* Set cmux TestAction to Debug for UI tests
* Broaden XCTest detection for debug launch gate
* Fix AutomationSocketUITests launch hang in CI
* Stabilize CI Swift package resolution for test jobs
* Stabilize Xcode Cloud UI test focus and socket handling
* Add Xcode Cloud pre-xcodebuild submodule bootstrap
* Harden Xcode Cloud bonsplit bootstrap fallback
* Set up full test suite in CI and Xcode Cloud
Add build-ghosttykit.yml workflow to pre-build and publish
GhosttyKit.xcframework as a GitHub release on manaflow-ai/ghostty,
keyed by submodule SHA. Add ci_scripts/ci_post_clone.sh for Xcode
Cloud to download the pre-built xcframework with retry logic. Create
cmux-ci scheme that runs both cmuxTests and cmuxUITests. Switch the
CI tests job from running a single UI test class to the full suite.
* Run unit tests + single UI test class on self-hosted runner
The self-hosted runner can't launch the full app for UI tests (no GUI
session), so run all unit tests via cmux-unit scheme and keep the
original UpdatePillUITests as a smoke test. Full UI test suite runs
on Xcode Cloud which has proper macOS GUI support.
* Handle expected test failures in unit tests step
xcodebuild returns exit code 65 even for expected failures
(XCTExpectFailure). Parse the summary line to only fail the CI job
when there are unexpected failures.
Moves socket control password from the macOS login keychain to a
plain file at ~/Library/Application Support/cmux/socket-control-password.
This eliminates the system keychain prompt that interrupts users on
first launch or after keychain changes.
- Directory created with 0700, file written with 0600 permissions
- One-time migration copies existing keychain password to the file,
deletes the keychain entry, and records a migration version in
UserDefaults so it runs only once
- CLI SocketPasswordResolver also reads from the file path
- Security framework import is now conditional (#if canImport)
- Adds SocketControlPasswordStoreTests covering round-trip, env
priority, path resolution, and migration behavior
Fixes https://github.com/manaflow-ai/cmux/issues/541
The ctrl fast path unconditionally returned after calling ghostty_surface_key,
even when it returned false (e.g. ignore keybindings), preventing IMEs from
receiving Ctrl-modified key events. Now falls through to interpretKeyEvents
when the key is not handled.
Also adds keyboard layout change detection around interpretKeyEvents (matching
Ghostty upstream) so that IME-triggered layout switches cause an early return
instead of sending the key to Ghostty.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Upgrade Sentry: tracing, breadcrumbs, dSYM upload
- Enhanced Sentry SDK init with performance tracing (10% sample),
explicit app hang timeout, stack trace attachment, and HTTP
failure capture
- Added breadcrumbs for key user actions: workspace switch/create/close,
split creation, command palette open/close, app focus — these give
context to hang/crash reports
- Added dSYM upload step to nightly and release CI workflows so hang
stacks are fully symbolicated (requires SENTRY_AUTH_TOKEN secret)
- Created SentryHelper.swift with lightweight breadcrumb helper
Closes https://github.com/manaflow-ai/cmux/issues/365
* Remove command palette breadcrumbs
Not useful for hang diagnosis — keep only workspace/tab/split/focus
breadcrumbs that correlate with heavy operations.
When running `open https://...` inside a cmux terminal, the URL now
opens in the built-in browser panel instead of the system default
browser. Non-URL arguments and explicit flags pass through to
/usr/bin/open unchanged.
Closes#306
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
(cherry picked from commit 174623776eb0baef04f5a9ab49b926427c149acd)
* Fix CJK IME input not working (#118)
CJK (Korean, Japanese, Chinese) IME input was completely broken because
cmux never forwarded preedit/composition state to Ghostty's libghostty.
Root causes and fixes:
1. Missing preedit sync: Added syncPreedit() that calls
ghostty_surface_preedit() to notify Ghostty about IME composition
text. Called from setMarkedText, unmarkText, and after
interpretKeyEvents in keyDown.
2. Wrong composing flag: The composing flag on key events now correctly
accounts for when composition just ended (markedTextBefore was true
but markedText is now empty), preventing spurious deletions when
canceling composition.
3. Event interception during IME: Added early exits in
performKeyEquivalent, the NSWindow swizzle, and the local event
monitor (handleCustomShortcut) to avoid stealing key events while
IME has active marked text.
4. IME popup positioning: firstRect(forCharacterRange:) now uses
ghostty_surface_ime_point() for accurate cursor-relative positioning
of the IME candidate window.
* Add regression tests for CJK IME composition (#118)
31 tests covering Korean, Japanese, and Chinese IME input scenarios:
- Korean jamo combining: ㅎ -> 하 -> 한 composition lifecycle
- Chinese pinyin: multi-letter marked text and candidate selection
- Japanese hiragana-to-kanji: romaji -> hiragana -> kanji conversion
- insertText correctly commits composed text and clears marked state
- unmarkText properly clears composition state (idempotent)
- performKeyEquivalent returns false during active composition for
all key types (plain, shift, space, return, escape)
- Shortcut bypass: hasMarkedText gates the handleCustomShortcut bypass
- Multi-syllable sequences, backspace correction, and rapid transitions
- keyTextAccumulator lifecycle tests
Also adds #if DEBUG test accessors for keyTextAccumulator on
GhosttyNSView to enable unit testing the accumulator path.
* Move port scanning from shell to app-side with batching
Replace per-shell `ps -axo + lsof` scanning with a centralized
PortScanner singleton in the app. Each shell now sends lightweight
`report_tty` (once per session) and `ports_kick` (on preexec/precmd)
socket messages. The app coalesces kicks across all panels and runs a
single `ps -t <ttys> + lsof -p <pids>` covering every active panel.
Also fixes a macOS 26 Tahoe regression where `getsockopt(LOCAL_PEERPID)`
returns ENOTCONN on accepted sockets when the peer disconnects before
the handler thread starts. This was silently breaking ALL socket
commands sent via ncat --send-only. The fix captures the peer PID in
the accept loop immediately after accept(), and falls back to
LOCAL_PEERCRED (uid check) when the PID lookup fails.
* Fix PR review feedback: burst timing and auth comment clarity
- P2: burstDelays were accumulating (0.5+1.5+3+... = ~22.5s) instead of
firing at absolute offsets from burst start. Now uses burstStart anchor
so scans fire at 0.5s, 1.5s, 3s, 5s, 7.5s, 10s as intended.
- P1: Clarify LOCAL_PEERCRED fallback rationale — same security boundary
as socket file permissions (0600), does not widen attack surface.
Long-lived connections still get full descendant check via LOCAL_PEERPID.
* Fix multi-workspace drag/drop, WebView click focus, and add regression tests
- Wire bonsplit isInteractive to workspace active state so inactive
workspace NSViews are hidden from AppKit event routing
- Add CmuxWebView.mouseDown notification for browser panel focus
tracking (AppKit delivers clicks to WKWebView, not SwiftUI overlays)
- Add multi-workspace focus regression test covering isHidden fix,
rapid workspace switching, and browser panel focus routing
* Bump version to 1.36.0
