tidy: typo fixes flagged by codespell (#4634)

2020-01-07 14:01:26 -05:00 · 2020-01-07 14:01:26 -05:00 · f1894f8d1d
parent 3263fb0a32
commit f1894f8d1d
29 changed files with 40 additions and 40 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -124,7 +124,7 @@ migration. This is because the ORM package we use,
 [`gorp`](https://github.com/go-gorp/gorp), expects every field in a struct to
 map to a column in the table. If we add a new field to a model struct and
 Boulder attempts to write that struct to a table that doesn't yet have the
-corresponding column (case 1), gorp wil fail with
+corresponding column (case 1), gorp will fail with
 `Insert failed table posts has no column named Foo`.
 There are examples of such models in sa/model.go, along with code to
 turn a model into a `struct` used internally. 
--- a/akamai/cache-client.go
+++ b/akamai/cache-client.go
@ -60,7 +60,7 @@ type CachePurgeClient struct {
 }

 // errFatal is used by CachePurgeClient.purge to indicate that it failed for a
-// reason that cannot be remediated by retying a purge request
+// reason that cannot be remediated by retrying a purge request
 type errFatal string

 func (e errFatal) Error() string { return string(e) }
--- a/ca/ca.go
+++ b/ca/ca.go
@ -437,7 +437,7 @@ func (ca *CertificateAuthorityImpl) GenerateOCSP(ctx context.Context, req *caPB.
 	var serial *big.Int
 	// Once the feature is enabled we need to support both RPCs that include
 	// IssuerID and those that don't as we still need to be able to update rows
-	// that didn't have an IssuerID set when they were created. Once this featue
+	// that didn't have an IssuerID set when they were created. Once this feature
 	// has been enabled for a full OCSP lifetime cycle we can remove this
 	// functionality.
 	if features.Enabled(features.StoreIssuerInfo) && req.IssuerID != nil {
--- a/ca/ca_test.go
+++ b/ca/ca_test.go
@ -193,7 +193,7 @@ func (m *mockSA) SerialExists(ctx context.Context, req *sapb.Serial) (*sapb.Exis
 }

 func (m *mockSA) GetCertificate(ctx context.Context, serial string) (core.Certificate, error) {
-	return core.Certificate{}, berrors.NotFoundError("cannae find tha cert")
+	return core.Certificate{}, berrors.NotFoundError("cannot find the cert")
 }

 var caKey crypto.Signer
--- a/canceled/canceled.go
+++ b/canceled/canceled.go
@ -8,7 +8,7 @@ import (
 )

 // Is returns true if err is non-nil and is either context.Canceled, or has a
-// grpc code of Canceled. This is useful because cancelations propagate through
+// grpc code of Canceled. This is useful because cancellations propagate through
 // gRPC boundaries, and if we choose to treat in-process cancellations a certain
 // way, we usually want to treat cross-process cancellations the same way.
 func Is(err error) bool {
--- a/cmd/cert-checker/main.go
+++ b/cmd/cert-checker/main.go
@ -328,7 +328,7 @@ type config struct {
 		CheckPeriod         cmd.ConfigDuration

 		// IgnoredLints is a list of zlint names. Any lint results from a lint in
-		// the IgnoredLists list are ignored regardles of LintStatus level.
+		// the IgnoredLists list are ignored regardless of LintStatus level.
 		IgnoredLints []string

 		Features map[string]bool
--- a/cmd/config.go
+++ b/cmd/config.go
@ -186,7 +186,7 @@ func (d ConfigDuration) MarshalJSON() ([]byte, error) {
 	return []byte(d.Duration.String()), nil
 }

-// UnmarshalYAML uses the same frmat as JSON, but is called by the YAML
+// UnmarshalYAML uses the same format as JSON, but is called by the YAML
 // parser (vs. the JSON parser).
 func (d *ConfigDuration) UnmarshalYAML(unmarshal func(interface{}) error) error {
 	var s string
--- a/cmd/notify-mailer/main.go
+++ b/cmd/notify-mailer/main.go
@ -194,7 +194,7 @@ func (m *mailer) resolveEmailAddresses() (emailToRecipientMap, error) {
 		for _, email := range emails {
 			parsedEmail, err := mail.ParseAddress(email)
 			if err != nil {
-				m.log.Errf("unparseable email for reg ID %d : %q", r.id, email)
+				m.log.Errf("unparsable email for reg ID %d : %q", r.id, email)
 				continue
 			}
 			addr := parsedEmail.Address
--- a/cmd/ocsp-updater/main.go
+++ b/cmd/ocsp-updater/main.go
@ -446,7 +446,7 @@ func setupClients(c OCSPUpdaterConfig, stats prometheus.Registerer, clk clock.Cl
 	var apc akamaipb.AkamaiPurgerClient
 	if c.AkamaiPurgerService != nil {
 		apcConn, err := bgrpc.ClientSetup(c.AkamaiPurgerService, tls, clientMetrics, clk)
-		cmd.FailOnError(err, "Failed ot load credentials and create gRPC connection to Akamai Purger service")
+		cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to Akamai Purger service")
 		apc = akamaipb.NewAkamaiPurgerClient(apcConn)
 	}

--- a/cmd/single-ocsp/main.go
+++ b/cmd/single-ocsp/main.go
@ -46,7 +46,7 @@ PKCS#11 configuration (JSON), e.g.:
 	"pin": "5678"
 }

-Note: These values should *not* be the same as the ones in the CA's config JSON, which point at a differen HSM partition.
+Note: These values should *not* be the same as the ones in the CA's config JSON, which point at a different HSM partition.
 `

 func readFiles(issuerFileName, responderFileName, targetFileName, pkcs11FileName string) (issuer, responder, target *x509.Certificate, pkcs11Config pkcs11key.Config, err error) {
--- a/docs/DESIGN.md
+++ b/docs/DESIGN.md
@ -348,7 +348,7 @@ ACME v2:
  * Verify the PKCS#10 CSR in the certificate request object
  * Verify that the CSR has a non-zero number of domain names
  * Verify that the public key in the CSR is different from the account key
-  * Retreive and verify the status and expiry of the order object
+  * Retrieve and verify the status and expiry of the order object
  * For each identifier referenced in the order request
    * Retrieve the authorization from the database
    * Verify that the authorization corresponds to the account key
--- a/docs/acme-divergences-v1.md
+++ b/docs/acme-divergences-v1.md
@ -44,7 +44,7 @@ Boulder does not implement the `new-order` resource (previously referred to as `

 Boulder also doesn't implement the `new-nonce` endpoint.

-Boulder implements the `new-account` ressource only under the `new-reg` key.
+Boulder implements the `new-account` resource only under the `new-reg` key.

 Boulder implements Link: rel="next" headers from new-reg to new-authz, and
 new-authz to new-cert, as specified in
--- a/grpc/interceptors.go
+++ b/grpc/interceptors.go
@ -96,7 +96,7 @@ func splitMethodName(fullMethodName string) (string, string) {

 // observeLatency is called with the `clientRequestTimeKey` value from
 // a request's gRPC metadata. This string value is converted to a timestamp and
-// used to calcuate the latency between send and receive time. The latency is
+// used to calculate the latency between send and receive time. The latency is
 // published to the server interceptor's rpcLag prometheus histogram. An error
 // is returned if the `clientReqTime` string is not a valid timestamp.
 func (si *serverInterceptor) observeLatency(clientReqTime string) error {
--- a/policy/pa.go
+++ b/policy/pa.go
@ -338,7 +338,7 @@ func (pa *AuthorityImpl) WillingToIssue(id identifier.ACMEIdentifier) error {
 // returned. In addition to the regular WillingToIssue checks this function
 // also checks each wildcard identifier to enforce that:
 //
-// * The identifer is a DNS type identifier
+// * The identifier is a DNS type identifier
 // * There is at most one `*` wildcard character
 // * That the wildcard character is the leftmost label
 // * That the wildcard label is not immediately adjacent to a top level ICANN
@ -408,7 +408,7 @@ func (pa *AuthorityImpl) willingToIssueWildcard(ident identifier.ACMEIdentifier)

 	// If there is exactly one wildcard in the domain we need to do some special
 	// processing to ensure that it is a well formed wildcard request and to
-	// translate the identifer to its base domain for use with WillingToIssue
+	// translate the identifier to its base domain for use with WillingToIssue
 	if strings.Count(rawDomain, "*") == 1 {
 		// If the rawDomain has a wildcard character, but it isn't the first most
 		// label of the domain name then the wildcard domain is malformed
--- a/ra/ra.go
+++ b/ra/ra.go
@ -1202,7 +1202,7 @@ func (ra *RegistrationAuthorityImpl) issueCertificateInner(
 		var solvedByChallengeType string
 		// If the authz has no solved by challenge type there has been an internal
 		// consistency violation worth logging a warning about. In this case the
-		// solvedByChallengeType will be logged as the emtpy string.
+		// solvedByChallengeType will be logged as the empty string.
 		if solvedByChallengeType = authz.SolvedBy(); solvedByChallengeType == "" {
 			ra.log.Warningf("Authz %q has status %q but empty SolvedBy()", authz.ID, authz.Status)
 		}
@ -1455,7 +1455,7 @@ func (ra *RegistrationAuthorityImpl) checkLimits(ctx context.Context, names []st
 func (ra *RegistrationAuthorityImpl) UpdateRegistration(ctx context.Context, base core.Registration, update core.Registration) (core.Registration, error) {
 	if changed := mergeUpdate(&base, update); !changed {
 		// If merging the update didn't actually change the base then our work is
-		// done, we can return before calling ra.SA.UpdateRegistration since theres
+		// done, we can return before calling ra.SA.UpdateRegistration since there's
 		// nothing for the SA to do
 		return base, nil
 	}
--- a/ra/ra_test.go
+++ b/ra/ra_test.go
@ -377,7 +377,7 @@ func TestValidateContacts(t *testing.T) {
 	otherValidEmail := "mailto:other-admin@email.com"
 	malformedEmail := "mailto:admin.com"
 	nonASCII := "mailto:señor@email.com"
-	unparseable := "mailto:a@email.com, b@email.com"
+	unparsable := "mailto:a@email.com, b@email.com"
 	forbidden := "mailto:a@example.org"

 	err := ra.validateContacts(context.Background(), &[]string{})
@ -401,8 +401,8 @@ func TestValidateContacts(t *testing.T) {
 	err = ra.validateContacts(context.Background(), &[]string{nonASCII})
 	test.AssertError(t, err, "Non ASCII email")

-	err = ra.validateContacts(context.Background(), &[]string{unparseable})
-	test.AssertError(t, err, "Unparseable email")
+	err = ra.validateContacts(context.Background(), &[]string{unparsable})
+	test.AssertError(t, err, "Unparsable email")

 	err = ra.validateContacts(context.Background(), &[]string{forbidden})
 	test.AssertError(t, err, "Forbidden email")
@ -2502,7 +2502,7 @@ func TestNewOrderWildcard(t *testing.T) {

 	// Check each of the authz IDs in the order
 	for _, authzID := range order.V2Authorizations {
-		// We should be able to retreive the authz from the db without error
+		// We should be able to retrieve the authz from the db without error
 		authzPB, err := ra.SA.GetAuthorization2(ctx, &sapb.AuthorizationID2{Id: &authzID})
 		test.AssertNotError(t, err, "sa.GetAuthorization2 failed")
 		authz, err := bgrpc.PBToAuthz(authzPB)
@ -2549,7 +2549,7 @@ func TestNewOrderWildcard(t *testing.T) {
 	test.AssertEquals(t, numAuthorizations(order), 2)

 	for _, authzID := range order.V2Authorizations {
-		// We should be able to retreive the authz from the db without error
+		// We should be able to retrieve the authz from the db without error
 		authzPB, err := ra.SA.GetAuthorization2(ctx, &sapb.AuthorizationID2{Id: &authzID})
 		test.AssertNotError(t, err, "sa.GetAuthorization2 failed")
 		authz, err := bgrpc.PBToAuthz(authzPB)
@ -3574,7 +3574,7 @@ func (ca *mockCAFailIssueCert) IssueCertificate(
 }

 // TestIssueCertificateInnerErrs tests that errors from the CA caught during
-// `ra.issueCertificateInner` are propogated correctly, with the part of the
+// `ra.issueCertificateInner` are propagated correctly, with the part of the
 // issuance process that failed prefixed on the error message.
 func TestIssueCertificateInnerErrs(t *testing.T) {
 	_, sa, ra, _, cleanUp := initAuthorities(t)
--- a/sa/model.go
+++ b/sa/model.go
@ -528,7 +528,7 @@ func authzPBToModel(authz *corepb.Authorization) (*authz2Model, error) {
 	if hasMultipleNonPendingChallenges(authz.Challenges) {
 		return nil, errors.New("multiple challenges are non-pending")
 	}
-	// In the v2 authorization style we don't store invididual challenges with their own
+	// In the v2 authorization style we don't store individual challenges with their own
 	// token, validation errors/records, etc. Instead we store a single token/error/record
 	// set, a bitmap of available challenge types, and a row indicating which challenge type
 	// was 'attempted'.
--- a/sa/sa.go
+++ b/sa/sa.go
@ -720,7 +720,7 @@ func (ssa *SQLStorageAuthority) getFQDNSetsBySerials(
 	}

 	// The serials existed when we found them in issuedNames, they should continue
-	// to exist here. Otherwise an internal consistency violation occured and
+	// to exist here. Otherwise an internal consistency violation occurred and
 	// needs to be audit logged
 	if db.IsNoRows(err) {
 		err := fmt.Errorf("getFQDNSetsBySerials returned no rows - internal consistency violation")
--- a/test/boulder-tools/README.md
+++ b/test/boulder-tools/README.md
@ -10,7 +10,7 @@ things we separate all of Boulder's build dependencies into its own
 Rather than install multiple versions of Go within the same `boulder-tools`
 container we maintain separate images for each Go version we support.

-When a new Go version is available we perform serveral steps to integrate it to our workflow:
+When a new Go version is available we perform several steps to integrate it to our workflow:

 1. We add it to the `GO_VERSIONS` array in `tag_and_upload.sh`.
 2. We run the `tag_and_upload.sh` script to build, tag, and upload
--- a/test/load-generator/latency-charter.py
+++ b/test/load-generator/latency-charter.py
@ -12,7 +12,7 @@ import argparse
 import os
 matplotlib.style.use('ggplot')

-# sacrifical plot for single legend
+# sacrificial plot for single legend
 matplotlib.rcParams['figure.figsize'] = 1, 1
 randFig = plt.figure()
 randAx = plt.subplot()
--- a/test/ocsp/helper/helper.go
+++ b/test/ocsp/helper/helper.go
@ -148,7 +148,7 @@ func ReqDER(der []byte, expectStatus int) (*ocsp.Response, error) {
 		return nil, err
 	}
 	if len(respBytes) == 0 {
-		return nil, fmt.Errorf("empty reponse body")
+		return nil, fmt.Errorf("empty response body")
 	}
 	return parseAndPrint(respBytes, cert, issuer, expectStatus)
 }
--- a/test/v2_integration.py
+++ b/test/v2_integration.py
@ -1185,7 +1185,7 @@ def check_ocsp_basic_oid(cert_file, issuer_file, url):
    # about this cert) will just be 30 03 0A 01 06. A "good" or "revoked"
    # response will contain, among other things, the id-pkix-ocsp-basic OID
    # identifying the response type. We look for that OID to confirm we got a
-    # succesful response.
+    # successful response.
    expected = bytearray.fromhex("06 09 2B 06 01 05 05 07 30 01 01")
    for resp in responses:
        if not expected in bytearray(resp):
--- a/va/http_test.go
+++ b/va/http_test.go
@ -212,7 +212,7 @@ func TestExtractRequestTarget(t *testing.T) {
 			ExpectedError: fmt.Errorf("redirect HTTP request was nil"),
 		},
 		{
-			Name: "invalid protocal scheme",
+			Name: "invalid protocol scheme",
 			Req: &http.Request{
 				URL: mustURL(t, "gopher://letsencrypt.org"),
 			},
@ -1227,7 +1227,7 @@ func TestHTTPDialTimeout(t *testing.T) {

 	va.dnsClient = dnsMockReturnsUnroutable{&bdns.MockDNSClient{}}
 	// The only method I've found so far to trigger a connect timeout is to
-	// connect to an unrouteable IP address. This usuall generates a connection
+	// connect to an unrouteable IP address. This usually generates a connection
 	// timeout, but will rarely return "Network unreachable" instead. If we get
 	// that, just retry until we get something other than "Network unreachable".
 	var prob *probs.ProblemDetails
--- a/va/tlsalpn_test.go
+++ b/va/tlsalpn_test.go
@ -211,7 +211,7 @@ func TestTLSALPN01DialTimeout(t *testing.T) {
 	defer cancel()

 	// The only method I've found so far to trigger a connect timeout is to
-	// connect to an unrouteable IP address. This usuall generates a connection
+	// connect to an unrouteable IP address. This usually generates a connection
 	// timeout, but will rarely return "Network unreachable" instead. If we get
 	// that, just retry until we get something other than "Network unreachable".
 	var prob *probs.ProblemDetails
--- a/va/va.go
+++ b/va/va.go
@ -243,7 +243,7 @@ func NewValidationAuthorityImpl(
 // multiVAPolicyError is a small error handler called by the reloader package
 // when the multiVAPolicy file can't be loaded.
 func (va *ValidationAuthorityImpl) multiVAPolicyLoadError(err error) {
-	va.log.AuditErrf("error live-loading mutli VA policy file: %v", err)
+	va.log.AuditErrf("error live-loading multi VA policy file: %v", err)
 }

 // Used for audit logging
@ -376,7 +376,7 @@ func (va *ValidationAuthorityImpl) validateChallenge(ctx context.Context, identi

 // performRemoteValidation calls `PerformValidation` for each of the configured
 // remoteVAs in a random order. The provided `results` chan should have an equal
-// size to the number of remote VAs. The validations will be peformed in
+// size to the number of remote VAs. The validations will be performed in
 // separate go-routines. If the result `error` from a remote
 // `PerformValidation` RPC is nil or a nil `ProblemDetails` instance it is
 // written directly to the `results` chan. If the err is a cancelled error it is
--- a/wfe/wfe_test.go
+++ b/wfe/wfe_test.go
@ -296,7 +296,7 @@ func makeBody(s string) io.ReadCloser {

 // loadPrivateKey loads a private key from PEM/DER-encoded data.
 // Duplicates functionality from jose v1's util.LoadPrivateKey function. It was
-// moved to the jose-util cmd's main packge in v2.
+// moved to the jose-util cmd's main package in v2.
 func loadPrivateKey(t *testing.T, keyBytes []byte) interface{} {
 	// pem.Decode does not return an error as its 2nd arg, but instead the "rest"
 	// that was leftover from parsing the PEM block. We only care if the decoded
--- a/wfe2/verify.go
+++ b/wfe2/verify.go
@ -78,7 +78,7 @@ func checkAlgorithm(key *jose.JSONWebKey, parsedJWS *jose.JSONWebSignature) erro

 // jwsAuthType represents whether a given POST request is authenticated using
 // a JWS with an embedded JWK (v1 ACME style, new-account, revoke-cert) or an
-// embeded Key ID (v2 AMCE style) or an unsupported/unknown auth type.
+// embedded Key ID (v2 AMCE style) or an unsupported/unknown auth type.
 type jwsAuthType int

 const (
--- a/wfe2/wfe.go
+++ b/wfe2/wfe.go
@ -100,7 +100,7 @@ type WebFrontEndImpl struct {

 	// Allowed prefix for legacy accounts used by verify.go's `lookupJWK`.
 	// See `cmd/boulder-wfe2/main.go`'s comment on the configuration field
-	// `LegacyKeyIDPrefix` for more informaton.
+	// `LegacyKeyIDPrefix` for more information.
 	LegacyKeyIDPrefix string

 	// Register of anti-replay nonces
@ -1173,7 +1173,7 @@ func (wfe *WebFrontEndImpl) postChallenge(
 		return
 	}

-	// If the JWS body is empty then this POST is a POST-as-GET to retreive
+	// If the JWS body is empty then this POST is a POST-as-GET to retrieve
 	// challenge details, not a POST to initiate a challenge
 	if string(body) == "" {
 		challenge := authz.Challenges[challengeIndex]
--- a/wfe2/wfe_test.go
+++ b/wfe2/wfe_test.go
@ -1197,7 +1197,7 @@ func TestChallenge(t *testing.T) {
 		t.Run(tc.Name, func(t *testing.T) {
 			responseWriter := httptest.NewRecorder()
 			wfe.ChallengeV2(ctx, newRequestEvent(), responseWriter, tc.Request)
-			// Check the reponse code, headers and body match expected
+			// Check the response code, headers and body match expected
 			headers := responseWriter.Header()
 			body := responseWriter.Body.String()
 			test.AssertEquals(t, responseWriter.Code, tc.ExpectedStatus)
@ -2963,7 +2963,7 @@ func TestPrepAuthzForDisplay(t *testing.T) {
 	test.AssertEquals(t, authz.Wildcard, true)
 	// The authz should not have any combinations
 	// NOTE(@cpu): We don't use test.AssertNotNil here because its use of
-	// interface{} types makes a comparsion of [][]int{nil} and nil fail.
+	// interface{} types makes a comparison of [][]int{nil} and nil fail.
 	if authz.Combinations != nil {
 		t.Errorf("Authz had a non-nil combinations")
 	}