| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
7-Zip 26.01 reads the encryption password only from its controlling TTY, not stdin or a file — a piped password silently becomes an empty one — so it has to go on argv and is briefly visible in the process list. Rather than switch off the .7z format to gpg-wrapped tar, the exposure is accepted: single-user workstation, short-lived process, password already kept out of shell history by the mode-600 temp file. Documented the evaluated tradeoff in both encrypt/decrypt docstrings so it's visible at the call site.
|
| |
|
|
|
|
|
|
| |
Two commands did less, or more, than their names implied.
remove-empty-directories ran find . -type d -empty -delete from whatever the current directory happened to be, so its scope was implicit and easy to misjudge. It now prompts for a root, names that root in the confirmation, and runs find against the shell-quoted root via cj/dwim-shell--empty-dirs-command.
secure-delete ran shred without -u, so it overwrote a file's contents but left the file in place, not the deletion the name and the "permanently destroy" prompt promise. Added -u so it unlinks after overwriting.
|
| |
|
|
|
|
| |
cj/dwim-shell-commands-concatenate-videos built the ffmpeg concat list with echo '<<*>>' | tr ' ' '\n' | sed 's/^/file /'. That splits on spaces, so any video whose name contains a space produced a broken list, and a name with a quote broke the echo outright.
I extracted cj/dwim-shell--build-concat-filelist, which renders each path as an escaped file '...' line. I write that list to a temp file and run ffmpeg against the quoted listfile, with a trailing rm to clean up after the process exits. The <<*>> token stays only as an inert shell comment, since dwim-shell needs it to run one command over all marked files instead of once per file.
|
| |
|
|
|
|
|
|
| |
Several dwim-shell commands interpolated user-controlled strings straight into shell templates, so a value with spaces, quotes, or shell metacharacters could break out of the command. The worst was git-clone-clipboard-url, which dropped raw clipboard contents into "git clone <<cb>>".
I added three pure validators (git URL, ffmpeg timestamp, rename prefix) and fixed the interpolation sites. git-clone now validates the clipboard and passes the URL through shell-quote-argument instead of <<cb>>. The GPG recipient and the 7z archive name go through shell-quote-argument instead of hand-written single quotes. The thumbnail timestamp and the rename prefix are validated to a safe shape before they reach the command, so the unquoted interpolation that remains is constrained to digits, colons, and filename-safe characters.
The fifth case in the ticket, the video-concat filelist built with echo/tr/sed, is a redesign rather than a quoting fix and is filed as a follow-up.
|
| |
|
|
|
|
|
|
| |
The four password commands (PDF protect/unprotect, remove-zip-encryption, create-encrypted-zip) wrote the password to a temp file, launched an async dwim-shell command, then deleted the file in unwind-protect. Since the command is async, that delete ran the instant it launched, so qpdf or 7z could start after the password file was already gone.
I extracted cj/dwim-shell--run-with-password-file and cj/dwim-shell--password-cleanup-callback. The temp file (mode 600) is now deleted from an :on-completion callback that fires after the process exits, on both success and failure, and the synchronous unwind-protect stays only as a backstop for a throw before the async launch. All four commands now go through the one helper.
qpdf already reads the password via --password-file, so it stays out of the argv. 7z still takes it as -p"$(cat ...)", which lands on its command line. That's tracked as a separate follow-up.
|
| |
|
|
|
|
|
|
| |
- Create terminal-compat.el for arrow key escape sequences
- Fix M-uppercase keybindings (M-O → M-S-o, etc.) that conflicted
with terminal escape sequences ESC O A/B/C/D
- Add GUI-only guards for emojify and icon rendering
- 18 keybindings updated across 13 modules with override comments
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Fix dwim-shell-commands-menu keybinding in dirvish/dired
- Remove :after (dired dirvish) which prevented package loading
- Add :demand t to load package immediately at startup
- Move keybindings inside :config block after menu function definition
- M-D now works immediately in dirvish without manual trigger
- Enhance extract-audio-from-video function
- Fix :extensions parameter (was regex string, now proper list)
- Change from copy to AAC re-encoding for codec compatibility
- Add interactive bitrate selection (64k/96k/128k/192k)
- Fixes Opus codec compatibility issues with M4A containers
- Remove conflicting keybindings
- Remove music-config p binding in dirvish (was overriding path copy)
- Clean up extraneous requires/hooks from troubleshooting
- Add TODO for dwim-shell-command status dashboard [#D priority]
|
| |
|
|
|
|
| |
Update `use-package` to load `dwim-shell-command` after both `dired`
and `dirvish`, ensuring proper integration and compatibility with
the additional package.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove redundant function declarations and reorganize key binding
logic for better clarity and maintainability. Bind
`dwim-shell-commands-menu` to `dired-mode-map` directly within
`use-package`.refactor(dwim-shell-config): Remove redundant function declarations
Remove unused function declarations and move the key binding setup
to an appropriate section. Change the `use-package` directive to
load `dwim-shell-command` only after `dired` to ensure proper
initialization.
|
| |
|
|
|
|
|
|
| |
- Introduce secure password handling using temporary files for PDF and archive operations.
- Switch from `zip` to `7z` for better encryption handling.
- Add validation to user inputs for various commands to ensure positive and non-negative values where applicable.
- Reinstate `dwim-shell-commands-menu`, allowing users to select DWIM shell commands interactively, and bind it to dired mode.
- Update dependencies and installation instructions in comments.
|
| | |
|
| |
|
