Feature Request: Flag or option to disable variable preview added in Issue #161

[gepandz]

What do you want?

A flag or option to be able to disable the variable preview added in #161 either by name, glob, or for all variables. Ideally, autocomplete would still display the variable names, but would not display the contents on screen.

Why do you want this?

I frequently screenshare with my team, and displaying the contents of environment variables -- especially sensitive variables like those used to store passwords or keys -- can lead to data leaks and reduce the security of my systems. As it is, unless I can figure out how to disable this behavior, I just have to avoid using autocomplete entirely while sharing my screen.

Who else would benefit from this?

Anyone who uses environment variables for sensitive information in a business or collaborative environment where their shell might be visible to others, especially those who work on https://12factor.net apps that encourage storing information in environment variables, rather than including them as parameters to scripts, reading from files, or prompting for input.

How should it work?

Given the following situation:

• I am sharing my whole screen or terminal over Zoom, Teams, Slack, Discord, or other collaboration tool

When I perform the following steps:

1. Type echo $<start of my variable name> and see the current VARIABLE_NAME--value preview below the prompt
2. Hit a bindkey key, run a command, or set a value (depending on how you implement this) to "disable value preview"
3. Type echo $<start of my variable name> and see only the VARIABLE_NAME appear below the prompt
4. Stop sharing and hit the key, reset the variable, etc., and type echo $<start of my variable name> to see the VARIABLE_NAME--value preview below the prompt, again

Then I expect the following to happen:

• The environment variable preview that currently appears will have two forms, one with the value of the variable visible and one with only the name visible

I think it's a neat feature, but I have to be extremely careful when I use it, since it could allow others to snag my credentials, which is a serious security issue. When I'm not sharing my screen, though, it's quite handy! Being able to switch the display of the value of the variable on and off would really help, since I could get autocomplete help for a variable without exposing sensitive info when I'm sharing and get the more verbose output when I'm not at risk of disclosing sensitive information.

It's also possible that this is currently doable, and I'm just not seeing it. :sweat_smile: Thanks!