| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-12-07 | ci(spelling): turn off check-spelling action temporarily | Marc Cornellà | |
| 2021-12-07 | ci(spelling): automatically accept aliased commands (#10475) | Josh Soref | |
| Co-authored-by: Josh Soref <jsoref@users.noreply.github.com> | |||
| 2021-12-07 | chore: update security docs and link to huntr.dev | Marc Cornellà | |
| 2021-12-02 | ci: add `check-spelling` action (#10470) | Josh Soref | |
| Co-authored-by: Josh Soref <jsoref@users.noreply.github.com> | |||
| 2021-12-01 | feat(branch): show mercurial bookmarks if used (#9948) | whoami | |
| Co-authored-by: Marc Cornellà <hello@mcornella.com> | |||
| 2021-12-01 | feat(updater): show command to update when update skipped (#10465) | Nick Aldwin | |
| 2021-12-01 | Revert "ci: add `check-spelling` GitHub Action" | Marc Cornellà | |
| This reverts commit aef393bdce523ed5e5754721965fab2da8080119. | |||
| 2021-12-01 | ci: add `check-spelling` GitHub Action | Marc Cornellà | |
| 2021-12-01 | chore: fix spelling errors across the project (#10459) | Josh Soref | |
| Co-authored-by: Josh Soref <jsoref@users.noreply.github.com> | |||
| 2021-11-30 | chore: update new issue templates | Marc Cornellà | |
| 2021-11-30 | feat(cli): add `omz version` command | Marc Cornellà | |
| 2021-11-27 | feat(aws): Adds the login option for AWS SSO (#9921) | Nicholas Hawkes | |
| 2021-11-27 | feat(git): Add alias for rebasing to origin/main-branch (#10445) | Markus Hofbauer | |
| 2021-11-26 | feat(dotnet): add alias for `dotnet build` command (#10435) | Adam Cwyk | |
| Co-authored-by: Adam Cwyk <git@adamcwyk.dev> | |||
| 2021-11-25 | feat(xcode): support `.swiftpm` as project file in `xc` (#10434) | Kyle | |
| 2021-11-25 | fix(lib): don't error if `INSIDE_EMACS` is not defined (#10443) | Paul Scott | |
| 2021-11-25 | fix(updater): stop update if `$ZSH` is not a git repository (#10448) | Marc Cornellà | |
| Fixes #10448 | |||
| 2021-11-17 | style(bundler): simplify `bundled_commands` array operations | Marc Cornellà | |
| 2021-11-17 | fix(bundler): use BUNDLE_JOBS in `bi` to avoid config file change | Marc Cornellà | |
| When calling `bundle install` with `--jobs=<n>`, bundle persists this argument in `.bundle/config`. If we run `BUNDLE_JOBS=<n> bundle install` instead, this is not persisted. Fixes #10425 | |||
| 2021-11-17 | fix(bgnotify): avoid permission prompts by checking frontmost app ID (#10318) | Aurora | |
| Co-authored-by: Marc Cornellà <hello@mcornella.com> | |||
| 2021-11-17 | fix(docker-compose)!: check for old command instead of calling `docker` (#10409) | Marc Cornellà | |
| BREAKING CHANGE: the plugin now checks for the `docker-compose` command instead of trying whether `docker compose` is a valid command. This means that if the old command is still installed it will be used instead. To use `docker compose`, uninstall any old copies of `docker-compose`. Fixes #10409 | |||
| 2021-11-17 | fix(osx): deprecate `osx` plugin without symlink (#10428) | Marc Cornellà | |
| Fixes #10428 | |||
| 2021-11-17 | feat(kn): add plugin for `kn` completion (#8927) | Brian Tannous | |
| 2021-11-17 | feat(ssh-agent): add `quiet` option to silence plugin (#9659) | Marc Cornellà | |
| Closes #9659 Co-authored-by: Jeff Warner <jeff@develops.software> | |||
| 2021-11-16 | fix(install): fix backslash in `printf` when showing logo (#10422) | Marc Cornellà | |
| Fixes #10422 | |||
| 2021-11-16 | style(dirhistory): remove use of `eval` completely | Marc Cornellà | |
| 2021-11-11 | fix(themes): fix potential command injection in `pygmalion`, ↵ | Marc Cornellà | |
| `pygmalion-virtualenv` and `refined` The pygmalion and pygmalion-virtualenv themes unsafely handle git prompt information which results in a double evaluation of this information, so a malicious git repository could trigger a command injection if the user cloned and entered the repository. A similar method could be used in the refined theme. All themes have been patched against this vulnerability. | |||
| 2021-11-11 | fix(plugins): fix potential command injection in `rand-quote` and `hitokoto` | Marc Cornellà | |
| The `rand-quote` plugin uses quotationspage.com and prints part of its content to the shell without sanitization, which could trigger command injection. There is no evidence that this has been exploited, but this commit removes all possibility for exploit. Similarly, the `hitokoto` plugin uses the hitokoto.cn website to print quotes to the shell, also without sanitization. Furthermore, there is also no evidence that this has been exploited, but with this change it is now impossible. | |||
| 2021-11-11 | fix(lib): fix potential command injection in `title` and `spectrum` functions | Marc Cornellà | |
| The `title` function unsafely prints its input without sanitization, which if used with custom user code that calls it, it could trigger command injection. The `spectrum_ls` and `spectrum_bls` could similarly be exploited if a variable is changed in the user's shell environment with a carefully crafted value. This is highly unlikely to occur (and if possible, other methods would be used instead), but with this change the exploit of these two functions is now impossible. | |||
| 2021-11-11 | fix(dirhistory): fix unsafe eval bug in back and forward widgets | Marc Cornellà | |
| The plugin unsafely processes directory paths in pop_past and pop_future. This commit fixes that. | |||
| 2021-11-11 | fix(lib): fix `omz_urldecode` unsafe eval bug | Marc Cornellà | |
| The `omz_urldecode` function uses an eval to decode the input which can be exploited to inject commands. This is used only in the svn plugin and it requires a complex process to exploit, so it is highly unlikely to have been used by an attacker. | |||
| 2021-11-11 | fix(dirhistory): fix Up/Down key bindings for Terminal.app | Marc Cornellà | |
| Reference: https://github.com/ohmyzsh/ohmyzsh/commit/7f49494#commitcomment-60117011 | |||
| 2021-11-10 | fix(command-not-found): pass arguments correctly in Termux (#10403) | Kirill Molchanov | |
| 2021-11-10 | fix(cli): avoid `git -C` for compatibility with git < v1.8.5 (#10404) | Marc Cornellà | |
| 2021-11-10 | fix(updater): avoid `git -C` for compatibility with git < v1.8.5 (#10404) | Marc Cornellà | |
| Fixes #10404 | |||
| 2021-11-09 | refactor(updater): simplify check for available updates | Marc Cornellà | |
| 2021-11-09 | style(frontend-search): rename completion file to `_frontend` | Marc Cornellà | |
| 2021-11-09 | fix(cli): fix check for completion files in `omz plugin load` | Marc Cornellà | |
| 2021-11-09 | fix(emotty): fix glyphs output width in emotty theme | Marc Cornellà | |
| 2021-11-09 | feat(refined): allow selecting git branch by changing prefix to `:` (#10400) | Janusz Mordarski | |
| 2021-11-09 | style: use `-n` flag in `head` and `tail` commands (#10391) | Kevin Burke | |
| Co-authored-by: Marc Cornellà <hello@mcornella.com> | |||
| 2021-11-08 | feat(tmux): set session name with `ZSH_TMUX_DEFAULT_SESSION_NAME` (#9063) | Shahin Sorkh | |
| 2021-11-08 | refactor(percol): fix style, bind keys for vi-mode and remove dependencies | Marc Cornellà | |
| 2021-11-05 | refactor(osx): Rename osx plugin to macos (#10341) | Jonathan Batchelor | |
| Apple changed the name of their operating system from OS X to macOS a number of years ago. This was overdue! As per issue #10311 * refactor(osx): rename `osx` plugin to `macos` * refactor(macos): Add symbolic link from old `osx` plugin name. | |||
| 2021-11-05 | fix(updater): stop update if connection unavailable | Marc Cornellà | |
| 2021-11-03 | docs: add Security Policy | Marc Cornellà | |
| 2021-11-03 | fix(command-not-found): pass arguments correctly in NixOS (#10381) | amnore | |
| 2021-11-02 | feat(ys): increase color contrast with light color schemes (#10295) | Aaron Hutchinson | |
| 2021-11-02 | feat(dirhistory): support urxvt terminal key binding (#8370) | Michael Peick | |
| Closes #8370 | |||
| 2021-11-02 | fix(dirhistory): fix ALT+Up/Down key bindings for Terminal.app | Marc Cornellà | |
