bidichk finds dangerous unicode character sequences in Go source files.
The following unicode characters are considered dangerous:
- U+202A: LEFT-TO-RIGHT-EMBEDDING
- U+202B: RIGHT-TO-LEFT-EMBEDDING
- U+202C: POP-DIRECTIONAL-FORMATTING
- U+202D: LEFT-TO-RIGHT-OVERRIDE
- U+202E: RIGHT-TO-LEFT-OVERRIDE
- U+2066: LEFT-TO-RIGHT-ISOLATE
- U+2067: RIGHT-TO-LEFT-ISOLATE
- U+2068: FIRST-STRONG-ISOLATE
- U+2069: POP-DIRECTIONAL-ISOLATE
Download bidichk
from the releases or get the latest version from source with:
go install github.com/breml/bidichk/cmd/bidichk@latest
golangci-lint supports bidichk, so you can enable this linter and use it.
Check everything:
bidichk ./...
If you run bidichk via golangci-lint look at .golangci.example.yml for an example of the configuration.
Otherwise you can run bidichk with --disallowed-runes
flag to specify the runes you consider harmful.
E.g. the following command considers only the LEFT-TO-RIGHT-OVERRIDE
unicode rune as dangerous:
bidichk --disallowed-runes LEFT-TO-RIGHT-OVERRIDE ./...
For the full list of supported unicode runes see above or use
bidichk --help