Use differential-shellcheck instead of action-shellcheck

[jamacku]

This change doesn't change the core behavior of ShellCheck linting. Differential ShellCheck uses by default flag -X. It will also exclude all shell scripts located in tests/ from linting.

Some benefits of using differential ShellCheck Action

Differential ShellCheck is a GitHub Action that performs differential ShellCheck scans on shell scripts changed via PR and reports results directly in PR.

It is able to produce reports in SARIF format. GitHub understands this format and is able to display it nicely as a PR comment, and on the Files Changed tab, please see below.

Documentation is available at @redhat-plumbers-in-action/differential-shellcheck. Let me know If you are missing some feature or setting. I'm always happy to extend functionality.

[github-advanced-security[bot]]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[say-paul]

This looks cool!! do you have its as IDE-plugin(vs code) as static analysis tool?

[jamacku]

This looks cool!! do you have its as IDE-plugin(vs code) as static analysis tool?

Unfortunately, no, but I believe you can use https://github.com/Microsoft/sarif-vscode-extension with this action. Once you link your GitHub account with sarif-vscode-extension, you should see the reports in your IDE.

[nullr0ute]

LGTM