From add81d4f976ce98ea632a2a0efdc5d8b7887fa34 Mon Sep 17 00:00:00 2001 From: Trevor Brown Date: Wed, 24 Nov 2021 09:27:26 -0500 Subject: [PATCH 1/5] Ban ls command --- test/banned_commands.bats | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/test/banned_commands.bats b/test/banned_commands.bats index cf82cdc14..709080007 100644 --- a/test/banned_commands.bats +++ b/test/banned_commands.bats @@ -21,6 +21,14 @@ banned_commands=( # source isn't POSIX compliant. . behaves the same and is POSIX compliant # Except in fish, where . is deprecated, and will be removed in the future. source + + # ls often gets used when we want to glob for files that match a pattern + # or when we want to find all files/directories that match a pattern or are + # found in a certain location. Using shell globs is preferred over ls, and + # find is better at locating files that are in a certain location or that + # match certain filename patterns. + # https://github-wiki-see.page/m/koalaman/shellcheck/wiki/SC2012 + ls ) banned_commands_regex=( From 6354750956c62ace252e84710e4f3861d27e3a65 Mon Sep 17 00:00:00 2001 From: Trevor Brown Date: Tue, 28 Dec 2021 10:04:52 -0500 Subject: [PATCH 2/5] Ban ls command --- test/banned_commands.bats | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/test/banned_commands.bats b/test/banned_commands.bats index 709080007..76d8ecfc5 100644 --- a/test/banned_commands.bats +++ b/test/banned_commands.bats @@ -21,14 +21,6 @@ banned_commands=( # source isn't POSIX compliant. . behaves the same and is POSIX compliant # Except in fish, where . is deprecated, and will be removed in the future. source - - # ls often gets used when we want to glob for files that match a pattern - # or when we want to find all files/directories that match a pattern or are - # found in a certain location. Using shell globs is preferred over ls, and - # find is better at locating files that are in a certain location or that - # match certain filename patterns. - # https://github-wiki-see.page/m/koalaman/shellcheck/wiki/SC2012 - ls ) banned_commands_regex=( @@ -41,6 +33,14 @@ banned_commands_regex=( # sort --sort-version isn't supported everywhere "sort.*-V" "sort.*--sort-versions" + + # ls often gets used when we want to glob for files that match a pattern + # or when we want to find all files/directories that match a pattern or are + # found in a certain location. Using shell globs is preferred over ls, and + # find is better at locating files that are in a certain location or that + # match certain filename patterns. + # https://github-wiki-see.page/m/koalaman/shellcheck/wiki/SC2012 + '\bls ' ) setup() { From 6b25ab9d7af6c08331f086d6a5443b315835f585 Mon Sep 17 00:00:00 2001 From: Trevor Brown Date: Tue, 28 Dec 2021 17:09:48 -0500 Subject: [PATCH 3/5] Update banned commands test so it only checks bash and sh files --- test/banned_commands.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/banned_commands.bats b/test/banned_commands.bats index 76d8ecfc5..360354af3 100644 --- a/test/banned_commands.bats +++ b/test/banned_commands.bats @@ -58,7 +58,7 @@ teardown() { # followed by an underscore (indicating it's a variable and not a # command). for cmd in "${banned_commands[@]}"; do - run bash -c "grep -nHR '$cmd' asdf.* lib bin\ + run bash -c "grep -nHR --include \*.bash --include \*.sh '$cmd' asdf.* lib bin\ | grep -v '#.*$cmd'\ | grep -v '\".*$cmd.*\"' \ | grep -v '${cmd}_'\ @@ -75,7 +75,7 @@ teardown() { done for cmd in "${banned_commands_regex[@]}"; do - run bash -c "grep -nHRE '$cmd' asdf.* lib bin\ + run bash -c "grep -nHRE --include \*.bash --include \*.sh '$cmd' asdf.* lib bin\ | grep -v '#.*$cmd'\ | grep -v '\".*$cmd.*\"' \ | grep -v '${cmd}_'\ From a1822d8062a5b66909db76464e0ec95990973162 Mon Sep 17 00:00:00 2001 From: Trevor Brown Date: Tue, 28 Dec 2021 17:10:17 -0500 Subject: [PATCH 4/5] Only allow ls for resolving symlinks --- lib/utils.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/utils.bash b/lib/utils.bash index 5f4af3ae5..91c06c517 100644 --- a/lib/utils.bash +++ b/lib/utils.bash @@ -454,7 +454,7 @@ resolve_symlink() { # This seems to be the only cross-platform way to resolve symlink paths to # the real file path. # shellcheck disable=SC2012 - resolved_path=$(ls -l "$symlink" | sed -e 's|.*-> \(.*\)|\1|') + resolved_path=$(ls -l "$symlink" | sed -e 's|.*-> \(.*\)|\1|') # asdf_allow: ls ' # Check if resolved path is relative or not by looking at the first character. # If it is a slash we can assume it's root and absolute. Otherwise we treat it From 7b0900df58880297100b0b91fba67f130be59ca9 Mon Sep 17 00:00:00 2001 From: Trevor Brown Date: Tue, 28 Dec 2021 17:47:51 -0500 Subject: [PATCH 5/5] Replace ls commands with find --- lib/commands/command-install.bash | 2 +- lib/commands/command-latest.bash | 2 +- lib/commands/command-list.bash | 2 +- lib/commands/command-plugin-list-all.bash | 2 +- lib/commands/command-plugin-list.bash | 2 +- lib/commands/command-reshim.bash | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/commands/command-install.bash b/lib/commands/command-install.bash index 20ed3910a..0bdd007f4 100644 --- a/lib/commands/command-install.bash +++ b/lib/commands/command-install.bash @@ -78,7 +78,7 @@ install_local_tool_versions() { # Locate all the plugins installed in the system local plugins_installed - if ls "$plugins_path" &>/dev/null; then + if find "$plugins_path" -mindepth 1 -type d &>/dev/null; then for plugin_path in "$plugins_path"/*; do local plugin_name plugin_name=$(basename "$plugin_path") diff --git a/lib/commands/command-latest.bash b/lib/commands/command-latest.bash index 04ecd53c1..c98241a73 100644 --- a/lib/commands/command-latest.bash +++ b/lib/commands/command-latest.bash @@ -43,7 +43,7 @@ latest_all() { local plugins_path plugins_path=$(get_plugin_path) - if ls "$plugins_path" &>/dev/null; then + if find "$plugins_path" -mindepth 1 -type d &>/dev/null; then for plugin_path in "$plugins_path"/*; do plugin_name=$(basename "$plugin_path") diff --git a/lib/commands/command-list.bash b/lib/commands/command-list.bash index b0cbd1610..311634685 100644 --- a/lib/commands/command-list.bash +++ b/lib/commands/command-list.bash @@ -8,7 +8,7 @@ list_command() { local plugins_path plugins_path=$(get_plugin_path) - if ls "$plugins_path" &>/dev/null; then + if find "$plugins_path" -mindepth 1 -type d &>/dev/null; then for plugin_path in "$plugins_path"/*; do plugin_name=$(basename "$plugin_path") printf "%s\\n" "$plugin_name" diff --git a/lib/commands/command-plugin-list-all.bash b/lib/commands/command-plugin-list-all.bash index 08385120d..3c7c3f679 100644 --- a/lib/commands/command-plugin-list-all.bash +++ b/lib/commands/command-plugin-list-all.bash @@ -9,7 +9,7 @@ plugin_list_all_command() { local plugins_local_path plugins_local_path="$(get_plugin_path)" - if ls "$plugins_index_path" &>/dev/null; then + if find "$plugins_index_path" -mindepth 1 -type d &>/dev/null; then ( for index_plugin in "$plugins_index_path"/*; do index_plugin_name=$(basename "$index_plugin") diff --git a/lib/commands/command-plugin-list.bash b/lib/commands/command-plugin-list.bash index 5e54e5a21..91a1948de 100644 --- a/lib/commands/command-plugin-list.bash +++ b/lib/commands/command-plugin-list.bash @@ -23,7 +23,7 @@ plugin_list_command() { esac done - if ls "$plugins_path" &>/dev/null; then + if find "$plugins_path" -mindepth 1 -type d &>/dev/null; then ( for plugin_path in "$plugins_path"/*; do plugin_name=$(basename "$plugin_path") diff --git a/lib/commands/command-reshim.bash b/lib/commands/command-reshim.bash index 9461f7cc4..7e80cdb10 100644 --- a/lib/commands/command-reshim.bash +++ b/lib/commands/command-reshim.bash @@ -11,7 +11,7 @@ reshim_command() { local plugins_path plugins_path=$(get_plugin_path) - if ls "$plugins_path" &>/dev/null; then + if find "$plugins_path" -mindepth 1 -type d &>/dev/null; then for plugin_path in "$plugins_path"/*; do plugin_name=$(basename "$plugin_path") reshim_command "$plugin_name"