1001
Error prone
Warning
This \\N will be a regular 'N' in this context.
BACK TO LIST
Shell rules
Bash, zsh, ksh: regardless what Shell you use, Codiga got you covered. With hundreds of rules, the Codiga Static Engine checks for any issue in your shell script and surfaces issues in your Shell codebase.
1003
Error prone
Warning
Want to escape a single quote? echo 'This is how it'\\''s done'.
1004
Error prone
Warning
This backslash+linefeed is literal. Break outside single quotes if you just want to break the line.
1007
Error prone
Error
Remove space after = if trying to assign a value (for empty string
1008
Code style
Informational
This shebang was unrecognized. Note that ShellCheck only handles sh/bash/dash/ksh.
1009
Error prone
Warning
The mentioned syntax error was in this elif clause.
1010
Error prone
Error
Use semicolon or linefeed before 'fi' (or quote to make it literal).
1012
Error prone
Error
\\r is just literal 'r' here. For carriage return
1014
Error prone
Error
Use 'if cmd; then ..' to check exit code
1017
Error prone
Critical
Literal carriage return. Run script through tr -d '\\r' .
1018
Error prone
Critical
This is a unicode non-breaking space. Delete and retype it.
1019
Error prone
Critical
Expected this to be an argument to the unary condition.
1020
Error prone
Critical
You need a space before the ]].
1035
Error prone
Critical
You are missing a required space after the !.
1036
Error prone
Critical
(' is invalid here. Did you forget to escape it?
1046
Error prone
Critical
Couldn't find 'fi' for this 'if'.
1047
Error prone
Critical
Expected 'fi' matching previously mentioned 'if'.
1048
Error prone
Critical
Can't have empty else clauses (use 'true' as a no-op).
1049
Error prone
Critical
Did you forget the 'then' for this 'if'?
1050
Error prone
Critical
Expected 'then'.
1054
Error prone
Critical
You need a space after the '{'.
1055
Error prone
Critical
You need at least one command here. Use 'true;' as a no-op.
1056
Error prone
Critical
Expected a '}'. If you have one
1058
Error prone
Critical
Expected 'do'.
1061
Error prone
Critical
Couldn't find 'done' for this 'do'.
1062
Error prone
Critical
Expected 'done' matching previously mentioned 'do'.
1064
Error prone
Critical
Expected a { to open the function definition.
1065
Error prone
Critical
Trying to declare parameters? Don't. Use () and refer to params as $1
1066
Error prone
Critical
Don't use $ on the left side of assignments.
1068
Code style
Informational
Don't put spaces around the = in assignments (or quote to make it literal).
1070
Error prone
Critical
Parsing stopped here. Mismatched keywords or invalid parentheses?
1071
Error prone
Critical
ShellCheck only supports sh/bash/dash/ksh scripts. Sorry!
1072
Error prone
Critical
Expected 'then'. Fix any mentioned problems and try again.
1073
Error prone
Critical
Couldn't parse this escaped char. Fix to allow more checks.
1075
Error prone
Critical
Use 'elif' instead of 'else if' (or put 'if' on new line if nesting).
1078
Error prone
Error
Did you forget to close this double quoted string?
1079
Error prone
Warning
This is actually an end quote
1080
Error prone
Critical
You need \\ before line feeds to break lines in [ ].
1082
Error prone
Critical
This file has a UTF-8 BOM. Remove it with: LC\_CTYPE=C sed '1s/^...//' < yourscript .
1083
Code style
Informational
This } is literal. Check expression (missing ;/\\n?) or quote it.
1084
Error prone
Critical
Use #! and not !# for shebang
1086
Error prone
Critical
Don't use $ on the iterator name in for loops.
1087
Code style
Informational
Use braces when expanding arrays
1088
Error prone
Critical
Parsing stopped here. Invalid use of parentheses?
1089
Error prone
Critical
Parsing stopped here. Is this keyword correctly matched up?
1090
Code style
Informational
Can't follow non-constant source. Use a directive to specify location.
1091
Error prone
Warning
Not following: /etc/os-release was not specified as input (see shellcheck -x).
1095
Error prone
Critical
You need a space or linefeed between the function name and body.
1097
Code style
Informational
Unexpected ==. For assignment
1099
Best practice
Critical
You need a space before the #.
1101
Error prone
Critical
Delete trailing spaces after \\ to break line (or use quotes for literal space).
1102
Error prone
Error
Shells disambiguate $(( differently or not at all. For $(command substition)
1104
Error prone
Critical
Use #! and not ! for shebang
1105
Error prone
Error
Shells disambiguate (( differently or not at all. For subshell
1110
Error prone
Error
This is a unicode quote. Delete and retype it (or quote to make literal).
1111
Error prone
Error
This is a unicode quote. Delete and retype it (or ignore/singlequote for literal).
1113
Error prone
Critical
Use #! for the shebang
1114
Code style
Informational
Remove leading spaces before the shebang.
1115
Error prone
Critical
Remove spaces between # and ! in the shebang.
1116
Error prone
Critical
Missing $ on a $((..)) expression? (or use ( ( for arrays).
1117
Code style
Informational
Backslash is literal in \\’". Prefer explicit escaping: "\\\\’"."
1119
Error prone
Critical
Add a linefeed between end token and terminating ')'.
1126
Error prone
Critical
Place shellcheck directives before commands
1127
Error prone
Critical
Was this intended as a comment? Use # in sh.
1128
Error prone
Critical
The shebang must be on the first line. Delete blanks and move comments.
2000
Best practice
Informational
See if you can use ${#variable} instead.
2001
Code style
Informational
See if you can use ${variable//search/replace} instead.
2002
Code style
Informational
Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.
2003
Best practice
Informational
expr is antiquated. Consider rewriting this using $((..))
2004
Code style
Informational
$/${} is unnecessary on arithmetic variables.
2005
Code style
Informational
Useless echo? Instead of 'echo $(cmd)'
2006
Best practice
Informational
Use $(...) notation instead of legacy backticked `...`.
2007
Code style
Informational
Use $((..)) instead of deprecated $[..]
2009
Error prone
Warning
Consider using pgrep instead of grepping ps output.
2010
Error prone
Error
Don't use ls | grep. Use a glob or a for loop with a condition to allow non-alphanumeric filenames.
2011
Error prone
Error
Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames.
2012
Code style
Informational
Use find instead of ls to better handle non-alphanumeric filenames.
2013
Code style
Informational
To read lines rather than words
2014
Error prone
Warning
This will expand once before find runs
2015
Error prone
Warning
Note that A && B || C is not if-then-else. C may run when A is true.
2016
Code style
Informational
Expressions don't expand in single quotes
2017
Error prone
Warning
Increase precision by replacing a/b*c with a*c/b.
2018
Error prone
Warning
Use '[:lower:]' to support accents and foreign alphabets.
2019
Error prone
Warning
Use '[:upper:]' to support accents and foreign alphabets.
2020
Error prone
Warning
tr replaces sets of chars
2021
Error prone
Warning
Don't use [] around classes in tr
2022
Error prone
Warning
Note that unlike globs
2023
Error prone
Warning
The shell may override 'time' as seen in man time(1). Use 'command time ..' for that one.
2024
Error prone
Error
sudo doesn't affect redirects. Use sudo cat file | ..
2026
Error prone
Warning
This word is outside of quotes. Did you intend to 'nest ''single quotes'"' instead'? "
2027
Error prone
Error
The surrounding quotes actually unquote this. Remove or escape them.
2028
Error prone
Warning
echo won't expand escape sequences. Consider printf.
2029
Error prone
Warning
Expansion on the client side
2030
Error prone
Warning
Modification of RSYSLOG\_VERSION is local (to subshell caused by pipeline).
2031
Error prone
Warning
RSYSLOG\_VERSION was modified in a subshell. That change might be lost.
2032
Error prone
Warning
Use own script or sh -c '..' to run this from sudo.
2033
Error prone
Error
Shell functions can't be passed to external commands.
2034
Code style
Informational
Variable appears unused. Verify use (or export if used externally).
2035
Code style
Informational
Use ./*glob* or -- *glob* so names with dashes won't become options.
2036
Error prone
Error
If you wanted to assign the output of the pipeline
2038
Code style
Informational
Use -print0/-0 or -exec + to allow for non-alphanumeric filenames.
2039
Code style
Informational
Undefined keyword for POSIX sh
2043
Code style
Informational
This loop will only ever run once for a constant value. Did you perhaps mean to loop over dir/*
2044
Code style
Informational
For loops over find output are fragile. Use find -exec or a while read loop.
2045
Code style
Informational
Iterating over ls output is fragile. Use globs.
2046
Safety
Error
Quote this to prevent word splitting.
2048
Code style
Informational
Use $@" (with quotes) to prevent whitespace problems."
2049
Error prone
Error
"=~ is for regex, but this looks like a glob. Use = instead."
2050
Error prone
Error
This expression is constant. Did you forget the $ on a variable?
2053
Code style
Informational
Quote the right-hand side of != in [[ ]] to prevent glob matching.
2059
Code style
Informational
Don't use variables in the printf format string. Use printf ..\%s.." "$foo"."
2060
Error prone
Error
Quote parameters to tr to prevent glob expansion.
2061
Code style
Informational
Quote the parameter to -iname so the shell won't interpret it.
2062
Error prone
Error
Quote the grep pattern so the shell won't interpret it.
2063
Error prone
Error
Grep uses regex
2064
Code style
Informational
Use single quotes
2066
Error prone
Critical
Since you double quoted this
2067
Error prone
Critical
Missing ';' or + terminating -exec. You can't use |/||/&&
2068
Code style
Informational
Double quote array expansions to avoid re-splitting elements.
2069
Error prone
Error
To redirect stdout+stderr
2070
Error prone
Critical
-n doesn't work with unquoted arguments. Quote or use [[ ]].
2071
Code style
Informational
> is for string comparisons. Use -gt instead.
2072
Error prone
Critical
Decimals are not supported. Either use integers only
2076
Error prone
Critical
Don't quote rhs of =~
2077
Error prone
Critical
You need spaces around the comparison operator.
2078
Error prone
Critical
This expression is constant. Did you forget a $ somewhere?
2081
Error prone
Critical
[ .. ] can't match globs. Use [[ .. ]] or case statement.
2082
Error prone
Critical
To expand via indirection
2086
Safety
Error
Double quote to prevent globbing and word splitting.
2087
Error prone
Error
Quote 'VS\_CMDS' to make here document expansions happen on the server side rather than on the client.
2088
Error prone
Error
Tilde does not expand in quotes. Use $HOME.
2089
Code style
Informational
Quotes/backslashes will be treated literally. Use an array.
2090
Code style
Informational
Quotes/backslashes in this variable will not be respected.
2091
Code style
Informational
Remove surrounding $() to avoid executing output.
2092
Error prone
Error
Remove backticks to avoid executing output.
2093
Error prone
Error
Remove exec " if script should continue after this command."
2094
Code style
Informational
Make sure not to read and write the same file in the same pipeline.
2096
Error prone
Critical
On most OS, shebangs can only specify a single parameter
2097
Error prone
Error
This assignment is only seen by the forked process.
2098
Error prone
Error
This expansion will not see the mentioned assignment.
2100
Error prone
Error
Use $((..)) for arithmetics
2102
Error prone
Warning
Ranges can only match single chars (mentioned due to duplicates).
2103
Code style
Informational
Use a ( subshell ) to avoid having to cd back.
2104
Error prone
Critical
In functions, use return instead of break
2105
Error prone
Critical
continue is only valid in loops.
2112
Code style
Informational
function' keyword is non-standard. Delete it.
2113
Error prone
Error
function' keyword is non-standard. Use 'foo()' instead of 'function foo'.
2115
Error prone
Error
Use ${var:?}" to ensure this never expands to /usr ."
2116
Code style
Informational
Useless echo? Instead of 'cmd $(echo foo)'
2119
Code style
Informational
Use $@" if function's $1 should mean script's $1."
2120
Code style
Informational
A function references arguments but no argument is passed
2121
Code style
Informational
To assign a variable, do not use set
2124
Error prone
Error
Assigning an array to a string! Assign as array
2125
Error prone
Error
Brace expansions and globs are literal in assignments. Quote it or use an array.
2126
Error prone
Informational
Consider using grep -c instead of grep|wc -l.
2128
Code style
Informational
Expanding an array without an index only gives the first element.
2129
Code style
Informational
Consider using { cmd1; cmd2; } >> file instead of individual redirects.
2139
Error prone
Error
This expands when defined
2140
Code style
Informational
Word is of the form A"B"C" (B indicated). Did you mean "ABC" or "A\\"B\\"C"?"
2142
Error prone
Critical
Aliases can't use positional parameters. Use a function.
2143
Error prone
Informational
Use egrep -q instead of comparing output with [ -n .. ].
2144
Error prone
Critical
-e doesn't work with globs. Use a for loop.
2145
Code style
Informational
Argument mixes string and array. Use * or separate argument.
2146
Error prone
Error
This action ignores everything before the -o. Use \\( \\) to group.
2148
Code style
Informational
Tips depend on target shell and yours is unknown. Add a shebang.
2152
Error prone
Critical
Can only return 0-255. Other data should be written to stdout.
2153
Code style
Informational
Possible misspelling: FGREP may not be assigned
2154
Code style
Informational
xtra is referenced but not assigned.
2155
Code style
Informational
Declare and assign separately to avoid masking return values.
2156
Error prone
Error
Injecting filenames is fragile and insecure. Use parameters.
2157
Error prone
Critical
Argument to -z is always false due to literal strings.
2160
Error prone
Informational
Instead of '[ true ]', just use 'true'
2161
Error prone
Informational
Instead of '[ 1 ]', just use '1'
2162
Code style
Informational
read without -r will mangle backslashes.
2163
Code style
Informational
This does not export 'atom\_env\_pair'. Remove $/${} for that
2164
Code style
Informational
Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
2165
Error prone
Error
This nested loop overrides the index variable of its parent.
2166
Error prone
Warning
Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.
2167
Error prone
Error
This parent loop has its index variable overridden.
2168
Error prone
Critical
local' is only valid in functions.
2169
Error prone
Error
Not supported in dash
2171
Error prone
Error
Found trailing ] outside test. Missing [?
2172
Error prone
Error
Trapping signals by number is not well defined. Prefer signal names.
2173
Error prone
Critical
SIGKILL/SIGSTOP can not be trapped.
2174
Error prone
Error
When used with -p
2175
Error prone
Informational
Quote this invalid brace expansion since it should be passed literally to eval.
2176
Error prone
Error
time' is undefined for pipelines. time single stage or bash -c instead.
2178
Error prone
Error
Variable was used as an array but is now assigned a string.
2179
Error prone
Error
Use array+=(item") to append items to an array."
2181
Code style
Informational
Check exit code directly with e.g. 'if mycmd;'
2183
Error prone
Error
This format string has 1 variables
2184
Error prone
Error
Quote arguments to unset so they're not glob expanded.
2185
Code style
Informational
Some finds don't have a default path. Specify '.' explicitly.
2186
Code style
Informational
tempfile is deprecated. Use mktemp instead.
2187
Error prone
Error
Ash scripts will be checked as Dash. Add '# shellcheck shell=dash' to silence.
2188
Error prone
Error
This redirection doesn't have a command. Move to its command (or use 'true' as no-op).
2190
Error prone
Error
Elements in associative arrays need index
2191
Code style
Informational
The = here is literal. To assign by index
2193
Error prone
Error
The arguments to this comparison can never be equal. Make sure your syntax is correct.
2194
Error prone
Error
This word is constant. Did you forget the $ on a variable?
2195
Error prone
Error
This pattern will never match the case statement's word. Double check them.
2196
Best practice
Informational
egrep is non-standard and deprecated. Use grep -E instead.
2197
Error prone
Warning
fgrep is non-standard and deprecated. Use grep -F instead.
2198
Code style
Informational
Arrays don't work as operands in [ ]. Use a loop (or concatenate with * instead of @).
2199
Error prone
Critical
Arrays implicitly concatenate in [[ ]]. Use a loop (or explicit * instead of @).
2203
Error prone
Critical
Globs are ignored in [[ ]] except right of =/!=. Use a loop.
2206
Code style
Informational
Quote to prevent word splitting/globbing
2207
Code style
Informational
Prefer mapfile or read -a to split command output (or quote to avoid splitting).
2209
Code style
Informational
Use var=$(command) to assign output (or quote to assign string).
2210
Error prone
Error
This is a file redirection. Was it supposed to be a comparison or fd operation?
2211
Error prone
Error
This is a glob used as a command name. Was it supposed to be in ${..}
2213
Error prone
Error
getopts specified -v
2214
Error prone
Error
This case is not specified by getopts.
2215
Error prone
Error
This flag is used as a command name. Bad line break or missing [ .. ]?
2216
Error prone
Error
Piping to 'rm', a command that doesn't read stdin. Wrong command or missing xargs?
2217
Error prone
Error
Redirecting to 'true'
2219
Code style
Informational
Instead of 'let expr'
2220
Error prone
Error
Invalid flags are not handled. Add a *) case.
2221
Error prone
Error
This pattern always overrides a later one.
2222
Error prone
Error
This pattern never matches because of a previous pattern.
2223
Code style
Informational
This default assignment may cause DoS due to globbing. Quote it.
2225
Error prone
Critical
This cp has no destination. Check the arguments.
2226
Error prone
Error
This ln has no destination. Check the arguments
2230
Code style
Informational
which is a non-standard tool. Use builtin 'command -v' instead.
2231
Code style
Informational
Quote expansions in this for loop glob to prevent wordsplitting
2232
Error prone
Error
Can't use sudo with builtins like cd. Did you want sudo sh -c .. instead?
2233
Error prone
Informational
Remove superfluous (..) around condition.
2234
Error prone
Informational
Remove superfluous (..) around test command.
2235
Error prone
Informational
Use { ..; } instead of (..) to avoid subshell overhead.
2236
Error prone
Informational
Use -n instead of ! -z.
2237
Error prone
Informational
Use [ -n .. ] instead of ! [ -z .. ].
2242
Error prone
Critical
Can only exit with status 0-255. Other data should be written to stdout/stderr.
2239
Best practice
Error
Ensure the shebang uses an absolute path to the interpreter
2254
Best practice
Warning
Quote expansions in case patterns to match literally rather than as a glob
2057
Error prone
Error
Detect unknown binary operator
1133
Code style
Warning
Unexpected start of line. If breaking lines, |/||/&& should be at the end of the previous one.
1112
Error prone
Warning
This is a unicode quote. Delete and retype it (or ignore/doublequote for literal).
2041
Best practice
Error
To run as a command, use $(..) instead of '..'
2218
Error prone
Warning
This function is only defined later. Move the definition up.
2238
Best practice
Warning
Redirecting to/from command name instead of file. Did you want pipes/xargs (or quote to ignore)?
2229
Error prone
Warning
This does not read foo. Remove $/${} for that, or use ${var?} to quiet
2065
Error prone
Warning
This is interpreted as a shell file redirection, not a comparison
2246
Error prone
Critical
This shebang specifies a directory. Ensure the interpreter is a file
1039
Code style
Informational
Remove indentation before end token
1108
Code style
Error
You need a space before and after the =
2107
Best practice
Error
Instead of [ a && b ], use [ a ] && [ b ]
1130
Code style
Warning
Need a space before :
2227
Error prone
Warning
Redirection applies to the find command itself.
2170
Error prone
Warning
Invalid number for -eq. Use = to compare as string