Safety Valve Override

- Support 'allow.empty.filter', defaulting to 'yes', but if 'no' disallows the
  combination of a write command and an empty filter.  Ordinarily this is just
  a warning that requires confirmation (thanks to Lee Lieske).

AUTHORS

@@ -225,3 +225,4 @@ suggestions:
   Kevin Ballard
   Sitaram Chamarty
   lolilolicon
+  Lee Lieske

ChangeLog

@@ -166,6 +166,9 @@
   Richard Boß).
 - Fixed typo in 'newest' and 'oldest' report definitions (thanks to Richard Boß).
 - The 'diagnostics' command obeys color settings.
+- Support 'allow.empty.filter', defaulting to 'yes', but if 'no' disallows the
+  combination of a write command and an empty filter.  Ordinarily this is just a
+  warning that requires confirmation (thanks to Lee Lieske).
 
 ------ current release ---------------------------
 

NEWS

@@ -29,6 +29,8 @@ New configuration options in taskwarrior 2.4.0
   - The 'taskd.trust' setting is now a tri-state, supporting values 'strict',
     'ignore hostname' and 'allow all', for server certificate validation.
   - New themes: dark-default-16.theme, dark-gray-blue-256.theme
+  - The 'allow.empty.filter' setting can be set to 'no' to disallow the
+    potentially dangerous combination of write commands and empty filters.
 
 Newly deprecated features in taskwarrior 2.4.0
 

doc/man/taskrc.5.in

@@ -281,6 +281,13 @@ confirmation before deleting a task, performing bulk changes, or the undo
 command.  The default value is "yes".  Consider leaving this setting as "yes",
 for safety.
 
+.TP
+.B allow.empty.filter=yes
+An empty filter combined with a write command is potentially a way to modify
+all tasks by mistkae, and when this is detected, confirmation is required.
+Setting this to 'no' means that it is an error to use a write command with no
+filter.
+
 .TP
 .B indent.annotation=2
 Controls the number of spaces to indent annotations when shown beneath the

src/Config.cpp

@@ -81,6 +81,7 @@ std::string Config::_defaults =
   "#                                              # Comma-separated list.  May contain any subset of:\n"
   "#verbose=blank,header,footnote,label,new-id,new-uuid,affected,edit,special,project,sync,filter\n"
   "confirmation=yes                               # Confirmation on delete, big changes\n"
+  "allow.empty.filter=yes                         # An empty filter gets a warning and requires confirmation\n"
   "indent.annotation=2                            # Indent spaces for annotations\n"
   "indent.report=0                                # Indent spaces for whole report\n"
   "row.padding=0                                  # Left and right padding for each row of report\n"

src/Filter.cpp

@@ -259,6 +259,9 @@ void Filter::safety ()
     {
       if (context.parser.getFilterExpression () == "")
       {
+        if (! context.config.getBoolean ("allow.empty.filter"))
+          throw std::string (STRING_TASK_SAFETY_ALLOW);
+
         // If user is willing to be asked, this can be avoided.
         if (context.config.getBoolean ("confirmation") &&
             confirm (STRING_TASK_SAFETY_VALVE))

src/commands/CmdShow.cpp

@@ -69,6 +69,7 @@ int CmdShow::execute (std::string& output)
   std::string recognized =
     " abbreviation.minimum"
     " active.indicator"
+    " allow.empty.filter"
     " avoidlastcolumn"
     " bulk"
     " burndown.bias"

src/eng-USA.h

@@ -842,6 +842,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Priority values may be 'H', 'M' or 'L', not '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "This command has no filter, and will modify all tasks.  Are you sure?"
 #define STRING_TASK_SAFETY_FAIL      "Command prevented from running."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " in {1} at line {2}"

src/esp-ESP.h

@@ -854,6 +854,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Valores de prioridad pueden ser 'H', 'M' o 'L', no '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "Este comando no tiene filtro, y modificará todas las tareas. ¿Está seguro?"
 #define STRING_TASK_SAFETY_FAIL      "Se impidió la ejecución del comando."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " en {1} en la línea {2}"

src/fra-FRA.h

@@ -841,6 +841,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Priority values may be 'H', 'M' or 'L', not '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "This command has no filter, and will modify all tasks.  Are you sure?"
 #define STRING_TASK_SAFETY_FAIL      "Command prevented from running."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " in {1} at line {2}"

src/ita-ITA.h

@@ -842,6 +842,7 @@
 #define STRING_TASK_VALID_PRIORITY   "I valori di priorità possono essere 'H', 'M' o 'L', non '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "Questo comando non ha filtro, e modificherà tutti i task. Sicuro?"
 #define STRING_TASK_SAFETY_FAIL      "Prevenuta l'esecuzione del comando."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " in {1} alla linea {2}"

src/por-PRT.h

@@ -842,6 +842,7 @@
 #define STRING_TASK_VALID_PRIORITY   "Valores de prioridade podem ser 'A', 'M' ou 'B', não '{1}'."
 #define STRING_TASK_SAFETY_VALVE     "Este comando não possui um filtro e irá modificar todas as tarefas. Tem a certeza?"
 #define STRING_TASK_SAFETY_FAIL      "Execução do comando abortada."
+#define STRING_TASK_SAFETY_ALLOW     "You did not specify a filter, and with the 'allow.empty.filter' value, no action is taken."
 
 // TDB2
 #define STRING_TDB2_PARSE_ERROR      " em {1} na linha {2}"