mirror of
https://github.com/zed-industries/zed.git
synced 2026-05-27 00:08:42 +00:00
original uri https://github.com/zed-industries/zed
https://zed.dev
dbeb0af9ad
<img width="1110" height="280" alt="Screenshot 2026-01-28 at 3 35 52 PM" src="https://github.com/user-attachments/assets/4d467e2c-2e7b-4ec7-bc87-6f0df8e667f0" /> <img width="1094" height="411" alt="Screenshot 2026-01-28 at 3 40 54 PM" src="https://github.com/user-attachments/assets/f559df93-e72e-4457-ba1b-f7d6239f3285" /> Previously, if a user configured `^ls` as an always-allow pattern, an attacker could craft a command like `ls && rm -rf /` which would be auto-approved because the regex only matched the beginning of the command string. Now the command is parsed into individual sub-commands (`ls`, `rm -rf /`) and EACH sub-command must match an allow pattern for auto-approval. This prevents shell injection attacks using operators like: - `&&` and `||` (boolean operators) - `;` and `&` (sequential/background execution) - `|` (pipes) - Newlines - Command substitution (`$()` and backticks) - Process substitution (`<()` and `>()`) ## Matching Logic - **always_deny**: if ANY sub-command matches, deny the entire command - **always_confirm**: if ANY sub-command matches, require confirmation (unless always_deny matched, in which case deny) - **always_allow**: ALL sub-commands must match for auto-approval (unless always_confirm or always_deny matched, in which case defer to those) - If parsing fails, or if the shell is unsupported, then always_allow is disabled for this command As usual, `always_allow_tool_actions` supercedes all of these. If it is `true`, then we always allow all tool calls, no questions asked. ## Shell Compatibility The shell parser only supports POSIX-like command chaining syntax (`&&`, `||`, `;`, `|`). **Supported shells:** Posix (sh, bash, dash, zsh), Fish 3.0+, PowerShell 7+/Pwsh, Cmd, Xonsh, Csh, Tcsh **Unsupported shells:** Nushell (uses `and`/`or` keywords), Elvish (uses `and`/`or` keywords), Rc (Plan 9 shell - no `&&`/`||` operators) For unsupported shells: - The "Always allow" UI options are hidden for the terminal tool - If the user has `always_allow` patterns configured in settings, they will see a `Deny` with an explanatory error message (No release notes because granular tool permissions are behind a feature flag.) Release Notes: - N/A --------- Co-authored-by: Zed Zippy <234243425+zed-zippy[bot]@users.noreply.github.com> |
||
|---|---|---|
| .cargo | ||
| .cloudflare | ||
| .config | ||
| .factory/prompts/docs-automation | ||
| .github | ||
| .zed | ||
| assets | ||
| ci | ||
| crates | ||
| docs | ||
| extensions | ||
| legal | ||
| nix | ||
| script | ||
| tooling | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .prettierrc | ||
| .rules | ||
| AGENTS.md | ||
| Cargo.lock | ||
| Cargo.toml | ||
| CLAUDE.md | ||
| clippy.toml | ||
| CODE_OF_CONDUCT.md | ||
| compose.yml | ||
| CONTRIBUTING.md | ||
| debug.plist | ||
| default.nix | ||
| docker-compose.sql | ||
| Dockerfile-collab | ||
| Dockerfile-collab.dockerignore | ||
| Dockerfile-cross.dockerignore | ||
| Dockerfile-distros | ||
| Dockerfile-distros.dockerignore | ||
| flake.lock | ||
| flake.nix | ||
| GEMINI.md | ||
| LICENSE-AGPL | ||
| LICENSE-APACHE | ||
| LICENSE-GPL | ||
| livekit.yaml | ||
| lychee.toml | ||
| Procfile | ||
| Procfile.all | ||
| Procfile.web | ||
| README.md | ||
| renovate.json | ||
| REVIEWERS.conl | ||
| rust-toolchain.toml | ||
| shell.nix | ||
| typos.toml | ||
Zed
Welcome to Zed, a high-performance, multiplayer code editor from the creators of Atom and Tree-sitter.
Installation
On macOS, Linux, and Windows you can download Zed directly or install Zed via your local package manager (macOS/Linux/Windows).
Other platforms are not yet available:
- Web (tracking issue)
Developing Zed
Contributing
See CONTRIBUTING.md for ways you can contribute to Zed.
Also... we're hiring! Check out our jobs page for open roles.
Licensing
License information for third party dependencies must be correctly provided for CI to pass.
We use cargo-about to automatically comply with open source licenses. If CI is failing, check the following:
- Is it showing a
no license specifiederror for a crate you've created? If so, addpublish = falseunder[package]in your crate's Cargo.toml. - Is the error
failed to satisfy license requirementsfor a dependency? If so, first determine what license the project has and whether this system is sufficient to comply with this license's requirements. If you're unsure, ask a lawyer. Once you've verified that this system is acceptable add the license's SPDX identifier to theacceptedarray inscript/licenses/zed-licenses.toml. - Is
cargo-aboutunable to find the license for a dependency? If so, add a clarification field at the end ofscript/licenses/zed-licenses.toml, as specified in the cargo-about book.
Sponsorship
Zed is developed by Zed Industries, Inc., a for-profit company.
If you’d like to financially support the project, you can do so via GitHub Sponsors. Sponsorships go directly to Zed Industries and are used as general company revenue. There are no perks or entitlements associated with sponsorship.