feat: enable all optional shellcheck validations

Make shell a little bit safer with: - add-default-case - check-extra-masked-returns - check-set-e-suppressed - quote-safe-variables - check-unassigned-uppercase Although there are some stylistic decisions for uniformity: - avoid-nullary-conditions - deprecated-which - require-variable-braces
ben-grande · Jul 10, 2024 · 224312e · 224312e
1 parent 011a71a
commit 224312e
Show file tree

Hide file tree

Showing 55 changed files with 343 additions and 219 deletions.
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
@@ -54,7 +54,7 @@ jobs:
         run: |
           editorconfig-checker
           editorconfig-checker salt/dotfiles
-      - name: Lint commits
+      - name: Lint commit messages
         run: |
           if test "${{ github.event_name}}" = "pull_request"
           then

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -4,7 +4,12 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
 ---
+
+default_install_hook_types:
+  - pre-commit
+
 repos:
+
   - repo: local
     hooks:
 
@@ -99,12 +104,3 @@ repos:
         language: python
         pass_filenames: false
         description: Lint files to comply with the REUSE Specification
-
-      - id: commit-lint
-        name: commit-lint
-        language: python
-        entry: gitlint
-        args: [--staged, --msg-filename]
-        stages: [commit-msg]
-        pass_filenames: true
-        description: Lint Git commits
diff --git a/.shellcheckrc b/.shellcheckrc
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <[email protected]>
+#
+# SPDX-License-Identifier: MIT
+
+enable=all
diff --git a/rpm_spec/qusal-browser.spec b/rpm_spec/qusal-browser.spec
@@ -115,6 +115,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-dom0.spec b/rpm_spec/qusal-dom0.spec
@@ -107,6 +107,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Mon Jul 08 2024 Ben Grande <[email protected]> - 523bca2
 - fix: conform files to editorconfig specification
 

diff --git a/rpm_spec/qusal-dotfiles.spec b/rpm_spec/qusal-dotfiles.spec
@@ -118,6 +118,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Mon Jul 08 2024 Ben Grande <[email protected]> - 28c298d
 - fix: add Python indentation to editorconfig
 

diff --git a/rpm_spec/qusal-fedora-minimal.spec b/rpm_spec/qusal-fedora-minimal.spec
@@ -108,6 +108,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-reader.spec b/rpm_spec/qusal-reader.spec
@@ -110,6 +110,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-sys-bitcoin.spec b/rpm_spec/qusal-sys-bitcoin.spec
@@ -137,6 +137,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-sys-cacher.spec b/rpm_spec/qusal-sys-cacher.spec
@@ -130,6 +130,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Mon Jul 08 2024 Ben Grande <[email protected]> - f60077f
 - doc: spell check
 
@@ -276,6 +279,3 @@ fi
 
 * Wed Jan 10 2024 Ben Grande <[email protected]> - 2b6daac
 - fix: shellcheck
-
-* Wed Dec 20 2023 Ben Grande <[email protected]> - 38d98ec
-- fix: nft shebang and table names
diff --git a/rpm_spec/qusal-sys-electrs.spec b/rpm_spec/qusal-sys-electrs.spec
@@ -123,6 +123,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-sys-git.spec b/rpm_spec/qusal-sys-git.spec
@@ -111,6 +111,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-sys-net.spec b/rpm_spec/qusal-sys-net.spec
@@ -114,6 +114,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-sys-ssh-agent.spec b/rpm_spec/qusal-sys-ssh-agent.spec
@@ -120,6 +120,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Mon Jul 08 2024 Ben Grande <[email protected]> - f60077f
 - doc: spell check
 

diff --git a/rpm_spec/qusal-sys-syncthing.spec b/rpm_spec/qusal-sys-syncthing.spec
@@ -120,6 +120,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Thu Jul 04 2024 Ben Grande <[email protected]> - 383c840
 - doc: lint markdown files
 

diff --git a/rpm_spec/qusal-sys-wireguard.spec b/rpm_spec/qusal-sys-wireguard.spec
@@ -108,6 +108,9 @@ fi
 %dnl TODO: missing '%ghost', files generated during %post, such as Qrexec policies.
 
 %changelog
+* Tue Jul 09 2024 Ben Grande <[email protected]> - 011a71a
+- style: limit line length per file extension
+
 * Fri Jul 05 2024 Ben Grande <[email protected]> - 80482bf
 - fix: use systemd-resolved DNS on boot
 

diff --git a/salt/dom0/files/autostart-scripts/kde-activity-changed-notifier b/salt/dom0/files/autostart-scripts/kde-activity-changed-notifier
@@ -21,19 +21,19 @@ case "${XDG_SESSION_DESKTOP:-}" in
 esac
 
 service="org.kde.ActivityManager"
-interface="$service.Activities"
+interface="${service}.Activities"
 path="/ActivityManager/Activities"
 signal="CurrentActivityChanged"
 
 dbus-monitor --profile \
-  "type=signal,path=$path,interface=$interface,member=$signal" | \
+  "type=signal,path=${path},interface=${interface},member=${signal}" | \
 while read -r _ _ _ _ _ path interface member; do
-  test "$member" = "$signal" || continue
-  id="$(qdbus "$service" "$path" "$interface.CurrentActivity")"
-  name="$(qdbus "$service" "$path" "$interface.ActivityName" "$id")"
+  test "${member}" = "${signal}" || continue
+  id="$(qdbus "${service}" "${path}" "${interface}.CurrentActivity")"
+  name="$(qdbus "${service}" "${path}" "${interface}.ActivityName" "${id}")"
   if command -v kdialog >/dev/null; then
-    kdialog --title "Activity: $name" --passivepopup "Switched Activities" 3
+    kdialog --title "Activity: ${name}" --passivepopup "Switched Activities" 3
   elif command -v notify-send >/dev/null; then
-    notify-send -u normal -t 3000 "Activity: $name" "Switched activities"
+    notify-send -u normal -t 3000 "Activity: ${name}" "Switched activities"
   fi
 done
diff --git a/salt/dom0/files/bin/qubes-kde-win-rules b/salt/dom0/files/bin/qubes-kde-win-rules
@@ -8,7 +8,7 @@
 # shellcheck disable=SC1090,SC2317
 set -eu
 
-file="${XDG_CONFIG_HOME:=$HOME/.config}/kwinrulesrc"
+file="${XDG_CONFIG_HOME:=${HOME}/.config}/kwinrulesrc"
 
 usage(){
   echo "Usage: ${0##*/} <group> <activity>
@@ -25,10 +25,10 @@ writeconf(){
   key="$2"
   value="$3"
 
-  group_id="$(grep -B1 -- "^Description=$group$" "$file" | head -1 |
+  group_id="$(grep -B1 -- "^Description=${group}$" "${file}" | head -1 |
     tr -d "[" | tr -d "]")"
   if test -z "${group_id}"; then
-    highest_id="$(grep -- "\[[0-9]\+\]" "$file" | tr -d "[" | tr -d "]" |
+    highest_id="$(grep -- "\[[0-9]\+\]" "${file}" | tr -d "[" | tr -d "]" |
       sort | tail -1)"
     if test -n "${highest_id}"; then
       group_id="$((highest_id+1))"
@@ -37,38 +37,41 @@ writeconf(){
     fi
   fi
 
-  kwriteconfig --file "$file" --group "$group_id" --key "$key" "$value"
+  kwriteconfig --file "${file}" --group "${group_id}" --key "${key}" \
+    "${value}"
 }
 
 writeconf_group(){
   chosen_group="$1"
   chosen_activity="$2"
-  writeconf "$chosen_group" Description "$chosen_group"
-  if test -n "$chosen_activity"; then
+  writeconf "${chosen_group}" Description "${chosen_group}"
+  if test -n "${chosen_activity}"; then
     chosen_activity_id="$(kactivities-cli --list-activities |
-      awk -v activity="$chosen_activity" '$3 ~ activity {print $2}')"
-    if test -z "$chosen_activity_id"; then
-      printf '%s\n' "Invalid activity name: $chosen_activity"
+      awk -v activity="${chosen_activity}" '$3 ~ activity {print $2}')"
+    if test -z "${chosen_activity_id}"; then
+      printf '%s\n' "Invalid activity name: ${chosen_activity}"
       exit 1
     fi
-    writeconf "$chosen_group" activity "$chosen_activity_id"
-    writeconf "$chosen_group" activityrule 2
+    writeconf "${chosen_group}" activity "${chosen_activity_id}"
+    writeconf "${chosen_group}" activityrule 2
   fi
 
   ## Regex: https://doc.qt.io/qt-6/qregularexpression.html
-  writeconf "$chosen_group" title \
-    "^\\[(disp-|dvm-)?$chosen_group(-\\S+)?\\] .*"
-  writeconf "$chosen_group" titlematch 3
-  writeconf "$chosen_group" wmclass "$chosen_group"
-  writeconf "$chosen_group" wmclasscomplete false
-  writeconf "$chosen_group" wmclassmatch 2
+  writeconf "${chosen_group}" title \
+    "^\\[(disp-|dvm-)?${chosen_group}(-\\S+)?\\] .*"
+  writeconf "${chosen_group}" titlematch 3
+  writeconf "${chosen_group}" wmclass "${chosen_group}"
+  writeconf "${chosen_group}" wmclasscomplete false
+  writeconf "${chosen_group}" wmclassmatch 2
 }
 
 case "${1-}" in
-  ""|-h|--?help) usage
+  ""|-h|--?help) usage;;
+  *) ;;
 esac
 case "${2-}" in
-  "") usage
+  "") usage;;
+  *) ;;
 esac
 
 writeconf_group "${1}" "${2}"

diff --git a/salt/dom0/files/bin/qvm-mgmt b/salt/dom0/files/bin/qvm-mgmt
@@ -59,6 +59,7 @@ case "${class}" in
   StandaloneVM|TemplateVM)
     get_qube_feat "${wanted_qube}"
     ;;
+  *) echo "Unsupported qube class" >&2; exit 1;;
 esac
 wanted_mgmt="$(qvm-prefs "${wanted_qube}" management_dispvm)"
 echo "${wanted_qube} management_dispvm: ${wanted_mgmt}"

diff --git a/salt/dom0/files/bin/qvm-pci-regain b/salt/dom0/files/bin/qvm-pci-regain
@@ -34,7 +34,8 @@ case "${2-}" in
   *) device="${2}"
 esac
 
-test "$(id -u)" = "0" || exec sudo "${0}"
+uid="$(id -u)"
+test "${uid}" = "0" || exec sudo "${0}"
 
 echo "${device}" | tee /sys/bus/pci/drivers/pciback/unbind
 modalias="$(cat "/sys/bus/pci/devices/${device}/modalias")"

diff --git a/salt/dom0/files/bin/qvm-port-forward b/salt/dom0/files/bin/qvm-port-forward
@@ -32,6 +32,7 @@ validate_handle(){
       echo "error: ${qube}: invalid handle" >&2
       exit 1
       ;;
+    *) ;;
   esac
 }
 
@@ -43,6 +44,7 @@ validate_ipv4(){
       echo "error: ${qube}: invalid IPv4 address" >&2
       exit 1
       ;;
+    *) ;;
   esac
 }
 
@@ -54,6 +56,7 @@ validate_ipv6(){
       echo "error: ${qube}: invalid IPv6 address" >&2
       exit 1
       ;;
+    *) ;;
   esac
 }
 
@@ -65,6 +68,7 @@ validate_dev(){
       echo "error: ${qube}: invalid device name" >&2
       exit 1
       ;;
+    *) ;;
   esac
 }
 
@@ -150,7 +154,8 @@ add rule ip qubes ${forward_chain} ${forward_rule}'"
     run_qube "${from_qube}" "${full_rule}"
 
     if test "${persistent}" = "1"; then
-      if test "$(qvm-prefs --get -- "${from_qube}" klass)" = "DispVM"; then
+      class="$(qvm-prefs --get -- "${from_qube}" klass)"
+      if test "${class}" = "DispVM"; then
         from_qube="$(qvm-prefs --get -- "${from_qube}" template)"
       fi
 
@@ -258,6 +263,7 @@ get_lan(){
 
 test_qvm_run(){
   qube="${1}"
+  # shellcheck disable=SC2310
   if ! run_qube "${qube}" echo "Test QUBESRPC" >/dev/null 2>&1; then
     echo "error: ${qube}: RPC qubes.VMShell failed, use a different qube" >&2
     exit 1
@@ -272,12 +278,14 @@ recurse_netvms() {
     case "${cmd}" in
       show-upstream) test_qvm_run "${rec_qube}";;
       apply-rules) forward "${rec_netvm}" "${rec_qube}";;
+      *) echo "Unsupported command passed to recurse_netvms()" >&2; exit 1;;
     esac
     recurse_netvms "${cmd}" "${rec_netvm}"
   fi
   case "${cmd}" in
     show-upstream) get_lan "${rec_qube}";;
     apply-rules) ;;
+    *) echo "Unsupported command passed to recurse_netvms()" >&2; exit 1;;
   esac
 }
 
@@ -358,6 +366,7 @@ while test "${#}" -gt "0"; do
     -n|--proto) proto="${2}"; shift;;
     -s|--persistent) persistent=1; shift;;
     -h|--help) usage;;
+    *) echo "Unsupported option" >&2; exit 1;;
   esac
   shift
 done