ohmyzsh

linux/ohmyzsh

Fork 0

mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2026-05-29 04:53:17 +02:00

Commit graph

Author	SHA1	Message	Date
Marc Cornellà	d170d18746	fix(dotenv): introduce safe parsing of .env files (#13778 ) Some checks failed Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled Details * fix(dotenv): expect explicit yes before loading .env file * fix(dotenv): implement secure parsing for .env files and add comprehensive tests * feat(dotenv): check for .env file size to prevent DoS * fix(dotenv): forbid setting special variables * fix(dotenv): FIFO shouldn't be read twice * fix(dotenv): unknown vars should expand to empty * fix(dotenv): reject extremely large named pipes * docs(dotenv): update to new parsing system * fix(dotenv): add support for escaped dollars * chore(dotenv): only declare local variables once * fix(dotenv): apply review suggestions * docs(dotenv): update test instructions Co-authored-by: Carlo Sala <carlosalag@protonmail.com>	2026-05-28 20:23:45 +02:00

Author

SHA1

Message

Date

Marc Cornellà

d170d18746

fix(dotenv): introduce safe parsing of .env files (#13778 )

Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled

Details

* fix(dotenv): expect explicit yes before loading .env file
* fix(dotenv): implement secure parsing for .env files and add comprehensive tests
* feat(dotenv): check for .env file size to prevent DoS
* fix(dotenv): forbid setting special variables
* fix(dotenv): FIFO shouldn't be read twice
* fix(dotenv): unknown vars should expand to empty
* fix(dotenv): reject extremely large named pipes
* docs(dotenv): update to new parsing system
* fix(dotenv): add support for escaped dollars
* chore(dotenv): only declare local variables once
* fix(dotenv): apply review suggestions
* docs(dotenv): update test instructions

Co-authored-by: Carlo Sala <carlosalag@protonmail.com>

2026-05-28 20:23:45 +02:00

1 commit