facebook pixelShell Static Analysis Rules
BACK TO LIST

Shell rules

Bash, zsh, ksh: regardless what Shell you use, Codiga got you covered. With hundreds of rules, the Codiga Static Engine checks for any issue in your shell script and surfaces issues in your Shell codebase.

      1007

      Error prone
      High

      Remove space after = if trying to assign a value (for empty string

      1010

      Error prone
      High

      Use semicolon or linefeed before 'fi' (or quote to make it literal).

      1012

      Error prone
      High

      \\r is just literal 'r' here. For carriage return

      1014

      Error prone
      High

      Use 'if cmd; then ..' to check exit code

      1078

      Error prone
      High

      Did you forget to close this double quoted string?

      1102

      Error prone
      High

      Shells disambiguate $(( differently or not at all. For $(command substition)

      1105

      Error prone
      High

      Shells disambiguate (( differently or not at all. For subshell

      Learn more

      1110

      Error prone
      High

      This is a unicode quote. Delete and retype it (or quote to make literal).

      1111

      Error prone
      High

      This is a unicode quote. Delete and retype it (or ignore/singlequote for literal).

      2010

      Error prone
      High

      Don't use ls | grep. Use a glob or a for loop with a condition to allow non-alphanumeric filenames.

      2011

      Error prone
      High

      Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames.

      2024

      Error prone
      High

      sudo doesn't affect redirects. Use sudo cat file | ..

      2027

      Error prone
      High

      The surrounding quotes actually unquote this. Remove or escape them.

      2033

      Error prone
      High

      Shell functions can't be passed to external commands.

      2036

      Error prone
      High

      If you wanted to assign the output of the pipeline

      2049

      Error prone
      High

      "=~ is for regex, but this looks like a glob. Use = instead."

      2050

      Error prone
      High

      This expression is constant. Did you forget the $ on a variable?

      2060

      Error prone
      High

      Quote parameters to tr to prevent glob expansion.

      2062

      Error prone
      High

      Quote the grep pattern so the shell won't interpret it.

      2063

      Error prone
      High

      Grep uses regex

      2069

      Error prone
      High

      To redirect stdout+stderr

      2087

      Error prone
      High

      Quote 'VS\_CMDS' to make here document expansions happen on the server side rather than on the client.

      2088

      Error prone
      High

      Tilde does not expand in quotes. Use $HOME.

      2092

      Error prone
      High

      Remove backticks to avoid executing output.

      2093

      Error prone
      High

      Remove exec " if script should continue after this command."

      2097

      Error prone
      High

      This assignment is only seen by the forked process.

      2098

      Error prone
      High

      This expansion will not see the mentioned assignment.

      2100

      Error prone
      High

      Use $((..)) for arithmetics

      2113

      Error prone
      High

      function' keyword is non-standard. Use 'foo()' instead of 'function foo'.

      2115

      Error prone
      High

      Use ${var:?}" to ensure this never expands to /usr ."

      2124

      Error prone
      High

      Assigning an array to a string! Assign as array

      2125

      Error prone
      High

      Brace expansions and globs are literal in assignments. Quote it or use an array.

      2139

      Error prone
      High

      This expands when defined

      2146

      Error prone
      High

      This action ignores everything before the -o. Use \\( \\) to group.

      2156

      Error prone
      High

      Injecting filenames is fragile and insecure. Use parameters.

      2165

      Error prone
      High

      This nested loop overrides the index variable of its parent.

      2167

      Error prone
      High

      This parent loop has its index variable overridden.

      2169

      Error prone
      High

      Not supported in dash

      2171

      Error prone
      High

      Found trailing ] outside test. Missing [?

      2172

      Error prone
      High

      Trapping signals by number is not well defined. Prefer signal names.

      2174

      Error prone
      High

      When used with -p

      2176

      Error prone
      High

      time' is undefined for pipelines. time single stage or bash -c instead.

      2178

      Error prone
      High

      Variable was used as an array but is now assigned a string.

      2179

      Error prone
      High

      Use array+=(item") to append items to an array."

      2183

      Error prone
      High

      This format string has 1 variables

      2184

      Error prone
      High

      Quote arguments to unset so they're not glob expanded.

      2187

      Error prone
      High

      Ash scripts will be checked as Dash. Add '# shellcheck shell=dash' to silence.

      2188

      Error prone
      High

      This redirection doesn't have a command. Move to its command (or use 'true' as no-op).

      2190

      Error prone
      High

      Elements in associative arrays need index

      2193

      Error prone
      High

      The arguments to this comparison can never be equal. Make sure your syntax is correct.

      2194

      Error prone
      High

      This word is constant. Did you forget the $ on a variable?

      2195

      Error prone
      High

      This pattern will never match the case statement's word. Double check them.

      2210

      Error prone
      High

      This is a file redirection. Was it supposed to be a comparison or fd operation?

      2211

      Error prone
      High

      This is a glob used as a command name. Was it supposed to be in ${..}

      2213

      Error prone
      High

      getopts specified -v

      2214

      Error prone
      High

      This case is not specified by getopts.

      2215

      Error prone
      High

      This flag is used as a command name. Bad line break or missing [ .. ]?

      2216

      Error prone
      High

      Piping to 'rm', a command that doesn't read stdin. Wrong command or missing xargs?

      2217

      Error prone
      High

      Redirecting to 'true'

      2220

      Error prone
      High

      Invalid flags are not handled. Add a *) case.

      2221

      Error prone
      High

      This pattern always overrides a later one.

      2222

      Error prone
      High

      This pattern never matches because of a previous pattern.

      2226

      Error prone
      High

      This ln has no destination. Check the arguments

      2232

      Error prone
      High

      Can't use sudo with builtins like cd. Did you want sudo sh -c .. instead?

      2057

      Error prone
      High

      Detect unknown binary operator