https://github.com/kaplanelad/shellfirm
Intercept any risky patterns (default or defined by you) and prompt you a small challenge for double verification
https://github.com/kaplanelad/shellfirm
captcha devops devops-tools prompt rust shell terminal zsh
Last synced: 8 months ago
JSON representation
Intercept any risky patterns (default or defined by you) and prompt you a small challenge for double verification
- Host: GitHub
- URL: https://github.com/kaplanelad/shellfirm
- Owner: kaplanelad
- License: apache-2.0
- Created: 2021-12-24T19:00:12.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2023-12-11T06:48:01.000Z (about 2 years ago)
- Last Synced: 2024-04-25T10:44:18.492Z (over 1 year ago)
- Topics: captcha, devops, devops-tools, prompt, rust, shell, terminal, zsh
- Language: Rust
- Homepage:
- Size: 948 KB
- Stars: 724
- Watchers: 6
- Forks: 22
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-security - shellfirm - It is a handy utility to help avoid running dangerous commands with an extra approval step. You will immediately get a small prompt challenge that will double verify your action when risky patterns are detected. (Terminal / Development)
- awesome-zsh-plugins - shellfirm - Shellfirm is a handy utility to help avoid running dangerous commands without an extra step of approval. When risky patterns is detected you will immediately get a small prompt challenge that will verify your action. (Plugins / ZSH on Windows)
- fucking-awesome-zsh-plugins - shellfirm - Shellfirm is a handy utility to help avoid running dangerous commands without an extra step of approval. When risky patterns is detected you will immediately get a small prompt challenge that will verify your action. (Plugins / ZSH on Windows)
README
# shellfirm
Opppppsss you did it again? :scream: :scream: :cold_sweat:
How do I save myself from myself?
* `rm -rf *`
* `git reset --hard` Before hitting the enter key?
* `kubectl delete ns` Stop! you are going to delete a lot of resources
* And many more!
Do you want to learn from other people's mistakes?
`shellfirm` will intercept any risky patterns and immediately prompt a small challenge that will double verify your action, think of it as a captcha for your terminal.
```bash
rm -rf /
#######################
# RISKY COMMAND FOUND #
#######################
* You are going to delete everything in the path.
Solve the challenge: 8 + 0 = ? (^C to cancel)
```
## How does it work?
`shellfirm` will evaluate all the shell commands behind the scenes.
If a risky pattern is detected, you will immediately get a prompt with the relevant warning to verify your command.
## Example
## Setup your shell
### Install via brew
```bash
brew tap kaplanelad/tap && brew install shellfirm
```
Or download the binary file from [releases page](https://github.com/kaplanelad/shellfirm/releases), unzip the file and move to `/usr/local/bin` folder.
Validate shellfirm installation
```
shellfirm --version
```
## Verify installation
```
mkdir /tmp/shellfirm
cd /tmp/shellfirm
git reset --hard
```
## Select your shell
Oh My Zsh
Download zsh plugin:
```sh
curl https://raw.githubusercontent.com/kaplanelad/shellfirm/main/shell-plugins/shellfirm.plugin.oh-my-zsh.zsh --create-dirs -o ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/shellfirm/shellfirm.plugin.zsh
```
Add `shellfirm` to the list of Oh My Zsh plugins when Zsh is loaded(inside ~/.zshrc):
```bash
plugins=(... shellfirm)
```
Bash
Bash implementation is based on https://github.com/rcaloras/bash-preexec project, which adds a pre-exec hook to catch the command before executing.
```sh
# Download bash-preexec hook functions.