add more rules in pre-commits (#985)

Co-authored-by: vyuroshchin <vyuroshchin@sberautotech.ru>
Co-authored-by: William Woodruff <william@yossarian.net>

Author: 3 people

.github/workflows/release.yml

@@ -19,20 +19,19 @@ jobs:
       contents: write
 
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
-      with:
-        persist-credentials: false
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        with:
+          persist-credentials: false
 
-    - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
-      with:
-        python-version-file: pyproject.toml
+      - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
+        with:
+          python-version-file: pyproject.toml
 
-    - name: deps
-      run: python -m pip install -U build
+      - name: deps
+        run: python -m pip install -U build
 
-    - name: build
-      run: python -m build
-
-    - name: publish
-      uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
+      - name: build
+        run: python -m build
 
+      - name: publish
+        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0

.github/workflows/scorecards.yml

@@ -5,7 +5,7 @@ on:
   schedule:
     - cron: '19 4 * * 0'
   push:
-    branches: [ "main" ]
+    branches: ["main"]
 
 # No permissions needed at top-level.
 permissions: {}

.pre-commit-config.yaml

@@ -5,7 +5,7 @@ PY_MODULE := pip_audit
 ALL_PY_SRCS := $(shell find $(PY_MODULE) -name '*.py') \
 	$(shell find test -name '*.py')
 
-# Optionally overriden by the user, if they're using a virtual environment manager.
+# Optionally overridden by the user, if they're using a virtual environment manager.
 VENV ?= env
 
 # On Windows, venv scripts/shims are under `Scripts` instead of `bin`.
@@ -52,7 +52,8 @@ lint: $(VENV)/pyvenv.cfg
 		ruff format --check $(ALL_PY_SRCS) && \
 		ruff check $(ALL_PY_SRCS) && \
 		mypy $(PY_MODULE) && \
-		interrogate -c pyproject.toml .
+		interrogate -c pyproject.toml . && \
+		typos .
 
 .PHONY: reformat
 reformat:

Makefile

@@ -604,7 +604,7 @@ and purposes, `pip-audit -r INPUT` is functionally equivalent to
 `pip install -r INPUT`, with a small amount of **non-security isolation** to
 avoid conflicts with any of your local environments.
 
-`pip-audit` is first and foremost a auditing tool for *Python* packages.
+`pip-audit` is first and foremost an auditing tool for *Python* packages.
 You **must not** assume that `pip-audit` will detect or flag "transitive"
 vulnerabilities that might be exposed through Python packages, but are not
 actually part of the package itself. For example, `pip-audit`'s vulnerability

README.md

@@ -46,11 +46,12 @@ cov = [
 ]
 test = ["pretend", "pytest", "pip-audit[cov]"]
 lint = [
-    "ruff >= 0.11",
+    "ruff >= 0.14",
     "interrogate ~= 1.6",
     "mypy",
     "types-requests",
     "types-toml",
+    "typos",
 ]
 doc = ["pdoc"]
 dev = ["build", "pip-audit[doc,test,lint]"]

pyproject.toml

@@ -697,7 +697,7 @@ def test_requirement_source_fix_explicit_subdep_resolver_error(req_file):
     assert len(mock_resolver.resolve.calls) == 0
 
 
-def test_requirement_source_fix_explicit_subdep_comment_retension(req_file):
+def test_requirement_source_fix_explicit_subdep_comment_retention(req_file):
     # This test is regression testing a weakness in the previous fix implementation.
     #
     # When fixing a subdependency and explicitly adding it to the requirements file, we add a