From: Antero Mejr via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
To: 61901@debbugs.gnu.org
Subject: bug#61901: 30.0.50; [PATCH v3] Add safe-local-variable-directories variable.
Date: Tue, 25 Apr 2023 16:40:07 +0000 [thread overview]
Message-ID: <87354nlxug.fsf@mailbox.org> (raw)
In-Reply-To: <87sfeoksuk.fsf@mailbox.org>
[-- Attachment #1: Type: text/plain, Size: 266 bytes --]
Updated safe-local-variable-directories patch onto master and added bug
number to commit message.
Also should I use git --reroll-count to make v2 patches, v3, etc? If so
then I included another patch to gitignore rerolled patches, otherwise
please disregard it.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: v3-0001-Add-safe-local-variable-directories-variable.patch --]
[-- Type: text/x-patch, Size: 7180 bytes --]
From 21506c01f72b10fb69ede16333e4970c0c402851 Mon Sep 17 00:00:00 2001
From: Antero Mejr <antero@mailbox.org>
Date: Tue, 25 Apr 2023 15:30:16 +0000
Subject: [PATCH v3] Add safe-local-variable-directories variable.
This variable can be set to automatically load risky dir-local
variables from a list of trusted directories.
* lisp/emacs-lisp/files.el (safe-local-variable-directories,
hack-local-variables-filter, hack-local-variables-confirm): New
variable and associated logic.
* test/lisp/files-tests.el
(files-tests-safe-local-variable-directories): Add tests for same.
* doc/lispref/variables.texi (File Local Variables): Add documentation
for same.
* etc/NEWS (Lisp Changes in Emacs 30.1): Add news entry for
same. (Bug#61901)
---
doc/lispref/variables.texi | 7 +++++++
etc/NEWS | 5 +++++
lisp/files.el | 27 ++++++++++++++++++++++-----
test/lisp/files-tests.el | 21 +++++++++++++++++++++
4 files changed, 55 insertions(+), 5 deletions(-)
diff --git a/doc/lispref/variables.texi b/doc/lispref/variables.texi
index eadb5c36de6..7df41a7c997 100644
--- a/doc/lispref/variables.texi
+++ b/doc/lispref/variables.texi
@@ -1977,6 +1977,13 @@ this can be controlled by using this variable, which is a list of
symbols.
@end defvar
+@defvar safe-local-variable-directories
+This is a list of directories where local variables are always enabled.
+Directory-local variables loaded from these directories, such as the
+variables in @file{.dir-locals.el}, will be enabled even if they are
+risky.
+@end defvar
+
@defun hack-local-variables &optional handle-mode
This function parses, and binds or evaluates as appropriate, any local
variables specified by the contents of the current buffer. The variable
diff --git a/etc/NEWS b/etc/NEWS
index d39343b8bd4..4eb3ab27139 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -375,6 +375,11 @@ hooks named after the feature name, like 'esh-mode-unload-hook'.
\f
* Lisp Changes in Emacs 30.1
++++
+** New variable 'safe-local-variable-directories'.
+This variable is used to to permanently trust directories containing
+risky directory-local variables.
+
** New variable 'inhibit-auto-fill' to temporarily prevent auto-fill.
** Functions and variables to transpose sexps
diff --git a/lisp/files.el b/lisp/files.el
index c6f53e5eaf8..3152fc61d9d 100644
--- a/lisp/files.el
+++ b/lisp/files.el
@@ -681,7 +681,8 @@ The command \\[normal-mode], when used interactively,
always obeys file local variable specifications and the -*- line,
and ignores this variable.
-Also see the `permanently-enabled-local-variables' variable."
+Also see the `permanently-enabled-local-variables' and
+`safe-local-variable-directories' variables."
:risky t
:type '(choice (const :tag "Query Unsafe" t)
(const :tag "Safe Only" :safe)
@@ -3696,6 +3697,15 @@ variable to set.")
"A list of file-local variables that are always enabled.
This overrides any `enable-local-variables' setting.")
+(defcustom safe-local-variable-directories '()
+ "A list of directories where local variables are always enabled.
+Directory-local variables loaded from these directories, such as the
+variables in .dir-locals.el, will be enabled even if they are risky."
+ :version "30.1"
+ :type '(repeat string)
+ :risky t
+ :group 'find-file)
+
(defun hack-local-variables-confirm (all-vars unsafe-vars risky-vars dir-name)
"Get confirmation before setting up local variable values.
ALL-VARS is the list of all variables to be set up.
@@ -3734,7 +3744,9 @@ n -- to ignore the local variables list.")
! -- to apply the local variables list, and permanently mark these
values (*) as safe (in the future, they will be set automatically.)
i -- to ignore the local variables list, and permanently mark these
- values (*) as ignored\n\n")
+ values (*) as ignored
++ -- to apply the local variables list, and permanently trust all
+ directory-local variables in this directory\n\n")
(insert "\n\n"))
(dolist (elt all-vars)
(cond ((member elt unsafe-vars)
@@ -3758,7 +3770,7 @@ i -- to ignore the local variables list, and permanently mark these
(pop-to-buffer buf '(display-buffer--maybe-at-bottom))
(let* ((exit-chars '(?y ?n ?\s))
(prompt (format "Please type %s%s: "
- (if offer-save "y, n, ! or i" "y or n")
+ (if offer-save "y, n, !, i, or +" "y or n")
(if (< (line-number-at-pos (point-max))
(window-body-height))
""
@@ -3766,8 +3778,12 @@ i -- to ignore the local variables list, and permanently mark these
char)
(when offer-save
(push ?i exit-chars)
- (push ?! exit-chars))
+ (push ?! exit-chars)
+ (push ?+ exit-chars))
(setq char (read-char-choice prompt exit-chars))
+ (when (and offer-save (= char ?+))
+ (customize-push-and-save 'safe-local-variable-directories
+ (list dir-name)))
(when (and offer-save
(or (= char ?!) (= char ?i))
unsafe-vars)
@@ -3776,7 +3792,7 @@ i -- to ignore the local variables list, and permanently mark these
'safe-local-variable-values
'ignored-local-variable-values)
unsafe-vars))
- (prog1 (memq char '(?! ?\s ?y))
+ (prog1 (memq char '(?! ?\s ?y ?+))
(quit-window t)))))))
(defconst hack-local-variable-regexp
@@ -3908,6 +3924,7 @@ DIR-NAME is the name of the associated directory. Otherwise it is nil."
(null unsafe-vars)
(null risky-vars))
(memq enable-local-variables '(:all :safe))
+ (member dir-name safe-local-variable-directories)
(hack-local-variables-confirm all-vars unsafe-vars
risky-vars dir-name))
(dolist (elt all-vars)
diff --git a/test/lisp/files-tests.el b/test/lisp/files-tests.el
index aadb60e1de7..af74a8b1ecf 100644
--- a/test/lisp/files-tests.el
+++ b/test/lisp/files-tests.el
@@ -166,6 +166,27 @@ form.")
(hack-local-variables)
(should (eq lexical-binding nil)))))
+(ert-deftest files-tests-safe-local-variable-directories ()
+ ;; safe-local-variable-directories should be risky,
+ ;; so use it as an arbitrary risky variable.
+ (let ((test-alist '((safe-local-variable-directories . "some_val")))
+ (fakedir "test1/test2")
+ (enable-local-eval t))
+ (with-temp-buffer
+ (setq safe-local-variable-directories (list fakedir))
+ (hack-local-variables-filter test-alist fakedir)
+ (should (equal file-local-variables-alist test-alist)))
+ (with-temp-buffer
+ (setq safe-local-variable-directories (list fakedir))
+ (setq noninteractive t)
+ (hack-local-variables-filter test-alist "wrong")
+ (should-not (equal file-local-variables-alist test-alist)))
+ (with-temp-buffer
+ (setq safe-local-variable-directories '())
+ (setq noninteractive t)
+ (hack-local-variables-filter test-alist fakedir)
+ (should-not (equal file-local-variables-alist test-alist)))))
+
(defvar files-test-bug-18141-file
(ert-resource-file "files-bug18141.el.gz")
"Test file for bug#18141.")
--
2.39.2
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #3: 0001-Ignore-rerolled-patches.patch --]
[-- Type: text/x-patch, Size: 608 bytes --]
From e847ad3f782304f210c318502da031d8a810834f Mon Sep 17 00:00:00 2001
From: Antero Mejr <antero@mailbox.org>
Date: Tue, 25 Apr 2023 15:33:18 +0000
Subject: [PATCH] Ignore rerolled patches.
* .gitignore (Version control and locks): Ignore .patch files that
start with "v" and a number 0-99.
---
.gitignore | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.gitignore b/.gitignore
index b09a0c030b3..139eb49ba41 100644
--- a/.gitignore
+++ b/.gitignore
@@ -283,6 +283,8 @@ gnustmp*
\#*\#
ChangeLog
[0-9]*.patch
+v[0-9]-[0-9]*.patch
+v[0-9][0-9]-[0-9]*.patch
[0-9]*.txt
/vc-dwim-log-*
--
2.39.2
next prev parent reply other threads:[~2023-04-25 16:40 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-01 22:20 bug#61901: 30.0.50; [PATCH] Add permanently-enabled-local-variable-dirs variable Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-03-02 6:57 ` Eli Zaretskii
2023-03-02 17:09 ` Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-03-02 18:04 ` Eli Zaretskii
2023-03-14 18:46 ` Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-03-14 19:48 ` Eli Zaretskii
2023-04-25 16:40 ` Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors [this message]
2023-04-25 17:23 ` bug#61901: 30.0.50; [PATCH v3] Add safe-local-variable-directories variable Eli Zaretskii
2023-05-09 21:29 ` Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-11 13:55 ` Eli Zaretskii
[not found] ` <87ilcy3mdt.fsf@mailbox.org>
2023-05-11 16:10 ` Eli Zaretskii
2023-05-11 17:49 ` Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-11 18:11 ` Eli Zaretskii
2023-05-11 20:11 ` Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-11 21:38 ` Antero Mejr via Bug reports for GNU Emacs, the Swiss army knife of text editors
2023-05-12 11:09 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87354nlxug.fsf@mailbox.org \
--to=bug-gnu-emacs@gnu.org \
--cc=61901@debbugs.gnu.org \
--cc=antero@mailbox.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.