Security: disable the swift/xcrun checker by default.

The checker executes the code in your files. This is probably fine if
you wrote the files yourself, but it can be a problem if you're trying
to check third party files. If you are 100% willing to let Vim run the
code in your files, set g:syntastic_enable_swift_xcrun_checker to 1 in
your vimrc.

Reference:

https://github.com/scrooloose/syntastic/issues/1326
This commit is contained in:
LCD 47 2015-02-17 10:02:36 +02:00
parent 372daff1a8
commit 4782184020
2 changed files with 6 additions and 1 deletions

View File

@ -19,7 +19,7 @@ if has('reltime')
lockvar! g:_SYNTASTIC_START
endif
let g:_SYNTASTIC_VERSION = '3.6.0-26'
let g:_SYNTASTIC_VERSION = '3.6.0-27'
lockvar g:_SYNTASTIC_VERSION
" Sanity checks {{{1

View File

@ -18,6 +18,11 @@ let s:save_cpo = &cpo
set cpo&vim
function! SyntaxCheckers_swift_xcrun_GetLocList() dict
if !exists('g:syntastic_enable_swift_xcrun_checker') || !g:syntastic_enable_swift_xcrun_checker
call syntastic#log#error('checker swift/xcrun: checks disabled for security reasons; ' .
\ 'set g:syntastic_enable_swift_xcrun_checker to 1 to override')
return []
endif
let makeprg = self.makeprgBuild({ 'args_after': 'swift' })