Question 1

How does Shellharden work with ShellCheck?

Accepted Answer

Shellharden complements ShellCheck by taking its recommendations, especially for quoting issues, and providing visual highlights and automated fixes. Run ShellCheck first to detect problems, then use Shellharden to apply and review quoting corrections for safer scripts.

Question 2

Can Shellharden fix all bash script errors?

Accepted Answer

No, Shellharden is primarily focused on quoting vulnerabilities and won't fix other issues like syntax errors or logic bugs. For comprehensive analysis, use it alongside ShellCheck, which detects a wider range of problems.

Question 3

Shellharden vs ShellCheck: which one should I use?

Accepted Answer

Use ShellCheck for detecting a wide range of issues in shell scripts, and Shellharden for specifically fixing quoting problems. They are complementary; ShellCheck finds issues, and Shellharden helps apply the fixes for quoting after review.

Question 4

How to safely apply Shellharden transformations?

Accepted Answer

Always review the highlighted changes before using the --transform option. Check if your script relies on unquoted behavior; if so, manually rewrite those parts using safer methods like arrays, as suggested in the documentation.

Question 5

Does Shellharden support zsh or other shells?

Accepted Answer

No, Shellharden is designed specifically for bash scripts and may not work correctly for other shells like zsh or fish. Its parsing and suggestions are based on bash syntax and quoting rules.

Question 6

What are the risks of using Shellharden?

Accepted Answer

The main risk is breaking scripts that depend on unquoted variable expansion for word splitting or globbing. Without proper review, applying transformations can introduce bugs, so understand the script's intent first.

shellharden

What is shellharden?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions