Merge ff2e2187e1 into 9df4ea095f

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.0 to 2.14.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](20cf305ff2...e3f713f2d8)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/dependencies.yml

@@ -13,7 +13,7 @@ jobs:
       contents: write # this is needed to push commits and branches
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 

.github/workflows/installer.yml

@@ -26,7 +26,7 @@ jobs:
           - macos-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
@@ -47,7 +47,7 @@ jobs:
       - test
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 

.github/workflows/main.yml

@@ -24,7 +24,7 @@ jobs:
     if: github.repository == 'ohmyzsh/ohmyzsh'
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 

.github/workflows/project.yml

@@ -17,7 +17,7 @@ jobs:
     if: github.repository == 'ohmyzsh/ohmyzsh'
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
       - name: Authenticate as @ohmyzsh

.github/workflows/scorecard.yml

@@ -36,7 +36,7 @@ jobs:
 
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
@@ -60,6 +60,6 @@ jobs:
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11
+        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
         with:
           sarif_file: results.sarif

plugins/x-cmd/README.md

@@ -0,0 +1,33 @@
+# X-CMD
+
+To start using it, add the `x-cmd` plugin to your `plugins` array in `~/.zshrc`:
+
+```zsh
+plugins=(... x-cmd)
+```
+
+## Functions
+
+### `x`
+
+```zsh
+x yq                # Using yq command to interract with YML. If yq is not avaiable in the machine. X-CMD will download and directly execute the binary on demand without installation. X-CMD try to avoid influence the environment and folder and always find the solution with least impact.
+
+x fjo               # Posix shell CLI to interactve with forgejo.
+x cb                # Posix shell CLI to interactve with codeberg.
+
+x nihao             # For more information about using gpt, gemini, etc in terminal.
+```
+
+### `m`
+
+m for `machine`.
+
+In mac, it is [`x mac`](https://x-cmd.com/mod/mac).
+In termux, it is [`x termux`](https://x-cmd.com/mod/termux).
+
+```bash
+m ss                        # Info about systemsetup
+m app                       # List application status
+m proxy enable 8090         # Set
+```

plugins/x-cmd/x-cmd.plugin.zsh

@@ -0,0 +1,36 @@
+
+x(){(
+    @info(){
+        printf "%s\n" "$@"
+    }
+
+    if [ -e "$HOME/.x-cmd.root/X" ]; then
+        . "$HOME/.x-cmd.root/X"
+        ___x_cmd "$@"
+        return $?
+    fi
+    
+    local cmdstr=""
+    if command -v curl >/dev/null 2>&1; then
+        cmdstr='eval "$(curl -s https://get.x-cmd.com)"'
+    elif command -v wget >/dev/null 2>&1; then
+        cmdstr='eval "$(wget -O- https://get.x-cmd.com)"'
+    fi
+
+    @info "X-CMD is not installed. Do you want to install x-cmd ?"
+    @info "Command using is -> $cmdstr" 
+        
+    local answer=""
+    read -q "answer?Please press y for yes. Ctrl-C will also abort the setup. " 
+    case "$answer" in
+        y|Y|yes)      
+            echo "Setup is going now."
+            eval "$cmdstr"
+            return 0
+            ;;
+        *)
+           echo ""
+            ;;
+    esac
+)}
+