static-analysis
ShellCheck
Our great sponsors
static-analysis | ShellCheck | |
---|---|---|
15 | 488 | |
12,858 | 34,934 | |
1.8% | - | |
9.4 | 8.6 | |
8 days ago | 11 days ago | |
Rust | Haskell | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
static-analysis
-
Static Analysis Tools for C
Readers should also peruse the 'Multiple languages' section, many of the big names, Coverity, Klocwork et al. are listed there.
see https://github.com/analysis-tools-dev/static-analysis#multip...
- Static-analysis – A curated list of static analysis (SAST) tools and linters
- Are you in favor of small functions/clean code or opposed to it?
-
Looking for feedback on our new website for Code Analysis Tools
this is Matthias from https://analysis-tools.dev.
-
Beating a dead horse?
Not an area I've had to deal with much unfortunately. Here is also a curated list of SAST tools grouped by technology. It can take quite some time to properly vet tools like this, but you might find something valuable in there.
-
Checked C
https://github.com/analysis-tools-dev/static-analysis
-
From Novice to contributor to Linux Kernel and/or other Low-Level projects
You can for example rely on static analyzers and scan the repositories (just please take care of making sure that any fix you make actually makes sense, sometimes people will just make whatever causes the reports to go away without understanding them). This site lists a bunch of them for different languages -> https://analysis-tools.dev/
-
What's the best free security scan tool for C/C++ files?
There's a bunch on https://github.com/analysis-tools-dev/static-analysis
-
Does anyone know of any tool for calculating the cyclomatic complexity of pascal-based source code?
https://github.com/analysis-tools-dev/static-analysis - general list of SAST
ShellCheck
-
Ask HN: Is there a GUI for bash shell?
ncurse, dialog, zenity[2]. i/o buffering may be an issue [3a,3b]
Assuming using same account, use history command to show past commands[0a, 0b]
'load random example' on shellcheck using own custom examples from history command.[1]
--------
[3a] : http://www.gnu.org/software/coreutils/manual/html_node/stdbu...
[3b] : http://unix.stackexchange.com/questions/25372/how-to-turn-of...
[2] : http//funprojects.blog/2021/01/25/zenity-command-line-dialogs/
[1] : http://www.shellcheck.net/
[0a] : http://www.tecmint.com/history-command-examples/
[0b] : http://www.tecmint.com/remember-linux-commands/
web based documentation: https://www.tecmint.com/linux-commands-cheat-sheet/
commands grouped by typical usage patterns : https://www.tecmint.com/essential-linux-commands/
-
DevSecOps with AWS- IaC at scale - Building your own platform - Part 1
... #************************** Terraform ************************************* ARG TERRAFORM_VERSION=1.7.3 RUN set -ex \ && curl -O https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin/ RUN set -ex \ && mkdir -p $HOME/.terraform.d/plugin-cache && echo 'plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"' > ~/.terraformrc #************************* Terragrunt ************************************* ARG TERRAGRUNT_VERSION=0.55.1 RUN set -ex \ && wget https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64 -q \ && mv terragrunt_linux_amd64 /usr/local/bin/terragrunt \ && chmod +x /usr/local/bin/terragrunt #*********************** Terramate **************************************** ARG TERRAMATE_VERSION=0.4.5 RUN set -ex \ && wget https://github.com/mineiros-io/terramate/releases/download/v${TERRAMATE_VERSION}/terramate_${TERRAMATE_VERSION}_linux_x86_64.tar.gz \ && tar -xzf terramate_${TERRAMATE_VERSION}_linux_x86_64.tar.gz \ && mv terramate /usr/local/bin/terramate \ && chmod +x /usr/local/bin/terramate #*********************** tfsec ******************************************** ARG TFSEC_VERSION=1.28.5 RUN set -ex \ && wget https://github.com/aquasecurity/tfsec/releases/download/v${TFSEC_VERSION}/tfsec-linux-amd64 \ && mv tfsec-linux-amd64 /usr/local/bin/tfsec \ && chmod +x /usr/local/bin/tfsec \ && terragrunt --version #**********************Terraform docs ************************************ ARG TERRRAFORM_DOCS_VERSION=0.17.0 RUN set -ex \ && curl -sSLo ./terraform-docs.tar.gz https://terraform-docs.io/dl/v${TERRRAFORM_DOCS_VERSION}/terraform-docs-v${TERRRAFORM_DOCS_VERSION}-$(uname)-amd64.tar.gz \ && tar -xzf terraform-docs.tar.gz \ && chmod +x terraform-docs \ && mv terraform-docs /usr/local/bin/terraform-docs #********************* ShellCheck ***************************************** ARG SHELLCHECK_VERSION="stable" RUN set -ex \ && wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${SHELLCHECK_VERSION?}/shellcheck-${SHELLCHECK_VERSION?}.linux.x86_64.tar.xz" | tar -xJv \ && cp "shellcheck-${SHELLCHECK_VERSION}/shellcheck" /usr/bin/ \ && shellcheck --version ...
-
Ask HN: Popular open source tool originally written in Haskell?
ShellCheck: https://github.com/koalaman/shellcheck
-
Google ZX – A tool for writing better scripts
If I want to write better shell scripts I usually run shellcheck and adjust accordingly or if I need facilities not provided by the shell i switch to a full fledged programming language. Ans oh yes, `sh` is present almost on every BSD and Linux box for free so I consider it an important thing to at least be comfortable with.
shellcheck: https://www.shellcheck.net/
-
How I use Nix in my Elm projects
When I run nix-shell at the root of the project it puts me in a Nix shell that contains, among other programs, caddy and shellcheck. Notice that in the shellHook I add the project's shell scripts to the PATH. So once I'm in the Nix shell I can, among other things:
- Ask HN: A Bash guide for Posix programmers?
-
Regex support to list modules in .cabal?
I have also seen some projects on github like ShellCheck which first make a library, expose all the modules and then simple add that do build-depends of the final executable. Is this the recommended approach than having just one executable and adding all the modules to other-modules:?
-
Shellcheck finds bugs in your shell scripts
The error checks can be pretty arcane:
https://github.com/koalaman/shellcheck/wiki/Checks
-
Is there a syntax checker?
Similar to for instance shellcheck to check the syntax of shell scripts, is there an equivalent for the set of roff commands typically used in a (Linux) man page? I'm aware that e.g. pandoc permits the conversion of an other format (e.g., org) to both roff man and roff ms.
- Shellcheck – finds bugs in your shell scripts
What are some alternatives?
solana - Web-Scale Blockchain for fast, secure, scalable, decentralized apps and marketplaces.
bash-language-server - A language server for Bash
awesome-rust - A curated list of Rust code and resources.
shfmt - Dockernized shfmt. This formats shell script.
find-sec-bugs - The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
shellharden - The corrective bash syntax highlighter
rust-blog - Educational blog posts for Rust beginners
shfmt - A shell formatter (sh/bash/mksh)
awesome-linters - A community-driven list of awesome linters.
PowerShell - PowerShell for every system!
dynamic-analysis - ⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.
efm-langserver - General purpose Language Server