ci: use codespell which is more sensitive (apache#6186)

.github/workflows/lint.yml

@@ -9,12 +9,10 @@ jobs:
     steps:
       - name: Check out code.
         uses: actions/[email protected]
-      - name: Install
+      - name: spell check
         run: |
-          wget -O - -q https://git.io/misspell | sh -s -- -b .
-      - name: Misspell
-        run: |
-          git grep --cached -l '' | xargs ./misspell -error
+          pip install codespell==2.1.0
+          git grep --cached -l '' | xargs codespell --ignore-words=.ignore_words
       - name: Merge conflict
         run: |
           grep "^<<<<<<< HEAD" $(git grep --cached -l '' | xargs) && exit 1 || true

.gitignore

@@ -65,6 +65,7 @@ t/lib/dubbo-backend/dubbo-backend-provider/target/
 !.gitmodules
 !.markdownlint.yml
 !.licenserc.yaml
+!.ignore_words
 conf/apisix.yaml
 conf/apisix-*.yaml
 conf/config-*.yaml

.ignore_words

@@ -0,0 +1,8 @@
+iam
+te
+ba
+ue
+shttp
+nd
+hel
+nulll

CHANGELOG.md

@@ -167,7 +167,7 @@ title: Changelog
 - fix(grpc-transcode): support converting nested message [#4859](https://github.com/apache/apisix/pull/4859)
 - fix(authz-keycloak): set permissions as empty table when lazy_load_path is false [#4845](https://github.com/apache/apisix/pull/4845)
 - fix(proxy-cache): keep cache_method same with nginx's proxy_cache_methods [#4814](https://github.com/apache/apisix/pull/4814)
-- fix(admin): inject updatetime when the requst is PATCH with sub path [#4765](https://github.com/apache/apisix/pull/4765)
+- fix(admin): inject updatetime when the request is PATCH with sub path [#4765](https://github.com/apache/apisix/pull/4765)
 - fix(admin): check username for updating consumer [#4756](https://github.com/apache/apisix/pull/4756)
 - fix(error-log-logger): avoid sending stale error log [#4690](https://github.com/apache/apisix/pull/4690)
 - fix(grpc-transcode): handle enum type [#4706](https://github.com/apache/apisix/pull/4706)

README.md

@@ -138,7 +138,7 @@ A/B testing, canary release, blue-green deployment, limit rate, defense against
   - External Loggers: Export access logs to external log management tools. ([HTTP Logger](docs/en/latest/plugins/http-logger.md), [TCP Logger](docs/en/latest/plugins/tcp-logger.md), [Kafka Logger](docs/en/latest/plugins/kafka-logger.md), [UDP Logger](docs/en/latest/plugins/udp-logger.md), [RocketMQ Logger](docs/en/latest/plugins/rocketmq-logger.md), [SkyWalking Logger](docs/en/latest/plugins/skywalking-logger.md), [Alibaba Cloud Logging(SLS)](docs/en/latest/plugins/sls-logger.md), [Google Cloud Logging](docs/en/latest/plugins/google-cloud-logging.md), [Splunk HEC Logging](docs/en/latest/plugins/splunk-hec-logging.md))
   - [Datadog](docs/en/latest/plugins/datadog.md): push custom metrics to the DogStatsD server, comes bundled with [Datadog agent](https://docs.datadoghq.com/agent/), over the UDP protocol. DogStatsD basically is an implementation of StatsD protocol which collects the custom metrics for Apache APISIX agent, aggregates it into a single data point and sends it to the configured Datadog server.
   - [Helm charts](https://github.com/apache/apisix-helm-chart)
-  - [HashiCorp Vault](https://www.vaultproject.io/): Support secret management solution for accessing secrets from Vault secure storage backed in a low trust environment. Currently, RS256 keys (public-private keypairs) or secret keys can be linked from vault in [jwt-auth](docs/en/latest/plugins/jwt-auth.md#enable-jwt-auth-with-vault-compatibility) authentication plugin.
+  - [HashiCorp Vault](https://www.vaultproject.io/): Support secret management solution for accessing secrets from Vault secure storage backed in a low trust environment. Currently, RS256 keys (public-private key pairs) or secret keys can be linked from vault in [jwt-auth](docs/en/latest/plugins/jwt-auth.md#enable-jwt-auth-with-vault-compatibility) authentication plugin.
 
 - **Highly scalable**
   - [Custom plugins](docs/en/latest/plugin-develop.md): Allows hooking of common phases, such as `rewrite`, `access`, `header filter`, `body filter` and `log`, also allows to hook the `balancer` stage.

apisix/core/vault.lua

@@ -85,11 +85,11 @@ end
 
 _M.get = get
 
--- key is the vault kv engine path, data is json key vaule pair.
+-- key is the vault kv engine path, data is json key value pair.
 -- It takes an extra optional boolean param skip_prefix. If enabled, it simply doesn't use the
 -- prefix defined inside config yaml under vault config for storing data.
 local function set(key, data, skip_prefix)
-    core.log.info("stroing data into vault for key: ", key,
+    core.log.info("storing data into vault for key: ", key,
                     "and value: ", core.json.delay_encode(data, true))
 
     local res, err = make_request_to_vault("POST", key, skip_prefix, data)

apisix/plugins/datadog.lua

@@ -217,7 +217,7 @@ function _M.log(conf, ctx)
             end
         end
 
-        -- Releasing the UDP socket desciptor
+        -- Releasing the UDP socket descriptor
         ok, err = sock:close()
         if not ok then
             core.log.error("failed to close the UDP connection, host[",

apisix/plugins/jwt-auth.lua

@@ -238,7 +238,7 @@ local function get_rsa_keypair(conf, consumer_name)
         end
 
         if not res.data then
-            return nil, nil, "keypairs could not found in vault: " .. core.json.encode(res)
+            return nil, nil, "key pairs could not found in vault: " .. core.json.encode(res)
         end
         vout = res.data
     end
@@ -372,7 +372,7 @@ function _M.rewrite(conf, ctx)
 
     local auth_secret, err = algorithm_handler(consumer)
     if not auth_secret then
-        core.log.error("failed to retrive secrets, err: ", err)
+        core.log.error("failed to retrieve secrets, err: ", err)
         return 503, {message = "failed to verify jwt"}
     end
     jwt_obj = jwt:verify_jwt_obj(auth_secret, jwt_obj)

docs/en/latest/how-to-build.md

@@ -246,7 +246,7 @@ Run the specified test case using the following command.
 $ prove -Itest-nginx/lib -r t/plugin/openid-connect.t
 ```
 
-For more details on the test cases, see the [testing framwork](https://github.com/apache/apisix/blob/master/docs/en/latest/internal/testing-framework.md).
+For more details on the test cases, see the [testing framework](https://github.com/apache/apisix/blob/master/docs/en/latest/internal/testing-framework.md).
 
 ## Step 5: Update Admin API token to Protect Apache APISIX
 

docs/en/latest/plugins/aws-lambda.md

@@ -161,7 +161,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f13
 }'
 ```
 
-Now any request with path `aws/default/test-apisix` will invoke the aws api gateway endpoint. Here the extra path (where the magic character `*` has been used) upto the query params have been forwarded.
+Now any request with path `aws/default/test-apisix` will invoke the aws api gateway endpoint. Here the extra path (where the magic character `*` has been used) up to the query params have been forwarded.
 
 ```shell
 curl -i -XGET http://127.0.0.1:9080/aws/default/test-apisix\?name\=APISIX

docs/en/latest/plugins/azure-functions.md

@@ -144,7 +144,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f13
 }'
 ```
 
-Now any request with path `azure/HttpTrigger1` will invoke the azure function. Here the extra path (where the magic character `*` has been used) upto the query params have been forwarded.
+Now any request with path `azure/HttpTrigger1` will invoke the azure function. Here the extra path (where the magic character `*` has been used) up to the query params have been forwarded.
 
 ```shell
 curl -i -XGET http://127.0.0.1:9080/azure/HttpTrigger1\?name\=APISIX

docs/en/latest/plugins/datadog.md

@@ -91,7 +91,7 @@ The metrics will be sent to the DogStatsD agent with the following tags:
 
 ## How To Enable
 
-The following is an example on how to enable the datadog plugin for a specific route. We are assumming your datadog agent is already up an running.
+The following is an example on how to enable the datadog plugin for a specific route. We are assuming your datadog agent is already up an running.
 
 ```shell
 curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '

docs/en/latest/plugins/jwt-auth.md

@@ -142,7 +142,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f1
 
 Here the plugin looks up for key `secret` inside vault path (`<vault.prefix from conf.yaml>/consumer/jack/jwt-auth`) for consumer username `jack` mentioned in the consumer config and uses it for subsequent signing and jwt verification. If the key is not found in the same path, the plugin logs error and fails to perform jwt authentication.
 
-2. RS256 rsa keypairs, both public and private keys are stored into vault.
+2. RS256 rsa key pairs, both public and private keys are stored into vault.
 
 ```shell
 curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '

docs/en/latest/wasm.md

@@ -28,7 +28,7 @@ Currently, only a few APIs are implemented. Please follow [wasm-nginx-module](ht
 
 ## Programming model
 
-The plugin supports the follwing concepts from Proxy WASM:
+The plugin supports the following concepts from Proxy WASM:
 
 ```
                     Wasm Virtual Machine

docs/zh/latest/plugins/jwt-auth.md

@@ -118,7 +118,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f13
 
 2. 创建 Route 或 Service 对象，并开启 jwt-auth 插件：
 
-![enabe jwt from route or service](../../../assets/images/plugin/jwt-auth-3.png)
+![enable jwt from route or service](../../../assets/images/plugin/jwt-auth-3.png)
 
 ## 测试插件
 

t/plugin/azure-functions.t

@@ -296,7 +296,7 @@ Authz-Header - test_key
 
 
 
-=== TEST 8: check if apikey doesn't get overrided passed by client to the gateway
+=== TEST 8: check if apikey doesn't get overridden passed by client to the gateway
 --- config
     location /t {
         content_by_lua_block {

t/plugin/forward-auth.t

@@ -66,7 +66,7 @@ property "request_headers" validation failed: wrong type: expected array, got st
 --- config
     location /t {
         content_by_lua_block {
-            local datas = {
+            local data = {
                 {
                     url = "/apisix/admin/upstreams/u1",
                     data = [[{
@@ -170,7 +170,7 @@ property "request_headers" validation failed: wrong type: expected array, got st
 
             local t = require("lib.test_admin").test
 
-            for _, data in ipairs(datas) do
+            for _, data in ipairs(data) do
                 local code, body = t(data.url, ngx.HTTP_PUT, data.data)
                 ngx.say(code..body)
             end

t/plugin/jwt-auth-vault.t

@@ -236,7 +236,7 @@ Success! Data written to: kv/apisix/consumer/jim/jwt-auth
 
 
 
-=== TEST 8: create consumer for RS256 algorithm with keypair fetched from vault
+=== TEST 8: create consumer for RS256 algorithm with key pair fetched from vault
 --- config
     location /t {
         content_by_lua_block {
@@ -266,7 +266,7 @@ passed
 
 
 
-=== TEST 9: sign a jwt with with rsa keypair and access /secure-endpoint
+=== TEST 9: sign a jwt with with rsa key pair and access /secure-endpoint
 --- config
     location /t {
         content_by_lua_block {
@@ -334,7 +334,7 @@ passed
 
 
 
-=== TEST 12: sign a jwt with with rsa keypair and access /secure-endpoint
+=== TEST 12: sign a jwt with with rsa key pair and access /secure-endpoint
 --- config
     location /t {
         content_by_lua_block {

t/plugin/opa2.t

@@ -40,7 +40,7 @@ __DATA__
 --- config
     location /t {
         content_by_lua_block {
-            local datas = {
+            local data = {
                 {
                     url = "/apisix/admin/upstreams/u1",
                     data = [[{
@@ -94,7 +94,7 @@ __DATA__
 
             local t = require("lib.test_admin").test
 
-            for _, data in ipairs(datas) do
+            for _, data in ipairs(data) do
                 local code, body = t(data.url, ngx.HTTP_PUT, data.data)
                 ngx.say(code..body)
             end

t/wasm/fault-injection/main.go

@@ -56,7 +56,7 @@ func (ctx *pluginContext) OnPluginStart(pluginConfigurationSize int) types.OnPlu
 	var p fastjson.Parser
 	v, err := p.ParseBytes(data)
 	if err != nil {
-		proxywasm.LogErrorf("erorr decoding plugin configuration: %v", err)
+		proxywasm.LogErrorf("error decoding plugin configuration: %v", err)
 		return types.OnPluginStartStatusFailed
 	}
 	ctx.Body = v.GetStringBytes("body")

t/wasm/forward-auth.go

@@ -67,7 +67,7 @@ func (ctx *pluginContext) OnPluginStart(pluginConfigurationSize int) types.OnPlu
 	var p fastjson.Parser
 	v, err := p.ParseBytes(data)
 	if err != nil {
-		proxywasm.LogErrorf("erorr decoding plugin configuration: %v", err)
+		proxywasm.LogErrorf("error decoding plugin configuration: %v", err)
 		return types.OnPluginStartStatusFailed
 	}
 
@@ -174,7 +174,7 @@ func (ctx *httpContext) OnHttpRequestHeaders(numHeaders int, endOfStream bool) t
 	var p fastjson.Parser
 	v, err := p.ParseBytes(data)
 	if err != nil {
-		proxywasm.LogErrorf("erorr decoding plugin configuration: %v", err)
+		proxywasm.LogErrorf("error decoding plugin configuration: %v", err)
 		return types.ActionContinue
 	}
 

t/wasm/forward-auth.t

@@ -59,7 +59,7 @@ __DATA__
 --- config
     location /t {
         content_by_lua_block {
-            local datas = {
+            local data = {
                 {
                     url = "/apisix/admin/upstreams/u1",
                     data = [[{
@@ -177,7 +177,7 @@ __DATA__
 
             local t = require("lib.test_admin").test
 
-            for _, data in ipairs(datas) do
+            for _, data in ipairs(data) do
                 local code, body = t(data.url, ngx.HTTP_PUT, data.data)
                 ngx.say(body)
             end

t/wasm/response-rewrite/main.go

@@ -56,7 +56,7 @@ func (ctx *pluginContext) OnPluginStart(pluginConfigurationSize int) types.OnPlu
 	var p fastjson.Parser
 	v, err := p.ParseBytes(data)
 	if err != nil {
-		proxywasm.LogErrorf("erorr decoding plugin configuration: %v", err)
+		proxywasm.LogErrorf("error decoding plugin configuration: %v", err)
 		return types.OnPluginStartStatusFailed
 	}
 	headers := v.GetArray("headers")