From 052033bf781a1c90b5159d62dc7ff19944854776 Mon Sep 17 00:00:00 2001 From: Christian Schmidbauer Date: Mon, 15 Nov 2021 18:35:06 +0100 Subject: [PATCH 1/3] Be more strict about matching shebangs in files Require a valid shebang in the first line of a file to be validated by shellcheck. This allows embedding shell snippets in e.g. markdown files. --- script.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/script.sh b/script.sh index 8d9e50e..5c2f9df 100755 --- a/script.sh +++ b/script.sh @@ -37,10 +37,10 @@ done <<< "${INPUT_EXCLUDE:-}" # Match all files matching the pattern files_with_pattern=$(find "${paths[@]}" "${excludes[@]}" -type f "${names[@]}") -# Match all files with a shebang (e.g. "#!/usr/bin/env zsh" or even "#!/my/path/bash") in the first two lines +# Match all files with a shebang (e.g. "#!/usr/bin/env zsh" or even "#!/my/path/bash") in the first line of a file # Ignore files which match "$pattern" in order to avoid duplicates if [ "${INPUT_CHECK_ALL_FILES_WITH_SHEBANGS}" = "true" ]; then - files_with_shebang=$(find "${paths[@]}" "${excludes[@]}" -not "${names[@]}" -type f -print0 | xargs -0 grep -m2 -IrlZ "^#\\!/.*sh" | xargs -r -0 echo) + files_with_shebang=$(find "${paths[@]}" "${excludes[@]}" -not "${names[@]}" -type f -print0 | xargs -0 awk 'FNR==1 && /#!\/.*sh/ { print FILENAME }') fi # Exit early if no files have been found From e91d00b47bcbcd35eb8ecf525d3e88de53e5be17 Mon Sep 17 00:00:00 2001 From: Christian Schmidbauer Date: Mon, 15 Nov 2021 18:45:32 +0100 Subject: [PATCH 2/3] Add testcase for shebang parameters --- .github/workflows/reviewdog.yml | 14 ++++++++++++++ testdata/non-sh-test | 4 ++++ 2 files changed, 18 insertions(+) create mode 100644 testdata/non-sh-test diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 2e2ee3d..5c8a406 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -29,3 +29,17 @@ jobs: pattern: '*.sh' path: '.' exclude: './testdata/*' + - name: shellcheck-shebang-check + uses: ./ + with: + github_token: ${{ secrets.github_token }} + filter_mode: nofilter + pattern: | + *.sh + path: | + . + ./testdata + exclude: | + ./testdata/test.sh + */.git/* + check_all_files_with_shebangs: true diff --git a/testdata/non-sh-test b/testdata/non-sh-test new file mode 100644 index 0000000..eda7863 --- /dev/null +++ b/testdata/non-sh-test @@ -0,0 +1,4 @@ +#!/usr/bin/env ksh +# shellcheck enable=all + +echo "${1}" From 29277ead5be9b099e259640970f342c584b52d0f Mon Sep 17 00:00:00 2001 From: Christian Schmidbauer Date: Mon, 15 Nov 2021 19:37:48 +0100 Subject: [PATCH 3/3] Be more relaxed on the type of shebang in scripts Only require the absolute minimum shebang for shellcheck to validate it https://github.com/torvalds/linux/blob/v5.15/fs/binfmt_script.c#L41 --- script.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/script.sh b/script.sh index 5c2f9df..e89cb82 100755 --- a/script.sh +++ b/script.sh @@ -37,10 +37,10 @@ done <<< "${INPUT_EXCLUDE:-}" # Match all files matching the pattern files_with_pattern=$(find "${paths[@]}" "${excludes[@]}" -type f "${names[@]}") -# Match all files with a shebang (e.g. "#!/usr/bin/env zsh" or even "#!/my/path/bash") in the first line of a file +# Match all files with a shebang (e.g. "#!/usr/bin/env zsh" or even "#!bash") in the first line of a file # Ignore files which match "$pattern" in order to avoid duplicates if [ "${INPUT_CHECK_ALL_FILES_WITH_SHEBANGS}" = "true" ]; then - files_with_shebang=$(find "${paths[@]}" "${excludes[@]}" -not "${names[@]}" -type f -print0 | xargs -0 awk 'FNR==1 && /#!\/.*sh/ { print FILENAME }') + files_with_shebang=$(find "${paths[@]}" "${excludes[@]}" -not "${names[@]}" -type f -print0 | xargs -0 awk 'FNR==1 && /^#!.*sh/ { print FILENAME }') fi # Exit early if no files have been found