pre-commit hook does not install shellcheck, resulting in inconsistent linter behavior

[rdctmeconomou]

Consider the attached GitHub Actions workflow definition.

If shellcheck is not installed on the developer's computer, the actionlint pre-commit hook will not report any issues with the workflow definition.

Furthermore, if one uses a tool like act to run that workflow locally, the actionlint pre-commit hook executed within the local GitHub Actions runner will not report any issues with the workflow. This is because runner images commonly used with act do not have shellcheck installed.

However, when GitHub Actions itself runs the workflow, the linter will report these issues because the ubuntu-latest image includes shellcheck:

.github/workflows/ci.yml:40:9: shellcheck reported issue in this script: SC2086:info:1:106: Double quote to prevent globbing and word splitting [shellcheck]
   |
40 |         run: |
   |         ^~~~
.github/workflows/ci.yml:157:9: shellcheck reported issue in this script: SC2102:info:2:17: Ranges can only match single chars (mentioned due to duplicates) [shellcheck]
    |
157 |         run: |
    |         ^~~~
.github/workflows/ci.yml:157:9: shellcheck reported issue in this script: SC2006:style:3:11: Use $(...) notation instead of legacy backticks `...` [shellcheck]
    |
157 |         run: |
    |         ^~~~

This behavior is unexpected. No matter where one runs the actionslint pre-commit hook, it should have the same result. The hook should install shellcommit (plus any other software on which it depends) in its environment.

[rhysd]

I'm not a pre-commit user and the hook in this repository was contributed by the community. Let me keep this open with help-wanted tag. PR to fix this is welcome.