bahmanm to General Programming [email protected]English • 9 months ago

How to audit a shell-completion script?

4

14

How to audit a shell-completion script?

bahmanm to General Programming [email protected]English • 9 months ago

4

I just stumbled upon a collection of bash completions which can be quite handy: https://github.com/perlpunk/shell-completions

I tried mojo, cpan and pip completions in a sandbox and they worked like a charm!

The only question I’ve got is, has anyone ever done a security audit of the repository? Anyone has taken the time to look at the code? I could try auditing but I’m not even sure what to look for.

I feel quite wary of letting an unknown source access to my bash session and what I type.

Chat

@m_randall
link
1•9 months ago
Auditing is nothing more than reading the code. Give it a read and make sure you understand everything it’s doing.

This is a great lesson on trust as well. I can tell you I did an audit and it all looks good but does that really have any value?
- bahmanmOP
  link
  fedilink
  English
  1•9 months ago
  Agree w/ you re trust.

General Programming [email protected]

[email protected]

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A general programming discussion community.

Rules:

Be civil.
Please start discussions that spark conversation

Other communities

Systems

Functional Programming

Also related

[email protected]

44 users / day
68 users / week
145 users / month
764 users / 6 months
7.54K subscribers
305 Posts
581 Comments
Modlog