- Add support for different display engines (
csgrep
,sarif-fmt
) - Update
csutils
(csdiff
) to 3.3.0csdiff
: match findings by line content without spaces if availablecsgrep --hash-v1
: matchcsdiff/v1
fingerprint prefixsarif
: initial implementation ofcsdiff/v1
fingerprintssarif
: add descriptions for ShellCheck rules
- Provide
html
output with detected defects - Allow specifying
WORK_DIR
for intermediate files - Update
csutils
(csdiff
) to 3.2.2- propagate the imp flag as level in the SARIF format
- propagate
endLine
/endColumn
in the JSON and SARIF formats
- Fix curl Argument list too long by using a payload.json file - by @mpoberezhniy
- Container images now based on Fedora 40
- Update
csutils
(csdiff
) to 3.2.1
- Improve shell script detection based on emacs file mode header
- Container images now based on Fedora 39
- Update
csutils
(csdiff
) to 3.1.0
- Added defect statistics based on severity levels. They are available in the console output and in the job Summary page.
- New option
scan-directory
. Allows to specify directories that will be scanned. By default Differential ShellCheck scans the whole repository. - Show more context for ShellCheck defects and fixes in console output. The defect is now shown in the context of the surrounding code.
- Fix autodetection of shell scripts in DEBUG mode
- Fix detection of changed files that might cause failure on paths with special characters.
- Fix count of scanned files in job Summary when running on push event.
- Drop support for
shell-scripts
input - Drop support for
ignored-codes
input - Update
csutils
(csdiff
) to 3.0.4
- Container images now based on Fedora 38
ShellCheck
-0.8.0 -> 0.9.0
csutils
-3.0.0 -> 3.0.2
- Handle multiple include/exclude paths with newlines
- New option
exclude-path
. Allows to specify list of paths excluded from ShellCheck scanning. It supports globbing and brace expansion. e.g.test/{test1,test2}/**
- New option
include-path
. Similar toexclude-path
, it allows specifying the list of paths that will be included into scanning. No further checks are performed. It supports globbing and brace expansion. e.g.fixture/**.fixture
grep
- do not escape#
and!
in patterns- Utilize
DEBUG
to rungrep
without--silent
option - Update
csutils
(csdiff
) to 3.0.0
- Correctly handle character escaping in filenames (e.g.
␣
and&
) - Improve documentation and more tests
-
Tag
latest
is no longer available. Use major tags instead (e.g.v3
orv4
). -
Action can be triggered using GitHub
push
eventon: push: jobs: lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: fetch-depth: 0 - uses: redhat-plumbers-in-action/differential-shellcheck@v4 id: ShellCheck with: token: ${{ secrets.GITHUB_TOKEN }}
Note: When using
--force
action doesn't work properly when triggered onpush
events -
Action now perform full scans on
push
event by default and onmanual
trigger when requested -
Addition of new Summary page for full scans
-
SARIF file is now exposed under output
sarif
for further use.- if: ${{ always() }} name: Upload artifact with defects in SARIF format uses: actions/upload-artifact@v3 with: name: Differential ShellCheck SARIF path: ${{ steps.ShellCheck.outputs.sarif }} retention-days: 7
-
Removal of unused output -
ENV.LIST_OF_SCRIPTS
-
Increased code coverage
-
Some minor bugfixes, ShellCheck fixes, and CI updates
- Container images now based on Fedora 37
ShellCheck
-0.7.2 -> 0.8.0
- Show versions of ShellCheck and csutils in logs
csutils
-2.7.0 -> 2.8.0
- Added ability to overwrite scan tool properties -
csgrep --set-scan-prop
- Added ability to overwrite scan tool properties -
csutils
-2.6.0 -> 2.7.0
- Added support for SARIF severity levels
- Documentation updates (
.shellcheckrc
, examples, etc.) - Skip checking of symbolic links
- Autodetection: add support for
emacs
andvi/vim
file types specificationsemacs
-# -*- sh -*-
vi
-# vi: (set)? (ft|filetype)=sh
vim
-# vim: (set)? (ft|filetype)=sh
- Further improved autodetection of shell scripts based on shebangs and ShellCheck directives
- Add option
external-sources
and enable it by default
ignored-codes
option is now marked as deprecated and may be removed in future major release. Please consider using.shellcheckrc
instead.
- Add support for severity option, supported values are:
error
,warning
,info
andstyle
- Support for
ash
,dash
,ksh
andbats
shell interpreters - Improve autodetection of shell scripts
- Support for detection based on ShellCheck directive ; e.g.
# shellcheck shell=bash
- Support for generally used shebang prefixes like:
#!/usr/bin
,#!/usr/local/bin
,#!/bin/env␣
,#!/usr/bin/env␣
and#!/usr/local/bin/env␣
; e.g.#!/bin/env␣bash
- Support for detection based on ShellCheck directive ; e.g.
- Fix tool name in SARIF reports
- Update permissions in examples
- Fix typos, grammar mistakes and reword some sentences
- Update image examples to support light/dark modes
- Fix release automation
- Action should now work as before, but faster
- Use pre-build containers to improve performance of action
- Added option to run in debug mode - more verbose output
- Output optimizations - cleaner output, emojis, updated colors and spacing
- Support for job summaries
- Added support for
.bash
extensions - Added unit tests and code coverage
- Added codebase linter
- Small documentation changes
- SARIF feature now supports PRs from private forks
- Added support for SARIF
- Fix wrong check in
clean_array()
- Action cannot be run on
push
- Cleanup code from redundant variables
- Use
fedora:latest
container image instead ofrawhide
- Update of documentation
- Bugfixes:
- Make directory /github/workspace git-save
- Remove double quotes to avoid git empty pathspec warnings
- Make GA tests ran on current version of repo/fork
- Bump actions/checkout from 2 to 3
- Minor changes regarding internal automation
- Introduction of automation
- @Dependabot configuration
- @Mergify configuration
- @release-drafter configuration
- documentation fixes
- Major versions (
v1
,v2
, ...) are now released automatically
- Initial release
- Shell scripts auto-detection based on shebangs (
!#/bin/sh
or!#/bin/bash
) and file extensions (.sh
) - Ability to white list specific error codes
- Statistics about fixed and added errors
- Colored console output