diff options
| -rw-r--r-- | NEWS.org | 4 | ||||
| -rw-r--r-- | compat-30.el | 8 | ||||
| -rw-r--r-- | compat-tests.el | 10 | ||||
| -rw-r--r-- | compat.texi | 4 |
4 files changed, 15 insertions, 11 deletions
@@ -2,6 +2,10 @@ #+link: compat-gh https://github.com/emacs-compat/compat/issues/ #+options: toc:nil num:nil author:nil +* Development + +- compat-30: Rename =trusted-files= to =trusted-content=. + * Release of "Compat" Version 30.0.1.0 - compat-30: New variable =untrusted-content=. diff --git a/compat-30.el b/compat-30.el index 02ef426..33305e3 100644 --- a/compat-30.el +++ b/compat-30.el @@ -59,7 +59,7 @@ See also `find-buffer-visiting'." ;;;; Defined in files.el -(compat-defvar trusted-files nil ;; <compat-tests:trusted-files> +(compat-defvar trusted-content nil ;; <compat-tests:trusted-content> "List of files and directories whose content we trust. Be extra careful here since trusting means that Emacs might execute the code contained within those files and directories without an explicit @@ -79,7 +79,7 @@ all files, which opens a gaping security hole." (compat-defun trusted-content-p () ;; <compat-tests:trusted-content-p> "Return non-nil if we trust the contents of the current buffer. Here, \"trust\" means that we are willing to run code found inside of it. -See also `trusted-files'." +See also `trusted-content'." ;; We compare with `buffer-file-truename' i.s.o `buffer-file-name' ;; to try and avoid marking as trusted a file that's merely accessed ;; via a symlink that happens to be inside a trusted dir. @@ -88,14 +88,14 @@ See also `trusted-files'." (with-demoted-errors "trusted-content-p: %S" (let ((exists (file-exists-p buffer-file-truename))) (or - (eq trusted-files :all) + (eq trusted-content :all) ;; We can't avoid trusting the user's init file. (if (and exists user-init-file) (file-equal-p buffer-file-truename user-init-file) (equal buffer-file-truename user-init-file)) (let ((file (abbreviate-file-name buffer-file-truename)) (trusted nil)) - (dolist (tf trusted-files) + (dolist (tf trusted-content) (when (or (if exists (file-equal-p tf file) (equal tf file)) ;; We don't use `file-in-directory-p' here, because ;; we want to err on the conservative side: "guilty diff --git a/compat-tests.el b/compat-tests.el index b8ae0c1..0aa4e8f 100644 --- a/compat-tests.el +++ b/compat-tests.el @@ -3235,11 +3235,11 @@ (ert-deftest compat-untrusted-content () (should (local-variable-if-set-p 'untrusted-content))) -(ert-deftest compat-trusted-files () +(ert-deftest compat-trusted-content () (static-if (< emacs-major-version 30) ;; TODO reenable on Emacs 30 (progn - (should (boundp 'trusted-files)) - (should (risky-local-variable-p 'trusted-files))))) + (should (boundp 'trusted-content)) + (should (risky-local-variable-p 'trusted-content))))) (ert-deftest compat-trusted-content-p () (static-if (< emacs-major-version 30) ;; TODO reenable on Emacs 30 @@ -3251,11 +3251,11 @@ (let ((buffer-file-truename (expand-file-name "compat-tests.el"))) (should-not (trusted-content-p))) (let ((buffer-file-truename (expand-file-name "compat-tests.el")) - (trusted-files '("compat-tests.el"))) + (trusted-content '("compat-tests.el"))) (should (trusted-content-p))) (let ((untrusted-content t) (buffer-file-truename (expand-file-name "compat-tests.el")) - (trusted-files '("compat-tests.el"))) + (trusted-content '("compat-tests.el"))) (should-not (trusted-content-p)))))) (provide 'compat-tests) diff --git a/compat.texi b/compat.texi index e129a54..d4fef16 100644 --- a/compat.texi +++ b/compat.texi @@ -3333,7 +3333,7 @@ older than 30.1. Note that due to upstream changes, it might happen that there will be the need for changes, so use these functions with care. -@defvar trusted-files +@defvar trusted-content List of files and directories whose content we trust. Be extra careful here since trusting means that Emacs might execute the code contained within those files and directories without an explicit request by the @@ -3352,7 +3352,7 @@ files, which opens a gaping security hole. @defun trusted-content-p Return non-nil if we trust the contents of the current buffer. Here, "trust" means that we are willing to run code found inside of it. See -also @code{trusted-files}. +also @code{trusted-content}. @end defun @c copied from lispref/nonascii.texi |