ShellCheck VS sh

not sure about unit/functional testing, but https://www.shellcheck.net/ is handy for linting and finding bad practice.

First, how did ShellSheck didn't give you warnings, if you checked it?

BTW, check out https://www.shellcheck.net/. You can install it to your computer and it'll warn you about this and many other ways you can accidentally shoot at your own foot with Bash.

This is super easy but, may not always be enough.. Luckily, the fine people at ShellCheck gave this some thought and created a nifty tool. It’s got a nice README, is available via most decent package managers and, even has a web interface where you can test snippets (in case you’re bored and on the tube, I guess). The README also includes a Gallery of bad code to showcase some of the stuff shellcheck can pick up on.

Bash because it's everywhere and I've put effort into learning it properly. My scripts almost always pass shellcheck first try, and I know the syntax of bash-specific features reasonably well. I don't see any advantage to learning another shell which I need to explicitly install and relearn all over again.

The Prompt logic could include some nuance to flag potentially harmful commands, but it would still be potentially fallible. However, you raise an excellent point, and value can be added by altering the workflow to run the results through a tool like shellcheck, where you can customize acceptable BASH commands.

Idea: Incorporate shellcheck that repeats the code back to the bot until it passes shellcheck at least.

A good way to learn the finicky bits is to run all your scripts through shellcheck. (Better yet, find a plugin for your editor/IDE.) If it flags an issue, read the corresponding wiki page and see if you understand it.

Have you run them through shellcheck? https://www.shellcheck.net/

Nice work! I recommend using https://www.shellcheck.net/ to make sure your bash script is in a good modern shape

For the first two caveats, I actually agree that we could and should handle ambiguous input. It just hasn't been a priority because doing that properly would be quite a bit of work, and such ambiguous syntax isn't particularly common. See https://github.com/mvdan/sh/issues/686 for my current thoughts on how to tackle it.

The third caveat concerns parsing `export` and `let` as keywords rather than as builtins. Like the README says, this is to properly build the syntax without leaving opaque strings as expressions, but also to support `declare foo=(bar)` which wouldn't work if `declare` was treated like any other builtin simple command.

How else would you have a static parser handle these two builtins? They are in a bit of an awkward middle ground between builtin and keyword. My instinct is that giving them special treatment in the parser to allow tokens like `(`, while at the same time representing them in the syntax tree with opaque strings as expressions, would be pretty underwhelming to any users of the parser.

That said, we already have that problem with `let "foo=123"` for example, where our parser currently represents the expression as the quoted string without going any deeper. https://github.com/mvdan/sh/issues/754#issuecomment-96329574... considers doing a second parse stage in the shell interpreter to fix cases like these, though always doing a second parse could get expensive.

We _could_ leave all arithmetic expressions as input strings in the parser, and do all the actual parsing when they are evaluated. That would be more compatible with Bash and more consistent. But it would also be less useful to any parser users who don't run into any of these weird edge cases, which aren't common at all, I think.

In short, I have some ideas, but I'm not sure at all what's best :) Doing a good job for 99% of users feels better than aiming for 100% compatibility with bash syntax, particularly where bash syntax is a bit weird.

My bad, I completely screwed this up... the as of yet undiscussed project is:

https://github.com/mvdan/sh

(not shmfmt)

I support projects like this for purposes of exploration and practice. But don't expect people to use it when there are already well established projects out there like: https://github.com/mvdan/sh

There are also: - shfmt - sh - bash language server - bashate

There is shellcheck, and shellharden which is a strict version of it. There are similar stuff here, some that also help with your editor. You can also use a docker version of shfmt. See here for a quick tutorial on shfmt.

Now go ahead and install shellcheck and shfmt to get even better at it.

INSTALL_DIR=/usr/local/bin # Call with arguments (location,filename,sha,name,strip) function download_verify_install() { curl -LOf "${1}${2}" echo "${3} ./${2}" | sha512sum --check tar -C $INSTALL_DIR/ -xf "${2}" --no-anchored "${4}" --strip="${5}" } install_redhat_binaries() { BOLD=$(tput bold) RESET=$(tput sgr0) set -euo pipefail local PANDOC_LOCATION=https://github.com/jgm/pandoc/releases/download/2.11.2/ local PANDOC_FILENAME=pandoc-2.11.2-linux-amd64.tar.gz local PANDOC_SHA=9d265941f224d376514e18fc45d5292e9c2481b04693c96917a0d55ed817b190cf2ea2666097388bfdf30023db2628567ea04ff6b9cc3316130a8190da72c605 local SHELLCHECK_LOCATION=https://github.com/koalaman/shellcheck/releases/download/v0.7.2/ local SHELLCHECK_FILENAME=shellcheck-v0.7.2.linux.x86_64.tar.xz local SHELLCHECK_SHA=067e2b8ee1910218de1e62068f7cc86ed7048e97b2a9d7c475ea29ae81c17a944376ce5c240d5c783ef3251d9bee7d7d010351958314eadd0fc88b5decfd8328 local SHFMT_LOCATION=https://github.com/mvdan/sh/releases/download/v3.2.2/ local SHFMT_FILENAME=shfmt_v3.2.2_linux_amd64 local SHFMT_SHA=d4e699575899f7c44dbce54f6414fb63c0527e7d743ea724cb0091417e07a353c1d156d4184580a260ca855cdf5e01cdf46b353f04cf5093eba3ffc02223f1c6 local BAT_LOCATION=https://github.com/sharkdp/bat/releases/download/v0.18.1/ local BAT_FILENAME=bat-v0.18.1-x86_64-unknown-linux-gnu.tar.gz local BAT_SHA=5ccab17461d2c707dab2e917daacdabe744c8f8c1e09330c03f17b6f9a9be3d79d8a2786c5e37b1bdbdb981e9d9debfec909b4a99bf62329d6f12c1c3e8dfcb7 local RIPGREP_LOCATION=https://github.com/BurntSushi/ripgrep/releases/download/13.0.0/ local RIPGREP_FILENAME=ripgrep-13.0.0-x86_64-unknown-linux-musl.tar.gz local RIPGREP_SHA=cdc18bd31019fc7b8509224c2f52b230be33dee36deea2e4db1ee8c78ace406c7cd182814d056f4ce65ee533290a674822432777b61c2b4bc8cc4a4ea107cfde echo -e "${BOLD}Installing binaries for RHEL clones not available in repositories...${RESET}\n" download_verify_install "$PANDOC_LOCATION" "$PANDOC_FILENAME" "$PANDOC_SHA" "pandoc" 2 download_verify_install "$SHELLCHECK_LOCATION" "$SHELLCHECK_FILENAME" "$SHELLCHECK_SHA" "shellcheck" 1 download_verify_install "$BAT_LOCATION" "$BAT_FILENAME" "$BAT_SHA" "bat" 1 download_verify_install "$RIPGREP_LOCATION" "$RIPGREP_FILENAME" "$RIPGREP_SHA" "rg" 1 # download_verify "$SHFMT_LOCATION" "$SHFMT_FILENAME" "$SHFMT_SHA" # chmod +x $SHFMT_FILENAME # mv $SHFMT_FILENAME $INSTALL_DIR/shfmt } install_redhat_binaries

Does anybody have such? Maybe you could share your experience? I use coc.nvim. My eyes fell on these 3 tools. The first one is language server and it has coc extensions coc-sh. But others are not so I am not sure which vim plugin should I use to hook them up: besides diagnostic-languageserver there are syntastic and neomake - bash-language-server - shellcheck - shfmt

I also use shfmt with efm-langserver too. Shfmt provides auto-formatting. For completions I use bash-language-server with native lsp.