Skip to content
/ bidichk Public

Go linter which checks for dangerous unicode character sequences

License

Notifications You must be signed in to change notification settings

breml/bidichk

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

96 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

bidichk - checks for dangerous unicode character sequences

Test Status Go Report Card License

bidichk finds dangerous unicode character sequences in Go source files.

Considered dangerous unicode characters

The following unicode characters are considered dangerous:

  • U+202A: LEFT-TO-RIGHT-EMBEDDING
  • U+202B: RIGHT-TO-LEFT-EMBEDDING
  • U+202C: POP-DIRECTIONAL-FORMATTING
  • U+202D: LEFT-TO-RIGHT-OVERRIDE
  • U+202E: RIGHT-TO-LEFT-OVERRIDE
  • U+2066: LEFT-TO-RIGHT-ISOLATE
  • U+2067: RIGHT-TO-LEFT-ISOLATE
  • U+2068: FIRST-STRONG-ISOLATE
  • U+2069: POP-DIRECTIONAL-ISOLATE

Installation

Download bidichk from the releases or get the latest version from source with:

go install github.com/breml/bidichk/cmd/bidichk@latest

Usage

golangci-lint

golangci-lint supports bidichk, so you can enable this linter and use it.

Shell

Check everything:

bidichk ./...

Enable only required unicode runes

If you run bidichk via golangci-lint look at .golangci.example.yml for an example of the configuration.

Otherwise you can run bidichk with --disallowed-runes flag to specify the runes you consider harmful.

E.g. the following command considers only the LEFT-TO-RIGHT-OVERRIDE unicode rune as dangerous:

bidichk --disallowed-runes LEFT-TO-RIGHT-OVERRIDE ./...

For the full list of supported unicode runes see above or use

bidichk --help

Inspiration