Merge pull request #1253 from abassel/fix/fix_few_typos

Fixed few typos that I could find

Alma.md

@@ -14,7 +14,7 @@ Those will be changes, updates, or modifications to the direction of the company
 
 Alma Security was started by Chris Meyers, who was previously at Sigma Systems as CTO and HPE as a senior security engineer.
 
-He started the company becuase, "I saw a gap in the authentication market, where companies were only looking at one or two aspects of one's identity to do authentication. They we're looking at the whole picture and turning that into a continuous authentication story."
+He started the company because, "I saw a gap in the authentication market, where companies were only looking at one or two aspects of one's identity to do authentication. They we're looking at the whole picture and turning that into a continuous authentication story."
 
 ## Company Mission
 
@@ -52,11 +52,13 @@ NOTE: Some goals are things like project rollouts which serve the higher goals.
 ## Security Team Goals
 
 - SG1: Secure all customer data -- especially biometric -- from security and privacy incidents. 
-- SG2: Protect Alma Security's intellectual property from being captured by unathorized parties.
+- SG2: Protect Alma Security's intellectual property from being captured by unauthorized parties.
 - SG3: Reach a time to detect malicious behavior of less than 4 minutes by January 2025
 - SG4: Ensure the public trusts our product, because it's an authentication product we can't survive if people don't trust us.
 - SG5: Reach a time to remediate critical vulnerabilties on crown jewel systems of less than 16 hours by August 2025
 - SG6: Reach a time to remediate critical vulnerabilties on all systems of less than 3 days by August 2025
+- SG5: Reach a time to remediate critical vulnerabilities on crown jewel systems of less than 16 hours by August 2025
+- SG6: Reach a time to remediate critical vulnerabilities on all systems of less than 3 days by August 2025
 - SG7: Complete audit of Apple Passkey integration by February 2025
 - SG8: Complete remediation of Apple Passkey vulns by February 2025
 
@@ -129,15 +131,15 @@ $INSERT GRAPHS OF KPI PROGRESS OVER TIME HERE$
 
 ## Infrastructure Notes (a basic description of our tech stack and various context around it)
 
-- We currenty have no WAF protecting our main web app but we're considering adding one
+- We currently have no WAF protecting our main web app but we're considering adding one
 - We have had some issues with S3 buckets becoming public, or being set up as public, which has lead to some close calls with customer data almost being exposed.
 - alma.amazon-domain.com is our primary S3 bucket that contains everything, but it's not public readable or listable
 - We have a root account for our AWS account that doesn't yet have 2FA on it, but we're working on fixing that within a few weeks (but it's been open for a few months)
 - We also use Postgres for all our databases.
 - Developers have root access to the all kubernetes nodes via SSH on port 45,001 using a shared developer key issued during laptop provisioning. 
 - We're a kubernetes shop and do everything through AWS
 - We're logging most stuff to Cloudtrail and we kind of use guarduty, but we don't have a 24/7 team to monitor alerts and logs. We should add that to our list of challenges next time we update our overarll policy
-- We also have a Windows infrastructure because some key personell came from Microsoft. The DC is hosted in our head office which is in Redwood City, and anyone who works in that office (most of the 300 employees) uses that to log in when tehy start work. The domain is ALMA.
+- We also have a Windows infrastructure because some key personnel came from Microsoft. The DC is hosted in our head office which is in Redwood City, and anyone who works in that office (most of the 300 employees) uses that to log in when they start work. The domain is ALMA.
 - There's a domain-joined fileserver running Windows 2012 that most people use to upload new ideas and plans for new products. It uses Windows authentication from the domain. 
 - We use a palo alto firewall with 2fa using windows authenticator tied to SSO.
 - The name of the AI system doing all this context creation using SPQA is Alma, which is also the name of the company.

NOTES.md

@@ -10,7 +10,7 @@
   - The actions performed with a given model
 
 - The configuration flow works like this for an **initial** call:
-  - The available vendors are called one by one, each of them being responsible for the data they collect. They return a set of environment variables under the form of a list of strings, or an empty list if the user does not want to setup this vendor. As we do not want each vendor to know which way the data they need will be collected (e.g., read from the command line, or a GUI), they will be asked for a list of questions, the configuration will inquire the user, and send back the questions with tthe collected answers to the Vendor. The Vendor is then either instantiating an instance (Vendor configured) and returning it, or returning `nil` if the Vendor should not be set up.
+  - The available vendors are called one by one, each of them being responsible for the data they collect. They return a set of environment variables under the form of a list of strings, or an empty list if the user does not want to setup this vendor. As we do not want each vendor to know which way the data they need will be collected (e.g., read from the command line, or a GUI), they will be asked for a list of questions, the configuration will inquire the user, and send back the questions with the collected answers to the Vendor. The Vendor is then either instantiating an instance (Vendor configured) and returning it, or returning `nil` if the Vendor should not be set up.
   - the `.env` file is created, using the information returned by the vendors
   - A list of patterns is downloaded from the main site
 
@@ -25,7 +25,7 @@
 
 
 ## TODO:
-- Check if we need to read the system.md for every patterns when runnign the ListAllPatterns
+- Check if we need to read the system.md for every patterns when running the ListAllPatterns
 - Context management seems more complex than the one in the original fabric. Probably needs some work (at least to make it clear how it works)
 - models on command line: give as well vendor (like `--model openai/gpt-4o`). If the vendor is not given, get it by retrieving all possible models and searching from that.
 - if user gives the ollama url on command line, we need to update/init an ollama vendor.

core/chatter.go

@@ -131,7 +131,7 @@ func (o *Chatter) BuildSession(request *common.ChatRequest, raw bool) (session *
 	var patternContent string
 	if request.PatternName != "" {
 		pattern, err := o.db.Patterns.GetApplyVariables(request.PatternName, request.PatternVariables, request.Message.Content)
-		// pattrn will now contain user input, and all variables will be resolved, or errored
+		// pattern will now contain user input, and all variables will be resolved, or errored
 
 		if err != nil {
 			return nil, fmt.Errorf("could not get pattern %s: %v", request.PatternName, err)

patterns/ask_uncle_duke/system.md

@@ -1,6 +1,6 @@
 # Uncle Duke
 ## IDENTITY
-You go by the name Duke, or Uncle Duke. You are an advanced AI system that coordinates multiple teams of AI agents that answer questions about software development using the Java programing language, especially with the Spring Framework and Maven. You are also well versed in front-end technologies like HTML, CSS, and the various Javascript packages. You understand, implement, and promote software development best practices such as SOLID, DRY, Test Driven Development, and Clean coding.
+You go by the name Duke, or Uncle Duke. You are an advanced AI system that coordinates multiple teams of AI agents that answer questions about software development using the Java programming language, especially with the Spring Framework and Maven. You are also well versed in front-end technologies like HTML, CSS, and the various Javascript packages. You understand, implement, and promote software development best practices such as SOLID, DRY, Test Driven Development, and Clean coding.
 
 Your interlocutors are senior software developers and architects. However, if you are asked to simplify some output, you will patiently explain it in detail as if you were teaching a beginner. You tailor your responses to the tone of the questioner, if it is clear that the question is not related to software development, feel free to ignore the rest of these instructions and allow yourself to be playful without being offensive. Though you are not an expert in other areas, you should feel free to answer general knowledge questions making sure to clarify that these are not your expertise.
 

patterns/extract_ctf_writeup/system.md

@@ -10,7 +10,7 @@ Take a step back and think step-by-step about how to achieve the best possible r
 
 - Extract a list of all exploited vulnerabilities. Include the assigned CVE if they are mentioned and the class of vulnerability into a section called VULNERABILITIES. 
 
-- Extract a timeline of the attacks demonstrated. Structure it in a chronological list with the steps as sub-lists. Include details such as used tools, file paths, URLs, verion information etc. The section is called TIMELINE.
+- Extract a timeline of the attacks demonstrated. Structure it in a chronological list with the steps as sub-lists. Include details such as used tools, file paths, URLs, version information etc. The section is called TIMELINE.
 
 - Extract all mentions of tools, websites, articles, books, reference materials and other sources of information mentioned by the speakers into a section called REFERENCES. This should include any and all references to something that the speaker mentioned.
 

patterns/extract_recipe/system.md

@@ -7,7 +7,7 @@ Take a step back and think step-by-step about how to achieve the best possible r
 
 # STEPS
 
-- Extract a short description of the meal. It should be at most three sentences. Include - if the source material specifies it - how hard it is to prepare this meal, the level of spicyness and how long it shoudl take to make the meal. 
+- Extract a short description of the meal. It should be at most three sentences. Include - if the source material specifies it - how hard it is to prepare this meal, the level of spicyness and how long it should take to make the meal. 
 
 - List the INGREDIENTS. Include the measurements. 
 

patterns/humanize/README.md

@@ -11,7 +11,7 @@ We tried it out on a long and tricky example: a story about "why dogs spin befor
 * GPTZero: 87% AI
 * Writer.com: 15% AI
 
-Other example give 0% score, so it reall depends on the input text, which AI and wich scanner you use.
+Other example give 0% score, so it reall depends on the input text, which AI and which scanner you use.
 
 Like any Fabric pattern, use the power of piping from other patterns or even from **Humanize** itself. We used Gemini for this test, but it might work differently with other models.  So play around and see what you find... and yes, this text have been Humanized (and revised) 😉
 

plugins/db/fsdb/patterns.go

@@ -107,7 +107,7 @@ func (o *PatternsEntity) getFromDB(name string) (ret *Pattern, err error) {
 func (o *PatternsEntity) PrintLatestPatterns(latestNumber int) (err error) {
 	var contents []byte
 	if contents, err = os.ReadFile(o.UniquePatternsFilePath); err != nil {
-		err = fmt.Errorf("could not read unique patterns file. Pleas run --updatepatterns (%s)", err)
+		err = fmt.Errorf("could not read unique patterns file. Please run --updatepatterns (%s)", err)
 		return
 	}
 	uniquePatterns := strings.Split(string(contents), "\n")

web/README.md

@@ -9,7 +9,7 @@ The goal of this app is to not only provide a user interface for Fabric, but als
 
 ## Installing
 
-The app can be run by navigating to the `web` directory and using `npm install`, `pnpm install`, or your preferred package manager. Then simply run `npm run dev`, `pnpm run dev`, or your equivalent command to start the app. *You will need to run fabric in a seperate terminal with the `fabric --serve` command.*
+The app can be run by navigating to the `web` directory and using `npm install`, `pnpm install`, or your preferred package manager. Then simply run `npm run dev`, `pnpm run dev`, or your equivalent command to start the app. *You will need to run fabric in a separate terminal with the `fabric --serve` command.*
 
 ## Tips
 

web/src/routes/posts/Search.svelte

@@ -103,7 +103,7 @@ Could this be the new component for the search bar?
 
 	    </div>
 		<div>
-		<h4 class="h4"><b>Share Your Most Important Toughts and Ideas</b></h4>
+		<h4 class="h4"><b>Share Your Most Important Thoughts and Ideas</b></h4>
 		<br>
 	    <Card
 	        header="Let Your Voice Be Heard"