← Back to context

Comment by wakawaka28

2 days ago

If you want to be super pedantic, try to make the command shell-agnostic in case the user is not running bash already.

6 comments

wakawaka28

Reply
godelski  2 days ago

Everything I wrote works in bash and zsh. I think this is going to be fine for the vast majority of people. Tbh, I'm not sure what isn't portable, or at least not portable for everything that the curl-pipe-bash pattern doesn't already work for.

  • maleldil  1 day ago

    `curl foo.sh | bash` works with any shell as long as bash is installed. `bash <(curl foo.sh)` doesn't work on shells that don't have that process substitution syntax (like fish, and I think nushell)

    • godelski  1 day ago

      Okay so doesn't work for fish or dash but who is using those? More importantly, who is using those and doesn't know how to convert?

      It really just seems like you're trying to start a fight and I don't know why. If you're going to fight with anyone go actually click the link and fight with the one who started it

  • wakawaka28  1 day ago

    I'm not sure either but some of those things are bashisms. `<(...)` is a bashism and won't work in some shells. Honestly I ONLY use bash, so it's fine for me, but since you seem to be a pedantic person I thought you should consider trying to solve that puzzle too. Someone might want to copy and paste your command into csh, tcsh, zsh, sh, or ksh. Some of these may support bashisms and some don't. I haven't tried to investigate further either, even to the point of talking to an AI about it, but if you want max nerd cred then you can shoot for it. Keep in mind that csh/tcsh is not entirely POSIX compliant, but it is default on some BSDs.

    • godelski  19 hours ago

      Fwiw it works in zsh and I believe ksh (haven't checked). There's not many people that run csh, tcsh, sh, ksh, or even fish.

      I could be more pedantic but I'll trade for practicality. I'm sure we could even do better than this [0] but the problem exists because people are lazy. If you got something that is portable and fits a code-golf like mentality then I'm all ears.

      There's bigger problems with the lines I wrote besides portability. They don't stop malicious actors nor provide any security. At best they provide defense against early termination and a log to help debug any damage that was done. Not prevent it. Which those are solvable things! But they're solved by more effort, which unfortunately is a losing battle. So the task isn't to solve all the problems, it's to find something that people might actually do that might actually provide some harm reduction, even if it isn't much. Something is better than nothing, right?

      [0] https://news.ycombinator.com/item?id=47107740