Merge pull request #10802 from jsoref/spelling-python

Spelling python
2026-04-28 18:25:24 +02:00 · 2022-10-17 11:33:27 +02:00
parent 720efd62b0 08f688d240
commit fa2faeb77b
43 changed files with 86 additions and 86 deletions
--- a/python/ql/src/Security/CWE-327/FluentApiModel.qll
+++ b/python/ql/src/Security/CWE-327/FluentApiModel.qll
@@ -63,7 +63,7 @@ class InsecureContextConfiguration extends DataFlow::Configuration {
 }

 /**
- * Holds if `conectionCreation` marks the creation of a connetion based on the contex
+ * Holds if `conectionCreation` marks the creation of a connection based on the contex
 * found at `contextOrigin` and allowing `insecure_version`.
 *
 * `specific` is true iff the context is configured for a specific protocol version (`ssl.PROTOCOL_TLSv1_2`) rather
@@ -88,7 +88,7 @@ predicate unsafe_connection_creation_with_context(
 }

 /**
- * Holds if `conectionCreation` marks the creation of a connetion witout reference to a context
+ * Holds if `conectionCreation` marks the creation of a connection without reference to a context
 * and allowing `insecure_version`.
 */
 predicate unsafe_connection_creation_without_context(
--- a/python/ql/src/Security/CWE-327/InsecureProtocol.ql
+++ b/python/ql/src/Security/CWE-327/InsecureProtocol.ql
@@ -15,7 +15,7 @@ import semmle.python.dataflow.new.DataFlow
 import FluentApiModel

 // Helper for pretty printer `configName`.
-// This is a consequence of missing pretty priting.
+// This is a consequence of missing pretty printing.
 // We do not want to evaluate our bespoke pretty printer
 // for all `DataFlow::Node`s so we define a sub class of interesting ones.
 class ProtocolConfiguration extends DataFlow::Node {
@@ -31,7 +31,7 @@ class ProtocolConfiguration extends DataFlow::Node {
 }

 // Helper for pretty printer `callName`.
-// This is a consequence of missing pretty priting.
+// This is a consequence of missing pretty printing.
 // We do not want to evaluate our bespoke pretty printer
 // for all `DataFlow::Node`s so we define a sub class of interesting ones.
 class Nameable extends DataFlow::Node {
--- a/python/ql/src/Security/CWE-327/README.md
+++ b/python/ql/src/Security/CWE-327/README.md
@@ -14,7 +14,7 @@ This should be kept up to date; the world is moving fast and protocols are being
    > Deprecated since version 3.7: Since Python 3.2 and 2.7.9, it is recommended to use the `SSLContext.wrap_socket()` instead of `wrap_socket()`. The top-level function is limited and creates an insecure client socket without server name indication or hostname matching.
 - Default constructors are fine, a fluent API is used to constrain possible protocols later.

-## Current recomendation
+## Current recommendation

 TLS 1.2 or TLS 1.3

--- a/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -116,7 +116,7 @@ private string getACredentialRegex() {
 }

 class HardcodedCredentialsConfiguration extends TaintTracking::Configuration {
-  HardcodedCredentialsConfiguration() { this = "Hardcoded coredentials configuration" }
+  HardcodedCredentialsConfiguration() { this = "Hardcoded credentials configuration" }

  override predicate isSource(TaintTracking::Source source) {
    source instanceof HardcodedValueSource
--- a/python/ql/src/Variables/Undefined.qll
+++ b/python/ql/src/Variables/Undefined.qll
@@ -55,7 +55,7 @@ predicate exitFunctionGuardedEdge(EssaVariable pred, EssaVariable succ) {
 }

 class UninitializedConfig extends TaintTracking::Configuration {
-  UninitializedConfig() { this = "Unitialized local config" }
+  UninitializedConfig() { this = "Uninitialized local config" }

  override predicate isSource(DataFlow::Node source, TaintKind kind) {
    kind instanceof Uninitialized and
--- a/python/ql/src/analysis/CrossProjectDefinitions.qll
+++ b/python/ql/src/analysis/CrossProjectDefinitions.qll
@@ -1,5 +1,5 @@
 /**
- * Symbols for crosss-project jump-to-definition resolution.
+ * Symbols for cross-project jump-to-definition resolution.
 */

 import python
--- a/python/ql/src/experimental/Security/CWE-1236/CsvInjection.py
+++ b/python/ql/src/experimental/Security/CWE-1236/CsvInjection.py
@@ -22,10 +22,10 @@ def bad1():
 def good1():
    csv_data = request.args.get('csv')
    csvWriter = csv.writer(open("test.csv", "wt"))
-    csvWriter.writerow(santize_for_csv(csv_data))
+    csvWriter.writerow(sanitize_for_csv(csv_data))
    return "good1"

-def santize_for_csv(data: str| List[str] | List[List[str]]):
+def sanitize_for_csv(data: str| List[str] | List[List[str]]):
    def sanitize(item):
        return "'" + item

--- a/python/ql/src/experimental/semmle/python/templates/DjangoTemplate.qll
+++ b/python/ql/src/experimental/semmle/python/templates/DjangoTemplate.qll
@@ -7,7 +7,7 @@ import experimental.semmle.python.templates.SSTISink
 deprecated ClassValue theDjangoTemplateClass() { result = Value::named("django.template.Template") }

 /**
- * A sink representng `django.template.Template` class instantiation argument.
+ * A sink representing `django.template.Template` class instantiation argument.
 *
 *  from django.template import Template
 *  template = Template(`sink`)
@@ -26,7 +26,7 @@ deprecated class DjangoTemplateTemplateSink extends SSTISink {
 }
 // TODO (intentionally commented out QLDoc, since qlformat will delete those lines otherwise)
 // /**
-//  * Sinks representng the django.template.Template class instantiation.
+//  * Sinks representing the django.template.Template class instantiation.
 //  *
 //  *  from django.template import engines
 //  *
--- a/python/ql/src/experimental/semmle/python/templates/FlaskTemplate.qll
+++ b/python/ql/src/experimental/semmle/python/templates/FlaskTemplate.qll
@@ -9,7 +9,7 @@ deprecated Value theFlaskRenderTemplateClass() {
 }

 /**
- * A sink representng `flask.render_template_string` function call argument.
+ * A sink representing `flask.render_template_string` function call argument.
 *
 *  from flask import render_template_string
 *  render_template_string(`sink`)
--- a/python/ql/src/semmle/python/functions/ModificationOfParameterWithDefaultCustomizations.qll
+++ b/python/ql/src/semmle/python/functions/ModificationOfParameterWithDefaultCustomizations.qll
@@ -33,7 +33,7 @@ module ModificationOfParameterWithDefault {
   * should determine if the node (which is perhaps about to be modified)
   * can be the default value or not.
   *
-   * In this query we do not track the default value exactly, but rather wheter
+   * In this query we do not track the default value exactly, but rather whether
   * it is empty or not (see `Source`).
   *
   * This is the extension point for determining that a node must be empty and
@@ -46,7 +46,7 @@ module ModificationOfParameterWithDefault {
   * should determine if the node (which is perhaps about to be modified)
   * can be the default value or not.
   *
-   * In this query we do not track the default value exactly, but rather wheter
+   * In this query we do not track the default value exactly, but rather whether
   * it is empty or not (see `Source`).
   *
   * This is the extension point for determining that a node must be non-empty
@@ -54,7 +54,7 @@ module ModificationOfParameterWithDefault {
   */
  abstract class MustBeNonEmpty extends DataFlow::Node { }

-  /** Gets the truthiness (non emptyness) of the default of `p` if that value is mutable */
+  /** Gets the truthiness (non emptiness) of the default of `p` if that value is mutable */
  private boolean mutableDefaultValue(Parameter p) {
    exists(Dict d | p.getDefault() = d |
      exists(d.getAKey()) and result = true