mirrors/ohmyzsh-mirror
1
0
Fork 0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2026-01-10 21:58:06 +08:00
Code Issues Releases Wiki Activity

Compare commits

base: mirrors:f02bf08ac8ab70e12141286e5aabe6666db3da14
Branches Tags
mirrors:master
...
compare: mirrors:3793f65fd35d20ed4f105adf4db1bdcdc079d6b0
Branches Tags
mirrors:master

7 Commits
f02bf08ac8 ... 3793f65fd3

Author SHA1 Message Date
Paul Frederiksen
3793f65fd3
Merge 8d095c1339 into 72acd2ca90 2025-12-08 08:35:17 -08:00
Mohaiminus Sakib
72acd2ca90
feat(uv): add more useful aliases (#13462) 
Co-authored-by: Mohaiminus Sakib <roddur093@gmail.com>
Co-authored-by: Marc Cornellà <marc@mcornella.com>
 2025-12-08 16:57:50 +01:00
dependabot[bot]
ddec79ad43
chore(deps): bump actions/checkout from 6.0.0 to 6.0.1 (#13468) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](1af3b93b68...8e8c483db8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-07 18:39:14 +01:00
dependabot[bot]
0ebeae78d0
chore(deps): bump actions/create-github-app-token from 2.2.0 to 2.2.1 (#13470) 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](7e473efe3c...29824e69f5)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-07 18:38:44 +01:00
dependabot[bot]
3b66f643e4
chore(deps): bump step-security/harden-runner from 2.13.2 to 2.13.3 (#13471) 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.2 to 2.13.3.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](95d9a5deda...df199fb7be)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-07 18:38:26 +01:00
dependabot[bot]
953f526dea
chore(deps): bump github/codeql-action from 4.31.5 to 4.31.7 (#13469) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.5 to 4.31.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](fdbfb4d275...cf1bb45a27)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-07 18:38:05 +01:00
Paul Frederiksen
8d095c1339 feat(aws): add SSO login support to acp command 
- Add _aws_profile_uses_sso() helper function to detect SSO configuration
- Modify acp() function to automatically perform SSO login when needed
- Support both direct SSO profiles and role profiles with SSO source profiles
- Update README.md to document the new SSO functionality

Fixes #10004
 2025-09-19 10:09:55 -07:00
9 changed files with 75 additions and 33 deletions
Show Stats Expand all files Collapse all files

6
.github/workflows/dependencies.yml vendored
View File

@ -13,17 +13,17 @@ jobs:
contents: write # this is needed to push commits and branches
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 0
- name: Authenticate as @ohmyzsh
id: generate-token
uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
with:
app-id: ${{ secrets.OHMYZSH_APP_ID }}
private-key: ${{ secrets.OHMYZSH_APP_PRIVATE_KEY }}

8
.github/workflows/installer.yml vendored
View File

@ -26,12 +26,12 @@ jobs:
- macos-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
with:
egress-policy: audit
- name: Set up git repository
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Install zsh
if: runner.os == 'Linux'
run: sudo apt-get update; sudo apt-get install zsh
@ -47,12 +47,12 @@ jobs:
- test
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Install Vercel CLI
run: npm install -g vercel
- name: Setup project and deploy

4
.github/workflows/main.yml vendored
View File

@ -24,12 +24,12 @@ jobs:
if: github.repository == 'ohmyzsh/ohmyzsh'
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
with:
egress-policy: audit
- name: Set up git repository
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Install zsh
run: sudo apt-get update; sudo apt-get install zsh
- name: Check syntax

4
.github/workflows/project.yml vendored
View File

@ -17,12 +17,12 @@ jobs:
if: github.repository == 'ohmyzsh/ohmyzsh'
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
with:
egress-policy: audit
- name: Authenticate as @ohmyzsh
id: generate-token
uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
with:
app-id: ${{ secrets.OHMYZSH_APP_ID }}
private-key: ${{ secrets.OHMYZSH_APP_PRIVATE_KEY }}

6
.github/workflows/scorecard.yml vendored
View File

@ -36,12 +36,12 @@ jobs:
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
with:
egress-policy: audit
- name: "Checkout code"
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
@ -60,6 +60,6 @@ jobs:
retention-days: 5
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5
uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
with:
sarif_file: results.sarif

3
plugins/aws/README.md
View File

@ -25,7 +25,8 @@ plugins=(... aws)
* `acp [<profile>] [<mfa_token>]`: in addition to `asp` functionality, it actually changes
the profile by assuming the role specified in the `<profile>` configuration. It supports
MFA and sets `$AWS_ACCESS_KEY_ID`, `$AWS_SECRET_ACCESS_KEY` and `$AWS_SESSION_TOKEN`, if
obtained. It requires the roles to be configured as per the
obtained. It automatically detects and performs SSO login for profiles that use AWS SSO,
including source profiles used for role assumption. It requires the roles to be configured as per the
[official guide](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html).
Run `acp` without arguments to clear the profile.

28
plugins/aws/aws.plugin.zsh
View File

@ -98,6 +98,27 @@ function acp() {
local profile="$1"
local mfa_token="$2"
# Check if profile uses SSO and perform SSO login if needed
if _aws_profile_uses_sso "$profile"; then
echo "Profile '$profile' uses SSO. Performing SSO login..."
aws sso login --profile "$profile"
if [[ $? -ne 0 ]]; then
echo "${fg[red]}SSO login failed for profile '$profile'${reset_color}" >&2
return 1
fi
else
# Check if source profile uses SSO (for role assumption)
local source_profile="$(aws configure get source_profile --profile $profile)"
if [[ -n "$source_profile" ]] && _aws_profile_uses_sso "$source_profile"; then
echo "Source profile '$source_profile' uses SSO. Performing SSO login..."
aws sso login --profile "$source_profile"
if [[ $? -ne 0 ]]; then
echo "${fg[red]}SSO login failed for source profile '$source_profile'${reset_color}" >&2
return 1
fi
fi
fi
# Get fallback credentials for if the aws command fails or no command is run
local aws_access_key_id="$(aws configure get aws_access_key_id --profile $profile)"
local aws_secret_access_key="$(aws configure get aws_secret_access_key --profile $profile)"
@ -244,6 +265,13 @@ function aws_profiles() {
grep --color=never -Eo '\[.*\]' "${AWS_CONFIG_FILE:-$HOME/.aws/config}" | sed -E 's/^[[:space:]]*\[(profile)?[[:space:]]*([^[:space:]]+)\][[:space:]]*$/\2/g'
}
# Check if a profile uses SSO
function _aws_profile_uses_sso() {
local profile="$1"
local sso_start_url="$(aws configure get sso_start_url --profile $profile 2>/dev/null)"
[[ -n "$sso_start_url" ]]
}
function _aws_regions() {
reply=($(aws_regions))
}

43
plugins/uv/README.md
View File

@ -1,6 +1,7 @@
# uv plugin
This plugin automatically installs [uv](https://github.com/astral-sh/uv)'s completions for you, and keeps them up to date. It also adds convenient aliases for common usage.
This plugin automatically installs [uv](https://github.com/astral-sh/uv)'s completions for you,
and keeps them up to date. It also adds convenient aliases for common usage.
To use it, add `uv` to the plugins array in your zshrc file:
@ -10,20 +11,26 @@ plugins=(... uv)
## Aliases
| Alias | Command | Description |
|:----- |------------------------------------------------------------------------ |:-------------------------------------------------------------------- |
| uva | `uv add` | Add packages to the project |
| uvexp | `uv export --format requirements-txt --no-hashes --output-file requirements.txt --quiet` | Export the lock file to `requirements.txt` |
| uvl | `uv lock` | Lock the dependencies |
| uvlr | `uv lock --refresh` | Rebuild the lock file without upgrading dependencies |
| uvlu | `uv lock --upgrade` | Lock the dependencies to the newest compatible versions |
| uvp | `uv pip` | Manage pip packages |
| uvpy | `uv python` | Manage Python installs |
| uvpp | `uv python pin` | Pin the current project to use a specific Python version |
| uvr | `uv run` | Run commands within the project's environment |
| uvrm | `uv remove` | Remove packages from the project |
| uvs | `uv sync` | Sync the environment with the lock file |
| uvsr | `uv sync --refresh` | "Force" sync the environment with the lock file (ignore cache) |
| uvsu | `uv sync --upgrade` | Sync the environment, allowing upgrades and ignoring the lock file |
| uvup | `uv self update` | Update the UV tool to the latest version |
| uvv | `uv venv` | Manage virtual environments |
| Alias | Command | Description |
| :---- | ---------------------------------------------------------------------------------------- | :-------------------------------------------------------------------- |
| uva | `uv add` | Add packages to the project |
| uvexp | `uv export --format requirements-txt --no-hashes --output-file requirements.txt --quiet` | Export the lock file to `requirements.txt` |
| uvi | `uv init` | Initialize a new project in current workspace and environment. |
| uvinw | `uv init --no-workspace` | Initialize a new project in a new workspace and environment |
| uvl | `uv lock` | Lock the dependencies |
| uvlr | `uv lock --refresh` | Rebuild the lock file without upgrading dependencies |
| uvlu | `uv lock --upgrade` | Lock the dependencies to the newest compatible versions |
| uvp | `uv pip` | Manage pip packages |
| uvpi | `uv python install` | Install a specific version of python |
| uvpl | `uv python list` | Lists all python version installed |
| uvpp | `uv python pin` | Pin the current project to use a specific Python version |
| uvpu | `uv python uninstall` | Remove a specific version of python |
| uvpy | `uv python` | Manage Python installs |
| uvr | `uv run` | Run commands within the project's environment |
| uvrm | `uv remove` | Remove packages from the project |
| uvs | `uv sync` | Sync the environment with the lock file |
| uvsr | `uv sync --refresh` | "Force" sync the environment with the lock file (ignore cache) |
| uvsu | `uv sync --upgrade` | Sync the environment, allowing upgrades and ignoring the lock file |
| uvtr | `uv tree` | Displays the full dependency tree for the current project environment |
| uvup | `uv self update` | Update the UV tool to the latest version |
| uvv | `uv venv` | Manage virtual environments |

6
plugins/uv/uv.plugin.zsh
View File

@ -7,10 +7,15 @@ alias uv="noglob uv"
alias uva='uv add'
alias uvexp='uv export --format requirements-txt --no-hashes --output-file requirements.txt --quiet'
alias uvi='uv init'
alias uvinw='uv init --no-workspace'
alias uvl='uv lock'
alias uvlr='uv lock --refresh'
alias uvlu='uv lock --upgrade'
alias uvp='uv pip'
alias uvpi='uv python install'
alias uvpl='uv python list'
alias uvpu='uv python uninstall'
alias uvpy='uv python'
alias uvpp='uv python pin'
alias uvr='uv run'
@ -18,6 +23,7 @@ alias uvrm='uv remove'
alias uvs='uv sync'
alias uvsr='uv sync --refresh'
alias uvsu='uv sync --upgrade'
alias uvtr='uv tree'
alias uvup='uv self update'
alias uvv='uv venv'