klen / nvim-config-local

Secure load local config files for neovim

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

nvim-config-local 2.1.0

Secure load local config files.

tests Awesome Neovim

Vim provides a feature called exrc, which allows to use config files that are local to the current working directory. However, unconditionally sourcing whatever files we might have in our current working directory can be potentially dangerous. Because of that, neovim has disabled the feature. (reenabled from version 0.9) The plugin tries to solve this issue by keeping track of file hashes and allowing only trusted files to be sourced.

Usage

When the plugin detects a new config file, it will ask what do you want to do with it:

[config-local]: Unknown config file found: ".nvim.lua"
[s]kip, (o)pen, (i)gnore, (t)rust:

You can either skip this file for now, open it to see if it doesn't contain anything malicious, iignore the file so config-local won't ask you about it again, or trust (mark it trusted) and source it right away.

To manually mark file as trusted, open the config file with :edit .nvim.lua or :ConfigEdit and save it. You will be asked to trust the current config file.

File has to be marked as trusted each time its contents or path changes.

Install

with packer:

use {
  "klen/nvim-config-local",
  config = function()
    require('config-local').setup {
      -- Default options (optional)

      -- Config file patterns to load (lua supported)
      config_files = { ".nvim.lua", ".nvimrc", ".exrc" },

      -- Where the plugin keeps files data
      hashfile = vim.fn.stdpath("data") .. "/config-local",

      autocommands_create = true, -- Create autocommands (VimEnter, DirectoryChanged)
      commands_create = true,     -- Create commands (ConfigLocalSource, ConfigLocalEdit, ConfigLocalTrust, ConfigLocalIgnore)
      silent = false,             -- Disable plugin messages (Config loaded/ignored)
      lookup_parents = false,     -- Lookup config files in parent directories
    }
  end
}

Commands

The plugin defines the commands:

  • ConfigLocalSource - Source config file from the current working directory
  • ConfigLocalEdit - Edit (create) config file for the current working directory
  • ConfigLocalTrust - Add config file for the current working directory to trusted files.
  • ConfigLocalIgnore - Add config file for the current working directory to ignore files.

Events

The plugin sends event User ConfigLocalLoaded after loading configuration. So users may bind autocmd to the event:

autocmd User ConfigLocalFinished lua my_custom_function()

About

Secure load local config files for neovim

License:MIT License


Languages

Language:Lua 97.9%Language:Makefile 2.1%