diff --git a/.github/workflows/typos.yaml b/.github/workflows/typos.yaml new file mode 100644 index 0000000000..a153f10507 --- /dev/null +++ b/.github/workflows/typos.yaml @@ -0,0 +1,21 @@ +name: 🔤 Typo Check + +on: + push: + branches: ["dev"] + pull_request: + workflow_dispatch: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + typos: + name: Spell Check with Typos + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + - uses: crate-ci/typos@v1.43.3 + with: + files: . diff --git a/_typos.toml b/_typos.toml new file mode 100644 index 0000000000..992f1d402a --- /dev/null +++ b/_typos.toml @@ -0,0 +1,50 @@ +# Configuration for the typos spell checker +# https://github.com/crate-ci/typos + +[files] +# Skip non-English translated README files (contain legitimate non-English words) +extend-exclude = [ + "README_CN.md", + "README_ES.md", + "README_ID.md", + "README_JP.md", + "README_KR.md", + "README_PT-BR.md", + "README_TR.md", + # Test data and fixtures + "pkg/input/formats/testdata/*", + "pkg/protocols/common/helpers/deserialization/testdata/*", + # WAF regex patterns (contain intentional fragments) + "pkg/output/stats/waf/regexes.json", +] + +[default.extend-words] +# CLI flag abbreviations used in help text and code +ines = "ines" # JSONL(ines) +ine = "ine" # -ine flag suffix +hae = "hae" # -hae (http-api-endpoint) +ue = "ue" # -ue (uncover-engine) +ot = "ot" # -ot flag +# Variable/identifier names +fo = "fo" # variable name in request_generator.go +# Type from external dependency (projectdiscovery/goflags) +Allowd = "Allowd" +# NooP is a standard abbreviation for No-Operation +Noo = "Noo" +# MisMatched is used as a struct field name +Mis = "Mis" + +# SQL keywords in error messages (legitimate SQL keywords) +SELEC = "SELEC" # Part of "SELECTs" in SQL error messages + +# Base64/certificate data fragments and test data values +# These appear in PEM-encoded certificates and test fixtures - typos flags them +# as potential misspellings but they are legitimate base64 alphabet sequences +alo = "alo" # XML test data (Croatian word "dijete>alo") +Iif = "Iif" # Base64 encoded test data +BA = "BA" # Base64 sequence in PEM certificates (cmd/integration-test/generic.go:36) +Iy = "Iy" # Base64 sequence in PEM certificates (pkg/testutils/integration.go:274) +Iz = "Iz" # Base64 sequence in PEM certificates +inFo = "inFo" # Test payload in pkg/model/types/severity/severity_test.go (case-sensitive severity test) +# Test data content +algoritmos = "algoritmos" # Spanish word in fuzz playground test data diff --git a/cmd/tmc/main.go b/cmd/tmc/main.go index fa9bc8ea5f..366b2ced3c 100644 --- a/cmd/tmc/main.go +++ b/cmd/tmc/main.go @@ -196,14 +196,14 @@ func process(opts options) error { } if opts.format { - formatedTemplateData, isFormated, err := formatTemplate(dataString) + formattedTemplateData, isFormatted, err := formatTemplate(dataString) if err != nil { gologger.Info().Label("format").Msg(logErrMsg(path, err, opts.debug, errFile)) } else { - if isFormated { - _ = os.WriteFile(path, []byte(formatedTemplateData), 0644) - dataString = formatedTemplateData - gologger.Info().Label("format").Msgf("✅ formated template: %s\n", path) + if isFormatted { + _ = os.WriteFile(path, []byte(formattedTemplateData), 0644) + dataString = formattedTemplateData + gologger.Info().Label("format").Msgf("✅ formatted template: %s\n", path) } } } diff --git a/integration_tests/protocols/http/matcher-status.yaml b/integration_tests/protocols/http/matcher-status.yaml index 4cfd0d1a0b..8dd04475d8 100644 --- a/integration_tests/protocols/http/matcher-status.yaml +++ b/integration_tests/protocols/http/matcher-status.yaml @@ -14,7 +14,7 @@ http: - method: GET path: - "{{RootURL}}/login?username={{username}}&password={{password}}" - - "{{BaseURL}}/admin-pannel" + - "{{BaseURL}}/admin-panel" - method: GET path: diff --git a/integration_tests/protocols/network/net-https-timeout.yaml b/integration_tests/protocols/network/net-https-timeout.yaml index a0d106fc0b..64a781a3d7 100644 --- a/integration_tests/protocols/network/net-https-timeout.yaml +++ b/integration_tests/protocols/network/net-https-timeout.yaml @@ -12,7 +12,7 @@ tcp: - "tls://{{Hostname}}" port: 443 inputs: - # noticable difference between this and net-https.yaml is that here we don't send the Connection: close header + # noticeable difference between this and net-https.yaml is that here we don't send the Connection: close header # and hence connection will remain open until server closes it. This can be a DOS vector in nuclei # as it waits for server to close the connection. now we have set a default timeout of 5 seconds and if server responds but doesn't close the connection # then nuclei will close connection but doesn't fail the request since we already have response data from server diff --git a/internal/runner/runner.go b/internal/runner/runner.go index 648f052e51..3f2ee49f27 100644 --- a/internal/runner/runner.go +++ b/internal/runner/runner.go @@ -854,7 +854,7 @@ func (r *Runner) displayExecutionInfo(store *loader.Store) { // only print these stats in verbose mode stats.ForceDisplayWarning(templates.ExcludedHeadlessTmplStats) stats.ForceDisplayWarning(templates.ExcludedCodeTmplStats) - stats.ForceDisplayWarning(templates.ExludedDastTmplStats) + stats.ForceDisplayWarning(templates.ExcludedDastTmplStats) stats.ForceDisplayWarning(templates.TemplatesExcludedStats) stats.ForceDisplayWarning(templates.ExcludedFileStats) stats.ForceDisplayWarning(templates.ExcludedSelfContainedStats) diff --git a/internal/server/server.go b/internal/server/server.go index bc06a1edc0..65fad37f6e 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -185,7 +185,7 @@ func (s *DASTServer) Start() error { return nil } -// PostReuestsHandlerRequest is the request body for the /fuzz POST handler. +// PostRequestsHandlerRequest is the request body for the /fuzz POST handler. type PostRequestsHandlerRequest struct { RawHTTP string `json:"raw_http"` URL string `json:"url"` @@ -224,7 +224,7 @@ type DASTServerInfo struct { NucleiVersion string `json:"nuclei_version"` NucleiTemplateVersion string `json:"nuclei_template_version"` NucleiDastServerAPI string `json:"nuclei_dast_server_api"` - ServerAuthEnabled bool `json:"sever_auth_enabled"` + ServerAuthEnabled bool `json:"server_auth_enabled"` } type DASTScanStatistics struct { diff --git a/lib/config.go b/lib/config.go index e79b3310bb..b19e99faf1 100644 --- a/lib/config.go +++ b/lib/config.go @@ -52,7 +52,7 @@ type TemplateFilters struct { ExcludeSeverities string // filter by excluding severities (accepts CSV values of info, low, medium, high, critical) ProtocolTypes string // filter by protocol types ExcludeProtocolTypes string // filter by excluding protocol types - Authors []string // fiter by author + Authors []string // filter by author Tags []string // filter by tags present in template ExcludeTags []string // filter by excluding tags present in template IncludeTags []string // filter by including tags present in template diff --git a/lib/tests/sdk_test.go b/lib/tests/sdk_test.go index 75309bbf8e..43ed00f008 100644 --- a/lib/tests/sdk_test.go +++ b/lib/tests/sdk_test.go @@ -42,7 +42,7 @@ func TestSimpleNuclei(t *testing.T) { defer ne.Close() } - // this is shared test so needs to be run as seperate process + // this is shared test so needs to be run as separate process if env.GetEnvOrDefault("TestSimpleNuclei", false) { // run as new process cmd := exec.Command(os.Args[0], "-test.run=TestSimpleNuclei") @@ -81,7 +81,7 @@ func TestSimpleNucleiRemote(t *testing.T) { require.Nil(t, err) defer ne.Close() } - // this is shared test so needs to be run as seperate process + // this is shared test so needs to be run as separate process if env.GetEnvOrDefault("TestSimpleNucleiRemote", false) { cmd := exec.Command(os.Args[0], "-test.run=TestSimpleNucleiRemote") cmd.Env = append(os.Environ(), "TestSimpleNucleiRemote=true") @@ -155,7 +155,7 @@ func TestWithVarsNuclei(t *testing.T) { require.Nil(t, err) defer ne.Close() } - // this is shared test so needs to be run as seperate process + // this is shared test so needs to be run as separate process if env.GetEnvOrDefault("TestWithVarsNuclei", false) { cmd := exec.Command(os.Args[0], "-test.run=TestWithVarsNuclei") cmd.Env = append(os.Environ(), "TestWithVarsNuclei=true") diff --git a/pkg/catalog/loader/loader.go b/pkg/catalog/loader/loader.go index 19aa590970..43ac45df73 100644 --- a/pkg/catalog/loader/loader.go +++ b/pkg/catalog/loader/loader.go @@ -824,7 +824,7 @@ func (store *Store) LoadTemplatesWithTags(templatesList, tags []string) []*templ store.logger.Print().Msgf("[%v] Tampered/Unsigned template at %v.\n", aurora.Yellow("WRN").String(), templatePath) } } else if parsed.IsFuzzableRequest() && !typesOpts.DAST { - stats.Increment(templates.ExludedDastTmplStats) + stats.Increment(templates.ExcludedDastTmplStats) if config.DefaultConfig.LogAllEvents { store.logger.Print().Msgf("[%v] -dast flag is required for DAST template '%s'.\n", aurora.Yellow("WRN").String(), templatePath) } diff --git a/pkg/fuzz/component/path.go b/pkg/fuzz/component/path.go index 58b8e99320..a39529d625 100644 --- a/pkg/fuzz/component/path.go +++ b/pkg/fuzz/component/path.go @@ -35,9 +35,9 @@ func (q *Path) Parse(req *retryablehttp.Request) (bool, error) { q.req = req q.value = NewValue("") - splitted := strings.Split(req.Path, "/") + parts := strings.Split(req.Path, "/") values := make(map[string]interface{}) - for i, segment := range splitted { + for i, segment := range parts { if segment == "" && i == 0 { // Skip the first empty segment from leading "/" continue @@ -88,20 +88,20 @@ func (q *Path) Delete(key string) error { // component rebuilt func (q *Path) Rebuild() (*retryablehttp.Request, error) { // Get the original path segments - originalSplitted := strings.Split(q.req.Path, "/") + originalParts := strings.Split(q.req.Path, "/") // Create a new slice to hold the rebuilt segments - rebuiltSegments := make([]string, 0, len(originalSplitted)) + rebuiltSegments := make([]string, 0, len(originalParts)) // Add the first empty segment (from leading "/") - if len(originalSplitted) > 0 && originalSplitted[0] == "" { + if len(originalParts) > 0 && originalParts[0] == "" { rebuiltSegments = append(rebuiltSegments, "") } // Process each segment segmentIndex := 1 // 1-based indexing for our stored values - for i := 1; i < len(originalSplitted); i++ { - originalSegment := originalSplitted[i] + for i := 1; i < len(originalParts); i++ { + originalSegment := originalParts[i] if originalSegment == "" { // Skip empty segments continue diff --git a/pkg/model/worflow_loader.go b/pkg/model/workflow_loader.go similarity index 100% rename from pkg/model/worflow_loader.go rename to pkg/model/workflow_loader.go diff --git a/pkg/templates/parser_stats.go b/pkg/templates/parser_stats.go index 119746adcb..975aba92af 100644 --- a/pkg/templates/parser_stats.go +++ b/pkg/templates/parser_stats.go @@ -8,7 +8,7 @@ const ( ExcludedHeadlessTmplStats = "headless-flag-missing-warnings" TemplatesExcludedStats = "templates-executed" ExcludedCodeTmplStats = "code-flag-missing-warnings" - ExludedDastTmplStats = "fuzz-flag-missing-warnings" + ExcludedDastTmplStats = "fuzz-flag-missing-warnings" SkippedUnsignedStats = "skipped-unsigned-stats" // tracks loading of unsigned templates ExcludedSelfContainedStats = "excluded-self-contained-stats" ExcludedFileStats = "excluded-file-stats" diff --git a/pkg/templates/stats.go b/pkg/templates/stats.go index 028afd58ea..aa46e88dbd 100644 --- a/pkg/templates/stats.go +++ b/pkg/templates/stats.go @@ -12,7 +12,7 @@ func init() { stats.NewEntry(ExcludedSelfContainedStats, "Excluded %d self-contained template[s] (disabled as default), use -esc option to run self-contained templates.") stats.NewEntry(ExcludedFileStats, "Excluded %d file template[s] (disabled as default), use -file option to run file templates.") stats.NewEntry(TemplatesExcludedStats, "Excluded %d template[s] with known weak matchers / tags excluded from default run using .nuclei-ignore") - stats.NewEntry(ExludedDastTmplStats, "Excluded %d dast template[s] (disabled as default), use -dast option to run dast templates.") + stats.NewEntry(ExcludedDastTmplStats, "Excluded %d dast template[s] (disabled as default), use -dast option to run dast templates.") stats.NewEntry(SkippedUnsignedStats, "Skipping %d unsigned template[s]") stats.NewEntry(SkippedRequestSignatureStats, "Skipping %d templates, HTTP Request signatures can only be used in Signed & Verified templates.") } diff --git a/pkg/tmplexec/flow/flow_executor_test.go b/pkg/tmplexec/flow/flow_executor_test.go index ed983f3876..ce9ff92e09 100644 --- a/pkg/tmplexec/flow/flow_executor_test.go +++ b/pkg/tmplexec/flow/flow_executor_test.go @@ -118,7 +118,7 @@ func TestFlowWithConditionNegative(t *testing.T) { input := contextargs.NewWithInput(context.Background(), "scanme.sh") ctx := scan.NewScanContext(context.Background(), input) - // expect no results and verify thant dns request is executed and http is not + // expect no results and verify that dns request is executed and http is not gotresults, err := Template.Executer.Execute(ctx) require.Nil(t, err, "could not execute template") require.False(t, gotresults)