shellfirm
| Crates.io | shellfirm |
| lib.rs | shellfirm |
| version | 0.2.10 |
| source | src |
| created_at | 2022-01-03 13:53:53.708954 |
| updated_at | 2023-12-09 12:52:15.499847 |
| description | `shellfirm` will intercept any risky patterns (default or defined by you) and prompt you a small challenge for double verification, kinda like a captcha for your terminal. |
| homepage | https://github.com/kaplanelad/shellfirm |
| repository | https://github.com/kaplanelad/shellfirm |
| max_upload_size | |
| id | 507130 |
| size | 156,833 |
Elad Kaplan (kaplanelad)
documentation
README
shellfirm
Opppppsss you did it again? :scream: :scream: :cold_sweat:
How do I save myself from myself?
rm -rf *git reset --hardBefore hitting the enter key?kubectl delete nsStop! you are going to delete a lot of resources- And many more!
Do you want to learn from other people's mistakes?
shellfirm will intercept any risky patterns and immediately prompt a small challenge that will double verify your action, think of it as a captcha for your terminal.
rm -rf /
#######################
# RISKY COMMAND FOUND #
#######################
* You are going to delete everything in the path.
Solve the challenge: 8 + 0 = ? (^C to cancel)
How does it work?
shellfirm will evaluate all the shell commands behind the scenes.
If a risky pattern is detected, you will immediately get a prompt with the relevant warning to verify your command.
Example
Setup your shell
Install via brew
brew tap kaplanelad/tap && brew install shellfirm
Or download the binary file from releases page, unzip the file and move to /usr/local/bin folder.
Validate shellfirm installation
shellfirm --version
Verify installation
mkdir /tmp/shellfirm
cd /tmp/shellfirm
git reset --hard
Select your shell
Oh My Zsh
Download zsh plugin:curl https://raw.githubusercontent.com/kaplanelad/shellfirm/main/shell-plugins/shellfirm.plugin.oh-my-zsh.zsh --create-dirs -o ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/shellfirm/shellfirm.plugin.zsh
Add shellfirm to the list of Oh My Zsh plugins when Zsh is loaded(inside ~/.zshrc):
plugins=(... shellfirm)
Bash
Bash implementation is based on https://github.com/rcaloras/bash-preexec project, which adds a pre-exec hook to catch the command before executing.# Download bash-preexec hook functions.
curl https://raw.githubusercontent.com/rcaloras/bash-preexec/master/bash-preexec.sh -o ~/.bash-preexec.sh
# Source our file at the end of our bash profile (e.g. ~/.bashrc, ~/.profile, or ~/.bash_profile)
echo '[[ -f ~/.bash-preexec.sh ]] && source ~/.bash-preexec.sh' >> ~/.bashrc
# Download shellfirm pre-exec function
curl https://raw.githubusercontent.com/kaplanelad/shellfirm/main/shell-plugins/shellfirm.plugin.sh -o ~/.shellfirm-plugin.sh
# Load pre-exec command on shell initialized
echo 'source ~/.shellfirm-plugin.sh' >> ~/.bashrc
fish
curl https://raw.githubusercontent.com/kaplanelad/shellfirm/main/shell-plugins/shellfirm.plugin.fish -o ~/.config/fish/conf.d/shellfirm.plugin.fish
Zsh
# Add shellfirm to conf.d fishshell folder
curl https://raw.githubusercontent.com/kaplanelad/shellfirm/main/shell-plugins/shellfirm.plugin.zsh -o ~/.shellfirm-plugin.sh
echo 'source ~/.shellfirm-plugin.sh' >> ~/.zshrc
:information_source: Open a new shell session
:eyes: :eyes: Verify installation :eyes: :eyes:
You should get a shellfirm prompt challenge.
If you didn't get the prompt challenge:
- Make sure the
shellfirm --versionreturns a valid response. - Make sure that you downloaded the Zsh plugin and added it to the Oh My Zsh plugins in .zshrc.
Risky commands
We have predefined a baseline of risky groups command that will be enabled by default, these are risky commands that might be destructive.
| Group | Enabled By Default |
|---|---|
| base | true |
| git | true |
| fs | true |
| fs-strict | false |
| kubernetes | false |
| kubernetes-strict | false |
| heroku | false |
| terraform | false |
Add/Remove new group checks
shellfirm config update-groups
Change challenge:
Currently we support 3 different challenges when a risky command is intercepted:
Math- Default challenge which requires you to solve a math question.Enter- Required only to pressEnterto continue.Yes- Required typingyesto continue.
You can change the default challenge by running the command:
shellfirm config challenge
At any time you can cancel a risky command by hitting ^C
Ignore pattern:
You can disable one or more patterns in a selected group by running the command:
shellfirm config ignore
Deny pattern command:
Restrict user run command by select pattern id's that you not allow to run in the shell:
shellfirm config deny
To Upgrade shellfirm
brew upgrade shellfirm
Contributing
Thank you for your interest in contributing! Please refer to contribution guidelines for guidance.
Copyright
Copyright (c) 2022 @kaplanelad. See LICENSE for further details.