From 26cdff0e92bf93a2afcb4a78e056780ea3f582e7 Mon Sep 17 00:00:00 2001 From: Christian Clason Date: Sat, 4 Nov 2023 11:37:42 +0100 Subject: vim-patch:cd8a3eaf5348 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit runtime(dist): centralize safe executable check and add vim library (vim/vim#13413) Follow up to 816fbcc26 (patch 9.0.1833: [security] runtime file fixes, 2023-08-31) and f7ac0ef50 (runtime: don't execute external commands when loading ftplugins, 2023-09-06). This puts the logic for safe executable checks in a single place, by introducing a central vim library, so all filetypes benefit from consistency. Notable changes: - dist#vim because the (autoload) namespace for a new runtime support library. Supporting functions should get documentation. It might make life easier for NeoVim devs to make the documentation a new file rather than cram it into existing files, though we may want cross-references to it somewhere… - The gzip and zip plugins need to be opted into by enabling execution of those programs (or the global plugin_exec). This needs documentation or discussion. - This fixes a bug in the zig plugin: code setting s:tmp_cwd was removed in f7ac0ef50 (runtime: don't execute external commands when loading ftplugins, 2023-09-06), but the variable was still referenced. Since the new function takes care of that automatically, the variable is no longer needed. https://github.com/vim/vim/commit/cd8a3eaf5348feacfecab4b374b7ea4ce6a97422 Co-authored-by: D. Ben Knoble --- runtime/autoload/dist/vim.vim | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 runtime/autoload/dist/vim.vim (limited to 'runtime/autoload/dist') diff --git a/runtime/autoload/dist/vim.vim b/runtime/autoload/dist/vim.vim new file mode 100644 index 0000000000..57b757f021 --- /dev/null +++ b/runtime/autoload/dist/vim.vim @@ -0,0 +1,17 @@ +vim9script + +# Vim runtime support library +# +# Maintainer: The Vim Project +# Last Change: 2023 Oct 25 + +export def IsSafeExecutable(filetype: string, executable: string): bool + var cwd = getcwd() + return get(g:, filetype .. '_exec', get(g:, 'plugin_exec', 0)) + && (fnamemodify(exepath(executable), ':p:h') !=# cwd + || (split($PATH, has('win32') ? ';' : ':')->index(cwd) != -1 + && cwd != '.')) +enddef + +# Uncomment this line to check for compilation errors early +# defcompile -- cgit From 2a47dbe2282c656c63a29005f35399db740ab958 Mon Sep 17 00:00:00 2001 From: Christian Clason Date: Sat, 4 Nov 2023 11:38:08 +0100 Subject: vim-patch:4f174f0de90b runtime(dist): add legacy version for central vim library Also, enable the zip and gzip plugins by default, unless those variables were not explicitly set by the user. related: vim/vim#13413 https://github.com/vim/vim/commit/4f174f0de90b52937ddaf1e6db98e9731930ff7c Co-authored-by: Christian Brabandt --- runtime/autoload/dist/vim.vim | 41 +++++++++++++++++++++++++++-------------- 1 file changed, 27 insertions(+), 14 deletions(-) (limited to 'runtime/autoload/dist') diff --git a/runtime/autoload/dist/vim.vim b/runtime/autoload/dist/vim.vim index 57b757f021..d5a8984dc6 100644 --- a/runtime/autoload/dist/vim.vim +++ b/runtime/autoload/dist/vim.vim @@ -1,17 +1,30 @@ -vim9script +" Vim runtime support library, +" runs the vim9 script version or legacy script version +" on demand (mostly for Neovim compatability) +" +" Maintainer: The Vim Project +" Last Change: 2023 Nov 04 -# Vim runtime support library -# -# Maintainer: The Vim Project -# Last Change: 2023 Oct 25 -export def IsSafeExecutable(filetype: string, executable: string): bool - var cwd = getcwd() - return get(g:, filetype .. '_exec', get(g:, 'plugin_exec', 0)) - && (fnamemodify(exepath(executable), ':p:h') !=# cwd - || (split($PATH, has('win32') ? ';' : ':')->index(cwd) != -1 - && cwd != '.')) -enddef +" enable the zip and gzip plugin by default, if not set +if !exists('g:zip_exec') + let g:zip_exec = 1 +endif -# Uncomment this line to check for compilation errors early -# defcompile +if !exists('g:gzip_exec') + let g:gzip_exec = 1 +endif + +if !exists(":def") + function dist#vim#IsSafeExecutable(filetype, executable) + let cwd = getcwd() + return get(g:, a:filetype .. '_exec', get(g:, 'plugin_exec', 0)) && + \ (fnamemodify(exepath(a:executable), ':p:h') !=# cwd + \ || (split($PATH, has('win32') ? ';' : ':')->index(cwd) != -1 && + \ cwd != '.')) + endfunction +else + def dist#vim#IsSafeExecutable(filetype: string, executable: string): bool + return dist#vim9#IsSafeExecutable(filetype, executable) + enddef +endif -- cgit From dcf5999fcd706c4319fb9c12bf9b46f2dd2b51b2 Mon Sep 17 00:00:00 2001 From: Christian Clason Date: Sun, 5 Nov 2023 11:32:43 +0100 Subject: vim-patch:b2a4c110a5d1 runtime(dist): Make dist/vim.vim work properly when lacking vim9script support (vim/vim#13487) `:return` cannot be used outside of `:function` (or `:def`) in older Vims lacking Vim9script support or in Neovim, even when evaluation is being skipped in the dead `:else` branch. Instead, use the pattern described in `:h vim9-mix`, which uses `:finish` to end script processing before it reaches the vim9script stuff. https://github.com/vim/vim/commit/b2a4c110a5d13bc794f4eddb2e88a4e8fe9dfbea Co-authored-by: Sean Dewar --- runtime/autoload/dist/vim.vim | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'runtime/autoload/dist') diff --git a/runtime/autoload/dist/vim.vim b/runtime/autoload/dist/vim.vim index d5a8984dc6..021244c93b 100644 --- a/runtime/autoload/dist/vim.vim +++ b/runtime/autoload/dist/vim.vim @@ -15,16 +15,18 @@ if !exists('g:gzip_exec') let g:gzip_exec = 1 endif -if !exists(":def") - function dist#vim#IsSafeExecutable(filetype, executable) +if !has('vim9script') + function dist#vim#IsSafeExecutable(filetype, executable) let cwd = getcwd() return get(g:, a:filetype .. '_exec', get(g:, 'plugin_exec', 0)) && \ (fnamemodify(exepath(a:executable), ':p:h') !=# cwd \ || (split($PATH, has('win32') ? ';' : ':')->index(cwd) != -1 && \ cwd != '.')) - endfunction -else - def dist#vim#IsSafeExecutable(filetype: string, executable: string): bool - return dist#vim9#IsSafeExecutable(filetype, executable) - enddef + endfunction + + finish endif + +def dist#vim#IsSafeExecutable(filetype: string, executable: string): bool + return dist#vim9#IsSafeExecutable(filetype, executable) +enddef -- cgit