Commit graph

6413 commits

Author SHA1 Message Date
Marc Cornellà
aa99472c8a
style(simonoff): fix code style and optimize use of variables 2021-12-13 17:08:53 +01:00
Marc Cornellà
134c1ada28
fix(jonathan): fix theme for non-UTF8 locales 2021-12-13 17:08:52 +01:00
Marc Cornellà
065e8ebdd0
style(jonathan): fix code style in jonathan theme 2021-12-13 17:08:52 +01:00
Marc Cornellà
1b01496c21
fix(bira): fix color bleed in user_host prompt section (#10505)
Fixes #10505
2021-12-13 14:42:57 +01:00
Marc Cornellà
a94e263426
refactor(adben): simplify used variables and %-quote prompt functions
Closes #10474

Co-authored-by: Tom Payne <twpayne@gmail.com>
2021-12-13 11:28:51 +01:00
Marc Cornellà
428f815169
fix(lib): %-quote git prompt functions 2021-12-13 11:26:55 +01:00
fengkx
e96b8bd523
refactor(shell-proxy)!: rename env vars to SHELLPROXY_* and add usage message (#10456)
BREAKING CHANGE: the `DEFAULT_PROXY` setting has been renamed to `SHELLPROXY_URL`,
and `CONFIG_PROXY` has been renamed to `SHELLPROXY_CONFIG`. See the plugin README
for more information.

Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-12-13 11:26:05 +01:00
Frank Van Damme
a1a63f4c7d
feat(afowler): add mercurial support
Closes #5992
2021-12-13 11:17:13 +01:00
Marc Cornellà
ee46d198ad
style(afowler): simplify code and remove unnecessary variables 2021-12-13 11:10:47 +01:00
Marc Cornellà
c172624398
style(af-magic): fix code style and remove unnecessary variables 2021-12-13 11:04:51 +01:00
David Sutherland
1c07001896
fix(mercurial): correctly check for untracked files in hg_dirty (#2177)
Closes #2177
Closes #6197

Co-authored-by: Henrik Ravn <hravnx@gmail.com>
2021-12-13 10:50:56 +01:00
Marc Cornellà
4119f53004
perf(mercurial): optimize utility functions 2021-12-13 10:50:50 +01:00
Pandu POLUAN
d058801a18
feat(mercurial): add hgci alias for interactive commit (#8912)
Closes #8912
2021-12-13 10:50:18 +01:00
Romain Failliot
137b45672d
feat(bira): improve theme and add support for mercurial (#6631)
Added the red dot (instead of the default `*`) if the branch is dirty.

The bira theme only supported git, now it supports mercurial as well. It
needed ito call `hg_prompt_info` and the `ZSH_THEME_HG_PROMPT_`
variables.

Closes #6631
2021-12-13 10:50:18 +01:00
Romain Failliot
24974a135c
feat(mercurial)!: use PREFIX and SUFFIX settings in hg_prompt_info (#6631)
BREAKING CHANGE: the `hg_prompt_info` function now uses `ZSH_THEME_HG_PROMPT_PREFIX`
and `ZSH_THEME_HG_PROMPT_SUFFIX` variables when displaying branch information, similar
to the `git_prompt_info` function.

Closes #6631
2021-12-13 10:50:17 +01:00
anatolyrr
e52584c901
perf(mercurial): improve performance of hg_prompt_info (#7929)
Replaced two different calls of hg with one `hg --id --branch` for retrieving
information whether we're in a repo (will be empty if not), whether the repo is
dirty (revision id will contain "+" if there are uncommitted changed), and the
branch name.

Closes #6197
Closes #7929
2021-12-13 10:50:17 +01:00
Nicolas Cavigneaux
dcf12ba8f3
fix(mercurial): show author name in hgsl alias log alias (#3500)
Closes #3500
2021-12-13 10:50:17 +01:00
Marc Cornellà
5b987e59d0
chore: add ohmyzsh GitHub Sponsors to FUNDING.yml 2021-12-07 20:15:38 +01:00
Marc Cornellà
90e53bcc6a
ci(spelling): turn off check-spelling action temporarily 2021-12-07 19:37:28 +01:00
Josh Soref
44d8edea05
ci(spelling): automatically accept aliased commands (#10475)
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2021-12-07 18:09:34 +01:00
Marc Cornellà
29b344a710
chore: update security docs and link to huntr.dev 2021-12-07 18:04:33 +01:00
Josh Soref
841f3cb0bb
ci: add check-spelling action (#10470)
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2021-12-02 12:17:00 +01:00
whoami
46e63340ee
feat(branch): show mercurial bookmarks if used (#9948)
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-12-01 17:49:42 +01:00
Nick Aldwin
c66fc00401
feat(updater): show command to update when update skipped (#10465) 2021-12-01 12:44:15 +01:00
Marc Cornellà
e253661a9b
Revert "ci: add check-spelling GitHub Action"
This reverts commit aef393bdce.
2021-12-01 12:25:58 +01:00
Marc Cornellà
aef393bdce
ci: add check-spelling GitHub Action 2021-12-01 12:20:46 +01:00
Josh Soref
0e41181d54
chore: fix spelling errors across the project (#10459)
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2021-12-01 12:20:31 +01:00
Marc Cornellà
1c1d74c5ec
chore: update new issue templates 2021-11-30 10:34:45 +01:00
Marc Cornellà
f0f792fa6b
feat(cli): add omz version command 2021-11-30 10:13:23 +01:00
Nicholas Hawkes
bf303965e6
feat(aws): Adds the login option for AWS SSO (#9921) 2021-11-27 12:34:47 -08:00
Markus Hofbauer
58478d0888
feat(git): Add alias for rebasing to origin/main-branch (#10445) 2021-11-27 11:30:03 -08:00
Adam Cwyk
8e5f3db305
feat(dotnet): add alias for dotnet build command (#10435)
Co-authored-by: Adam Cwyk <git@adamcwyk.dev>
2021-11-26 17:23:08 -08:00
Kyle
452ddff763
feat(xcode): support .swiftpm as project file in xc (#10434) 2021-11-25 23:57:08 +01:00
Paul Scott
0314604384
fix(lib): don't error if INSIDE_EMACS is not defined (#10443) 2021-11-25 23:55:21 +01:00
Marc Cornellà
2b96b7c54b
fix(updater): stop update if $ZSH is not a git repository (#10448)
Fixes #10448
2021-11-25 23:36:38 +01:00
Marc Cornellà
15fd9c84de style(bundler): simplify bundled_commands array operations 2021-11-17 13:09:25 +01:00
Marc Cornellà
98b4801548 fix(bundler): use BUNDLE_JOBS in bi to avoid config file change
When calling `bundle install` with `--jobs=<n>`, bundle persists this
argument in `.bundle/config`. If we run `BUNDLE_JOBS=<n> bundle install`
instead, this is not persisted.

Fixes #10425
2021-11-17 13:09:25 +01:00
Aurora
ff09151d6b
fix(bgnotify): avoid permission prompts by checking frontmost app ID (#10318)
Co-authored-by: Marc Cornellà <hello@mcornella.com>
2021-11-17 11:44:04 +01:00
Marc Cornellà
88e72e8a54 fix(docker-compose)!: check for old command instead of calling docker (#10409)
BREAKING CHANGE: the plugin now checks for the `docker-compose` command instead
of trying whether `docker compose` is a valid command. This means that if the
old command is still installed it will be used instead. To use `docker compose`,
uninstall any old copies of `docker-compose`.

Fixes #10409
2021-11-17 11:05:25 +01:00
Marc Cornellà
b60b3f1842
fix(osx): deprecate osx plugin without symlink (#10428)
Fixes #10428
2021-11-17 10:53:17 +01:00
Brian Tannous
2b379ec42c
feat(kn): add plugin for kn completion (#8927) 2021-11-17 10:33:48 +01:00
Marc Cornellà
60b89cd264
feat(ssh-agent): add quiet option to silence plugin (#9659)
Closes #9659

Co-authored-by: Jeff Warner <jeff@develops.software>
2021-11-17 09:55:39 +01:00
Marc Cornellà
fb12e41353
fix(install): fix backslash in printf when showing logo (#10422)
Fixes #10422
2021-11-16 19:24:32 +01:00
Marc Cornellà
2c06852546
style(dirhistory): remove use of eval completely 2021-11-16 17:18:07 +01:00
Marc Cornellà
b3ba9978cc
fix(themes): fix potential command injection in pygmalion, pygmalion-virtualenv and refined
The pygmalion and pygmalion-virtualenv themes unsafely handle git prompt information
which results in a double evaluation of this information, so a malicious git repository
could trigger a command injection if the user cloned and entered the repository.

A similar method could be used in the refined theme. All themes have been patched against this
vulnerability.
2021-11-11 22:45:40 +01:00
Marc Cornellà
72928432f1
fix(plugins): fix potential command injection in rand-quote and hitokoto
The `rand-quote` plugin uses quotationspage.com and prints part of its content to the
shell without sanitization, which could trigger command injection. There is no evidence
that this has been exploited, but this commit removes all possibility for exploit.

Similarly, the `hitokoto` plugin uses the hitokoto.cn website to print quotes to the
shell, also without sanitization. Furthermore, there is also no evidence that this has
been exploited, but with this change it is now impossible.
2021-11-11 22:45:24 +01:00
Marc Cornellà
a263cdac9c
fix(lib): fix potential command injection in title and spectrum functions
The `title` function unsafely prints its input without sanitization, which if used
with custom user code that calls it, it could trigger command injection.

The `spectrum_ls` and `spectrum_bls` could similarly be exploited if a variable is
changed in the user's shell environment with a carefully crafted value. This is
highly unlikely to occur (and if possible, other methods would be used instead),
but with this change the exploit of these two functions is now impossible.
2021-11-11 22:45:11 +01:00
Marc Cornellà
06fc5fb129
fix(dirhistory): fix unsafe eval bug in back and forward widgets
The plugin unsafely processes directory paths in pop_past and pop_future.
This commit fixes that.
2021-11-11 22:44:28 +01:00
Marc Cornellà
6cb41b70a6
fix(lib): fix omz_urldecode unsafe eval bug
The `omz_urldecode` function uses an eval to decode the input which can be
exploited to inject commands. This is used only in the svn plugin and it
requires a complex process to exploit, so it is highly unlikely to have been
used by an attacker.
2021-11-11 22:44:18 +01:00
Marc Cornellà
1448d234d6
fix(dirhistory): fix Up/Down key bindings for Terminal.app
Reference: https://github.com/ohmyzsh/ohmyzsh/commit/7f49494#commitcomment-60117011
2021-11-11 17:20:07 +01:00