New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Shellcheck workflow #9119
Shellcheck workflow #9119
Conversation
Contextual Security AnalysisAs DryRun Security performs checks, we’ll summarize them here. You can always dive into the results in the section below for checks.
Chat with your AI-powered Security Buddy by typing Install and configure more repositories at DryRun Security |
SHELLCHECK_REPO: 'koalaman/shellcheck' | ||
SHELLCHECK_VERSION: 'v0.9.0' | ||
SHELLCHECK_SHA: '038fd81de6b7e20cc651571362683853670cdc71' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are Renovate or Dependabot able to monitor new releases for this kind of definition?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd say lets merge this PR and see if Renovate/Dependabot catch it in the future. I suspect it doesn't get rev'ed frequently and I'd rather have this in place with the chance of it going stale vs not have it in place.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suspect Renovate / Dependabot won't catch this, but thankfully shellcheck only seems to release about once a year, and I don't think we'd miss out on much if we were one release behind.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved.
Hi guys, I'm happy that this linter was merged quickly but existing issues have not been fixed. |
Description
This PR adds a GitHub Actions workflow to run shellcheck on shell scripts modified as part of a PR.
[sc-2794]