Newly introduced findings

List of Findings

Error: SHELLCHECK_WARNING: [#def1]
/usr/bin/copr-backend-service:3:6: warning[SC3028]: In POSIX sh, EUID is undefined.
#    1|   #!/usr/bin/sh
#    2|   
#    3|-> if [ $EUID -ne 0 ]; then
#    4|      echo -e "This script must be run as root!\n"
#    5|      exit 1

Error: SHELLCHECK_WARNING: [#def2]
/usr/bin/copr-backend-service:4:9: warning[SC3037]: In POSIX sh, echo flags are undefined.
#    2|   
#    3|   if [ $EUID -ne 0 ]; then
#    4|->    echo -e "This script must be run as root!\n"
#    5|      exit 1
#    6|   fi

Error: SHELLCHECK_WARNING (CWE-156): [#def3]
/usr/bin/copr-backend-service:37:21: warning[SC2046]: Quote this to prevent word splitting.
#   35|   start() {
#   36|       echo "Starting Copr backend services..."
#   37|->     systemctl start $(copr_target_services)
#   38|       echo "Done."
#   39|       return 0

Error: SHELLCHECK_WARNING (CWE-252): [#def4]
/usr/bin/copr_find_obsolete_builds.sh:9:5: warning[SC2164]: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
#    7|   if [ -d $CHROOT_PATH ]
#    8|   then
#    9|->     cd $CHROOT_PATH
#   10|   
#   11|       # query latest (successful) packages

Error: SHELLCHECK_WARNING (CWE-156): [#def5]
/usr/bin/copr_find_obsolete_builds.sh:15:12: warning[SC2046]: Quote this to prevent word splitting.
#   13|       ERR_LOG=$(mktemp)
#   14|       # "yum clean metadata" does not work on this custom repos
#   15|->     rm -rf $(find /var/tmp -name query &> /dev/null) &> /dev/null
#   16|       rm -rf /var/tmp/createrepo* &> /dev/null
#   17|       rm -rf /var/cache/yum/* &> /dev/null

Error: SHELLCHECK_WARNING (CWE-398): [#def6]
/usr/bin/copr_find_obsolete_builds.sh:23:20: warning[SC2044]: For loops over find output are fragile. Use find -exec or a while read loop.
#   21|   
#   22|       # Remove builds older then $DAYS days and which have newer builds available
#   23|->     for SUCCESS in $(find -name success -mtime +$DAYS); do
#   24|           DIR=$(basename $(dirname $SUCCESS))
#   25|           echo "# checking dir: " $DIR

Error: SHELLCHECK_WARNING (CWE-156): [#def7]
/usr/bin/copr_find_obsolete_builds.sh:24:24: warning[SC2046]: Quote this to prevent word splitting.
#   22|       # Remove builds older then $DAYS days and which have newer builds available
#   23|       for SUCCESS in $(find -name success -mtime +$DAYS); do
#   24|->         DIR=$(basename $(dirname $SUCCESS))
#   25|           echo "# checking dir: " $DIR
#   26|           for PACKAGE in $(ls $DIR); do

Error: SHELLCHECK_WARNING (CWE-398): [#def8]
/usr/bin/copr_find_obsolete_builds.sh:26:24: error[SC2045]: Iterating over ls output is fragile. Use globs.
#   24|           DIR=$(basename $(dirname $SUCCESS))
#   25|           echo "# checking dir: " $DIR
#   26|->         for PACKAGE in $(ls $DIR); do
#   27|               grep $PACKAGE $LATEST_PKGS >/dev/null && continue 2
#   28|           done

Scan Properties

analyzer-version-clippy	1.84.1
analyzer-version-cppcheck	2.16.2
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.84.1
diffbase-analyzer-version-cppcheck	2.16.2
diffbase-analyzer-version-gcc	15.0.1
diffbase-analyzer-version-gcc-analyzer	15.0.1
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-98.us-west-2.compute.internal
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	copr-rpmbuild-1.2-1.20250203115347477291.main.51.gcacc58381
diffbase-store-results-to	/tmp/tmpb_72e9t8/copr-rpmbuild-1.2-1.20250203115347477291.main.51.gcacc58381.tar.xz
diffbase-time-created	2025-02-10 13:44:27
diffbase-time-finished	2025-02-10 13:46:05
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,clippy,shellcheck,gcc,unicontrol' '-o' '/tmp/tmpb_72e9t8/copr-rpmbuild-1.2-1.20250203115347477291.main.51.gcacc58381.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '/tmp/tmpb_72e9t8/copr-rpmbuild-1.2-1.20250203115347477291.main.51.gcacc58381.src.rpm'
diffbase-tool-version	csmock-3.8.0-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-98.us-west-2.compute.internal
mock-config	fedora-rawhide-x86_64
project-name	copr-backend-2.1-1.20250210133521138729.pr2.4841.g9860d2a94
store-results-to	/tmp/tmp95c8y859/copr-backend-2.1-1.20250210133521138729.pr2.4841.g9860d2a94.tar.xz
time-created	2025-02-10 13:46:32
time-finished	2025-02-10 13:47:55
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,clippy,shellcheck,gcc,unicontrol' '-o' '/tmp/tmp95c8y859/copr-backend-2.1-1.20250210133521138729.pr2.4841.g9860d2a94.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '/tmp/tmp95c8y859/copr-backend-2.1-1.20250210133521138729.pr2.4841.g9860d2a94.src.rpm'
tool-version	csmock-3.8.0-1.el9