Merge pull request #50 from dev-sec/codespell

schurzi · web-flow · commit b05bacb39de2 · 2023-05-02T15:13:46.000+02:00
add spellchecking with codespell
diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml
@@ -0,0 +1,12 @@
+---
+name: Codespell - Spellcheck
+
+on:  # yamllint disable-line rule:truthy
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+
+jobs:
+  codespell:
+    uses: "dev-sec/.github/.github/workflows/codespell.yml@main"
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -142,7 +142,7 @@
 
 **Merged pull requests:**
 
-- install server and apply hardening in seperate steps [\#5](https://github.com/dev-sec/postgres-baseline/pull/5) ([chris-rock](https://github.com/chris-rock))
+- install server and apply hardening in separate steps [\#5](https://github.com/dev-sec/postgres-baseline/pull/5) ([chris-rock](https://github.com/chris-rock))
 - bugfix: lint error [\#4](https://github.com/dev-sec/postgres-baseline/pull/4) ([chris-rock](https://github.com/chris-rock))
 - add ssl test back in for 'off' setting [\#3](https://github.com/dev-sec/postgres-baseline/pull/3) ([ehaselwanter](https://github.com/ehaselwanter))
 
diff --git a/controls/postgres_spec.rb b/controls/postgres_spec.rb
@@ -82,7 +82,7 @@
 control 'postgres-02' do
   impact 1.0
   title 'Use stable postgresql version'
-  desc 'Use only community or commercially supported version of the PostgreSQL software (https://www.postgresql.org/support/versioning/). Do not use RC, DEVEL oder BETA versions in a production environment.'
+  desc 'Use only community or commercially supported version of the PostgreSQL software (https://www.postgresql.org/support/versioning/). Do not use RC, DEVEL or BETA versions in a production environment.'
   describe command('psql -V') do
     its('stdout') { should match /^psql\s\(PostgreSQL\)\s(9.6|10|11|12|13).*/ }
   end
@@ -250,7 +250,7 @@
 
 control 'postgres-14' do
   impact 1.0
-  title 'Require only trusted authentication mathods in pg_hba.conf'
+  title 'Require only trusted authentication methods in pg_hba.conf'
   desc 'Require trusted auth method for ALL users, peers in pg_hba.conf and do not allow untrusted authentication methods.'
   case postgres.version
   when /^9/
@@ -313,7 +313,7 @@
 control 'postgres-18' do
   impact 1.0
   title 'Grants should not be assigned with grant option privilege'
-  desc 'Grants should not be assigned with grant option exept postgresql admin superuser.'
+  desc 'Grants should not be assigned with grant option except postgresql admin superuser.'
   describe postgres_session(USER, PASSWORD).query("SELECT COUNT(is_grantable) FROM information_schema.table_privileges WHERE grantee NOT LIKE 'postgres' AND is_grantable = 'YES';") do
     its('output') { should eq '0' }
   end
