shellfirm 0.3.9

`shellfirm` will intercept any risky patterns (default or defined by you) and prompt you a small challenge for double verification, kinda like a captcha for your terminal.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

- from: docker
  test: docker\s+system\s+prune\s+.*(?:-[a-zA-Z]*a|--all)
  description: "This will remove all unused Docker data including stopped containers, networks, dangling images, and build cache."
  id: docker:system_prune_all
  severity: High
  alternative: "docker system prune"
  alternative_info: "Without -a, only dangling images are removed (not all unused images)."
- from: docker
  test: docker\s+rm\s+(-f|--force)\s+(?:\$\(|`)docker\s+ps
  description: "Force removing all running or stopped containers."
  id: docker:force_remove_all_containers
  severity: High
- from: docker
  test: docker\s+rmi\s+(-f|--force)
  description: "Force removing Docker images can break dependent containers."
  id: docker:force_remove_images
  severity: High
- from: docker
  test: docker\s+volume\s+rm
  description: "Removing Docker volumes permanently deletes the data they contain."
  id: docker:remove_volume
  severity: High
- from: docker
  test: docker\s+volume\s+prune
  description: "This will remove all unused Docker volumes and their data."
  id: docker:volume_prune
  severity: High
- from: docker
  test: docker\s+network\s+rm
  description: "Removing a Docker network can disconnect containers using it."
  id: docker:remove_network
  severity: Medium
- from: docker
  test: docker[\s-]compose\s+.*down\s+.*(-v|--volumes)
  description: "This will stop containers AND delete all associated volumes and data."
  id: docker:compose_down_volumes
  severity: High
  alternative: "docker-compose down"
  alternative_info: "Without -v, volumes are preserved so data is not lost."
- from: docker
  test: docker\s+stop\s+\$\(docker\s+ps
  description: "Stopping all running Docker containers."
  id: docker:stop_all_containers
  severity: Medium
- from: docker
  test: docker\s+image\s+prune\s+.*(?:-[a-zA-Z]*a|--all)
  description: "Removes ALL images, not just dangling ones."
  id: docker:image_prune_all
  severity: High
  alternative: "docker image prune"
  alternative_info: "Without -a, only dangling images are removed."
- from: docker
  test: docker\s+container\s+prune
  description: "Removes all stopped containers."
  id: docker:container_prune
  severity: Medium
- from: docker
  test: docker\s+buildx\s+prune\s+.*--all
  description: "Clears the entire Docker build cache."
  id: docker:buildx_prune_all
  severity: High
- from: docker
  test: docker\s+run\s+(.+\s+)?--privileged(\s|$|=true)
  description: "Running a container with --privileged gives it full access to the host system."
  id: docker:run_privileged
  severity: High
  filters:
    - type: NotContains
      value: "--privileged=false"