zeaslity/ohmyzsh
0
0
Fork 0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2026-05-31 08:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,794 Commits 2 Branches 0 Tags
c86ba78e2ff5c5a3e9282a84c0cc220dd3d5f253
Commit Graph

7794 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dylan Roman
c86ba78e2f feat(extract): add support for extracting to a specified directory (#13734) 2026-05-30 13:42:57 +02:00
Marc Cornellà
d170d18746 fix(dotenv): introduce safe parsing of .env files (#13778) 
* fix(dotenv): expect explicit yes before loading .env file
* fix(dotenv): implement secure parsing for .env files and add comprehensive tests
* feat(dotenv): check for .env file size to prevent DoS
* fix(dotenv): forbid setting special variables
* fix(dotenv): FIFO shouldn't be read twice
* fix(dotenv): unknown vars should expand to empty
* fix(dotenv): reject extremely large named pipes
* docs(dotenv): update to new parsing system
* fix(dotenv): add support for escaped dollars
* chore(dotenv): only declare local variables once
* fix(dotenv): apply review suggestions
* docs(dotenv): update test instructions

Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-05-28 20:23:45 +02:00
Marc Cornellà
c90141ed77 fix: escape % characters in git prompts 
This patch adds missing % character escaping for custom git prompts
used in a few themes. It also includes escaping for git-prompt.sh.

In combination with CVE-2021-45444, this could allow code execution
when displaying branch information in cloned malicious git repositories.
However, zsh 5.8.1 and newer are largely the default zsh versions, and
on those supported distributions with older zsh versions, the CVE has been
found to be also patched.

For this reason, this doesn't qualify as a security patch, but a
bug fix for proper printing of git branches.
 2026-05-28 19:45:47 +02:00
Michele Bologna
8eff9a5455 fix(michelebologna): syntax, escaping, label (#13756) 2026-05-28 19:23:46 +02:00
Minh Vu
5ddb7fedcc ci(deps): use resolved tag when syncing dependencies (#13764) 
Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-05-28 19:04:07 +02:00
Sediman AI
ddcdc26692 docs: update stale links (#13776) 
Co-authored-by: Sediman <jason@sediman.com>
 2026-05-28 18:56:03 +02:00
Minh Vu
fb03e414ee ci(deps): detect add-only vendored changes (#13765) 2026-05-28 18:54:11 +02:00
Iyigun Cevik
b26b500263 feat(juju): add native zsh completion and fix plugin utilities (#13663) 2026-05-27 16:37:23 +02:00
Oliver Jahren
fe11a3ae23 fix(dnf): use --installed to support dnf 4 and 5 (#13772) 2026-05-27 10:22:10 +02:00
Sediman AI
87a9b16b72 fix(alias-finder): use ? quantifier for BSD compat (#13774) 
Co-authored-by: Sediman <jason@sediman.com>
 2026-05-27 10:16:00 +02:00
OKWN
857a646516 docs(tt): rename README.MD to README.md (#13773) 2026-05-27 10:02:17 +02:00
dependabot[bot]
5ef67beadb chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0 (#13767) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-26 10:12:39 +02:00
dependabot[bot]
d633270784 chore(deps): bump step-security/harden-runner from 2.19.3 to 2.19.4 (#13768) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-26 10:12:19 +02:00
ohmyzsh[bot]
43c68566be chore(kube-ps1): update to 04af46f7 2026-05-24 14:41:59 +02:00
Md Mushfiqur Rahim
cb64103161 fix(aliases): preserve trailing double quotes in als output (#13744) 
Co-authored-by: Codebuff Contributor <contributor@codebuff.com>
 2026-05-18 09:00:15 +02:00
Masaru Iritani
0eecd2821e fix(tmux): respect ZSH_TMUX_UNICODE in tds (#13741) 2026-05-18 08:51:48 +02:00
rock2z
2a5313a9d0 docs(git): document missing aliases (#13742) 2026-05-18 08:51:23 +02:00
Kaspar V.
24959d5817 feat(pass-cli): add completions plugin (#13740) 2026-05-18 08:47:51 +02:00
dependabot[bot]
efd6135bf5 chore(deps): bump step-security/harden-runner from 2.19.1 to 2.19.3 (#13755) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:45:12 +02:00
dependabot[bot]
c68e752b1b chore(deps): bump idna from 3.13 to 3.15 in /.github/workflows/dependencies (#13754) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:44:51 +02:00
dependabot[bot]
8d0ff417c3 chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 (#13751) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:44:28 +02:00
dependabot[bot]
80a6f169c7 chore(deps): bump requests from 2.33.1 to 2.34.2 in /.github/workflows/dependencies (#13752) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:44:05 +02:00
dependabot[bot]
c4e39ad56b chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0 (#13753) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-18 08:43:53 +02:00
ohmyzsh[bot]
7478f1fd22 chore(kube-ps1): update to 7d575c6d (#13750) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-05-17 11:58:14 +02:00
dependabot[bot]
a07126330b chore(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (#13737) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.3 to 4.35.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e46ed2cbd0...68bde559de)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-11 11:00:26 +02:00
dependabot[bot]
1381fec0bf chore(deps): bump urllib3 from 2.6.3 to 2.7.0 in /.github/workflows/dependencies (#13738) 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.6.3 to 2.7.0.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.6.3...2.7.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-11 11:00:05 +02:00
Laurens Rouw
3604dc23e0 feat(jj): add new alias for new bookmark advance command (#13638) 2026-05-06 11:42:33 -07:00
ChrisJr404
8ab16fa493 docs(brew): correct brews description (#13730) 2026-05-06 14:34:32 +02:00
ohmyzsh[bot]
e64912e0c1 chore(gradle): update to version d8bc301a (#13724) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-05-04 09:20:10 +02:00
ohmyzsh[bot]
c24960c324 chore(z): update to version acd0e198 (#13725) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-05-04 09:19:36 +02:00
dependabot[bot]
571439d06b chore(deps): bump step-security/harden-runner from 2.19.0 to 2.19.1 (#13727) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 09:18:30 +02:00
dependabot[bot]
ff8297b0a9 chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#13726) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 09:18:11 +02:00
Fabricio
e7aa0c56e6 feat(fnm): add autostart option to setup fnm env (#12972) 2026-04-30 10:03:00 +02:00
ohmyzsh[bot]
2d5841740a chore(z): update to 519e5796 (#13716) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
Co-authored-by: Mahesh Subramanian <maheshpec123@gmail.com>
 2026-04-28 09:41:08 +02:00
Dylan Roman
278ee100fc fix(git): replace deprecated syntax for percent substitution in prompt (#13705) (#13706) 
Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-04-27 14:50:08 +02:00
Stephan Schielke
52c830cd32 fix(poetry-env): handle Poetry returning "." for venv path (#13183) 2026-04-27 11:06:54 +02:00
Thomas Renoth
8c3cce964a feat(bgnotify): add niri WM support (#13707) 2026-04-27 09:33:31 +02:00
ohmyzsh[bot]
d50115afd6 chore(z): update to version ae10ba3f (#13710) 
Co-authored-by: ohmyzsh[bot] <54982679+ohmyzsh[bot]@users.noreply.github.com>
 2026-04-27 09:20:10 +02:00
dependabot[bot]
232c6e4d8d chore(deps): bump idna from 3.11 to 3.13 in /.github/workflows/dependencies (#13712) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 09:19:09 +02:00
dependabot[bot]
50c56eb49b chore(deps): bump certifi from 2026.2.25 to 2026.4.22 in /.github/workflows/dependencies (#13713) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 09:15:39 +02:00
dependabot[bot]
bbe8cace5a chore(deps): bump step-security/harden-runner from 2.18.0 to 2.19.0 (#13711) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 09:15:13 +02:00
Truffle
349b9e49ce docs(kubectl): add missing aliases (#13699) 2026-04-20 11:01:03 +02:00
chaoliang yan
a4ee4daf3c fix(tmux): treat xterm-direct as 256-color (#13700) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: lawrence3699 <lawrence3699@users.noreply.github.com>
Co-authored-by: Carlo Sala <carlosalag@protonmail.com>
 2026-04-20 11:00:37 +02:00
dependabot[bot]
7a6357cbf6 chore(deps): bump step-security/harden-runner from 2.17.0 to 2.18.0 (#13697) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 10:55:24 +02:00
dependabot[bot]
106b887c1f chore(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#13698) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 10:54:07 +02:00
Carlo Sala
e42ac8c57b ci: add strong permission (#13694) 2026-04-16 19:05:24 +02:00
Carlo Sala
061f773dd3 ci: use client-id rather than app-id (#13690) 2026-04-13 11:31:03 +02:00
dependabot[bot]
c53cfb2de4 chore(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#13689) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-13 10:51:45 +02:00
dependabot[bot]
1708d84b70 chore(deps): bump step-security/harden-runner from 2.16.1 to 2.17.0 (#13687) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-13 09:54:42 +02:00
dependabot[bot]
46c673072e chore(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#13688) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-13 09:54:23 +02:00