Commit graph

6280 commits

Author SHA1 Message Date
Paul Scott 0314604384
fix(lib): don't error if INSIDE_EMACS is not defined (#10443) 2021-11-25 23:55:21 +01:00
Marc Cornellà 2b96b7c54b
fix(updater): stop update if $ZSH is not a git repository (#10448)
Fixes #10448
2021-11-25 23:36:38 +01:00
Marc Cornellà 15fd9c84de style(bundler): simplify bundled_commands array operations 2021-11-17 13:09:25 +01:00
Marc Cornellà 98b4801548 fix(bundler): use BUNDLE_JOBS in bi to avoid config file change
When calling `bundle install` with `--jobs=<n>`, bundle persists this
argument in `.bundle/config`. If we run `BUNDLE_JOBS=<n> bundle install`
instead, this is not persisted.

Fixes #10425
2021-11-17 13:09:25 +01:00
Aurora ff09151d6b
fix(bgnotify): avoid permission prompts by checking frontmost app ID (#10318)
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-11-17 11:44:04 +01:00
Marc Cornellà 88e72e8a54 fix(docker-compose)!: check for old command instead of calling docker (#10409)
BREAKING CHANGE: the plugin now checks for the `docker-compose` command instead
of trying whether `docker compose` is a valid command. This means that if the
old command is still installed it will be used instead. To use `docker compose`,
uninstall any old copies of `docker-compose`.

Fixes #10409
2021-11-17 11:05:25 +01:00
Marc Cornellà b60b3f1842
fix(osx): deprecate osx plugin without symlink (#10428)
Fixes #10428
2021-11-17 10:53:17 +01:00
Brian Tannous 2b379ec42c
feat(kn): add plugin for kn completion (#8927) 2021-11-17 10:33:48 +01:00
Marc Cornellà 60b89cd264
feat(ssh-agent): add quiet option to silence plugin (#9659)
Closes #9659

Co-authored-by: Jeff Warner <jeff@develops.software>
2021-11-17 09:55:39 +01:00
Marc Cornellà fb12e41353
fix(install): fix backslash in printf when showing logo (#10422)
Fixes #10422
2021-11-16 19:24:32 +01:00
Marc Cornellà 2c06852546
style(dirhistory): remove use of eval completely 2021-11-16 17:18:07 +01:00
Marc Cornellà b3ba9978cc
fix(themes): fix potential command injection in pygmalion, pygmalion-virtualenv and refined
The pygmalion and pygmalion-virtualenv themes unsafely handle git prompt information
which results in a double evaluation of this information, so a malicious git repository
could trigger a command injection if the user cloned and entered the repository.

A similar method could be used in the refined theme. All themes have been patched against this
vulnerability.
2021-11-11 22:45:40 +01:00
Marc Cornellà 72928432f1
fix(plugins): fix potential command injection in rand-quote and hitokoto
The `rand-quote` plugin uses quotationspage.com and prints part of its content to the
shell without sanitization, which could trigger command injection. There is no evidence
that this has been exploited, but this commit removes all possibility for exploit.

Similarly, the `hitokoto` plugin uses the hitokoto.cn website to print quotes to the
shell, also without sanitization. Furthermore, there is also no evidence that this has
been exploited, but with this change it is now impossible.
2021-11-11 22:45:24 +01:00
Marc Cornellà a263cdac9c
fix(lib): fix potential command injection in title and spectrum functions
The `title` function unsafely prints its input without sanitization, which if used
with custom user code that calls it, it could trigger command injection.

The `spectrum_ls` and `spectrum_bls` could similarly be exploited if a variable is
changed in the user's shell environment with a carefully crafted value. This is
highly unlikely to occur (and if possible, other methods would be used instead),
but with this change the exploit of these two functions is now impossible.
2021-11-11 22:45:11 +01:00
Marc Cornellà 06fc5fb129
fix(dirhistory): fix unsafe eval bug in back and forward widgets
The plugin unsafely processes directory paths in pop_past and pop_future.
This commit fixes that.
2021-11-11 22:44:28 +01:00
Marc Cornellà 6cb41b70a6
fix(lib): fix omz_urldecode unsafe eval bug
The `omz_urldecode` function uses an eval to decode the input which can be
exploited to inject commands. This is used only in the svn plugin and it
requires a complex process to exploit, so it is highly unlikely to have been
used by an attacker.
2021-11-11 22:44:18 +01:00
Marc Cornellà 1448d234d6
fix(dirhistory): fix Up/Down key bindings for Terminal.app
Reference: https://github.com/ohmyzsh/ohmyzsh/commit/7f49494#commitcomment-60117011
2021-11-11 17:20:07 +01:00
Kirill Molchanov 22de1d304c
fix(command-not-found): pass arguments correctly in Termux (#10403) 2021-11-10 15:03:38 +01:00
Marc Cornellà 1d166eaaa1
fix(cli): avoid git -C for compatibility with git < v1.8.5 (#10404) 2021-11-10 11:35:17 +01:00
Marc Cornellà e3f7b8aa57
fix(updater): avoid git -C for compatibility with git < v1.8.5 (#10404)
Fixes #10404
2021-11-10 11:21:59 +01:00
Marc Cornellà db19589fcf
refactor(updater): simplify check for available updates 2021-11-09 19:56:53 +01:00
Marc Cornellà 5c2440cb0c
style(frontend-search): rename completion file to _frontend 2021-11-09 12:07:23 +01:00
Marc Cornellà 9a11b34101
fix(cli): fix check for completion files in omz plugin load 2021-11-09 12:03:59 +01:00
Marc Cornellà 3dc66bd367
fix(emotty): fix glyphs output width in emotty theme 2021-11-09 10:25:23 +01:00
Janusz Mordarski 4a74349635
feat(refined): allow selecting git branch by changing prefix to : (#10400) 2021-11-09 09:50:25 +01:00
Kevin Burke e86c6f5e7f
style: use -n flag in head and tail commands (#10391)
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-11-09 09:04:10 +01:00
Shahin Sorkh 55682e3692
feat(tmux): set session name with ZSH_TMUX_DEFAULT_SESSION_NAME (#9063) 2021-11-08 15:32:09 +01:00
Marc Cornellà 90903779b9
refactor(percol): fix style, bind keys for vi-mode and remove dependencies 2021-11-08 14:01:34 +01:00
Jonathan Batchelor b2f35a7b98
refactor(osx): Rename osx plugin to macos (#10341)
Apple changed the name of their operating system from OS X to macOS a number of years ago. This was overdue!

As per issue  #10311

* refactor(osx): rename `osx` plugin to `macos`
* refactor(macos): Add symbolic link from old `osx` plugin name.
2021-11-05 16:40:38 -07:00
Marc Cornellà 7a2cb10625
fix(updater): stop update if connection unavailable 2021-11-05 19:47:29 +01:00
Marc Cornellà 0520c2e309
docs: add Security Policy 2021-11-03 18:21:04 +01:00
amnore 9a02515c7c
fix(command-not-found): pass arguments correctly in NixOS (#10381) 2021-11-03 13:17:23 +01:00
Aaron Hutchinson 5e8905b4b2
feat(ys): increase color contrast with light color schemes (#10295) 2021-11-02 19:40:40 +01:00
Michael Peick 79cf4b3ceb
feat(dirhistory): support urxvt terminal key binding (#8370)
Closes #8370
2021-11-02 15:12:43 +01:00
Marc Cornellà 7f494944e6
fix(dirhistory): fix ALT+Up/Down key bindings for Terminal.app 2021-11-02 15:12:43 +01:00
Marc Cornellà 49458b872d
docs(dirhistory): document OPT key alternative for macOS and fix style
Fixes #10350
2021-11-02 15:12:43 +01:00
Richard Mitchell bf88ff3f90
fix(lib): fix 1 alias to cd to directory 1 in stack (#10370) 2021-11-02 12:05:37 +01:00
Afzal Sayed 04c96e235f
chore: fix grammar mistake in CONTRIBUTING.md (#10362) 2021-10-30 13:20:30 +02:00
YR Chen 1861b5f175
feat(xcode): support Package.swift as project file in xc (#10358) 2021-10-29 17:40:23 +02:00
Christophe Bliard 2e46b2a2dc
feat(fzf): support getting fzf from nix-darwin (#10355) 2021-10-27 11:40:09 +02:00
Marc Cornellà 1dba112041
fix(changelog): fix for ${(@ps:$sep:)var} construct in zsh < 5.0.8
In recent zsh versions, `${(@ps:$sep:)var}` where $sep is a variable containing
a separator string and $var is a string with multiple values separated by $sep,
the `p` flag makes zsh correctly expand $sep before splitting $var. In versions
older than 5.0.8, this doesn't happen, so we use `eval` to get the same effect.
2021-10-27 10:12:23 +02:00
Marc Cornellà 4b3a5c5411
fix(changelog): fix percent escapes in printf calls 2021-10-26 21:04:02 +02:00
Marc Cornellà 0267cb89eb
perf(changelog): use regex-match instead of sed to parse commit subjects 2021-10-26 21:04:01 +02:00
Marc Cornellà 140bfa8432
fix(changelog): go back to ignoring commits from merged branches 2021-10-26 21:04:01 +02:00
Marc Cornellà 9c8131e417
perf(changelog): use a single git log command to get all commit messages 2021-10-26 21:04:00 +02:00
José Camelo Freitas 4f67b02a9f
feat(mix): update mix commands and descriptions (#10273) 2021-10-26 16:07:46 +02:00
Marc Cornellà c2b9ae2937
fix(changelog): don't show more than 40 commits (#10345)
Fixes #10345
2021-10-26 13:23:07 +02:00
Sina Tak Tehrani 1e5e834e0f
fix(cli): exit omz update with correct error code (#10342) 2021-10-25 20:28:22 +02:00
Marc Cornellà f1dd97bb2a
fix(ssh-agent): fix check for running ssh-agent process with hidepid /proc (#8492)
Fixes #8492
2021-10-23 05:16:15 +02:00
Rob Vadai 46f8765f4c
feat(osx): add freespace command to clean purgeable disk space (#8762)
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-10-20 22:58:28 +02:00