From 12d79ff1b6287b148e84d3b2c14dfbbfc6e11361 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Mon, 18 Oct 2021 16:44:27 +0100 Subject: [PATCH 01/16] Fix Shellcheck SC2164: exit in case cd fails. Use `cd ... || exit` in case cd fails. https://github.com/koalaman/shellcheck/wiki/SC2164 Signed-off-by: Dan Callahan --- demo/start.sh | 8 ++++---- scripts-dev/check_line_terminators.sh | 2 +- scripts-dev/config-lint.sh | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/demo/start.sh b/demo/start.sh index bc4854091..fc5d08a63 100755 --- a/demo/start.sh +++ b/demo/start.sh @@ -4,7 +4,7 @@ DIR="$( cd "$( dirname "$0" )" && pwd )" CWD=$(pwd) -cd "$DIR/.." +cd "$DIR/.." || exit mkdir -p demo/etc @@ -18,7 +18,7 @@ for port in 8080 8081 8082; do https_port=$((port + 400)) mkdir -p demo/$port - pushd demo/$port + pushd demo/$port || exit #rm $DIR/etc/$port.config python3 -m synapse.app.homeserver \ @@ -152,7 +152,7 @@ for port in 8080 8081 8082; do --config-path "$DIR/etc/$port.config" \ -D \ - popd + popd || exit done -cd "$CWD" +cd "$CWD" || exit diff --git a/scripts-dev/check_line_terminators.sh b/scripts-dev/check_line_terminators.sh index c98395623..762f848ca 100755 --- a/scripts-dev/check_line_terminators.sh +++ b/scripts-dev/check_line_terminators.sh @@ -25,7 +25,7 @@ # terminators are found, 0 otherwise. # cd to the root of the repository -cd `dirname $0`/.. +cd `dirname $0`/.. || exit # Find and print files with non-unix line terminators if find . -path './.git/*' -prune -o -type f -print0 | xargs -0 grep -I -l $'\r$'; then diff --git a/scripts-dev/config-lint.sh b/scripts-dev/config-lint.sh index 8c6323e59..6b160c8ad 100755 --- a/scripts-dev/config-lint.sh +++ b/scripts-dev/config-lint.sh @@ -3,7 +3,7 @@ # Exits with 0 if there are no problems, or another code otherwise. # cd to the root of the repository -cd `dirname $0`/.. +cd `dirname $0`/.. || exit # Restore backup of sample config upon script exit trap "mv docs/sample_config.yaml.bak docs/sample_config.yaml" EXIT From 64adbb7b5425bb618077e1ab85faede1301de024 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Mon, 18 Oct 2021 16:55:18 +0100 Subject: [PATCH 02/16] Fix Shellcheck SC2046: Quote to prevent word split Quote this to prevent word splitting https://www.shellcheck.net/wiki/SC2046 Signed-off-by: Dan Callahan --- .ci/scripts/test_export_data_command.sh | 2 +- .ci/scripts/test_synapse_port_db.sh | 2 +- debian/test/provision.sh | 2 +- demo/start.sh | 2 +- scripts-dev/check_line_terminators.sh | 2 +- scripts-dev/config-lint.sh | 2 +- scripts-dev/docker_update_debian_changelog.sh | 2 +- scripts-dev/generate_sample_config | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.ci/scripts/test_export_data_command.sh b/.ci/scripts/test_export_data_command.sh index 75f5811d1..2180072c0 100755 --- a/.ci/scripts/test_export_data_command.sh +++ b/.ci/scripts/test_export_data_command.sh @@ -3,7 +3,7 @@ # Test for the export-data admin command against sqlite and postgres set -xe -cd `dirname $0`/../.. +cd "`dirname $0`/../.." echo "--- Install dependencies" diff --git a/.ci/scripts/test_synapse_port_db.sh b/.ci/scripts/test_synapse_port_db.sh index 50115b307..7bcbe6365 100755 --- a/.ci/scripts/test_synapse_port_db.sh +++ b/.ci/scripts/test_synapse_port_db.sh @@ -7,7 +7,7 @@ set -xe -cd `dirname $0`/../.. +cd "`dirname $0`/../.." echo "--- Install dependencies" diff --git a/debian/test/provision.sh b/debian/test/provision.sh index a5c7f5971..9dc8ab671 100644 --- a/debian/test/provision.sh +++ b/debian/test/provision.sh @@ -10,7 +10,7 @@ set -e apt-get update apt-get install -y lsb-release -deb=`ls /debs/matrix-synapse-py3_*+$(lsb_release -cs)*.deb | sort | tail -n1` +deb=`ls "/debs/matrix-synapse-py3_*+$(lsb_release -cs)*.deb" | sort | tail -n1` debconf-set-selections < Date: Mon, 18 Oct 2021 17:00:05 +0100 Subject: [PATCH 03/16] Fix Shellcheck SC2115: Ensure never expands to /* Use "${var:?}" to ensure this never expands to /* . https://github.com/koalaman/shellcheck/wiki/SC2115 Signed-off-by: Dan Callahan --- demo/clean.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/demo/clean.sh b/demo/clean.sh index 6b809f6e8..99482e87d 100755 --- a/demo/clean.sh +++ b/demo/clean.sh @@ -12,8 +12,8 @@ if [ -f $PID_FILE ]; then fi for port in 8080 8081 8082; do - rm -rf $DIR/$port + rm -rf ${DIR:?}/$port rm -rf $DIR/media_store.$port done -rm -rf $DIR/etc +rm -rf ${DIR:?}/etc From 898e3be4c9582551093e0918bba2398cd08fb0e0 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Mon, 18 Oct 2021 21:49:09 +0100 Subject: [PATCH 04/16] Fix Shellcheck SC2064: Use single quotes on traps Use single quotes, otherwise this expands now rather than when signalled. https://github.com/koalaman/shellcheck/wiki/SC2064 Signed-off-by: Dan Callahan --- debian/build_virtualenv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/build_virtualenv b/debian/build_virtualenv index 801ecb908..e006b4884 100755 --- a/debian/build_virtualenv +++ b/debian/build_virtualenv @@ -57,7 +57,7 @@ case "$DEB_BUILD_OPTIONS" in # Copy tests to a temporary directory so that we can put them on the # PYTHONPATH without putting the uninstalled synapse on the pythonpath. tmpdir=`mktemp -d` - trap "rm -r $tmpdir" EXIT + trap 'rm -r $tmpdir' EXIT cp -r tests "$tmpdir" From 6c736fa47202bcffb4f056d6e5b2f12424e9f758 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 21 Oct 2021 22:58:48 +0100 Subject: [PATCH 05/16] Fix Shellcheck SC2154: variable possibly undefined var is referenced but not assigned. https://github.com/koalaman/shellcheck/wiki/SC2154 Signed-off-by: Dan Callahan --- docker/build_debian.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/build_debian.sh b/docker/build_debian.sh index 801ff4547..1d0be42cf 100644 --- a/docker/build_debian.sh +++ b/docker/build_debian.sh @@ -5,7 +5,7 @@ set -ex # Get the codename from distro env -DIST=`cut -d ':' -f2 <<< $distro` +DIST=`cut -d ':' -f2 <<< ${distro:?}` # we get a read-only copy of the source: make a writeable copy cp -aT /synapse/source /synapse/build From 6a9d84a6761bd1afb8223512cec0c9809c4db9b5 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 21 Oct 2021 23:06:41 +0100 Subject: [PATCH 06/16] Fix Shellcheck SC2166: test -a is not well defined Prefer [ p ] && [ q ] as [ p -a q ] is not well defined. https://github.com/koalaman/shellcheck/wiki/SC2166 Signed-off-by: Dan Callahan --- scripts-dev/check-newsfragment | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts-dev/check-newsfragment b/scripts-dev/check-newsfragment index 393a548d5..56600de0a 100755 --- a/scripts-dev/check-newsfragment +++ b/scripts-dev/check-newsfragment @@ -45,7 +45,7 @@ matched=0 for f in `git diff --name-only FETCH_HEAD... -- changelog.d`; do # check that any modified newsfiles on this branch end with a full stop. lastchar=`tr -d '\n' < $f | tail -c 1` - if [ $lastchar != '.' -a $lastchar != '!' ]; then + if [ $lastchar != '.' ] && [ $lastchar != '!' ]; then echo -e "\e[31mERROR: newsfragment $f does not end with a '.' or '!'\e[39m" >&2 echo -e "$CONTRIBUTING_GUIDE_TEXT" >&2 exit 1 From dfa61431330075f21589a4799fa2d52a42eb6ccc Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 21 Oct 2021 23:10:14 +0100 Subject: [PATCH 07/16] Fix Shellcheck SC2155: Declare + export separately Declare and assign separately to avoid masking return values. https://github.com/koalaman/shellcheck/wiki/SC2155 Signed-off-by: Dan Callahan --- demo/start.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/demo/start.sh b/demo/start.sh index e42609499..28ea1b1cb 100755 --- a/demo/start.sh +++ b/demo/start.sh @@ -8,7 +8,8 @@ cd "$DIR/.." || exit mkdir -p demo/etc -export PYTHONPATH=$(readlink -f "$(pwd)") +PYTHONPATH=$(readlink -f "$(pwd)") +export PYTHONPATH echo $PYTHONPATH From 99e698d6ed4ac307fa0be1e5dcce4bba0b2d7069 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 21 Oct 2021 23:38:29 +0100 Subject: [PATCH 08/16] Fix Shellcheck SC2089 and SC2090: Quotes in vars SC2089: Quotes/backslashes will be treated literally. Use an array. https://github.com/koalaman/shellcheck/wiki/SC2089 SC2090: Quotes/backslashes in this variable will not be respected. https://github.com/koalaman/shellcheck/wiki/SC2090 Putting literal JSON in a variable mistakenly triggers these warnings. Instead of adding ignore directives, this can be avoided by inlining the JSON data into the curl invocation. Since the variable is only used in this one location, inlining is fine. Signed-off-by: Dan Callahan --- contrib/purge_api/purge_history.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/contrib/purge_api/purge_history.sh b/contrib/purge_api/purge_history.sh index 9d5324ea1..de58dcdbb 100644 --- a/contrib/purge_api/purge_history.sh +++ b/contrib/purge_api/purge_history.sh @@ -84,7 +84,9 @@ AUTH="Authorization: Bearer $TOKEN" ################################################################################################### # finally start pruning the room: ################################################################################################### -POSTDATA='{"delete_local_events":"true"}' # this will really delete local events, so the messages in the room really disappear unless they are restored by remote federation +# this will really delete local events, so the messages in the room really +# disappear unless they are restored by remote federation. This is because +# we pass {"delete_local_events":true} to the curl invocation below. for ROOM in "${ROOMS_ARRAY[@]}"; do echo "########################################### $(date) ################# " @@ -104,7 +106,7 @@ for ROOM in "${ROOMS_ARRAY[@]}"; do SLEEP=2 set -x # call purge - OUT=$(curl --header "$AUTH" -s -d $POSTDATA POST "$API_URL/admin/purge_history/$ROOM/$EVENT_ID") + OUT=$(curl --header "$AUTH" -s -d '{"delete_local_events":true}' POST "$API_URL/admin/purge_history/$ROOM/$EVENT_ID") PURGE_ID=$(echo "$OUT" |grep purge_id|cut -d'"' -f4 ) if [ "$PURGE_ID" == "" ]; then # probably the history purge is already in progress for $ROOM From 7cf83c0acaaecd53c7cedda73fbff4704b256eac Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 21 Oct 2021 23:47:20 +0100 Subject: [PATCH 09/16] Fix Shellcheck SC1001: Meaningless char escapes This \o will be a regular 'o' in this context. https://github.com/koalaman/shellcheck/wiki/SC1001 Signed-off-by: Dan Callahan --- demo/start.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/demo/start.sh b/demo/start.sh index 28ea1b1cb..245e9d777 100755 --- a/demo/start.sh +++ b/demo/start.sh @@ -70,7 +70,7 @@ for port in 8080 8081 8082; do echo "tls_private_key_path: \"$DIR/etc/localhost:$https_port.tls.key\"" >> $DIR/etc/$port.config # Generate tls keys - openssl req -x509 -newkey rsa:4096 -keyout $DIR/etc/localhost\:$https_port.tls.key -out $DIR/etc/localhost\:$https_port.tls.crt -days 365 -nodes -subj "/O=matrix" + openssl req -x509 -newkey rsa:4096 -keyout $DIR/etc/localhost:$https_port.tls.key -out $DIR/etc/localhost:$https_port.tls.crt -days 365 -nodes -subj "/O=matrix" # Ignore keys from the trusted keys server echo '# Ignore keys from the trusted keys server' >> $DIR/etc/$port.config From bab2bc844c4e81461c51a1066b2b0322326938d1 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 21 Oct 2021 23:50:21 +0100 Subject: [PATCH 10/16] Fix Shellcheck SC1091: Can't follow file Not following: (error message here) https://github.com/koalaman/shellcheck/wiki/SC1091 Signed-off-by: Dan Callahan --- debian/matrix-synapse-py3.config | 1 + debian/matrix-synapse-py3.postinst | 1 + 2 files changed, 2 insertions(+) diff --git a/debian/matrix-synapse-py3.config b/debian/matrix-synapse-py3.config index 37a781b3e..3b2f469e1 100755 --- a/debian/matrix-synapse-py3.config +++ b/debian/matrix-synapse-py3.config @@ -2,6 +2,7 @@ set -e +# shellcheck disable=SC1091 . /usr/share/debconf/confmodule # try to update the debconf db according to whatever is in the config files diff --git a/debian/matrix-synapse-py3.postinst b/debian/matrix-synapse-py3.postinst index c0dd7e553..a8dde1e08 100644 --- a/debian/matrix-synapse-py3.postinst +++ b/debian/matrix-synapse-py3.postinst @@ -1,5 +1,6 @@ #!/bin/sh -e +# shellcheck disable=SC1091 . /usr/share/debconf/confmodule CONFIGFILE_SERVERNAME="/etc/matrix-synapse/conf.d/server_name.yaml" From 9d0f9d51d5da7ebcd3178fefc1e68c3c5494d673 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Fri, 22 Oct 2021 21:44:25 +0100 Subject: [PATCH 11/16] Fix Shellcheck SC2016: Single quotes don't expand Expressions don't expand in single quotes, use double quotes for that. https://github.com/koalaman/shellcheck/wiki/SC2016 This specifically warned about the '$aregis...' part of the sed script. Which is a relatively obscure use of sed. Splitting this into two commands makes its intent more obvious and avoids contravening Shellcheck's lints. Signed-off-by: Dan Callahan --- debian/test/provision.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/debian/test/provision.sh b/debian/test/provision.sh index 9dc8ab671..931f300e9 100644 --- a/debian/test/provision.sh +++ b/debian/test/provision.sh @@ -19,5 +19,6 @@ EOF dpkg -i "$deb" -sed -i -e '/port: 8...$/{s/8448/18448/; s/8008/18008/}' -e '$aregistration_shared_secret: secret' /etc/matrix-synapse/homeserver.yaml +sed -i -e 's/port: 8448$/port: 18448/; s/port: 8008$/port: 18008' /etc/matrix-synapse/homeserver.yaml +echo 'registration_shared_secret: secret' >> /etc/matrix-synapse/homeserver.yaml systemctl restart matrix-synapse From 31096132c313e2a72d66e3eb13612e37350800ea Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Fri, 22 Oct 2021 21:58:48 +0100 Subject: [PATCH 12/16] Fix Shellcheck SC2012: Use find instead of ls Use find instead of ls to better handle non-alphanumeric filenames. https://github.com/koalaman/shellcheck/wiki/SC2012 Signed-off-by: Dan Callahan --- debian/test/provision.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/test/provision.sh b/debian/test/provision.sh index 931f300e9..8567b146a 100644 --- a/debian/test/provision.sh +++ b/debian/test/provision.sh @@ -10,7 +10,7 @@ set -e apt-get update apt-get install -y lsb-release -deb=`ls "/debs/matrix-synapse-py3_*+$(lsb_release -cs)*.deb" | sort | tail -n1` +deb=`find /debs -name "matrix-synapse-py3_*+$(lsb_release -cs)*.deb" | sort | tail -n1` debconf-set-selections < Date: Fri, 22 Oct 2021 22:46:06 +0100 Subject: [PATCH 13/16] Fix Shellcheck SC2086: Quote to prevent splitting Double quote to prevent globbing and word splitting. https://github.com/koalaman/shellcheck/wiki/SC2086 Signed-off-by: Dan Callahan --- .ci/scripts/test_export_data_command.sh | 2 +- .ci/scripts/test_synapse_port_db.sh | 2 +- debian/build_virtualenv | 2 +- demo/clean.sh | 8 ++-- demo/start.sh | 48 +++++++++---------- demo/stop.sh | 2 +- docker/build_debian.sh | 2 +- scripts-dev/check-newsfragment | 4 +- scripts-dev/check_line_terminators.sh | 2 +- scripts-dev/complement.sh | 6 +-- scripts-dev/config-lint.sh | 2 +- scripts-dev/docker_update_debian_changelog.sh | 2 +- scripts-dev/generate_sample_config | 2 +- 13 files changed, 42 insertions(+), 42 deletions(-) diff --git a/.ci/scripts/test_export_data_command.sh b/.ci/scripts/test_export_data_command.sh index 2180072c0..468a9d61f 100755 --- a/.ci/scripts/test_export_data_command.sh +++ b/.ci/scripts/test_export_data_command.sh @@ -3,7 +3,7 @@ # Test for the export-data admin command against sqlite and postgres set -xe -cd "`dirname $0`/../.." +cd "`dirname "$0"`/../.." echo "--- Install dependencies" diff --git a/.ci/scripts/test_synapse_port_db.sh b/.ci/scripts/test_synapse_port_db.sh index 7bcbe6365..3926a17ea 100755 --- a/.ci/scripts/test_synapse_port_db.sh +++ b/.ci/scripts/test_synapse_port_db.sh @@ -7,7 +7,7 @@ set -xe -cd "`dirname $0`/../.." +cd "`dirname "$0"`/../.." echo "--- Install dependencies" diff --git a/debian/build_virtualenv b/debian/build_virtualenv index e006b4884..575c2e016 100755 --- a/debian/build_virtualenv +++ b/debian/build_virtualenv @@ -98,7 +98,7 @@ esac --output-file="${PACKAGE_BUILD_DIR}/etc/matrix-synapse/log.yaml" # add a dependency on the right version of python to substvars. -PYPKG=`basename $SNAKE` +PYPKG=`basename "$SNAKE"` echo "synapse:pydepends=$PYPKG" >> debian/matrix-synapse-py3.substvars diff --git a/demo/clean.sh b/demo/clean.sh index 99482e87d..e9b440d90 100755 --- a/demo/clean.sh +++ b/demo/clean.sh @@ -6,14 +6,14 @@ DIR="$( cd "$( dirname "$0" )" && pwd )" PID_FILE="$DIR/servers.pid" -if [ -f $PID_FILE ]; then +if [ -f "$PID_FILE" ]; then echo "servers.pid exists!" exit 1 fi for port in 8080 8081 8082; do - rm -rf ${DIR:?}/$port - rm -rf $DIR/media_store.$port + rm -rf "${DIR:?}/$port" + rm -rf "$DIR/media_store.$port" done -rm -rf ${DIR:?}/etc +rm -rf "${DIR:?}/etc" diff --git a/demo/start.sh b/demo/start.sh index 245e9d777..03c3b375c 100755 --- a/demo/start.sh +++ b/demo/start.sh @@ -12,7 +12,7 @@ PYTHONPATH=$(readlink -f "$(pwd)") export PYTHONPATH -echo $PYTHONPATH +echo "$PYTHONPATH" for port in 8080 8081 8082; do echo "Starting server on port $port... " @@ -28,12 +28,12 @@ for port in 8080 8081 8082; do --config-path "$DIR/etc/$port.config" \ --report-stats no - if ! grep -F "Customisation made by demo/start.sh" -q $DIR/etc/$port.config; then - printf '\n\n# Customisation made by demo/start.sh\n' >> $DIR/etc/$port.config + if ! grep -F "Customisation made by demo/start.sh" -q "$DIR/etc/$port.config"; then + printf '\n\n# Customisation made by demo/start.sh\n' >> "$DIR/etc/$port.config" - echo "public_baseurl: http://localhost:$port/" >> $DIR/etc/$port.config + echo "public_baseurl: http://localhost:$port/" >> "$DIR/etc/$port.config" - echo 'enable_registration: true' >> $DIR/etc/$port.config + echo 'enable_registration: true' >> "$DIR/etc/$port.config" # Warning, this heredoc depends on the interaction of tabs and spaces. Please don't # accidentaly bork me with your fancy settings. @@ -57,26 +57,26 @@ for port in 8080 8081 8082; do compress: false PORTLISTENERS ) - echo "${listeners}" >> $DIR/etc/$port.config + echo "${listeners}" >> "$DIR/etc/$port.config" # Disable tls for the servers - printf '\n\n# Disable tls on the servers.' >> $DIR/etc/$port.config - echo '# DO NOT USE IN PRODUCTION' >> $DIR/etc/$port.config - echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true' >> $DIR/etc/$port.config - echo 'federation_verify_certificates: false' >> $DIR/etc/$port.config + printf '\n\n# Disable tls on the servers.' >> "$DIR/etc/$port.config" + echo '# DO NOT USE IN PRODUCTION' >> "$DIR/etc/$port.config" + echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true' >> "$DIR/etc/$port.config" + echo 'federation_verify_certificates: false' >> "$DIR/etc/$port.config" # Set tls paths - echo "tls_certificate_path: \"$DIR/etc/localhost:$https_port.tls.crt\"" >> $DIR/etc/$port.config - echo "tls_private_key_path: \"$DIR/etc/localhost:$https_port.tls.key\"" >> $DIR/etc/$port.config + echo "tls_certificate_path: \"$DIR/etc/localhost:$https_port.tls.crt\"" >> "$DIR/etc/$port.config" + echo "tls_private_key_path: \"$DIR/etc/localhost:$https_port.tls.key\"" >> "$DIR/etc/$port.config" # Generate tls keys - openssl req -x509 -newkey rsa:4096 -keyout $DIR/etc/localhost:$https_port.tls.key -out $DIR/etc/localhost:$https_port.tls.crt -days 365 -nodes -subj "/O=matrix" + openssl req -x509 -newkey rsa:4096 -keyout "$DIR/etc/localhost:$https_port.tls.key" -out "$DIR/etc/localhost:$https_port.tls.crt" -days 365 -nodes -subj "/O=matrix" # Ignore keys from the trusted keys server - echo '# Ignore keys from the trusted keys server' >> $DIR/etc/$port.config - echo 'trusted_key_servers:' >> $DIR/etc/$port.config - echo ' - server_name: "matrix.org"' >> $DIR/etc/$port.config - echo ' accept_keys_insecurely: true' >> $DIR/etc/$port.config + echo '# Ignore keys from the trusted keys server' >> "$DIR/etc/$port.config" + echo 'trusted_key_servers:' >> "$DIR/etc/$port.config" + echo ' - server_name: "matrix.org"' >> "$DIR/etc/$port.config" + echo ' accept_keys_insecurely: true' >> "$DIR/etc/$port.config" # Reduce the blacklist blacklist=$(cat <<-BLACK @@ -91,12 +91,12 @@ for port in 8080 8081 8082; do - 'fc00::/7' BLACK ) - echo "${blacklist}" >> $DIR/etc/$port.config + echo "${blacklist}" >> "$DIR/etc/$port.config" fi # Check script parameters if [ $# -eq 1 ]; then - if [ $1 = "--no-rate-limit" ]; then + if [ "$1" = "--no-rate-limit" ]; then # Disable any rate limiting ratelimiting=$(cat <<-RC @@ -138,15 +138,15 @@ for port in 8080 8081 8082; do burst_count: 1000 RC ) - echo "${ratelimiting}" >> $DIR/etc/$port.config + echo "${ratelimiting}" >> "$DIR/etc/$port.config" fi fi - if ! grep -F "full_twisted_stacktraces" -q $DIR/etc/$port.config; then - echo "full_twisted_stacktraces: true" >> $DIR/etc/$port.config + if ! grep -F "full_twisted_stacktraces" -q "$DIR/etc/$port.config"; then + echo "full_twisted_stacktraces: true" >> "$DIR/etc/$port.config" fi - if ! grep -F "report_stats" -q $DIR/etc/$port.config ; then - echo "report_stats: false" >> $DIR/etc/$port.config + if ! grep -F "report_stats" -q "$DIR/etc/$port.config" ; then + echo "report_stats: false" >> "$DIR/etc/$port.config" fi python3 -m synapse.app.homeserver \ diff --git a/demo/stop.sh b/demo/stop.sh index f9dddc591..c97e4b8d0 100755 --- a/demo/stop.sh +++ b/demo/stop.sh @@ -8,7 +8,7 @@ for pid_file in $FILES; do pid=$(cat "$pid_file") if [[ $pid ]]; then echo "Killing $pid_file with $pid" - kill $pid + kill "$pid" fi done diff --git a/docker/build_debian.sh b/docker/build_debian.sh index 1d0be42cf..32ad07a0c 100644 --- a/docker/build_debian.sh +++ b/docker/build_debian.sh @@ -5,7 +5,7 @@ set -ex # Get the codename from distro env -DIST=`cut -d ':' -f2 <<< ${distro:?}` +DIST=`cut -d ':' -f2 <<< "${distro:?}"` # we get a read-only copy of the source: make a writeable copy cp -aT /synapse/source /synapse/build diff --git a/scripts-dev/check-newsfragment b/scripts-dev/check-newsfragment index 56600de0a..5fc68e321 100755 --- a/scripts-dev/check-newsfragment +++ b/scripts-dev/check-newsfragment @@ -44,8 +44,8 @@ echo matched=0 for f in `git diff --name-only FETCH_HEAD... -- changelog.d`; do # check that any modified newsfiles on this branch end with a full stop. - lastchar=`tr -d '\n' < $f | tail -c 1` - if [ $lastchar != '.' ] && [ $lastchar != '!' ]; then + lastchar=`tr -d '\n' < "$f" | tail -c 1` + if [ "$lastchar" != '.' ] && [ "$lastchar" != '!' ]; then echo -e "\e[31mERROR: newsfragment $f does not end with a '.' or '!'\e[39m" >&2 echo -e "$CONTRIBUTING_GUIDE_TEXT" >&2 exit 1 diff --git a/scripts-dev/check_line_terminators.sh b/scripts-dev/check_line_terminators.sh index 068f157ea..b48fb88b0 100755 --- a/scripts-dev/check_line_terminators.sh +++ b/scripts-dev/check_line_terminators.sh @@ -25,7 +25,7 @@ # terminators are found, 0 otherwise. # cd to the root of the repository -cd "`dirname $0`/.." || exit +cd "`dirname "$0"`/.." || exit # Find and print files with non-unix line terminators if find . -path './.git/*' -prune -o -type f -print0 | xargs -0 grep -I -l $'\r$'; then diff --git a/scripts-dev/complement.sh b/scripts-dev/complement.sh index 89af7a4fd..7d38b39e9 100755 --- a/scripts-dev/complement.sh +++ b/scripts-dev/complement.sh @@ -24,7 +24,7 @@ set -e # Change to the repository root -cd "$(dirname $0)/.." +cd "$(dirname "$0")/.." # Check for a user-specified Complement checkout if [[ -z "$COMPLEMENT_DIR" ]]; then @@ -61,8 +61,8 @@ cd "$COMPLEMENT_DIR" EXTRA_COMPLEMENT_ARGS="" if [[ -n "$1" ]]; then # A test name regex has been set, supply it to Complement - EXTRA_COMPLEMENT_ARGS+="-run $1 " + EXTRA_COMPLEMENT_ARGS=(-run "$1") fi # Run the tests! -go test -v -tags synapse_blacklist,msc2946,msc3083,msc2403,msc2716 -count=1 $EXTRA_COMPLEMENT_ARGS ./tests/... +go test -v -tags synapse_blacklist,msc2946,msc3083,msc2403,msc2716 -count=1 "${EXTRA_COMPLEMENT_ARGS[@]}" ./tests/... diff --git a/scripts-dev/config-lint.sh b/scripts-dev/config-lint.sh index 15c8c2f93..7fb6ab68e 100755 --- a/scripts-dev/config-lint.sh +++ b/scripts-dev/config-lint.sh @@ -3,7 +3,7 @@ # Exits with 0 if there are no problems, or another code otherwise. # cd to the root of the repository -cd "`dirname $0`/.." || exit +cd "`dirname "$0"`/.." || exit # Restore backup of sample config upon script exit trap "mv docs/sample_config.yaml.bak docs/sample_config.yaml" EXIT diff --git a/scripts-dev/docker_update_debian_changelog.sh b/scripts-dev/docker_update_debian_changelog.sh index 14c155aee..729f8fc46 100755 --- a/scripts-dev/docker_update_debian_changelog.sh +++ b/scripts-dev/docker_update_debian_changelog.sh @@ -60,5 +60,5 @@ DEBIAN_FRONTEND=noninteractive apt-get install -y devscripts # Update the Debian changelog. ver=${1} -dch -M -v "$(sed -Ee 's/(rc|a|b|c)/~\1/' <<<$ver)" "New synapse release $ver." +dch -M -v "$(sed -Ee 's/(rc|a|b|c)/~\1/' <<<"$ver")" "New synapse release $ver." dch -M -r -D stable "" diff --git a/scripts-dev/generate_sample_config b/scripts-dev/generate_sample_config index 06e4c8c66..69d0b632d 100755 --- a/scripts-dev/generate_sample_config +++ b/scripts-dev/generate_sample_config @@ -4,7 +4,7 @@ set -e -cd "`dirname $0`/.." +cd "`dirname "$0"`/.." SAMPLE_CONFIG="docs/sample_config.yaml" SAMPLE_LOG_CONFIG="docs/sample_log_config.yaml" From b5e910521b8f712b0ff0d61be33414efa4b3b6ba Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Fri, 22 Oct 2021 23:00:04 +0100 Subject: [PATCH 14/16] Fix Shellcheck SC2129: Consider using {..} >> file Consider using { cmd1; cmd2; } >> file instead of individual redirects. https://github.com/koalaman/shellcheck/wiki/SC2129 Signed-off-by: Dan Callahan --- demo/start.sh | 121 ++++++++++++++++++++++++++------------------------ 1 file changed, 62 insertions(+), 59 deletions(-) diff --git a/demo/start.sh b/demo/start.sh index 03c3b375c..8ffb14e30 100755 --- a/demo/start.sh +++ b/demo/start.sh @@ -29,69 +29,72 @@ for port in 8080 8081 8082; do --report-stats no if ! grep -F "Customisation made by demo/start.sh" -q "$DIR/etc/$port.config"; then - printf '\n\n# Customisation made by demo/start.sh\n' >> "$DIR/etc/$port.config" - - echo "public_baseurl: http://localhost:$port/" >> "$DIR/etc/$port.config" - - echo 'enable_registration: true' >> "$DIR/etc/$port.config" - - # Warning, this heredoc depends on the interaction of tabs and spaces. Please don't - # accidentaly bork me with your fancy settings. - listeners=$(cat <<-PORTLISTENERS - # Configure server to listen on both $https_port and $port - # This overides some of the default settings above - listeners: - - port: $https_port - type: http - tls: true - resources: - - names: [client, federation] - - - port: $port - tls: false - bind_addresses: ['::1', '127.0.0.1'] - type: http - x_forwarded: true - resources: - - names: [client, federation] - compress: false - PORTLISTENERS - ) - echo "${listeners}" >> "$DIR/etc/$port.config" - - # Disable tls for the servers - printf '\n\n# Disable tls on the servers.' >> "$DIR/etc/$port.config" - echo '# DO NOT USE IN PRODUCTION' >> "$DIR/etc/$port.config" - echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true' >> "$DIR/etc/$port.config" - echo 'federation_verify_certificates: false' >> "$DIR/etc/$port.config" - - # Set tls paths - echo "tls_certificate_path: \"$DIR/etc/localhost:$https_port.tls.crt\"" >> "$DIR/etc/$port.config" - echo "tls_private_key_path: \"$DIR/etc/localhost:$https_port.tls.key\"" >> "$DIR/etc/$port.config" - # Generate tls keys openssl req -x509 -newkey rsa:4096 -keyout "$DIR/etc/localhost:$https_port.tls.key" -out "$DIR/etc/localhost:$https_port.tls.crt" -days 365 -nodes -subj "/O=matrix" - # Ignore keys from the trusted keys server - echo '# Ignore keys from the trusted keys server' >> "$DIR/etc/$port.config" - echo 'trusted_key_servers:' >> "$DIR/etc/$port.config" - echo ' - server_name: "matrix.org"' >> "$DIR/etc/$port.config" - echo ' accept_keys_insecurely: true' >> "$DIR/etc/$port.config" + # Regenerate configuration + { + printf '\n\n# Customisation made by demo/start.sh\n' + echo "public_baseurl: http://localhost:$port/" + echo 'enable_registration: true' - # Reduce the blacklist - blacklist=$(cat <<-BLACK - # Set the blacklist so that it doesn't include 127.0.0.1, ::1 - federation_ip_range_blacklist: - - '10.0.0.0/8' - - '172.16.0.0/12' - - '192.168.0.0/16' - - '100.64.0.0/10' - - '169.254.0.0/16' - - 'fe80::/64' - - 'fc00::/7' - BLACK - ) - echo "${blacklist}" >> "$DIR/etc/$port.config" + # Warning, this heredoc depends on the interaction of tabs and spaces. + # Please don't accidentaly bork me with your fancy settings. + listeners=$(cat <<-PORTLISTENERS + # Configure server to listen on both $https_port and $port + # This overides some of the default settings above + listeners: + - port: $https_port + type: http + tls: true + resources: + - names: [client, federation] + + - port: $port + tls: false + bind_addresses: ['::1', '127.0.0.1'] + type: http + x_forwarded: true + resources: + - names: [client, federation] + compress: false + PORTLISTENERS + ) + + echo "${listeners}" + + # Disable tls for the servers + printf '\n\n# Disable tls on the servers.' + echo '# DO NOT USE IN PRODUCTION' + echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true' + echo 'federation_verify_certificates: false' + + # Set tls paths + echo "tls_certificate_path: \"$DIR/etc/localhost:$https_port.tls.crt\"" + echo "tls_private_key_path: \"$DIR/etc/localhost:$https_port.tls.key\"" + + # Ignore keys from the trusted keys server + echo '# Ignore keys from the trusted keys server' + echo 'trusted_key_servers:' + echo ' - server_name: "matrix.org"' + echo ' accept_keys_insecurely: true' + + # Reduce the blacklist + blacklist=$(cat <<-BLACK + # Set the blacklist so that it doesn't include 127.0.0.1, ::1 + federation_ip_range_blacklist: + - '10.0.0.0/8' + - '172.16.0.0/12' + - '192.168.0.0/16' + - '100.64.0.0/10' + - '169.254.0.0/16' + - 'fe80::/64' + - 'fc00::/7' + BLACK + ) + + echo "${blacklist}" + } >> "$DIR/etc/$port.config" fi # Check script parameters From d7141e0b8b945047b37b8ca093ed0bfd63724a25 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Fri, 22 Oct 2021 23:07:23 +0100 Subject: [PATCH 15/16] Fix Shellcheck SC2006: Use $(...) notation Use $(...) notation instead of legacy backticked `...`. https://github.com/koalaman/shellcheck/wiki/SC2006 Signed-off-by: Dan Callahan --- .ci/scripts/test_export_data_command.sh | 2 +- .ci/scripts/test_synapse_port_db.sh | 2 +- debian/build_virtualenv | 8 ++++---- debian/test/provision.sh | 2 +- docker/build_debian.sh | 4 ++-- scripts-dev/check-newsfragment | 4 ++-- scripts-dev/check_line_terminators.sh | 2 +- scripts-dev/config-lint.sh | 2 +- scripts-dev/generate_sample_config | 2 +- scripts-dev/next_github_number.sh | 2 +- 10 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.ci/scripts/test_export_data_command.sh b/.ci/scripts/test_export_data_command.sh index 468a9d61f..ab96387a0 100755 --- a/.ci/scripts/test_export_data_command.sh +++ b/.ci/scripts/test_export_data_command.sh @@ -3,7 +3,7 @@ # Test for the export-data admin command against sqlite and postgres set -xe -cd "`dirname "$0"`/../.." +cd "$(dirname "$0")/../.." echo "--- Install dependencies" diff --git a/.ci/scripts/test_synapse_port_db.sh b/.ci/scripts/test_synapse_port_db.sh index 3926a17ea..797904e64 100755 --- a/.ci/scripts/test_synapse_port_db.sh +++ b/.ci/scripts/test_synapse_port_db.sh @@ -7,7 +7,7 @@ set -xe -cd "`dirname "$0"`/../.." +cd "$(dirname "$0")/../.." echo "--- Install dependencies" diff --git a/debian/build_virtualenv b/debian/build_virtualenv index 575c2e016..3097371d5 100755 --- a/debian/build_virtualenv +++ b/debian/build_virtualenv @@ -15,7 +15,7 @@ export DH_VIRTUALENV_INSTALL_ROOT=/opt/venvs # python won't look in the right directory. At least this way, the error will # be a *bit* more obvious. # -SNAKE=`readlink -e /usr/bin/python3` +SNAKE=$(readlink -e /usr/bin/python3) # try to set the CFLAGS so any compiled C extensions are compiled with the most # generic as possible x64 instructions, so that compiling it on a new Intel chip @@ -24,7 +24,7 @@ SNAKE=`readlink -e /usr/bin/python3` # TODO: add similar things for non-amd64, or figure out a more generic way to # do this. -case `dpkg-architecture -q DEB_HOST_ARCH` in +case $(dpkg-architecture -q DEB_HOST_ARCH) in amd64) export CFLAGS=-march=x86-64 ;; @@ -56,7 +56,7 @@ case "$DEB_BUILD_OPTIONS" in *) # Copy tests to a temporary directory so that we can put them on the # PYTHONPATH without putting the uninstalled synapse on the pythonpath. - tmpdir=`mktemp -d` + tmpdir=$(mktemp -d) trap 'rm -r $tmpdir' EXIT cp -r tests "$tmpdir" @@ -98,7 +98,7 @@ esac --output-file="${PACKAGE_BUILD_DIR}/etc/matrix-synapse/log.yaml" # add a dependency on the right version of python to substvars. -PYPKG=`basename "$SNAKE"` +PYPKG=$(basename "$SNAKE") echo "synapse:pydepends=$PYPKG" >> debian/matrix-synapse-py3.substvars diff --git a/debian/test/provision.sh b/debian/test/provision.sh index 8567b146a..55d7b8e03 100644 --- a/debian/test/provision.sh +++ b/debian/test/provision.sh @@ -10,7 +10,7 @@ set -e apt-get update apt-get install -y lsb-release -deb=`find /debs -name "matrix-synapse-py3_*+$(lsb_release -cs)*.deb" | sort | tail -n1` +deb=$(find /debs -name "matrix-synapse-py3_*+$(lsb_release -cs)*.deb" | sort | tail -n1) debconf-set-selections <&2 echo -e "$CONTRIBUTING_GUIDE_TEXT" >&2 diff --git a/scripts-dev/check_line_terminators.sh b/scripts-dev/check_line_terminators.sh index b48fb88b0..fffa24e01 100755 --- a/scripts-dev/check_line_terminators.sh +++ b/scripts-dev/check_line_terminators.sh @@ -25,7 +25,7 @@ # terminators are found, 0 otherwise. # cd to the root of the repository -cd "`dirname "$0"`/.." || exit +cd "$(dirname "$0")/.." || exit # Find and print files with non-unix line terminators if find . -path './.git/*' -prune -o -type f -print0 | xargs -0 grep -I -l $'\r$'; then diff --git a/scripts-dev/config-lint.sh b/scripts-dev/config-lint.sh index 7fb6ab68e..6ce030b81 100755 --- a/scripts-dev/config-lint.sh +++ b/scripts-dev/config-lint.sh @@ -3,7 +3,7 @@ # Exits with 0 if there are no problems, or another code otherwise. # cd to the root of the repository -cd "`dirname "$0"`/.." || exit +cd "$(dirname "$0")/.." || exit # Restore backup of sample config upon script exit trap "mv docs/sample_config.yaml.bak docs/sample_config.yaml" EXIT diff --git a/scripts-dev/generate_sample_config b/scripts-dev/generate_sample_config index 69d0b632d..4cd1d1d5b 100755 --- a/scripts-dev/generate_sample_config +++ b/scripts-dev/generate_sample_config @@ -4,7 +4,7 @@ set -e -cd "`dirname "$0"`/.." +cd "$(dirname "$0")/.." SAMPLE_CONFIG="docs/sample_config.yaml" SAMPLE_LOG_CONFIG="docs/sample_log_config.yaml" diff --git a/scripts-dev/next_github_number.sh b/scripts-dev/next_github_number.sh index 00e9b1456..5ecd51512 100755 --- a/scripts-dev/next_github_number.sh +++ b/scripts-dev/next_github_number.sh @@ -4,6 +4,6 @@ set -e # Fetch the current GitHub issue number, add one to it -- presto! The likely # next PR number. -CURRENT_NUMBER=`curl -s "https://api.github.com/repos/matrix-org/synapse/issues?state=all&per_page=1" | jq -r ".[0].number"` +CURRENT_NUMBER=$(curl -s "https://api.github.com/repos/matrix-org/synapse/issues?state=all&per_page=1" | jq -r ".[0].number") CURRENT_NUMBER=$((CURRENT_NUMBER+1)) echo $CURRENT_NUMBER From 1afc6ecae1f4fdb63e47596fbe88bf93b461c8f9 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Fri, 22 Oct 2021 23:21:40 +0100 Subject: [PATCH 16/16] Changelog Signed-off-by: Dan Callahan --- changelog.d/11166.misc | 1 + debian/changelog | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 changelog.d/11166.misc diff --git a/changelog.d/11166.misc b/changelog.d/11166.misc new file mode 100644 index 000000000..79342e43d --- /dev/null +++ b/changelog.d/11166.misc @@ -0,0 +1 @@ +Update scripts to pass Shellcheck lints. diff --git a/debian/changelog b/debian/changelog index 1ee81f2a3..f68c99309 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +matrix-synapse-py3 (1.45.1+nmu1) UNRELEASED; urgency=medium + + * Update scripts to pass Shellcheck lints. + + -- root Fri, 22 Oct 2021 22:20:31 +0000 + matrix-synapse-py3 (1.45.1) stable; urgency=medium * New synapse release 1.45.1.