ports/devel/shellcheck/files/shellcheck.1

.\" Automatically generated by Pandoc 3.6.4
.\"
.TH "SHELLCHECK" "1" "" "Shell script analysis tool"
.SH NAME
shellcheck \- Shell script analysis tool
.SH SYNOPSIS
\f[B]shellcheck\f[R] [\f[I]OPTIONS\f[R]...]
\f[I]FILES\f[R]...
.SH DESCRIPTION
ShellCheck is a static analysis and linting tool for sh/bash scripts.
It\[aq]s mainly focused on handling typical beginner and intermediate
level syntax errors and pitfalls where the shell just gives a cryptic
error message or strange behavior, but it also reports on a few more
advanced issues where corner cases can cause delayed failures.
.PP
ShellCheck gives shell specific advice.
Consider this line:
.IP
.EX
(( area = 3.14*r*r ))
.EE
.IP \[bu] 2
For scripts starting with \f[CR]#!/bin/sh\f[R] (or when using
\f[CR]\-s sh\f[R]), ShellCheck will warn that \f[CR](( .. ))\f[R] is not
POSIX compliant (similar to checkbashisms).
.IP \[bu] 2
For scripts starting with \f[CR]#!/bin/bash\f[R] (or using
\f[CR]\-s bash\f[R]), ShellCheck will warn that decimals are not
supported.
.IP \[bu] 2
For scripts starting with \f[CR]#!/bin/ksh\f[R] (or using
\f[CR]\-s ksh\f[R]), ShellCheck will not warn at all, as \f[CR]ksh\f[R]
supports decimals in arithmetic contexts.
.SH OPTIONS
.TP
\f[B]\-a\f[R],\ \f[B]\-\-check\-sourced\f[R]
Emit warnings in sourced files.
Normally, \f[CR]shellcheck\f[R] will only warn about issues in the
specified files.
With this option, any issues in sourced files will also be reported.
.TP
\f[B]\-C\f[R][\f[I]WHEN\f[R]],\ \f[B]\-\-color\f[R][=\f[I]WHEN\f[R]]
For TTY output, enable colors \f[I]always\f[R], \f[I]never\f[R] or
\f[I]auto\f[R].
The default is \f[I]auto\f[R].
\f[B]\-\-color\f[R] without an argument is equivalent to
\f[B]\-\-color=always\f[R].
.TP
\f[B]\-i\f[R]\ \f[I]CODE1\f[R][,\f[I]CODE2\f[R]...],\ \f[B]\-\-include=\f[R]\f[I]CODE1\f[R][,\f[I]CODE2\f[R]...]
Explicitly include only the specified codes in the report.
Subsequent \f[B]\-i\f[R] options are cumulative, but all the codes can
be specified at once, comma\-separated as a single argument.
Include options override any provided exclude options.
.TP
\f[B]\-e\f[R]\ \f[I]CODE1\f[R][,\f[I]CODE2\f[R]...],\ \f[B]\-\-exclude=\f[R]\f[I]CODE1\f[R][,\f[I]CODE2\f[R]...]
Explicitly exclude the specified codes from the report.
Subsequent \f[B]\-e\f[R] options are cumulative, but all the codes can
be specified at once, comma\-separated as a single argument.
.TP
\f[B]\-\-extended\-analysis=true/false\f[R]
Enable/disable Dataflow Analysis to identify more issues (default true).
If ShellCheck uses too much CPU/RAM when checking scripts with several
thousand lines of code, extended analysis can be disabled with this flag
or a directive.
This flag overrides directives and rc files.
.TP
\f[B]\-f\f[R] \f[I]FORMAT\f[R], \f[B]\-\-format=\f[R]\f[I]FORMAT\f[R]
Specify the output format of shellcheck, which prints its results in the
standard output.
Subsequent \f[B]\-f\f[R] options are ignored, see \f[B]FORMATS\f[R]
below for more information.
.TP
\f[B]\-\-list\-optional\f[R]
Output a list of known optional checks.
These can be enabled with \f[B]\-o\f[R] flags or \f[B]enable\f[R]
directives.
.TP
\f[B]\-\-norc\f[R]
Don\[aq]t try to look for .shellcheckrc configuration files.
.TP
\f[B]\-\-rcfile\f[R] \f[I]RCFILE\f[R]
Prefer the specified configuration file over searching for one in the
default locations.
.TP
\f[B]\-o\f[R]\ \f[I]NAME1\f[R][,\f[I]NAME2\f[R]...],\ \f[B]\-\-enable=\f[R]\f[I]NAME1\f[R][,\f[I]NAME2\f[R]...]
Enable optional checks.
The special name \f[I]all\f[R] enables all of them.
Subsequent \f[B]\-o\f[R] options accumulate.
This is equivalent to specifying \f[B]enable\f[R] directives.
.TP
\f[B]\-P\f[R]\ \f[I]SOURCEPATH\f[R],\ \f[B]\-\-source\-path=\f[R]\f[I]SOURCEPATH\f[R]
Specify paths to search for sourced files, separated by \f[CR]:\f[R] on
Unix and \f[CR];\f[R] on Windows.
This is equivalent to specifying \f[CR]search\-path\f[R] directives.
.TP
\f[B]\-s\f[R]\ \f[I]shell\f[R],\ \f[B]\-\-shell=\f[R]\f[I]shell\f[R]
Specify Bourne shell dialect.
Valid values are \f[I]sh\f[R], \f[I]bash\f[R], \f[I]dash\f[R],
\f[I]ksh\f[R], and \f[I]busybox\f[R].
The default is to deduce the shell from the file\[aq]s \f[CR]shell\f[R]
directive, shebang, or \f[CR].bash/.bats/.dash/.ksh\f[R] extension, in
that order.
\f[I]sh\f[R] refers to POSIX \f[CR]sh\f[R] (not the system\[aq]s), and
will warn of portability issues.
.TP
\f[B]\-S\f[R]\ \f[I]SEVERITY\f[R],\ \f[B]\-\-severity=\f[R]\f[I]severity\f[R]
Specify minimum severity of errors to consider.
Valid values in order of severity are \f[I]error\f[R],
\f[I]warning\f[R], \f[I]info\f[R] and \f[I]style\f[R].
The default is \f[I]style\f[R].
.TP
\f[B]\-V\f[R],\ \f[B]\-\-version\f[R]
Print version information and exit.
.TP
\f[B]\-W\f[R] \f[I]NUM\f[R],\ \f[B]\-\-wiki\-link\-count=NUM\f[R]
For TTY output, show \f[I]NUM\f[R] wiki links to more information about
mentioned warnings.
Set to 0 to disable them entirely.
.TP
\f[B]\-x\f[R],\ \f[B]\-\-external\-sources\f[R]
Follow \f[CR]source\f[R] statements even when the file is not specified
as input.
By default, \f[CR]shellcheck\f[R] will only follow files specified on
the command line (plus \f[CR]/dev/null\f[R]).
This option allows following any file the script may \f[CR]source\f[R].
.RS
.PP
This option may also be enabled using \f[CR]external\-sources=true\f[R]
in \f[CR].shellcheckrc\f[R].
This flag takes precedence.
.RE
.TP
\f[B]FILES...\f[R]
One or more script files to check, or \[dq]\-\[dq] for standard input.
.SH FORMATS
.TP
\f[B]tty\f[R]
Plain text, human readable output.
This is the default.
.TP
\f[B]gcc\f[R]
GCC compatible output.
Useful for editors that support compiling and showing syntax errors.
.RS
.PP
For example, in Vim,
\f[CR]:set makeprg=shellcheck\[rs] \-f\[rs] gcc\[rs] %\f[R] will allow
using \f[CR]:make\f[R] to check the script, and \f[CR]:cnext\f[R] to
jump to the next error.
.IP
.EX
<file>:<line>:<column>: <type>: <message>
.EE
.RE
.TP
\f[B]checkstyle\f[R]
Checkstyle compatible XML output.
Supported directly or through plugins by many IDEs and build monitoring
systems.
.RS
.IP
.EX
<?xml version=\[aq]1.0\[aq] encoding=\[aq]UTF\-8\[aq]?>
<checkstyle version=\[aq]4.3\[aq]>
  <file name=\[aq]file\[aq]>
    <error
      line=\[aq]line\[aq]
      column=\[aq]column\[aq]
      severity=\[aq]severity\[aq]
      message=\[aq]message\[aq]
      source=\[aq]ShellCheck.SC####\[aq] />
    ...
  </file>
  ...
</checkstyle>
.EE
.RE
.TP
\f[B]diff\f[R]
Auto\-fixes in unified diff format.
Can be piped to \f[CR]git apply\f[R] or \f[CR]patch \-p1\f[R] to
automatically apply fixes.
.RS
.IP
.EX
\-\-\- a/test.sh
+++ b/test.sh
\[at]\[at] \-2,6 +2,6 \[at]\[at]
 ## Example of a broken script.
 for f in $(ls *.m3u)
 do
\-  grep \-qi hq.*mp3 $f \[rs]
+  grep \-qi hq.*mp3 \[dq]$f\[dq] \[rs]
     && echo \-e \[aq]Playlist $f contains a HQ file in mp3 format\[aq]
 done
.EE
.RE
.TP
\f[B]json1\f[R]
Json is a popular serialization format that is more suitable for web
applications.
ShellCheck\[aq]s json is compact and contains only the bare minimum.
Tabs are counted as 1 character.
.RS
.IP
.EX
{
  comments: [
    {
      \[dq]file\[dq]: \[dq]filename\[dq],
      \[dq]line\[dq]: lineNumber,
      \[dq]column\[dq]: columnNumber,
      \[dq]level\[dq]: \[dq]severitylevel\[dq],
      \[dq]code\[dq]: errorCode,
      \[dq]message\[dq]: \[dq]warning message\[dq]
    },
    ...
  ]
}
.EE
.RE
.TP
\f[B]json\f[R]
This is a legacy version of the \f[B]json1\f[R] format.
It\[aq]s a raw array of comments, and all offsets have a tab stop of 8.
.TP
\f[B]quiet\f[R]
Suppress all normal output.
Exit with zero if no issues are found, otherwise exit with one.
Stops processing after the first issue.
.SH DIRECTIVES
ShellCheck directives can be specified as comments in the shell script.
If they appear before the first command, they are considered file\-wide.
Otherwise, they apply to the immediately following command or block:
.IP
.EX
# shellcheck key=value key=value
command\-or\-structure
.EE
.PP
For example, to suppress SC2035 about using \f[CR]./*.jpg\f[R]:
.IP
.EX
# shellcheck disable=SC2035
echo \[dq]Files: \[dq] *.jpg
.EE
.PP
To tell ShellCheck where to look for an otherwise dynamically determined
file:
.IP
.EX
# shellcheck source=./lib.sh
source \[dq]$(find_install_dir)/lib.sh\[dq]
.EE
.PP
Here a shell brace group is used to suppress a warning on multiple
lines:
.IP
.EX
# shellcheck disable=SC2016
{
  echo \[aq]Modifying $PATH\[aq]
  echo \[aq]PATH=foo:$PATH\[aq] >> \[ti]/.bashrc
}
.EE
.PP
Valid keys are:
.TP
\f[B]disable\f[R]
Disables a comma separated list of error codes for the following
command.
The command can be a simple command like \f[CR]echo foo\f[R], or a
compound command like a function definition, subshell block or loop.
A range can be be specified with a dash, e.g.
\f[CR]disable=SC3000\-SC4000\f[R] to exclude 3xxx.
All warnings can be disabled with \f[CR]disable=all\f[R].
.TP
\f[B]enable\f[R]
Enable an optional check by name, as listed with
\f[B]\-\-list\-optional\f[R].
Only file\-wide \f[CR]enable\f[R] directives are considered.
.TP
\f[B]extended\-analysis\f[R]
Set to true/false to enable/disable dataflow analysis.
Specifying \f[CR]# shellcheck extended\-analysis=false\f[R] in
particularly large (2000+ line) auto\-generated scripts will reduce
ShellCheck\[aq]s resource usage at the expense of certain checks.
Extended analysis is enabled by default.
.TP
\f[B]external\-sources\f[R]
Set to \f[CR]true\f[R] in \f[CR].shellcheckrc\f[R] to always allow
ShellCheck to open arbitrary files from \[aq]source\[aq] statements (the
way most tools do).
.RS
.PP
This option defaults to \f[CR]false\f[R] only due to ShellCheck\[aq]s
origin as a remote service for checking untrusted scripts.
It can safely be enabled for normal development.
.RE
.TP
\f[B]source\f[R]
Overrides the filename included by a \f[CR]source\f[R]/\f[CR].\f[R]
statement.
This can be used to tell shellcheck where to look for a file whose name
is determined at runtime, or to skip a source by telling it to use
\f[CR]/dev/null\f[R].
.TP
\f[B]source\-path\f[R]
Add a directory to the search path for \f[CR]source\f[R]/\f[CR].\f[R]
statements (by default, only ShellCheck\[aq]s working directory is
included).
Absolute paths will also be rooted in these paths.
The special path \f[CR]SCRIPTDIR\f[R] can be used to specify the
currently checked script\[aq]s directory, as in
\f[CR]source\-path=SCRIPTDIR\f[R] or
\f[CR]source\-path=SCRIPTDIR/../libs\f[R].
Multiple paths accumulate, and \f[CR]\-P\f[R] takes precedence over
them.
.TP
\f[B]shell\f[R]
Overrides the shell detected from the shebang.
This is useful for files meant to be included (and thus lacking a
shebang), or possibly as a more targeted alternative to
\[aq]disable=SC2039\[aq].
.SH RC FILES
Unless \f[CR]\-\-norc\f[R] is used, ShellCheck will look for a file
\f[CR].shellcheckrc\f[R] or \f[CR]shellcheckrc\f[R] in the script\[aq]s
directory and each parent directory.
If found, it will read \f[CR]key=value\f[R] pairs from it and treat them
as file\-wide directives.
.PP
Here is an example \f[CR].shellcheckrc\f[R]:
.IP
.EX
# Look for \[aq]source\[aq]d files relative to the checked script,
# and also look for absolute paths in /mnt/chroot
source\-path=SCRIPTDIR
source\-path=/mnt/chroot

# Since 0.9.0, values can be quoted with \[aq]\[aq] or \[dq]\[dq] to allow spaces
source\-path=\[dq]My Documents/scripts\[dq]

# Allow opening any \[aq]source\[aq]d file, even if not specified as input
external\-sources=true

# Turn on warnings for unquoted variables with safe values
enable=quote\-safe\-variables

# Turn on warnings for unassigned uppercase variables
enable=check\-unassigned\-uppercase

# Allow [ ! \-z foo ] instead of suggesting \-n
disable=SC2236
.EE
.PP
If no \f[CR].shellcheckrc\f[R] is found in any of the parent
directories, ShellCheck will look in \f[CR]\[ti]/.shellcheckrc\f[R]
followed by the \f[CR]$XDG_CONFIG_HOME\f[R] (usually
\f[CR]\[ti]/.config/shellcheckrc\f[R]) on Unix, or
\f[CR]%APPDATA%/shellcheckrc\f[R] on Windows.
Only the first file found will be used.
.PP
Note for Snap users: the Snap sandbox disallows access to hidden files.
Use \f[CR]shellcheckrc\f[R] without the dot instead.
.PP
Note for Docker users: ShellCheck will only be able to look for files
that are mounted in the container, so \f[CR]\[ti]/.shellcheckrc\f[R]
will not be read.
.SH ENVIRONMENT VARIABLES
The environment variable \f[CR]SHELLCHECK_OPTS\f[R] can be set with
default flags:
.IP
.EX
export SHELLCHECK_OPTS=\[aq]\-\-shell=bash \-\-exclude=SC2016\[aq]
.EE
.PP
Its value will be split on spaces and prepended to the command line on
each invocation.
.SH RETURN VALUES
ShellCheck uses the following exit codes:
.IP \[bu] 2
0: All files successfully scanned with no issues.
.IP \[bu] 2
1: All files successfully scanned with some issues.
.IP \[bu] 2
2: Some files could not be processed (e.g.
file not found).
.IP \[bu] 2
3: ShellCheck was invoked with bad syntax (e.g.
unknown flag).
.IP \[bu] 2
4: ShellCheck was invoked with bad options (e.g.
unknown formatter).
.SH LOCALE
This version of ShellCheck is only available in English.
All files are leniently decoded as UTF\-8, with a fallback of
ISO\-8859\-1 for invalid sequences.
\f[CR]LC_CTYPE\f[R] is respected for output, and defaults to UTF\-8 for
locales where encoding is unspecified (such as the \f[CR]C\f[R] locale).
.PP
Windows users seeing
\f[CR]commitBuffer: invalid argument (invalid character)\f[R] should set
their terminal to use UTF\-8 with \f[CR]chcp 65001\f[R].
.SH KNOWN INCOMPATIBILITIES
(If nothing in this section makes sense, you are unlikely to be affected
by it)
.PP
To avoid confusing and misguided suggestions, ShellCheck requires
function bodies to be either \f[CR]{ brace groups; }\f[R] or
\f[CR]( subshells )\f[R], and function names containing \f[CR][]*=!\f[R]
are only recognized after a \f[CR]function\f[R] keyword.
.PP
The following unconventional function definitions are identical in Bash,
but ShellCheck only recognizes the latter.
.IP
.EX
[x!=y] () [[ $1 ]]
function [x!=y] () { [[ $1 ]]; }
.EE
.PP
Shells without the \f[CR]function\f[R] keyword do not allow these
characters in function names to begin with.
Function names containing \f[CR]{}\f[R] are not supported at all.
.PP
Further, if ShellCheck sees \f[CR][x!=y]\f[R] it will assume this is an
invalid comparison.
To invoke the above function, quote the command as in
\f[CR]\[aq][x!=y]\[aq]\f[R], or to retain the same globbing behavior,
use \f[CR]command [x!=y]\f[R].
.PP
ShellCheck imposes additional restrictions on the \f[CR][\f[R] command
to help diagnose common invalid uses.
While \f[CR][ $x= 1 ]\f[R] is defined in POSIX, ShellCheck will assume
it was intended as the much more likely comparison
\f[CR][ \[dq]$x\[dq] = 1 ]\f[R] and fail accordingly.
For unconventional or dynamic uses of the \f[CR][\f[R] command, use
\f[CR]test\f[R] or \f[CR]\[rs][\f[R] instead.
.SH REPORTING BUGS
Bugs and issues can be reported on GitHub:
.PP
https://github.com/koalaman/shellcheck/issues
.SH AUTHORS
ShellCheck is developed and maintained by Vidar Holen, with assistance
from a long list of wonderful contributors.
.SH COPYRIGHT
Copyright 2012\-2025, Vidar Holen and contributors.
Licensed under the GNU General Public License version 3 or later, see
https://gnu.org/licenses/gpl.html
.SH SEE ALSO
sh(1), bash(1), dash(1), ksh(1)