AWS CloudFormation Linter

`for` loop used on `find` outputSH-2044 Opening and closing brackets do not matchSH-1033 Missing `fi` statement hereSH-1047 Missing `}`SH-1056 Missing `done` statementSH-1061 Missing `then` statementSH-1050 Semicolon detected after `else`SH-1053 `[ .. ]` is not a part of shell syntaxSH-1014 No `fi` found for the `if` statementSH-1046 Wrong way of declaring parametersSH-1065 Missing `EOF` tokenSH-1044 Unescaped `&` will end the command hereSH-1132 Consider using `elif` instead of `if`SH-1075 File has UTF-8 BOMSH-1082 Unexpected line-startSH-1133 Terminator used after here documentSH-1121 Avoid using literal tilde in PATHSH-2147 Empty `then` clause detectedSH-1048 Missing whitespaceSH-1020 Semicolon detected after `then`SH-1051 Missing space after `{`SH-1054 Found 'eof' further down, but not on a separate lineSH-1041 Non-alphanumeric names may have been skippedSH-2038 Found a comment after here-doc tokenSH-1120 Consider using command substitution instead of `'...'`SH-2041 Avoid use of `ls | grep`SH-2010 Consider using command substitution to assign the output of a pipelineSH-2036 Missing space after `$(`SH-1102 Leading spaces detected befor shebangSH-1114 Missing command substitutionSH-2037 Iterating over a constant valueSH-2043 Consider using glob to iterate over `ls` outputSH-2045 Consider using a `( subshell )` to avoid having to `cd` backSH-2103 Functions must not return multiple valuesSH-2151 Array expansion in string arguments may have unexpected resultsSH-2145 Evaluation order of arguments to `find` might be different than expectedSH-2146 Use `-exec sh -c` to invoke a shell with `find`SH-2150 Syntax errorSH-1070 `(( ))` doesn't support decimalsSH-2079 Missing space after `<`SH-1038 `$` used on the left side of an assignmentSH-1066 Whitespace found after `=`SH-1007 Apostrophe terminates the single quoted stringSH-1011 Missing `then` for the `if` statementSH-1049 Unary test operator not followed by a valid shell wordSH-1019 Missing `do` statementSH-1058 Unescaped `$` used in a literal contextSH-1000 Consider using `find` instead of `ls` to better handle non-alphanumeric filenamesSH-2012 Lexicographical comparison operator used for numerical comparisonSH-2071 Escape `\<` to prevent it redirecting (or switch to `[[ .. ]]`)SH-2073 Mismatched keywordSH-1089 Invalid use of parenthesesSH-1088 C language style commentSH-1127 `-n` doesn't work with unquoted argumentsSH-2070 Unexpected character after terminating `]`SH-1136 Consider using `pgrep` instead of grepping `ps` outputSH-2009 Shell functions passed to an external commandSH-2033 Consider using `&&` instead of `-a` in `[[..]]`SH-2108 use of an invalid operatorSH-2122 Found word outside quotesSH-2026 Unknown unary operatorSH-2058 Keyword is not in lower caseSH-1081 Loop will run only once because there's no word splittingSH-2066 Double quote array expansions to avoid re-splitting elementsSH-2068 Unnecessary use of `$` / `${}` with arithmetic variableSH-2004 Shebang with more than one parameterSH-2096 Missing `$`SH-1116 shebang is not the first lineSH-1128 Quote 'EOF' to make here document expansions happen on the server side rather than on the clientSH-2087 Bash doesn't allow variables in brace range expansionsSH-2051 `[ .. ]` can't match globsSH-2081 Unexpected `==`SH-1097 Variable modified locally due to `pipe`SH-2030 Command substitutions will run *before* the enclosing command instead of within itSH-2014 String not closedSH-1078 `=~` is not allowed in `[ ]`SH-2074 `>` behaves like a redirection operator hereSH-2065 Unknown binary operatorSH-2057 Shell functions passed to `su`SH-2032 Missing newline between the end token and terminating `)`SH-1119 `||` is not supported inside `[ .. ]`SH-2109 `break` used outside of a loopSH-2105 Use `[ a ] && [ b ]` instead of `[ a && b ]`SH-2107 Invalid `-o` in `[[..]]`SH-2110 A system directory is being deletedSH-2114 Aliases can't use positional parametersSH-2142 Consider using a `for` loop instead of `-e`SH-2144 Variables must be defined before useSH-2154 Missing space before `#`SH-1099 Use double quote to prevent globbing and word splittingSH-2086 Unquoted HTML entity foundSH-1109 Unicode double quotes detectedSH-1015 Can't escape `(` or `)` inside `[[..]]`SH-1029 `eof` is not on a separate lineSH-1042 Single quote not escaped properlySH-1003 Braces are required for positionals over 9SH-1037 Unicode single quote usedSH-1016 Invalid or unescaped `(` foundSH-1036 Script uses carriage return ` `SH-1017 Function definition missing bodySH-1064 Unnecessary use of multiple line terminatorsSH-1045 Assigning to a dynamically created variableSH-1067 Missing space before `[`SH-1069 backslash / linefeed is a literal where it is usedSH-1004 Detected a literal where `tab`, `linefeed` or `cariage return` might be expectedSH-1012 Escape `(` and `)` or preferably combine `[..]` expressionsSH-1028 Remove indentation before end tokenSH-1039 Use `( .. )` to group conditionsSH-1026 Unicode non-breaking space foundSH-1018 Use tabs for indentationSH-1040 Detected spaces around `=` operatorSH-1068 Use semicolon or linefeed before `done`SH-1010 Missing whitespaceSH-1035 Whitespace detected between `#` and `!` in the `shebang`SH-1115 Deprecated `$[..]` usedSH-2007 Unicode quote detectedSH-1110 Missing `!` in shebangSH-1113 Executing output of a commandSH-2091 Unused variableSH-2034 Useless `cat`SH-2002 Consider escaping `$` to make it a literalSH-1135 Consider using `$HOME` instead of tilde `~` to expand in quotesSH-2088 Whitespace detected after the here-doc end tokenSH-1118 Consider using braces to expand arraysSH-1087 `tr` used to replace wordsSH-2020 Remove `exec` if script should continue after this commandSH-2093 Consider escaping special characters when using `eval`SH-1098 Consider using `$((..))` for arithmetic operationsSH-2100 Increase precision by replacing `a/b*c` with `a*c/b`SH-2017 Use `[:upper:]` to support accents and foreign alphabetsSH-2019 Missing space or linefeed between the function name and bodySH-1095 Missing space before `!`SH-1129 Consider reformattingSH-1079 `echo` doesn't read from stdinSH-2008 `echo` used to expand escape sequencesSH-2028 Trailing spaces after `\`SH-1101 Named class needs an outer `[]`SH-2101 Verify use of the pipeline operatorSH-2106 Consider using `func()`SH-2113 Brace expansions/globs used in an assignmentSH-2125 Use `=` for non-integer comparisonsSH-2130 Shell search path `PATH` is being overriddenSH-2123 Consider using `grep -q`SH-2143 `=~` used with a globSH-2049 Use spaces to separate array elementsSH-2054 Consider using `while read` to read linesSH-2013 Quote parameter to prevent glob expansionSH-2060 Quote the passed parameter to prevent the shell from interpreting itSH-2061 To redirect both `stdout` and `stderr`, `2>&1` must be last (or use `'{ cmd > file; } 2>&1'` to clarify)SH-2069 Possibly missing `$`SH-2078 Missing space around `=` operatorSH-1108 Unnecessary use of `echo`SH-2005 Remove backticks to avoid executing outputSH-2092 Glob used with `grep`SH-2063 Remove '$' or use '_=$((expr))' to avoid executing outputSH-2084 `sudo` doesn't affect redirectsSH-2024 Use `"$@"` to prevent whitespace problemsSH-2048 `{` `/` `}` is a literal hereSH-1083 Command swallows `stdin`SH-2095 Unicode dash detectedSH-1100 `$` used on the iterator name in for loopsSH-1086 Unsupported decimalsSH-2072 Missing space before `:`SH-1130 `A && B || C` is not equivalent to `if A then B else C`SH-2015 Missing `;` or `+` terminating `-exec`SH-2067 Use `$((..))` for arithmetic operationSH-2099 Consider using `find` for better handling non-alphanumeric filenamesSH-2011 Use of variable in `printf` format stringSH-2059 Unescaped enclosed quotesSH-2027 Numbers with a leading `0` are considered octalSH-2080 Use double quotes to expand expressionsSH-2016 Quote the RHS of the operator to prevent glob matchingSH-2053 Quoting RHS of `=~` will match literally rather than as a regexSH-2076 Use of legacy backtickSH-2006 Consider using `./` or `--` globSH-2035 Enclose escape sequences in `\[..\]` to prevent line wrapping issuesSH-2025 Consider using `${variable//search/replace}`SH-2001 `trap` code will expand during definitionSH-2064 Missing `#` in the shebang lineSH-1104 Use `#!` for shebangSH-1084 Comparison with literalSH-2050 Unescaped argument foundSH-2029 Text added after here-doc terminating tokenSH-1122 Use backtick for command expansionSH-1077 Variable modified in the subshellSH-2031 To expand via indirection, use name="foo$n"; echo "${!name}"SH-2082 Assignment visible only to the forked processSH-2097 Encountered use of `[]` around ranges in `tr`SH-2021 Missing spaces around the comparison operatorSH-2077 Quote `grep` patterns to stop shells from interpreting themSH-2062 Consider quoting command expansion to prevent word splittingSH-2046 Make sure not to read and write the same file in the same pipelineSH-2094 Use `[:lower:]` to support accents and foreign alphabetsSH-2018 Use `elif` to start another branchSH-1131 Referred argument is never passedSH-2120 Do not use `set` to assign a variableSH-2121 Ranges can only match single charactersSH-2102 Consider using `return`SH-2104 Use `"${var:?}"` to ensure this never expands to `/*`SH-2115 Unnecessary use of `echo`SH-2116 Use `su -c` or `sudo` to run command as another userSH-2117 An array is being assigned to a stringSH-2124 Consider escaping the expansionSH-2139 Unquoted literal string detected between two double quoted stringsSH-2140 Potentially misspelled variable name foundSH-2153 Avoid using `$` with numeric or string indicesSH-2149 Function returns something other than a number in the range of 0-255SH-2152 Escaping a non-special characterSH-1001 Outdated `expr` statementSH-2003 Literal quote/backslash detected in the argument stringSH-2089 Consider using single quotesSH-2141 Consider using `${#variable}`SH-2000 Consider grouping multiple command redirectsSH-2129 Consider using `grep -c`SH-2126

SH-2059

Use of variable in `printf` format stringSH-2059

Major

Bug Risk

Problematic code:

printf "Hello, $NAME\n"

Preferred code:

printf "Hello, %s\n" "$NAME"

printf interprets escape sequences and format specifiers in the format string. If variables are included, any escape sequences or format specifiers in the data will be interpreted too, where you might have wanted to treat them as data. Example:

coverage='96%'
printf "Unit test coverage: %s\n" "$coverage"
printf "Unit test coverage: $coverage\n"

The first printf writes the string Unit test coverage: 96%.. The second writes bash: printf: ': invalid format character`

Exceptions:

Sometimes you may actually want to interpret data as a format string, like in:

octToAscii() { printf "\\$1"; }
octToAscii 130

In Bash, Ksh and BusyBox, there's a %b format specifier that expands escape sequences without interpreting other format specifiers: printf '%b' "\\$1". In POSIX, you can instead ignore this warning.

Other times, you might have a pattern in a variable:

filepattern="file-%d.jpg"
printf -v filename "$filepattern" "$number"

In these cases, please ignore this issue using a # skipcq pragma.