Shellcheck: a static analysis tool for shell scripts

Just spent some time sending my scripts to this site for it to analyse and see what it does. I can see that while it wasn&#x27;t be able to tell me of more efficient code to achieve my goal (wasn&#x27;t really hopping for that), it did spot 1) one liners where some commands are not needed, 2) variables which are not used, 3) where I should use double quotes to prevent word splitting and 4) lines where my ssh was eating up my stdin.<p>What a great sanity check for the days when I&#x27;m writing something on my own without a second pair of eyes to proof-read it.

Combine it with the sublime text plugin (<a href="https://github.com/SublimeLinter/SublimeLinter-shellcheck" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;SublimeLinter&#x2F;SublimeLinter-shellcheck</a>) and you got real time static analysis while without your shell scripts !

Shellcheck is great. The Vim Syntastic plugin already knows about Shellcheck so if you use Syntastic and install Shellcheck you&#x27;ll automatically start getting warnings on your code.<p>BTW, it can be a little hard to figure this out, but if Shellcheck gives you a warning that you want to ignore (because you intended to trigger that behavior), you can put the following comment above the offending line:<p><pre><code> # shellcheck disable=SC1234 </code></pre> where &quot;SC1234&quot; is replaced with the actual error code that Shellcheck gives.

This looks very helpful: bash scripts are notoriously difficult to get right. I wish it&#x27;d suggest best practices like `set -e` and the like though.

The real problem with shell scripts is that they usually tie together a few external commands and tend to pass information around using the filesystem.<p>This, together with poor error handling is a recipe for disaster: Problems with permissions, insufficient disk space, etc. Instead of stopping when encountering an error, most shell scripts will happily continue break at some other point in time (or worse - destroy valuable data).

The emacs interface is very nice as well, using flycheck

I ran it against a deploy script generated by Mina [1]. Only a few deprecation warnings and notes about using find instead of ls to better handle non-alphanumeric filenames. I&#x27;ve learned a lot about error handling by reading Mina-generated scripts.<p>1. <a href="http://nadarei.co/mina/" rel="nofollow">http:&#x2F;&#x2F;nadarei.co&#x2F;mina&#x2F;</a>

Isn&#x27;t this a pretty good argument against shell scripts? I feel like we&#x27;ve advanced far enough in PL research to think of something a bit safer

As someone who regularly answers batch file questions on Stack Overflow, I think this would be invaluable for all the mistakes people make there too.

This is awesome. As a beginner when it comes to writing shellscripts, this is my new jshint equivalent.