Skip to content

[LINT] Add shellcheck for shell scripts#1085

Open
agentydragon wants to merge 1 commit intodevelfrom
claude/lint-shell-shellcheck
Open

[LINT] Add shellcheck for shell scripts#1085
agentydragon wants to merge 1 commit intodevelfrom
claude/lint-shell-shellcheck

Conversation

@agentydragon
Copy link
Copy Markdown
Owner

@agentydragon agentydragon commented Mar 28, 2026

Summary

  • Add shellcheck pre-commit hook + .shellcheckrc config
  • Fix quoting issues in build.sh, entrypoint.sh, bash-init.sh, run-ansible-lint.sh
  • Add pkgs.shellcheck to devShell in flake.nix
  • Low-value rules (style suggestions in debug/one-off scripts) disabled with TODO to tighten incrementally

Test plan

  • shellcheck passes on all tracked .sh files
  • pre-commit run shellcheck --all-files passes

https://claude.ai/code/session_01TVjKdv6UebLZt9FP7ZuAbt

Copilot AI review requested due to automatic review settings March 28, 2026 05:19
@agentydragon agentydragon force-pushed the claude/lint-shell-shellcheck branch from 32ee1f8 to 6093c08 Compare March 28, 2026 05:29
Copilot AI reviewed Mar 28, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds ShellCheck into the repo’s local tooling (Nix devShell + pre-commit) and fixes ShellCheck-triggered quoting issues in several shell scripts, with a repo-wide .shellcheckrc to suppress selected rules.

Changes:

  • Add a local shellcheck pre-commit hook and a root .shellcheckrc configuration.
  • Add pkgs.shellcheck to the Nix web-session toolchain.
  • Fix unquoted variable expansions / command substitutions in multiple .sh scripts.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
nix/home/shell/bash-init.sh Quotes command substitutions for LESS_TERMCAP_* env vars used by the custom man() wrapper.
flake.nix Adds pkgs.shellcheck to the web-session tool bundle so pre-commit can run it via Nix.
cluster/k8s/agents/devbot/docker/desktop/entrypoint.sh Quotes $RESOLUTION when passed to vncserver -geometry.
cluster/k8s/agents/devbot/docker/build.sh Quotes Docker tag variables in docker build/docker push.
.shellcheckrc Introduces centralized ShellCheck rule suppressions for the repo.
.pre-commit-config.yaml Adds a local shellcheck hook (system-provided, via Nix devShell/web-session).
.github/scripts/run-ansible-lint.sh Documents intentional word-splitting and suppresses SC2086 for the lint invocation.

.shellcheckrc Outdated
Comment on lines +10 to +12
# SC2148: Tips depend on target shell (missing shebang).
# Many .sh files are sourced snippets (profile.d, shell init).
disable=SC2148
Copy link

Copilot AI Mar 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Disabling SC2148 globally can cause ShellCheck to fall back to its default shell for files without a shebang, which can mis-lint (or fail on) bash-specific sourced snippets. Since the repo has sourced bash scripts without shebangs (e.g. nix/home/shell/bash-init.sh uses local), consider either adding # shellcheck shell=bash (or a shebang) to those snippets, or setting an explicit default shell in this config, instead of suppressing SC2148 everywhere.

Suggested change
# SC2148: Tips depend on target shell (missing shebang).
# Many .sh files are sourced snippets (profile.d, shell init).
disable=SC2148
# Default shell: many sourced snippets are bash (no shebang).
# This avoids mis-linting bash-specific code as /bin/sh.
shell=bash

Copilot uses AI. Check for mistakes.
@agentydragon agentydragon force-pushed the claude/lint-shell-shellcheck branch 3 times, most recently from a1eb10f to 75a6c94 Compare March 28, 2026 06:04
@agentydragon agentydragon mentioned this pull request Mar 28, 2026
Merged
1 task
@agentydragon agentydragon force-pushed the claude/lint-shell-shellcheck branch 2 times, most recently from 856db3b to d2aba90 Compare March 28, 2026 06:47
@claude
[LINT] Add shellcheck for shell scripts
73f0629 
Add shellcheck pre-commit hook and .shellcheckrc config. Add shellcheck
to devShell (flake.nix). Default shell set to bash for sourced snippets.
Exclude .envrc and .zsh files from checking.

run-ansible-lint.sh: add SC2086 inline disable for intentional word
splitting.

Low-value rules (style suggestions in debug/one-off scripts) disabled
in .shellcheckrc with TODO to tighten incrementally.

https://claude.ai/code/session_01TVjKdv6UebLZt9FP7ZuAbt
@agentydragon agentydragon force-pushed the claude/lint-shell-shellcheck branch from d2aba90 to 73f0629 Compare March 28, 2026 07:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@agentydragon @claude