Skip to content

Files

Latest commit

567907f · Nov 20, 2023

History

History
67 lines (44 loc) · 2.45 KB

README.md

File metadata and controls

67 lines (44 loc) · 2.45 KB

bidichk - checks for dangerous unicode character sequences

Test Status Go Report Card License

bidichk finds dangerous unicode character sequences in Go source files.

Considered dangerous unicode characters

The following unicode characters are considered dangerous:

  • U+202A: LEFT-TO-RIGHT-EMBEDDING
  • U+202B: RIGHT-TO-LEFT-EMBEDDING
  • U+202C: POP-DIRECTIONAL-FORMATTING
  • U+202D: LEFT-TO-RIGHT-OVERRIDE
  • U+202E: RIGHT-TO-LEFT-OVERRIDE
  • U+2066: LEFT-TO-RIGHT-ISOLATE
  • U+2067: RIGHT-TO-LEFT-ISOLATE
  • U+2068: FIRST-STRONG-ISOLATE
  • U+2069: POP-DIRECTIONAL-ISOLATE

Installation

Download bidichk from the releases or get the latest version from source with:

go install github.com/breml/bidichk/cmd/bidichk@latest

Usage

golangci-lint

golangci-lint supports bidichk, so you can enable this linter and use it.

Shell

Check everything:

bidichk ./...

Enable only required unicode runes

If you run bidichk via golangci-lint look at .golangci.example.yml for an example of the configuration.

Otherwise you can run bidichk with --disallowed-runes flag to specify the runes you consider harmful.

E.g. the following command considers only the LEFT-TO-RIGHT-OVERRIDE unicode rune as dangerous:

bidichk --disallowed-runes LEFT-TO-RIGHT-OVERRIDE ./...

For the full list of supported unicode runes see above or use

bidichk --help

Inspiration