Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DRIVERS-2790 Add codespell checker #1491

Merged
merged 4 commits into from
Jan 11, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@

repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
rev: v4.5.0
hooks:
- id: check-case-conflict
- id: check-executables-have-shebangs
Expand Down Expand Up @@ -44,7 +44,7 @@ repos:
stages: [manual]

- repo: https://github.com/python-jsonschema/check-jsonschema
rev: 0.26.3
rev: 0.27.3
hooks:
- id: check-github-workflows

Expand All @@ -55,8 +55,8 @@ repos:
- id: rst-directive-colons
- id: rst-inline-touching-normal

# - repo: https://github.com/codespell-project/codespell
# rev: "v2.2.6"
# hooks:
# - id: codespell
# exclude_types: [json,yaml]
- repo: https://github.com/codespell-project/codespell
rev: "v2.2.6"
hooks:
- id: codespell
args: ["-L", "fle,re-use,merchantibility,synching,crate,nin,infinit,te"]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"merchantability" is a misspelling of "merchantability", but I suppose most of this is required for LICENSE.md.

20 changes: 10 additions & 10 deletions source/auth/auth.rst
Original file line number Diff line number Diff line change
Expand Up @@ -759,7 +759,7 @@ BSON representation and a human-readable "friendly name" which is used in this s
Name Friendly Name Type Description
==== ==================== ================= ==============================================================================================================================================
r client nonce BinData Subtype 0 32 byte cryptographically secure random number
p gs2-cb-flag int32 The integer representation of the ASCII charater 'n' or 'y', i.e., ``110`` or ``121``
p gs2-cb-flag int32 The integer representation of the ASCII character 'n' or 'y', i.e., ``110`` or ``121``
s server nonce BinData Subtype 0 64 bytes total, 32 bytes from the client first message and a 32 byte cryptographically secure random number generated by the server
h sts host string FQDN of the STS service
a authorization header string Authorization header for `AWS Signature Version 4 <https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html?shortFooter=true>`_
Expand All @@ -776,7 +776,7 @@ Conversation
````````````

The first message sent by drivers MUST contain a ``client nonce`` and ``gs2-cb-flag``. In response, the server will send a ``server nonce``
and ``sts host``. Drivers MUST validate that the server nonce is exactly 64 bytes and the first 32 bytes are the same as the client nonce. Drivers MUST also validate that the length of the host is greater than 0 and less than or equal to 255 bytes per `RFC 1035 <https://tools.ietf.org/html/rfc1035>`_. Drivers MUST reject FQDN names with empty lables (e.g., "abc..def"), names that start with a period (e.g., ".abc.def") and names that end with a period (e.g., "abc.def."). Drivers MUST respond to the server's message with an ``authorization header`` and a ``date``.
and ``sts host``. Drivers MUST validate that the server nonce is exactly 64 bytes and the first 32 bytes are the same as the client nonce. Drivers MUST also validate that the length of the host is greater than 0 and less than or equal to 255 bytes per `RFC 1035 <https://tools.ietf.org/html/rfc1035>`_. Drivers MUST reject FQDN names with empty labels (e.g., "abc..def"), names that start with a period (e.g., ".abc.def") and names that end with a period (e.g., "abc.def."). Drivers MUST respond to the server's message with an ``authorization header`` and a ``date``.

As an example, given a client nonce value of "dzw1U2IwSEtgaWI0IUxZMVJqc2xuQzNCcUxBc05wZjI=", a MONGODB-AWS conversation decoded from
BSON to JSON would appear as follows:
Expand Down Expand Up @@ -888,7 +888,7 @@ Body Action=GetCallerIdentity&Version=2011-06-15
Region Calculation
``````````````````

To get the region from the host, the driver MUST follow the algorithm expressed in psuedocode below. ::
To get the region from the host, the driver MUST follow the algorithm expressed in pseudocode below. ::

if the host is invalid according to the rules described earlier
the region is undefined and the driver must raise an error.
Expand Down Expand Up @@ -1067,7 +1067,7 @@ would be with other credential responses.

ECS endpoint
____________
If a username and password are not provided and the aforementioned enviornment variables are not set, drivers MUST query a link-local AWS address for temporary credentials.
If a username and password are not provided and the aforementioned environment variables are not set, drivers MUST query a link-local AWS address for temporary credentials.
If temporary credentials cannot be obtained then drivers MUST fail authentication and raise an error. Drivers SHOULD
enforce a 10 second read timeout while waiting for incoming content from both the ECS and EC2 endpoints. If the
environment variable ``AWS_CONTAINER_CREDENTIALS_RELATIVE_URI`` is set then drivers MUST assume that it was set by an
Expand Down Expand Up @@ -1155,15 +1155,15 @@ Caching Credentials
___________________
Credentials fetched by the driver using AWS endpoints MUST be cached and reused
to avoid hitting AWS rate limitations. AWS recommends using a suitable
Software Development Kit (SDK) for your langauge. If that SDK supports
Software Development Kit (SDK) for your language. If that SDK supports
credential fetch and automatic refresh/caching, then that mechanism can
be used in lieu of manual caching.

If using manual caching, the "Expiration" field MUST be stored
and used to determine when to clear the cache. Credentials are considered
valid if they are more than five minutes away from expiring; to the reduce the
chance of expiration before they are validated by the server. Credentials
that are retreived from environment variables MUST NOT be cached.
that are retrieved from environment variables MUST NOT be cached.

If there are no current valid cached credentials, the driver MUST initiate a
credential request. To avoid adding a bottleneck that would override the
Expand Down Expand Up @@ -1460,8 +1460,8 @@ Implementation

#. Credentials MAY be specified in the connection string immediately after the scheme separator "//".
#. A realm MAY be passed as a part of the username in the url. It would be something like dev@MONGODB.COM, where dev is the username and MONGODB.COM is the realm. Per the RFC, the @ symbol should be url encoded using %40.
* When GSSAPI is specified, this should be interpretted as the realm.
* When non-GSSAPI is specified, this should be interpetted as part of the username.
* When GSSAPI is specified, this should be interpreted as the realm.
* When non-GSSAPI is specified, this should be interpreted as part of the username.
#. It is permissible for only the username to appear in the connection string. This would be identified by having no colon follow the username before the '@' hostname separator.
#. The source is determined by the following:
* if authSource is specified, it is used.
Expand Down Expand Up @@ -1509,13 +1509,13 @@ For the example users above, the ``dbstats`` command could be used as a test
command.

For a test user supporting both SCRAM-SHA-1 and SCRAM-SHA-256, drivers should
verify that negotation selects SCRAM-SHA-256. This may require monkey
verify that negotiation selects SCRAM-SHA-256. This may require monkey
patching, manual log analysis, etc.

Step 3
------

For test users that support only one mechanism, verify that explictly specifying
For test users that support only one mechanism, verify that explicitly specifying
the other mechanism fails.

For a non-existent username, verify that not specifying a mechanism when
Expand Down
6 changes: 3 additions & 3 deletions source/auth/tests/mongodb-oidc.rst
Original file line number Diff line number Diff line change
Expand Up @@ -429,7 +429,7 @@ Separate Connections Avoid Extra Callback Calls
- Create request and refresh callbacks that return tokens that will not expire
soon. Ensure that we can record the number of times each callback is called.
- Create two clients using the callbacks
- Peform a find operation on each client that succeeds.
- Perform a find operation on each client that succeeds.
- Ensure that the request callback has been called once and the refresh
callback has not been called.
- Force a reauthenication on the first client using a ``failCommand`` of the
Expand All @@ -450,10 +450,10 @@ Separate Connections Avoid Extra Callback Calls
}
}

- Perform a ``find`` operation that succeds.
- Perform a ``find`` operation that succeeds.
- Ensure that the request callback has been called once and the refresh
callback has been called once.
- Repeat the ``failCommand`` and ``find`` operation on the second client.
- Ensure that the request callback has been called once and the refresh
callback has been called once.
- Close both clients.
- Close both clients.
2 changes: 1 addition & 1 deletion source/bson-corpus/bson-corpus.rst
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ Goals
Non-Goals
---------

* Replace or extend the offical BSON spec at http://bsonspec.org.
* Replace or extend the official BSON spec at http://bsonspec.org.

* Provide a formal specification for ``extjson``.

Expand Down
8 changes: 4 additions & 4 deletions source/change-streams/change-streams.rst
Original file line number Diff line number Diff line change
Expand Up @@ -597,7 +597,7 @@ The stage has the following shape:

The first parameter of the helpers specifies an array of aggregation pipeline stages which MUST be appended to the initial stage. Drivers MUST support an empty pipeline. Languages which support default parameters MAY specify an empty array as the default value for this parameter. Drivers SHOULD otherwise make specification of a pipeline as similar as possible to the `aggregate <https://github.com/mongodb/specifications/blob/master/source/crud/crud.rst#read>`_ CRUD method.

Additionally, implementors MAY provide a form of these methods which require no parameters, assuming no options and no additional stages beyond the initial ``$changeStream`` stage:
Additionally, implementers MAY provide a form of these methods which require no parameters, assuming no options and no additional stages beyond the initial ``$changeStream`` stage:

.. code:: python

Expand All @@ -616,7 +616,7 @@ A driver MUST NOT throw an exception if any unsupported stage is provided, but i

A driver MUST NOT throw an exception if a user adds, removes, or modifies fields using ``$project``. The server will produce an error if ``_id``
is projected out, but a user should otherwise be able to modify the shape of the change stream event as desired. This may require the result
to be deserialized to a ``BsonDocument`` or custom-defined type rather than a ``ChangeStreamDocument``. It is the responsiblity of the
to be deserialized to a ``BsonDocument`` or custom-defined type rather than a ``ChangeStreamDocument``. It is the responsibility of the
user to ensure that the deserialized type is compatible with the specified ``$project`` stage.

The aggregate helper methods MUST have no new logic related to the ``$changeStream`` stage. Drivers MUST be capable of handling `TAILABLE_AWAIT <https://github.com/mongodb/specifications/blob/master/source/crud/crud.rst#read>`_ cursors from the aggregate command in the same way they handle such cursors from find.
Expand Down Expand Up @@ -679,7 +679,7 @@ Drivers MUST use the ``ns`` returned in the ``aggregate`` command to set the ``c
ChangeStream
------------

A ``ChangeStream`` is an abstraction of a `TAILABLE_AWAIT <https://github.com/mongodb/specifications/blob/master/source/crud/crud.rst#read>`_ cursor, with support for resumability. Implementors MAY choose to implement a ``ChangeStream`` as an extension of an existing tailable cursor implementation. If the ``ChangeStream`` is implemented as a type which owns a tailable cursor, then the implementor MUST provide a manner of closing the change stream, as well as satisfy the requirements of extending ``Iterable<Document>``. If your language has an idiomatic way of disposing of resources you MAY choose to implement that in addition to, or instead of, an explicit close method.
A ``ChangeStream`` is an abstraction of a `TAILABLE_AWAIT <https://github.com/mongodb/specifications/blob/master/source/crud/crud.rst#read>`_ cursor, with support for resumability. Implementers MAY choose to implement a ``ChangeStream`` as an extension of an existing tailable cursor implementation. If the ``ChangeStream`` is implemented as a type which owns a tailable cursor, then the implementer MUST provide a manner of closing the change stream, as well as satisfy the requirements of extending ``Iterable<Document>``. If your language has an idiomatic way of disposing of resources you MAY choose to implement that in addition to, or instead of, an explicit close method.

A change stream MUST track the last resume token, per `Updating the Cached Resume Token`_.

Expand All @@ -705,7 +705,7 @@ The server expects ``startAtOperationTime`` as a BSON Timestamp. Drivers MUST al

``startAtOperationTime``, ``resumeAfter``, and ``startAfter`` are all mutually exclusive; if any two are set, the server will return an error. Drivers MUST NOT throw a custom error, and MUST defer to the server error.

The ``ChangeStream`` MUST save the ``operationTime`` from the initial ``aggregate`` response when the following critera are met:
The ``ChangeStream`` MUST save the ``operationTime`` from the initial ``aggregate`` response when the following criteria are met:

- None of ``startAtOperationTime``, ``resumeAfter``, ``startAfter`` were specified in the ``ChangeStreamOptions``.
- The max wire version is >= ``7``.
Expand Down
6 changes: 3 additions & 3 deletions source/client-side-encryption/client-side-encryption.rst
Original file line number Diff line number Diff line change
Expand Up @@ -1539,7 +1539,7 @@ for explicit encryption only (i.e. on the ClientEncryption class).
For purposes of testing, a driver may use a different set of search paths.


.. rubric:: Explaination
.. rubric:: Explanation

The `search paths`_ array in libmongocrypt_ allows the driver to customize the
way that libmongocrypt_ searches and loads the crypt_shared_ library. For testing
Expand Down Expand Up @@ -2419,15 +2419,15 @@ Why are serverSelectionTryOnce and cooldownMS disabled for single-threaded drive
By default, single threaded clients set serverSelectionTryOnce to true, which
means server selection fails if a topology scan fails the first time (i.e. it
will not make repeat attempts until serverSelectionTimeoutMS expires). This
behavior is overriden since there may be a small delay between spawning
behavior is overridden since there may be a small delay between spawning
mongocryptd (which the driver may be responsible for) and for mongocryptd to
listen on sockets. See the Server Selection spec description of `serverSelectionTryOnce <../server-selection/server-selection.rst#serverselectiontryonce>`_.

Similarly, single threaded clients will by default wait for 5 second cooldown
period after failing to connect to a server before making another attempt.
Meaning if the first attempt to mongocryptd fails to connect, then the user
would observe a 5 second delay. This is not configurable in the URI, so this
must be overriden internally. Since mongocryptd is a local process, there should
must be overridden internally. Since mongocryptd is a local process, there should
only be a very short delay after spawning mongocryptd for it to start listening
on sockets. See the SDAM spec description of `cooldownMS <../source/server-discovery-and-monitoring/server-discovery-and-monitoring.rst#cooldownms>`__.

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ data: [
encrypted_fields: {{ yamlfile("encryptedFields.json") }}
key_vault_data: []
tests:
- description: "FLE2 encrypt fails with mising key"
- description: "FLE2 encrypt fails with missing key"
clientOptions:
autoEncryptOpts:
kmsProviders:
Expand All @@ -30,7 +30,7 @@ tests:
document: { _id: 1, encryptedIndexed: "123" }
result:
errorContains: "not all keys requested were satisfied"
- description: "FLE2 decrypt fails with mising key"
- description: "FLE2 decrypt fails with missing key"
clientOptions:
autoEncryptOpts:
kmsProviders:
Expand Down
2 changes: 1 addition & 1 deletion source/client-side-encryption/tests/README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -1308,7 +1308,7 @@ Drivers that do not support an unlimited maximum pool size MUST skip this test.
The following tests that connections to KMS servers with TLS verify peer certificates.

The two tests below make use of mock KMS servers which can be run on Evergreen using `the mock KMS server script <https://github.com/mongodb-labs/drivers-evergreen-tools/blob/master/.evergreen/csfle/kms_http_server.py>`_.
Drivers can set up their local Python enviroment for the mock KMS server by running `the virtualenv activation script <https://github.com/mongodb-labs/drivers-evergreen-tools/blob/master/.evergreen/csfle/activate_venv.sh>`_.
Drivers can set up their local Python environment for the mock KMS server by running `the virtualenv activation script <https://github.com/mongodb-labs/drivers-evergreen-tools/blob/master/.evergreen/csfle/activate_venv.sh>`_.

To start two mock KMS servers, one on port 9000 with `ca.pem`_ as a CA file and `expired.pem`_ as a cert file, and one on port 9001 with `ca.pem`_ as a CA file and `wrong-host.pem`_ as a cert file,
run the following commands from the ``.evergreen/csfle`` directory:
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ data: [
encrypted_fields: {'fields': [{'keyId': {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedIndexed', 'bsonType': 'string', 'queries': {'queryType': 'equality', 'contention': {'$numberLong': '0'}}}, {'keyId': {'$binary': {'base64': 'q83vqxI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedUnindexed', 'bsonType': 'string'}]}
key_vault_data: []
tests:
- description: "FLE2 encrypt fails with mising key"
- description: "FLE2 encrypt fails with missing key"
clientOptions:
autoEncryptOpts:
kmsProviders:
Expand All @@ -30,7 +30,7 @@ tests:
document: { _id: 1, encryptedIndexed: "123" }
result:
errorContains: "not all keys requested were satisfied"
- description: "FLE2 decrypt fails with mising key"
- description: "FLE2 decrypt fails with missing key"
clientOptions:
autoEncryptOpts:
kmsProviders:
Expand Down
Loading
Loading