commit dc3a30cfbb8304e10cff894a30c56fe43fc895ec
parent c81dc320b0246c25d2580d67a83a3b9f56738808
Author: Justin M. Keyes <justinkz@gmail.com>
Date: Mon, 28 Jul 2025 17:45:26 -0400
fix(messages): 'exrc' / secure messages
Diffstat:
6 files changed, 48 insertions(+), 47 deletions(-)
diff --git a/runtime/lua/vim/secure.lua b/runtime/lua/vim/secure.lua
@@ -121,16 +121,20 @@ function M.read(path)
return contents
end
- local dir_msg = ' To enable it, choose (v)iew then run `:trust`.'
+ local msg2 = ' To enable it, choose (v)iew then run `:trust`:'
local choices = '&ignore\n&view\n&deny'
if hash == 'directory' then
- dir_msg = ' DIRECTORY trust is decided only by its name, not its contents.'
+ msg2 = ' DIRECTORY trust is decided only by name, not contents:'
choices = '&ignore\n&view\n&deny\n&allow'
end
-- File either does not exist in trust database or the hash does not match
- local ok, result =
- pcall(vim.fn.confirm, string.format('%s is not trusted.%s', fullpath, dir_msg), choices, 1)
+ local ok, result = pcall(
+ vim.fn.confirm,
+ string.format('exrc: Found untrusted code.%s\n%s', msg2, fullpath),
+ choices,
+ 1
+ )
if not ok and result ~= 'Keyboard interrupt' then
error(result)
diff --git a/src/nvim/lua/secure.c b/src/nvim/lua/secure.c
@@ -78,11 +78,11 @@ static bool nlua_trust(const char *action, const char *path)
if (msg != NULL) {
if (success) {
if (strcmp(action, "allow") == 0) {
- smsg(0, "Allowed \"%s\" in trust database.", msg);
+ smsg(0, "Allowed in trust database: \"%s\"", msg);
} else if (strcmp(action, "deny") == 0) {
- smsg(0, "Denied \"%s\" in trust database.", msg);
+ smsg(0, "Denied in trust database: \"%s\"", msg);
} else if (strcmp(action, "remove") == 0) {
- smsg(0, "Removed \"%s\" from trust database.", msg);
+ smsg(0, "Removed from trust database: \"%s\"", msg);
}
} else {
semsg(e_trustfile, msg);
diff --git a/test/functional/core/server_spec.lua b/test/functional/core/server_spec.lua
@@ -192,10 +192,8 @@ describe('server', function()
return
end
local peer_addr = n.new_pipename()
- local client = n.new_session(
- true,
- { args = { '--clean', '--listen', peer_addr, '--embed' }, merge = false }
- )
+ local client =
+ n.new_session(true, { args = { '--clean', '--listen', peer_addr, '--embed' }, merge = false })
n.set_session(client)
eq(peer_addr, fn.serverlist()[1])
diff --git a/test/functional/core/startup_spec.lua b/test/functional/core/startup_spec.lua
@@ -1262,11 +1262,11 @@ describe('user config init', function()
-- trust .exrc
feed(':trust<CR>')
- screen:expect({ any = 'Allowed ".*' .. pathsep .. '%.exrc" in trust database.' })
+ screen:expect({ any = 'Allowed in trust database: ".*' .. pathsep .. '%.exrc"' })
feed(':q<CR>')
-- trust .nvim.lua
feed(':trust<CR>')
- screen:expect({ any = 'Allowed ".*' .. pathsep .. '%.nvim%.lua" in trust database.' })
+ screen:expect({ any = 'Allowed in trust database: ".*' .. pathsep .. '%.nvim%.lua"' })
feed(':q<CR>')
-- no exrc file is executed
feed(':echo g:exrc_count<CR>')
diff --git a/test/functional/ex_cmds/trust_spec.lua b/test/functional/ex_cmds/trust_spec.lua
@@ -35,15 +35,15 @@ describe(':trust', function()
local hash = fn.sha256(t.read_file('test_file'))
command('edit test_file')
- matches('^Allowed ".*test_file" in trust database%.$', exec_capture('trust'))
+ matches('^Allowed in trust database%: ".*test_file"$', exec_capture('trust'))
local trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
eq(string.format('%s %s', hash, cwd .. pathsep .. 'test_file'), vim.trim(trust))
- matches('^Denied ".*test_file" in trust database%.$', exec_capture('trust ++deny'))
+ matches('^Denied in trust database%: ".*test_file"$', exec_capture('trust ++deny'))
trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
eq(string.format('! %s', cwd .. pathsep .. 'test_file'), vim.trim(trust))
- matches('^Removed ".*test_file" from trust database%.$', exec_capture('trust ++remove'))
+ matches('^Removed from trust database%: ".*test_file"$', exec_capture('trust ++remove'))
trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
eq(string.format(''), vim.trim(trust))
end)
@@ -53,15 +53,15 @@ describe(':trust', function()
local hash = fn.sha256(t.read_file('test_file'))
command('edit test_file')
- matches('^Denied ".*test_file" in trust database%.$', exec_capture('trust ++deny'))
+ matches('^Denied in trust database%: ".*test_file"$', exec_capture('trust ++deny'))
local trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
eq(string.format('! %s', cwd .. pathsep .. 'test_file'), vim.trim(trust))
- matches('^Allowed ".*test_file" in trust database%.$', exec_capture('trust'))
+ matches('^Allowed in trust database%: ".*test_file"$', exec_capture('trust'))
trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
eq(string.format('%s %s', hash, cwd .. pathsep .. 'test_file'), vim.trim(trust))
- matches('^Removed ".*test_file" from trust database%.$', exec_capture('trust ++remove'))
+ matches('^Removed from trust database%: ".*test_file"$', exec_capture('trust ++remove'))
trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
eq(string.format(''), vim.trim(trust))
end)
@@ -69,12 +69,12 @@ describe(':trust', function()
it('deny then remove a file using file path', function()
local cwd = fn.getcwd()
- matches('^Denied ".*test_file" in trust database%.$', exec_capture('trust ++deny test_file'))
+ matches('^Denied in trust database%: ".*test_file"$', exec_capture('trust ++deny test_file'))
local trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
eq(string.format('! %s', cwd .. pathsep .. 'test_file'), vim.trim(trust))
matches(
- '^Removed ".*test_file" from trust database%.$',
+ '^Removed from trust database%: ".*test_file"$',
exec_capture('trust ++remove test_file')
)
trust = t.read_file(fn.stdpath('state') .. pathsep .. 'trust')
diff --git a/test/functional/lua/secure_spec.lua b/test/functional/lua/secure_spec.lua
@@ -55,22 +55,18 @@ describe('vim.secure', function()
})
local cwd = fn.getcwd()
- local msg = cwd
- .. pathsep
- .. 'Xfile is not trusted. To enable it, choose (v)iew then run `:trust`.'
- if #msg >= screen._width then
- pending('path too long')
- return
- end
+ local msg = 'exrc: Found untrusted code. To enable it, choose (v)iew then run `:trust`:'
+ local path = ('%s%sXfile'):format(cwd, pathsep)
-- Need to use feed_command instead of exec_lua because of the confirmation prompt
feed_command([[lua vim.secure.read('Xfile')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xfile'){MATCH: +}|
- {3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. msg .. [[}{MATCH: *}|
+ {3:]] .. path .. [[}{MATCH: *}|
{3:[i]gnore, (v)iew, (d)eny: }^{MATCH: +}|
]])
feed('d')
@@ -89,10 +85,11 @@ describe('vim.secure', function()
feed_command([[lua vim.secure.read('Xfile')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xfile'){MATCH: +}|
- {3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. msg .. [[}{MATCH: *}|
+ {3:]] .. path .. [[}{MATCH: *}|
{3:[i]gnore, (v)iew, (d)eny: }^{MATCH: +}|
]])
feed('v')
@@ -104,7 +101,7 @@ describe('vim.secure', function()
{MATCH: +}|
{1:~{MATCH: +}}|
{4:[No Name]{MATCH: +}}|
- Allowed "]] .. cwd .. pathsep .. [[Xfile" in trust database.{MATCH: +}|
+ Allowed in trust database: "]] .. cwd .. pathsep .. [[Xfile"{MATCH: +}|
]])
-- close the split for the next test below.
feed(':q<CR>')
@@ -119,10 +116,11 @@ describe('vim.secure', function()
feed_command([[lua vim.secure.read('Xfile')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xfile'){MATCH: +}|
- {3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. msg .. [[}{MATCH: *}|
+ {3:]] .. path .. [[}{MATCH: *}|
{3:[i]gnore, (v)iew, (d)eny: }^{MATCH: +}|
]])
feed('i')
@@ -138,10 +136,11 @@ describe('vim.secure', function()
feed_command([[lua vim.secure.read('Xfile')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xfile'){MATCH: +}|
{3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. path .. [[}{MATCH: *}|
{3:[i]gnore, (v)iew, (d)eny: }^{MATCH: +}|
]])
feed('v')
@@ -172,22 +171,19 @@ describe('vim.secure', function()
})
local cwd = fn.getcwd()
- local msg = cwd
- .. pathsep
- .. 'Xdir is not trusted. DIRECTORY trust is decided only by its name, not its contents.'
- if #msg >= screen._width then
- pending('path too long')
- return
- end
+ local msg =
+ 'exrc: Found untrusted code. DIRECTORY trust is decided only by name, not contents:'
+ local path = ('%s%sXdir'):format(cwd, pathsep)
-- Need to use feed_command instead of exec_lua because of the confirmation prompt
feed_command([[lua vim.secure.read('Xdir')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xdir'){MATCH: +}|
{3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. path .. [[}{MATCH: +}|
{3:[i]gnore, (v)iew, (d)eny, (a)llow: }^{MATCH: +}|
]])
feed('d')
@@ -206,10 +202,11 @@ describe('vim.secure', function()
feed_command([[lua vim.secure.read('Xdir')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xdir'){MATCH: +}|
{3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. path .. [[}{MATCH: +}|
{3:[i]gnore, (v)iew, (d)eny, (a)llow: }^{MATCH: +}|
]])
feed('a')
@@ -231,10 +228,11 @@ describe('vim.secure', function()
feed_command([[lua vim.secure.read('Xdir')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xdir'){MATCH: +}|
{3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. path .. [[}{MATCH: +}|
{3:[i]gnore, (v)iew, (d)eny, (a)llow: }^{MATCH: +}|
]])
feed('i')
@@ -250,10 +248,11 @@ describe('vim.secure', function()
feed_command([[lua vim.secure.read('Xdir')]])
screen:expect([[
{MATCH: +}|
- {1:~{MATCH: +}}|*3
+ {1:~{MATCH: +}}|*2
{2:{MATCH: +}}|
:lua vim.secure.read('Xdir'){MATCH: +}|
{3:]] .. msg .. [[}{MATCH: +}|
+ {3:]] .. path .. [[}{MATCH: +}|
{3:[i]gnore, (v)iew, (d)eny, (a)llow: }^{MATCH: +}|
]])
feed('v')
