IntenseFinance/neovim
3
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-02-25 18:55:25 -06:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:8ebdbc9e6d80 (#25816)

Browse Source 
runtime(doc): all secure options should note this restriction in the documentation (vim/vim#13448)

Problem:  Not all secure options document their status
Solution: Describe secure context :set restrictions in each help entry

8ebdbc9e6d

Co-authored-by: dkearns <dougkearns@gmail.com>
This commit is contained in:
zeertzjq 2023-10-29 06:15:13 +08:00 committed by GitHub
parent f2fb05238a
commit a2a1a65b98
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 42 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
runtime/doc/options.txt
View File

@ -1214,6 +1214,8 @@ A jump table for the options with a short description can be found at |Q_op|.
current working directory to the |$HOME| directory like in Unix. current working directory to the |$HOME| directory like in Unix.
When off, those commands just print the current directory name. When off, those commands just print the current directory name.
On Unix this option has no effect. On Unix this option has no effect.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
*'cdpath'* *'cd'* *E344* *E346* *'cdpath'* *'cd'* *E344* *E346*
'cdpath' 'cd' string (default equivalent to $CDPATH or ",,") 'cdpath' 'cd' string (default equivalent to $CDPATH or ",,")
@ -4095,7 +4097,8 @@ A jump table for the options with a short description can be found at |Q_op|.
< If you have less than 512 Mbyte |:mkspell| may fail for some < If you have less than 512 Mbyte |:mkspell| may fail for some
languages, no matter what you set 'mkspellmem' to. languages, no matter what you set 'mkspellmem' to.
This option cannot be set from a |modeline| or in the |sandbox|. This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
*'modeline'* *'ml'* *'nomodeline'* *'noml'* *'modeline'* *'ml'* *'nomodeline'* *'noml'*
'modeline' 'ml' boolean (default on (off for root)) 'modeline' 'ml' boolean (default on (off for root))
@ -4475,6 +4478,8 @@ A jump table for the options with a short description can be found at |Q_op|.
global global
Directories used to find packages. Directories used to find packages.
See |packages| and |packages-runtimepath|. See |packages| and |packages-runtimepath|.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
*'paragraphs'* *'para'* *'paragraphs'* *'para'*
'paragraphs' 'para' string (default "IPLPPPQPP TPHPLIPpLpItpplpipbp") 'paragraphs' 'para' string (default "IPLPPPQPP TPHPLIPpLpItpplpipbp")
@ -4487,6 +4492,8 @@ A jump table for the options with a short description can be found at |Q_op|.
global global
Expression which is evaluated to apply a patch to a file and generate Expression which is evaluated to apply a patch to a file and generate
the resulting new version of the file. See |diff-patchexpr|. the resulting new version of the file. See |diff-patchexpr|.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
*'patchmode'* *'pm'* *E205* *E206* *'patchmode'* *'pm'* *E205* *E206*
'patchmode' 'pm' string (default "") 'patchmode' 'pm' string (default "")
@ -5382,6 +5389,8 @@ A jump table for the options with a short description can be found at |Q_op|.
When 'shellxquote' is set to "(" then the characters listed in this When 'shellxquote' is set to "(" then the characters listed in this
option will be escaped with a '^' character. This makes it possible option will be escaped with a '^' character. This makes it possible
to execute most external commands with cmd.exe. to execute most external commands with cmd.exe.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
*'shellxquote'* *'sxq'* *'shellxquote'* *'sxq'*
'shellxquote' 'sxq' string (default "", Windows: "\"") 'shellxquote' 'sxq' string (default "", Windows: "\"")
@ -6429,6 +6438,8 @@ A jump table for the options with a short description can be found at |Q_op|.
function and an example. The value can be the name of a function, a function and an example. The value can be the name of a function, a
|lambda| or a |Funcref|. See |option-value-function| for more |lambda| or a |Funcref|. See |option-value-function| for more
information. information.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
*'taglength'* *'tl'* *'taglength'* *'tl'*
'taglength' 'tl' number (default 0) 'taglength' 'tl' number (default 0)
@ -6817,6 +6828,8 @@ A jump table for the options with a short description can be found at |Q_op|.
Setting 'verbosefile' to a new value is like making it empty first. Setting 'verbosefile' to a new value is like making it empty first.
The difference with |:redir| is that verbose messages are not The difference with |:redir| is that verbose messages are not
displayed when 'verbosefile' is set. displayed when 'verbosefile' is set.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
*'viewdir'* *'vdir'* *'viewdir'* *'vdir'*
'viewdir' 'vdir' string (default "$XDG_STATE_HOME/nvim/view//") 'viewdir' 'vdir' string (default "$XDG_STATE_HOME/nvim/view//")

15
runtime/lua/vim/_meta/options.lua generated
View File

@ -694,6 +694,8 @@ vim.go.cmp = vim.go.casemap
--- current working directory to the `$HOME` directory like in Unix. --- current working directory to the `$HOME` directory like in Unix.
--- When off, those commands just print the current directory name. --- When off, those commands just print the current directory name.
--- On Unix this option has no effect. --- On Unix this option has no effect.
--- This option cannot be set from a `modeline` or in the `sandbox`, for
--- security reasons.
--- ---
--- @type boolean --- @type boolean
vim.o.cdhome = false vim.o.cdhome = false
@ -4122,7 +4124,8 @@ vim.go.mis = vim.go.menuitems
--- If you have less than 512 Mbyte `:mkspell` may fail for some --- If you have less than 512 Mbyte `:mkspell` may fail for some
--- languages, no matter what you set 'mkspellmem' to. --- languages, no matter what you set 'mkspellmem' to.
--- ---
--- This option cannot be set from a `modeline` or in the `sandbox`. --- This option cannot be set from a `modeline` or in the `sandbox`, for
--- security reasons.
--- ---
--- @type string --- @type string
vim.o.mkspellmem = "460000,2000,500" vim.o.mkspellmem = "460000,2000,500"
@ -4567,6 +4570,8 @@ vim.go.opfunc = vim.go.operatorfunc
--- Directories used to find packages. --- Directories used to find packages.
--- See `packages` and `packages-runtimepath`. --- See `packages` and `packages-runtimepath`.
--- This option cannot be set from a `modeline` or in the `sandbox`, for
--- security reasons.
--- ---
--- @type string --- @type string
vim.o.packpath = "..." vim.o.packpath = "..."
@ -4585,6 +4590,8 @@ vim.go.para = vim.go.paragraphs
--- Expression which is evaluated to apply a patch to a file and generate --- Expression which is evaluated to apply a patch to a file and generate
--- the resulting new version of the file. See `diff-patchexpr`. --- the resulting new version of the file. See `diff-patchexpr`.
--- This option cannot be set from a `modeline` or in the `sandbox`, for
--- security reasons.
--- ---
--- @type string --- @type string
vim.o.patchexpr = "" vim.o.patchexpr = ""
@ -5628,6 +5635,8 @@ vim.go.stmp = vim.go.shelltemp
--- When 'shellxquote' is set to "(" then the characters listed in this --- When 'shellxquote' is set to "(" then the characters listed in this
--- option will be escaped with a '^' character. This makes it possible --- option will be escaped with a '^' character. This makes it possible
--- to execute most external commands with cmd.exe. --- to execute most external commands with cmd.exe.
--- This option cannot be set from a `modeline` or in the `sandbox`, for
--- security reasons.
--- ---
--- @type string --- @type string
vim.o.shellxescape = "" vim.o.shellxescape = ""
@ -6855,6 +6864,8 @@ vim.go.tc = vim.go.tagcase
--- function and an example. The value can be the name of a function, a --- function and an example. The value can be the name of a function, a
--- `lambda` or a `Funcref`. See `option-value-function` for more --- `lambda` or a `Funcref`. See `option-value-function` for more
--- information. --- information.
--- This option cannot be set from a `modeline` or in the `sandbox`, for
--- security reasons.
--- ---
--- @type string --- @type string
vim.o.tagfunc = "" vim.o.tagfunc = ""
@ -7340,6 +7351,8 @@ vim.go.vbs = vim.go.verbose
--- Setting 'verbosefile' to a new value is like making it empty first. --- Setting 'verbosefile' to a new value is like making it empty first.
--- The difference with `:redir` is that verbose messages are not --- The difference with `:redir` is that verbose messages are not
--- displayed when 'verbosefile' is set. --- displayed when 'verbosefile' is set.
--- This option cannot be set from a `modeline` or in the `sandbox`, for
--- security reasons.
--- ---
--- @type string --- @type string
vim.o.verbosefile = "" vim.o.verbosefile = ""

15
src/nvim/options.lua
View File

@ -942,6 +942,8 @@ return {
current working directory to the |$HOME| directory like in Unix. current working directory to the |$HOME| directory like in Unix.
When off, those commands just print the current directory name. When off, those commands just print the current directory name.
On Unix this option has no effect. On Unix this option has no effect.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
]=], ]=],
full_name = 'cdhome', full_name = 'cdhome',
scope = { 'global' }, scope = { 'global' },
@ -5254,7 +5256,8 @@ return {
< If you have less than 512 Mbyte |:mkspell| may fail for some < If you have less than 512 Mbyte |:mkspell| may fail for some
languages, no matter what you set 'mkspellmem' to. languages, no matter what you set 'mkspellmem' to.
This option cannot be set from a |modeline| or in the |sandbox|. This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
]=], ]=],
expand = true, expand = true,
full_name = 'mkspellmem', full_name = 'mkspellmem',
@ -5830,6 +5833,8 @@ return {
desc = [=[ desc = [=[
Directories used to find packages. Directories used to find packages.
See |packages| and |packages-runtimepath|. See |packages| and |packages-runtimepath|.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
]=], ]=],
expand = true, expand = true,
full_name = 'packpath', full_name = 'packpath',
@ -5878,6 +5883,8 @@ return {
desc = [=[ desc = [=[
Expression which is evaluated to apply a patch to a file and generate Expression which is evaluated to apply a patch to a file and generate
the resulting new version of the file. See |diff-patchexpr|. the resulting new version of the file. See |diff-patchexpr|.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
]=], ]=],
full_name = 'patchexpr', full_name = 'patchexpr',
scope = { 'global' }, scope = { 'global' },
@ -7256,6 +7263,8 @@ return {
When 'shellxquote' is set to "(" then the characters listed in this When 'shellxquote' is set to "(" then the characters listed in this
option will be escaped with a '^' character. This makes it possible option will be escaped with a '^' character. This makes it possible
to execute most external commands with cmd.exe. to execute most external commands with cmd.exe.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
]=], ]=],
full_name = 'shellxescape', full_name = 'shellxescape',
scope = { 'global' }, scope = { 'global' },
@ -8464,6 +8473,8 @@ return {
function and an example. The value can be the name of a function, a function and an example. The value can be the name of a function, a
|lambda| or a |Funcref|. See |option-value-function| for more |lambda| or a |Funcref|. See |option-value-function| for more
information. information.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
]=], ]=],
full_name = 'tagfunc', full_name = 'tagfunc',
func = true, func = true,
@ -9297,6 +9308,8 @@ return {
Setting 'verbosefile' to a new value is like making it empty first. Setting 'verbosefile' to a new value is like making it empty first.
The difference with |:redir| is that verbose messages are not The difference with |:redir| is that verbose messages are not
displayed when 'verbosefile' is set. displayed when 'verbosefile' is set.
This option cannot be set from a |modeline| or in the |sandbox|, for
security reasons.
]=], ]=],
expand = true, expand = true,
full_name = 'verbosefile', full_name = 'verbosefile',