linux/ohmyzsh
1
0
Fork 0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2026-05-29 04:53:17 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
7,793 commits 2 branches 0 tags 149 MiB
Commit graph

7,793 commits

This branch
This branch
All branches
Author SHA1 Message Date
Marc Cornellà
d170d18746
 		fix(dotenv): introduce safe parsing of .env files (#13778)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
* fix(dotenv): expect explicit yes before loading .env file
* fix(dotenv): implement secure parsing for .env files and add comprehensive tests
* feat(dotenv): check for .env file size to prevent DoS
* fix(dotenv): forbid setting special variables
* fix(dotenv): FIFO shouldn't be read twice
* fix(dotenv): unknown vars should expand to empty
* fix(dotenv): reject extremely large named pipes
* docs(dotenv): update to new parsing system
* fix(dotenv): add support for escaped dollars
* chore(dotenv): only declare local variables once
* fix(dotenv): apply review suggestions
* docs(dotenv): update test instructions

Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-05-28 20:23:45 +02:00
Marc Cornellà
c90141ed77 fix: escape % characters in git prompts 
This patch adds missing % character escaping for custom git prompts
used in a few themes. It also includes escaping for git-prompt.sh.

In combination with CVE-2021-45444, this could allow code execution
when displaying branch information in cloned malicious git repositories.
However, zsh 5.8.1 and newer are largely the default zsh versions, and
on those supported distributions with older zsh versions, the CVE has been
found to be also patched.

For this reason, this doesn't qualify as a security patch, but a
bug fix for proper printing of git branches.
 2026-05-28 19:45:47 +02:00
Michele Bologna
8eff9a5455
 		fix(michelebologna): syntax, escaping, label (#13756) 2026-05-28 19:23:46 +02:00
Minh Vu
5ddb7fedcc
 		ci(deps): use resolved tag when syncing dependencies (#13764) 
Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-05-28 19:04:07 +02:00
Sediman AI
ddcdc26692
 		docs: update stale links (#13776) 
Co-authored-by: Sediman <jason@sediman.com>
 2026-05-28 18:56:03 +02:00
Minh Vu
fb03e414ee
 		ci(deps): detect add-only vendored changes (#13765) 2026-05-28 18:54:11 +02:00
Iyigun Cevik
b26b500263
 		feat(juju): add native zsh completion and fix plugin utilities (#13663) 2026-05-27 16:37:23 +02:00
Oliver Jahren
fe11a3ae23
 		fix(dnf): use --installed to support dnf 4 and 5 (#13772) 2026-05-27 10:22:10 +02:00
Sediman AI
87a9b16b72
 		fix(alias-finder): use ? quantifier for BSD compat (#13774) 
Co-authored-by: Sediman <jason@sediman.com>
 2026-05-27 10:16:00 +02:00
OKWN
857a646516
 		docs(tt): rename README.MD to README.md (#13773) 2026-05-27 10:02:17 +02:00
dependabot[bot]
5ef67beadb
 		chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0 (#13767) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-26 10:12:39 +02:00
dependabot[bot]
d633270784
 		chore(deps): bump step-security/harden-runner from 2.19.3 to 2.19.4 (#13768) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-26 10:12:19 +02:00
ohmyzsh[bot]
43c68566be chore(kube-ps1): update to 04af46f7 2026-05-24 14:41:59 +02:00
Md Mushfiqur Rahim
cb64103161
 		fix(aliases): preserve trailing double quotes in als output (#13744)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Co-authored-by: Codebuff Contributor <contributor@codebuff.com>
 2026-05-18 09:00:15 +02:00
Masaru Iritani
0eecd2821e
 		fix(tmux): respect ZSH_TMUX_UNICODE in tds (#13741) 2026-05-18 08:51:48 +02:00
rock2z
2a5313a9d0
 		docs(git): document missing aliases (#13742) 2026-05-18 08:51:23 +02:00
Kaspar V.
24959d5817
 		feat(pass-cli): add completions plugin (#13740) 2026-05-18 08:47:51 +02:00
dependabot[bot]
efd6135bf5
 		chore(deps): bump step-security/harden-runner from 2.19.1 to 2.19.3 (#13755) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:45:12 +02:00
dependabot[bot]
c68e752b1b
 		chore(deps): bump idna from 3.13 to 3.15 in /.github/workflows/dependencies (#13754) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:44:51 +02:00
dependabot[bot]
8d0ff417c3
 		chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 (#13751) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:44:28 +02:00
dependabot[bot]
80a6f169c7
 		chore(deps): bump requests from 2.33.1 to 2.34.2 in /.github/workflows/dependencies (#13752) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:44:05 +02:00
dependabot[bot]
c4e39ad56b
 		chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0 (#13753) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:43:53 +02:00
ohmyzsh[bot]
7478f1fd22
 		chore(kube-ps1): update to 7d575c6d (#13750) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-05-17 11:58:14 +02:00
dependabot[bot]
a07126330b
 		chore(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (#13737)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.3 to 4.35.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e46ed2cbd0...68bde559de)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-11 11:00:26 +02:00
dependabot[bot]
1381fec0bf
 		chore(deps): bump urllib3 from 2.6.3 to 2.7.0 in /.github/workflows/dependencies (#13738) 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.6.3 to 2.7.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.6.3...2.7.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-11 11:00:05 +02:00
Laurens Rouw
3604dc23e0
 		feat(jj): add new alias for new bookmark advance command (#13638)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
2026-05-06 11:42:33 -07:00
ChrisJr404
8ab16fa493
 		docs(brew): correct brews description (#13730) 2026-05-06 14:34:32 +02:00
ohmyzsh[bot]
e64912e0c1
 		chore(gradle): update to version d8bc301a (#13724) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-05-04 09:20:10 +02:00
ohmyzsh[bot]
c24960c324
 		chore(z): update to version acd0e198 (#13725) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-05-04 09:19:36 +02:00
dependabot[bot]
571439d06b
 		chore(deps): bump step-security/harden-runner from 2.19.0 to 2.19.1 (#13727) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 09:18:30 +02:00
dependabot[bot]
ff8297b0a9
 		chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#13726) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 09:18:11 +02:00
Fabricio
e7aa0c56e6
 		feat(fnm): add autostart option to setup fnm env (#12972)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
2026-04-30 10:03:00 +02:00
ohmyzsh[bot]
2d5841740a
 		chore(z): update to 519e5796 (#13716) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
Co-authored-by: Mahesh Subramanian <maheshpec123@gmail.com>
 2026-04-28 09:41:08 +02:00
Dylan Roman
278ee100fc
 		fix(git): replace deprecated syntax for percent substitution in prompt (#13705) (#13706) 
Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-04-27 14:50:08 +02:00
Stephan Schielke
52c830cd32
 		fix(poetry-env): handle Poetry returning "." for venv path (#13183) 2026-04-27 11:06:54 +02:00
Thomas Renoth
8c3cce964a
 		feat(bgnotify): add niri WM support (#13707) 2026-04-27 09:33:31 +02:00
ohmyzsh[bot]
d50115afd6
 		chore(z): update to version ae10ba3f (#13710) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-04-27 09:20:10 +02:00
dependabot[bot]
232c6e4d8d
 		chore(deps): bump idna from 3.11 to 3.13 in /.github/workflows/dependencies (#13712) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 09:19:09 +02:00
dependabot[bot]
50c56eb49b
 		chore(deps): bump certifi from 2026.2.25 to 2026.4.22 in /.github/workflows/dependencies (#13713) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 09:15:39 +02:00
dependabot[bot]
bbe8cace5a
 		chore(deps): bump step-security/harden-runner from 2.18.0 to 2.19.0 (#13711) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 09:15:13 +02:00
Truffle
349b9e49ce
 		docs(kubectl): add missing aliases (#13699)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
2026-04-20 11:01:03 +02:00
chaoliang yan
a4ee4daf3c
 		fix(tmux): treat xterm-direct as 256-color (#13700) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: lawrence3699 <lawrence3699@users.noreply.github.com>
Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-04-20 11:00:37 +02:00
dependabot[bot]
7a6357cbf6
 		chore(deps): bump step-security/harden-runner from 2.17.0 to 2.18.0 (#13697) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 10:55:24 +02:00
dependabot[bot]
106b887c1f
 		chore(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#13698) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 10:54:07 +02:00
Carlo Sala
e42ac8c57b
 		ci: add strong permission (#13694)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
2026-04-16 19:05:24 +02:00
Carlo Sala
061f773dd3
 		ci: use client-id rather than app-id (#13690) 2026-04-13 11:31:03 +02:00
dependabot[bot]
c53cfb2de4
 		chore(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#13689) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-13 10:51:45 +02:00
dependabot[bot]
1708d84b70
 		chore(deps): bump step-security/harden-runner from 2.16.1 to 2.17.0 (#13687) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-13 09:54:42 +02:00
dependabot[bot]
46c673072e
 		chore(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#13688) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-13 09:54:23 +02:00
Chris Schindlbeck
7c10d9839f feat(terraform): add aliases for terraform: tfapp, tfpo
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
2026-04-07 12:25:32 +02:00