more fix

Author: polazarus

src/en/devenv.md

@@ -23,13 +23,13 @@ references:
 
 [Rustup] is the Rust toolchain installer. Among other things, it enables
 switching between different flavors of the toolchain (stable, beta, nightly),
-managing additional components installation and keeping them up to date.
+managing the installation of additional components and keeping them up to date.
 
 <div class="warning">
 
 From a security perspective, `rustup` does perform all downloads over HTTPS,
 but does not yet validate signatures of downloads. Protection against
-downgrade attacks, certificate pinning, validation of signatures are still
+downgrade attacks, certificate pinning, and validation of signatures are still
 works in progress.
 In some cases, it may be preferable to opt for an alternative installation
 method listed in the *Install* section of the official Rust website.
@@ -156,10 +156,10 @@ It has a fundamental role in most Rust developments:
 - It’s also a front-end to run complementary tools such as those that are
   described below, in the form of sub-commands.
 
-Cargo enables automatic dependencies resolution before compilation 
+Cargo enables automatic dependency resolution before compilation 
 by checking their checksums.
-File `Cargo.lock` contains all dependencies checksums which are compared to
-the one downloaded.
+The `Cargo.lock` file contains the checksums of all dependencies, which are compared to
+the ones downloaded.
 If a difference is detected, compilation fails:
 
 ```
@@ -181,14 +181,14 @@ the file is overwritten with the latest available version of every crate.
 
 <div class="reco" id="DENV-CARGO-LOCK" type="Rule" title="Track Cargo.lock in version control system">
 
-`Cargo.lock` files MUST be tracked by version control system.
+`Cargo.lock` files MUST be tracked by a version control system.
 
 </div>
 
 <div class="warning">
 
 Ongoing discussions occur on how to best protect
-and verify crates *on their first download* (according TOFU rule).
+and verify crates *on their first download* (according to the TOFU rule).
 For now, the security of the first download relies on the good security of the
 website [crates.io] and the GitHub hosted repository containing the
 registry index. In some cases, it may be preferable to opt for an alternative
@@ -219,7 +219,7 @@ in development profiles' sections (`[profile.dev]` and `[profile.test]`).
 
 </div>
 
-Cargo proposes other ways to setup its configuration and change its behavior on
+Cargo proposes other ways to set up its configuration and change its behavior on
 a given system. This can be very useful, but it may also be difficult to know
 and remember at a given time all the options that are effectively used, and
 in particular passed to the compiler. At the end, this can affect the confidence
@@ -232,7 +232,7 @@ to use the Cargo build scripts feature.
 <div class="reco" id="DENV-CARGO-ENVVARS" type="Rule" title="Keep default values for compiler environment variables when running cargo">
 
 The environment variables `RUSTC`, `RUSTC_WRAPPER` and `RUSTFLAGS` MUST NOT
-be overriden when using Cargo to build the project.
+be overridden when using Cargo to build the project.
 
 </div>
 
@@ -268,7 +268,7 @@ guidelines.
 
 ### Cargo fix
 
-The `cargo fix` command is a tool dedicated in
+The `cargo fix` command is a tool dedicated to
 fixing compiler warnings as well as easing transitions between editions.
 
 ```shell
@@ -313,7 +313,7 @@ detect. The warnings should be re-checked by the programmer before committing
 the fix that is suggested by `clippy`, especially in the case of lints of the
 category `clippy::nursery` since those hints are still under development.
 
-`clippy` now has similar `fix` tool as `rustfix`
+`clippy` now has a `fix` tool similar to `cargo fix`.
 
 [clippy]: https://github.com/rust-lang/rust-clippy
 

src/en/errors.md

@@ -92,7 +92,7 @@ Stack unwinding from Rust code into foreign code results in undefined behavior.
 Rust code called from FFI MUST either:
 
 * ensure the function cannot panic,
-* use `catch_unwind` or the `std::panic` module to ensure the rust code will not
+* use `catch_unwind` or the `std::panic` module to ensure the Rust code will not
 abort or return in an unstable state.
 
 </div>

src/en/introduction.md

@@ -40,7 +40,7 @@ Besides, static typing discipline, type inference, and ad hoc polymorphism (in
 the form of traits) are other ways Rust provides to build libraries and programs
 in a safe manner.
 
-Finally, the toolchain (rustup, cargo) greatly facilitate the use of Rust by simplifying
+Finally, the toolchain (rustup, cargo) greatly facilitates the use of Rust by simplifying
 the configuration of the software construction, while giving priority to good compilation
 safety practices.
 
@@ -94,7 +94,7 @@ Then, recommendations about the Rust language constructs are presented.
 tests for a project in Rust, and for using Rust fuzzing tools.-->
 We finally introduce some recommendations for established Rust libraries.
 
-Note that *async* Rust is currently eluded from recommendations list.
+Note that *async* Rust is currently not addressed in this document.
 
 A summary of recommendations presented throughout the document is listed at the
 end of this guide.

src/en/libraries.md

@@ -9,11 +9,11 @@ It is important to note that accurately tracking the versions of these libraries
 ### Crates
 
 In addition to the standard library, Rust provides an easy way to import other
-libraries in a project, thanks to `cargo`. The libraries, known as *crates* in
-the Rust ecosystem, are imported from an open-source components central
-repository.
+libraries in a project, thanks to `cargo`.
+The libraries, known as *crates* in the Rust ecosystem, are imported from a central repository of open-source
+components.
 
-An example of dependency declaration in the `Cargo.toml` file:
+An example of a dependency declaration in the `Cargo.toml` file:
 
 ```toml
 [dependencies]
@@ -63,15 +63,15 @@ Each third-party dependency SHOULD be properly validated, and each validation SH
 
 ### Cargo-outdated
 
-[Cargo-outdated] tool allows one to easily manage dependencies' versions.
+[cargo-outdated] tool allows one to easily manage dependency versions.
 
-For a given crate, it lists current dependencies' versions (using its
+For a given crate, it lists the current versions of dependencies (using
 `Cargo.toml`), and checks the latest compatible version and also the latest general
 version.
 
-<div class="reco" id="LIBS-OUTDATED" type="Rule" title="Check for outdated dependencies versions (cargo-outdated)">
+<div class="reco" id="LIBS-OUTDATED" type="Rule" title="Check for outdated dependencies (cargo-outdated)">
 
-The `cargo-outdated` tool MUST be used to check dependencies' status. Then,
+The `cargo-outdated` tool MUST be used to check the status of dependencies. Then,
 each outdated dependency SHOULD be updated or the choice of the version MUST be
 justified.
 
@@ -84,7 +84,7 @@ justified.
 [Cargo-audit] tool allows one to easily check for security vulnerabilities
 reported to the RustSec Advisory Database.
 
-<div class="reco" id="LIBS-AUDIT" type="Rule" title="Check for security vulnerabilities report on dependencies (cargo-audit)">
+<div class="reco" id="LIBS-AUDIT" type="Rule" title="Check for security vulnerability reports on dependencies (cargo-audit)">
 
 The `cargo-audit` tool MUST be used to check for known vulnerabilities in
 dependencies.

src/en/macros.md

@@ -3,6 +3,6 @@
 <!-- ## Macros -->
 
 <!--
-<mark>TODO</mark>: cyclomatic complexity of the macro expanded code, recursion
+<mark>TODO</mark>: cyclomatic complexity of the macro-expanded code, recursion
 limits, ...
 -->

src/en/testfuzz.md

@@ -8,4 +8,4 @@
 
 ### cargo-fuzz
 
-<mark>TODO</mark>: good practices in fuzzing programs or part of programs.
+<mark>TODO</mark>: good practices in fuzzing programs or parts of programs.

src/en/unsafe.md

@@ -1,2 +1 @@
-# Rust unsafe
-
+# Unsafe Rust