Closed peterbraden closed 1 year ago
@twpayne Would it be feasible to add something like recursive_literal_*
/noparse_*
?
Thanks for the feature request!
It's not just run_
scripts that are a potential security problem. If you're importing VIM plugins then any of these plugins can use vimscript's system
function to run arbitrary commands on your machine. Fundamentally, if you're importing third-party files into your home directory you need to either trust or audit every change to that third-party code.
As you say, using .chezmoiexternal.toml
does allow you to import third-party files without the danger of chezmoi executing run_evil.sh
. I understand that in your case you prefer to use git submodules in your dotfiles repo, rather than either archive
or git-repo
externals.
It would be great if there was a way to indicate that chezmoi should ignore file prefixes below a certain subdirectory. For example a prefix
dot_vim/external_bundle/
or a sentinel filedot_vim/bundle/.chezmoiexternal
.Would it be feasible to add something like
recursive_literal_*
/noparse_*
?
Of these, I think the external_
prefix makes the most sense because:
.chezmoiexternal
sentinel file does not do this.recursive_literal_*
and noparse_*
would have the same effect, but I think external_
expresses the same more concisely.What I propose is:
external_
attribute that applies to directories only.external_
directory is encountered, then add its sub-entries as-is. Specifically, this means not interpreting attributes (i.e. a file called dot_file
becomes dot_file
in the target state, not .file
), interpreting permissions as-is (i.e. the file in the target state will only have executable permissions if the file in the source state has executable permission), no templates, symlinks in the target state must be symlinks in the source state, and so on..
, e.g. .git
and .gitignore
will, by default, be included. The user can use a .chezmoiignore
flie to exclude them.How does this sound?
Is your feature request related to a problem? Please describe.
Chezmoi runs files with the
run_
prefix. However sometimes you have subdirectories where you don't want this to happen. A common example is if you use git submodules for vim plugins - any author of these could include arun_tests.sh
orrun_evil.sh
and it would be executed next time you ranchezmoi apply
.Vendoring settings or configs is a pretty common pattern in dotfiles repos, and while chezmoi includes the option of using
.chezmoiexternal.toml
to include remote files, this isn't always an option.Describe the solution you'd like
It would be great if there was a way to indicate that chezmoi should ignore file prefixes below a certain subdirectory. For example a prefix
dot_vim/external_bundle/
or a sentinel filedot_vim/bundle/.chezmoiexternal
.