Merge 758ec0b826 into 9df4ea095f

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.0 to 2.14.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](20cf305ff2...e3f713f2d8)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/dependencies.yml

@@ -13,12 +13,12 @@ jobs:
       contents: write # this is needed to push commits and branches
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
       - name: Authenticate as @ohmyzsh
@@ -28,7 +28,7 @@ jobs:
           app-id: ${{ secrets.OHMYZSH_APP_ID }}
           private-key: ${{ secrets.OHMYZSH_APP_PRIVATE_KEY }}
       - name: Setup Python
-        uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: "3.12"
           cache: "pip"

.github/workflows/installer.yml

@@ -26,12 +26,12 @@ jobs:
           - macos-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Set up git repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install zsh
         if: runner.os == 'Linux'
         run: sudo apt-get update; sudo apt-get install zsh
@@ -47,12 +47,12 @@ jobs:
       - test
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install Vercel CLI
         run: npm install -g vercel
       - name: Setup project and deploy

.github/workflows/main.yml

@@ -24,12 +24,12 @@ jobs:
     if: github.repository == 'ohmyzsh/ohmyzsh'
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Set up git repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install zsh
         run: sudo apt-get update; sudo apt-get install zsh
       - name: Check syntax

.github/workflows/project.yml

@@ -17,7 +17,7 @@ jobs:
     if: github.repository == 'ohmyzsh/ohmyzsh'
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
       - name: Authenticate as @ohmyzsh

.github/workflows/scorecard.yml

@@ -36,12 +36,12 @@ jobs:
 
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -60,6 +60,6 @@ jobs:
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
+        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
         with:
           sarif_file: results.sarif

plugins/pnpm/README.md

@@ -0,0 +1,48 @@
+# pnpm plugin
+
+The pnpm plugin provides completion as well as adding many useful aliases.
+
+To use it, add pnpm to the plugins array of your zshrc file:
+
+```zsh
+plugins=(... pnpm)
+```
+
+## Aliases
+
+| Alias    | Command                      | Description                                                     |
+| :------- | :--------------------------- | :-------------------------------------------------------------- |
+| `pnpmg`  | `pnpm add -g`                | Install dependencies globally                                   |
+| `pnpmS`  | `pnpm add -S`                | Install and save to dependencies in your package.json           |
+| `pnpmD`  | `pnpm add -D`                | Install and save to dev-dependencies in your package.json       |
+| `pnpmF`  | `pnpm add -f`                | Force install from remote registries ignoring local cache       |
+| `pnpmE`  | `PATH="$(pnpm bin)":"$PATH"` | Run command from node_modules folder based on current directory |
+| `pnpmO`  | `pnpm outdated`              | Check which pnpm modules are outdated                           |
+| `pnpmU`  | `pnpm update`                | Update all the packages listed to the latest version            |
+| `pnpmV`  | `pnpm -v`                    | Check package versions                                          |
+| `pnpmL`  | `pnpm list`                  | List installed packages                                         |
+| `pnpmL0` | `pnpm ls --depth=0`          | List top-level installed packages                               |
+| `pnpmst` | `pnpm start`                 | Run pnpm start                                                  |
+| `pnpmt`  | `pnpm test`                  | Run pnpm test                                                   |
+| `pnpmR`  | `pnpm run`                   | Run pnpm scripts                                                |
+| `pnpmP`  | `pnpm publish`               | Run pnpm publish                                                |
+| `pnpmI`  | `pnpm init`                  | Run pnpm init                                                   |
+| `pnpmi`  | `pnpm info`                  | Run pnpm info                                                   |
+| `pnpmSe` | `pnpm search`                | Run pnpm search                                                 |
+| `pnpmrd` | `pnpm run dev`               | Run pnpm run dev                                                |
+| `pnpmrb` | `pnpm run build`             | Run pnpm run build                                              |
+
+## `pnpm install` / `pnpm uninstall` toggle
+
+The plugin adds a function that toggles between `pnpm install` and `pnpm uninstall` in the current command or
+the last command, for up to 2 previous commands. **The default key binding is pressing <kbd>F2</kbd> twice**.
+
+You can change this key binding by adding the following line to your zshrc file:
+
+```zsh
+bindkey -M emacs '<seq>' pnpm_toggle_install_uninstall
+bindkey -M vicmd '<seq>' pnpm_toggle_install_uninstall
+bindkey -M viins '<seq>' pnpm_toggle_install_uninstall
+```
+
+where `<seq>` is a key sequence obtained by running `cat` and pressing the keyboard sequence you want.

plugins/pnpm/pnpm.plugin.zsh

@@ -0,0 +1,123 @@
+(( $+commands[pnpm] )) && {
+  command rm -f "${ZSH_CACHE_DIR:-$ZSH/cache}/pnpm_completion"
+
+  _pnpm_completion() {
+    local si=$IFS
+    compadd -- $(COMP_CWORD=$((CURRENT-1)) \
+                 COMP_LINE=$BUFFER \
+                 COMP_POINT=0 \
+                 pnpm completion -- "${words[@]}" \
+                 2>/dev/null)
+    IFS=$si
+  }
+  compdef _pnpm_completion pnpm
+}
+
+# Install dependencies globally
+alias pnpmg="pnpm add -g "
+
+# pnpm package names are lowercase
+# Thus, we've used camelCase for the following aliases:
+
+# Install and save to dependencies in your package.json
+alias pnpmS="pnpm add -S "
+
+# Install and save to dev-dependencies in your package.json
+alias pnpmD="pnpm add -D "
+
+# Force pnpm to fetch remote resources even if a local copy exists on disk.
+alias pnpmF='pnpm add -f'
+
+# Execute command from node_modules folder based on current directory
+# i.e pnpmE gulp
+alias pnpmE='PATH="$(pnpm bin)":"$PATH"'
+
+# Check which pnpm modules are outdated
+alias pnpmO="pnpm outdated"
+
+# Update all the packages listed to the latest version
+alias pnpmU="pnpm update"
+
+# Check package versions
+alias pnpmV="pnpm -v"
+
+# List packages
+alias pnpmL="pnpm list"
+
+# List top-level installed packages
+alias pnpmL0="pnpm ls --depth=0"
+
+# Run pnpm start
+alias pnpmst="pnpm start"
+
+# Run pnpm test
+alias pnpmt="pnpm test"
+
+# Run pnpm scripts
+alias pnpmR="pnpm run"
+
+# Run pnpm publish
+alias pnpmP="pnpm publish"
+
+# Run pnpm init
+alias pnpmI="pnpm init"
+
+# Run pnpm info
+alias pnpmi="pnpm info"
+
+# Run pnpm search
+alias pnpmSe="pnpm search"
+
+# Run pnpm run dev
+alias pnpmrd="pnpm run dev"
+
+# Run pnpm run build
+alias pnpmrb="pnpm run build"
+
+pnpm_toggle_install_uninstall() {
+  # Look up to the previous 2 history commands
+  local line
+  for line in "$BUFFER" \
+    "${history[$((HISTCMD-1))]}" \
+    "${history[$((HISTCMD-2))]}"
+  do
+    case "$line" in
+      "pnpm uninstall"*)
+        BUFFER="${line/pnpm uninstall/pnpm install}"
+        (( CURSOR = CURSOR + 2 )) # uninstall -> install: 2 chars removed
+        ;;
+      "pnpm install"*)
+        BUFFER="${line/pnpm install/pnpm uninstall}"
+        (( CURSOR = CURSOR + 2 )) # install -> uninstall: 2 chars added
+        ;;
+      "pnpm remove"*)
+        BUFFER="${line/pnpm remove/pnpm add}"
+        (( CURSOR = CURSOR + 5 )) # remove -> add: 5 chars removed
+        ;;
+      "pnpm add"*)
+        BUFFER="${line/pnpm add/pnpm remove}"
+        (( CURSOR = CURSOR + 2 )) # add -> remove: 2 chars added
+        ;;
+      "pnpm un "*)
+        BUFFER="${line/pnpm un/pnpm add}"
+        (( CURSOR = CURSOR + 5 )) # un -> add: 5 chars added
+        ;;
+      "pnpm i "*)
+        BUFFER="${line/pnpm i/pnpm remove}"
+        (( CURSOR = CURSOR + 8 )) # i -> remove: 8 chars added
+        ;;
+      *) continue ;;
+    esac
+    return 0
+  done
+
+  BUFFER="pnpm install"
+  CURSOR=${#BUFFER}
+}
+
+zle -N pnpm_toggle_install_uninstall
+
+# Defined shortcut keys: [F2] [F2]
+bindkey -M emacs '^[OQ^[OQ' pnpm_toggle_install_uninstall
+bindkey -M vicmd '^[OQ^[OQ' pnpm_toggle_install_uninstall
+bindkey -M viins '^[OQ^[OQ' pnpm_toggle_install_uninstall