Skip to content

Add 'trustdir' option for directory trust management#19876

Closed
mattn wants to merge 2 commits intovim:masterfrom
mattn:add-trustdir-option
Closed

Add 'trustdir' option for directory trust management#19876
mattn wants to merge 2 commits intovim:masterfrom
mattn:add-trustdir-option

Conversation

@mattn
Copy link
Copy Markdown
Member

@mattn mattn commented Mar 31, 2026
edited
Loading

Add a new boolean option 'trustdir' (default on) that prompts users to trust directories before applying modelines. When a file containing a modeline is opened, Vim asks whether to trust the directory permanently (saved to ~/.vim/trust.json), for the session only, or not at all. Parent directory inheritance is supported.

This is designed to be extensible to other features like 'exrc' in the future — trust.json stores per-directory permission flags:

[
  {"path": "/home/user/dev/vim", "modeline": true},
  {"path": "/home/user/projects", "modeline": true, "exrc": true}
]
image

Opening this as a draft to get feedback on the approach, especially from @chrisbra. #19875

Known concerns:

  • Since 'trustdir' is enabled by default, some existing tests that rely on modeline processing may fail due to the trust prompt being triggered.
  • Multiple Vim instances writing to trust.json concurrently could cause data loss (last writer wins). The write frequency is very low (only on user interaction), so the practical risk is minimal, but a file locking mechanism could be added if needed.
  • The 'trustdir' option has the P_SECURE flag, so it cannot be changed via modeline.

Note: This pull request was created with the help of Claude Code.

@mattn @claude
Add 'trustdir' option for directory trust management
8ee176d 
Add a new boolean option 'trustdir' (default on) that prompts users
to trust directories before applying modelines. When a file containing
a modeline is opened, Vim asks whether to trust the directory permanently
(saved to ~/.vim/trust.json), for the session only, or not at all.
Parent directory inheritance is supported. This provides a security
mechanism similar to VS Code's workspace trust, and is designed to be
extensible to other features like 'exrc' in the future.

Co-authored-by: Claude Code <noreply@anthropic.com>
@mattn mattn force-pushed the add-trustdir-option branch from e32cefb to 8ee176d Compare March 31, 2026 16:40
@mattn
Copy link
Copy Markdown
Member Author

mattn commented Mar 31, 2026

Note: Since 'trustdir' is enabled by default, some existing tests that rely on modeline processing may fail because the trust prompt will be triggered. We may need to add set notrustdir in test setups or adjust the test framework to handle this.

@mattn @claude
Normalize paths in trust directory checks
8cbe987 
Use vim_FullName() and simplify_filename() to normalize buffer paths
before trust comparison, so symlinks and /../ are resolved correctly.

Co-authored-by: Claude Code <noreply@anthropic.com>
@justinmk
Copy link
Copy Markdown
Contributor

justinmk commented Mar 31, 2026

For reference, here's the existing Neovim feature: https://neovim.io/doc/user/editing/#trust

@mattn mattn mentioned this pull request Apr 2, 2026
Closed
@mattn
Copy link
Copy Markdown
Member Author

mattn commented Apr 18, 2026

Closing

@mattn mattn closed this Apr 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mattn @justinmk