Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there a static analysis tool like Lint or Perl::Critic for shell scripts?

Tags:

shell

static-analysis

checkstyle

Are there any shell (specifically bash or ksh) checkers that test shell scripts for style, best practices, naming conventions, etc? (Something like Lint for C, or Perl::Critic for Perl.)

I know with ksh you can do syntax checking by running ksh -n script.ksh but I was hoping for something more than just sytax checking - something that parses/analyzes the actual code?

I'm probably out of luck, but I guess it doesn't hurt to ask.

like image 519
BrianH Avatar asked Sep 08 '10 14:09

BrianH

People also ask

What is the most popular static code analysis tool?

SonarQube. SonarQube is the popular static analysis tool for continuously inspecting the code quality and security of your codebases and guiding development teams during code reviews. SonarQube is used for automated code review with CI/CD Integration.

Is static analysis can be automated?

The static analysis process is relatively simple, as long as it's automated. Generally, static analysis occurs before software testing in early development. In the DevOps development practice, it will occur in the create phases. Once the code is written, a static code analyzer should be run to look over the code.

What does static analysis tools detect?

Static analysis identifies defects before you run a program (e.g., between coding and unit testing). Dynamic code analysis identifies defects after you run a program (e.g., during unit testing). However, some coding errors might not surface during unit testing.

2 Answers

I found shellcheck: it tests for common errors in quoting and other things you overlook ("because it works").

like image 58
u0b34a0f6ae Avatar answered Sep 17 '22 18:09

u0b34a0f6ae

The Debian and Ubuntu projects use a script checkbashisms, that looks for particular patterns that might indicate that someone is relying on /bin/sh being bash.

Beyond that, most shells have a -n option to parse and report errors. You could check your script against several different shells to make sure it uses only portable syntax:

for shell in zsh ksh bash dash sh do   echo "Testing ${shell}"   ${shell} -n my_script.sh done

edit to add: Since writing this answer, shellcheck has been written, as suggested in a later answer. This does a much more thorough job of linting shell scripts than the previous suggestions.

like image 31
Brian Campbell Avatar answered Sep 20 '22 18:09

Brian Campbell
Sign in to Comment

Related questions

watch file size on linux
Linux shell script for database backup
Creating string of repeated characters in shell script [duplicate]
Running shell script in parallel
Extract version number from file in shell script
In a unix shell, how to get yesterday's date into a variable?
How to define array in multiple lines in Shell
SPRINTF in shell scripting?
Shellscript to monitor a log file if keyword triggers then execute a command?
Convert string to date in bash
How to pass argument with exclamation mark on Linux?
How do I change file permissions in Ubuntu [duplicate]
Automatically chdir to vagrant directory upon "vagrant ssh"
Permission denied when trying to append a file to a root owned file with sudo [closed]
How to overwrite a printed line in the shell with Ruby?
How can I add a line to a file in a shell script?
Parallel processing from a command queue on Linux (bash, python, ruby... whatever)
check if environment variable is already set [duplicate]
How to remove carriage return from a variable in shell script
Why don't I see pipe operators in most high-level languages?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!