{"id":15042462,"url":"https://github.com/mattdodge/shellshock","last_synced_at":"2026-02-08T01:33:01.198Z","repository":{"id":57466730,"uuid":"164791024","full_name":"mattdodge/shellshock","owner":"mattdodge","description":"Write and test your shell scripts using Python","archived":false,"fork":false,"pushed_at":"2019-05-14T18:50:56.000Z","size":306,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-21T09:32:32.066Z","etag":null,"topics":["bash","bash-script","python","shell","shell-scripts"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mattdodge.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-01-09T04:59:28.000Z","updated_at":"2020-09-16T16:30:19.000Z","dependencies_parsed_at":"2022-09-10T02:00:36.272Z","dependency_job_id":null,"html_url":"https://github.com/mattdodge/shellshock","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/mattdodge/shellshock","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdodge%2Fshellshock","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdodge%2Fshellshock/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdodge%2Fshellshock/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdodge%2Fshellshock/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mattdodge","download_url":"https://codeload.github.com/mattdodge/shellshock/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mattdodge%2Fshellshock/sbom","scorecard":{"id":626060,"data":{"date":"2025-08-11","repo":{"name":"github.com/mattdodge/shellshock","commit":"e1cc107456245fff7b17703a4fb71f90f9446a26"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.6,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-21T06:28:54.662Z","repository_id":57466730,"created_at":"2025-08-21T06:28:54.662Z","updated_at":"2025-08-21T06:28:54.662Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29216085,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-08T00:10:47.190Z","status":"ssl_error","status_checked_at":"2026-02-08T00:10:43.589Z","response_time":63,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","bash-script","python","shell","shell-scripts"],"created_at":"2024-09-24T20:47:20.918Z","updated_at":"2026-02-08T01:33:01.161Z","avatar_url":"https://github.com/mattdodge.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"logo.png\" /\u003e\n\u003cem\u003e\u003cstrong\u003eWrite and test your shell scripts using Python\u003c/strong\u003e\u003c/em\u003e\n\u003c/p\u003e\n\u003chr/\u003e\nShell scripts are great - they run on most *nix machines, they allow you interact with the file system easily, and they are light weight and don't require a massive runtime. However, the syntax is error prone and they are difficult to manage and test. Shellshock lets you write and test your shell scripts using the Python syntax and test cases you already know and love.\n\n## Installation\n\nWriting with Shellshock requires Python. The shell scripts it outputs do not require Python to run though.\n```bash\npip install shellshock\n```\n\n## Usage\nTo convert a Python shellshock script to a regular shell script:\n```bash\nshellshock my_script.py -o my_script.sh\n```\n\nThat command would, for example, turn this Python script:\n**my_script.py**\n```python\nmyvar = 5\nif myvar \u003e 3:\n    print(\"Big number\")\nelse:\n    print(\"Small number\")\n```\ninto this shell script:\n**my_script.sh**\n```bash\n#!/bin/sh\nmyvar=5\nif [ \"$myvar\" -gt 3 ]; then\n  echo -e 'Big number'\nelse\n  echo -e 'Small number'\nfi\n```\n\n## Starting with an existing shell script\nLet's say you have an existing shell script you want to convert that looks like this:\n\n**oldscript.sh**\n```bash\nif [ -f \"file\" ]; then\n  echo \"ok\"\nfi\n```\n\nYou can easily make this a shellshock script using the `ss.shell` method and a multiline string at the top of the file:\n\n**oldscript.py**\n```python\nimport shellshock as ss\nss.shell(\"\"\"\nif [ -f \"file\" ]; then\n  echo \"ok\"\nfi\n\"\"\")\n```\n\nThen you could convert it to full Python shellscript syntax like so:\n\n**newscript.py**\n```python\nimport shellshock as ss\nif ss.isfile(\"file\"):\n    print(\"ok\")\n```\n\n## Full Documentation\n\nTo see more examples, CLI and library references, and extended documentation see the full docs at https://shellshock.readthedocs.io\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmattdodge%2Fshellshock","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmattdodge%2Fshellshock","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmattdodge%2Fshellshock/lists"}