General Programming Discussion

7709 readers

13 users here now

A general programming discussion community.

Rules:

Be civil.
Please start discussions that spark conversation

Other communities

Systems

Functional Programming

Also related

[email protected]

founded 5 years ago

MODERATORS

[email protected]

How to audit a shell-completion script? (lemmy.ml)

submitted 11 months ago by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

I just stumbled upon a collection of bash completions which can be quite handy: https://github.com/perlpunk/shell-completions

I tried mojo, cpan and pip completions in a sandbox and they worked like a charm!

The only question I've got is, has anyone ever done a security audit of the repository? Anyone has taken the time to look at the code? I could try auditing but I'm not even sure what to look for.

I feel quite wary of letting an unknown source access to my bash session and what I type.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 11 months ago (1 children)

Auditing is nothing more than reading the code. Give it a read and make sure you understand everything it’s doing.

This is a great lesson on trust as well. I can tell you I did an audit and it all looks good but does that really have any value?

[–] [email protected] 1 points 11 months ago

Agree w/ you re trust.