Merge pull request #818 from mr-raj12/fix/spelling-typos-across-codebase

Fix spelling typos in docs, source, and scripts

Author: JonoYang

clearcode/cdutils.py

@@ -34,7 +34,7 @@
 from packageurl import PackageURL
 
 """
-ClearlyDefined utlities.
+ClearlyDefined utilities.
 """
 
 TRACE_FETCH = False
@@ -532,7 +532,7 @@ def str2coord(s):
     segments = s.strip(splitter).split(splitter)
     if is_urn or is_url:
         segments = segments[1:]
-    # ignore extra segments for now beyond the 5 fisrt (such as the PR of a curation)
+    # ignore extra segments for now beyond the 5 first (such as the PR of a curation)
     segments = segments[:5]
 
     fields = (

clearcode/store_scans.py

@@ -34,8 +34,8 @@
 
 """
 The input is a bunch of scans from ClearlyDefined and
-the output is a bunch of git repositories with commited and
-pushed scans such that we balance the scans roughly evenly accross
+the output is a bunch of git repositories with committed and
+pushed scans such that we balance the scans roughly evenly across
 different repositories.
 
 The primary reason for multiple repositories is size of a single
@@ -127,7 +127,7 @@ def get_cd_item_by_purl_hash(cd_items):
 def add_scancode_scan(repo, purl, scancode_scan):
     """
     Save and commit scancode scan for purl to git repo.
-    Return true if we commited else false
+    Return true if we committed else false
     """
     purl_data_dir = get_or_create_dir_for_purl(purl=purl, repo=repo)
     scancode_scan_path = purl_data_dir / "scancode-toolkit-scan.json"

clearindex/management/commands/run_clearindex.py

@@ -161,7 +161,7 @@ def handle(self, *args, **options):
 def map_definition(cditem):
     """
     Map a CD definition. Return the Package created from a mapped CD definition
-    or None if a Package could not be created or an Exception has occured.
+    or None if a Package could not be created or an Exception has occurred.
     """
     try:
         with transaction.atomic():
@@ -328,7 +328,7 @@ def str2coord(s):
     segments = s.strip(splitter).split(splitter)
     if is_urn or is_url:
         segments = segments[1:]
-    # ignore extra segments for now beyond the 5 fisrt (such as the PR of a curation)
+    # ignore extra segments for now beyond the 5 first (such as the PR of a curation)
     segments = segments[:5]
 
     fields = (

docs/source/how-to-guides/deploy_to_devel.rst

@@ -4,7 +4,7 @@
 Map deployed code back to source code aka. back2source
 =======================================================
 
-In this tutorial we excercise the ScanCode.io pipeline used map the deployed binaries back to the
+In this tutorial we exercise the ScanCode.io pipeline used map the deployed binaries back to the
 assumed source code of a package, or map source archives to the sources from a version control
 system (VCS) checkout.
 
@@ -59,17 +59,17 @@ Yet these assumption are often proven wrong and the potential for many issues:
   <https://en.wikipedia.org/wiki/XZ_Utils_backdoor>_ incident where the source archive of the XZ
   Utils packages had been modified to create a malicious SSH backdoor. These cases need to be
   detected ideally before the source code is even built. back2source has been detecting the
-  XZ malicious automake build scripts as requring review, and this using code available before the
+  XZ malicious automake build scripts as requiring review, and this using code available before the
   XZ backdoor issue was known.
 
-- Extra code may be provisioned and routinely injected or complied in the final binary without
+- Extra code may be provisioned and routinely injected or compiled in the final binary without
   malice.
 
   - For instance, an "UberJAR" is created as a larger Java JAR
     <https://en.wikipedia.org/wiki/JAR_(file_format)>_
     as the combination of multiple JARS. The other JARs are fetched at built time and not present in
     source code form and commonly without metadata to help track their origin. This means that using
-    package A, means really using unknowningly A, but also B and C. There are license and security
+    package A, means really using unknowingly A, but also B and C. There are license and security
     implications when the license, origin and vulnerability status of B and C goes undetected. Most
     tools do not detect these extra package inclusions.
 
@@ -102,12 +102,12 @@ The ScanCode.io pipeline supports these technologies:
 
 - end-to-end ELF binaries package binary to source analysis. The focus is on on binaries compiled
   from C (C++ will be implemented separately in the future as it requires additional demangling of
-  function signatures). This analysis is based extracting DWARF debug symbols compliation unit
+  function signatures). This analysis is based extracting DWARF debug symbols compilation unit
   references.
 
-- end-to-end Go binary executable to source analysis o binary to source analysis. Note that Go is
-  special, as while its targets binaries are compiled to ELF, Macho-O and Windows PE/COFF formats,
-  depending on the operating system target and can also be anlyzed as an ELF for Linux, a Go
+- end-to-end Go binary executable to source analysis or binary to source analysis. Note that Go is
+  special, as while its targets binaries are compiled to ELF, Mach-O and Windows PE/COFF formats,
+  depending on the operating system target and can also be analyzed as an ELF for Linux, a Go
   binary also contains extra information to map source and binaries together through a specific
   data structure. This pipeline will be using this data structure (aka. the pclntab).
 
@@ -450,6 +450,6 @@ Here is how the project creation looks like:
 .. image:: images/d2d-images/43a5ff56-fb36-45c7-82bb-8b5256759eee.png
 
 
-- Inthe resource page, there are also file-level mappings details:
+- In the resource page, there are also file-level mappings details:
 
 .. image:: images/d2d-images/4acd087e-0cd1-4361-a8ee-f7af7681c74e.png

docs/source/how-to-guides/symbols_and_strings.rst

@@ -76,7 +76,7 @@ Binary analysis
 ~~~~~~~~~~~~~~~~
 
 Once we have collected symbols and strings from the source code, we can search these in a binary.
-The presence of these symbols in the binaries can be used to find the origin of code complied in
+The presence of these symbols in the binaries can be used to find the origin of code compiled in
 binaries with a lightweight "reverse" engineering process. For instance, a tool like BANG
 <https://github.com/armijnhemel/binaryanalysis-ng/>_ can use the source symbols to build
 automatons-based search indexes to support an efficient binary origin analysis.

docs/source/purldb/rest_api.rst

@@ -133,7 +133,7 @@ An API endpoint that provides the ability to list and get packages.
                 "parties": [
                     {
                         "type": "person",
-                        "role": "developper",
+                        "role": "developer",
                         "name": "Elastic",
                         "email": null,
                         "url": "https://www.elastic.co"
@@ -277,7 +277,7 @@ The package details view returns all information available about a package.
         "parties": [
             {
                 "type": "person",
-                "role": "developper",
+                "role": "developer",
                 "name": "Elastic",
                 "email": null,
                 "url": "https://www.elastic.co"
@@ -468,7 +468,7 @@ Using cURL to get enhanced package data:
         "parties": [
             {
                 "type": "person",
-                "role": "developper",
+                "role": "developer",
                 "name": "Elastic",
                 "email": null,
                 "url": "https://www.elastic.co"
@@ -550,7 +550,7 @@ Using cURL to reindex a package:
 Filter by checksum
 ~~~~~~~~~~~~~~~~~~
 
-Take a mapping, where the keys are the names of the checksum algorthm and the
+Take a mapping, where the keys are the names of the checksum algorithm and the
 values is a list of checksum values and query those values against the
 packagedb.
 
@@ -666,7 +666,7 @@ One action is available on resources:
 Filter by checksum
 ~~~~~~~~~~~~~~~~~~
 
-Take a mapping, where the keys are the names of the checksum algorthm and the
+Take a mapping, where the keys are the names of the checksum algorithm and the
 values is a list of checksum values and query those values against the
 packagedb.
 

docs/source/purldb/symbol_and_string_collection.rst

@@ -11,9 +11,9 @@ pipeline and stores them in the ``extra_data`` field of the resource model.
 What are symbols?
 ------------------
 
-Source code symbols are the names of the functions, methods, classes, varibales and data structures
-as found in source code. Another name is "identifiers". Source code iterals (or "strings") are the
-string values of variables, such as messages asssigned to a variable or constant in the source code
+Source code symbols are the names of the functions, methods, classes, variables and data structures
+as found in source code. Another name is "identifiers". Source code literals (or "strings") are the
+string values of variables, such as messages assigned to a variable or constant in the source code
 of a program.
 
 Why would you want to collect source symbols?

etc/ci/macports-ci

@@ -190,7 +190,7 @@ do
 # this check confirms that ports were installed
 # notice that port -N selfupdate && break is not sufficient as a test
 # (sometime it returns a success even though ports have not been installed)
-# for some misterious reasons, running without "-d" does not work in some case
+# for some mysterious reasons, running without "-d" does not work in some case
   sudo port -d -N selfupdate 2>&1 | grep -v DEBUG | awk '{if($1!="x")print}'
   port info xdrfile > /dev/null && break || true
   sleep 5

etc/scripts/fetch_thirdparty.py

@@ -166,7 +166,7 @@ def fetch_thirdparty(
     Download the PyPI packages listed in the combination of:
     - the pip requirements --requirements REQUIREMENT-FILE(s),
     - the pip name==version --specifier SPECIFIER(s)
-    - any pre-existing wheels or sdsists found in --dest-dir THIRDPARTY_DIR.
+    - any pre-existing wheels or sdists found in --dest-dir THIRDPARTY_DIR.
 
     Download wheels with the --wheels option for the ``--python-version``
     PYVER(s) and ``--operating_system`` OS(s) combinations defaulting to all

etc/scripts/gen_pypi_simple.py

@@ -177,7 +177,7 @@ def simple_index_entry(self, base_url):
 def build_pypi_index(directory, base_url="https://thirdparty.aboutcode.org/pypi"):
     """
     Create the a PyPI simple directory index using a ``directory`` directory of wheels and sdists in
-    the direvctory at ``directory``/simple/ populated with the proper PyPI simple index directory
+    the directory at ``directory``/simple/ populated with the proper PyPI simple index directory
     structure crafted using symlinks.
 
     WARNING: The ``directory``/simple/ directory is removed if it exists. NOTE: in addition to the a