]> git.ipfire.org Git - thirdparty/vim.git/log
thirdparty/vim.git
3 weeks agopatch 9.2.0713: completion: ruler not updated correctly when the popup menu is visible v9.2.0713
Hirohito Higashi [Tue, 23 Jun 2026 21:02:46 +0000 (21:02 +0000)] 
patch 9.2.0713: completion: ruler not updated correctly when the popup menu is visible

Problem:  While the insert-mode completion popup menu is visible, the
          ruler - and the ruler shown in a status line when 'laststatus'
          is set - shows the column where the completion started instead
          of the real cursor column. With a status line the ruler can
          also stay at the column from before the completion until the
          next key is pressed.
Solution: Position the popup menu at the completion start column without
          moving the cursor there, so the ruler keeps reflecting the
          real cursor column.  Also mark the status line for redraw
          before the menu is shown, so its ruler is updated for the real
          cursor column while the menu is visible.

closes: #20626

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0712: GTK4: dialogs not handling mnemonics correctly v9.2.0712
Foxe Chen [Tue, 23 Jun 2026 20:32:43 +0000 (20:32 +0000)] 
patch 9.2.0712: GTK4: dialogs not handling mnemonics correctly

Problem:  GTK4: dialogs not handling mnemonics correctly
Solution: Allow using mnemonics without alt key (Foxe Chen).

closes: #20618

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0711: leak in ins_compl_infercase_gettext() in error case v9.2.0711
Christian Brabandt [Tue, 23 Jun 2026 20:16:49 +0000 (20:16 +0000)] 
patch 9.2.0711: leak in ins_compl_infercase_gettext() in error case

Problem:  leak in ins_compl_infercase_gettext() in error case
          (Cheng)
Solution: free wca before returning.

closes: #20607

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0710: GTK4 GUI resize handling can be improved v9.2.0710
Foxe Chen [Tue, 23 Jun 2026 20:03:31 +0000 (20:03 +0000)] 
patch 9.2.0710: GTK4 GUI resize handling can be improved

Problem:  GTK4 GUI resize handling can be improved
Solution: Remove the resize debounce, set the draw area's size request
          in gui_mch_set_text_area_pos() via vim_form_move_resize()
          (Foxe Chen).

reverts: #20327
closes:  #20486

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0709: GTK4: a few minor issues v9.2.0709
Foxe Chen [Tue, 23 Jun 2026 19:51:54 +0000 (19:51 +0000)] 
patch 9.2.0709: GTK4: a few minor issues

Problem:  GTK4: a few minor issues
Solution: Update docs for 'mouseshape' option, remove unnecessary code,
          respect "v" flag in 'guioptions' (Foxe Chen)

closes: #20609

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0708: Leaks in do_autocmd in error case v9.2.0708
Christian Brabandt [Tue, 23 Jun 2026 19:44:48 +0000 (19:44 +0000)] 
patch 9.2.0708: Leaks in do_autocmd in error case

Problem:  Leak in do_autocmd in error case (Cheng)
Solution: goto err_exit in the error case and clean up, make the double
          ++once an actual error

closes: #20606

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoruntime(dnsmasq): add new keywords and order existing keywords alphabetically
Pooyan Khanjankhani [Tue, 23 Jun 2026 19:22:53 +0000 (19:22 +0000)] 
runtime(dnsmasq): add new keywords and order existing keywords alphabetically

closes: #20616

Signed-off-by: Pooyan Khanjankhani <pooyankhan@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoCI: Restore daily Coverity Scan
Christian Brabandt [Tue, 23 Jun 2026 17:49:27 +0000 (17:49 +0000)] 
CI: Restore daily Coverity Scan

I finally got a note that Coverity is online back again.

This partially reverts commit 0abffbff23adc4ae6e3c78af921a8c9a8cb6670f.
("CI: Remove Cirrus CI and Coverity Scan")

related: #20431

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0707: completion: popup misplaced when text before it is concealed v9.2.0707
Barrett Ruth [Mon, 22 Jun 2026 20:13:22 +0000 (20:13 +0000)] 
patch 9.2.0707: completion: popup misplaced when text before it is concealed

Problem:  When the cursor line has concealed text before the start of the
          completion, the insert-mode completion popup is drawn at the wrong
          screen column and the cursor no longer lines up with the completed
          text.
Solution: Record the concealed width before the cursor on its screen line in
          a new `win_T` field while `win_line()` draws it, subtract it in
          `pum_display()` to place the menu over the visible text, and redraw
          the cursor line so `win_line()` corrects the cursor too.

closes: #20539

Signed-off-by: Barrett Ruth <br@barrettruth.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoruntime(doc): document Solaris as supported OS
Christian Brabandt [Mon, 22 Jun 2026 20:05:58 +0000 (20:05 +0000)] 
runtime(doc): document Solaris as supported OS

related: #20567

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoruntime(dtrace): handle DTrace probe highlighting before action blocks
Vladimír Marek [Mon, 22 Jun 2026 19:55:32 +0000 (19:55 +0000)] 
runtime(dtrace): handle DTrace probe highlighting before action blocks

Recognize DTrace probe descriptions that are followed immediately by an
action block, such as:

    BEGIN{ trace(1); }
    syscall::open:entry{ trace(1); }

The fourth probe field now consumes the remaining non-whitespace text, and
the lookahead allows zero or more whitespace before the following token.

closes: #20560

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0706: tests: test_terminal3 may fail when $SHELL is zsh v9.2.0706
Christian Brabandt [Mon, 22 Jun 2026 19:45:05 +0000 (19:45 +0000)] 
patch 9.2.0706: tests: test_terminal3 may fail when $SHELL is zsh

Problem:  tests: test_terminal3 may fail when the shell ($SHELL) is zsh
          with a custom prompt, because the prompt wraps the terminal
          line and shifts the expected output.
Solution: Reset $HOME and $PS1 to sane defaults so the shell uses a
          minimal prompt, and adjust the expected window height.

closes: #20599

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoruntime(beancount): Add support for non-ASCII account names
依云 [Mon, 22 Jun 2026 19:43:17 +0000 (19:43 +0000)] 
runtime(beancount): Add support for non-ASCII account names

closes: #20597

Signed-off-by: 依云 <lilydjwg@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0705: :delete # silently fails to update "# and clobbers "0 v9.2.0705
Doug Kearns [Mon, 22 Jun 2026 19:36:59 +0000 (19:36 +0000)] 
patch 9.2.0705: :delete # silently fails to update "# and clobbers "0

Problem:  ':delete #' silently fails to update "# and clobbers "0.
Solution: Treat "# like "/, writable only with :let and setreg().

closes: #20592

Signed-off-by: Doug Kearns <dougkearns@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0704: GTK4: not handling mouse events v9.2.0704
Foxe Chen [Mon, 22 Jun 2026 19:30:28 +0000 (19:30 +0000)] 
patch 9.2.0704: GTK4: not handling mouse events

Problem:  GTK4: not handling mouse events
Solution: Emit mouse moved events and handle mouse dragging
          (Foxe Chen).

closes: #20545

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0703: session file does not store relative Vim9 autoload imports v9.2.0703
Miguel Barro [Mon, 22 Jun 2026 19:19:24 +0000 (19:19 +0000)] 
patch 9.2.0703: session file does not store relative Vim9 autoload imports

Problem:  mksession misses relative or absolute imports in the session,
          homonymous autoload scripts imported from different scripts
          cause errors (after v9.2.0579).
Solution: Correctly write scripts imported via :import autoload, skip any
          that are no longer readable, and comment out imports whose autoload
          prefix or file name tail would conflict with an earlier one
          (Miguel Barro).

fixes:  #12641
closes: #20564

Signed-off-by: Miguel Barro <miguel.barro@live.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0702: :windo and :tabdo create an extra window with 'winfixbuf' v9.2.0702
ShivaPriyanShanmuga [Mon, 22 Jun 2026 19:07:09 +0000 (19:07 +0000)] 
patch 9.2.0702: :windo and :tabdo create an extra window with 'winfixbuf'

Problem:  With 'winfixbuf' set in the current window, :windo and :tabdo
          create an extra split window, even though they only visit
          existing windows/tabpages and don't change the current
          window's buffer (Collin Kennedy)
Solution: Skip the 'winfixbuf' escape in ex_listdo() for :windo and
          :tabdo (ShivaPriyanShanmuga)

fixes:  #14301
closes: #20600

Signed-off-by: ShivaPriyanShanmuga <pshanmugashiva@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoruntime(fennel): Update Last Update header
Christian Brabandt [Mon, 22 Jun 2026 19:05:36 +0000 (19:05 +0000)] 
runtime(fennel): Update Last Update header

forgotten from commit 8513982a5ed5a84ba8e4e532505b07b4fa1efbdb

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoruntime(fennel): add more ";" comment leaders to 'comments'
yilisharcs [Mon, 22 Jun 2026 18:54:44 +0000 (18:54 +0000)] 
runtime(fennel): add more ";" comment leaders to 'comments'

closes: #20579

Signed-off-by: yilisharcs <yilisharcs@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0701: tests: test_terminal.vim does not wait for job to finish v9.2.0701
Vladimír Marek [Mon, 22 Jun 2026 18:04:06 +0000 (18:04 +0000)] 
patch 9.2.0701: tests: test_terminal.vim does not wait for job to finish

Problem:  tests: Test_terminal_eof_arg() and
          Test_terminal_duplicate_eof_arg() do not wait until the python
          job finishes
Solution: Wait for the job to be dead before checking its exit value
          (Vladimír Marek).

closes: #20571

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0700: configure: -lrt requirement for timer_create not detected v9.2.0700
Jessica Clarke [Mon, 22 Jun 2026 17:58:04 +0000 (17:58 +0000)] 
patch 9.2.0700: configure: -lrt requirement for timer_create not detected

Problem:  configure does not actually check whether -lrt is needed for
          timer_create(); the test only compiles instead of linking, so
          the requirement is missed when cross-compiling
Solution: Use AC_LINK_IFELSE instead of AC_COMPILE_IFELSE for the
          timer_create checks so the link actually decides whether -lrt
          is required (Jessica Clarke)

AC_COMPILE_IFELSE won't try to link, so if the function exists in the
system headers, we will always detect that -lrt is not needed, as the
code will compile regardless of linker flags. If not cross-compiling,
the following AC_RUN_IFELSE will end up trying to link, so if -lrt is
needed it will fail to link and we will interpret timer_create as not
working, rather than that we just need to link with -lrt. But when we
are cross-compiling we will skip the AC_RUN_IFELSE and assume that it
works, failing to link when we later build if -lrt is in fact needed.

closes: #20605

related: 2cf145b78b88 ("patch 9.1.0837: cross-compiling has some issues")
Signed-off-by: Jessica Clarke <jrtc27@jrtc27.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agonsis: Remove NSIS Installer Code
K.Takata [Sun, 21 Jun 2026 20:33:17 +0000 (20:33 +0000)] 
nsis: Remove NSIS Installer Code

Move the NSIS code to the vim/vim-win32-installer repository.
When we update the NSIS code, we sometimes need to update the
vim/vim-win32-installer scripts also. Managing them in the same repository
should be better for maintenance.

This PR should be merged after https://github.com/vim/vim-win32-installer/pull/457

closes: #20521

Signed-off-by: K.Takata <kentkt@csc.jp>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0699: [security]: possible code execution with python complete v9.2.0699
Christian Brabandt [Sun, 21 Jun 2026 19:50:56 +0000 (19:50 +0000)] 
patch 9.2.0699: [security]: possible code execution with python complete

Problem:  [security]: possible code execution with python complete
          (morningbread)
Solution: Use repr() to quote the doc strings correctly

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-ppj8-wqjf-6fp3

Supported by AI

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0698: [security]: Out-of-bounds write with soundfold() v9.2.0698
Christian Brabandt [Sun, 21 Jun 2026 19:20:03 +0000 (19:20 +0000)] 
patch 9.2.0698: [security]: Out-of-bounds write with soundfold()

Problem:  [security]: Out-of-bounds write with soundfold()
          (cipher-creator)
Solution: Add an abort condition to the for loop to validate the buffer
          size.

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-q8mh-6qm3-25g4

Supported by AI

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoruntime(xslt,xsd): speed up highlighting by optimizing lookbehinds in patterns
Dmytro Meleshko [Sun, 21 Jun 2026 18:47:22 +0000 (18:47 +0000)] 
runtime(xslt,xsd): speed up highlighting by optimizing lookbehinds in patterns

Move ownership to chrisbra/vim-xml-ftplugin

closes: #20436

Signed-off-by: Dmytro Meleshko <dmytro.meleshko@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0697: possible overflow when parsing CSI keys v9.2.0697
Christian Brabandt [Sun, 21 Jun 2026 18:24:30 +0000 (18:24 +0000)] 
patch 9.2.0697: possible overflow when parsing CSI keys

Problem:  possible overflow when parsing CSI keys (cipher-creator)
Solution: Reject key codes above U+10FFFF and enlarge the key buffer,
          guard the CSI argument accumulator against overflow

closes: #20556

Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0696: GTK4: A few issues with toolbar support v9.2.0696
Foxe Chen [Sun, 21 Jun 2026 18:19:58 +0000 (18:19 +0000)] 
patch 9.2.0696: GTK4: A few issues with toolbar support

Problem:  GTK4: A few issues with toolbar support
Solution: Fix segfault when removing toolbar icon; bring focus to drawarea when button in overflow
          menu is clicked (Foxe Chen)

closes: #20562

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agoAdd README.ja.txt and LICENSE.ja.txt
K.Takata [Sun, 21 Jun 2026 18:04:40 +0000 (18:04 +0000)] 
Add README.ja.txt and LICENSE.ja.txt

Imported from https://github.com/vim-jp/lang-ja/commit/1ddcee4e72ed526196096453c3b33ac633b100d5

closes: #20566

Signed-off-by: K.Takata <kentkt@csc.jp>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0695: Solaris: test_delete_temp_dir() fails because of missing flock v9.2.0695
Vladimír Marek [Sun, 21 Jun 2026 17:59:05 +0000 (17:59 +0000)] 
patch 9.2.0695: Solaris: test_delete_temp_dir() fails because of missing flock

Problem:  Solaris: test_delete_temp_dir() fails because of missing flock
Solution: Skip the test (Vladimír Marek)

Test_delete_temp_dir() assumes Vim can detect when its cached private temp
directory has been deleted, which depends on flock/dirfd support.  Solaris
does not provide flock(), so Vim keeps using the cached temp directory path
after the directory has been deleted.  Skip the test there.

closes: #20567

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0694: Solaris: some tests faiures due to Solaris peculiarities v9.2.0694
Vladimír Marek [Sun, 21 Jun 2026 17:54:12 +0000 (17:54 +0000)] 
patch 9.2.0694: Solaris: some tests faiures due to Solaris peculiarities

Problem:  Solaris: some tests faiures due to Solaris peculiarities
Solution: Fix test assumptions (Vladimír Marek)

Several Vim tests assume behavior that is not true for Solaris:

- Test_strptime() expects the artificial POSIX DST rule in TZ to be applied, but
  Solaris strptime() returns the UTC value for that test case.

- Test_gettext() checks ngettext() with a singular-only test catalog entry. GNU
  gettext reuses the singular translation for the Russian plural lookup, but
  Solaris gettext returns an empty string for that malformed catalog entry.

- Test_detect_fifo() reads bash process substitution through /dev/fd, which
  Solaris reports as character special rather than fifo.

- Test_termencoding_euc_jp() writes Xeuc_jp.txt as EUC-JP.  On Solaris, the
  latin1 fallback in 'fileencodings' can still be converted to euc-jp, causing
  Vim to read the file as latin1 instead of as the current euc-jp encoding.
  Read the generated EUC-JP file explicitly as EUC-JP on Solaris.

closes: #20568

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0693: tests: Test_suspend() may fail because of keyprotocol query v9.2.0693
Vladimír Marek [Sun, 21 Jun 2026 17:45:37 +0000 (17:45 +0000)] 
patch 9.2.0693: tests: Test_suspend() may fail because of keyprotocol query

Problem:  tests: Test_suspend() may fail because of keyprotocol query
Solution: Disable keyprotocol and unset t_RK very early so that the
          inner Vim does not query it (Vladimír Marek)

The nested Vim can send a keyprotocol query during startup.  If the terminal
response arrives at the wrong time, the nested Vim may not consume it and the
response can be written to the inner terminal, leaving characters such as 4;2m
after the shell prompt when the test later suspends Vim.

The previous command tried to avoid that with -c 'set keyprotocol=', but -c
commands are applied too late.  Use --cmd 'set t_RK= keyprotocol=' so the
inner Vim disables the query before startup can send it.

closes: #20570

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
3 weeks agopatch 9.2.0692: GTK2: build failure, popup images not drawn correctly v9.2.0692
Christoffer Aasted [Sun, 21 Jun 2026 17:40:30 +0000 (17:40 +0000)] 
patch 9.2.0692: GTK2: build failure, popup images not drawn correctly

Problem:  GTK2: build failure, popup images not drawn correctly
Solution: Add ifdefs for GTK2 support, redraw images on cursor movement
          (Christoffer Aasted)

fixes:  #20504
closes: #20565

Signed-off-by: Christoffer Aasted <dezzadk@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0691: Solaris: Test_terminal_composing_unicode() fails v9.2.0691
Vladimír Marek [Sun, 21 Jun 2026 15:04:10 +0000 (15:04 +0000)] 
patch 9.2.0691: Solaris: Test_terminal_composing_unicode() fails

Problem:  Solaris: Test_terminal_composing_unicode() fails, because
          readline echoes combining UTF-8 input as octal bytes.
Solution: Force C.UTF-8 locale for the terminal test
          (Vladimír Marek).

closes: #20572

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0690: Solaris: swap file names are too long v9.2.0690
Vladimír Marek [Sun, 21 Jun 2026 14:58:30 +0000 (14:58 +0000)] 
patch 9.2.0690: Solaris: swap file names are too long

Problem:  Solaris: dirent.h exposes MAXNAMLEN as 512, but the usable
          file name component limit is 255 (defined in param.h).  Vim
          derives BASENAMELEN for generated swap file names from
          MAXNAMLEN, so it creates overlong components and fails to
          rename the swap file with ENAMETOOLONG (Vladimír Marek).
Solution: Override MAXNAMLEN to the effective Solaris component limit
          of 255 for swap file name generation.

closes: #20573

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0689: the "%" command is slow on a long line with many slashes v9.2.0689
Hirohito Higashi [Sun, 21 Jun 2026 14:53:03 +0000 (14:53 +0000)] 
patch 9.2.0689: the "%" command is slow on a long line with many slashes

Problem:  The "%" command can be very slow on a long line that contains
          many slashes, for example a line of base64 data.
Solution: When looking for a line comment, scan the line only once while
          skipping over strings, instead of rescanning from the start for
          every slash.  Move check_linecomment() to cindent.c so it can
          reuse the file-local skip_string().

related: #20491
fixes:   #20557
closes:  #20575

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(cpp): add C++26 lexical constructs to syntax highlighting
Gareth Lloyd [Sun, 21 Jun 2026 14:44:35 +0000 (14:44 +0000)] 
runtime(cpp): add C++26 lexical constructs to syntax highlighting

Add a guarded "C++ 26 extensions" block (cpp_no_cpp26) covering new
lexical surface introduced since C++23:

- [[ ... ]] attributes as a region, so P3394 annotations carrying a
  value expression (eg [[=foo{1}]]) no longer trip cErrInBracket on
  their braces/parens. A \w\@1<! look-behind keeps it from matching a
  subscripted immediately-invoked lambda (arr[[]{...}()]).
- ^^ reflection operator (P2996).
- [: :] splice brackets (P2996).
- contract_assert keyword (P2900).

Add input/cpp_cpp26.cpp exercising these constructs with screendumps,
and update dumps/cpp_noreturn_00.dump for the new [[ ]] attribute
delimiter highlighting.

closes: #20577

Signed-off-by: Gareth Lloyd <gareth@ignition-web.co.uk>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoCI: Bump msys2/setup-msys2
dependabot[bot] [Sun, 21 Jun 2026 14:41:49 +0000 (14:41 +0000)] 
CI: Bump msys2/setup-msys2

Bumps the github-actions group with 1 update in the / directory: [msys2/setup-msys2](https://github.com/msys2/setup-msys2).

Updates `msys2/setup-msys2` from 2.31.1 to 2.32.0
- [Release notes](https://github.com/msys2/setup-msys2/releases)
- [Changelog](https://github.com/msys2/setup-msys2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/msys2/setup-msys2/compare/v2.31.1...v2.32.0)

---
updated-dependencies:
- dependency-name: msys2/setup-msys2
  dependency-version: 2.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

closes: #20578

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0688: Terminal-Normal mode does not show the Visual selection on a colored... v9.2.0688
Hirohito Higashi [Sun, 21 Jun 2026 14:09:31 +0000 (14:09 +0000)] 
patch 9.2.0688: Terminal-Normal mode does not show the Visual selection on a colored empty line

Problem:  In Terminal-Normal mode the Visual selection is not visible on
          the first cell of an empty line that was erased with a
          background color (CSI K after e.g. CSI 100m); a plain empty
          line shows it but a colored one does not.
Solution: Combine the Visual or search highlight onto the first cell on
          top of the explicitly set background color, the same way it
          shows with the default background.

closes: #20580

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agotranslation(ru): fix typo in Russian translation for the new tutor
RestorerZ [Sun, 21 Jun 2026 13:40:59 +0000 (13:40 +0000)] 
translation(ru): fix typo in Russian translation for the new tutor

related: #20450
closes:  #20581

Signed-off-by: RestorerZ <restorer@mail2k.ru>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0687: popup_image_composites_frames() has improper if block scope v9.2.0687
Yee Cheng Chin [Sun, 21 Jun 2026 13:35:06 +0000 (13:35 +0000)] 
patch 9.2.0687: popup_image_composites_frames() has improper if block scope

Problem:  popup_image_composites_frames() has improper if block scope
Solution: Add curly braces to properly scope the if block
          (Yee Cheng Chin).

If the ifdef conditions within the if block evaluates to false, then the
generated code will have the if block apply to the next statement
instead. Use a curly brace to properly scope the if block.

related: #20478
closes:  #20584

Signed-off-by: Yee Cheng Chin <ychin.git@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0686: style: strcmp usage is inconsistent v9.2.0686
Doug Kearns [Sun, 21 Jun 2026 13:31:40 +0000 (13:31 +0000)] 
patch 9.2.0686: style: strcmp usage is inconsistent

Problem:  style: strcmp usage is inconsistent.
Solution: Always explicitly test the return value, matching the dominant
          style.

closes: #19101

Signed-off-by: Doug Kearns <dougkearns@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0685: clipboard.c does not get the Wayland CFLAGS on GTK2 v9.2.0685
Christoffer Aasted [Sun, 21 Jun 2026 13:13:56 +0000 (13:13 +0000)] 
patch 9.2.0685: clipboard.c does not get the Wayland CFLAGS on GTK2

Problem:  clipboard.c relies on the GTK include flags from
          pkg-config to pull in the Wayland headers.  This is not
          guaranteed: GTK2 does not add them, and Wayland clipboard
          support is independent of the GUI.
Solution: Add $(WAYLAND_CFLAGS) and $(WAYLAND_CPPFLAGS) to the
          clipboard.c compile rule so it always compiles, consistent
          with the other Wayland files (Christoffer Aasted).

closes: #20576

Signed-off-by: Christoffer Aasted <dezzadk@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0684: :reg # does not display the value of the '#' register v9.2.0684
Doug Kearns [Sun, 21 Jun 2026 13:03:21 +0000 (13:03 +0000)] 
patch 9.2.0684: :reg # does not display the value of the '#' register

Problem:  ':registers #' does not display the value of the '#' register.
Solution: Filter the '#' :registers output on a '#' arg instead of '%'
          (Doug Kearns).

closes: #20589

Signed-off-by: Doug Kearns <dougkearns@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0683: filetype completion mishandles finished sub options v9.2.0683
glepnir [Sun, 21 Jun 2026 12:55:58 +0000 (12:55 +0000)] 
patch 9.2.0683: filetype completion mishandles finished sub options

Problem:  ":filetype plugin<Tab>" gives "pluginindent" because a
          sub option before the cursor is treated as already given.
Solution: only skip plugin and indent when followed by white space.
          (glepnir)

closes: #20594

Signed-off-by: glepnir <glephunter@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0682: Wrong dot-repeat when calling complete() while filtering completion v9.2.0682
zeertzjq [Sun, 21 Jun 2026 12:52:36 +0000 (12:52 +0000)] 
patch 9.2.0682: Wrong dot-repeat when calling complete() while filtering completion

Problem:  Wrong dot-repeat when calling complete() while filtering
          Ctrl-N completion.
Solution: Also check compl_started for whether completion is active.
          (zeertzjq)

related: neovim/neovim#40346
closes:  #20595

Signed-off-by: zeertzjq <zeertzjq@outlook.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(lua): Update ftplugin, fix matchit block comment pattern
Doug Kearns [Sun, 21 Jun 2026 12:47:20 +0000 (12:47 +0000)] 
runtime(lua): Update ftplugin, fix matchit block comment pattern

Include the unecessary but idiomatic leading '--' in the closing block
comment token.

E.g.,
--[[
 ...
--]]

closes: #20590

Signed-off-by: Doug Kearns <dougkearns@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0681: configure: -lruby added even for a dynamic ruby build v9.2.0681
Christian Brabandt [Sun, 21 Jun 2026 12:34:15 +0000 (12:34 +0000)] 
patch 9.2.0681: configure: -lruby added even for a dynamic ruby build

Problem:  configure: -lruby is added to the link flags even for a
          dynamic ruby build, creating a hard dependency on the Ruby
          library (Johannes Schindelin, after v9.2.0674).
Solution: For a dynamic build filter out -l flags from librubyarg.

related: #20558

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(doc): regenerate help tags
Christian Brabandt [Sat, 20 Jun 2026 16:45:50 +0000 (16:45 +0000)] 
runtime(doc): regenerate help tags

forgotten from b2cc9be119d51212bf0d3f2a994

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0680: keytrans() doesn't replace '|' and '\' v9.2.0680
zeertzjq [Sat, 20 Jun 2026 16:38:47 +0000 (16:38 +0000)] 
patch 9.2.0680: keytrans() doesn't replace '|' and '\'

Problem:  keytrans() doesn't replace '|' and '\' (user202729)
Solution: Replace '|' and '\' with "<Bar>" and "<Bslash>" respectively.
          (zeertzjq)

fixes:  #20585
closes: #20586

Signed-off-by: zeertzjq <zeertzjq@outlook.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(algol68): Update syntax, support size prefixes in denotations
Doug Kearns [Sat, 20 Jun 2026 16:35:14 +0000 (16:35 +0000)] 
runtime(algol68): Update syntax, support size prefixes in denotations

Explicitly match the LONG/SHORT size prefixes in integral, real and bits
denotations.

LONG/SHORT are matched as part of the denotation rather than as a mode.

closes: #20512

Signed-off-by: Doug Kearns <dougkearns@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0679: [security]: Out-of-bounds read with text property virtual text v9.2.0679
Hirohito Higashi [Sat, 20 Jun 2026 16:06:58 +0000 (16:06 +0000)] 
patch 9.2.0679: [security]: Out-of-bounds read with text property virtual text

Problem:  [security]: Out-of-bounds read with text property virtual text.
          A crafted undo file can declare a virtual-text property whose
          offset points outside the line's property data, so reading the
          virtual text reads out of bounds.  This completes the count-only
          check added in 9.2.0670.
Solution: Validate the virtual-text offset and length of each property
          against the available property data before turning the offset
          into a pointer.

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-ww8h-47xp-hp4w

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agotranslation(it): Update Italian translation
Antonio Giovanni Colombo [Sat, 20 Jun 2026 16:03:18 +0000 (16:03 +0000)] 
translation(it): Update Italian translation

Signed-off-by: Antonio Giovanni Colombo <azc100@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0678: [security]: potential powershell code execution in zip.vim v9.2.0678
Christian Brabandt [Sat, 20 Jun 2026 15:35:58 +0000 (15:35 +0000)] 
patch 9.2.0678: [security]: potential powershell code execution in zip.vim

Problem:  [security]: potential powershell code execution in zip.vim
          (DDugs)
Solution: Cleanup zip.vim, introduce PSEscape() to escape() potential powershell code,
          use consistent s:Escape() in the various PowerShell functions

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoccfilter: buffer overflow in ccfilter.c with crafted compiler output
Hirohito Higashi [Thu, 18 Jun 2026 20:12:48 +0000 (20:12 +0000)] 
ccfilter: buffer overflow in ccfilter.c with crafted compiler output

Problem:  ccfilter: can overflow fixed-size buffers (FileName, BasePath,
          Reason) when parsing crafted compiler output, because the
          sscanf() calls read "%[" fields without a width limit (DDugs)
Solution: Give every sscanf() "%[" conversion a width limit derived from
          the buffer size (Hirohito Higashi).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoOptimize vim.ico
K.Takata [Thu, 18 Jun 2026 20:04:44 +0000 (20:04 +0000)] 
Optimize vim.ico

Reduce the .ico file size by using https://github.com/k-takata/optico.

100,197 → 83,496 bytes.

closes: #20583

Signed-off-by: K.Takata <kentkt@csc.jp>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0677: Cannot clear the alternate file register # v9.2.0677
Christoffer Aasted [Thu, 18 Jun 2026 19:43:44 +0000 (19:43 +0000)] 
patch 9.2.0677: Cannot clear the alternate file register #

Problem:  Cannot clear the alternate file register #
Solution: Allow to clear it (Christoffer Aasted)

closes: #20537

Signed-off-by: Christoffer Aasted <dezzadk@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(luau): runtime support is incomplete
Lopy [Thu, 18 Jun 2026 19:36:32 +0000 (19:36 +0000)] 
runtime(luau): runtime support is incomplete

Problem:  runtime(luau): runtime support is incomplete.
Solution: Add Luau syntax, indent, filetype plugin and indent tests.

closes: #20544

Signed-off-by: Lopy <70210066+lopi-py@users.noreply.github.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0676: MS-Windows: cannot switch to a buffer with '%' in its name v9.2.0676
Hirohito Higashi [Thu, 18 Jun 2026 19:31:18 +0000 (19:31 +0000)] 
patch 9.2.0676: MS-Windows: cannot switch to a buffer with '%' in its name

Problem:  On MS-Windows it is not possible to switch to a buffer by name
          with ":b" (including via command-line completion) when the
          buffer name contains '%'.
Solution: Do not escape '%' and '#' for the ":buffer" command on
          MS-Windows.  Since ":buffer" has no EX_XFILE these are not
          expanded, and escaping them as "\%"/"\#" makes buffer name
          matching fail when '%'/'#' is in 'isfname' (the backslash is
          treated as a path separator).

fixes:  #20529
closes: #20548

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0675: tests: Test_cd_from_non_existing_dir() fails on Solaris v9.2.0675
Vladimír Marek [Thu, 18 Jun 2026 19:25:05 +0000 (19:25 +0000)] 
patch 9.2.0675: tests: Test_cd_from_non_existing_dir() fails on Solaris

Problem:  tests: Test_cd_from_non_existing_dir() fails on Solaris
Solution: Skip the test on Solaris (Vladimír Marek).

Test_cd_from_non_existing_dir() depends on deleting the current working
directory.  Solaris does not allow that, so skip the test there.

closes: #20563

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0674: configure: clears dynamic ruby linker flags v9.2.0674
Vladimír Marek [Thu, 18 Jun 2026 19:15:45 +0000 (19:15 +0000)] 
patch 9.2.0674: configure: clears dynamic ruby linker flags

Problem:  configure: clears dynamic ruby linker flags, after setting those
Solution: Make configure keep Ruby linker arguments when Ruby support is
          built with --enable-rubyinterp=dynamic.  The dynamic Ruby
          branch clears RUBY_LIBS before setting DYNAMIC_RUBY, so add librubyarg
          after that branch instead of before it (Vladimír Marek).

related: #17906
closes:  #20558

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(tar): fix lz4 extraction on non-Linux systems
Vladimír Marek [Thu, 18 Jun 2026 19:12:40 +0000 (19:12 +0000)] 
runtime(tar): fix lz4 extraction on non-Linux systems

Patch 9.2.0306 fixed malformed lz4 extraction commands by using "tar -I lz4"
on Linux and leaving non-Linux tar implementations to auto-detect lz4 input.
That still fails on systems where tar does not support either -I lz4 or
automatic lz4 decompression, such as Solaris /usr/bin/tar.

Keep the existing Linux path using GNU tar's "-I lz4" support.  For non-Linux
systems, use lz4 explicitly to decompress the archive to stdout and feed the
resulting tar stream to the configured tar extraction command.  This is the
same style tar.vim already used for lz4 archives before patch 9.2.0306.

Follow-up for #19925

closes: #20555

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0673: tests: Test_recover_corrupted_swap_file() cannot handle symlinks v9.2.0673
Vladimír Marek [Thu, 18 Jun 2026 19:02:56 +0000 (19:02 +0000)] 
patch 9.2.0673: tests: Test_recover_corrupted_swap_file() cannot handle symlinks

Problem:  tests: Test_recover_corrupted_swap_file() cannot handle
          symlinks
Solution: Use writefile(readblob()) instead (Vladimír Marek)

Test_recover_corrupted_swap_file1() copies prebuilt corrupt swap samples
before recovering them.  In an out-of-source-tree build those sample
files may be symlinks into the source tree.  filecopy() preserves
symlinks, so the copied target may remain a symlink.  Recovery opens
swap files with O_NOFOLLOW, so that copied symlink cannot be opened.
Read the sample as a blob and write it back so the recovery target is a
real swap file.

closes: #20561

Signed-off-by: Vladimír Marek <vlmarek13@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0672: corrupted text property causes internal error v9.2.0672
Hirohito Higashi [Thu, 18 Jun 2026 18:55:52 +0000 (18:55 +0000)] 
patch 9.2.0672: corrupted text property causes internal error

Problem:  Restoring a crafted/corrupted persistent-undo file and then
          inspecting the line (e.g. prop_list()) reports the bad text
          property data as an internal error.  On builds with
          ABORT_ON_INTERNAL_ERROR (the sanitizer CI job) this aborts the
          process even inside assert_fails(), so the test added in
          9.2.0670 fails deterministically.
Solution: The prop data only comes from an untrusted persistent-undo
          file, so detecting it is input validation, not an internal
          bug.  Report it with a normal error (emsg) instead of iemsg,
          matching how other corrupted persistent files are reported.
          The out-of-bounds read is still prevented.

closes: #20559

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0671: [security]: possible out-of-bounds read with sodium encrypted files v9.2.0671
Christian Brabandt [Thu, 18 Jun 2026 18:41:16 +0000 (18:41 +0000)] 
patch 9.2.0671: [security]: possible out-of-bounds read with sodium encrypted files

Problem:  [security]: possible out-of-bounds read with sodium encrypted
          files (cipher-creator)
Solution: Verify that there is enough space before calling
          crypto_secretstream_xchacha20poly1305_init_pull()

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486

Supported by AI

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0670: [security]: Out-of-bounds read with text properties v9.2.0670
Yasuhiro Matsumoto [Wed, 17 Jun 2026 21:06:59 +0000 (21:06 +0000)] 
patch 9.2.0670: [security]: Out-of-bounds read with text properties

Problem:  [security]: Out-of-bounds read with text properties
          (cipher-creator)
Solution: Add out-of-bound checks (Yasuhiro Matsumoto)

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw

Supported by AI

Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(doc): Regenerate help tags file
Christian Brabandt [Wed, 17 Jun 2026 20:14:25 +0000 (20:14 +0000)] 
runtime(doc): Regenerate help tags file

Forgotten from commit 4bc842b0ba8bace2555

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(doc): Tweak some documentation style
Hirohito Higashi [Wed, 17 Jun 2026 20:01:51 +0000 (20:01 +0000)] 
runtime(doc): Tweak some documentation style

closes: #20540

Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0669: GTK4: toolbar can be improved v9.2.0669
Foxe Chen [Wed, 17 Jun 2026 19:53:57 +0000 (19:53 +0000)] 
patch 9.2.0669: GTK4: toolbar can be improved

Problem:  GTK4: toolbar can be improved
Solution: Implement gui_mch_menu_set_tip(), make the UI respect the
          'toolbar' option (Foxe Chen).

closes: #20541

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0668: GTK4: minimum horizontal size is too small v9.2.0668
Foxe Chen [Wed, 17 Jun 2026 19:48:01 +0000 (19:48 +0000)] 
patch 9.2.0668: GTK4: minimum horizontal size is too small

Problem:  GTK4: minimum horizontal size is too small
Solution: Update minimum width of form widget to 20 columns for gtk4 gui
          (Foxe Chen).

closes: #20542

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0667: patch 9.2.0590 was wrong v9.2.0667
Foxe Chen [Wed, 17 Jun 2026 19:42:43 +0000 (19:42 +0000)] 
patch 9.2.0667: patch 9.2.0590 was wrong

Problem:  Patch 9.2.0590 was wrong
Solution: Revert it (Foxe Chen).

related: #20291
related: #20415
closes:  #20549

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0666: Terminal-Normal mode does not color empty lines with a background... v9.2.0666
Hirohito Higashi [Wed, 17 Jun 2026 19:37:28 +0000 (19:37 +0000)] 
patch 9.2.0666: Terminal-Normal mode does not color empty lines with a background color

Problem:  In Terminal-Normal mode an empty line that was erased with a
          background color (CSI K after e.g. CSI 100m) is shown without
          that color, although it is colored while the job is running.
Solution: Reset the empty line's background attribute only when the fill
          is the terminal's default color, so that a Visual selection
          still shows on a plain empty line, while an explicitly set
          background color is kept.

closes: #20547

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0665: GTK4: GTK critical error on exit printed v9.2.0665
Foxe Chen [Wed, 17 Jun 2026 19:28:30 +0000 (19:28 +0000)] 
patch 9.2.0665: GTK4: GTK critical error on exit printed

Problem:  GTK4: GTK critical error on exit printed
Solution: Only remove controller if it is not NULL
          (Foxe Chen).

closes: #20543

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0664: tests: Test_delete_temp_dir() fails on MacOS v9.2.0664
Christian Brabandt [Wed, 17 Jun 2026 19:01:56 +0000 (19:01 +0000)] 
patch 9.2.0664: tests: Test_delete_temp_dir() fails on MacOS

Problem:  tests: Test_delete_temp_dir() fails on MacOS
          (after v9.2.0661)
Solution: Skip the test on MacOS

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0663: [security]: runtime(netrw): code injection in local file deletion v9.2.0663
Yasuhiro Matsumoto [Tue, 16 Jun 2026 21:00:28 +0000 (21:00 +0000)] 
patch 9.2.0663: [security]: runtime(netrw): code injection in local file deletion

Problem:  [security]: s:NetrwLocalRmFile() escapes only the backslash in
          the file name before passing it to :execute, so a name
          containing "|" injects arbitrary Ex commands when the file is
          deleted (cipher-creator)
Solution: Use fnameescape() to correctly escape the file name
          (Yasuhiro Matsumoto).

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh

Supported by AI

Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0662: [security] Stack out-of-bounds write in dump_prefixes() v9.2.0662
Yasuhiro Matsumoto [Tue, 16 Jun 2026 20:32:21 +0000 (20:32 +0000)] 
patch 9.2.0662: [security] Stack out-of-bounds write in dump_prefixes()

Problem:  [security]: a crafted spell file with a self-referential
          BY_INDEX node in the prefix tree can drive dump_prefixes()
          past the end of its MAXWLEN-sized depth arrays on :spelldump
          (cipher-creator)
Solution: only descend while depth < MAXWLEN - 1, as the sibling trie
          walkers already do (Yasuhiro Matsumoto)

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h

Supported by AI

Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0661: unintended wipe of Vim's temp dir, causes errors v9.2.0661
Christian Brabandt [Tue, 16 Jun 2026 20:11:03 +0000 (20:11 +0000)] 
patch 9.2.0661: unintended wipe of Vim's temp dir, causes errors

Problem:  Unintended wipe of Vim's temp dir, causes errors and may also
          leak temporary data (David Leadbeater)
Solution: In vim_tempname() verify the temp directory still exists (via
          its open file descriptor) and re-create it if it was removed.

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0660: Dragging the scrollbar does not trigger WinScrolled v9.2.0660
Christoffer Aasted [Tue, 16 Jun 2026 19:44:56 +0000 (19:44 +0000)] 
patch 9.2.0660: Dragging the scrollbar does not trigger WinScrolled

Problem:  Dragging the scrollbar does not trigger WinScrolled
Solution: Refocus the GUI which triggers WinScrolled autocmd
          (Christoffer Aasted).

closes: #20517

Signed-off-by: Christoffer Aasted <dezzadk@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0659: GTK4: no balloon support in GUI v9.2.0659
Foxe Chen [Tue, 16 Jun 2026 19:35:48 +0000 (19:35 +0000)] 
patch 9.2.0659: GTK4: no balloon support in GUI

Problem:  GTK4: no balloon support in GUI
Solution: Implement balloon_eval() (Foxe Chen).

closes: #20527

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0658: xxd: signed integer overflow in huntype() v9.2.0658
Christian Brabandt [Tue, 16 Jun 2026 19:26:00 +0000 (19:26 +0000)] 
patch 9.2.0658: xxd: signed integer overflow in huntype()

Problem:  malformed revert input with an overlong address column causes
          signed integer overflow (UB) in huntype().
Solution: perform the offset/bit shifts through unsigned types

related: neovim/neovim#40246

Supported by AI

Co-Authored-by: Justin M. Keyes <justinkz@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0657: GTK4: missing menu when right-clicking in tabline v9.2.0657
Foxe Chen [Tue, 16 Jun 2026 19:19:33 +0000 (19:19 +0000)] 
patch 9.2.0657: GTK4: missing menu when right-clicking in tabline

Problem:  GTK4: missing menu when right-clicking in tabline
Solution: Add tabline menu for GTK4 GUI (similar to GTK4 GUI)
          (Foxe Chen).

closes: #20518

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0656: completion: using wrong tolower() in smartcase filtering v9.2.0656
glepnir [Tue, 16 Jun 2026 19:11:38 +0000 (19:11 +0000)] 
patch 9.2.0656: completion: using wrong tolower() in smartcase filtering

Problem:  ins_compl_equal_sc() uses MB_TOLOWER() on single bytes, but
          it indexes raw bytes, not decoded characters (after v9.1.0651).
Solution: Use TOLOWER_LOC(), matching what STRNICMP()/ins_compl_equal()
          does (glephunter).

closes: #20535

Signed-off-by: glepnir <glephunter@gmail.com>
Signed-off-by: zeertzjq <zeertzjq@outlook.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0655: GTK4: missing NULL checks in vim_form_measure() v9.2.0655
Foxe Chen [Tue, 16 Jun 2026 19:08:10 +0000 (19:08 +0000)] 
patch 9.2.0655: GTK4: missing NULL checks in vim_form_measure()

Problem:  GTK4: missing NULL checks in vim_form_measure()
Solution: Add NULL tests (Foxe Chen)

closes: #20536

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0654: GTK4: using uninitialised colors in gui_mch_init() v9.2.0654
Yasuhiro Matsumoto [Tue, 16 Jun 2026 19:00:26 +0000 (19:00 +0000)] 
patch 9.2.0654: GTK4: using uninitialised colors in gui_mch_init()

Problem:  GTK4: using uninitialised colors in gui_mch_init()
Solution: Use g_new0() instead of g_new() (Yasuhiro Matsumoto)

gui.fgcolor/bgcolor/spcolor were allocated with g_new(), leaving the
GdkRGBA fields uninitialised. On widget realize/map GTK runs
gui_mch_new_colors() -> surface_fill_bg() before gui_mch_set_bg_color()
assigns them, so cairo_set_source_rgba() branched on uninitialised
values (reported by valgrind). Use g_new0() to zero-initialise.

closes: #20538

Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0653: [security]: out-of-bounds write in tree_count_words() v9.2.0653
Christian Brabandt [Mon, 15 Jun 2026 19:39:08 +0000 (19:39 +0000)] 
patch 9.2.0653: [security]: out-of-bounds write in tree_count_words()

Problem:  [security]: a crafted spell file can drive tree_count_words()
          past the end of its MAXWLEN-sized depth arrays; the descent
          loop has no depth bound.
Solution: only descend while depth < MAXWLEN - 1, as the sibling trie
          walkers already do; apply the same guard to sug_filltree().

Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-wgh4-64f7-q3jq

Supported by AI.

Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agoruntime(erlang): Optimize operators and bitstring types
Csaba Hoch [Mon, 15 Jun 2026 18:59:22 +0000 (18:59 +0000)] 
runtime(erlang): Optimize operators and bitstring types

This commit makes processing the erlangOperator and erlangBitType syntax
items faster.

- erlangOperator changes:
  - Vim now parses erlangOperator faster because we define the operators
    individually.
  - The order of operators in erlangOperator had to be changed to make
    the edge cases work the same as before (for example
    erlangEqualsBinary).
- erlangBitType changes:
  - Vim now parses erlangBitType faster because:
    1. Now the long `\%(integer\|float\|...\)` sections are preceded by
       "beginning of word" patterns (`\<`).
    2. Now we use the old regexp engine (`\%#=1`).

Previously when an Erlang file contained long lines with erlangOperator
or erlangBitType patterns near the end, redrawing these lines was slow,
and typing at the end of the line was also slow.

For example, redrawing a 1787 characters long test line is now roughly
six times faster.

fixes:  #5593
closes: #20524

Signed-off-by: Csaba Hoch <csaba.hoch@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0652: popup: stale kitty image after clipwindow scrolls out of view v9.2.0652
Yasuhiro Matsumoto [Mon, 15 Jun 2026 18:54:08 +0000 (18:54 +0000)] 
patch 9.2.0652: popup: stale kitty image after clipwindow scrolls out of view

Problem:  a clipwindow popup containing an image leaves a stale image on
          the terminal after it scrolls out of view, with the kitty
          graphics protocol.
Solution: Delete the kitty placement and the GTK4 image and force a
          redraw before hiding, mirroring the textprop scroll-out path
          (Yasuhiro Matsumoto).

closes: #20525

Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0651: completion: 'smartcase' doesn't work with 'longest' v9.2.0651
glepnir [Mon, 15 Jun 2026 18:49:47 +0000 (18:49 +0000)] 
patch 9.2.0651: completion: 'smartcase' doesn't work with 'longest'

Problem:  With 'longest', 'smartcase' is ignored when filtering matches:
          "inp" offers only "InputEvent", and an uppercase pattern gives
          different results for CTRL-N and CTRL-P.
Solution: 'longest' rewrites the leader with the common prefix, picking
          up uppercase the user never typed.  Judge case from the typed
          text instead, and match the auto-inserted part of the leader
          case-insensitively so CTRL-N and CTRL-P give the same result.
          (glepnir)

related: neovim/neovim#40259
closes:  #20533

Signed-off-by: glepnir <glephunter@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
4 weeks agopatch 9.2.0650: Vim aborts at startup when built with the example -O2 CFLAGS v9.2.0650
Hirohito Higashi [Mon, 15 Jun 2026 18:20:15 +0000 (18:20 +0000)] 
patch 9.2.0650: Vim aborts at startup when built with the example -O2 CFLAGS

Problem:  Building with an optimizing example CFLAGS line in src/Makefile
          (which bypasses configure) aborts Vim at startup with a buffer
          overflow, because the compiler then defaults _FORTIFY_SOURCE to
          a level >= 2 (user202729)
Solution: Define FORTIFY_CFLAGS with -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1
          and reference it from the optimizing example CFLAGS lines, the
          same pin configure already applies; at higher levels the check
          false-positives on the "x[1] but actually longer" struct-hack
          arrays.

fixes:  #20526
closes: #20530

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0649: filetype: tf files sometimes incorrectly recognized v9.2.0649
Christian Brabandt [Sun, 14 Jun 2026 16:03:22 +0000 (16:03 +0000)] 
patch 9.2.0649: filetype: tf files sometimes incorrectly recognized

Problem:  filetype: tf files sometimes incorrectly recognized
          (Christian Robinson)
Solution: Add support for g;filetype_tf variable to override detection,
          re-write the filetype detection loop

closes: #20510

Supported by AI

Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0648: MS-Windows: Compile warnings v9.2.0648
Christian Brabandt [Sun, 14 Jun 2026 15:59:10 +0000 (15:59 +0000)] 
patch 9.2.0648: MS-Windows: Compile warnings

Problem:  MS-Windows: Compile warnings
Solution: Add type casts

fixes the following compile warnings:

ex_cmds.c(4934): warning C4267: '+=': conversion from 'size_t' to
'colnr_T', possible loss of data
ex_cmds.c(4868): warning C4267: 'initializing': conversion from 'size_t'
to 'int', possible loss of data

closes: #20511

Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0647: matchfuzzypos() false exact match for long equal-length candidates v9.2.0647
glepnir [Sun, 14 Jun 2026 15:53:39 +0000 (15:53 +0000)] 
patch 9.2.0647: matchfuzzypos() false exact match for long equal-length candidates

Problem:  When a candidate gets truncated to MATCH_MAX_LEN and ends up
          the same length as the needle, the n == m shortcut would
          return SCORE_MAX with positions 0..n-1, even if the strings
          actually differ.
Solution: Only use the shortcut if the truncated strings are truly equal.
          Otherwise, fall back to regular matching.

Example:
echo matchfuzzypos(['x' .. repeat('a',1024)], repeat('a',1024))

closes: #20475

Signed-off-by: glepnir <glephunter@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0646: GTK3 GUI slow on HiDPI/4K with software rendering v9.2.0646
Christoffer Aasted [Sun, 14 Jun 2026 15:46:12 +0000 (15:46 +0000)] 
patch 9.2.0646: GTK3 GUI slow on HiDPI/4K with software rendering

Problem:  GTK3 GUI slow on HiDPI/4K with software rendering
Solution: Turn off Alpha rendering processing (Christoffer Aasted)

Reduces the processing load significantly, since it contains no alpha
channel.

https://www.cairographics.org/manual/cairo-cairo-surface-t.html#CAIRO-CONTENT-COLOR-ALPHA:CAPS

Tested on aarch64 with a rpi5 and 4k/hidpi integer scaling.

Slowest gvim I have encountered yet.

Slow symptoms;
* Startup
* Scrolling
* Drawing text
* Loading new buffers

related: #18002
closes:  #20513

Signed-off-by: Christoffer Aasted <dezzadk@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0645: Composing chars no longer accepted in end-id abbr v9.2.0645
zeertzjq [Sun, 14 Jun 2026 15:39:26 +0000 (15:39 +0000)] 
patch 9.2.0645: Composing chars no longer accepted in end-id abbr

Problem:  Composing chars are no longer accepted in end-id abbreviation
          (after 9.2.0629).
Solution: Unescape all chars using vim_unescape_csi() instead of using
          mb_unescape() on individual chars, so that mb_ptr2len() and
          MB_PTR_ADV() can still be used.

closes: #20514

Signed-off-by: zeertzjq <zeertzjq@outlook.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0644: popup image: duplicate sync-output code v9.2.0644
Foxe Chen [Sun, 14 Jun 2026 15:35:04 +0000 (15:35 +0000)] 
patch 9.2.0644: popup image: duplicate sync-output code

Problem:  popup image: duplicate sync-output code
Solution: Remove duplicate code and re-use existing
          term_set_sync_output() function (Foxe Chen).

closes: #20515

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0643: Missing Image ifdefs v9.2.0643
Foxe Chen [Sun, 14 Jun 2026 15:24:44 +0000 (15:24 +0000)] 
patch 9.2.0643: Missing Image ifdefs

Problem:  Missing Image ifdefs
Solution: Add missing FEAT_IMAGE_GDK ifdefs (Foxe Chen).

closes: #20516

Signed-off-by: Foxe Chen <chen.foxe@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agoeditorconfig: don't change spaces to tabs in git commit message
zeertzjq [Sun, 14 Jun 2026 15:05:50 +0000 (15:05 +0000)] 
editorconfig: don't change spaces to tabs in git commit message

The text after "Problem:" and "Solution:" are aligned using spaces.

closes: #20519

Signed-off-by: zeertzjq <zeertzjq@outlook.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0642: statusline: buffer overflow with item groups v9.2.0642
Sébastien Hoffmann [Sun, 14 Jun 2026 14:50:14 +0000 (14:50 +0000)] 
patch 9.2.0642: statusline: buffer overflow with item groups

Problem:  statusline: buffer overflow with item groups
Solution: Fix the issues (see below) (Sébastien Hoffmann)

Fix various buffer overflow bugs (examples assume MAXPATHL==4096):
- truncated item groups where minwid>maxwid:
    vim --clean +"set ls=2 stl=%<%{%repeat('x',4096-11)%}%50.5(12🙂345%)"
  leads to fillchars spilling over the end of the group/buffer while trying to
  compensate for truncating at a multicell character because minwid<=maxwid is assumed
- left-aligned item groups with multi-byte fillchar:
    vim --clean +"set ls=2 fillchars+=stl:∙ stl=%<%{%repeat('x',4096-3)%}%-2(X%)"
  wrongly leads to padding at the end of the statusline and `p-out==4097`
  because the bounds check assumes a 1-byte fillchar
- right-aligned item groups with 1-byte fillchar:
    vim --clean +"set ls=2 stl=%<%{%repeat('x',4096-4)%}%4(XY%)"
  leads to "YX" instead of "XY" at the end of the statusline
  because `memmove` is done before adjusting the offset
- right-aligned item groups with multi-byte fillchar:
    vim --clean +"set ls=2 fillchars+=stl:∙ stl=%5(X%)"
  leads to "∙∙∙∙<e2>", i.e. the fillchar is being written over the group contents
  and eventually being overwritten itself at the second byte with the final NUL,
  because the padding counter assumes a 1-byte fillchar; to crash vim,
    vim --clean +"set ls=2 fillchars+=stl:∙ stl=%<%{%repeat('x',4096-149)%}%50(X%)"

related: neovim/neovim#40219
closes:  #20522

Signed-off-by: Sébastien Hoffmann <contact@shoffmann.dev>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0641: GTK4: crash in gui_mch_menu_hidden() v9.2.0641
Yasuhiro Matsumoto [Sun, 14 Jun 2026 14:44:48 +0000 (14:44 +0000)] 
patch 9.2.0641: GTK4: crash in gui_mch_menu_hidden()

Problem:  GTK4: crash in gui_mch_menu_hidden()
Solution: Skip the sentinel like gui_mch_menu_grey() does
          (Yasuhiro Matsumoto).

Menu items use the (GtkWidget *)1 sentinel as their id, but
gui_mch_menu_hidden() only skipped NULL ids and passed the sentinel
to gtk_widget_get_visible(), causing a SEGV.

closes: #20523

Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0640: the "%" command jumps to parens and braces inside comments v9.2.0640
Hirohito Higashi [Sat, 13 Jun 2026 19:39:54 +0000 (19:39 +0000)] 
patch 9.2.0640: the "%" command jumps to parens and braces inside comments

Problem:  The "%" command jumps to parens and braces inside comments,
          unlike the "=" operator (cindent), which ignores them.
Solution: When 'comments' defines C-style comments and "%" is not in
          'cpoptions', skip matching parens inside such comments, except
          when the cursor is inside a comment so a match there can still
          be found.

fixes:   #20329
related: #20111
closes:  #20491

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
5 weeks agopatch 9.2.0639: gq with 'formatprg' fails on an empty buffer v9.2.0639
glepnir [Sat, 13 Jun 2026 19:32:44 +0000 (19:32 +0000)] 
patch 9.2.0639: gq with 'formatprg' fails on an empty buffer

Problem:  gq (and other filters) on an empty buffer fail with
          "E20: Mark not set": when the filter produces no output,
          do_filter() still subtracts the line count from '[ and '],
          pushing '] to line 0.
Solution: when the filter produces no output, put '[ and '] on a valid
          line instead of subtracting past line 1 (glepnir).

related: neovim/neovim#30593
closes:  #19061

Signed-off-by: glepnir <glephunter@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>