How do I save myself from myself?

• rm -rf *
• git reset --hard Before hitting the enter key?
• kubectl delete ns Stop! you are going to delete a lot of resources
• And many more!

Do you want to learn from other people's mistakes?

shellfirm will intercept any risky patterns (predefined or user's custom additions) and will immediately prompt a small challenge that will double verify your action, think of it as a captcha for your terminal.

$ rm -rf /
#######################
# RISKY COMMAND FOUND #
#######################
* You are going to delete everything in the path.

Solve the challenge: 8 + 0 = ? (^C to cancel)

shellfirm will evaluate all the shell commands behind the scenes. If a risky pattern is detected, you will immediately get a prompt with the relevant warning to verify your command.

brew tap kaplanelad/tap && brew install shellfirm

Or download the binary file from releases page, unzip the file and move to /usr/local/bin folder.

• Download zsh plugin:

curl https://raw.githubusercontent.com/kaplanelad/shellfirm/main/shell-plugins/shellfirm.plugin.zsh --create-dirs -o ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/shellfirm/shellfirm.plugin.zsh

• Add shellfirm to the list of Oh My Zsh plugins when Zsh is loaded(inside ~/.zshrc):

plugins=(... shellfirm)

• ℹ️ Open a new shell session

• bash
• fish

$ mkdir /tmp/shellfirm
$ cd /tmp/shellfirm
$ git reset --hard

You should get a shellfirm prompt challenge.

If you didn't get the prompt challenge:

1. Make sure the shellfirm --version returns a valid response.
2. Make sure that you downloaded the Zsh plugin and added it to the Oh My Zsh plugins in .zshrc.

We have predefined a baseline of risky groups command that will be enabled by default, these are risky commands that might be destructive.

shellfirm creates by default a configuration file at ~/.shellfirm/config.yaml. Make sure that you only edit enable field (in case you want to disable a specific check), all the rest fields are managed by shellfirm command (shellfirm config --help).

challenge: Math # Math, Enter, Yes

includes: 
  - base
  - fs
  - git

checks:
  - test: git reset
    method: Contains
    enable: true
    description: "This command going to reset all your local changes."
    from: git
    challenge: Default
  - test: "rm.+(-r|-f|-rf|-fr)*"
    method: Regex
    enable: true
    description: "You are going to delete everything in the path."
    from: fs
    challenge: Default
  - test: ">.+/dev/sda"
    method: Regex
    enable: true
    description: "Writing the data directly to the hard disk drive and damaging your file system."
    from: fs
    challenge: Default
  - test: "mv+.*/dev/null"
    method: Regex
    enable: true
    description: "The files will be discarded and destroyed."
    from: fs
    challenge: Default

ℹ️ To define custom checks that are not part of shillfirm baseline, add new checks to the config.yaml with the following field: from: custom.

  - test: "command to check"
    method: Regex
    enable: true
    description: "Example of custom check."
    from: custom
    challenge: Default

ℹ️ To define different challenge for a checks you can change the field challenge: Default with a different check.

$ shellfirm config update {risky-command-group-a} {risky-command-group-b}

$ shellfirm config update {group} {group} --remove

Edit the configuration file in ~/.shellfirm/config.yaml and change the check to enable:false.

Currently we support 3 different challenges when a risky command is intercepted:

• Math - Default challenge which requires you to solve a math question.
• Enter - Required only to press Enter to continue.
• Yes - Required typing yes to continue.

You can change the default challenge by running the command:

$ shellfirm config challenge Math

At any time you can cancel a risky command by hitting ^C

$ brew upgrade shellfirm

• Add new check group or override configuration with new checks

Thank you for your interest in contributing! Please refer to contribution guidelines for guidance.