mirror of
https://github.com/ivuorinen/dotfiles.git
synced 2026-02-08 10:50:46 +00:00
fix(lint): fix all sonarcloud detected issues (#279)
* fix(ci): replace broad permissions with specific scopes in workflows
Replace read-all/write-all with minimum required permission scopes
across all GitHub Actions workflows to follow the principle of least
privilege (SonarCloud rule githubactions:S8234).
* fix(shell): use [[ instead of [ for conditional tests
Replace single brackets with double brackets in bash conditional
expressions across 14 files (28 changes). All scripts use bash
shebangs so [[ is safe everywhere (SonarCloud rule shelldre:S7688).
* fix(shell): add explicit return statements to functions
Add return 0 as the last statement in ~46 shell functions across
17 files that previously relied on implicit return codes
(SonarCloud rule shelldre:S7682).
* fix(shell): assign positional parameters to local variables
Replace direct $1/$2/$3 usage with named local variables in _log(),
msg(), msg_err(), msg_done(), msg_run(), msg_ok(), and array_diff()
(SonarCloud rule shelldre:S7679).
* fix(python): replace dict() constructor with literal
Use {} instead of dict() for empty dictionary initialization
(SonarCloud rule python:S7498).
* fix(shell): fix husky shebang and tolerate npm outdated exit code
* docs(shell): add function docstring comments
* fix(shell): fix heredoc indentation in x-sonarcloud
* feat(python): add ruff linter and formatter configuration
* fix(ci): align megalinter config with biome, ruff, and shfmt settings
* fix(ci): disable black and yaml-prettier in megalinter config
* chore(ci): update ruff-pre-commit to v0.15.0 and fix hook name
* fix(scripts): check for .git dir before skipping clone in install-fonts
* fix(shell): address code review issues in scripts and shared.sh
- Guard wezterm show-keys failure in create-wezterm-keymaps.sh
- Stop masking git failures with return 0 in install-cheat-purebashbible.sh
- Add missing shared.sh source in install-xcode-cli-tools.sh
- Replace exit 1 with return 1 in sourced shared.sh
* fix(scripts): address code review and security findings
- Guard wezterm show-keys failure in create-wezterm-keymaps.sh
- Stop masking git failures with return 0 in install-cheat-purebashbible.sh
- Add missing shared.sh source in install-xcode-cli-tools.sh
- Replace exit 1 with return 1 in sourced shared.sh
- Remove shell=True subprocess calls in x-git-largest-files.py
* style(shell): apply shfmt formatting and add args to pre-commit hook
* fix(python): suppress bandit false positives in x-git-largest-files
* fix(python): add nosemgrep suppression for check_output call
* feat(format): add prettier for YAML formatting
Install prettier, add .prettierrc.json config (200-char width, 2-space
indent, LF endings), .prettierignore, yarn scripts (lint:prettier,
fix:prettier, format:yaml), and pre-commit hook scoped to YAML files.
* style(yaml): apply prettier formatting
* fix(scripts): address remaining code review findings
- Python: use list comprehension to filter empty strings instead of
slicing off the last element
- create-wezterm-keymaps: write to temp file and mv for atomic updates
- install-xcode-cli-tools: fix shellcheck source directive path
* fix(python): sort imports alphabetically in x-git-largest-files
* fix(lint): disable PYTHON_ISORT in MegaLinter, ruff handles it
* chore(git): add __pycache__ to gitignore
* fix(python): rename ambiguous variable l to line (E741)
* style: remove trailing whitespace and blank lines
* style(fzf): apply shfmt formatting
* style(shell): apply shfmt formatting
* docs(plans): add design documents
* style(docs): add language specifier to fenced code block
* feat(lint): add markdown-table-formatter to dev tooling
Add markdown-table-formatter as a dev dependency with yarn scripts
(lint:md-table, fix:md-table) and a local pre-commit hook to
automatically format markdown tables on commit.
This commit is contained in:
GitHub
40
docs/plans/2026-02-04-cargo-skip-installed-design.md
Normal file
40
docs/plans/2026-02-04-cargo-skip-installed-design.md
Normal file
@@ -0,0 +1,40 @@
|
||||
# Skip Already-Installed Cargo Packages
|
||||
|
||||
## Problem
|
||||
|
||||
`install-cargo-packages.sh` runs `cargo install-update -a` to update installed
|
||||
packages, then runs `cargo install` for every package in the list — including
|
||||
ones that are already installed and up-to-date. This wastes time rebuilding
|
||||
packages that don't need it.
|
||||
|
||||
## Solution
|
||||
|
||||
Capture the `cargo install-update -a` output, parse installed package names,
|
||||
and skip `cargo install` for any package that appeared in the update output.
|
||||
|
||||
## Changes
|
||||
|
||||
**File:** `scripts/install-cargo-packages.sh`
|
||||
|
||||
1. Declare an associative array `installed_packages` at the top.
|
||||
2. In the `cargo-install-update` section, capture output with `tee /dev/stderr`
|
||||
so it displays in real-time while also being stored in a variable.
|
||||
3. Parse the captured output with `awk` — extract the first column from lines
|
||||
matching a version pattern (`v[0-9]+\.[0-9]+`), skipping the header.
|
||||
4. Populate `installed_packages` associative array from parsed names.
|
||||
5. In `install_packages()`, check each package against the array. If found, log
|
||||
a skip message via `msgr` and continue. If not found, install as before.
|
||||
6. If `cargo-install-update` is not available, the array stays empty and all
|
||||
packages install normally (preserves existing behavior).
|
||||
|
||||
## Output Parsing
|
||||
|
||||
The `cargo install-update -a` output format:
|
||||
|
||||
```text
|
||||
Package Installed Latest Needs update
|
||||
zoxide v0.9.8 v0.9.9 Yes
|
||||
bkt v0.8.2 v0.8.2 No
|
||||
```
|
||||
|
||||
Extraction: `awk '/v[0-9]+\.[0-9]+/ { print $1 }'` gets package names.
|
||||
55
docs/plans/2026-02-05-dfm-cleanup-design.md
Normal file
55
docs/plans/2026-02-05-dfm-cleanup-design.md
Normal file
@@ -0,0 +1,55 @@
|
||||
# dfm Cleanup Design
|
||||
|
||||
## Summary
|
||||
|
||||
Clean up `local/bin/dfm` to fix bugs, remove dead code, improve
|
||||
cross-platform portability, and make error handling consistent.
|
||||
|
||||
## Changes
|
||||
|
||||
### 1. Bash Version Bootstrap
|
||||
|
||||
Add a check at the top of the script (after variable declarations)
|
||||
that requires bash 4.0+. On macOS, if bash is too old, install
|
||||
Homebrew (if missing) and bash, then print instructions and exit.
|
||||
The check itself uses only bash 3.2-compatible syntax.
|
||||
|
||||
### 2. Remove Fish Dead Code
|
||||
|
||||
Remove `CURRENT_SHELL` detection, `source_file()` function, and all
|
||||
fish branches. Replace `source_file` calls with direct `source`.
|
||||
The script has a bash shebang — fish handling was unreachable.
|
||||
|
||||
### 3. Bug Fixes
|
||||
|
||||
- Remove `ntfy` from install menu (no install script exists)
|
||||
- Fix `msg)` → `msgr)` case label in `section_tests`
|
||||
- Guard all `shift` calls against empty argument lists
|
||||
- Quote `$width` in `menu_builder` seq calls
|
||||
- Fix `$"..."` locale string → `"..."` in `usage()`
|
||||
- Fix `exit 0` on apt.txt error → `return 1`
|
||||
|
||||
### 4. Replace `declare -A` in `section_scripts`
|
||||
|
||||
Replace associative array with indexed `"name:desc"` array,
|
||||
matching the pattern used everywhere else in the script.
|
||||
Move `get_script_description()` to top-level (out of the function).
|
||||
|
||||
### 5. Early-Return Guards & exit → return
|
||||
|
||||
- `section_brew()`: Early return with `msgr warn` if brew unavailable.
|
||||
Remove duplicate `! x-have brew` check.
|
||||
- `section_apt()`: Same pattern for apt.
|
||||
- `section_check()`: Replace `exit` with `return`.
|
||||
- `section_apt() install`: Replace `exit` with `return`.
|
||||
- `section_brew() untracked`: Replace `exit` with `return`.
|
||||
|
||||
## Files Changed
|
||||
|
||||
- `local/bin/dfm` (all changes)
|
||||
|
||||
## Verification
|
||||
|
||||
- `yarn test` (existing bats test)
|
||||
- `shellcheck local/bin/dfm`
|
||||
- `bash -n local/bin/dfm` (syntax check)
|
||||
46
docs/plans/2026-02-05-x-scripts-cleanup-design.md
Normal file
46
docs/plans/2026-02-05-x-scripts-cleanup-design.md
Normal file
@@ -0,0 +1,46 @@
|
||||
# x-* Scripts Cleanup Design
|
||||
|
||||
## Summary
|
||||
|
||||
Comprehensive cleanup of all 34 x-* utility scripts in `local/bin/`.
|
||||
Fix critical bugs, consolidate duplicates, standardize patterns.
|
||||
|
||||
## Changes
|
||||
|
||||
### Removals
|
||||
|
||||
- `x-mkd`, `x-mkd.md`, `tests/x-mkd.bats` — unused, cd-in-subshell broken
|
||||
- `x-validate-sha256sum.sh`, `x-validate-sha256sum.sh.md` — duplicates x-sha256sum-matcher
|
||||
|
||||
### Thin Wrappers (delegate to x-path)
|
||||
|
||||
- `x-path-append` → calls `x-path append "$@"`
|
||||
- `x-path-prepend` → calls `x-path prepend "$@"`
|
||||
- `x-path-remove` → calls `x-path remove "$@"`
|
||||
|
||||
### Critical Fixes
|
||||
|
||||
- `x-clean-vendordirs`: call msgr as command (it's in PATH)
|
||||
- `x-foreach`: replace eval with direct "$@" execution
|
||||
- `x-ip`: add error handling, curl check
|
||||
|
||||
### Consistency Fixes
|
||||
|
||||
- Fix `#!/bin/bash` → `#!/usr/bin/env bash` (x-env-list, x-localip)
|
||||
- POSIX scripts keep `#!/bin/sh`
|
||||
- Add `set -euo pipefail` where missing in bash scripts
|
||||
- Use XDG variables instead of hardcoded paths (x-change-alacritty-theme)
|
||||
- Quote unquoted variables
|
||||
|
||||
### Minor Fixes
|
||||
|
||||
- `x-multi-ping`: remove unused VERBOSE variable
|
||||
- `x-when-down`, `x-when-up`: add error handling
|
||||
- `x-term-colors`: add usage message
|
||||
- `x-record`: fix undefined notify-call reference
|
||||
|
||||
## Verification
|
||||
|
||||
- `yarn test` — ensure remaining tests pass
|
||||
- `shellcheck` on modified scripts
|
||||
- `bash -n` syntax check on all modified bash scripts
|
||||
Reference in New Issue
Block a user