Merge b25811450c into 9df4ea095f

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.0 to 2.14.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](20cf305ff2...e3f713f2d8)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/dependencies.yml

@@ -13,12 +13,12 @@ jobs:
       contents: write # this is needed to push commits and branches
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
       - name: Authenticate as @ohmyzsh
@@ -28,7 +28,7 @@ jobs:
           app-id: ${{ secrets.OHMYZSH_APP_ID }}
           private-key: ${{ secrets.OHMYZSH_APP_PRIVATE_KEY }}
       - name: Setup Python
-        uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: "3.12"
           cache: "pip"

.github/workflows/installer.yml

@@ -26,12 +26,12 @@ jobs:
           - macos-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Set up git repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install zsh
         if: runner.os == 'Linux'
         run: sudo apt-get update; sudo apt-get install zsh
@@ -47,12 +47,12 @@ jobs:
       - test
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install Vercel CLI
         run: npm install -g vercel
       - name: Setup project and deploy

.github/workflows/main.yml

@@ -24,12 +24,12 @@ jobs:
     if: github.repository == 'ohmyzsh/ohmyzsh'
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Set up git repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Install zsh
         run: sudo apt-get update; sudo apt-get install zsh
       - name: Check syntax

.github/workflows/project.yml

@@ -17,7 +17,7 @@ jobs:
     if: github.repository == 'ohmyzsh/ohmyzsh'
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
       - name: Authenticate as @ohmyzsh

.github/workflows/scorecard.yml

@@ -36,12 +36,12 @@ jobs:
 
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -60,6 +60,6 @@ jobs:
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
+        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
         with:
           sarif_file: results.sarif

plugins/zsh-interactive-cd/README.md

@@ -19,3 +19,14 @@ This plugin provides an interactive way to change directories in zsh using fzf.
 ## Usage
 
 Press tab for completion as usual, it'll launch fzf automatically. Check fzf’s [readme](https://github.com/junegunn/fzf#search-syntax) for more search syntax usage.
+
+### Hidden Directories
+
+By default, `zsh-interactive-cd` hides directories that start with `.` (dotfolders).  
+
+You can enable hidden directories in the suggestion list by setting:
+
+```zsh
+# Show hidden directories in interactive cd
+export ZIC_SHOW_HIDDEN=true
+```

plugins/zsh-interactive-cd/zsh-interactive-cd.plugin.zsh

@@ -24,8 +24,11 @@ __zic_matched_subdir_list() {
     fi
     find -L "$dir" -mindepth 1 -maxdepth 1 -type d 2>/dev/null \
         | cut -b $(( ${length} + 2 ))- | command sed '/^$/d' | while read -r line; do
-      if [[ "${line[1]}" == "." ]]; then
-        continue
+      # Skip hidden dirs unless explicitly allowed
+      if [[ -z "$ZIC_SHOW_HIDDEN" || "$ZIC_SHOW_HIDDEN" != "true" ]]; then
+        if [[ "${line[1]}" == "." ]]; then
+          continue
+        fi
       fi
       echo "$line"
     done
@@ -40,8 +43,11 @@ __zic_matched_subdir_list() {
       find -L "$dir" -mindepth 1 -maxdepth 1 -type d \
           2>/dev/null | cut -b $(( ${length} + 2 ))- | command sed '/^$/d' \
           | while read -r line; do
-        if [[ "${seg[1]}" != "." && "${line[1]}" == "." ]]; then
-          continue
+        # Skip hidden dirs unless explicitly allowed
+        if [[ -z "$ZIC_SHOW_HIDDEN" || "$ZIC_SHOW_HIDDEN" != "true" ]]; then
+          if [[ "${seg[1]}" != "." && "${line[1]}" == "." ]]; then
+            continue
+          fi
         fi
         if [ "$zic_case_insensitive" = "true" ]; then
           if [[ "$line:u" == "$seg:u"* ]]; then
@@ -60,8 +66,11 @@ __zic_matched_subdir_list() {
       find -L "$dir" -mindepth 1 -maxdepth 1 -type d \
           2>/dev/null | cut -b $(( ${length} + 2 ))- | command sed '/^$/d' \
           | while read -r line; do
-        if [[ "${seg[1]}" != "." && "${line[1]}" == "." ]]; then
-          continue
+        # Skip hidden dirs unless explicitly allowed
+        if [[ -z "$ZIC_SHOW_HIDDEN" || "$ZIC_SHOW_HIDDEN" != "true" ]]; then
+          if [[ "${seg[1]}" != "." && "${line[1]}" == "." ]]; then
+            continue
+          fi
         fi
         if [ "$zic_case_insensitive" = "true" ]; then
           if [[ "$line:u" == *"$seg:u"* ]]; then
@@ -164,11 +173,6 @@ zic-completion() {
 
 [ -z "$__zic_default_completion" ] && {
   binding=$(bindkey '^I')
-  # $binding[(s: :w)2]
-  # The command substitution and following word splitting to determine the
-  # default zle widget for ^I formerly only works if the IFS parameter contains
-  # a space via $binding[(w)2]. Now it specifically splits at spaces, regardless
-  # of IFS.
   [[ $binding =~ 'undefined-key' ]] || __zic_default_completion=$binding[(s: :w)2]
   unset binding
 }