From e86c6f5e7fc9f024a427e2870ab70644b5454725 Mon Sep 17 00:00:00 2001 From: Kevin Burke Date: Tue, 9 Nov 2021 00:04:10 -0800 Subject: style: use `-n` flag in `head` and `tail` commands (#10391) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Marc Cornellà --- lib/diagnostics.zsh | 2 +- lib/directories.zsh | 2 +- lib/functions.zsh | 4 ++-- lib/git.zsh | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) (limited to 'lib') diff --git a/lib/diagnostics.zsh b/lib/diagnostics.zsh index 650520797..eaeba7d23 100644 --- a/lib/diagnostics.zsh +++ b/lib/diagnostics.zsh @@ -335,7 +335,7 @@ function _omz_diag_dump_os_specific_version() { builtin echo "OS Version: $osname $osver build $(sw_vers -buildVersion)" ;; cygwin) - command systeminfo | command head -4 | command tail -2 + command systeminfo | command head -n 4 | command tail -n 2 ;; esac diff --git a/lib/directories.zsh b/lib/directories.zsh index 6696854b0..c62f56468 100644 --- a/lib/directories.zsh +++ b/lib/directories.zsh @@ -26,7 +26,7 @@ function d () { if [[ -n $1 ]]; then dirs "$@" else - dirs -v | head -10 + dirs -v | head -n 10 fi } compdef _dirs d diff --git a/lib/functions.zsh b/lib/functions.zsh index 73b491a59..fc53611b8 100644 --- a/lib/functions.zsh +++ b/lib/functions.zsh @@ -1,7 +1,7 @@ function zsh_stats() { fc -l 1 \ | awk '{ CMD[$2]++; count++; } END { for (a in CMD) print CMD[a] " " CMD[a]*100/count "% " a }' \ - | grep -v "./" | sort -nr | head -20 | column -c3 -s " " -t | nl + | grep -v "./" | sort -nr | head -n 20 | column -c3 -s " " -t | nl } function uninstall_oh_my_zsh() { @@ -45,7 +45,7 @@ function takeurl() { data="$(mktemp)" curl -L "$1" > "$data" tar xf "$data" - thedir="$(tar tf "$data" | head -1)" + thedir="$(tar tf "$data" | head -n 1)" rm "$data" cd "$thedir" } diff --git a/lib/git.zsh b/lib/git.zsh index 9a615e77b..8623473b0 100644 --- a/lib/git.zsh +++ b/lib/git.zsh @@ -51,7 +51,7 @@ function parse_git_dirty() { FLAGS+="--ignore-submodules=${GIT_STATUS_IGNORE_SUBMODULES:-dirty}" ;; esac - STATUS=$(__git_prompt_git status ${FLAGS} 2> /dev/null | tail -1) + STATUS=$(__git_prompt_git status ${FLAGS} 2> /dev/null | tail -n 1) fi if [[ -n $STATUS ]]; then echo "$ZSH_THEME_GIT_PROMPT_DIRTY" -- cgit v1.2.3-70-g09d2 From 9a11b34101a218532f5133b78e55e48e3dbeb2e5 Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Tue, 9 Nov 2021 12:03:59 +0100 Subject: fix(cli): fix check for completion files in `omz plugin load` --- lib/cli.zsh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/cli.zsh b/lib/cli.zsh index 0b6bbc6cb..2975acb91 100644 --- a/lib/cli.zsh +++ b/lib/cli.zsh @@ -446,9 +446,9 @@ function _omz::plugin::load { fi # Check if it has completion to reload compinit - if [[ -f "$base/_$plugin" ]]; then - has_completion=1 - fi + local -a comp_files + comp_files=($base/_*(N)) + has_completion=$(( $#comp_files > 0 )) # Load the plugin if [[ -f "$base/$plugin.plugin.zsh" ]]; then -- cgit v1.2.3-70-g09d2 From 1d166eaaa138d7413365205c61412ccb68286b3a Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Wed, 10 Nov 2021 11:35:17 +0100 Subject: fix(cli): avoid `git -C` for compatibility with git < v1.8.5 (#10404) --- lib/cli.zsh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/cli.zsh b/lib/cli.zsh index 2975acb91..d90cc6469 100644 --- a/lib/cli.zsh +++ b/lib/cli.zsh @@ -36,7 +36,7 @@ function _omz { elif (( CURRENT == 3 )); then case "$words[2]" in changelog) local -a refs - refs=("${(@f)$(command git -C "$ZSH" for-each-ref --format="%(refname:short):%(subject)" refs/heads refs/tags)}") + refs=("${(@f)$(cd "$ZSH"; command git for-each-ref --format="%(refname:short):%(subject)" refs/heads refs/tags)}") _describe 'command' refs ;; plugin) subcmds=( 'disable:Disable plugin(s)' @@ -171,9 +171,12 @@ EOF function _omz::changelog { local version=${1:-HEAD} format=${3:-"--text"} - if ! command git -C "$ZSH" show-ref --verify refs/heads/$version &>/dev/null && \ - ! command git -C "$ZSH" show-ref --verify refs/tags/$version &>/dev/null && \ - ! command git -C "$ZSH" rev-parse --verify "${version}^{commit}" &>/dev/null; then + if ( + cd "$ZSH" + ! command git show-ref --verify refs/heads/$version && \ + ! command git show-ref --verify refs/tags/$version && \ + ! command git rev-parse --verify "${version}^{commit}" + ) &>/dev/null; then cat >&2 < Date: Mon, 8 Nov 2021 17:46:14 +0100 Subject: fix(lib): fix `omz_urldecode` unsafe eval bug The `omz_urldecode` function uses an eval to decode the input which can be exploited to inject commands. This is used only in the svn plugin and it requires a complex process to exploit, so it is highly unlikely to have been used by an attacker. --- lib/functions.zsh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/functions.zsh b/lib/functions.zsh index fc53611b8..61f4dd49e 100644 --- a/lib/functions.zsh +++ b/lib/functions.zsh @@ -237,12 +237,11 @@ function omz_urldecode { tmp=${tmp:gs/\\/\\\\/} # Handle %-escapes by turning them into `\xXX` printf escapes tmp=${tmp:gs/%/\\x/} - local decoded - eval "decoded=\$'$tmp'" + local decoded="$(printf -- "$tmp")" # Now we have a UTF-8 encoded string in the variable. We need to re-encode # it if caller is in a non-UTF-8 locale. - local safe_encodings + local -a safe_encodings safe_encodings=(UTF-8 utf8 US-ASCII) if [[ -z ${safe_encodings[(r)$caller_encoding]} ]]; then decoded=$(echo -E "$decoded" | iconv -f UTF-8 -t $caller_encoding) -- cgit v1.2.3-70-g09d2 From a263cdac9c15de4003d3289a53cad1d19c8cfb3f Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Tue, 9 Nov 2021 09:08:18 +0100 Subject: fix(lib): fix potential command injection in `title` and `spectrum` functions The `title` function unsafely prints its input without sanitization, which if used with custom user code that calls it, it could trigger command injection. The `spectrum_ls` and `spectrum_bls` could similarly be exploited if a variable is changed in the user's shell environment with a carefully crafted value. This is highly unlikely to occur (and if possible, other methods would be used instead), but with this change the exploit of these two functions is now impossible. --- lib/spectrum.zsh | 6 ++++-- lib/termsupport.zsh | 13 ++++++------- 2 files changed, 10 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/spectrum.zsh b/lib/spectrum.zsh index d5c22a8c5..97f5c360a 100644 --- a/lib/spectrum.zsh +++ b/lib/spectrum.zsh @@ -20,16 +20,18 @@ done # Show all 256 colors with color number function spectrum_ls() { + setopt localoptions nopromptsubst local ZSH_SPECTRUM_TEXT=${ZSH_SPECTRUM_TEXT:-Arma virumque cano Troiae qui primus ab oris} for code in {000..255}; do - print -P -- "$code: $FG[$code]$ZSH_SPECTRUM_TEXT%{$reset_color%}" + print -P -- "$code: ${FG[$code]}${ZSH_SPECTRUM_TEXT}%{$reset_color%}" done } # Show all 256 colors where the background is set to specific color function spectrum_bls() { + setopt localoptions nopromptsubst local ZSH_SPECTRUM_TEXT=${ZSH_SPECTRUM_TEXT:-Arma virumque cano Troiae qui primus ab oris} for code in {000..255}; do - print -P -- "$code: $BG[$code]$ZSH_SPECTRUM_TEXT%{$reset_color%}" + print -P -- "$code: ${BG[$code]}${ZSH_SPECTRUM_TEXT}%{$reset_color%}" done } diff --git a/lib/termsupport.zsh b/lib/termsupport.zsh index ef0d78895..49f64400b 100644 --- a/lib/termsupport.zsh +++ b/lib/termsupport.zsh @@ -7,8 +7,7 @@ # (In screen, only short_tab_title is used) # Limited support for Apple Terminal (Terminal can't set window and tab separately) function title { - emulate -L zsh - setopt prompt_subst + setopt localoptions nopromptsubst # Don't set the title if inside emacs, unless using vterm [[ -n "$INSIDE_EMACS" && "$INSIDE_EMACS" != vterm ]] && return @@ -48,13 +47,13 @@ fi # Runs before showing the prompt function omz_termsupport_precmd { - [[ "${DISABLE_AUTO_TITLE:-}" == true ]] && return - title $ZSH_THEME_TERM_TAB_TITLE_IDLE $ZSH_THEME_TERM_TITLE_IDLE + [[ "${DISABLE_AUTO_TITLE:-}" != true ]] || return + title "$ZSH_THEME_TERM_TAB_TITLE_IDLE" "$ZSH_THEME_TERM_TITLE_IDLE" } # Runs before executing the command function omz_termsupport_preexec { - [[ "${DISABLE_AUTO_TITLE:-}" == true ]] && return + [[ "${DISABLE_AUTO_TITLE:-}" != true ]] || return emulate -L zsh setopt extended_glob @@ -97,10 +96,10 @@ function omz_termsupport_preexec { fi # cmd name only, or if this is sudo or ssh, the next cmd - local CMD=${1[(wr)^(*=*|sudo|ssh|mosh|rake|-*)]:gs/%/%%} + local CMD="${1[(wr)^(*=*|sudo|ssh|mosh|rake|-*)]:gs/%/%%}" local LINE="${2:gs/%/%%}" - title '$CMD' '%100>...>$LINE%<<' + title "$CMD" "%100>...>${LINE}%<<" } autoload -Uz add-zsh-hook -- cgit v1.2.3-70-g09d2 From 0314604384529fb535825bf1d93c6fdb3c5ccbbe Mon Sep 17 00:00:00 2001 From: Paul Scott Date: Thu, 25 Nov 2021 22:55:21 +0000 Subject: fix(lib): don't error if `INSIDE_EMACS` is not defined (#10443) --- lib/termsupport.zsh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/termsupport.zsh b/lib/termsupport.zsh index 49f64400b..4035d10a1 100644 --- a/lib/termsupport.zsh +++ b/lib/termsupport.zsh @@ -10,7 +10,7 @@ function title { setopt localoptions nopromptsubst # Don't set the title if inside emacs, unless using vterm - [[ -n "$INSIDE_EMACS" && "$INSIDE_EMACS" != vterm ]] && return + [[ -n "${INSIDE_EMACS:-}" && "$INSIDE_EMACS" != vterm ]] && return # if $2 is unset use $1 as default # if it is set and empty, leave it as is -- cgit v1.2.3-70-g09d2 From f0f792fa6b207bc72453ae55011b6b44f678fb78 Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Tue, 30 Nov 2021 10:13:23 +0100 Subject: feat(cli): add `omz version` command --- lib/cli.zsh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'lib') diff --git a/lib/cli.zsh b/lib/cli.zsh index d90cc6469..aed84e08f 100644 --- a/lib/cli.zsh +++ b/lib/cli.zsh @@ -29,6 +29,7 @@ function _omz { 'reload:Reload the current zsh session' 'theme:Manage themes' 'update:Update Oh My Zsh' + 'version:Show the version' ) if (( CURRENT == 2 )); then @@ -164,6 +165,7 @@ Available commands: reload Reload the current zsh session theme Manage themes update Update Oh My Zsh + version Show the version EOF } @@ -777,3 +779,24 @@ function _omz::update { [[ "$zsh" = -* || -o login ]] && exec -l "${zsh#-}" || exec "$zsh" fi } + +function _omz::version { + ( + cd "$ZSH" + + # Get the version name: + # 1) try tag-like version + # 2) try name-rev + # 3) try branch name + local version + version=$(command git describe --tags HEAD 2>/dev/null) \ + || version=$(command git name-rev --no-undefined --name-only --exclude="remotes/*" HEAD 2>/dev/null) \ + || version=$(command git symbolic-ref --quiet --short HEAD 2>/dev/null) + + # Get short hash for the current HEAD + local commit=$(command git rev-parse --short HEAD 2>/dev/null) + + # Show version and commit hash + printf "%s (%s)\n" "$version" "$commit" + ) +} -- cgit v1.2.3-70-g09d2 From 428f815169ea8ff4918cff41d8ab68fe9d9c0c7a Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Tue, 30 Nov 2021 17:43:36 +0100 Subject: fix(lib): %-quote git prompt functions --- lib/git.zsh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/git.zsh b/lib/git.zsh index 8623473b0..62aac8f39 100644 --- a/lib/git.zsh +++ b/lib/git.zsh @@ -29,7 +29,7 @@ function git_prompt_info() { && upstream=" -> ${upstream}" fi - echo "${ZSH_THEME_GIT_PROMPT_PREFIX}${ref}${upstream}$(parse_git_dirty)${ZSH_THEME_GIT_PROMPT_SUFFIX}" + echo "${ZSH_THEME_GIT_PROMPT_PREFIX}${ref:gs/%/%%}${upstream:gs/%/%%}$(parse_git_dirty)${ZSH_THEME_GIT_PROMPT_SUFFIX}" } # Checks if working tree is dirty -- cgit v1.2.3-70-g09d2 From 9a3d853481645ae0f961e9cc8421fc5d84e2c3c3 Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Mon, 13 Dec 2021 17:43:32 +0100 Subject: fix: quote % characters in ruby prompt info functions --- lib/prompt_info_functions.zsh | 2 +- plugins/chruby/chruby.plugin.zsh | 2 +- plugins/rbenv/rbenv.plugin.zsh | 4 ++-- plugins/rbfu/rbfu.plugin.zsh | 3 ++- 4 files changed, 6 insertions(+), 5 deletions(-) (limited to 'lib') diff --git a/lib/prompt_info_functions.zsh b/lib/prompt_info_functions.zsh index 48f033da6..e5535848b 100644 --- a/lib/prompt_info_functions.zsh +++ b/lib/prompt_info_functions.zsh @@ -30,7 +30,7 @@ function rvm_prompt_info() { local rvm_prompt rvm_prompt=$($HOME/.rvm/bin/rvm-prompt ${=ZSH_THEME_RVM_PROMPT_OPTIONS} 2>/dev/null) [[ -z "${rvm_prompt}" ]] && return 1 - echo "${ZSH_THEME_RUBY_PROMPT_PREFIX}${rvm_prompt}${ZSH_THEME_RUBY_PROMPT_SUFFIX}" + echo "${ZSH_THEME_RUBY_PROMPT_PREFIX}${rvm_prompt:gs/%/%%}${ZSH_THEME_RUBY_PROMPT_SUFFIX}" } ZSH_THEME_RVM_PROMPT_OPTIONS="i v g" diff --git a/plugins/chruby/chruby.plugin.zsh b/plugins/chruby/chruby.plugin.zsh index 61ded3b73..d7a28d4e2 100644 --- a/plugins/chruby/chruby.plugin.zsh +++ b/plugins/chruby/chruby.plugin.zsh @@ -73,7 +73,7 @@ function current_ruby() { } function chruby_prompt_info() { - echo "$(current_ruby)" + echo "${$(current_ruby):gs/%/%%}" } # Complete chruby command with installed rubies diff --git a/plugins/rbenv/rbenv.plugin.zsh b/plugins/rbenv/rbenv.plugin.zsh index d36d4922c..d758aebae 100644 --- a/plugins/rbenv/rbenv.plugin.zsh +++ b/plugins/rbenv/rbenv.plugin.zsh @@ -47,7 +47,7 @@ if [[ $FOUND_RBENV -eq 1 ]]; then } function rbenv_prompt_info() { - local ruby=$(current_ruby) gemset=$(current_gemset) + local ruby=${$(current_ruby):gs/%/%%} gemset=${$(current_gemset):gs/%/%%} echo -n "${ZSH_THEME_RUBY_PROMPT_PREFIX}" [[ -n "$gemset" ]] && echo -n "${ruby}@${gemset}" || echo -n "${ruby}" echo "${ZSH_THEME_RUBY_PROMPT_SUFFIX}" @@ -60,7 +60,7 @@ else function gems() { echo "not supported" } function rbenv_prompt_info() { echo -n "${ZSH_THEME_RUBY_PROMPT_PREFIX}" - echo -n "system: $(ruby -v | cut -f-2 -d ' ')" + echo -n "system: $(ruby -v | cut -f-2 -d ' ' | sed 's/%/%%/g')" echo "${ZSH_THEME_RUBY_PROMPT_SUFFIX}" } fi diff --git a/plugins/rbfu/rbfu.plugin.zsh b/plugins/rbfu/rbfu.plugin.zsh index c973fbf9f..27dc3eec6 100644 --- a/plugins/rbfu/rbfu.plugin.zsh +++ b/plugins/rbfu/rbfu.plugin.zsh @@ -45,4 +45,5 @@ function rbfu-rubies() { # Public: Create rvm_prompt_info command for themes compatibility, unless # it has already been defined. -[ ! -x rvm_prompt_info ] && function rvm_prompt_info() { echo "${RBFU_RUBY_VERSION:=system}" } +(( ${+functions[rvm_prompt_info]} )) || \ +function rvm_prompt_info() { echo "${${RBFU_RUBY_VERSION:=system}:gs/%/%%}" } -- cgit v1.2.3-70-g09d2 From 4b4cc9a4a57468218b25b10c21c1e6060f42544b Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Thu, 16 Dec 2021 10:50:34 +0100 Subject: fix(cli): fix plugin and theme suggestions in completion for older zsh versions --- lib/cli.zsh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/cli.zsh b/lib/cli.zsh index aed84e08f..4917bc354 100644 --- a/lib/cli.zsh +++ b/lib/cli.zsh @@ -68,10 +68,12 @@ function _omz { _describe 'plugin' valid_plugins ;; plugin::info) - local -aU plugins=("$ZSH"/plugins/*/{_*,*.plugin.zsh}(.N:h:t) "$ZSH_CUSTOM"/plugins/*/{_*,*.plugin.zsh}(.N:h:t)) + local -aU plugins + plugins=("$ZSH"/plugins/*/{_*,*.plugin.zsh}(.N:h:t) "$ZSH_CUSTOM"/plugins/*/{_*,*.plugin.zsh}(.N:h:t)) _describe 'plugin' plugins ;; theme::(set|use)) - local -aU themes=("$ZSH"/themes/*.zsh-theme(.N:t:r) "$ZSH_CUSTOM"/**/*.zsh-theme(.N:r:gs:"$ZSH_CUSTOM"/themes/:::gs:"$ZSH_CUSTOM"/:::)) + local -aU themes + themes=("$ZSH"/themes/*.zsh-theme(.N:t:r) "$ZSH_CUSTOM"/**/*.zsh-theme(.N:r:gs:"$ZSH_CUSTOM"/themes/:::gs:"$ZSH_CUSTOM"/:::)) _describe 'theme' themes ;; esac elif (( CURRENT > 4 )); then -- cgit v1.2.3-70-g09d2