shellcheck v0.9 release: static analysis tool for shell scripts

by do son · Published · Updated

shellcheck

ShellCheck – A shell script static analysis tool

The goals of ShellCheck are

  • To point out and clarify typical beginner’s syntax issues that cause a shell to give cryptic error messages.
  • To point out and clarify typical intermediate-level semantic problems that cause a shell to behave strangely and counter-intuitively.
  • To point out subtle caveats, corner cases, and pitfalls that may cause an advanced user’s otherwise working script to fail under future circumstances.

Changelog v0.9

Added

  • SC2316: Warn about ‘local readonly foo’ and similar (thanks, patrickxia!)
  • SC2317: Warn about unreachable commands
  • SC2318: Warn about backreferences in ‘declare x=1 y=$x’
  • SC2319/SC2320: Warn when $? refers to echo/printf/[ ]/[[ ]]/test
  • SC2321: Suggest removing ((..))inarray[((idx))]=val
  • SC2322: Suggest collapsing double parentheses in arithmetic contexts
  • SC2323: Suggest removing wrapping parentheses in a[(x+1)]=val

Fixed

  • SC2086: Now uses DFA to make more accurate predictions about values
  • SC2086: No longer warns about values declared as integer with declare -i

Changed

  • ShellCheck now has a Data Flow Analysis engine to make smarter decisions based on control flow rather than just syntax. Existing checks will gradually start using it, which may cause them to trigger differently (but more accurately).
  • Values in directives/shellcheckrc can now be quoted with ” or “”

Installing

On Debian based distros:

apt-get install shellcheck

On Arch Linux based distros:

pacman -S shellcheck

Use

On the web

Paste a shell script on https://www.shellcheck.net for instant feedback.

From your terminal

Run shellcheck yourscript in your terminal for instant output, as seen above.

In your editor

You can see ShellCheck suggestions directly in a variety of editors.

Screenshot of Vim showing inlined shellcheck feedback.

Screenshot of emacs showing inlined shellcheck feedback.

In your build or test suites

While ShellCheck is mostly intended for interactive use, it can easily be added to builds or test suites.

It makes canonical use of exit codes and can output simple JSON, CheckStyle compatible XML, GCC compatible warnings as well as human-readable text (with or without ANSI colors).

Tutorial

Copyright 2012-2018, Vidar ‘koala_man’ Holen and contributors.

Source: https://github.com/koalaman/

Tags: ShellCheck