Verification of the script preamble?

[jstasiak]

Hey! First of all thank you for this project, it's really helpful and I'm going to integrate it into our CI pipeline(s).

What I'm thinking about is I'd also like to verify that our bash scripts have

shopt -s nullglob globstar

and

if test "$BASH" = "" || "$BASH" -uc "a=();true \"\${a[@]}\"" 2>/dev/null; then
    # Bash 4.4, Zsh
    set -euo pipefail
else
    # Bash 4.3 and older chokes on empty arrays with set -u.
    set -eo pipefail
fi

at the beginning. Do you think there's place for this in shellharden (behind a flag, presumably)? I could open a PR if so.

[anordal]

Depending on details, it's not a good fit for how Shellharden works now, but might be worth doing.

If there is to be much value in doing it in Shellharden, instead of scripting something quickly, the operation should be idempotent enough to recognise and accept other flavors of these flags (though these are good defaults). These flags only need to be set before they are used, but that can be anywhere. So we need to read the whole file before deciding what's missing at the start.

Shellharden works as a filter: You can pipe an endless stream into it and watch its output live. The parsed syntax tree is only iterated, not recorded. So no decisions about past output. It would have to do two passes (and no longer be a filter) in order to do that.