Allow a LaTeX backend to run external commands after user confirmation.
This is a per document and per machine setting. The authorization has
to be given through the document settings pane, but is not recorded in
the document itself. Moving the document to either another computer or
another directory on the same computer revokes the authorization.
This can also be done by right clicking the red icon that appears in
the status bar when a document is marked as one requiring shell escape.
The patch also checks whether the user has added the -shell-escape
option to a LaTeX converter and nags the user to remove the option
(which would be used for all documents) in favor of the (per document)
support offered by LyX.
This commit does a bulk fix of incorrect annotations (comments) at the
end of namespaces.
The commit was generated by initially running clang-format, and then
from the diff of the result extracting the hunks corresponding to
fixes of namespace comments. The changes being applied and all the
results have been manually reviewed. The source code successfully
builds on macOS.
Further details on the steps below, in case they're of interest to
someone else in the future.
1. Checkout a fresh and up to date version of src/
git pull && git checkout -- src && git status src
2. Ensure there's a suitable .clang-format in place, i.e. with options
to fix the comment at the end of namespaces, including:
FixNamespaceComments: true
SpacesBeforeTrailingComments: 1
and that clang-format is >= 5.0.0, by doing e.g.:
clang-format -dump-config | grep Comments:
clang-format --version
3. Apply clang-format to the source:
clang-format -i $(find src -name "*.cpp" -or -name "*.h")
4. Create and filter out hunks related to fixing the namespace
git diff -U0 src > tmp.patch
grepdiff '^} // namespace' --output-matching=hunk tmp.patch > fix_namespace.patch
5. Filter out hunks corresponding to simple fixes into to a separate patch:
pcregrep -M -e '^diff[^\n]+\nindex[^\n]+\n--- [^\n]+\n\+\+\+ [^\n]+\n' \
-e '^@@ -[0-9]+ \+[0-9]+ @@[^\n]*\n-\}[^\n]*\n\+\}[^\n]*\n' \
fix_namespace.patch > fix_namespace_simple.patch
6. Manually review the simple patch and then apply it, after first
restoring the source.
git checkout -- src
patch -p1 < fix_namespace_simple.path
7. Manually review the (simple) changes and then stage the changes
git diff src
git add src
8. Again apply clang-format and filter out hunks related to any
remaining fixes to the namespace, this time filter with more
context. There will be fewer hunks as all the simple cases have
already been handled:
clang-format -i $(find src -name "*.cpp" -or -name "*.h")
git diff src > tmp.patch
grepdiff '^} // namespace' --output-matching=hunk tmp.patch > fix_namespace2.patch
9. Manually review/edit the resulting patch file to remove hunks for files
which need to be dealt with manually, noting the file names and
line numbers. Then restore files to as before applying clang-format
and apply the patch:
git checkout src
patch -p1 < fix_namespace2.patch
10. Manually fix the files noted in the previous step. Stage files,
review changes and commit.
Several comments in the code point to the fact that hidden buffers are assumed
to be clean.
The other solution was to adapt the closing & saving code to take into account
hidden dirty buffers. Experience shows that it is more useful to unhide the
buffers at the moment of the external modification, in the context of a git
workflow where one has to reload the modified children buffers one-by-one.
Fixes crash at #10603
When the Buffer is notified to be externally modified, check that the
file contents have changed using the checksum.
Document the shortcoming of FileMonitorBlocker.
Fixes#10642.
- Adds a currentZoom variable which holds the current zoom level.
- The zoom stored in preferences is used as default zoom level (default binding:
M+0).
- The currentZoom is saved and restored via QSettings.
- Adds LFUN buffer-zoom for (re)setting zoom.
Use Length instead of HSpace for math_indentation and rename it to mathindent.
Get rid of the string version.
Rename (g|s)etMathIndentation() to (g|s)etMathIndent().
Remove the HSpace class altogether.
Some cleanups to parindent support to look like mathindent.
The error is reported in the GUI, but for the terminal we must write
explicitly to STDERR.
For a specific example of this type of exception, see the previous
commit, 72c3dbd.
Introduce a distinction between being read-only and having the read-only flag. A
buffer is read-only if either it has been externally modified or if it has the
read-only flag.
For biblatex, we need the file name as it was entered in the inset
(abs path, rel path, only file name) in order to resolve it properly
for the export (as in the BibTeX inset intself).
Therefore, we now store a pair<docstring, FileName>.
A FileNamePairList has been added to FileNameList for this purpose.
Macro nesting is now recorded into the macro inset itself. This allows
the ArgumentProxy inset to determine whether it is editable or not by
looking at its macro.
Remove code in the metrics and draw methods of ArgumentProxy: this
code is AFAICS not active anymore, since arguments are linearized into
math rows.
Use Changer idiom to change locally the values of MecticsInfo::base.macro_nesting.
Addressing #10481.
This patch adds the new 'needauth' option for converters launching
external programs that are capable of running arbitrary code on behalf
of the user. These converters won't be run unless the user gives explicit
authorization, which is asked on-demand when the converter is about to
be run (question is not asked if the file is cached and calling the
converter is not needed).
The user prompt has a 3rd button so that he/she's not prompted again
for (any converter over) the same document (identified through
buffer->absFileName()).
Two preference options are added:
lyxrc.use_converter_needauth_forbidden disables any converter with
the 'needauth' option, which is meant to force user to an explicit
action via the preferences pane, before being able to use advanced
converters that can potentially bring security threats;
lyxrc.use_converter_needauth enables prompting the user for 'needauth'
converters, or bypasses the check if not enabled, falling back to the
previous behavior.
So, the first option is for maximum security, the second is for
maximum usability.
No newline is written after \begin{document}, such that
the afterParbreak method would return false. This misleads
the code that outputs a display math in an ulem command
to emit a newline command instead of \noindent, causing
latex errors. This occurs only if the math is at the very
start of a document, without anything before it.
