|
|
|
|
|
|
by subjectsigma
362 days ago
|
|
|
I appreciate you finding a problem and trying to build a solution, but I think your solution will not work very well. Shellcheck is not a virus or vulnerability scanner, it’s not designed for the thing you are using it for. |
|
|
Its role in vet isn't to find malware, but to act as an automated code quality check. A script full of shellcheck warnings is a red flag, which helps inform the user's final decision to trust it or not. It's one of several signals that vet provides.
Thanks for the important clarification!