Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • Use a "lint" finding program. For example,
    • shell: use "shellcheck", which can be installed using "apt install -y shellcheck"
    • python: there are a number lint-finding programs, such as "pylint" and "flakes8".
  • Beware of the shell CDPATH variable and relative paths in cd commands.
    • If your shell script uses a relative path in its cd commands, such as "cd somewhere" or "cd somewhere/else", the location it winds up can be hijacked by the invoker setting the CDPATH variable name.
    • Either set the CDPATH explicitly at the beginning of your shell script,
      • CDPATH=
    • or use "./" explicitly at the beginning of the path you cd to, as in "cd ./somewhere" or "cd ./somewhere/else".

Code quality evaluation

the use of code quality tool help the developer to fix vulnerabilities early.