Problem: The security patch 9.2.0561 added a vim.eval() call inside
Completer.evalsource() to honor g:pythoncomplete_allow_import.
But the 'vim' module is only imported inside the outer
vimcomplete() / vimpy3complete() function, not at the script's
top level, so referring to it from a Completer method raises
NameError. The surrounding bare 'except' silently swallows
the error and leaves allow_imports at 0, meaning the opt-in
never takes effect -- 'import os' (and any other
buffer-level import) is always skipped, no candidates are
produced for 'os.<...>' and
Test_popup_and_preview_autocommand() fails on the Windows
CI matrix (Linux skips the test because Python 2 is absent).
Solution: Re-import 'vim' at the top of evalsource() in both
pythoncomplete.vim and python3complete.vim so the eval reads
the global, and set g:pythoncomplete_allow_import = 1 in the
test (it is the opt-in intended for callers that trust the
buffer contents) (thinca).
closes: #20386
Signed-off-by: thinca <thinca@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
thinca
Christian Brabandt
Mao-Yining
Bram Moolenaar