mirror of
https://github.com/ohmyzsh/ohmyzsh.git
synced 2026-05-29 04:53:17 +02:00
c90141ed77
This patch adds missing % character escaping for custom git prompts used in a few themes. It also includes escaping for git-prompt.sh. In combination with CVE-2021-45444, this could allow code execution when displaying branch information in cloned malicious git repositories. However, zsh 5.8.1 and newer are largely the default zsh versions, and on those supported distributions with older zsh versions, the CVE has been found to be also patched. For this reason, this doesn't qualify as a security patch, but a bug fix for proper printing of git branches. |
||
|---|---|---|
| .. | ||
| _git | ||
| git-completion.bash | ||
| git-prompt.sh | ||
| gitfast.plugin.zsh | ||
| MANUAL.adoc | ||
| README.md | ||
Gitfast plugin
This plugin adds completion for Git, using the zsh completion from git.git folks, which is much faster than the official one from zsh. A lot of zsh-specific features are not supported, like descriptions for every argument, but everything the bash completion has, this one does too (as it is using it behind the scenes). Not only is it faster, it should be more robust, and updated regularly to the latest git upstream version.
To use it, add gitfast to the plugins array in your zshrc file:
plugins=(... gitfast)