search

get-woke / woke

Detect non-inclusive language in your source code.
https://docs.getwoke.tech
MIT License
457 stars 61 forks source link

False-positive for URLs, even with `word_boundary: true` #272

Open sed-i opened 1 year ago

sed-i commented 1 year ago

Currently, woke is triggered by keywords that are part of a URL:

$ echo "http://whitelist.com/slave" | woke --stdin
/dev/stdin:1:7-16: `whitelist` may be insensitive, use `allowlist`, `inclusion list` instead (warning)
http://whitelist.com/slave
       ^
/dev/stdin:1:21-26: `slave` may be insensitive, use `follower`, `replica`, `standby` instead (error)
http://whitelist.com/slave
                     ^

Both of the above are still triggered even with word_boundary: true.

Our CI currently fails for files that have comments with URLs with master, such as: https://github.com/kubernetes/kube-state-metrics/blob/master/CHANGELOG.md

Please include the following information:

Version of woke ```console $ woke --version woke version 0.19.0 ```
Config file ```console $ cat .woke.yml rules: - name: whitelist terms: - whitelist - white-list alternatives: - allowlist note: An optional description why these terms are not inclusive. It can be optionally included in the output message. options: word_boundary: true - name: slave terms: - slave - slaves alternatives: - secondary note: An optional description why these terms are not inclusive. It can be optionally included in the output message. options: word_boundary: true ```
Go environment ```console $ go version && go env zsh: command not found: go ```
Verbose output of running ```console $ woke --debug 2023-05-12T00:23:35-04:00 DBG woke version 0.19.0 built from e588a3e on 2022-07-28T22:46:26Z 2023-05-12T00:23:35-04:00 DBG Adding custom ruleset from filename=/tmp/test/.woke.yml 2023-05-12T00:23:35-04:00 DBG loaded config file config=/tmp/test/.woke.yml 2023-05-12T00:23:35-04:00 DBG config rules rules=["whitelist","slave"] 2023-05-12T00:23:35-04:00 DBG default rules rules=["whitelist","blacklist","master-slave","slave","grandfathered","man-hours","sanity","dummy","guys","whitebox","blackbox"] 2023-05-12T00:23:35-04:00 DBG all enabled rules rules=["whitelist","slave","blacklist","master-slave","grandfathered","man-hours","sanity","dummy","guys","whitebox","blackbox"] 2023-05-12T00:23:35-04:00 DBG Could Not Find Root Git Folder 2023-05-12T00:23:35-04:00 DBG finished compiling ignores durationMS=0.093716 2023-05-12T00:23:35-04:00 DBG created new printer printer=text 2023-05-12T00:23:35-04:00 DBG process files path=. type=parallel 2023-05-12T00:23:35-04:00 DBG skipping file=.woke.yml reason="ignored file" 2023-05-12T00:23:35-04:00 DBG skipping content file=. reason="file is a directory" 2023-05-12T00:23:35-04:00 DBG finished processing findings durationMS=0.123635 file=. No findings found. 2023-05-12T00:23:35-04:00 DBG woke completed durationMS=0.689903 ```
github-actions[bot] commented 1 year ago

👋 Thanks for submitting your first issue!

Please be sure to read and follow our Code of Conduct and Contributing guide.

⭐️ Is your org or open source project using woke? If so, we'd love for you to be included in the 'Who uses woke' list at https://github.com/get-woke/woke/blob/main/docs/about.md#who-uses-woke.