redhat/ohmyzsh
1
0
Fork 0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2026-06-16 11:36:16 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
358568dd32
ohmyzsh/SECURITY.md
Codebuff Contributor 358568dd32 fix(per-directory-history): save to both history files and only push stack in directory mode 
The addhistory hook previously had two bugs when inc_append_history
or share_history was not set:

1. Commands were only saved to one history file (HISTFILE or per-dir)
   depending on when fc -AI was called, resulting in lost history.

2. fc -p was called unconditionally after every command, corrupting
   the zsh history stack even in global mode. This caused the per-dir
   hook to push a new history frame on every command, breaking the
   global history state.

Fix: always write both history files via fc -AI before any mode
check, and only call fc -p (to push into per-directory history)
when actually in directory mode.

Signed-off-by: god032396-del <god032396@gmail.com>
2026-06-13 02:21:31 +00:00

955 B
Raw Blame History

Security Policy

Supported Versions

At the moment Oh My Zsh only considers the very latest commit to be supported. We combine that with our fast response to incidents and the automated updates to minimize the time between vulnerability publication and patch release.

Version Supported
master
other commits

In the near future we will introduce versioning, so expect this section to change.

Reporting a Vulnerability

Do not submit an issue or pull request: this might reveal the vulnerability.

Instead, you should use the form to privately report a vulnerability to us via GitHub or email the maintainers directly at: security@ohmyz.sh.

We will deal with the vulnerability privately and submit a patch as soon as possible.