给大家介绍一个shell代码检查工具

cory

首先关于shellcheck的安装，有三种方法：
1、直接copy相应shellcheck的可执行文件到bin目录下
2、更换带有shellcheck软件包的源(/etc/apt)，然后apt-get update，安装即可
3、进行编译安装，因为shellcheck是用Cabal管理和建立的，所以使用apt-get 安装cabal-install进行编译安装

而关于shellcheck的具体作用：

#### Quoting(引号)

ShellCheck can recognize several types of incorrect quoting:

1. 
   
2.     echo $1                           # Unquoted variables
   
3.     find . -name *.ogg                # Unquoted find/grep patterns
   
4.     rm "~/my file.txt"                # Quoted tilde expansion
   
5.     v='--verbose="true"'; cmd $v      # Literal quotes in variables
   
6.     for f in "*.ogg"                  # Incorrectly quoted 'for' loops
   
7.     touch $@                          # Unquoted$@
   
8.     echo 'Don't forget to restart!'   # Singlequote closed by apostrophe
   
9.     echo 'Don\'t try this at home'    # Attempting to escape ' in ''
   
10.     echo 'Path is $PATH'              # Variables in single quotes
    
11.     trap "echo Took ${SECONDS}s" 0    # Prematurely expanded trap

复制代码

#### Conditionals

ShellCheck can recognize many types of incorrect test statements.

1. 
   
2.     [[ n != 0 ]]                      # Constant test expressions
   
3.     [[ -e *.mpg ]]                    # Existence checks of globs
   
4.     [[ $foo==0 ]]                     # Always true due to missing spaces
   
5.     [[ -n "$foo " ]]                  # Always true due to literals
   
6.     [[ $foo =~ "fo+" ]]               # Quoted regex in =~
   
7.     [ foo =~ re ]                     # Unsupported [ ] operators
   
8.     [ $1 -eq "shellcheck" ]           # Numerical comparison of strings
   
9.     [ $n &&$m ]                      # && in [ .. ]
   
10.     [ grep -q foo file ]              # Command without $(..)
    
11. 
    

复制代码

#### Frequently misused commands

ShellCheck can recognize instances where commands are used incorrectly:

1. 
   
2.     grep '*foo*' file                 # Globs in regex contexts
   
3.     find . -exec foo {} && bar {} \;  # Prematurely terminated find -exec
   
4.     sudo echo 'Var=42' > /etc/profile # Redirecting sudo
   
5.     time --format=%s sleep 10         # Passing time(1) flags to time builtin
   
6.     while read h; do ssh "$h" uptime  # Commands eating while loop input
   
7.     alias archive='mv $1 /backup'     # Defining aliases with arguments
   
8.     tr -cd '[a-zA-Z0-9]'              # [] around ranges in tr
   
9.     exec foo; echo "Done!"            # Misused 'exec'
   
10.     find -name \*.bak -o -name \*~ -delete  # Implicit precedence in find
    
11.     f() { whoami; }; sudo f           # External use of internal functions
    

复制代码

#### Common beginner's mistakes

ShellCheck recognizes many common beginner's syntax errors:

1. 
   
2.     var = 42                          # Spaces around = in assignments
   
3.     $foo=42                           #$ in assignments
   
4.     for $var in *; do ...             #$ in for loop variables
   
5.     var$n="Hello"                     # Wrong indirect assignment
   
6.     echo ${var$n}                     # Wrong indirect reference
   
7.     var=(1, 2, 3)                     # Comma separated arrays
   
8.     echo "Argument 10 is $10"         # Positional parameter misreference
   
9.     if $(myfunction); then ..; fi     # Wrapping commands in$()
   
10.     else if othercondition; then ..   # Using 'else if'
    
11. 
    

复制代码

#### Style

ShellCheck can make suggestions to improve style:

1. 
   
2.     [[ -z $(find /tmp | grep mpg) ]]  # Use grep -q instead
   
3.     a >> log; b >> log; c >> log      # Use a redirection block instead
   
4.     echo "The time is `date`"         # Use $() instead
   
5.     cd dir; process *; cd ..;         # Use subshells instead
   
6.     echo $[1+2]                       # Use standard$((..)) instead of old $[]
   
7.     echo $(($RANDOM % 6))             # Don't use $on variables in$((..))
   
8.     echo "$(date)"                    # Useless use of echo
   
9.     cat file | grep foo               # Useless use of cat
   
10. 
    

复制代码

#### Data and typing errors

ShellCheck can recognize issues related to data and typing:

1. 
   
2. 
   
3.     args="$@"                         # Assigning arrays to strings
   
4.     files=(foo bar); echo "$files"    # Referencing arrays as strings
   
5.     printf "%s\n" "Arguments: $@."    # Concatenating strings and arrays.
   
6.     [[ $# > 2 ]]                      # Comparing numbers as strings
   
7.     var=World; echo "Hello " var      # Unused lowercase variables
   
8.     echo "Hello $name"                # Unassigned lowercase variables
   
9.     cmd | read bar; echo $bar         # Assignments in subshells
   

复制代码

#### Robustness

ShellCheck can make suggestions for improving the robustness of a script:

1. 
   
2.     rm -rf "$STEAMROOT/"*            # Catastrophic rm
   
3.     touch ./-l; ls *                 # Globs that could become options
   
4.     find . -exec sh -c 'a && b {}' \; # Find -exec shell injection
   
5.     printf "Hello $name"             # Variables in printf format
   
6.     for f in $(ls *.txt); do         # Iterating over ls output
   
7.     export MYVAR=$(cmd)              # Masked exit codes
   

复制代码

#### Portability

ShellCheck will warn when using features not supported by the shebang. For example, if you set the shebang to `#!/bin/sh`, ShellCheck will warn about portability issues similar to `checkbashisms`:

1. 
   
2. 
   
3.     echo {1..$n}                     # Works in ksh, but not bash/dash/sh
   
4.     echo {1..10}                     # Works in ksh and bash, but not dash/sh
   
5.     echo -n 42                       # Works in ksh, bash and dash, undefined in sh
   
6.     trap 'exit 42' sigint            # Unportable signal spec
   
7.     cmd &> file                      # Unportable redirection operator
   
8.     read foo < /dev/tcp/host/22      # Unportable intercepted files
   
9.     foo-bar() { ..; }                # Undefined/unsupported function name
   
10.     [ $UID = 0 ]                     # Variable undefined in dash/sh
    
11.     local var=value                  # local is undefined in sh
    

复制代码

#### Miscellaneous

ShellCheck recognizes a menagerie of other issues:

1. 
   
2.     PS1='\e[0;32m\$\e[0m '            # PS1 colors not in \[..\]
   
3.     PATH="$PATH:~/bin"                # Literal tilde in$PATH
   
4.     echo {1..$n}                     # Works in ksh, but not bash/dash/sh
   
5.     echo {1..10}                     # Works in ksh and bash, but not dash/sh
   
6.     echo -n 42                       # Works in ksh, bash and dash, undefined in sh
   
7.     trap 'exit 42' sigint            # Unportable signal spec
   
8.     cmd &> file                      # Unportable redirection operator
   
9.     read foo < /dev/tcp/host/22      # Unportable intercepted files
   
10.     foo-bar() { ..; }                # Undefined/unsupported function name
    
11.     [ $UID = 0 ]                     # Variable undefined in dash/sh
    
12.     local var=value                  # local is undefined in sh
    

复制代码

#### Miscellaneous

1. 
   
2. 
   
3.     echo {1..$n}                     # Works in ksh, but not bash/dash/sh
   
4.     echo {1..10}                     # Works in ksh and bash, but not dash/sh
   
5.     echo -n 42                       # Works in ksh, bash and dash, undefined in sh
   
6.     trap 'exit 42' sigint            # Unportable signal spec
   
7.     cmd &> file                      # Unportable redirection operator
   
8.     read foo < /dev/tcp/host/22      # Unportable intercepted files
   
9.     foo-bar() { ..; }                # Undefined/unsupported function name
   
10.     [ $UID = 0 ]                     # Variable undefined in dash/sh
    
11.     local var=value                  # local is undefined in sh
    

复制代码

#### Miscellaneous

ShellCheck recognizes a menagerie of other issues:

1. 
   
2.     PS1='\e[0;32m\$\e[0m '            # PS1 colors not in \[..\]
   
3.     PATH="$PATH:~/bin"                # Literal tilde in$PATH
   
4.     rm “file”                         # Unicode quotes
   
5.     echo "Hello world"                # Carriage return / DOS line endings
   
6.     var=42 echo $var                  # Expansion of inlined environment
   
7.     #!/bin/bash -x -e                 # Common shebang errors
   
8.     echo $((n/180*100))               # Unnecessary loss of precision
   
9.     ls *[:digit:].txt                 # Bad character class globs
   
10.     sed 's/foo/bar/' file > file       # Redirecting to input
    

复制代码