4418c80c95
CVE-2024-53920 describes an arbitrary code execution vulnerability during macro expansion, which occurs during byte-compilation or when evaluating macro calls in uncompiled elisp files. Flycheck and flymake use byte-compilation to lint elisp files, exposing users to this vulnerability. This commit attempts to protect users from this by disabling both in elisp files that aren't part of a project (because, presumably, untrusted elisp won't live in a project). What a "project" is depends on your projectile settings, but generally means a file that lives in a version controlled directory and/or a directory containing a recognizable project root marker (like a packages.json or Cargo.toml file). This heuristic won't catch cases of untrusted elisp living within legitimate projects, or the case where the user's $HOME is a project and *all* their elisp files live under it, but there are already too many ways to shoot yourself in the foot with Emacs to begin with, and disabling fly(check|make) altogether stands a higher chance of making people blindly re-enable them to "work around" the fact it's not "working as expected", bringing them back to square one. Anyhow, long story short, don't open elisp files you don't trust in Emacs, mkay? Ref: CVE-2024-53920
:checkers syntax
Description unfold
This module provides syntax checking and error highlighting, powered by doom-package:flycheck.
Maintainers
This module has no dedicated maintainers. Become a maintainer?
Module flags
- +childframe
- Display errors/warnings in a child frame rather than an overlay or tooltip. Requires GUI Emacs.
- +flymake
- Leverages the inbuilt doom-package:flymake for error and diagnostics highlighting.
- +icons
- Use unicode icons rather than ASCII prefixes in error tooltips or childframes.
Packages
Hacks
- If
lsp-ui-modeis active, most of the aesthetic functionality of this module is turned off, as they show the same information. - If childframes are enabled, and the flycheck childframe is shown, it will be
hidden on the next user input (as well as the default behavior: to hide it the
next time the user is idle for
flycheck-display-errors-delayseconds).
TODO Changelog
This module does not have a changelog yet.
Installation
Enable this module in your doom! block.
This module has no direct requirements, but some languages may have their own
requirements to fulfill before you get syntax checking in them (and some
languages may lack syntax checking support altogether). Run $ doom doctor to
find out if you're missing any dependencies.
TODO Usage
This module's usage documentation is incomplete. Complete it?
Most of flycheck's features are under C-c !, regardless of whether evil mode is used.
| Keybind | Description |
|---|---|
| C-c ! ? | Describe Checker |
| C-c ! c | Check syntax in buffer |
| C-c ! l | List errors |
| C-c ! n | Next Error |
| C-c ! p | Previous error |
| C-c ! C | Clear all errors in buffer |
| C-c ! e | Explain error at point |
| C-c ! h | Display all errors at point |
Evil Specific:
| Keybind | Description |
|---|---|
| SPC t f | Toggle Flycheck |
| SPC c x | List errors |
| ] e | Next error |
| [ e | Prevous error |
TODO Configuration
This module has no configuration documentation yet. Write some?
Troubleshooting
- Use
M-x flycheck-verify-setupto determine what checkers are available in a buffer and whether they're active or not (and why).
Frequently asked questions
This module has no FAQs yet. Ask one?
TODO Appendix
This module has no appendix yet. Write one?