linux/ohmyzsh
1
0
Fork 0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2026-05-29 04:53:17 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore(dotenv): only declare local variables once

Browse source
This commit is contained in:
Carlo Sala 2026-04-16 20:42:08 +02:00
commit cb0125629e
No known key found for this signature in database
GPG key ID: DA6FB450C1A4FE9A
1 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

12
plugins/dotenv/dotenv.plugin.zsh
View file

@ -25,6 +25,8 @@ _parse_dotenv_content() {
esac esac
local node line key value local node line key value
local raw_value expanded prefix remainder var_name escaped_dollar_placeholder
local sq dq uq safe
local -A parsed_vars local -A parsed_vars
local -a nodes lines local -a nodes lines
@ -97,7 +99,7 @@ _parse_dotenv_content() {
key="${match[1]}" key="${match[1]}"
value="${match[2]}" value="${match[2]}"
local raw_value="$value" raw_value="$value"
# Filter out variables to be ignored for security reasons (best effort) # Filter out variables to be ignored for security reasons (best effort)
if [[ "$key" == (${~forbidden}) ]]; then if [[ "$key" == (${~forbidden}) ]]; then
@ -127,7 +129,6 @@ _parse_dotenv_content() {
# Output: DANGEROUS='$(echo this is a command)' (literal string, no command execution) # Output: DANGEROUS='$(echo this is a command)' (literal string, no command execution)
# #
# Check for potential command substitution outside of safe contexts # Check for potential command substitution outside of safe contexts
local sq dq uq safe remainder
# - single-quoted strings: command substitution is literal there # - single-quoted strings: command substitution is literal there
sq="'[^']#'" sq="'[^']#'"
# - double-quoted strings, but NOT unescaped ` or $( # - double-quoted strings, but NOT unescaped ` or $(
@ -154,14 +155,17 @@ _parse_dotenv_content() {
fi fi
# Preserve escaped dollars so they remain literal after unquoting. # Preserve escaped dollars so they remain literal after unquoting.
local escaped_dollar_placeholder=$'\001DOTENV_ESCAPED_DOLLAR\001' escaped_dollar_placeholder=$'\001DOTENV_ESCAPED_DOLLAR\001'
value="${value//\\\$/$escaped_dollar_placeholder}" value="${value//\\\$/$escaped_dollar_placeholder}"
# Unquote the value to handle special characters and multiline values. # Unquote the value to handle special characters and multiline values.
value="${(Q)value}" value="${(Q)value}"
# Expand previously parsed in-file variables without partial name matches. # Expand previously parsed in-file variables without partial name matches.
local expanded="" prefix remainder="$value" var_name expanded=""
prefix=""
remainder="$value"
var_name=""
while [[ "$remainder" == *'$'* ]]; do while [[ "$remainder" == *'$'* ]]; do
prefix="${remainder%%\$*}" prefix="${remainder%%\$*}"
expanded+="$prefix" expanded+="$prefix"