde(flatten)] diff --git a/crev-data/src/proof/content.rs b/crev-data/src/proof/content.rs index 85e40c79..1c3956d1 100644 --- a/crev-data/src/proof/content.rs +++ b/crev-data/src/proof/content.rs @@ -174,7 +174,7 @@ where /// /// A simplified version of content, used /// for user interaction - editing the parts -/// that are not neccessary for the user to see. +/// that are not necessary for the user to see. pub struct Draft { pub(crate) title: String, pub(crate) body: String, diff --git a/crev-data/src/proof/mod.rs b/crev-data/src/proof/mod.rs index 512662cb..47c5a8ba 100644 --- a/crev-data/src/proof/mod.rs +++ b/crev-data/src/proof/mod.rs @@ -47,7 +47,7 @@ pub struct Proof { /// Signature over the body signature: String, - /// Common informations that should be in any proof + /// Common information that should be in any proof common_content: Common, /// Digest (blake2b256) diff --git a/crev-data/src/proof/review/package.rs b/crev-data/src/proof/review/package.rs index c26fedaf..19557d18 100644 --- a/crev-data/src/proof/review/package.rs +++ b/crev-data/src/proof/review/package.rs @@ -459,7 +459,7 @@ impl Advisory { /// a problem with package in a given version. It leaves the /// question open if any previous and following versions might /// also be affected, but will be considered open and affecting -/// all following versions withing the `range` until an advisory +/// all following versions within the `range` until an advisory /// is found for it, matching the id. #[derive(Clone, TypedBuilder, Debug, Serialize, Deserialize)] #[serde(rename_all = "kebab-case")] diff --git a/crev-lib/rc/doc/editing-trust.md b/crev-lib/rc/doc/editing-trust.md index af772fca..b6b029d2 100644 --- a/crev-lib/rc/doc/editing-trust.md +++ b/crev-lib/rc/doc/editing-trust.md @@ -34,7 +34,7 @@ Example reasons *NOT* to use distrust level: self-reported `thoroughness` and `understanding` levels are truthful, such reviews are still beneficial to the community and it's up to other users to filter them out with `--thoroughness X` and `--understanding X` - flags if they don't want ot use them. + flags if they don't want to use them. * Users review criteria don't match my higher quality standards. Again, within reason that does not endanger the community, it is a reasponsibility of other users to assign lower trust levels to parties diff --git a/crev-lib/src/local.rs b/crev-lib/src/local.rs index 93c1a8db..88c670d8 100644 --- a/crev-lib/src/local.rs +++ b/crev-lib/src/local.rs @@ -41,7 +41,7 @@ fn generete_salt() -> Vec { /// `host_salt` was not a thing - generate some /// form of stable id /// -/// TODO: at some point this should no longer be neccessary +/// TODO: at some point this should no longer be necessary fn backfill_salt() -> Vec { crev_common::blake2b256sum(b"BACKFILLED_SUM").to_vec() } @@ -820,13 +820,13 @@ impl Local { Ok(from_id.create_trust_proof(&public_ids, trust_level, override_)?) } - /// Fetch other people's proof repostiory from a git URL, into the current database on disk + /// Fetch other people's proof repository from a git URL, into the current database on disk pub fn fetch_url(&self, url: &str) -> Result<()> { let mut db = self.load_db()?; self.fetch_url_into(url, &mut db) } - /// Fetch other people's proof repostiory from a git URL, directly into the given db (and disk too) + /// Fetch other people's proof repository from a git URL, directly into the given db (and disk too) pub fn fetch_url_into(&self, url: &str, db: &mut crev_wot::ProofDB) -> Result<()> { info!("Fetching {}... ", url); let dir = self.fetch_remote_git(url)?; diff --git a/crev-lib/src/proof.rs b/crev-lib/src/proof.rs index 440df07f..7e02d304 100644 --- a/crev-lib/src/proof.rs +++ b/crev-lib/src/proof.rs @@ -26,7 +26,7 @@ pub(crate) fn rel_store_path(proof: &proof::Proof, host_salt: &[u8]) -> PathBuf date, type_subname, // this used to be `[..4]`, but temporarily change it - // to accomodate a new proof format. old clients will + // to accommodate a new proof format. old clients will // fail to parse a whole file if it contains a new proof // format, so this makes sure new proofs are only // in separate files; this can be reverted back after diff --git a/crev-lib/src/tests.rs b/crev-lib/src/tests.rs index 18a2716a..e430dbdd 100644 --- a/crev-lib/src/tests.rs +++ b/crev-lib/src/tests.rs @@ -7,7 +7,7 @@ use crev_wot::{FetchSource, ProofDB}; use default::default; use std::{str::FromStr, sync::Arc}; -// Basic liftime of an `LockedId`: +// Basic lifetime of an `LockedId`: // // * generate // * lock with a passphrase diff --git a/crev-wot/src/lib.rs b/crev-wot/src/lib.rs index dbdc60a2..f38a7098 100644 --- a/crev-wot/src/lib.rs +++ b/crev-wot/src/lib.rs @@ -662,7 +662,7 @@ impl ProofDB { // This is one of the most complicated calculations in whole crev. I hate this code // already, and I have barely put it together. - // Here we track all the reported isue by issue id + // Here we track all the reported issue by issue id let mut issue_reports_by_id: HashMap = HashMap::new(); // First we go through all the reports in previous versions with `issues` fields and collect these. diff --git a/crev-wot/src/tests.rs b/crev-wot/src/tests.rs index 0ecca340..54a53bdc 100644 --- a/crev-wot/src/tests.rs +++ b/crev-wot/src/tests.rs @@ -99,7 +99,7 @@ fn proofdb_distance() -> Result<()> { // should be visible in all the user-facing stats, listings // and counts. #[test] -fn overwritting_reviews() -> Result<()> { +fn overwriting_reviews() -> Result<()> { let url = FetchSource::Url(Arc::new(Url::new_git("https://a"))); let a = UnlockedId::generate_for_git_url("https://a"); let digest = [0; 32]; diff --git a/crev-wot/src/trust_set.rs b/crev-wot/src/trust_set.rs index 2c60158e..668cf1c4 100644 --- a/crev-wot/src/trust_set.rs +++ b/crev-wot/src/trust_set.rs @@ -47,12 +47,12 @@ pub struct TraverseLogEdge { pub relative_distance: Option, pub total_distance: Option, pub distrusted_by: HashSet, - pub overriden_by: HashSet, + pub overridden_by: HashSet, pub no_change: bool, pub ignored_distrusted: bool, pub ignored_trust_too_low: bool, - pub ignored_overriden: bool, + pub ignored_overridden: bool, pub ignored_too_far: bool, } @@ -71,10 +71,10 @@ pub struct TrustSet { pub trusted: HashMap, pub distrusted: HashMap, - // "ignore trust from `Id` to `Id`, as overriden by some other Ids with an effective `TrustLevel`s + // "ignore trust from `Id` to `Id`, as overridden by some other Ids with an effective `TrustLevel`s pub trust_ignore_overrides: HashMap<(Id, Id), OverrideSourcesDetails>, - // "ignore specific package review by `Id`, as overriden by some other Ids with an effective `TrustLevel`s + // "ignore specific package review by `Id`, as overridden by some other Ids with an effective `TrustLevel`s pub package_review_ignore_override: HashMap, } @@ -215,7 +215,7 @@ impl TrustSet { let too_far = params.max_distance < candidate_total_distance; let trust_too_low = too_far && effective_trust_level == TrustLevel::None; - let overriden_by = if let Some(existing_override) = current_trust_set + let overridden_by = if let Some(existing_override) = current_trust_set .trust_ignore_overrides .get(&(current.id.clone(), candidate_id.clone())) { @@ -238,12 +238,12 @@ impl TrustSet { relative_distance: Some(candidate_distance_from_current), total_distance: Some(candidate_total_distance), distrusted_by: distrusted_by.clone(), - overriden_by: overriden_by.clone(), + overridden_by: overridden_by.clone(), ignored_distrusted: too_far && !distrusted_by.is_empty(), ignored_too_far: too_far, ignored_trust_too_low: trust_too_low, - ignored_overriden: !overriden_by.is_empty(), + ignored_overridden: !overridden_by.is_empty(), // to be changed if there was actually a change no_change: true, @@ -264,9 +264,9 @@ impl TrustSet { continue; } - if !overriden_by.is_empty() { + if !overridden_by.is_empty() { debug!( - "{} trust for {} was ignored (overriden)", + "{} trust for {} was ignored (overridden)", current.id, candidate_id ); continue; @@ -283,7 +283,7 @@ impl TrustSet { // We discard the result, because we actually want to make as much // progress as possible before restaring building the WoT, and // we will not visit any node that was marked as distrusted, - // becuse we check it for every node to be visited + // because we check it for every node to be visited let _ = current_trust_set .record_distrusted_id(candidate_id.clone(), current.id.clone());