stank issues

warn on lack of set -o pipefail in scripts with piping commands

Take care to avoid false positives, when the pipe symbol is passed in a double or single quoted command argument. Perhaps we keep the scan simple and ignore the false...

mcandre

stank: ignore common vendor directories

* [ ] Promote Ignores[] and Ignore() to the stank library. * [ ] Add Ignore() filter to the Walk implementation in the stank binary. * [ ] Add Ignore()...

mcandre

warn on risk of infinite recursion

Calling `$0` or `exec $0` with no further CLI arguments is asking for trouble.

mcandre

polyshell

Not itself POSIX, but can generate POSIX artifacts https://github.com/llamasoft/polyshell

mcandre

batsh

Not itself POSIX, but can generate POSIX artifacts https://github.com/batsh-dev-team/Batsh

mcandre

scsh

LISPy, not POSIXy

mcandre

option: recommend double-quotes instead of single quotes, for easier copying and pasting of polyglot commands into Windows shells

mcandre

reimplement in rust

The act of implementing our own AST, can help to identify many subtle quirks of sh coding. A PEG-based AST could do wonders for richer linter warnings. More performant application....

mcandre

cite dotenv linter

https://github.com/dotenv-linter/dotenv-linter

mcandre

cicada

(the shell, not the security tool) https://github.com/mitnk/cicada

mcandre

stank
stank copied to clipboard

Metadata

warn on lack of set -o pipefail in scripts with piping commands

stank: ignore common vendor directories

warn on risk of infinite recursion

polyshell

batsh

scsh

option: recommend double-quotes instead of single quotes, for easier copying and pasting of polyglot commands into Windows shells

reimplement in rust

cite dotenv linter

cicada

← Metadata

Owner

Metadata

stank stank copied to clipboard

Metadata

← Metadata

Owner

Metadata

stank
stank copied to clipboard