diff --git a/.github/settings.yml b/.github/settings.yml
index 4166a45a7..a1d7b09df 100644
--- a/.github/settings.yml
+++ b/.github/settings.yml
@@ -72,7 +72,7 @@ branches:
teams: []
# Required. Require status checks to pass before merging. Set to null to disable
required_status_checks:
- # Required. Require branches to be up to date before merging.
+ # Required. Require branches to be up-to-date before merging.
strict: true
# Required. The list of status checks to require in order to merge into this branch
contexts: []
diff --git a/.github/workflows/reusable-verification.yml b/.github/workflows/reusable-verification.yml
index 3e9b951ae..926aff327 100644
--- a/.github/workflows/reusable-verification.yml
+++ b/.github/workflows/reusable-verification.yml
@@ -47,7 +47,7 @@ jobs:
- name: Vendor dependencies to retrieve licenses locally
# Vendor deps before running https://github.com/goph/licensei
- # to avoid false-positives when modules Github repo could not be determined
+ # to avoid false-positives when modules GitHub repo could not be determined
run: go mod vendor
- name: Check licenses
diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md
index e6a3963cd..e5bc83231 100644
--- a/ARCHITECTURE.md
+++ b/ARCHITECTURE.md
@@ -10,7 +10,7 @@ The VMClarity control plane includes several microservices:
- **Orchestrator**: Orchestrates and manages the life cycle of VMClarity
scan configs, scans and asset scans. Within the Orchestrator there is a
- pluggable "provider" which connects the orchstrator to the environment to be
+ pluggable "provider" which connects the orchestrator to the environment to be
scanned and abstracts asset discovery, VM snapshotting as well as creation of
the scanner VMs. (**Note** The only supported provider today is AWS, other
hyperscalers are on the roadmap)
@@ -28,7 +28,7 @@ The VMClarity control plane includes several microservices:
CLI to offload work that would need to be done in every scanner, for example
downloading the latest vulnerability or malware signatures from the various DB
sources. The components included today are:
- - grype-server: A rest API wrapper around the grype vulnerbility scanner
+ - grype-server: A rest API wrapper around the grype vulnerability scanner
- trivy-server: Trivy vulnerability scanner server
- exploitDB server: A test API which wraps the Exploit DB CVE to exploit mapping logic
- freshclam-mirror: A mirror of the ClamAV malware signatures
@@ -39,7 +39,7 @@ exporting the results to VMClarity API.
These components are containerized and can be deployed in a number of different
ways. For example our cloudformation installer deploys VMClarity on a VM using
-docker in an dedicated AWS Virtual Private Cloud (VPC).
+docker in a dedicated AWS Virtual Private Cloud (VPC).
Once the VMClarity server instance has been deployed, and the scan
configurations have been created, VMClarity will discover VM resources within
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index ecdaeb93c..6c2f491c5 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -45,13 +45,13 @@ possible, and, if possible, a test case.
### Building VMClarity Binaries
Makefile targets are provided to compile and build the VMClarity binaries.
-`make build` can be used to build all of the components, but also specific
+`make build` can be used to build all the components, but also specific
targets are provided, for example `make build-cli` and `make build-backend` to
build the specific components in isolation.
### Building VMClarity Containers
-`make docker` can be used to build the VMClarity containers for all of the
+`make docker` can be used to build the VMClarity containers for all the
components. Specific targets for example `make docker-cli` and `make
docker-backend` are also provided.
diff --git a/TOUR.md b/TOUR.md
index 80dad8871..87f7ad4e4 100644
--- a/TOUR.md
+++ b/TOUR.md
@@ -16,13 +16,13 @@ Figure 3. VMClarity Scan Setup Step 1
-- In the "New scan config" wizard shown in Figure 4, follow the wizard steps to name the scan, and identify the AWS scope (region, VPC, security groups, etc). In the example shown in Figure 4, the AWS us-east-2 region, and a specific VPC were identied as well as a specific EC2 instance with the name "vmclarity-demo-vm".
+- In the "New scan config" wizard shown in Figure 4, follow the wizard steps to name the scan, and identify the AWS scope (region, VPC, security groups, etc.). In the example shown in Figure 4, the AWS us-east-2 region, and a specific VPC were identified as well as a specific EC2 instance with the name "vmclarity-demo-vm".
Figure 4. VMClarity Scan Setup Step 2
-- Next, identify all of the scan types you want enabled. As Figure 5 shows, all of the available scan types have been enabled.
+- Next, identify all the scan types you want enabled. As Figure 5 shows, all the available scan types have been enabled.
Figure 5. VMClarity Scan Setup Step 3
@@ -34,7 +34,7 @@ Figure 6. VMClarity Scan Setup Step 4
-- Once all of the scan setup steps have been entered, click on "Save".
+- Once all the scan setup steps have been entered, click on "Save".
In the Scan Configurations tab, you will see the scan config listed as shown in Figure 7.
diff --git a/docs/configuration.md b/docs/configuration.md
index 07db457a3..51015c09b 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -24,7 +24,7 @@
| `VMCLARITY_ORCHESTRATOR_APISERVER_ADDRESS` | **yes** | | | The URL for the _API Server_ used by the _Orchestrator_ to interact with the API. Example: `https://apiserver.example.com:8888/api` |
| `VMCLARITY_ORCHESTRATOR_HEALTHCHECK_ADDRESS` | | `:8082` | | Bind address to used by the _Orchestrator_ for `healthz` endpoint. Example: `localhost:8082` which will make the health endpoints be available at `localhost:8082/healthz/live` and `localhost:8082/healthz/ready`. |
| `VMCLARITY_ORCHESTRATOR_DISCOVERY_INTERVAL` | | `2m` | | How frequently the _Discovery_ perform discovery of _Assets_. |
-| `VMCLARITY_ORCHESTRATOR_CONTROLLER_STARTUP_DELAY` | | `7s` | | The time interval to wait between cotroller startups. **Do NOT change this parameter unless you know what you are doing.** |
+| `VMCLARITY_ORCHESTRATOR_CONTROLLER_STARTUP_DELAY` | | `7s` | | The time interval to wait between controller startups. **Do NOT change this parameter unless you know what you are doing.** |
| `VMCLARITY_ORCHESTRATOR_ASSETSCAN_WATCHER_POLL_PERIOD` | | `15s` | | How frequently poll the API for events related _AssetScan_ objects. |
| `VMCLARITY_ORCHESTRATOR_ASSETSCAN_WATCHER_RECONCILE_TIMEOUT` | | `5m` | | Time period for reconciling a _AssetScan_ event is allowed to run. |
| `VMCLARITY_ORCHESTRATOR_ASSETSCAN_WATCHER_ABORT_TIMEOUT` | | `10m` | | Time period to wait for the _Scanner_ to gracefully stop on-going scan for _AssetScan_ before setting the state of the AssetScan to `Failed`. |
diff --git a/docs/test_e2e.md b/docs/test_e2e.md
index 5fff99067..411e3cf41 100644
--- a/docs/test_e2e.md
+++ b/docs/test_e2e.md
@@ -1,4 +1,4 @@
-# End to End testing guide
+# End-to-end testing guide
## Table of Contents
@@ -7,7 +7,7 @@
- [2. Update installation/aws/VMClarity.cfn](#2-update-installationawsvmclaritycfn)
- [3. Install VMClarity cloudformation](#3-install-vmclarity-cloudformation)
- [4. Ensure that VMClarity backend is working correctly](#4-ensure-that-vmclarity-backend-is-working-correctly)
-- [Performing an end to end test](#performing-an-end-to-end-test)
+- [Performing an end-to-end test](#performing-an-end-to-end-test)
## Installing a specific VMClarity build on AWS
@@ -37,7 +37,7 @@ DOCKER_REGISTRY= make push-docker
sudo journalctl -u vmclarity
```
-## Performing an end to end test
+## Performing an end-to-end test
1. Copy the example [scanConfig.json](scanConfig.json) into the ubuntu user's home directory
diff --git a/e2e/helpers.go b/e2e/helpers.go
index d1b57ede4..fd31a9724 100644
--- a/e2e/helpers.go
+++ b/e2e/helpers.go
@@ -25,8 +25,8 @@ import (
)
const (
- DefaultScope string = "assetInfo/labels/any(t: t/key eq 'scanconfig' and t/value eq 'test')"
- DefaultTimeout time.Duration = 60 * time.Second
+ DefaultScope string = "assetInfo/labels/any(t: t/key eq 'scanconfig' and t/value eq 'test')"
+ DefaultTimeout = 60 * time.Second
)
var FullScanFamiliesConfig = models.ScanFamiliesConfig{
diff --git a/installation/kubernetes/helm/vmclarity/README.md b/installation/kubernetes/helm/vmclarity/README.md
index 10f037f7b..ee3c68bb1 100644
--- a/installation/kubernetes/helm/vmclarity/README.md
+++ b/installation/kubernetes/helm/vmclarity/README.md
@@ -40,7 +40,7 @@ secrets.
| apiserver.image.digest | string | `""` | API Server image digest. If set will override the tag. |
| apiserver.image.pullPolicy | string | `"IfNotPresent"` | API Server image pull policy |
| apiserver.image.registry | string | `"ghcr.io"` | API Server image registry |
-| apiserver.image.repository | string | `"openclarity/vmclarity-apiserver"` | API Server image repositiory |
+| apiserver.image.repository | string | `"openclarity/vmclarity-apiserver"` | API Server image repository |
| apiserver.image.tag | string | `"latest"` | API Server image tag (immutable tags are recommended) |
| apiserver.logLevel | string | `"info"` | API Server log level |
| apiserver.podSecurityContext.enabled | bool | `true` | Pod security context enabled |
diff --git a/installation/kubernetes/helm/vmclarity/values.yaml b/installation/kubernetes/helm/vmclarity/values.yaml
index eae88b4f4..a9cec8659 100644
--- a/installation/kubernetes/helm/vmclarity/values.yaml
+++ b/installation/kubernetes/helm/vmclarity/values.yaml
@@ -8,7 +8,7 @@ apiserver:
image:
# -- API Server image registry
registry: ghcr.io
- # -- API Server image repositiory
+ # -- API Server image repository
repository: openclarity/vmclarity-apiserver
# -- API Server image tag (immutable tags are recommended)
tag: latest
diff --git a/pkg/apiserver/database/odatasql/query.go b/pkg/apiserver/database/odatasql/query.go
index 4c6c58084..22442c5bb 100644
--- a/pkg/apiserver/database/odatasql/query.go
+++ b/pkg/apiserver/database/odatasql/query.go
@@ -136,7 +136,7 @@ func buildSelectFieldsFromSelectAndExpand(sqlVariant jsonsql.Variant, schemaMeta
var selectQuery *godata.GoDataSelectQuery
if selectString != nil && *selectString != "" {
// NOTE(sambetts):
- // For now we'll won't parse the data here and instead pass
+ // For now we won't parse the data here and instead pass
// just the raw value into the selectTree. The select tree will
// parse the select query using the ExpandParser. If we can
// update the GoData select parser to handle paths properly and
diff --git a/pkg/apiserver/database/odatasql/query_test.go b/pkg/apiserver/database/odatasql/query_test.go
index 0e20d8e71..3c532e782 100644
--- a/pkg/apiserver/database/odatasql/query_test.go
+++ b/pkg/apiserver/database/odatasql/query_test.go
@@ -49,7 +49,7 @@ type Options struct {
// Example field of a collection of primitive type inside of a nested
// complex type
- OtherThings []string `json:OtherThings`
+ OtherThings []string `json:"OtherThings"`
}
type Engine struct {
diff --git a/pkg/apiserver/rest/common.go b/pkg/apiserver/rest/common.go
index c0cbfc7e5..b8cad2fc6 100644
--- a/pkg/apiserver/rest/common.go
+++ b/pkg/apiserver/rest/common.go
@@ -51,7 +51,7 @@ func (s *ServerImpl) GetOpenAPISpec(ctx echo.Context) error {
// swagger-ui service dynamically loads the OpenAPI spec from the
// APIServer and knows where to send the TryItNow requests.
// Wherever the API server is accessed from through a proxy or
- // sub-domain this will correct the servers entry to match that clients
+ // subdomain this will correct the servers entry to match that clients
// access path.
headers := ctx.Request().Header
diff --git a/pkg/containerruntimediscovery/discoverer.go b/pkg/containerruntimediscovery/discoverer.go
index 4ac8980ff..e6dd5e950 100644
--- a/pkg/containerruntimediscovery/discoverer.go
+++ b/pkg/containerruntimediscovery/discoverer.go
@@ -31,7 +31,7 @@ type Discoverer interface {
type DiscovererFactory func(ctx context.Context) (Discoverer, error)
-var discovererFactories map[string]DiscovererFactory = map[string]DiscovererFactory{
+var discovererFactories = map[string]DiscovererFactory{
"docker": NewDockerDiscoverer,
"containerd": NewContainerdDiscoverer,
}
diff --git a/pkg/orchestrator/common/queue.go b/pkg/orchestrator/common/queue.go
index 67c1ff342..ee4f20e4c 100644
--- a/pkg/orchestrator/common/queue.go
+++ b/pkg/orchestrator/common/queue.go
@@ -43,7 +43,7 @@ type Queue[T ReconcileEvent] struct {
queue []T
// A map used as a set of unique items which are in the queue. This is
- // used by Enqueue and Has to provide a quick reference to whats in the
+ // used by Enqueue and Has to provide a quick reference to what is in the
// queue without needing to loop through the queue slice.
inqueue map[string]struct{}
@@ -118,7 +118,7 @@ func (q *Queue[T]) Dequeue(ctx context.Context) (T, error) {
return item, nil
}
-// Enqueue will add item to the queue if its not in the queue already.
+// Enqueue will add item to the queue if it is not in the queue already.
func (q *Queue[T]) Enqueue(item T) {
q.l.Lock()
defer q.l.Unlock()
diff --git a/pkg/orchestrator/provider/azure/common.go b/pkg/orchestrator/provider/azure/common.go
index 476f770aa..22fabc363 100644
--- a/pkg/orchestrator/provider/azure/common.go
+++ b/pkg/orchestrator/provider/azure/common.go
@@ -31,7 +31,7 @@ func handleAzureRequestError(err error, actionTmpl string, parts ...interface{})
var respError *azcore.ResponseError
if !errors.As(err, &respError) {
- // Error should be a azcore.ResponseError otherwise something
+ // Error should be an azcore.ResponseError otherwise something
// bad has happened in the client.
return false, provider.FatalErrorf("unexpected error from azure while %s: %w", action, err)
}
@@ -39,7 +39,7 @@ func handleAzureRequestError(err error, actionTmpl string, parts ...interface{})
sc := respError.StatusCode
switch {
case sc >= 400 && sc < 500:
- // Client errors (BadRequest/Unauthorized etc) are Fatal. We
+ // Client errors (BadRequest/Unauthorized/etc.) are Fatal. We
// also return true to indicate we have NotFound which is a
// special case in a lot of processing.
return sc == http.StatusNotFound, provider.FatalErrorf("error from azure while %s: %w", action, err)
diff --git a/pkg/orchestrator/provider/gcp/common.go b/pkg/orchestrator/provider/gcp/common.go
index db277a92b..c936d273e 100644
--- a/pkg/orchestrator/provider/gcp/common.go
+++ b/pkg/orchestrator/provider/gcp/common.go
@@ -37,7 +37,7 @@ func handleGcpRequestError(err error, actionTmpl string, parts ...interface{}) (
sc := gAPIError.Code
switch {
case sc >= http.StatusBadRequest && sc < http.StatusInternalServerError:
- // Client errors (BadRequest/Unauthorized etc) are Fatal. We
+ // Client errors (BadRequest/Unauthorized/etc.) are Fatal. We
// also return true to indicate we have NotFound which is a
// special case in a lot of processing.
return sc == http.StatusNotFound, provider.FatalErrorf("error from gcp while %s: %w", action, gAPIError)
diff --git a/pkg/orchestrator/provider/kubernetes/container.go b/pkg/orchestrator/provider/kubernetes/container.go
index 82438eb77..352b2486f 100644
--- a/pkg/orchestrator/provider/kubernetes/container.go
+++ b/pkg/orchestrator/provider/kubernetes/container.go
@@ -30,7 +30,7 @@ import (
"github.com/openclarity/vmclarity/pkg/shared/utils"
)
-var crDiscovererLabels map[string]string = map[string]string{
+var crDiscovererLabels = map[string]string{
"app.kubernetes.io/component": "cr-discovery-server",
"app.kubernetes.io/name": "vmclarity",
}
diff --git a/pkg/shared/analyzer/purl.go b/pkg/shared/analyzer/purl.go
index edae12397..4733eed4c 100644
--- a/pkg/shared/analyzer/purl.go
+++ b/pkg/shared/analyzer/purl.go
@@ -124,18 +124,18 @@ func purlStringToStruct(purlInput string) purl {
} else if len(purlParts) == 2 {
// Check type is a valid PURL type, if it is then use it.
//
- // Otherwise check if the type is a namespace we know belong to
+ // Otherwise, check if the type is a namespace we know belong to
// one of the types, sometimes the anaylzers goof up and forget
// the type part, looking at you syft....
//
- // If its a recognised namespace then we can correct the PURL,
+ // If it is a recognised namespace then we can correct the PURL,
// otherwise this is an invalid PURL so return the empty purl
// struct.
if isValidPurlType(purlParts[0]) {
output.typ = purlParts[0]
} else {
// Fix known cases otherwise just exclude the type from
- // the purl or error maybe, havn't decided
+ // the purl or error maybe, haven't decided
switch purlParts[0] {
case "alpine":
output.typ = "apk"
diff --git a/pkg/shared/families/misconfiguration/lynis/reportParser_test.go b/pkg/shared/families/misconfiguration/lynis/reportParser_test.go
index 87a9c93d7..e33123612 100644
--- a/pkg/shared/families/misconfiguration/lynis/reportParser_test.go
+++ b/pkg/shared/families/misconfiguration/lynis/reportParser_test.go
@@ -525,7 +525,7 @@ func TestReportParser_scanLynisReportFile(t *testing.T) {
}
}
-var testdataMisconfigurations []types.Misconfiguration = []types.Misconfiguration{
+var testdataMisconfigurations = []types.Misconfiguration{
{
ScannedPath: "scanPath",
TestCategory: "security",
diff --git a/pkg/shared/log/log.go b/pkg/shared/log/log.go
index 687ca0064..ecfbfed4d 100644
--- a/pkg/shared/log/log.go
+++ b/pkg/shared/log/log.go
@@ -30,7 +30,7 @@ const (
func InitLogger(level string, output io.Writer) {
logLevel, err := log.ParseLevel(level)
if err != nil {
- log.Errorf("failed to prase log level, using default(%s): %v", DefaultLogLevel, err)
+ log.Errorf("failed to parse log level, using default(%s): %v", DefaultLogLevel, err)
logLevel = DefaultLogLevel
}
log.SetLevel(logLevel)
diff --git a/pkg/shared/scanner/grype/local_grype.go b/pkg/shared/scanner/grype/local_grype.go
index 04c2cf4e7..626dd6a0c 100644
--- a/pkg/shared/scanner/grype/local_grype.go
+++ b/pkg/shared/scanner/grype/local_grype.go
@@ -80,7 +80,7 @@ func (s *LocalScanner) run(sourceType utils.SourceType, userInput string) {
}
s.logger.Infof("Loading DB. update=%v", s.config.UpdateDB)
- store, dbStatus, _, err := grype.LoadVulnerabilityDB(dbConfig, s.config.UpdateDB)
+ vulnerabilityStore, dbStatus, _, err := grype.LoadVulnerabilityDB(dbConfig, s.config.UpdateDB)
if err = validateDBLoad(err, dbStatus); err != nil {
ReportError(s.resultChan, fmt.Errorf("failed to load vulnerability DB: %w", err), s.logger)
@@ -116,7 +116,7 @@ func (s *LocalScanner) run(sourceType utils.SourceType, userInput string) {
s.logger.Infof("Found %d packages", len(packages))
- vulnerabilityMatcher := createVulnerabilityMatcher(store)
+ vulnerabilityMatcher := createVulnerabilityMatcher(vulnerabilityStore)
allMatches, ignoredMatches, err := vulnerabilityMatcher.FindMatches(packages, context)
// We can ignore ErrAboveSeverityThreshold since we are not setting the FailSeverity on the matcher.
if err != nil && !errors.Is(err, grypeerr.ErrAboveSeverityThreshold) {
@@ -125,7 +125,7 @@ func (s *LocalScanner) run(sourceType utils.SourceType, userInput string) {
}
s.logger.Infof("Found %d vulnerabilities", len(allMatches.Sorted()))
- doc, err := grype_models.NewDocument(packages, context, *allMatches, ignoredMatches, store.MetadataProvider, nil, dbStatus)
+ doc, err := grype_models.NewDocument(packages, context, *allMatches, ignoredMatches, vulnerabilityStore.MetadataProvider, nil, dbStatus)
if err != nil {
ReportError(s.resultChan, fmt.Errorf("failed to create document: %w", err), s.logger)
return
diff --git a/pkg/shared/scanner/merge.go b/pkg/shared/scanner/merge.go
index def1f9f4d..59c125e4c 100644
--- a/pkg/shared/scanner/merge.go
+++ b/pkg/shared/scanner/merge.go
@@ -230,7 +230,7 @@ func toVulnerabilityByKey(matches Matches) map[VulnerabilityKey]Vulnerability {
vulB, _ := json.Marshal(vul)
// nolint:errchkjson
newVulB, _ := json.Marshal(match.Vulnerability)
- log.Debugf("Existing vul with the same key %q. vul=%+s, newVul=%s", key, vulB, newVulB)
+ log.Debugf("Existing vul with the same key %q. vul=%s, newVul=%s", key, vulB, newVulB)
} else if diff != nil {
log.Debugf("Existing vul with the same key %q. diff.JSONDiff=%+v", key, diff.JSONDiff)
} else {
diff --git a/pkg/shared/scanner/trivy/scanner.go b/pkg/shared/scanner/trivy/scanner.go
index 0848f5b4f..06d37f758 100644
--- a/pkg/shared/scanner/trivy/scanner.go
+++ b/pkg/shared/scanner/trivy/scanner.go
@@ -59,8 +59,7 @@ func New(c job_manager.IsConfig,
// Init trivy's loggers with a hook into our logger
lc := logrusCore{logger}
- zap := zap.New(lc)
- trivyLog.Logger = zap.Sugar()
+ trivyLog.Logger = zap.New(lc).Sugar()
dlog.SetLogger(trivyLog.Logger)
flog.SetLogger(trivyLog.Logger)
diff --git a/pkg/shared/utils/containerrootfs/totempdirectory.go b/pkg/shared/utils/containerrootfs/totempdirectory.go
index e562c70f4..9d1dc3d65 100644
--- a/pkg/shared/utils/containerrootfs/totempdirectory.go
+++ b/pkg/shared/utils/containerrootfs/totempdirectory.go
@@ -62,7 +62,7 @@ func toTempDirectory(ctx context.Context, src string) (Rootfs, error) {
successful := false
tdrf := &tempDirRootfs{}
defer func() {
- // If we're successful then its the responsibility of the caller
+ // If we're successful then it is the responsibility of the caller
// to defer the cleanup, if we error during this function then
// we need to handle it.
if !successful {
diff --git a/pkg/shared/utils/cyclonedx_helper/cyclonedx_helper.go b/pkg/shared/utils/cyclonedx_helper/cyclonedx_helper.go
index 48df95ac9..bd11ad704 100644
--- a/pkg/shared/utils/cyclonedx_helper/cyclonedx_helper.go
+++ b/pkg/shared/utils/cyclonedx_helper/cyclonedx_helper.go
@@ -121,7 +121,7 @@ func GetComponentLicenses(component cdx.Component) []string {
func GetComponentLanguage(component cdx.Component) string {
// Get language from the PackageURL.
// PackageURL is a mandatory field for Component, so it should exist.
- purl, err := purl.FromString(component.PackageURL)
+ p, err := purl.FromString(component.PackageURL)
if err != nil {
log.Warnf("Failed to convert PURL from string: %v", err)
return ""
@@ -129,7 +129,7 @@ func GetComponentLanguage(component cdx.Component) string {
var lang string
// Defined languages in package-url
// https://github.com/package-url/purl-spec/blob/master/PURL-TYPES.rst#package-url-type-definitions
- switch purl.Type {
+ switch p.Type {
case "golang":
lang = "go"
case "pypi":
diff --git a/pkg/shared/utils/trivy/sourcetypes.go b/pkg/shared/utils/trivy/sourcetypes.go
index 2c83e4614..80f2ddebf 100644
--- a/pkg/shared/utils/trivy/sourcetypes.go
+++ b/pkg/shared/utils/trivy/sourcetypes.go
@@ -81,7 +81,7 @@ func SetTrivyImageOptions(sourceType utils.SourceType, userInput string, trivyOp
case utils.DOCKERARCHIVE, utils.OCIDIR:
trivyOptions.ImageOptions.Input = userInput
- // OCI Archive isn't natively supported so we'll convert it to a OCI
+ // OCI Archive isn't natively supported, so we'll convert it to an OCI
// directory first and then configure trivy as above.
case utils.OCIARCHIVE:
var err error
diff --git a/pkg/uibackend/rest/dashboard_findings_trends.go b/pkg/uibackend/rest/dashboard_findings_trends.go
index 4790fd23c..d5df80e31 100644
--- a/pkg/uibackend/rest/dashboard_findings_trends.go
+++ b/pkg/uibackend/rest/dashboard_findings_trends.go
@@ -95,10 +95,10 @@ func validateParams(params models.GetDashboardFindingsTrendsParams) error {
func createTimes(params models.GetDashboardFindingsTrendsParams) []time.Time {
times := make([]time.Time, numOfTimePoints)
timeBetweenPoints := params.EndTime.Sub(params.StartTime) / numOfTimePoints
- time := params.EndTime
+ t := params.EndTime
for i := numOfTimePoints - 1; i >= 0; i-- {
- times[i] = time
- time = time.Add(-timeBetweenPoints)
+ times[i] = t
+ t = t.Add(-timeBetweenPoints)
}
return times
}
diff --git a/rfc/end-to-end-type-safe-apis.md b/rfc/end-to-end-type-safe-apis.md
index e397b640e..7e9f8e8f5 100644
--- a/rfc/end-to-end-type-safe-apis.md
+++ b/rfc/end-to-end-type-safe-apis.md
@@ -17,7 +17,7 @@ We are using OpenAPIs in the project to describe our APIs. It should be the sing
The API is changing frequently and we often face the issue that something is broken (especially on the UI) because of the changes made on the API.
-UI developers always have to check the open api description because they don't have typing support during development. This process is manual and error prone. It is also very hard to maintain because you might not know all the occurences that you have to change given a specific API change.
+UI developers always have to check the open api description because they don't have typing support during development. This process is manual and error-prone. It is also very hard to maintain because you might not know all the occurrences that you have to change given a specific API change.
## Proposal
@@ -27,7 +27,7 @@ We could generate a client side SDK based on the OpenAPIs. The [OpenAPI generato
Besides generating the client side code to access the APIs we should also have a strategy for caching, request deduplication, keeping data up to date. Instead of solving all of this on our own we should use a proper data-fetching library. [`TanStack Query`](https://tanstack.com/query/v5/docs/react/overview) (formerly known as `react-query`) solves all of this (and even more) for us.
-The above proposal is just the ground work required for end to end type safety. Our client side code is written in JS at the moment. We should switch to TS in all the UI code and replace the API calls with the approppriate calls using the generated SDK to ensure end to end type safety.
+The above proposal is just the groundwork required for end to end type safety. Our client side code is written in JS at the moment. We should switch to TS in all the UI code and replace the API calls with the appropriate calls using the generated SDK to ensure end to end type safety.
### Abandoned Ideas (Optional)
@@ -68,7 +68,7 @@ const vmClarityApi = new VMClarityApi(undefined, undefined, axiosClient);
```
-4. Use the API instance in the your react-query based queries.
+4. Use the API instance in your react-query based queries.
```ts
const { data: assets } = useQuery({