From c3dda126005547184d2688d350585e940be996f5 Mon Sep 17 00:00:00 2001
From: Christian Clauss <cclauss@me.com>
Date: Thu, 6 Oct 2022 09:20:34 +0200
Subject: Upgrade GitHub Actions and make bandit, codespell, and pytest
 mandatory (#835)

* Upgrade GitHub Actions

* Fix typo discovered by codespell

* Update lint_python.yml
---
 .github/workflows/lint_python.yml                 | 18 ++++++++++--------
 oauthlib/openid/connect/core/request_validator.py |  2 +-
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/lint_python.yml b/.github/workflows/lint_python.yml
index 3b3be00..ba4d6c9 100644
--- a/.github/workflows/lint_python.yml
+++ b/.github/workflows/lint_python.yml
@@ -4,22 +4,24 @@ jobs:
   lint_python:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: 3.x
       - run: pip install --upgrade pip wheel
       - run: pip install bandit black codespell flake8 flake8-2020 flake8-bugbear
                          flake8-comprehensions isort mypy pytest pyupgrade safety
-      - run: bandit --recursive --skip B101 . || true  # B101 is assert statements
+      - run: bandit --recursive --skip B101,B105,B106,B107,B324 .
       - run: black --check . || true
-      - run: codespell || true  # --ignore-words-list="" --skip="*.css,*.js,*.lock"
+      - run: codespell  # --ignore-words-list="" --skip="*.css,*.js,*.lock"
       - run: flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
       - run: flake8 . --count --exit-zero --max-complexity=10 --max-line-length=88
                       --show-source --statistics
       - run: isort --check-only --profile black . || true
-      - run: pip install -r requirements.txt || pip install --editable . || true
+      - run: pip install -r requirements-test.txt
+      - run: pip install --editable .
       - run: mkdir --parents --verbose .mypy_cache
       - run: mypy --ignore-missing-imports --install-types --non-interactive . || true
-      - run: pytest . || true
-      - run: pytest --doctest-modules . || true
-      - run: shopt -s globstar && pyupgrade --py36-plus **/*.py || true
+      - run: pytest
+      - run: shopt -s globstar && pyupgrade --py37-plus **/*.py || true
       - run: safety check
diff --git a/oauthlib/openid/connect/core/request_validator.py b/oauthlib/openid/connect/core/request_validator.py
index 47c4cd9..e3cea79 100644
--- a/oauthlib/openid/connect/core/request_validator.py
+++ b/oauthlib/openid/connect/core/request_validator.py
@@ -143,7 +143,7 @@ class RequestValidator(OAuth2RequestValidator):
           Token MUST NOT be accepted by the RP when performing
           authentication with the OP.
 
-        Additionals claims must be added, note that `request.scope`
+        Additional claims must be added, note that `request.scope`
         should be used to determine the list of claims.
 
         More information can be found at `OpenID Connect Core#Claims`_
-- 
cgit v1.2.1