How is it dangerous?
Truthful query.
In POSIX shells resembling bash, trendy sh, ksh, and zsh, you should use double ampersand and/or set -e to make sure that no exit code errors from instructions are dropped. However most individuals will use the unsafe kinds: semicolon or newline. In consequence, any scripts or interactive classes are prone to ignore errors and run successive instructions.
That’s with out stepping into pipefail, IFS, undefined variables, globs, and but different shell pitfalls. Or lure semantics. Something operating in a CLI context is inherently a fragile piece of ■■■■, so simplicity within the command characters is a blessing. Not simplicity in app conduct, however relatively simplicity through which conjunctions or different nonsense are concerned.
The error stays hidden. The already corrupt state could develop into much more corrupt. Wolves bay. The earth trembles.
Native Home windows shells don’t constantly help the POSIX sh conjunction nor security flags. Makes an attempt to use them have a tendency to interrupt Command Immediate / MS-DOS bat(ch) or PowerShell instructions.
Single quotes, escape syntax, POSIX vs GNU vs BSD discover, the names of the stdio handles… such particulars lead to 1000’s of “useful” Stack Overflow posts of command snippets breaking for all sensible functions. They’re vendor locked and fail to contemplate a good portion of the state house.
Fish, (t)csh, ion, and different non-POSIX shells likewise don’t help 100% of those security choices.
Two-step command patterns have a tendency to interrupt security, portability, or each.
As a workaround, you’ll be able to shove them in a POSIX makefile. Or a mage file. (Mage allows you to write duties in pure, usually transportable Go code.) Nonetheless, even make/mage contribute to a bigger assault floor than strictly crucial, complicate the construct course of, and lavatory down CI/CD jobs.
A unified command that performs extra operations, helps to encourage secure, transportable construct steps.
