Skip to content

Shell Script Portability: Fix unsafe variable handling and POSIX compliance in common.sh #1271

New issue
New issue
Open
#1628
Open
Shell Script Portability: Fix unsafe variable handling and POSIX compliance in common.sh#1271
#1628
@coderabbitai

Description

@coderabbitai
coderabbitai
bot
opened on Jul 3, 2025

Summary

The process_extending_files function in codeserver/ubi9-python-3.12/nginx/root/usr/share/container-scripts/nginx/common.sh has multiple portability and safety issues that should be addressed to improve code quality and POSIX compliance.

Issues Identified

Safety Issues

  • Unquoted variables in test conditions: [ $filename ] breaks on spaces
  • Unquoted paths in file tests: [ -f $custom_dir/$filename ] causes word-splitting/globbing
  • Missing quotes in source commands: source $custom_dir/$filename

Portability Issues

  • source command is Bash-only; should use . for POSIX compliance
  • Here-string loop construct (<<<) is Bash-only
  • function keyword is non-standard
  • local keyword is undefined in POSIX sh

Acceptance Criteria

  • Quote all variable expansions in test conditions and source commands
  • Replace source with . for POSIX compliance OR update shebang to #!/bin/bash if Bash is required
  • Replace here-string loop with POSIX-compatible while-read from pipe
  • Remove non-standard function keyword
  • Address local keyword usage for POSIX compliance
  • Verify script works correctly after changes

Suggested Implementation

-while read filename ; do
-  if [ $filename ]; then
+while read -r filename; do
+  if [ -n "$filename" ]; then
     echo "=> sourcing $filename ..."
-    if [ -f $custom_dir/$filename ]; then
-      source $custom_dir/$filename
-    elif [ -f $default_dir/$filename ]; then 
-      source $default_dir/$filename
+    if [ -f "$custom_dir/$filename" ]; then
+      source "$custom_dir/$filename"
+    elif [ -f "$default_dir/$filename" ]; then 
+      source "$default_dir/$filename"
     fi
   fi
-done <<<"$(get_matched_files "$custom_dir" "$default_dir" '*.sh' | sort -u)"
+done < <(get_matched_files "$custom_dir" "$default_dir" '*.sh' | sort -u)

Context

Labels

  • enhancement
  • technical-debt
  • shell-scripting

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    ODH IDE Planning

    Status

    📋 Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions