Starship: Per-repo and per-directory config file?
This grew out of #256
Feature Request
It'd be cool to support per-repo configuration, and per-directory configuration. I'm particularly interested in being able to change what modules are enabled.
Describe the solution you'd like
The proposal in PR #622 (currently open) would support for looking for starship.toml in /etc and /usr/local/etc (%ProgramData% and %HomeDrive%%HomePath%\.config on Windows). Could expand on that to check the Git/Hg repo root and PWD:
/etc/starship.toml
can be overridden by /usr/local/etc/starship.toml
can be overridden by ~/.config/starship.toml
can be overridden by $(git rev-parse --show-toplevel)/startship.toml or $(hg root)/starship.toml if relevant
can be overridden by $PWD/starship.toml
Describe alternatives you've considered
nomaed has proposed (https://github.com/starship/starship/issues/565#issuecomment-549108050) searching up the directory tree starting at PWD.
olets
All 3 comments
Just came to suggest this feature. I generally want Git info in my shell, but I work on one particularly large repo where having Git info in my prompt means that every command takes an extra 0.7s, which is a non-starter. 😆
chriskrycho
on 23 Jan 2020
This sounds a bit dangerous. Consider the following scenario:
- A "friend" sends you a zip file with cat photos.
- You unzip and cd into it.
- It turns out the archive contains .starship.toml which abuses one of the modules to execute arbitrary commands. That's trivial with
custom, of course, but probably some other modules can be used for that as well.
I think it should be safe to cd into untrusted directories.
Maybe a more restrictive version would be enough for most use cases? For example blacklisting a bunch of modules per directory? That's probably not so easy to abuse.
sbarzowski
on 18 Apr 2020
Great point, an exclude list is a better solution.
If it was supported globally in addition to per repo it would have the added benefit of letting the user customize their prompt while still automatically getting any new modules added to core.
olets
on 21 Apr 2020
Related issues
matchai
·
3Comments
Stupremee
·
4Comments
Quantium
·
3Comments
vandrw
·
3Comments
m0nhawk
·
4Comments
Most helpful comment
This sounds a bit dangerous. Consider the following scenario:
custom, of course, but probably some other modules can be used for that as well.I think it should be safe to
cdinto untrusted directories.Maybe a more restrictive version would be enough for most use cases? For example blacklisting a bunch of modules per directory? That's probably not so easy to abuse.