See https://github.com/vim/vim/pull/13213/commits by @dkearns:
Rename 'keywordprg' user command to ShKeywordPrg as this is just a
leaking implementation detail.
Signed-off-by: Christian Brabandt <cb@256bit.org>
ftplugin/rmd.vim:
- Set 'commentstring' dynamically according to code region.
syntax/rmd.vim:
- Include syntax highlighting of fenced languages dynamically.
- Add conceal char for line break.
Signed-off-by: Christian Brabandt <cb@256bit.org>
This is a followup to 816fbcc262687b81fc46f82f7bbeb1453addfe0c (patch
9.0.1833: [security] runtime file fixes)
It basically disables that external commands are run on loading of the
filetype plugin, **unless** the user has set the `g:plugin_exec = 1`
global variable in their configuration or for a specific filetype the
variable g:<filetype>_exec=1.
There are a few more plugins, that may execute system commands like
debchangelog, gitcommit, sh, racket, zsh, ps1 but those do at least
do not run those commands by default during loading of the filetype plugin
(there the command is mostly run as convenience for auto-completion or
to provide documentation lookup).
closes: #13034
Signed-off-by: Christian Brabandt <cb@256bit.org>
Co-authored-by: Tim Pope <vim@tpope.org>
In case the current directory is present as valid $PATH entry, it is OK
to call the program from it, even if vim curdir is in that same
directory.
(Without that patch, for instance, you will not be able to open .zip
files while your current directory is /bin)
closes: #13027
Signed-off-by: Christian Brabandt <cb@256bit.org>
While making changes to the ruby ftplugin, slightly change the exepath()
conditional from patch 9.0.1833 and move it after the :cd invocation.
closes: 12981
closes: 12994
Signed-off-by: Christian Brabandt <cb@256bit.org>
Co-authored-by: Tim Pope <code@tpope.net>
Co-authored-by: Doug Kearns <dougkearns@gmail.com>
Problem: runtime files may execute code in current dir
Solution: only execute, if not run from current directory
The perl, zig and ruby filetype plugins and the zip and gzip autoload
plugins may try to load malicious executable files from the current
working directory. This is especially a problem on windows, where the
current directory is implicitly in your $PATH and windows may even run a
file with the extension `.bat` because of $PATHEXT.
So make sure that we are not trying to execute a file from the current
directory. If this would be the case, error out (for the zip and gzip)
plugins or silently do not run those commands (for the ftplugins).
This assumes, that only the current working directory is bad. For all
other directories, it is assumed that those directories were
intentionally set to the $PATH by the user.
Signed-off-by: Christian Brabandt <cb@256bit.org>
The single quote `'` is a valid character in variable names, so it should be included in `iskeyword`; this, for instance, makes the <kbd>*</kbd> command behave predictably
Problem: Runtime: Missing QML support
Solution: Add QML support to Vim
closes: #12810
Signed-off-by: Christian Brabandt <cb@256bit.org>
Co-authored-by: ChaseKnowlden <haroldknowlden@gmail.com>
* Dedicate upcoming Vim 9.1 to Bram
Also replace in a few more places Brams email address and mention new
maintainers.
* Remove Bram from any Maintainer role
* runtime: Align Header
* it's mailing list not mailinglist
* feat(heex): borrow matchit support from html
Makes % support behave the same in heex as in html. For example, quickly moving the cursor between opening and closing tags.
* Remove unnecessary line; define b:undo_ftplugin first
* Remove b:html_set_match_words
