patch 9.2.0529: GTK4: clipboard returns empty after a foreign app takes the selection
Problem: GTK4: clipboard read returns empty after a foreign app takes
the selection (lilydjwg, after v9.2.0501)
Solution: Skip the set_content call unless gdk_clipboard_is_local()
still says we own the clipboard (Yasuhiro Matsumoto).
clipboard_changed_cb calls clip_lose_selection() which cascades into
clip_mch_lose_selection(), and that unconditionally called
gdk_clipboard_set_content(clipboard, NULL). When the signal fires
because *another* app took the selection, this re-claims ownership
with NULL content, so the next gdk_clipboard_read_text_async() returns
empty and the user sees "Nothing in register *".
fixes: #20256
closes: #20261
Co-Authored-by: Claude <noreply@anthropic.com> Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0524: spell: buffer overflow with many affix or compound flags
Problem: spell: a word in a .dic file with many postponed prefix or
compound flags overflows the fixed-size store_afflist[MAXWLEN]
buffer in get_pfxlist() and get_compflags().
Solution: Add bounds checks (Yasuhiro Matsumoto).
closes: #20286
Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0523: tests: no test for using shellescape() in combination with :!
Problem: tests: no test for using shellescape() in combination with :!
Solution: Add a test that checks runtime files for using wrong
combination of shellescape() with ! ex command
This has lead to a few security relevant issues, so add a test that
checks all runtime files for any ! followed by a shellescape() that does
not use the {special} arg.
John Marriott [Sat, 23 May 2026 19:00:12 +0000 (19:00 +0000)]
patch 9.2.0522: event_nr2name() in autocmd.c can be improved
Problem: event_nr2name() in autocmd.c can be improved
Solution: Refactor it so that event_nr2name() returns a string_T type
(John Marriott).
Additionally:
- change the define to an enum.
- in function auto_next_pat(), move some variables closer to where they
are used; rename s to fmt along the way.
closes: #20272
Signed-off-by: John Marriott <basilisk@internode.on.net> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0521: GTK4: cannot resize shell after the window is shown
Problem: GTK4: cannot resize shell after the window is shown
(Maxim Kim, after v9.2.0501)
Solution: Always apply the requested size with
gtk_window_set_default_size(), regardless of realized state
(Yasuhiro Matsumoto).
fixes: #20264
closes: #20269
Co-Authored-by: Claude <noreply@anthropic.com> Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Shad [Sat, 23 May 2026 18:43:09 +0000 (18:43 +0000)]
patch 9.2.0520: Reversed text opacity in popup when termguicolor is set
Problem: When termguicolor is set, popup opacity seems reversed
for the underlying text: when opacity go from 1 to 99,
the greater opacity is, the more underlying text is readable.
Solution: Invert popup_color and base_fg when calling blend_colors
(Shad).
fixes: #20283
closes: #20284
Signed-off-by: Shad <shadow.walker@free.fr> Signed-off-by: Christian Brabandt <cb@256bit.org>
Foxe Chen [Sat, 23 May 2026 18:35:07 +0000 (18:35 +0000)]
patch 9.2.0519: GTK4: GUI tabline is not displayed correctly
Problem: GTK4: GUI tabline is not displayed correctly, and double
increments the index in the for() loop
Solution: Drop the additional increment (Foxe Chen)
patch 9.2.0518: GTK4: input method cannot compose text
Problem: GTK4: input method cannot compose text
(lilydjwg, after v9.2.0501)
Solution: Render the over-the-spot preedit with a GtkPopover instead of
a separate toplevel, so the compositor keeps
keyboard focus on the drawing area and does not disable
text-input-v3; attach the key controller to gui.drawarea and
filter key events manually with gtk_im_context_filter_keypress()
(Yasuhiro Matsumoto)
fixes: #20257
closes: #20266
Co-Authored-by: lilydjwg <lilydjwg@gmail.com> Co-authored-by: Claude <noreply@anthropic.com> Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0517: quickfix: can set quickfixtextfunc in restricted/sandbox mode
Problem: quickfix: can set quickfixtextfunc in restricted/sandbox mode
(tacdm)
Solution: Disallow setting the quickfixtextfunc option from a sandbox
and restricted mode (Yegappan Lakshmanan).
closes: #20305
Co-Authored-by: tacdm Signed-off-by: Yegappan Lakshmanan <yegappan@yahoo.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Foxe Chen [Sat, 23 May 2026 15:55:28 +0000 (15:55 +0000)]
patch 9.2.0516: socketserver: spurious error when servername is taken
Problem: socketserver: when searching for a free socket path,
socketserver_get_path() emits an error for each name that is
already in use (after v9.2.0512).
Solution: Add an "ignore" argument to socketserver_get_path() to
suppress the error (Foxe Chen).
Signed-off-by: Foxe Chen <chen.foxe@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org> Signed-off-by: Foxe Chen <chen.foxe@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0513: [security]: memory safety issues in spellfile.c
Problem: [security]: memory safety issues in spellfile.c
(tacdm)
Solution: Add recursion limit to read_tree_node(), add length limit
check in tree_count_words(), use alloc_clear() in
spell_read_tree().
Foxe Chen [Fri, 22 May 2026 18:30:52 +0000 (18:30 +0000)]
patch 9.2.0512: clientserver uses binary protocol
Problem: clientserver feature uses binary protocol and is hard
to understand
Solution: Rewrite the code based on channels and JSON messages
(Foxe Chen).
closes: #19782
Signed-off-by: Foxe Chen <chen.foxe@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0511: configure: when GTK4 is used also links in X11 libs
Problem: configure: when GTK4 is used also links in X11 libs
(Reilly Brogan)
Solution: Disable linking against X11 libraries when GTK4 GUI is to be
used (Yasuhiro Matsumoto)
GTK4 does not use any X11 APIs directly; the X11 backend is loaded by
GTK4 at runtime. Force with_x=no when --enable-gui=gtk4 so configure
does not probe for libICE/libSM/libX11/libXt/libXdmcp/libXpm, and so
packagers do not pull those into build dependencies. Also skip the
XSMP X11/SM/SMlib.h header check when X11 is disabled, since USE_XSMP
itself requires HAVE_X11.
fixes: #20268
closes: #20289
Co-authored-by: Claude <noreply@anthropic.com> Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
glepnir [Fri, 22 May 2026 17:59:23 +0000 (17:59 +0000)]
patch 9.2.0510: setline() mapping may trigger autoindent
Problem: setline() insert mode mapping may trigger autoindent,
corrupting the newly inserted line content (Evgeni Chasnovski)
Solution: Only strip autoindent whitespace when the rest of the line is
all whitespace (glepnir).
fixes: #19363
closes: #20290
Signed-off-by: glepnir <glephunter@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0508: completion: cannot complete user cmd :K with 'ignorecase'
Problem: completion: cannot complete user cmd :K with 'ignorecase'
(rendcrx)
Solution: Skip the short-circuit when 'ignorecase' is set
(Yasuhiro Matsumoto)
The set_cmd_index() short-circuit for the :k command treats ":k<X>" as
":k {X}" (mark argument), which makes ":kz<Tab>" never reach the
command-name expansion path. With 'ignorecase' the same prefix on other
letters (":gz<Tab>") completes a user command like :Gz, so the result is
inconsistent. Skip the short-circuit when 'ignorecase' is set; default
behaviour is preserved so the existing :k tests still pass.
Hirohito Higashi [Thu, 21 May 2026 19:45:59 +0000 (19:45 +0000)]
patch 9.2.0507: Vim9 class: public/protected member name clash uses same error
Problem: When a public member and a protected member in a Vim9
class have the same name (differing only in the leading '_'),
Vim reports E1369 "Duplicate variable", which is also used for
plain duplicate definitions. Users cannot tell from the
message whether the conflict is the public/protected naming
rule or a real duplicate.
Solution: Add a dedicated error E1406 "Public and protected member
have the same name" and emit it only when the name clash is
between a public and a protected member. Keep E1369 for
genuine duplicate variable definitions (Hirohito Higashi).
fixes: #20240
closes: #20277
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Hirohito Higashi [Thu, 21 May 2026 19:03:50 +0000 (19:03 +0000)]
runtime(doc): fix help tags for removed/reused error codes
Problem: Several error codes (E614, E1319, E1321, E1323, E1400, E1401,
E1402, E1406) were removed from errors.h in v9.1.0600 but
their *Ennn* tags remained in the help files, so :help Ennn
jumps to obsolete locations. E1395 was later reused with a
new meaning ("Using a null class") in v9.1.1119, but its tag
is still placed in the type-alias section.
Solution: Remove the stale *Ennn* tags from the help files. Move
*E1395* to the vim9.txt null-values section to match its
current meaning. Also fix the indentation of *E1411*.
Regenerate runtime/doc/tags.
closes: #20279
Signed-off-by: Hirohito Higashi <h.east.727@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
John Marriott [Wed, 20 May 2026 18:38:55 +0000 (18:38 +0000)]
patch 9.2.0506: home_replace() function can be improved
Problem: home_replace() function can be improved
Solution: Refactor home_replace() to return the length of the string
(John Marriott).
In addition:
- in function set_b0_fname() move ulen into the block where it is used.
- In function findswapname() rework logic around displaying "swap file
already exists" dialogue so that literal message text is set once.
closes: #20249
Signed-off-by: John Marriott <basilisk@internode.on.net> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0505: GTK4: text looks blurry on HiDPI displays
Problem: GTK4: text looks blurry on HiDPI displays
(Foxe Chen, after v9.2.0501)
Solution: Allocate the cairo surface at physical resolution and set the
device scale, recreate it on scale-factor changes
(Yasuhiro Matsumoto).
The backing cairo image surface was created at logical pixel size, so
GTK4 upscaled it when blitting to the physical framebuffer. Allocate
the surface at width*scale x height*scale and apply
cairo_surface_set_device_scale() so drawing code keeps using logical
coordinates while the surface itself has full physical resolution.
Also recreate the surface on notify::scale-factor when the window
moves between monitors with different scales.
fixes: #20252
closes: #20258
Co-authored-by: Claude <noreply@anthropic.com> Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0504: configure: requires X11 libraries for GTK4 build
Problem: configure: requires X11 libraries for GTK4 build
(after v9.2.0501)
Solution: Allow to build GTK4 even when no X11 libraries are present
(Yasuhiro Matsumoto)
GTK4 does not use X11 APIs directly; the X11 backend is loaded by
GTK4 at runtime. Skip the X11 dependency enforcement when the user
explicitly passes --enable-gui=gtk4 so the build can succeed on
systems without X11 development headers.
closes: #20265
Co-authored-by: Claude <noreply@anthropic.com> Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0503: Makefile: Missing dependencies for new GTK4 source files
Problem: Makefile: Missing dependencies for new GTK4 source files
(Reilly Brogan, after v9.2.0501)
Solution: Re-run make depend, clean the result up and include the
missing dependencies for the GTK4 source files
J. Paulo Seibt [Tue, 19 May 2026 18:51:14 +0000 (18:51 +0000)]
patch 9.2.0502: runtime(netrw): bookmark handling can be improved
Problem: To goto or delete a bookmark, one needs to prefix a count
for the bookmark number (e.g., "2gb" to open bookmark#2).
As the bookmark list gets or deletes entries, the numbers
keep changing, requiring listing the bookmarks with qb to
discover the desired bookmark number. Typing gb or mB
without a count targets g:netrw_bookmarklist[-1].
Solution: If no count is given to gb or mB, list all bookmarks and
prompt for a number using inputlist(), similar to tag jump
with g].
closes: #20211
Signed-off-by: J. Paulo Seibt <jpseibt@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0501: GTK4: there is no GTK4 UI available
Problem: GTK4: there is no GTK4 UI available
Solution: Implement GTK4 UI (Yasuhiro Matsumoto).
To enable, use the --enable-gui=gtk4 configure switch. Configure
currently favors GTK3 over GTK4 if no explicit --enable-gui switch has
been given and both libraries are present
closes: #19815
Co-authored-by: Claude <noreply@anthropic.com> Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
tecis [Mon, 18 May 2026 21:46:24 +0000 (21:46 +0000)]
runtime(htmldjango): Remove unnecessary code.
I submitted the PR #20232 to resolve an undesired behavior in with the
highlighter inheriting from "django.vim" and "html.vim". After
further testing I noticed the re-declaration of `djangoOperators` in
"htmldjango" is not necessary, and my conclusions where a mistake from a
not-clean test environment.
This PR reverses the effect of the commit #f03155a.
related: #20232
closes: #20248
Signed-off-by: tecis <67809811+tecis@users.noreply.github.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
K.Takata [Mon, 18 May 2026 21:19:27 +0000 (21:19 +0000)]
CI: Stop using AppVeyor
We started the Windows CI with AppVeyor (v7.4.872), but nowadays, GitHub Actions
supports Windows, and the performance is better than AppVeyor.
Especially, AppVeyor doesn't allow running multiple jobs in parallel.
Before 9.0.0529, we used VC 2010 on AppVeyor to ensure that C99 syntax
was not used.
Now we use some C99 syntax. Also, MSVC's C99 support level remains
almost the same since VS 2015. So, using VS 2015 isn't very useful.
closes: #20251
Signed-off-by: K.Takata <kentkt@csc.jp> Signed-off-by: Christian Brabandt <cb@256bit.org>
truffle [Mon, 18 May 2026 20:46:24 +0000 (20:46 +0000)]
patch 9.2.0500: filetype: some html files wrongly recognized as htmlangular
Problem: filetype: some html files are wrongly recognized as htmlangular
Solution: Use the \< atom to anchor ng-template and ng-content to start
of word (truffle)
Prevent false-positive htmlangular detection on words containing
'ng-template' or 'ng-content' as a substring (e.g. 'song-template',
'sing-content'). Anchor both branches with \< to require a word start,
matching the \<DTD\s\+XHTML\s idiom used five lines below.
related: neovim/neovim#39778.
closes: #20246
Signed-off-by: truffle <truffleagent@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
tecis [Mon, 18 May 2026 20:40:37 +0000 (20:40 +0000)]
runtime(doc): INSTALL: "libwayland-dev" is required on Ubuntu for Wayland clipboard support
In GNU/Linux distros without X11 and only depending on the Wayland
Composer as a display server I could not find official documentation on
how to compile VIM with clipbloard support.
> This will become more relevant as common distros ship with Wayland
only environments. (sources & articles bellow)
Sources.
- [Gnome Blog: X11 Session Removal FAQ.](https://blogs.gnome.org/alatiera/2025/06/23/x11-session-removal-faq/)
- [KDE Blog: Going all-in on a Wayland future 2025-11-26.](https://blogs.kde.org/2025/11/26/going-all-in-on-a-wayland-future/)
- [Gnome Blog: An update on the X11 GNOME Session Removal 2025-06-08.](https://blogs.gnome.org/alatiera/2025/06/08/the-x11-session-removal/)
Articles.
- [It’s Foss: No More Xorg! Fedora 43 Will Be Wayland-only 2025-05-21](https://itsfoss.com/news/fedora-43-wayland-only/)
- [Desde Linux: The depreciation of X11 in Fedora continues and in Fedora 41 the Gnome session in X11 will disappear.](https://blog.desdelinux.net/en/The-depreciation-of-x11-in-fedora-continues-and-in-fedora-41-the-gnome-session-in-x11-will-disappear/)
- [How-To-Geek: The writing is on the wall for X11 on Linux, here's what is replacing it 2025-12-29.](https://www.howtogeek.com/x11-is-going-away-on-linux-heres-how-to-prepare/).
- [Dev.To: GNOME 50 Removes X11: What It Means for Linux Users 2026-03-16.](https://dev.to/the_nazar/gnome-50-removes-x11-what-it-means-for-linux-users-1ike)
- [LinuxSecurity.com: GNOME 50: Wayland-Only Brings Enhanced Security and Isolation](https://linuxsecurity.com/news/desktop-security/gnome-50-wayland-linux-security)
- [XDA Developers: KDE is finally killing X11, and I'm not as sad as I thought I'd be 2026-05-14](https://www.xda-developers.com/kde-dropping-x11-support/).
closes: #20245
Signed-off-by: tecis <67809811+tecis@users.noreply.github.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Aliaksei Budavei [Mon, 18 May 2026 19:07:08 +0000 (19:07 +0000)]
tests(commondumps): Use character counts when marking columns
Continue using "strwidth" when calculating the position of
a column of interest, and start using "setcharpos" when
marking a line of interest so that paired-up marks remain
aligned columnwise across all three parts generated by
"term_dumpdiff", especially when multibyte characters are
written in the line before the marked column.
closes: #20237
Signed-off-by: Aliaksei Budavei <0x000c70@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0499: modeline: allow to disable modelines with modelinestrict
Problem: Cannot disable modeline processing when loading a file
(Mao-Yining, after v9.2.0350)
Solution: Allow to disable modeline processing even when
'modelienstrict' is in effect.
fixes: #20103
closes: #20229
Signed-off-by: Christian Brabandt <cb@256bit.org> Signed-off-by: Christian Brabandt <cb@256bit.org>
Miguel Barro [Sun, 17 May 2026 20:00:41 +0000 (20:00 +0000)]
patch 9.2.0497: Cannot jump to remote tags
Problem: Cannot jump to remote tags
(after v9.2.0405)
Solution: Add the 'tagsecure' option (Miguel Barro)
closes: #20162
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Miguel Barro <miguel.barro@live.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0495: [security]: runtime(netrw): code injection via NetrwBookHistSave()
Problem: [security]: runtime(netrw): code injection via
NetrwBookHistSave()
Solution: Properly quote the directory name using string() function
(Srinivas Piskala Ganesh Babu)
mathmil [Sun, 17 May 2026 18:08:46 +0000 (18:08 +0000)]
runtime(just): add 'suffixesadd' to ftplugin
closes: #20197
Signed-off-by: mathmil <82173590+mathmil@users.noreply.github.com> Signed-off-by: Peter Benjamin <petermbenjamin@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Aliaksei Budavei [Sun, 17 May 2026 18:05:13 +0000 (18:05 +0000)]
runtime(sh): Do not conflate empty array and function declarations in Bash
Although the "=" character is permitted in function names,
a construct that parses as a variable assignment is
preferred to it parsing as a function declaration. See the
updated test file "sh_functions_bash.sh" for details.
patch 9.2.0493: popup: missing Popup, PopupBorder and PopupTitle hi groups
Problem: popup: missing Popup, PopupBorder and PopupTitle highlight groups
Solution: add Popup, PopupBorder and PopupTitle highlight groups and
fall back to Pmenu related highlighting groups (Yasuhiro Matsumoto).
fixes: #20110
closes: #20208
Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0492: popup: decoration wrongly drawn with clipping on border
Problem: popup: clipwindow popups with border and padding could still
spill into the surrounding chrome of the host window
Solution: Consume the border first, then the padding, per edge; spill
any leftover clip into the opposite edge's decoration; derive
the bottom padding row from total_height; skip the scrollbar
branch for clipwindow popups (Yasuhiro Matsumoto).
closes: #20227
Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
tecis [Sun, 17 May 2026 08:44:39 +0000 (08:44 +0000)]
runtime(htmldjango): Add syntax highlighting of comparison operators
The presence `djangoOperators` in the file `syntax/django.vim` and
having the highlight function with a `match` statement leads to a
highlight spill-over with other elements defined in `syntax/html.vim`.
To avoid the highlight spill-over declare a region called
`djangoTagBlockNaive` to limit `djangoOperator` to only be matched
within.
related: #20225
closes: #20232
Signed-off-by: tecis <67809811+tecis@users.noreply.github.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
tecis [Sun, 17 May 2026 08:32:15 +0000 (08:32 +0000)]
runtime(django): Resolve FIXME of comparrison operators + localization tags
Summary: Add highlight of comparison operators resolving FIXME left by maintainer.
How it works: By creating a the variable ‘djangoOperator’ with the regex
and defining to only highlight when enclosed within ‘djangoTag’ and
‘djangoVarBlock’ the highlight works as expected.
Note: Note even though the maintainer had left the note “FIXME ==, !=,
<, >, <=, and >= should be djangoStatements” the results do work
as I think he intended even though the variable ‘djangoOperator’ had to
be created to achieve the result. By doing it this way the highlight
process does not get confused depending on the spacing of the comparison
operator. Example: {{ x>=10 }} and {{ x >= 10 }} work as expected.
orbisai0security [Sun, 17 May 2026 08:19:14 +0000 (08:19 +0000)]
ccfilter: uses unbounded strcat()/strcpy()
Problem: ccfilter.c copies compiler output into fixed-size buffers
with strcat() and strcpy(), so very long diagnostics can
overflow.
Solution: replace with snprintf() bounded by LINELENGTH.
Automated security fix generated by Orbis Security AI
closes: #20233
Signed-off-by: orbisai0security <mediratta01.pally@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
glepnir [Sat, 16 May 2026 08:36:39 +0000 (08:36 +0000)]
patch 9.2.0490: matchfuzzy() can crash on long multi-word patterns
Problem: matchfuzzy() can crash on long multi-word patterns.
Solution: Clamp pat_chars to maxMatches and stop before calling
match_positions() when the buffer is full (glepnir).
closes: #20209
Signed-off-by: glepnir <glephunter@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Keith Smiley [Sat, 16 May 2026 07:46:25 +0000 (07:46 +0000)]
patch 9.2.0489: filetype: some Objective-C files are not recognized
Problem: filetype: some Objective-C files are not recognized
Solution: Add g:filetype_mm override variable, improve the objective c
pattern detection (Keith Smiley).
closes: #20221
Signed-off-by: Keith Smiley <keithbsmiley@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
dependabot[bot] [Sat, 16 May 2026 07:40:21 +0000 (07:40 +0000)]
CI: Bump the github-actions group across 1 directory with 2 updates
Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [actions/labeler](https://github.com/actions/labeler).
Updates `github/codeql-action` from 4.35.3 to 4.35.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v4.35.3...v4.35.4)
Updates `actions/labeler` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v6.0.1...v6.1.0)
Hirohito Higashi [Fri, 15 May 2026 16:50:27 +0000 (16:50 +0000)]
patch 9.2.0488: statusline: status line highlight blends into adjacent vsep cells
Problem: When two windows are placed side by side with vsplit and
their status lines are connected (the cell between them
is drawn with the 'stl' / 'stlnc' fillchar, not the
'vert' character), that connecting cell still uses the
VertSplit highlight. The status line bar therefore
looks broken at the separator column, and any custom
edge highlight set in 'statusline' (%#XX# / %N*) is cut
off there.
Solution: Make that connecting cell take the highlight from the
neighbouring status line edge instead of VertSplit:
- Next to the current window, use the current
window's edge highlight, so the StatusLine bar (and
any %#... at the edge) extends into the column
without a seam.
- Between two non-current windows whose status
fillchar is a space, use the left window's
right-edge highlight, so the StatusLineNC bar is
continuous across the column too.
Cells drawn with the 'vert' character (the two windows
do not share a status line) keep the VertSplit
highlight as before.
Add Test_statusline_vsep_borrow_hl with two layouts
(NC | cur | NC | NC and NC | NC | cur | NC) so all
three cases above are covered.
closes: #20182
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Signed-off-by: Hirohito Higashi <h.east.727@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0487: viminfo: possible signed int overflow in register array
Problem: viminfo: possible signed int overflow in register array growth
Solution: Cast to size_t (Yasuhiro Matsumoto)
The expression `limit * 2 * sizeof(string_T)` in read_viminfo_register()
multiplies in int and overflows once limit exceeds INT_MAX/2. Cast to
size_t first so the size computation stays unsigned. Defensive only;
reaching this path requires registers consuming many gigabytes.
closes: #20207
Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Foxe Chen [Fri, 15 May 2026 16:00:04 +0000 (16:00 +0000)]
patch 9.2.0485: clipboard provider callback can be called recursively
Problem: clipboard provider callback can be called recursively, leading
to E132: Function call depth is higher than 'maxfuncdepth'
Solution: Prevent recursive calls of
clip_provider_copy()/clip_provider_paste() (Foxe Chen).
closes: #20213
Signed-off-by: Foxe Chen <chen.foxe@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Problem: TextPutPre triggers clipboard provider callback twice
when do_put() runs autocommands that themselves request
the clipboard.
Solution: Guard do_put() and put_do_autocmd() with
inc_clip_provider()/dec_clip_provider() so the provider
is queried at most once per put operation (Foxe Chen).
closes: #20215
Signed-off-by: Foxe Chen <chen.foxe@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
Hirohito Higashi [Fri, 15 May 2026 15:02:48 +0000 (15:02 +0000)]
patch 9.2.0483: popup: terminal embedded in an opacity popup freezes Vim on input
Problem: When a terminal buffer is shown inside a popup with 'opacity'
set to a value other than 100, typing into it freezes Vim.
Only the first keystroke is drawn; afterwards no input is
processed and the screen stops updating.
Solution: When marking background lines for redraw to keep opacity
blend cells fresh, do not raise must_redraw. This marking
happens from inside update_screen() (via
may_update_popup_mask()), so raising must_redraw makes
terminal_loop()'s "while (must_redraw != 0) update_screen()"
loop never terminate. Add redraw_win_range_now() that
updates only the per-window state and use it from
redraw_win_under_opacity_popup() (Hirohito Higashi)
fixes: #20214
closes: #20220
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Signed-off-by: Hirohito Higashi <h.east.727@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0481: runtime(netrw): command injection possible via maps
Problem: runtime(netrw): command injection possible via crafted
directory names in NetrwMaps() (Christopher Lusk)
Solution: Temporarily remove B flag in NetrwMaps() to prevent command
injection
patch 9.2.0480: [security]: runtime(netrw): code injection via mf command
Problem: [security]: runtime(netrw): code injection via mf command
(Christopher Lusk, Zdenek Dohnal)
Solution: Do not use string concatenation inside the filter() commands
(Zdenek Dohnal)
patch 9.2.0479: [security]: runtime(tar): command injection in tar plugin
Problem: [security]: runtime(tar): command injection in tar plugin
(Christopher Lusk)
Solution: Use the correct shellescape(args, 1) form for a :! command
patch 9.2.0477: popup: leftover content after popup_free under layout change
Problem: popup_mask still marks the freed popup's cells as covered
until may_update_popup_mask() runs inside the next
update_screen. Any screen_fill / screen_puts called in
between (for example msg_clr_eos triggered by a status message
from :copen) hits skip_for_popup() and silently drops writes
to those cells, so the popup's chars survive on screen until
those cells happen to be redrawn for another reason.
Solution: Add popup_clear_mask_for() and call it from popup_hide() and
popup_free() when the popup was visible, so the upcoming
writes take effect immediately (Yasuhiro Matsumoto)
Note: The test is limited to MS-Windows because the original report
(#20178) was reproduced there and the redraw timing required to
surface the bug differs on other platforms.
fixes: #20178
closes: #20188
Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
J. Paulo Seibt [Mon, 11 May 2026 17:08:48 +0000 (17:08 +0000)]
patch 9.2.0475: runtime(netrw): bookmark paths not normalized
Problem: the bookmarks list can have duplicate entries, more often
in win32 (due to mixed slashes and capitalization) and when
g:netrw_keepdir=0 (which could introduce relative paths).
Duplicate entries could be: C:\foo\BAR\baz.file
c:\foo\bar\baz.file
c:/foo\BAR/baz.file
BAR/baz.file
Solution: Normalize the paths and make sure they are always absolute
(J. Paulo Seibt).
closes: #20194
Signed-off-by: J. Paulo Seibt <jpseibt@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
K.Takata [Mon, 11 May 2026 16:56:33 +0000 (16:56 +0000)]
patch 9.2.0474: MS-Windows: hard to tell which Visual Studio version was selected with MSVC
Problem: When running msvc*.bat there is no indication of which
Visual Studio version and target architecture got
selected.
Solution: After vcvarsall.bat returns, echo the VS version, VC
tools version and target architecture, and set the
Command Prompt title accordingly (Ken Takata).
closes: #20193
Signed-off-by: K.Takata <kentkt@csc.jp> Signed-off-by: Christian Brabandt <cb@256bit.org>
zeertzjq [Mon, 11 May 2026 16:49:19 +0000 (16:49 +0000)]
patch 9.2.0473: Pasting ". register without autocommands breaks TextPut*
Problem: Pasting ". register without TextPut* autocommands breaks
subsequent TextPut* autocommands (after 9.2.0470).
Solution: Only decrement add_last_insert if it has been incremented
(zeertzjq).
closes: #20192
Signed-off-by: zeertzjq <zeertzjq@outlook.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
patch 9.2.0472: popup: column jitters when scrolled outside viewport
Problem: popup: column jitters horizontally when textprop is scrolled
above the host window's top (after v9.2.0469)
Solution: Compute the virtual column from the prop's actual line via
getvcol() and translate it through prop_win's win_col_off /
leftcol / wincol (Yasuhiro Matsumoto).
popup_screenpos_above_top() probed textpos2screenpos() at
prop_win->w_topline using the prop's own tp_col, so the returned
screen_scol picked up topline's tab stops and multi-byte widths instead
of the prop line's own. Once the textprop scrolled above the host's
top, the popup's wincol jittered left/right every time a wider or
narrower line rotated into the topmost slot.
Compute the virtual column from the prop's actual line via getvcol()
and translate it through prop_win's win_col_off / leftcol / wincol.
Row extrapolation from topline is unchanged.
closes: #20187
Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
John Marriott [Mon, 11 May 2026 16:22:05 +0000 (16:22 +0000)]
patch 9.2.0471: vimvars di_key initialized at runtime
Problem: evalvars_init() copies each vimvar's name into di_key at
startup and runtime-checks that the name fits in
DICTITEM16_KEY_LEN, even though all names are known at
compile time.
Solution: Embed the name in di_key via the VV_NAME macro so the
initialization happens at compile time. Drop the
runtime length check and the STRCPY loop (John Marriott).
closes: #20185
Signed-off-by: John Marriott <basilisk@internode.on.net> Signed-off-by: Christian Brabandt <cb@256bit.org>
projects / thirdparty / vim.git / log
