> On Apr 12, 2021, at 1:51 PM, Oğuz <oguzismailuy...@gmail.com> wrote: > Taking "always double-quote your dollar variables", "eval is evil, avoid it", > etc. as "the rule" is cargo cult programming. Average programmer's > incompetence doesn't make the shell broken or unsafe or anything like that > and doesn't justify parroting nonsensical advice like those.
Double-quoting is VERY VERY good advice, which is why it’s so widely recommended & often required. For another example, Google requires it for their code <https://google.github.io/styleguide/shellguide.html> and Googlers are not stupid. Half of all programmers are BELOW average, and if your code lives over time, your code is likely to be maintained by them. In addition, even top software developers make mistakes. Assuming that “I cannot ever make a mistake” borders on arrogance; everyone has a bad day. “Cargo cult programming” means you do something without understanding the reasons for it. But in this case, we know EXACTLY why it’s done, and there are good reasons for it, so no cargo cult is present. You may think you can’t ever make mistakes, so double-quoting is not needed, but I frankly don’t believe you. It is wise to write code in a way that *assumes* that humans make mistakes, and reduce (1) the likelihood of mistakes and (2) consequences of those mistakes. If it doesn’t matter if your code is correct, then sure, don’t bother. If it *matters* that the code is correct, then take steps to increase that likelihood. BUT: this seems far afield of what a standards body (especially this group) normally does, so I’ll get back to the “command -v and friends discussion”. There’s already “command -v COMMAND”, which is already in POSIX and returns true if it can find an executable COMMAND (and described in the spec). It may not have *exactly* the semantics the requestor wanted, but in *practice* I think it works very well for typical use cases. Why would something more exotic need to be standardized? I haven’t seen *why* it would matter. --- David A. Wheeler
