mirror of https://github.com/doomemacs/doomemacs synced 2025-08-03 12:27:26 -05:00

Files

Henrik Lissner 4418c80c95 fix(syntax): disable checker in non-project elisp files

CVE-2024-53920 describes an arbitrary code execution vulnerability
during macro expansion, which occurs during byte-compilation or when
evaluating macro calls in uncompiled elisp files.

Flycheck and flymake use byte-compilation to lint elisp files, exposing
users to this vulnerability. This commit attempts to protect users from
this by disabling both in elisp files that aren't part of a
project (because, presumably, untrusted elisp won't live in a project).
What a "project" is depends on your projectile settings, but generally
means a file that lives in a version controlled directory and/or a
directory containing a recognizable project root marker (like a
packages.json or Cargo.toml file).

This heuristic won't catch cases of untrusted elisp living within
legitimate projects, or the case where the user's $HOME is a project and
*all* their elisp files live under it, but there are already too many
ways to shoot yourself in the foot with Emacs to begin with, and
disabling fly(check|make) altogether stands a higher chance of making
people blindly re-enable them to "work around" the fact it's not
"working as expected", bringing them back to square one.

Anyhow, long story short, don't open elisp files you don't trust in
Emacs, mkay?

Ref: CVE-2024-53920

2024-12-05 16:25:54 -05:00

.doommodule

feat: add .doommodule files

2024-09-14 20:47:39 -04:00

autoload.el

fix(syntax): disable checker in non-project elisp files

2024-12-05 16:25:54 -05:00

config.el

refactor: use negated flags

2024-10-20 02:41:50 -04:00

packages.el

bump: :lang

2024-11-19 17:49:29 -05:00

README.org

docs(*): replace all-the-icons with nerd-icons

2023-09-16 20:19:11 +02:00

README.org

:lang emacs-lisp

Description
- Maintainers
- Module flags
- Packages
- Hacks
- Changelog
Installation
Usage
- formatter
Configuration
Troubleshooting
Frequently asked questions
Appendix

Description unfold

This module extends support for Emacs Lisp in Doom Emacs.

Macro expansion
Go-to-definitions or references functionality
Syntax highlighting for defined and quoted symbols
Replaces the built-in help with the more powerful doom-package:helpful
Adds function example uses to documentation

Maintainers

@hlissner

Become a maintainer?

Module flags

This module has no flags.

Packages

doom-package:buttercup
doom-package:elisp-def
doom-package:elisp-demos
doom-package:flycheck-cask if doom-module::checkers syntax
doom-package:flycheck-package if doom-module::checkers syntax
doom-package:highlight-quoted
doom-package:macrostep
doom-package:overseer

Hacks

Symbols that are defined in the current session are highlighted with font-lock-variable-face.
Eldoc will display the values of variables next to its documentation.
elisp-demos was modified to display API demos for Doom's standard library (in docs/api.org).
This module extends imenu support for Doom's API (e.g. package!, use-package, after!)
Flycheck has been configured to tone down the false positives when you are editing your Emacs or Doom config.

TODO Changelog

This module does not have a changelog yet.

Installation

Enable this module in your doom! block.

This module's sole dependency is Emacs. It's very obscure, you wouldn't know about it.

TODO Usage

󱌣 This module has no usage documentation yet. Write some?

formatter

By enabling doom-module::editor format, doom-package:apheleia will be used to format the current buffer.

Enable doom-module::editor format +onsave to format the buffer on save.

TODO Configuration

󱌣 This module has no configuration documentation yet. Write some?

Troubleshooting

There are no known problems with this module. Report one?

Frequently asked questions

This module has no FAQs yet. Ask one?

TODO Appendix

󱌣 This module has no appendix yet. Write one?