diff options
| author | Jason Tibbitts <tibbs@math.uh.edu> | 2017-04-20 10:55:20 -0500 |
|---|---|---|
| committer | w0rp <w0rp@users.noreply.github.com> | 2017-04-20 16:55:20 +0100 |
| commit | c1a2d267117ee7cde612e3d66bf039458fc41ce4 (patch) | |
| tree | 4f9599eaa3effa715cc64a1f7fb5d14d0231c29d | |
| parent | 925f24707f9a3a967e46d631cb6cdb9c44f37dc5 (diff) | |
| download | ale-c1a2d267117ee7cde612e3d66bf039458fc41ce4.zip | |
Disable rpmlint by default (#492)
* Disable rpmlint by default as it is not safe.
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | autoload/ale/linter.vim | 2 | ||||
| -rw-r--r-- | doc/ale-spec.txt | 17 |
3 files changed, 18 insertions, 3 deletions
@@ -95,7 +95,7 @@ name. That seems to be the fairest way to arrange this table. | Puppet | [puppet](https://puppet.com), [puppet-lint](https://puppet-lint.com) | | Python | [flake8](http://flake8.pycqa.org/en/latest/), [mypy](http://mypy-lang.org/), [pylint](https://www.pylint.org/) | | reStructuredText | [proselint](http://proselint.com/)| -| RPM spec | [rpmlint](https://github.com/rpm-software-management/rpmlint) | +| RPM spec | [rpmlint](https://github.com/rpm-software-management/rpmlint) (disabled by default; see `:help ale-integration-spec`) | | Ruby | [reek](https://github.com/troessner/reek), [rubocop](https://github.com/bbatsov/rubocop), [ruby](https://www.ruby-lang.org) | | Rust | [rustc](https://www.rust-lang.org/), cargo (see `:help ale-integration-rust` for configuration instructions) | | SASS | [sass-lint](https://www.npmjs.com/package/sass-lint), [stylelint](https://github.com/stylelint/stylelint) | diff --git a/autoload/ale/linter.vim b/autoload/ale/linter.vim index dc42c52a..8a332491 100644 --- a/autoload/ale/linter.vim +++ b/autoload/ale/linter.vim @@ -20,11 +20,13 @@ let s:default_ale_linter_aliases = { " No linters are used for plaintext files by default. " " Only cargo is enabled for Rust by default. +" rpmlint is disabled by default because it can result in code execution. let s:default_ale_linters = { \ 'csh': ['shell'], \ 'go': ['go build', 'gofmt', 'golint', 'gosimple', 'go vet', 'staticcheck'], \ 'help': [], \ 'rust': ['cargo'], +\ 'spec': [], \ 'text': [], \ 'zsh': ['shell'], \} diff --git a/doc/ale-spec.txt b/doc/ale-spec.txt index fc6be562..64c56a5f 100644 --- a/doc/ale-spec.txt +++ b/doc/ale-spec.txt @@ -1,11 +1,24 @@ =============================================================================== ALE RPM Spec Integration *ale-spec-options* + *ale-integration-spec* +------------------------------------------------------------------------------- +Integration Information + + The rpmlint linter is disabled by default, because running rpmlint can + result in the execution of code embedded in the spec file and rpmlint makes + no distinction between checks which are safe to run on untrusted files and + those which are not. + + Currently linters must be enabled globally. The rpmlint linter can be + enabled with: + + let g:ale_linters = {'spec': ['rpmlint']} ------------------------------------------------------------------------------- rpmlint *ale-spec-rpmlint* -g:ale_spec_rpmlint_executable *g:ale_spec_rpmlint_executable* +g:ale_spec_rpmlint_executable *g:ale_spec_rpmlint_executable* Type: |String| Default: `'rpmlint'` @@ -13,7 +26,7 @@ g:ale_spec_rpmlint_executable *g:ale_spec_rpmlint_executable* This variable sets executable used for rpmlint. -g:ale_spec_rpmlint_options *g:ale_spec_rpmlint_options* +g:ale_spec_rpmlint_options *g:ale_spec_rpmlint_options* Type: |String| Default: `''` |