Marc Cornellà
ef3f7c43a9
fix: apply workaround patch for vcs_info (CVE-2021-45444)
...
This lib function applies a patch to the VCS_INFO_formats function
in zsh versions from v5.0.3 until v5.8, which don't quote % chars
in some arguments received. Normally that just means that some
% characters in these strings (branch names, directories, etc.)
will be incorrectly parsed as formatting sequences.
With CVE-2021-45444, however, this means that one of these strings
from a malicious source (e.g. a malicious git repository) can
trigger command injection and run arbitrary code in the user's
machine when visiting such git repository.
Zsh 5.8.1 fixes this vulnerability [1], but older vcs_info setups
still need a workaround such as this one to patch the vulnerability.
[1] c3ea1e5d52
2022-02-13 19:07:12 +01:00
Carlo Sala
0da33ca22b
fix(cli): disable GPG signing in omz pr test
to avoid key prompt ( #10677 )
2022-02-10 11:50:04 +01:00
Marc Cornellà
e1a9d0ce3e
fix(cli): allow omz
commands to be used in a script ( #10645 )
...
The commands `omz plugin {enable,disable}` and `omz theme set`
automatically reload the zsh session on success. With this
change, the CLI checks whether the commands are run in an
interactive session before reloading the zsh session.
This change also conditionally sets the completion function
for `omz` so that it's not done in a non-interactive session.
2022-02-02 23:02:23 +01:00
Marc Cornellà
f64cabc780
fix(cli): make sure to run zsh
command if an alias exists ( #9737 )
...
Fixes #9737
2022-01-24 17:38:32 +01:00
Marc Cornellà
84931adcd4
fix: do not call chpwd hooks in subshells
2022-01-22 22:07:09 +01:00
Marc Cornellà
567bd59395
refactor(cli): use self-referencing in subcommand functions
2022-01-17 13:18:10 +01:00
Marc Cornellà
035c856c2c
fix: get branch name first in omz version
and changelog
2022-01-13 17:46:09 +01:00
Marc Cornellà
a92ee838f3
fix(cli): follow symlinks in plugin or theme completions
2022-01-09 20:27:22 +01:00
Marc Cornellà
5b076eab9b
fix(lib): quote % in nvm_prompt_info
2022-01-03 13:50:50 +01:00
Marc Cornellà
304af0a577
fix(lib): quote % in git_remote_status
2022-01-03 13:50:50 +01:00
Marc Cornellà
8ae373130c
fix(cli): respect ZDOTDIR
in plugin/theme change commands ( #10520 )
...
Fixes #10520
2021-12-21 17:01:56 +01:00
Marc Cornellà
4b4cc9a4a5
fix(cli): fix plugin and theme suggestions in completion for older zsh versions
2021-12-16 10:50:34 +01:00
Marc Cornellà
9a3d853481
fix: quote % characters in ruby prompt info functions
2021-12-13 17:43:32 +01:00
Marc Cornellà
428f815169
fix(lib): %-quote git prompt functions
2021-12-13 11:26:55 +01:00
Marc Cornellà
f0f792fa6b
feat(cli): add omz version
command
2021-11-30 10:13:23 +01:00
Paul Scott
0314604384
fix(lib): don't error if INSIDE_EMACS
is not defined ( #10443 )
2021-11-25 23:55:21 +01:00
Marc Cornellà
a263cdac9c
fix(lib): fix potential command injection in title
and spectrum
functions
...
The `title` function unsafely prints its input without sanitization, which if used
with custom user code that calls it, it could trigger command injection.
The `spectrum_ls` and `spectrum_bls` could similarly be exploited if a variable is
changed in the user's shell environment with a carefully crafted value. This is
highly unlikely to occur (and if possible, other methods would be used instead),
but with this change the exploit of these two functions is now impossible.
2021-11-11 22:45:11 +01:00
Marc Cornellà
6cb41b70a6
fix(lib): fix omz_urldecode
unsafe eval bug
...
The `omz_urldecode` function uses an eval to decode the input which can be
exploited to inject commands. This is used only in the svn plugin and it
requires a complex process to exploit, so it is highly unlikely to have been
used by an attacker.
2021-11-11 22:44:18 +01:00
Marc Cornellà
1d166eaaa1
fix(cli): avoid git -C
for compatibility with git < v1.8.5 ( #10404 )
2021-11-10 11:35:17 +01:00
Marc Cornellà
9a11b34101
fix(cli): fix check for completion files in omz plugin load
2021-11-09 12:03:59 +01:00
Kevin Burke
e86c6f5e7f
style: use -n
flag in head
and tail
commands ( #10391 )
...
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-11-09 09:04:10 +01:00
Richard Mitchell
bf88ff3f90
fix(lib): fix 1
alias to cd
to directory 1 in stack ( #10370 )
2021-11-02 12:05:37 +01:00
Sina Tak Tehrani
1e5e834e0f
fix(cli): exit omz update
with correct error code ( #10342 )
2021-10-25 20:28:22 +02:00
michael-yuji
f82aa81931
fix(lib): fix diff --color
argument check for BSD systems ( #10269 )
2021-10-10 19:15:24 +02:00
Pooya Vahidi
07cdd7a539
fix(lib): fix status exit code check in git_prompt_status
( #10275 )
2021-10-09 12:02:49 +02:00
Marc Cornellà
b621eee21f
fix(cli): fix zsh array syntax for szh 5.0.2
2021-10-05 11:58:39 +02:00
Monson Shao
be4a952972
feat(cli)!: add omz reload
command and deprecate zsh_reload
plugin ( #9078 )
...
BREAKING CHANGE: the `zsh_reload` plugin is deprecated. Instead of using its `src`
function, use `omz reload` or `exec zsh` to reload zsh after making changes to
your `.zshrc` file.
Closes #9078
2021-10-04 16:24:05 +02:00
Marc Cornellà
3c209b00d6
feat(cli): show current theme in omz theme list
...
Fixes #9540
2021-09-30 15:45:12 +02:00
Marc Cornellà
5f99eb5afd
fix(cli): get branch and tags from OMZ folder in omz changelog
completion
2021-09-30 10:18:53 +02:00
Celestino Gomes
c7a55086e1
feat(lib): don't correct su
command arguments ( #10214 )
2021-09-29 18:07:25 +02:00
Marc Cornellà
54e3e8ef54
fix(lib): fix automatic title abort inside Emacs ( #10124 )
...
Closes #10124
Co-authored-by: Paul Schorfheide <pschorf2@gmail.com>
Co-authored-by: Alastair Rankine <alastair@girtby.net>
2021-09-29 17:19:25 +02:00
Simon Rogers
16de514047
feat(lib): allow setting custom completion dots sequence ( #9424 )
...
Closes #9424
Closes #9703
Co-authored-by: mortezadadgar <mortezadadgar97@gmail.com>
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-09-22 11:30:07 +02:00
Marc Cornellà
cbb534267a
feat(cli): add theme set
subcommand to change theme in .zshrc
...
Fixes #9087
2021-08-18 16:58:36 +02:00
Marc Cornellà
8dedf26294
style(cli): print usage messages to stderr
2021-08-18 12:50:22 +02:00
Marc Cornellà
7a4f4ad91e
fix(lib): fix clipboard copy on Termux
2021-08-17 17:38:31 +02:00
Marc Cornellà
bc7ce982dd
style(cli): fill rows in column output in theme and plugin list
commands
2021-08-17 12:53:09 +02:00
Marc Cornellà
bf888680ea
refactor(cli): extract substitution awk script in plugin disable
2021-08-17 12:44:53 +02:00
Marc Cornellà
708bbe12c5
fix(cli): fix multiple errors in plugin disable/enable
2021-08-17 12:31:37 +02:00
pollyduan
4455c13e06
feat(cli): add subcommands for plugin enable
and disable
( #9869 )
...
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-08-17 12:10:54 +02:00
James Eapen
6e4c9df4a4
feat(cli): add plugin load
subcommand ( #9872 )
...
Fixes #9672
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-08-13 12:33:30 +02:00
Marc Cornellà
7eeb1e193d
refactor(lib): refactor take functions
2021-08-10 21:09:21 +02:00
Marc Cornellà
c249288151
feat(lib): add mkcd
as equivalent to takedir
( #9749 )
...
Fixes #9749
2021-08-10 21:06:46 +02:00
Marc Cornellà
e32d4b1e19
fix(lib): remove kubectx
stub prompt function from lib
...
Fixes #9974
2021-06-17 18:54:52 +02:00
Stanisław Szydło
5152d381bb
feat(kubectx): adding a new plugin for 'kubectx' ( #6114 )
...
Co-authored-by: Marc Cornellà <marc.cornella@live.com>
Co-authored-by: Robby Russell <robby@planetargon.com>
2021-06-13 08:23:13 -07:00
Mitchel Humpherys
f68d65d32a
feat(take): add support to `take' for taking remote urls ( #2029 )
...
Download, extract, and cd into the resulting directory.
Co-authored-by: Mitchel Humpherys <mitchelh@codeaurora.org>
2021-06-11 21:09:08 -07:00
Marc Cornellà
02d07f3e3d
fix: use $USERNAME
guaranteed to always be defined in zsh
...
Fixes #9701
2021-03-25 12:08:00 +01:00
Vlad Korolev
0ab87c26c1
fix(terraform): use faster method to get workspace ( #9709 )
...
Also add tf_prompt_info to the list of prompt functions so theme writers are aware of it
2021-03-08 10:46:42 +01:00
Cai Cooper
6fbad5bf72
fix(update): don't error on upgrade no-op ( #9685 )
...
* Don't error on upgrade no-op
No error code is required for a non failure scenario.
* Manually check whether changes were pulled in `omz update`
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-03-01 08:17:54 +01:00
Marc Cornellà
8b37f817c2
fix(lib): use -N syntax in head
and tail
to support Solaris ( #6391 )
...
Closes #6391
Co-authored-by: Sergey Mashkov <cy6erGn0m@gmail.com>
2021-01-16 18:59:24 +01:00
Kyle Gerard Felker
c9bf8b4a84
fix(lib): update Emacs terminal detection in title
function ( #9577 )
...
Environment variable EMACS was replaced by INSIDE_EMACS
2021-01-07 20:55:18 +01:00