1001
Error prone
Medium
This \\N will be a regular 'N' in this context.
BACK TO LIST
Shell rules
Bash, zsh, ksh: regardless what Shell you use, Codiga got you covered. With hundreds of rules, the Codiga Static Engine checks for any issue in your shell script and surfaces issues in your Shell codebase.
1003
Error prone
Medium
Want to escape a single quote? echo 'This is how it'\\''s done'.
1004
Error prone
Medium
This backslash+linefeed is literal. Break outside single quotes if you just want to break the line.
1007
Error prone
High
Remove space after = if trying to assign a value (for empty string
1008
Code style
Minor
This shebang was unrecognized. Note that ShellCheck only handles sh/bash/dash/ksh.
1009
Error prone
Medium
The mentioned syntax error was in this elif clause.
1010
Error prone
High
Use semicolon or linefeed before 'fi' (or quote to make it literal).
1012
Error prone
High
\\r is just literal 'r' here. For carriage return
1014
Error prone
High
Use 'if cmd; then ..' to check exit code
1017
Error prone
Critical
Literal carriage return. Run script through tr -d '\\r' .
1018
Error prone
Critical
This is a unicode non-breaking space. Delete and retype it.
1019
Error prone
Critical
Expected this to be an argument to the unary condition.
1020
Error prone
Critical
You need a space before the ]].
1035
Error prone
Critical
You are missing a required space after the !.
1036
Error prone
Critical
(' is invalid here. Did you forget to escape it?
1046
Error prone
Critical
Couldn't find 'fi' for this 'if'.
1047
Error prone
Critical
Expected 'fi' matching previously mentioned 'if'.
1048
Error prone
Critical
Can't have empty else clauses (use 'true' as a no-op).
1049
Error prone
Critical
Did you forget the 'then' for this 'if'?
1050
Error prone
Critical
Expected 'then'.
1054
Error prone
Critical
You need a space after the '{'.
1055
Error prone
Critical
You need at least one command here. Use 'true;' as a no-op.
1056
Error prone
Critical
Expected a '}'. If you have one
1058
Error prone
Critical
Expected 'do'.
1061
Error prone
Critical
Couldn't find 'done' for this 'do'.
1062
Error prone
Critical
Expected 'done' matching previously mentioned 'do'.
1064
Error prone
Critical
Expected a { to open the function definition.
1065
Error prone
Critical
Trying to declare parameters? Don't. Use () and refer to params as $1
1066
Error prone
Critical
Don't use $ on the left side of assignments.
1068
Code style
Minor
Don't put spaces around the = in assignments (or quote to make it literal).
1070
Error prone
Critical
Parsing stopped here. Mismatched keywords or invalid parentheses?
1071
Error prone
Critical
ShellCheck only supports sh/bash/dash/ksh scripts. Sorry!
1072
Error prone
Critical
Expected 'then'. Fix any mentioned problems and try again.
1073
Error prone
Critical
Couldn't parse this escaped char. Fix to allow more checks.
1075
Error prone
Critical
Use 'elif' instead of 'else if' (or put 'if' on new line if nesting).
1078
Error prone
High
Did you forget to close this double quoted string?
1079
Error prone
Medium
This is actually an end quote
1080
Error prone
Critical
You need \\ before line feeds to break lines in [ ].
1082
Error prone
Critical
This file has a UTF-8 BOM. Remove it with: LC\_CTYPE=C sed '1s/^...//' < yourscript .
1083
Code style
Minor
This } is literal. Check expression (missing ;/\\n?) or quote it.
1084
Error prone
Critical
Use #! and not !# for shebang
1086
Error prone
Critical
Don't use $ on the iterator name in for loops.
1087
Code style
Minor
Use braces when expanding arrays
1088
Error prone
Critical
Parsing stopped here. Invalid use of parentheses?
1089
Error prone
Critical
Parsing stopped here. Is this keyword correctly matched up?
1090
Code style
Minor
Can't follow non-constant source. Use a directive to specify location.
1091
Error prone
Medium
Not following: /etc/os-release was not specified as input (see shellcheck -x).
1095
Error prone
Critical
You need a space or linefeed between the function name and body.
1097
Code style
Minor
Unexpected ==. For assignment
1099
Best practice
Critical
You need a space before the #.
1101
Error prone
Critical
Delete trailing spaces after \\ to break line (or use quotes for literal space).
1102
Error prone
High
Shells disambiguate $(( differently or not at all. For $(command substition)
1104
Error prone
Critical
Use #! and not ! for shebang
1105
Error prone
High
Shells disambiguate (( differently or not at all. For subshell
1110
Error prone
High
This is a unicode quote. Delete and retype it (or quote to make literal).
1111
Error prone
High
This is a unicode quote. Delete and retype it (or ignore/singlequote for literal).
1113
Error prone
Critical
Use #! for the shebang
1114
Code style
Minor
Remove leading spaces before the shebang.
1115
Error prone
Critical
Remove spaces between # and ! in the shebang.
1116
Error prone
Critical
Missing $ on a $((..)) expression? (or use ( ( for arrays).
1117
Code style
Minor
Backslash is literal in \\’". Prefer explicit escaping: "\\\\’"."
1119
Error prone
Critical
Add a linefeed between end token and terminating ')'.
1126
Error prone
Critical
Place shellcheck directives before commands
1127
Error prone
Critical
Was this intended as a comment? Use # in sh.
1128
Error prone
Critical
The shebang must be on the first line. Delete blanks and move comments.
2000
Best practice
Minor
See if you can use ${#variable} instead.
2001
Code style
Minor
See if you can use ${variable//search/replace} instead.
2002
Code style
Minor
Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
2003
Best practice
Minor
expr is antiquated. Consider rewriting this using $((..))
2004
Code style
Minor
$/${} is unnecessary on arithmetic variables.
2005
Code style
Minor
Useless echo? Instead of 'echo $(cmd)'
2006
Best practice
Minor
Use $(...) notation instead of legacy backticked `...`.
2007
Code style
Minor
Use $((..)) instead of deprecated $[..]
2009
Error prone
Medium
Consider using pgrep instead of grepping ps output.
2010
Error prone
High
Don't use ls | grep. Use a glob or a for loop with a condition to allow non-alphanumeric filenames.
2011
Error prone
High
Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames.
2012
Code style
Minor
Use find instead of ls to better handle non-alphanumeric filenames.
2013
Code style
Minor
To read lines rather than words
2014
Error prone
Medium
This will expand once before find runs
2015
Error prone
Medium
Note that A && B || C is not if-then-else. C may run when A is true.
2016
Code style
Minor
Expressions don't expand in single quotes
2017
Error prone
Medium
Increase precision by replacing a/b*c with a*c/b.
2018
Error prone
Medium
Use '[:lower:]' to support accents and foreign alphabets.
2019
Error prone
Medium
Use '[:upper:]' to support accents and foreign alphabets.
2020
Error prone
Medium
tr replaces sets of chars
2021
Error prone
Medium
Don't use [] around classes in tr
2022
Error prone
Medium
Note that unlike globs
2023
Error prone
Medium
The shell may override 'time' as seen in man time(1). Use 'command time ..' for that one.
2024
Error prone
High
sudo doesn't affect redirects. Use sudo cat file | ..
2026
Error prone
Medium
This word is outside of quotes. Did you intend to 'nest ''single quotes'"' instead'? "
2027
Error prone
High
The surrounding quotes actually unquote this. Remove or escape them.
2028
Error prone
Medium
echo won't expand escape sequences. Consider printf.
2029
Error prone
Medium
Expansion on the client side
2030
Error prone
Medium
Modification of RSYSLOG\_VERSION is local (to subshell caused by pipeline).
2031
Error prone
Medium
RSYSLOG\_VERSION was modified in a subshell. That change might be lost.
2032
Error prone
Medium
Use own script or sh -c '..' to run this from sudo.
2033
Error prone
High
Shell functions can't be passed to external commands.
2034
Code style
Minor
START\_OF\_ROOT\_PARTITION appears unused. Verify use (or export if used externally).
2035
Code style
Minor
Use ./*glob* or -- *glob* so names with dashes won't become options.
2036
Error prone
High
If you wanted to assign the output of the pipeline
2038
Code style
Minor
Use -print0/-0 or -exec + to allow for non-alphanumeric filenames.
2039
Code style
Minor
Undefined keyword for POSIX sh
2043
Code style
Minor
This loop will only ever run once for a constant value. Did you perhaps mean to loop over dir/*
2044
Code style
Minor
For loops over find output are fragile. Use find -exec or a while read loop.
2045
Code style
Minor
Iterating over ls output is fragile. Use globs.
2046
Safety
High
Quote this to prevent word splitting.
2048
Code style
Minor
Use $@" (with quotes) to prevent whitespace problems."
2049
Error prone
High
"=~ is for regex, but this looks like a glob. Use = instead."
2050
Error prone
High
This expression is constant. Did you forget the $ on a variable?
2053
Code style
Minor
Quote the right-hand side of != in [[ ]] to prevent glob matching.
2059
Code style
Minor
Don't use variables in the printf format string. Use printf ..\%s.." "$foo"."
2060
Error prone
High
Quote parameters to tr to prevent glob expansion.
2061
Code style
Minor
Quote the parameter to -iname so the shell won't interpret it.
2062
Error prone
High
Quote the grep pattern so the shell won't interpret it.
2063
Error prone
High
Grep uses regex
2064
Code style
Minor
Use single quotes
2066
Error prone
Critical
Since you double quoted this
2067
Error prone
Critical
Missing ';' or + terminating -exec. You can't use |/||/&&
2068
Code style
Minor
Double quote array expansions to avoid re-splitting elements.
2069
Error prone
High
To redirect stdout+stderr
2070
Error prone
Critical
-n doesn't work with unquoted arguments. Quote or use [[ ]].
2071
Code style
Minor
> is for string comparisons. Use -gt instead.
2072
Error prone
Critical
Decimals are not supported. Either use integers only
2076
Error prone
Critical
Don't quote rhs of =~
2077
Error prone
Critical
You need spaces around the comparison operator.
2078
Error prone
Critical
This expression is constant. Did you forget a $ somewhere?
2081
Error prone
Critical
[ .. ] can't match globs. Use [[ .. ]] or case statement.
2082
Error prone
Critical
To expand via indirection
2086
Safety
High
Double quote to prevent globbing and word splitting.
2087
Error prone
High
Quote 'VS\_CMDS' to make here document expansions happen on the server side rather than on the client.
2088
Error prone
High
Tilde does not expand in quotes. Use $HOME.
2089
Code style
Minor
Quotes/backslashes will be treated literally. Use an array.
2090
Code style
Minor
Quotes/backslashes in this variable will not be respected.
2091
Code style
Minor
Remove surrounding $() to avoid executing output.
2092
Error prone
High
Remove backticks to avoid executing output.
2093
Error prone
High
Remove exec " if script should continue after this command."
2094
Code style
Minor
Make sure not to read and write the same file in the same pipeline.
2096
Error prone
Critical
On most OS, shebangs can only specify a single parameter
2097
Error prone
High
This assignment is only seen by the forked process.
2098
Error prone
High
This expansion will not see the mentioned assignment.
2100
Error prone
High
Use $((..)) for arithmetics
2102
Error prone
Medium
Ranges can only match single chars (mentioned due to duplicates).
2103
Code style
Minor
Use a ( subshell ) to avoid having to cd back.
2104
Error prone
Critical
In functions, use return instead of break
2105
Error prone
Critical
continue is only valid in loops.
2112
Code style
Minor
function' keyword is non-standard. Delete it.
2113
Error prone
High
function' keyword is non-standard. Use 'foo()' instead of 'function foo'.
2115
Error prone
High
Use ${var:?}" to ensure this never expands to /usr ."
2116
Code style
Minor
Useless echo? Instead of 'cmd $(echo foo)'
2119
Code style
Minor
Use start\_mysql $@" if function's $1 should mean script's $1."
2120
Code style
Minor
A function references arguments but no argument is passed
2121
Code style
Minor
To assign a variable, do not use set
2124
Error prone
High
Assigning an array to a string! Assign as array
2125
Error prone
High
Brace expansions and globs are literal in assignments. Quote it or use an array.
2126
Error prone
Minor
Consider using grep -c instead of grep|wc -l.
2128
Code style
Minor
Expanding an array without an index only gives the first element.
2129
Code style
Minor
Consider using { cmd1; cmd2; } >> file instead of individual redirects.
2139
Error prone
High
This expands when defined
2140
Code style
Minor
Word is of the form A"B"C" (B indicated). Did you mean "ABC" or "A\\"B\\"C"?"
2142
Error prone
Critical
Aliases can't use positional parameters. Use a function.
2143
Error prone
Minor
Use egrep -q instead of comparing output with [ -n .. ].
2144
Error prone
Critical
-e doesn't work with globs. Use a for loop.
2145
Code style
Minor
Argument mixes string and array. Use * or separate argument.
2146
Error prone
High
This action ignores everything before the -o. Use \\( \\) to group.
2148
Code style
Minor
Tips depend on target shell and yours is unknown. Add a shebang.
2152
Error prone
Critical
Can only return 0-255. Other data should be written to stdout.
2153
Code style
Minor
Possible misspelling: FGREP may not be assigned
2154
Code style
Minor
xtra is referenced but not assigned.
2155
Code style
Minor
Declare and assign separately to avoid masking return values.
2156
Error prone
High
Injecting filenames is fragile and insecure. Use parameters.
2157
Error prone
Critical
Argument to -z is always false due to literal strings.
2160
Error prone
Minor
Instead of '[ true ]', just use 'true'
2161
Error prone
Minor
Instead of '[ 1 ]', just use '1'
2162
Code style
Minor
read without -r will mangle backslashes.
2163
Code style
Minor
This does not export 'atom\_env\_pair'. Remove $/${} for that
2164
Code style
Minor
Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
2165
Error prone
High
This nested loop overrides the index variable of its parent.
2166
Error prone
Medium
Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
2167
Error prone
High
This parent loop has its index variable overridden.
2168
Error prone
Critical
local' is only valid in functions.
2169
Error prone
High
Not supported in dash
2171
Error prone
High
Found trailing ] outside test. Missing [?
2172
Error prone
High
Trapping signals by number is not well defined. Prefer signal names.
2173
Error prone
Critical
SIGKILL/SIGSTOP can not be trapped.
2174
Error prone
High
When used with -p
2175
Error prone
Minor
Quote this invalid brace expansion since it should be passed literally to eval.
2176
Error prone
High
time' is undefined for pipelines. time single stage or bash -c instead.
2178
Error prone
High
Variable was used as an array but is now assigned a string.
2179
Error prone
High
Use array+=(item") to append items to an array."
2181
Code style
Minor
Check exit code directly with e.g. 'if mycmd;'
2183
Error prone
High
This format string has 1 variables
2184
Error prone
High
Quote arguments to unset so they're not glob expanded.
2185
Code style
Minor
Some finds don't have a default path. Specify '.' explicitly.
2186
Code style
Minor
tempfile is deprecated. Use mktemp instead.
2187
Error prone
High
Ash scripts will be checked as Dash. Add '# shellcheck shell=dash' to silence.
2188
Error prone
High
This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
2190
Error prone
High
Elements in associative arrays need index
2191
Code style
Minor
The = here is literal. To assign by index
2193
Error prone
High
The arguments to this comparison can never be equal. Make sure your syntax is correct.
2194
Error prone
High
This word is constant. Did you forget the $ on a variable?
2195
Error prone
High
This pattern will never match the case statement's word. Double check them.
2196
Best practice
Minor
egrep is non-standard and deprecated. Use grep -E instead.
2197
Error prone
Medium
fgrep is non-standard and deprecated. Use grep -F instead.
2198
Code style
Minor
Arrays don't work as operands in [ ]. Use a loop (or concatenate with * instead of @).
2199
Error prone
Critical
Arrays implicitly concatenate in [[ ]]. Use a loop (or explicit * instead of @).
2203
Error prone
Critical
Globs are ignored in [[ ]] except right of =/!=. Use a loop.
2206
Code style
Minor
Quote to prevent word splitting/globbing
2207
Code style
Minor
Prefer mapfile or read -a to split command output (or quote to avoid splitting).
2209
Code style
Minor
Use var=$(command) to assign output (or quote to assign string).
2210
Error prone
High
This is a file redirection. Was it supposed to be a comparison or fd operation?
2211
Error prone
High
This is a glob used as a command name. Was it supposed to be in ${..}
2213
Error prone
High
getopts specified -v
2214
Error prone
High
This case is not specified by getopts.
2215
Error prone
High
This flag is used as a command name. Bad line break or missing [ .. ]?
2216
Error prone
High
Piping to 'rm', a command that doesn't read stdin. Wrong command or missing xargs?
2217
Error prone
High
Redirecting to 'true'
2219
Code style
Minor
Instead of 'let expr'
2220
Error prone
High
Invalid flags are not handled. Add a *) case.
2221
Error prone
High
This pattern always overrides a later one.
2222
Error prone
High
This pattern never matches because of a previous pattern.
2223
Code style
Minor
This default assignment may cause DoS due to globbing. Quote it.
2225
Error prone
Critical
This cp has no destination. Check the arguments.
2226
Error prone
High
This ln has no destination. Check the arguments
2230
Code style
Minor
which is a non-standard tool. Use builtin 'command -v' instead.
2231
Code style
Minor
Quote expansions in this for loop glob to prevent wordsplitting
2232
Error prone
High
Can't use sudo with builtins like cd. Did you want sudo sh -c .. instead?
2233
Error prone
Minor
Remove superfluous (..) around condition.
2234
Error prone
Minor
Remove superfluous (..) around test command.
2235
Error prone
Minor
Use { ..; } instead of (..) to avoid subshell overhead.
2236
Error prone
Minor
Use -n instead of ! -z.
2237
Error prone
Minor
Use [ -n .. ] instead of ! [ -z .. ].
2242
Error prone
Critical
Can only exit with status 0-255. Other data should be written to stdout/stderr.
2239
Best practice
High
Ensure the shebang uses an absolute path to the interpreter
2254
Best practice
Medium
Quote expansions in case patterns to match literally rather than as a glob
2057
Error prone
High
Detect unknown binary operator
1133
Code style
Medium
Unexpected start of line. If breaking lines, |/||/&& should be at the end of the previous one.
1112
Error prone
Medium
This is a unicode quote. Delete and retype it (or ignore/doublequote for literal).
2041
Best practice
High
To run as a command, use $(..) instead of '..'
2218
Error prone
Medium
This function is only defined later. Move the definition up.
2238
Best practice
Medium
Redirecting to/from command name instead of file. Did you want pipes/xargs (or quote to ignore)?
2229
Error prone
Medium
This does not read foo. Remove $/${} for that, or use ${var?} to quiet
2065
Error prone
Medium
This is interpreted as a shell file redirection, not a comparison
2246
Error prone
Critical
This shebang specifies a directory. Ensure the interpreter is a file
1039
Code style
Minor
Remove indentation before end token
1108
Code style
High
You need a space before and after the =
2107
Best practice
High
Instead of [ a && b ], use [ a ] && [ b ]