search

intel / cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
https://cve-bin-tool.readthedocs.io/en/latest/
GNU General Public License v3.0
1.25k stars 466 forks source link

CI: spell check in pre-commit #2971

Open terriko opened 1 year ago

terriko commented 1 year ago

Currently, our spelling check runs only in Github Actions (we're currently uising check-spelling/check-spelling@v0.0.21 ), but it would be helpful if we could have it run in pre-commit with the other linters, so folk using pre-commit could get early local warning of any words that are going to cause a problem. I don't know offhand if there's a good solution for this that would be compatible with our current system, so we might also have to consider migrating to a new solution.

This came up a few times while people were working on hackathon PRs: the CI queues were long or Actions was offline, and teams were able to locally handle all the other linter errors but didn't have tooling to help spot spelling related issues.

I wouldn't say this is urgent, but it might be nice to have it in place before we do another hackathon style event that puts pressure on the CI system.

terriko commented 7 months ago

One potential option here: https://github.com/nektos/act

I don't know that I want to ask people to run docker from pre-commit on the regular (that feels very heavyweight if you don't have docker installed) but we could potentially figure out how to set it up and put instructions in the contributor docs in case anyone wants to use it and already has the tools setup. It'd be nice to run gitlint this way too.