To disable gnu-ls (`gls`) even if it's installed in freeBSD and macOS
you can set it up with:
```zsh
zstyle ':omz:lib:theme-and-appearance' gnu-ls no
```
Closes#11647
Previously this was only emitted on macOS with Apple's Terminal.app (and
compatible clones like iTerm2), but it is used by other terminal emulators
as well to obtain the actual current working directory wiht symlinks intact.
All non-supporting terminal emulators tested gracefully ignored this value,
so emit this on these as well in case they (or some other app masquarading
as them) add future support for this value.
Closes#9914
Co-authored-by: Marc Cornellà <hello@mcornella.com>
BREAKING CHANGE: the previous zstyle setting to disable `lib/directories.zsh` aliases has
been changed to the new syntax: `zstyle ':omz:lib:directories' aliases no`. See
https://github.com/ohmyzsh/ohmyzsh#skip-aliases to see other ways you can use this setting.
Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
This fixes an edge case where the user actually sets
zstyle ':completion:*' list-colors
in their zshrc, but the previous code used a precmd hook, which would
override the user changes. With this change our modifications will be
set in the init script, after the theme loads, so that later changes
can affect our defaults.
Note that this will not be run for users on plugin managers, as these
don't generally run our init script.
BREAKING CHANGE: This commit removes aliases for some commands that
previously were not being autocorrected. If you are using
autocorrection, please check it.
Window and tab titles are changed by emitting an unprintable escape
sequence to the terminal. These escape sequences do not play nicely
with the TAB character on multiple terminal emulators--they create
un-deletable characters on the first line after command execution.
Sending "\r" after changing the window and tab titles allows all
characters on the first line to be deleted.
Fixes#11314
In BSD awk, \s is not a valid sequence interchangeable with "space or tab characters"
as it is in GNU awk. This fix uses [ \t] instead, which is all the possibilities that
we need to contemplate when reading the .zshrc file.
Fixes#11146
Since `set -e` is enabled, when `commit.gpgsign` is not set the
`git config` command would show an error. Given that it is technically
not ignored, the subshell would exit.
With this change, the `commit.gpgsign` setting is properly tested
by doing the fallback test if the command fails, so no exit status
code ends up quiting the subshell.
This lib function applies a patch to the VCS_INFO_formats function
in zsh versions from v5.0.3 until v5.8, which don't quote % chars
in some arguments received. Normally that just means that some
% characters in these strings (branch names, directories, etc.)
will be incorrectly parsed as formatting sequences.
With CVE-2021-45444, however, this means that one of these strings
from a malicious source (e.g. a malicious git repository) can
trigger command injection and run arbitrary code in the user's
machine when visiting such git repository.
Zsh 5.8.1 fixes this vulnerability [1], but older vcs_info setups
still need a workaround such as this one to patch the vulnerability.
[1] c3ea1e5d52
The commands `omz plugin {enable,disable}` and `omz theme set`
automatically reload the zsh session on success. With this
change, the CLI checks whether the commands are run in an
interactive session before reloading the zsh session.
This change also conditionally sets the completion function
for `omz` so that it's not done in a non-interactive session.
The `title` function unsafely prints its input without sanitization, which if used
with custom user code that calls it, it could trigger command injection.
The `spectrum_ls` and `spectrum_bls` could similarly be exploited if a variable is
changed in the user's shell environment with a carefully crafted value. This is
highly unlikely to occur (and if possible, other methods would be used instead),
but with this change the exploit of these two functions is now impossible.
The `omz_urldecode` function uses an eval to decode the input which can be
exploited to inject commands. This is used only in the svn plugin and it
requires a complex process to exploit, so it is highly unlikely to have been
used by an attacker.
BREAKING CHANGE: the `zsh_reload` plugin is deprecated. Instead of using its `src`
function, use `omz reload` or `exec zsh` to reload zsh after making changes to
your `.zshrc` file.
Closes#9078
* Don't error on upgrade no-op
No error code is required for a non failure scenario.
* Manually check whether changes were pulled in `omz update`
Co-authored-by: Marc Cornellà <hello@mcornella.com>
Show the remote branch the local branch is tracking if `ZSH_THEME_GIT_SHOW_UPSTREAM`
is set, like so: `ZSH_THEME_GIT_SHOW_UPSTREAM=1`.
Co-authored-by: Marc Cornellà <marc.cornella@live.com>