Feature: detect nonportable shebangs #1047
Comments
|
Sorry I couldn't find those earlier issues. I understand their objections, but all of those objections only apply to scripts whose exact target environment is known. For example, scripts residing in a package built for a particular OS. ShellCheck is mostly useful further upstream, for software that hasn't yet been packaged. In such cases, the only appropriate shebang is a portable one or a blank one (to be added by the Makefile). |
|
But it is not portable. It relies on (1) /usr/bin/env being present, and (2) that the shell interpreter of choice is in the PATH. Neither is a given. On this machine, #!/opt/freeware/bin/bash would be the correct shebang, and a warning that this is better done with env would not be helpful. Another machine has /usr mounted by NFS. Until it is mounted, /usr/bin is not available, so /usr/bin/env cannot be called. Replacing the startup scripts to use /usr/bin/env based on a shellcheck recommendation to do so would render the system unbootable. Anyhow, the security risk of using env noted in #880 should trump any other concerns here, IMNSHO. |
|
Should this issue be closed as invalid? |
A very common cause of shell script portability problems is an assumption that the interpreter lives at a certain location. For example, Linux users often hardcode "#!/bin/bash", but bash is typically installed to "#!/usr/local/bin/bash" on BSD systems. Portable scripts should therefore use "#!/bin/sh" or "#!/usr/bin/env " instead.
For new checks and feature suggestions
Here's a snippet or screenshot that shows the problem:
Here's what shellcheck currently says:
Here's what I wanted or expected to see:
^-- SCXXXX: "/bin/bash" is nonportable. Prefer "/usr/bin/env/bash"
The text was updated successfully, but these errors were encountered: