fix(docs): correct typos found during code review

ADOPTERS.md

@@ -20,7 +20,7 @@ pre-production (in alphabetical order):
 | [Apex Fintech Solutions]             | [@spawar-apex] | Apex Fintech Solutions has integrated OWASP Dependency-Track into their CI/CD pipeline as part of the DevSecOps program. This integration allows for the upload of SBOMs (Software Bill of Materials) to the platform for comprehensive component analysis and a detailed understanding of the software inventory used in software applications. By analyzing the components in our monorepo, we enhance our vulnerability management program and gain valuable insights into transitive dependencies, which traditional SCA (Software Composition Analysis) tools often overlook.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
 | [Dutch Tax Office - Belastingdienst] | [@SudoHenk]    | Dutch Tax Office has integrated OWASP Dependency-Track into their development processes as part of the DevSecOps program. We integrate Dependency-Track with various platforms and programming languages to gain vulnerability insights in our internally developed software. We want to thank all contributors of Dependency-Track creating a resilient and extensible SCA tool. Especially the API is a huge asset to integrate within the current organization processes.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
 
-If you have adopted OWASP Depenency Track and would like to be included in this list,
+If you have adopted OWASP Dependency Track and would like to be included in this list,
 feel free to submit a PR updating this file or
 [open an issue](https://github.com/).
 

docs/_docs/analysis-types/known-vulnerabilities.md

@@ -74,7 +74,7 @@ Snyk REST API version is updated every 6 months and can be referred at
 ### Trivy Analyzer
 
 Trivy analyzer relies on a server trivy instance to perform the analysis using REST API.
-Trivy REST API is not publically documented so upgrading to a new version might lead to some issues.
+Trivy REST API is not publicly documented so upgrading to a new version might lead to some issues.
 
 ### Analysis Result Cache
 

docs/_docs/integrations/threadfix.md

@@ -5,7 +5,7 @@ chapter: 6
 order: 9
 ---
 
-ThreadFix includes a *remote provider* for Dependency-Track which provides seemless and automatic integration.
+ThreadFix includes a *remote provider* for Dependency-Track which provides seamless and automatic integration.
 Vulnerabilities on a per-project basis in Dependency-Track are mapped to corresponding applications in ThreadFix
 along with details of every vulnerability.
 

docs/_docs/terminology.md

@@ -61,7 +61,7 @@ An internally managed user that has the ability to login to Dependency-Track.
 ### Package URL (PURL)
 PURL or Package URL is a lightweight specification that standardizes the ability to reliably identify and locate 
 software packages. PURL is a URI string used to identify and locate a software package in a mostly universal and 
-uniform way across programing languages, package managers, packaging conventions, tools, APIs and databases. 
+uniform way across programming languages, package managers, packaging conventions, tools, APIs and databases. 
 See: <https://github.com/package-url/purl-spec>
 
 ### Portfolio

src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java

@@ -433,7 +433,7 @@ protected void deleteComponents(Project project) {
     }
 
     /**
-     * Deletes a Component and all objects dependant on the component.
+     * Deletes a Component and all objects dependent on the component.
      * @param component the Component to delete
      * @param commitIndex specifies if the search index should be committed (an expensive operation)
      */

src/main/java/org/dependencytrack/persistence/ProjectQueryManager.java

@@ -776,7 +776,7 @@ public Project clone(
                             clonedComponent.setProperties(clonedProperties);
                         }
 
-                        // Add vulnerabilties and finding attribution from the source component to the cloned component
+                        // Add vulnerabilities and finding attribution from the source component to the cloned component
                         for (Vulnerability vuln : sourceComponent.getVulnerabilities()) {
                             final FindingAttribution sourceAttribution = this.getFindingAttribution(vuln, sourceComponent);
                             this.addVulnerability(vuln, clonedComponent, sourceAttribution.getAnalyzerIdentity(), sourceAttribution.getAlternateIdentifier(), sourceAttribution.getReferenceUrl(), sourceAttribution.getAttributedOn());
@@ -943,7 +943,7 @@ private static Set<UUID> parseDirectDependenciesUuids(
     }
 
     /**
-     * Deletes a Project and all objects dependant on the project.
+     * Deletes a Project and all objects dependent on the project.
      * @param project the Project to delete
      * @param commitIndex specifies if the search index should be committed (an expensive operation)
      */

src/main/java/org/dependencytrack/persistence/ServiceComponentQueryManager.java

@@ -219,7 +219,7 @@ public boolean hasServiceComponents(final Project project) {
     }
 
     /**
-     * Deletes a ServiceComponent and all objects dependant on the service.
+     * Deletes a ServiceComponent and all objects dependent on the service.
      * @param service the ServiceComponent to delete
      * @param commitIndex specifies if the search index should be committed (an expensive operation)
      */

src/main/java/org/dependencytrack/persistence/VulnerabilityQueryManager.java

@@ -268,7 +268,7 @@ public void addVulnerability(Vulnerability vulnerability, Component component, A
 
     /**
      * Removes a vulnerability from a component.
-     * @param vulnerability the vulnerabillity to remove
+     * @param vulnerability the vulnerability to remove
      * @param component the component unaffected by the vulnerabiity
      */
     public void removeVulnerability(Vulnerability vulnerability, Component component) {
@@ -286,7 +286,7 @@ public void removeVulnerability(Vulnerability vulnerability, Component component
 
     /**
      * Returns a FindingAttribution object form a given vulnerability and component.
-     * @param vulnerability the vulnerabillity of the finding attribution
+     * @param vulnerability the vulnerability of the finding attribution
      * @param component the component of the finding attribution
      * @return a FindingAttribution object
      */

src/main/java/org/dependencytrack/policy/CoordinatesPolicyEvaluator.java

@@ -149,7 +149,7 @@ private boolean versionMatches(final String conditionValue, final String part) {
      * }
      * </pre>
      *
-     * @param condition teh condition to evaluate
+     * @param condition the condition to evaluate
      * @return the Coordinates
      */
     private Coordinates parseCoordinatesDefinition(final PolicyCondition condition) {

src/main/java/org/dependencytrack/policy/LicenseGroupPolicyEvaluator.java

@@ -44,7 +44,7 @@ public class LicenseGroupPolicyEvaluator extends AbstractPolicyEvaluator {
 
     /**
      * A license group that does not exist in the database and is therefore verified based on its
-     * licenses list directly instad of a database check
+     * licenses list directly instead of a database check
      */
     private static class TemporaryLicenseGroup extends LicenseGroup {
         private static final long serialVersionUID = -1268650463377651000L;

src/main/java/org/dependencytrack/policy/VersionDistancePolicyEvaluator.java

@@ -37,7 +37,7 @@
  * Evaluates the {@link VersionDistance} between a {@link Component}'s current and it's latest
  * version against a {@link Policy}. This makes it possible to add a policy for checking outdated
  * components. The policy "greater than 0:1.?.?" for example means, a difference of only one
- * between the curren version's major number and the latest version's major number is allowed.
+ * between the current version's major number and the latest version's major number is allowed.
  *
  * VersionDistances can be combined in a policy. For example "greater than 1:1.?.?" means a
  * difference of only one epoch number or one major number is allowed. Or "greater than 1.1.?"

src/main/java/org/dependencytrack/resources/v1/NotificationPublisherResource.java

@@ -284,7 +284,7 @@ public Response restoreDefaultTemplates() {
             return Response.ok().build();
         } catch (IOException ioException) {
             LOGGER.error(ioException.getMessage(), ioException);
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Exception occured while restoring default notification publisher templates.").build();
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Exception occurred while restoring default notification publisher templates.").build();
         }
     }
 
@@ -322,7 +322,7 @@ public Response testSmtpPublisherConfig(@FormParam("destination") String destina
             return Response.ok().build();
         } catch (InvocationTargetException | InstantiationException | IllegalAccessException | NoSuchMethodException e) {
             LOGGER.error(e.getMessage(), e);
-            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Exception occured while sending test mail notification.").build();
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Exception occurred while sending test mail notification.").build();
         }
     }
 

src/main/java/org/dependencytrack/tasks/repositories/ComposerMetaAnalyzer.java

@@ -156,7 +156,7 @@ public MetaModel analyze(final Component component) {
             return analyzeFromMetadataUrl(meta, component, packageMetaDataPathPattern);
         }
 
-        // initial batch of included pacakges is included in packages.json response
+        // initial batch of included packages is included in packages.json response
         if (isMinified(repoRoot)) {
             repoRoot.put("packages", expandPackages(repoRoot.getJSONObject("packages")));
         }

src/main/java/org/dependencytrack/tasks/repositories/IMetaAnalyzer.java

@@ -56,7 +56,7 @@ public interface IMetaAnalyzer {
     void setRepositoryUsernameAndPassword(String username, String password);
 
     /**
-     * Returns the type of repositry the analyzer supports.
+     * Returns the type of repository the analyzer supports.
      * @since 3.1.0
      */
     RepositoryType supportedRepositoryType();

src/main/java/org/dependencytrack/tasks/repositories/NugetMetaAnalyzer.java

@@ -104,7 +104,7 @@ public class NugetMetaAnalyzer extends AbstractMetaAnalyzer {
     /**
      * Sets the repository base URL which will then be used to retrieve and parse the service index. If the user has
      * specified a repo URL ending with index.json, it should be considered "fully qualified" and used as is to maximise
-     * compatability with non-nuget.org repos such as Artifactory. If not, preserve the previous Dependency Track
+     * compatibility with non-nuget.org repos such as Artifactory. If not, preserve the previous Dependency Track
      * behaviour of appending the nuget.org index to the supplied URL.
      *
      * @param baseUrl the base URL to the repository

src/main/java/org/dependencytrack/util/VersionDistance.java

@@ -157,7 +157,7 @@ private static int parseVersion(String version) throws NumberFormatException {
     }
 
     /**
-     * Parse a string of combined {@link VersionDistance}s and return tham as a {@link VersionDistance} {@link List}
+     * Parse a string of combined {@link VersionDistance}s and return than as a {@link VersionDistance} {@link List}
      * @param combinedDistances combined version distance string, e.g 1:1.?.? -> (1:?.?.?, 0:1.?.?)
      * @return List of separate {@link VersionDistance}s
      * @throws NumberFormatException in case a version distance cannot be parsed

src/test/java/org/dependencytrack/policy/VersionDistancePolicyEvaluatorTest.java

@@ -71,7 +71,7 @@ public static Collection<Arguments> testParameters() {
                 Arguments.of("1.2.3", "1.2.3", Operator.NUMERIC_NOT_EQUAL, "{ \"major\": \"0\", \"minor\": \"0\", \"patch\": \"0\" }", false),
                 Arguments.of("1.2.3", "1.2.3", Operator.NUMERIC_LESS_THAN, "{ \"major\": \"0\", \"minor\": \"0\", \"patch\": \"0\" }", false),
                 Arguments.of("1.2.3", "1.2.3", Operator.NUMERIC_LESSER_THAN_OR_EQUAL, "{ \"major\": \"0\", \"minor\": \"0\", \"patch\": \"0\" }", true),
-                // Negative distanse.
+                // Negative distance.
                 Arguments.of("2.3.4", "1.2.3", Operator.NUMERIC_GREATER_THAN_OR_EQUAL, "{ \"major\": \"1\", \"minor\": \"?\", \"patch\": \"?\" }", true),
                 Arguments.of("2.3.4", "1.2.3", Operator.NUMERIC_GREATER_THAN, "{ \"major\": \"1\", \"minor\": \"?\", \"patch\": \"?\" }", false),
                 Arguments.of("2.3.4", "1.2.3", Operator.NUMERIC_EQUAL, "{ \"major\": \"1\", \"minor\": \"?\", \"patch\": \"?\" }", true),
@@ -93,7 +93,7 @@ public static Collection<Arguments> testParameters() {
                 Arguments.of("0.2.2", "1.0.0", Operator.NUMERIC_EQUAL, "{\"epoch\": \"0\", \"major\": \"0\", \"minor\": \"1\", \"patch\": \"1\" }", false),
                 // Unsupported operator.
                 Arguments.of("1.2.3", "2.1.1", Operator.MATCHES, "{ \"major\": \"1\", \"minor\": \"?\", \"patch\": \"?\" }", false),
-                // Invalid distanse format.
+                // Invalid distance format.
                 Arguments.of("1.2.3", "2.1.1", Operator.NUMERIC_EQUAL, "{ \"major\": \"1a\" }", false),
                 // No known latestVersion.
                 Arguments.of("1.2.3", null, Operator.NUMERIC_EQUAL, "{ \"major\": \"0\", \"minor\": \"0\", \"patch\": \"0\" }", false)

src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java

@@ -70,7 +70,7 @@ void getComponentsDefaultRequestTest() {
 
     /**
      * Generate a project with different dependencies
-     * @return A project with 1000 dpendencies: <ul>
+     * @return A project with 1000 dependencies: <ul>
      * <li>200 outdated dependencies, 75 direct and 125 transitive</li>
      * <li>800 recent dependencies, 25 direct, 775 transitive</li>
      * @throws MalformedPackageURLException
@@ -87,9 +87,9 @@ private Project prepareProject() throws MalformedPackageURLException {
             component.setVersion(String.valueOf(i)+".0");
             component.setPurl(new PackageURL(RepositoryType.MAVEN.toString(), "component-group", "component-name-"+i , String.valueOf(i)+".0", null, null));
             component = qm.createComponent(component, false);
-            // direct depencencies
+            // direct dependencies
             if (i < 100) {
-                // 100 direct depencencies, 900 transitive depencencies
+                // 100 direct dependencies, 900 transitive dependencies
                 directDepencencies.add("{\"uuid\":\"" + component.getUuid() + "\"}");
             }
             // Recent & Outdated
@@ -138,9 +138,9 @@ private Project prepareProjectUngroupedComponents() throws MalformedPackageURLEx
             component.setVersion(String.valueOf(i)+".0");
             component.setPurl(new PackageURL(RepositoryType.PYPI.toString(), null, "component-name-"+i , String.valueOf(i)+".0", null, null));
             component = qm.createComponent(component, false);
-            // direct depencencies
+            // direct dependencies
             if (i < 4) {
-                // 4 direct depencencies, 6 transitive depencencies
+                // 4 direct dependencies, 6 transitive dependencies
                 directDepencencies.add("{\"uuid\":\"" + component.getUuid() + "\"}");
             }
             // Recent & Outdated