Frequently Asked Question

What is ShellCheck and why should I use it?

ShellCheck is a static analysis tool for shell scripts, the bash equivalent of flake8 or pylint for Python. You point it at a script and it prints warnings: unquoted variables that will explode the first time a filename contains a space, [ $x = "foo" ] tests that misbehave on empty $x, broken redirections, accidental subshells, misquoted $@, uses of bash features in a #!/bin/sh script, and dozens of other bugs. It runs in well under a second, and each warning has a short stable identifier (SC2086, SC2068, etc.) linked to a wiki page that explains the rule and shows a fix.

It is, without exaggeration, the single most valuable tool for writing robust shell. Most real-world shell bugs are not exotic, they are unquoted variables, wrong-quoted $@, missing --, and pipefail interactions. ShellCheck catches almost all of them. Install it from your package manager (apt install shellcheck, brew install shellcheck), wire it into your editor so warnings appear as you type, and run it in CI before any shell script lands in your repo. The free web version at shellcheck.net runs in your browser with no installation required.