Problem:
On Windows, path separators may become inconsistent for various reasons,
which makes normalization quite painful.
Solution:
Normalize paths to `/` at the entry boundaries and always use it
internally, converting back only in rare cases where `\` is really
needed (e.g. cmd.exe/bat scripts?).
This is the first commit in a series of incremental steps.
Note:
* some funcs won't respect shellslash. e.g. `expand/fnamemodify`
* some funcs still respect shellslash, but will be updated in a follow
PR. e.g. `ex_pwd/f_chdir/f_getcwd`
* uv's built-in funcs always return `\`. e.g. `uv.cwd/uv.exepath`
Co-authored-by: Justin M. Keyes <justinkz@gmail.com>
Problem: filetype: some Beancount files are not recognized
Solution: Detect *.bean files as beancount filetype
(Bruno Belanyi)
closes: vim/vim#20037521eac1877
Co-authored-by: Bruno Belanyi <bruno@belanyi.fr>
Problem: runtime(netrw): ~ note expanded on MS Windows
(Tom Vamvanij)
Solution: Expand ~ on MS Windows (Yasuhiro Matsumoto)
On Windows, ":Explore ~" did nothing because the tilde expansion was
gated to Unix/Cygwin only. Additionally, substitute() interprets
backslashes in the replacement string specially (e.g. \U as a case
modifier), which would corrupt $HOME values like C:\Users\name even
if the branch were taken.
Include has("win32") in the guard, anchor the pattern to the start of
the string, and escape backslashes, ampersands and tildes in $HOME
before substituting.
fixes: vim/vim#20003closes: vim/vim#20014723c0acf25
Co-authored-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Problem: runtime(netrw): RFC2396 decoding double escaping spaces
(lilydjwg, after 3e60f03d942d6bb0f7eac)
Solution: Remove escape() call, since we are using fnameescape() anyhow
fixes: vim/vim#19913ab4ebb62ee
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: tests: Test_netrw_FileUrlEdit.. fails on Windows
(after 3e60f03d942d6bb0f7)
Solution: Skip the test on Windows (Yasuhiro Matsumoto).
The Test_netrw_FileUrlEdit_pipe_injection() test fails on Windows with
E303 because '|' is not a valid filename character on Windows. Since
the pipe character cannot appear in a Windows filename, the command
injection vector this test guards against does not apply on Windows.
closes: vim/vim#19890c91081d0e5
Co-authored-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Problem: netrw: does not take port into account in hostname validation
(after v9.2.0073)
Solution: Update hostname validation check and test for an optional port
number (Miguel Barro)
closes: vim/vim#19533a6198523fb
Co-authored-by: Miguel Barro <miguel.barro@live.com>
Problem: [security]: Insufficient validation of hostname and port in
netrw URIs allows command injection via shell metacharacters
(ehdgks0627, un3xploitable).
Solution: Implement stricter RFC1123 hostname and IP validation.
Use shellescape() for the provided hostname and port.
Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-m3xh-9434-g33679348dbbc0
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: netrw: need better tests for absolute paths
Solution: Use absolutepath(), instead of regex test (Miguel Barro).
closes: vim/vim#19477bd1dc5b1a6
Cherry-pick a typo fix from latest Vim.
Co-authored-by: Miguel Barro <miguel.barro@live.com>
Problem: Cannot apply 'scrolloff' context lines at end of file
Solution: Add the 'scrolloffpad' option to keep 'scrolloff' context even
when at the end of the file (McAuley Penney).
closes: vim/vim#19040a414630393
Co-authored-by: McAuley Penney <jacobmpenney@gmail.com>
Problem: Integer overflow with "ze" and large 'sidescrolloff'.
Solution: Check for overflow to avoid negative w_leftcol (zeertzjq).
closes: vim/vim#2002633f3965087
vim-patch:9.2.0384: stale Insstart after <Cmd> cursor move breaks undo
Problem: A <Cmd> command executed from Insert mode can sync undo and
move the cursor before the next edit. stop_arrow() saved the
new cursor line for undo, but left Insstart at the previous
insertion point. A line-start backspace could then delete
lines above the saved line without saving the joined range,
leaving a pending undo entry whose bottom resolved above
its top and raising E340.
Solution: Update Insstart and Insstart_textlen after the pending undo
save so the next edit starts from the command-updated cursor
position (Jaehwang Jung).
closes: vim/vim#20031
AI-assisted: Codex
d4fb31762e
Co-authored-by: Jaehwang Jung <tomtomjhj@gmail.com>
vim-patch:9.2.0374: c_CTRL-{G,T} does not handle offset
Problem: c_CTRL-{G,T} does not handle offset, when cycling between
matches
Solution: Refactor parsing logic into parse_search_pattern_offset() and
handle offsets, note: highlighting does not handle offsets
yet (Barrett Ruth).
fixes: vim/vim#19991closes: vim/vim#19998c62342e5cf
Problem: The "Scanning:" completion, bufwrite, and indent (there may be
more) messages which indicate progress can use the "progress" kind
for their msg_show event. Indent message does not have a kind.
Solution: Emit these messages with the "progress" kind. Set the message id
to the replaced kind so that a UI knows to replace it (and to provide
a migration path in case a UI was distinguishing these messages for
whatever reason).
Problem: filetype: ghostty config files are not recognized
Solution: Detect ghostty configuration files as ghostty filetype,
include a simple ghostty filetype plugin (Bez Hermoso)
closes: vim/vim#20002b30803b231
Co-authored-by: Bez Hermoso <bezalelhermoso@gmail.com>
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: Ctrl-R mapping not triggered during completion.
Solution: Move Ctrl-R check out of vim_is_ctrl_x_key()
(zeertzjq).
fixes: vim/vim#20004closes: vim/vim#2000649e8630a28
vim-patch:9.2.0362: division by zero with smoothscroll and small windows
Problem: Resizing a smoothscrolled wrapped window to its textoff width
with 'showbreak' can leave wrapped continuation lines with
zero text width. win_lbr_chartabsize() still runs the partial max_head_vcol calculation in
that state and divides by width2, crashing during redraw.
Solution: Skip that partial head calculation when the wrapped
continuation width is zero, matching the other width2 guards
in charset.c (Jaehwang Jung)
closes: vim/vim#20012
AI-assisted: Codex
0e31fb024c
Problem: MS-Windows: If a directory with a single character name is
included in the PATH environment variable without a trailing
path separator, executable() will not be able to find the
executable file under it.
Solution: The second argument of the after_pathsep() function is now
passed the next pointer where a path separator may exist
(Muraoka Taro).
As a specific example, the default installation path for PowerShell v7
is "C:\Program Files\PowerShell\7", but if you set this as is in the
PATH environment variable, Vim will not be able to find the pwsh.exe
command. In this case, Vim will try to search for "C:\Program
Files\PowerShell\7pwsh.exe".
Cause: The after_pathsep() function determines whether the location
passed as its second argument immediately follows a path separator.
However, in the code where the problem occurred, the second argument was
passed a location that might contain a path separator. As a result, it
was mistakenly determined that a path separator was present in cases
where the final directory name was a single character and not followed
by a path separator, and the path to search was incorrect.
closes: vim/vim#18979bd686d85dc
Co-authored-by: Muraoka Taro <koron.kaoriya@gmail.com>
Problem: filetype: not all Bitbake include files are recognized
Solution: Enhance the file detection logic and consider varflags
(Martin Schwan)
closes: vim/vim#199830e02be1919
Co-authored-by: Martin Schwan <m.schwan@phytec.de>
Problem: runtime(tar): missing path traversal checks in tar#Extract()
Solution: Add check for leading slash, however gnu tar should already
detect this (q1uf3ng)
tar#Extract() did not check for ../ sequences or absolute paths,
unlike zip#Extract() which was patched in recent commits. Add the
same checks: ../ (relative traversal), leading slash (Unix), drive
letter and UNC/leading slash (Windows).
closes: vim/vim#19981490b737f3e
Co-authored-by: q1uf3ng <q1uf3ng@protone.me>
Problem: Wrong cursor position when entering command line window
Solution: Add check_cursor() command to verify the cursor position
(Hirohito Higashi).
When opening the command-line window with CTRL-F after typing a command
that fills the screen width, the cursor was placed past the end of the
line. Add check_cursor() after setting State to MODE_NORMAL so the
cursor is adjusted to the last character.
Also fix the cmdwin prefix character (e.g. ':') being drawn on wrapped
continuation rows. Draw an empty space instead so that the text
alignment is preserved.
closes: vim/vim#19964c4fe1e958a
Cherry-pick Test_wildmenu_pum() changes from patch 9.1.1995.
Co-authored-by: Hirohito Higashi <h.east.727@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Problem: potential buffer underrun when settings statusline like option
(q1uf3ng)
Solution: Validate that p > out before accessing p[-1]
closes: vim/vim#1996191b402f575
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: tests: test_clientserver may fail on slower systems
Solution: Wait for argc() before checking argv() (James McCoy).
On slower systems, the argv() check may run before the server has
populated the arg list.
Add a wait for argc() to be 3 to be more tolerant of such systems
closes: vim/vim#199749d95410aa4
Co-authored-by: James McCoy <jamessan@jamessan.com>
Problem: tests: test_excmd.vim leaves swapfiles behind
Solution: Close open buffer using :bw!
related: vim/vim#19975c922202ea2
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: Wrong autoformatting with 'autocomplete'.
Solution: Don't trigger autoformatting when ending autocompletion
without selecting an item (zeertzjq).
fixes: vim/vim#19954closes: vim/vim#19970efbd482116
Problem: MS-Windows: executable not found when running individual test.
Solution: Also look for vimd.exe. (Christopher Plewright, closesvim/vim#11525)
d55bfcaa9b
Co-authored-by: Christopher Plewright <chris@createng.com>
Problem: MS-Windows: starting a python server for test sometimes fails.
Solution: Increase the waiting time for the port.
a906e8e1ab
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem:
If `'keywordprg'` begins with `:`, `3K` turns the count into an Ex
range. Commands that don't support that then fail. Vim passes the count
as the first arg (see #19436, vim/vim#10745).
Solution:
Pass `[count]` as the first arg for `'keywordprg'`.
Problem: Assuming modifyOtherKeys for rhs of mapping.
Solution: Ignore seenModifyOtherKeys for mapped characters. (closesvim/vim#6200)
46cd43bda1
----
"getchar.c" changes depend on patch 8.1.2145.
Can't port it due to tests.
"test_gui.vim" doesn't depend on GUI for all tests.
----
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: spell_read_aff() uses sprintf() into a fixed-size stack buffer
without bounds checking. store_aff_word() uses STRCAT() to
append attacker-controlled strings into newword[MAXWLEN] without
checking remaining space. Both are reachable via :mkspell with
crafted .aff/.dic files (xinyi234)
Solution: Replace sprintf() with vim_snprintf() in spell_read_aff().
Replace STRCAT() with STRNCAT() with explicit remaining-space
calculation in store_aff_word().
closes: vim/vim#1994407faa961a0
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: Some patterns in tar and zip plugin tests not strict enough.
Solution: Use assert_equal() for lines that should match exactly. Match
a literal dot properly (zeertzjq).
closes: vim/vim#199462fbc69c9ad
neovim always uses encoding=utf8. Thus a lot of utf8 tests are just a
lot of tests. Meanwhile test_regexp_latin.vim is a bit of a lone child,
it can just run as a separate test without a shell layer (running it in
the same process as its utf8 sibling is not allowed
Problem: runtime(tar): but with dotted path
Solution: Do not strip everything after the first dot
(Aaron Burrow)
tar#Extract was getting the extensionless basename by
stripping away everything starting with the leftmost
dot. So if a directory had a dot or the file had an
'extra' dot then the code did the wrong thing. For
example, if it was given:
/tmp/foo.bar/baz.tar.gz
Then it would treat /tmp/foo as the extensionless
basename, but it actually should have grabbed:
/tmp/foo.bar/baz
This patch fixes the issue by instead looking at the
rightmost dot(s).
This bug was discovered by ChatGPT 5.4. I wrote the
patch and tested vim.
closes: vim/vim#199304a1bcc67b4
Co-authored-by: Aaron Burrow <burrows@fastmail.com>
Problem: patch 9.2.0325: runtime(tar): bug in zstd handling
Solution: use correct --zstd argument, separated from other arguments,
rework testing framework (Aaron Burrow).
The tar.vim plugin allows vim to read and manipulate zstd archives,
but it had a bug that caused extraction attempts to fail.
Specifically, if the archive has a .tar.zst or .tzst extension, then
the code was generating invalid extraction commands that looked like
this:
tar --zstdpxf foo.tar.zst foo
When they should be like this:
tar --zstd -pxf foo.tar.zst foo
This patch changes the flag manipulation logic so that --zstd isn't
glued to pxf.
The labor for this change was divided between ChatGPT 5.4 and me.
ChatGPT 5.4 identified the issue (from a code scan?), and I wrote
the patch and tested vim.
related: vim/vim#1993000285c035a
Note: tests need the next patch to pass in Nvim.
Co-authored-by: Aaron Burrow <burrows@fastmail.com>
Problem: tests: test_indent.vim leaves swapfiles behind
Solution: Close open buffer using :bw! instead of :close!
158947e294
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: 0x9b byte not unescaped in <Cmd> mapping (BenYip).
Solution: Translate K_CSI to CSI like what is done in vgetc().
(zeertzjq).
fixes: vim/vim#19936closes: vim/vim#199373e2012914e
the unix.vim file was probably accidentally ignored at some point.
An actual invokation of nvim-under-test would in practice look like
["/path/to/neovim/build/bin/nvim", "-u", "unix.vim", "-U", "NONE", "-i", "NONE", "--noplugin", "--headless", "-u", "NONE", "--cmd", "set shortmess-=F", "-S", "runtest.vim", "test_arabic.vim"]
but -u NONE cancels out the earlier -u unix.vim
By now, too many tests rely on specific behavior from "NONE", so copy in
the useful parts of unix.vim to the cmdline again. also, some tests
conflict with `directory=.` (or even `directory=Xtempswapdir`) so don't use that.
`-U NONE` is dead code in Nvim, remove it.
Problem: runtime(tar): some issues with lz4 support
Solution: Fix bugs (see below) (Aaron Burrow)
The tar plugin allows users to extract files from tar archives that are
compressed with lz4. But, tar#Extract() builds malformed extraction commands
for lz4-compressed tar archives. This commit fixes three issues in that code.
The first affects archives with a .tlz4 extension and the other two affect
archives with .tar.lz4 extension (but one of these is symmetric to the issue
that .tlz4 archives had).
(1) When trying to extract .tlz4 archives the command created by
tar#Extract looked like this:
tar -I lz4pxf foo.tlz4 foo
This isn't right. It should be something like this:
tar -I lz4 -pxf foo.tlz4 foo
This was happening because tar.plugin is just substituting on the
first - in "tar -pxf". This works fine if we just add a simple flag for
extraction (eg, z for .tgz), but for lz4 we need to add "-I lz4".
I don't believe that there is an obvious good way to fix this without
reworking the way the command is generated. Probably we should collect
the command and flags separately and the flags should be stored in a
set. Then put everything together into a string just before issuing it
as an extraction command. Unfortunately, this might break things for users
because they have access to tar_extractcmd.
This patch just makes the substitution a little bit more clever so that it
does the right thing when substituting on a string like "tar -pxf".
(2) .tar.lz4 extractions had the same issue, which my patch fixes in
the same way.
(3) .tar.lz4 extractions had another issue. There was a space missing
in the command generated by tar#Extract. This meant that commands
looked like this (notice the lack of space between the archive and output
file names):
tar -I lz4pxf foo.tar.lz4foo
This patch just puts a space where it should be.
Finally, I should note that ChatGPT 5.4 initially identified this issue
in the code and generated the test cases. I reviewed the test cases,
wrote the patch, and actually ran vim against the tests (both with and
without the patch).
closes: vim/vim#1992578954f86c2
Co-authored-by: Aaron Burrow <burrows@fastmail.com>
Problem: When the terminal is very large, test for 9.2.0285 doesn't
trigger an ASAN error without the fix.
Solution: Use a window with fixed height (zeertzjq)
closes: vim/vim#19924b03970f41f
Problem: zip plugin tests may match messages from previous test cases
when checking for warning message.
Solution: Clear messages at the start of these tests (zeertzjq).
closes: vim/vim#19926a1f4259e68
