m-vim_plugins/nerdtree
1
0
Fork 0
mirror of https://github.com/preservim/nerdtree.git synced 2025-11-08 11:23:48 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add missing calls to the shellescape() function (#1099)

Browse Source 
* Improve "g:NERDTreeQuickLook()"

The following improvements were made...

  - Use variable sigils
  - Shorten a local variable name
  - Prefer an early return over testing for a negative
  - Switch to single quotes
  - Call "shellescape()" to pass a command argument [IMPORTANT!]

The final change is a critical fix for the security and reliability
of this function (see ":h system()").

Similar fixes for the other functions in this script will follow.

* Improve "g:NERDTreeRevealInFinder()"

This commit makes several style improvements and adds a missing call
to the "shellescape()" function.

See also: 56cfbcff1e

* Improve "g:NERDTreeExecuteFile()"

Refer to: 56cfbcff1e

* Improve "g:NERDTreeRevealFileLinux()"

Refer to: 56cfbcff1e

* Improve "g:NERDTreeExecuteFileLinux()"

Refer to: 56cfbcff1e

* Properly reveal "/" on Linux

This commit handles the edge case where a user invokes the "reveal"
function on "/" on a Linux box.  There is nothing to do but open the
root directory itself since "/" has no parent.

* Update the "CHANGELOG.md" file

* Add final missing "shellescape()" calls

I initially thought that there were several more locations where
a call to "shellescape()" was required but omitted.  However, there
are only two.  I suppose I should have taken the time to look.

Fixing these was easy.  I would be surprised if this change breaks
anything on the user side.

* Update the "CHANGELOG.md" file (again)

Use a more fitting description of the change...
This commit is contained in:
lifecrisis
2020-04-09 21:37:55 -04:00
committed by GitHub
parent 832bbaa729
commit f767dd34a0
3 changed files with 42 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -5,6 +5,7 @@
- **.PATCH**: Pull Request Title (PR Author) [PR Number](Link to PR)
-->
#### 6.7
- **.4**: Add missing calls to the `shellescape()` function (lifecrisis) [#1099](https://github.com/preservim/nerdtree/pull/1099)
- **.3**: Fix vsplit to not open empty buffers when opening previously closed file (AwkwardKore) [#1098](https://github.com/preservim/nerdtree/pull/1098)
- **.2**: Fix infinity loop (on winvim) in FindParentVCSRoot (Eugenij-W) [#1095](https://github.com/preservim/nerdtree/pull/1095)
- **.1**: File Move: Escape existing directory name when looking for open files. (PhilRunninger) [#1094](https://github.com/preservim/nerdtree/pull/1094)