https://github.com/binpash/sh-expand

A library for statically expanding shell ASTs
https://github.com/binpash/sh-expand

Last synced: 9 months ago
JSON representation

A library for statically expanding shell ASTs

• Host: GitHub
• URL: https://github.com/binpash/sh-expand
• Owner: binpash
• License: mit
• Created: 2023-05-30T21:21:32.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2025-02-10T00:07:05.000Z (over 1 year ago)
• Last Synced: 2025-03-21T12:56:15.149Z (about 1 year ago)
• Language: Python
• Size: 121 KB
• Stars: 7
• Watchers: 4
• Forks: 2
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# sh-expand

A python library for expanding shell ASTs that can be used to construct sound analyses for shell scripts (after having expanded the AST).

## Design

There are two implementations of shell expansion:

1. `expand.py` does an in-python expansion of simple & safe AST nodes. It doesn't support bashisms.

2. `bash_expand.py` expands by conservatively echoing safe commands to a bash process containing the current shell state.

Both, when called via `expand_command`, recurse down into the words of a shasta AST node to

expand, leave the word as is, or raise an ExpansionError. Examples:

- Process substitutions are unsafe.

- Simple variable substitutions are safe.

- Assignments are considered unsafe, since in Pash they indicate an unparallelizable region.

`expand.py` interprets the ArgChars libdash parses (ex: for variable and process substitutions)

to check and expand words.

Libbash does not parse ArgChars, so `bash_expand.py` instead conservatively checks

for the presence of potentially expandable or unsafe literal characters (see `should_expand_var`)

before expanding.

Not having proper ArgChar parsing causes false positive unsafe errors,

so `expand.py` should eventually be extended to support bash-only AST nodes,

and libbash and shasta extended to parse ArgChars.