Linting
2 open source tools compared. Sorted by stars — scroll down for our analysis.
| Tool | Stars | Velocity | Language | License | Score |
|---|---|---|---|---|---|
 ShellCheck Static analysis for shell scripts | 39.2k | +42/wk | Haskell | GNU General Public License v3.0 | 74 |
| 3.0k | — | Rust | — | 51 |
Our Analysis
ShellCheck is the linter that should run on every shell script you write. It catches quoting bugs, undefined variables, deprecated syntax, and subtle portability issues that would otherwise become production incidents at 3 AM. Paste a script at shellcheck.net or run it in CI — either way, it finds bugs you didn't know you had. There's no real open-source alternative with ShellCheck's depth. shfmt formats shell scripts but doesn't analyze them. Commercial static analysis tools (SonarQube, Codacy) include shell checking but nothing as specialized. Use ShellCheck on every bash/sh script, no exceptions. Add it to your CI pipeline, your pre-commit hooks, and your editor (VS Code extension is excellent). GPL-3.0 licensed, written in Haskell. 39K stars. The catch: ShellCheck analyzes bash, dash, and ksh — no zsh support. If your scripts use zsh-specific features, you're on your own. Also, it's opinionated — some suggestions feel overly cautious for throwaway scripts. But for anything running in production, those "overly cautious" checks prevent real bugs.