GNU bug report logs - #61901
30.0.50; [PATCH] Add permanently-enabled-local-variable-dirs variable.

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: emacs; Reported by: Antero Mejr <antero@HIDDEN>; Keywords: patch; dated Wed, 1 Mar 2023 22:32:02 UTC; Maintainer for emacs is bug-gnu-emacs@HIDDEN.

Message received at 61901 <at> debbugs.gnu.org:


Received: (at 61901) by debbugs.gnu.org; 2 Mar 2023 06:57:13 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Mar 02 01:57:13 2023
Received: from localhost ([127.0.0.1]:55640 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1pXcsL-0001Zj-1o
	for submit <at> debbugs.gnu.org; Thu, 02 Mar 2023 01:57:13 -0500
Received: from eggs.gnu.org ([209.51.188.92]:56196)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@HIDDEN>) id 1pXcsJ-0001ZX-QP
 for 61901 <at> debbugs.gnu.org; Thu, 02 Mar 2023 01:57:12 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@HIDDEN>)
 id 1pXcsE-0000qn-2n; Thu, 02 Mar 2023 01:57:06 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date:
 mime-version; bh=iE9iae6A3Vz4EqqD2pb8vg7Bs7iMO4mc4QK9gaec19U=; b=PH+Wq5VRO8DK
 zBZStwNUpd8xau8ShkhDi/bk0rMSG4toqH+ALDPVFXWP1lr8v3nfl9LuuOVfrAr6F5wQ3JdngitD0
 7D5SerK0kMOut5kCN/H8XvL6DU3WzxJy2UYWt5Bkp14WQLDqL9frpHdzxNMX482ZsdzG0BIUBpzS3
 T4rnzgRCIEoxNfc4uPmf9JHTyN+PfH/jH6SWseLYjy12oEWdwVRoJ9LvD1VwYZLC6wTsVYSNmKryP
 FMyMia3A6OCblQzM5KezwOtQDHFm/hhS0Y3OrSFv+l5zoy6N/ACGFJnU7pBxLhcCXYmbVKj3gSjgO
 KaIG9N55ksW6U7RQRrNwJA==;
Received: from [87.69.77.57] (helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <eliz@HIDDEN>)
 id 1pXcsD-00047E-JE; Thu, 02 Mar 2023 01:57:05 -0500
Date: Thu, 02 Mar 2023 08:57:21 +0200
Message-Id: <83wn3zej3i.fsf@HIDDEN>
From: Eli Zaretskii <eliz@HIDDEN>
To: Antero Mejr <antero@HIDDEN>
In-Reply-To: <87sfeoksuk.fsf@HIDDEN> (bug-gnu-emacs@HIDDEN)
Subject: Re: bug#61901: 30.0.50;
 [PATCH] Add permanently-enabled-local-variable-dirs variable.
References: <87sfeoksuk.fsf@HIDDEN>
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 61901
Cc: 61901 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

> Date: Wed, 01 Mar 2023 22:20:33 +0000
> From:  Antero Mejr via "Bug reports for GNU Emacs,
>  the Swiss army knife of text editors" <bug-gnu-emacs@HIDDEN>
> 
> This patch allows users to trust directories to load dir-local variables
> from, so they don't have to do something lile this:
> (defun risky-local-variable-p (sym &optional _ignored) nil)
> as suggested here:
> https://emacs.stackexchange.com/questions/10983/remember-permission-to-execute-risky-local-variables
> 
> It also works over TRAMP if enable-remote-dir-locals is true.

Thanks, IMO this is a very useful feature.

> --- a/doc/lispref/variables.texi
> +++ b/doc/lispref/variables.texi
> @@ -1974,6 +1974,12 @@ File Local Variables
>  symbols.
>  @end defvar
>  
> +@defvar permanently-enabled-local-variable-dirs
> +This is a list of trusted directories that contain local variables.
> +Local variables in these directories will always be enabled, regardless
> +of whether they are risky.
> +@end defvar

This should explicitly allude to the '.dir-locals.el' files in those
directories, since otherwise talking about "directories that contain
variables" could be confusing.

I also suggest to rename the variable to something like
'permanently-safe-local-variable-directories', or maybe just
'safe-local-variable-directories' which IMO should express the purpose
better.

> -Also see the `permanently-enabled-local-variables' variable."
> +Also see the `permanently-enabled-local-variables' and
> +'permanently-enabled-local-variable-dirs' variables."
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We quote `like this' in doc strings, to produce links in the *Help*
buffers.

> +(defcustom permanently-enabled-local-variable-dirs '()
> +  "A list of directories that contain local variables that are always
> +enabled, regardless of whether they are risky."

The first line of a doc string should be a single complete sentence.
(This is because the various apropos commands show only the first line
of the doc string.)

> @@ -3730,7 +3739,9 @@ hack-local-variables-confirm
>  !  -- to apply the local variables list, and permanently mark these
>        values (*) as safe (in the future, they will be set automatically.)
>  i  -- to ignore the local variables list, and permanently mark these
> -      values (*) as ignored\n\n")
> +      values (*) as ignored
> ++  -- to apply the local variables list, and permanently trust "
> +                    name "\n\n")

"permanently trust name" sounds confusing (what is "name"?).  How
about this variant:

  +  -- to apply the local variables list, and permanently trust
        all directory-local variables in this directory

> @@ -3762,8 +3773,13 @@ hack-local-variables-confirm
>  	       char)
>  	  (when offer-save
>              (push ?i exit-chars)
> -            (push ?! exit-chars))
> +            (push ?! exit-chars)
> +            (push ?+ exit-chars))
>  	  (setq char (read-char-choice prompt exit-chars))
> +          (when (and offer-save (= char ?+))
> +            (customize-push-and-save
> +             'permanently-enabled-local-variable-dirs
> +             (list dir-name)))

Bother: AFAIU here we modify the user's custom file without asking for
an explicit permission.  Should we ask for permission?

Last, but not least: this change is larger than what we can accept
without you assigning to FSF the copyright for your changes, and I
don't see any copyright assignment in your name on file.  Would you be
willing to do the legal paperwork for such an assignment?  If yes, I
will send you the form to start the paperwork rolling; when it is
completed, we can install your changes.

Thanks.




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#61901; Package emacs. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 1 Mar 2023 22:31:03 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 01 17:31:03 2023
Received: from localhost ([127.0.0.1]:55211 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1pXUyU-0002rI-CO
	for submit <at> debbugs.gnu.org; Wed, 01 Mar 2023 17:31:02 -0500
Received: from lists.gnu.org ([209.51.188.17]:36388)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <antero@HIDDEN>) id 1pXUyS-0002r3-Ci
 for submit <at> debbugs.gnu.org; Wed, 01 Mar 2023 17:31:01 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <antero@HIDDEN>)
 id 1pXUyS-0005XM-6I
 for bug-gnu-emacs@HIDDEN; Wed, 01 Mar 2023 17:31:00 -0500
Received: from mout-p-101.mailbox.org ([80.241.56.151])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
 (Exim 4.90_1) (envelope-from <antero@HIDDEN>)
 id 1pXUyP-00053u-PB
 for bug-gnu-emacs@HIDDEN; Wed, 01 Mar 2023 17:30:59 -0500
Received: from smtp202.mailbox.org (smtp202.mailbox.org [10.196.197.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest
 SHA256) (No client certificate requested)
 by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4PRppS4XlDz9sSS
 for <bug-gnu-emacs@HIDDEN>; Wed,  1 Mar 2023 23:30:24 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mailbox.org;
 s=mail20150812; t=1677709824;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type;
 bh=K9lD2zACD9/PmXIuMYcRDKjp/UzoQ9ullRVNcrRxaBk=;
 b=KJ6xHaHX3BWKFNkaQXocKluzJxhg4OEz+KdbxBAR3yLU6wKVJgzr44ds3GCDHLS/3MtFFx
 DM0UPhv9uib1JvLfKIxwxlxv/vEIrqXSY1rXMS3ekZzLSTIckhN4c+nupgPRTIwIB2S0G5
 fA/86g6audaSpT5Jyc4hSYV86Q190hEmx5nALAqTWfBC5yPQhSn5sMctnZBUYlVaXojVv3
 GEA1M+5kVUR/lvTkXncE+hzAV2Ek8oPE2wV8YQDkJ2GmgLpZin5vPgyaOhDMLMfCgPg+E6
 2+OLQT1eCr8DfagARXGEmzGNMXJ5yCJETrWmRVNvAi9n2rOQ53m7gzY3r9SHIA==
From: Antero Mejr <antero@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: 30.0.50; [PATCH] Add permanently-enabled-local-variable-dirs variable.
Date: Wed, 01 Mar 2023 22:20:33 +0000
Message-ID: <87sfeoksuk.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-MBO-RS-META: hrggins9umdge4xsoz6jg36j9y6ogmcj
X-MBO-RS-ID: 1c79a36e36ecc3d0473
Received-SPF: pass client-ip=80.241.56.151; envelope-from=antero@HIDDEN;
 helo=mout-p-101.mailbox.org
X-Spam_score_int: -23
X-Spam_score: -2.4
X-Spam_bar: --
X-Spam_report: (-2.4 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1,
 DKIM_SIGNED=0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

--=-=-=
Content-Type: text/plain


This patch allows users to trust directories to load dir-local variables
from, so they don't have to do something lile this:
(defun risky-local-variable-p (sym &optional _ignored) nil)
as suggested here:
https://emacs.stackexchange.com/questions/10983/remember-permission-to-execute-risky-local-variables

It also works over TRAMP if enable-remote-dir-locals is true.


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
 filename=0001-Add-permanently-enabled-local-variable-dirs-variable.patch

From 93494f5beb4b51d989ea87755c077379458ffb04 Mon Sep 17 00:00:00 2001
From: Antero Mejr <antero@HIDDEN>
Date: Wed, 1 Mar 2023 21:59:57 +0000
Subject: [PATCH] Add permanently-enabled-local-variable-dirs variable.

This variable can be set to automatically load risky dir-local variables from
a list of trusted directories.

* lisp/emacs-lisp/files.el (permanently-enabled-local-variable-dirs,
hack-local-variables-filter, hack-local-variables-confirm): New variable and
associated logic.
* test/lisp/files-tests.el
(files-tests-permanently-enabled-local-variable-dirs): Add tests for same.
* doc/lispref/variables.texi (File Local Variables): Add documentation for
same.
* etc/NEWS (Lisp Changes in Emacs 30.1): Add news entry for same.
---
 doc/lispref/variables.texi |  6 ++++++
 etc/NEWS                   |  5 +++++
 lisp/files.el              | 27 ++++++++++++++++++++++-----
 test/lisp/files-tests.el   | 22 ++++++++++++++++++++++
 4 files changed, 55 insertions(+), 5 deletions(-)

diff --git a/doc/lispref/variables.texi b/doc/lispref/variables.texi
index 5584cbce9a6..47cfb824dcb 100644
--- a/doc/lispref/variables.texi
+++ b/doc/lispref/variables.texi
@@ -1974,6 +1974,12 @@ File Local Variables
 symbols.
 @end defvar
 
+@defvar permanently-enabled-local-variable-dirs
+This is a list of trusted directories that contain local variables.
+Local variables in these directories will always be enabled, regardless
+of whether they are risky.
+@end defvar
+
 @defun hack-local-variables &optional handle-mode
 This function parses, and binds or evaluates as appropriate, any local
 variables specified by the contents of the current buffer.  The variable
diff --git a/etc/NEWS b/etc/NEWS
index 31fb22fc1e2..cc5198a903b 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -238,6 +238,11 @@ hooks named after the feature name, like 'esh-mode-unload-hook'.
 
 * Lisp Changes in Emacs 30.1
 
++++
+** New variable 'permanently-enabled-local-variable-dirs'.
+This variable is used to to permanently trust directories containing
+risky directory-local variables.
+
 ** Functions and variables to transpose sexps
 
 +++
diff --git a/lisp/files.el b/lisp/files.el
index 387a3b5dc66..bde126375ae 100644
--- a/lisp/files.el
+++ b/lisp/files.el
@@ -681,7 +681,8 @@ enable-local-variables
 always obeys file local variable specifications and the -*- line,
 and ignores this variable.
 
-Also see the `permanently-enabled-local-variables' variable."
+Also see the `permanently-enabled-local-variables' and
+'permanently-enabled-local-variable-dirs' variables."
   :risky t
   :type '(choice (const :tag "Query Unsafe" t)
 		 (const :tag "Safe Only" :safe)
@@ -3692,6 +3693,14 @@ permanently-enabled-local-variables
   "A list of file-local variables that are always enabled.
 This overrides any `enable-local-variables' setting.")
 
+(defcustom permanently-enabled-local-variable-dirs '()
+  "A list of directories that contain local variables that are always
+enabled, regardless of whether they are risky."
+  :version "30.1"
+  :type '(repeat string)
+  :risky t
+  :group 'find-file)
+
 (defun hack-local-variables-confirm (all-vars unsafe-vars risky-vars dir-name)
   "Get confirmation before setting up local variable values.
 ALL-VARS is the list of all variables to be set up.
@@ -3730,7 +3739,9 @@ hack-local-variables-confirm
 !  -- to apply the local variables list, and permanently mark these
       values (*) as safe (in the future, they will be set automatically.)
 i  -- to ignore the local variables list, and permanently mark these
-      values (*) as ignored\n\n")
+      values (*) as ignored
++  -- to apply the local variables list, and permanently trust "
+                    name "\n\n")
 	  (insert "\n\n"))
 	(dolist (elt all-vars)
 	  (cond ((member elt unsafe-vars)
@@ -3754,7 +3765,7 @@ hack-local-variables-confirm
 	(pop-to-buffer buf '(display-buffer--maybe-at-bottom))
 	(let* ((exit-chars '(?y ?n ?\s))
 	       (prompt (format "Please type %s%s: "
-			       (if offer-save "y, n, ! or i" "y or n")
+			       (if offer-save "y, n, !, i, or +" "y or n")
 			       (if (< (line-number-at-pos (point-max))
 				      (window-body-height))
 				   ""
@@ -3762,8 +3773,13 @@ hack-local-variables-confirm
 	       char)
 	  (when offer-save
             (push ?i exit-chars)
-            (push ?! exit-chars))
+            (push ?! exit-chars)
+            (push ?+ exit-chars))
 	  (setq char (read-char-choice prompt exit-chars))
+          (when (and offer-save (= char ?+))
+            (customize-push-and-save
+             'permanently-enabled-local-variable-dirs
+             (list dir-name)))
 	  (when (and offer-save
                      (or (= char ?!) (= char ?i))
                      unsafe-vars)
@@ -3772,7 +3788,7 @@ hack-local-variables-confirm
                  'safe-local-variable-values
                'ignored-local-variable-values)
              unsafe-vars))
-	  (prog1 (memq char '(?! ?\s ?y))
+	  (prog1 (memq char '(?! ?\s ?y ?+))
 	    (quit-window t)))))))
 
 (defconst hack-local-variable-regexp
@@ -3904,6 +3920,7 @@ hack-local-variables-filter
 		  (null unsafe-vars)
 		  (null risky-vars))
 	     (memq enable-local-variables '(:all :safe))
+             (member dir-name permanently-enabled-local-variable-dirs)
 	     (hack-local-variables-confirm all-vars unsafe-vars
 					   risky-vars dir-name))
 	 (dolist (elt all-vars)
diff --git a/test/lisp/files-tests.el b/test/lisp/files-tests.el
index aadb60e1de7..95eaf9a6bd0 100644
--- a/test/lisp/files-tests.el
+++ b/test/lisp/files-tests.el
@@ -166,6 +166,28 @@ files-tests-permanent-local-variables
       (hack-local-variables)
       (should (eq lexical-binding nil)))))
 
+(ert-deftest files-tests-permanently-enabled-local-variable-dirs ()
+  ;; permanently-enabled-local-variable-dirs should be risky,
+  ;; so use it as an arbitrary risky variable.
+  (let ((test-alist '((permanently-enabled-local-variable-dirs
+                       . "some_val")))
+        (fakedir "test1/test2")
+        (enable-local-eval t))
+    (with-temp-buffer
+      (setq permanently-enabled-local-variable-dirs (list fakedir))
+      (hack-local-variables-filter test-alist fakedir)
+      (should (equal file-local-variables-alist test-alist)))
+    (with-temp-buffer
+      (setq permanently-enabled-local-variable-dirs (list fakedir))
+      (setq noninteractive t)
+      (hack-local-variables-filter test-alist "wrong")
+      (should-not (equal file-local-variables-alist test-alist)))
+    (with-temp-buffer
+      (setq permanently-enabled-local-variable-dirs '())
+      (setq noninteractive t)
+      (hack-local-variables-filter test-alist fakedir)
+      (should-not (equal file-local-variables-alist test-alist)))))
+
 (defvar files-test-bug-18141-file
   (ert-resource-file "files-bug18141.el.gz")
   "Test file for bug#18141.")
-- 
2.38.1


--=-=-=--




Acknowledgement sent to Antero Mejr <antero@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs@HIDDEN. Full text available.
Report forwarded to bug-gnu-emacs@HIDDEN:
bug#61901; Package emacs. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Thu, 2 Mar 2023 07:00:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.