YubiKey-Guide
YubiKey-Guide copied to clipboard
$@ needs to be quoted for safe usage
#!/usr/bin/env bash
test ! "$@" && echo "Specify a key." && exit 1
KEYGRIPS="$(gpg --with-keygrip --list-secret-keys $@ | grep Keygrip | awk '{print $3}')"
Consider instead:
#!/usr/bin/env bash
(( $# )) || { echo "Specify a key." >&2; exit 1; }
KEYGRIPS=$(gpg --with-keygrip --list-secret-keys "$@" | awk '/Keygrip/ { print $3 }')
-
"$@"
expands to an arbitrary number of arguments (which can be zero -- in which casetest !
is treated liketest -n '!'
and has a truthy result), buttest ! "$@"
only works in a reasonable way if it expands to exactly one argument.test ! "$*"
, concatenating all arguments together into a single string, is probably closer to the original intended meaning; but since the shell is guaranteed to be bash,(( $# ))
is both terser and more readable. - When unquoted,
$@
acts exactly like an unquoted$*
, with several undesirable behaviors: It doesn't honor original quoting, but instead word-splits the argument list and then attempts to process each item resulting from that as a glob. Using"$@"
passes the original argument list through exactly as-is.
Thanks for the suggestion - would you mind sending a PR to make the necessary change?