Use charactersIgnoringModifiers instead of characters when redispatching
Cmd-modified key events in performKeyEquivalent. Cmd-modified keys don't
produce text characters, so event.characters returns an empty string for
Cmd+Shift combos, preventing Ghostty from encoding them as kitty protocol
sequences. charactersIgnoringModifiers returns the actual key character
(e.g. "k" for Cmd+Shift+K) while modifiers are preserved in modifierFlags.
Fixes#1718
Co-authored-by: CHE-3 <schumannzheng@gmail.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Allow customizing numbered workspace and surface shortcuts
* Update bonsplit submodule to squashed main commit
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Publishing changes from background threads is not allowed in macOS 26
(Tahoe). Ghostty action callbacks run on I/O threads but were modifying
AppKit view properties and posting notifications without dispatching to
the main thread.
Fixes:
- GHOSTTY_ACTION_SCROLLBAR: wrap in DispatchQueue.main.async
- GHOSTTY_ACTION_CELL_SIZE: wrap in DispatchQueue.main.async
- GHOSTTY_ACTION_COLOR_CHANGE: wrap background color updates in main async
- GHOSTTY_ACTION_CONFIG_CHANGE: wrap background color clear in main async
- Add hasLiveSurface guard in TabManager.inheritedTerminalConfigForNewWorkspace
to protect the cmuxInheritedSurfaceConfig call site missed in the initial fix
- Expand malloc_size comment to clarify it is a best-effort heuristic, not a
lifetime guarantee (per Copilot review)
ghostty_surface_quicklook_font returns an unretained CTFont pointer that
can become stale on Intel Macs, leading to EXC_BAD_ACCESS (SIGSEGV) when
creating a split. This is a follow-up to the same crash pattern fixed in
#1496.
Add malloc_size validation in cmuxCurrentSurfaceFontSizePoints to detect
freed heap allocations before interpreting the pointer as a CTFont. Also
add hasLiveSurface guards in inheritedTerminalConfig and
rememberTerminalConfigInheritanceSource to skip surfaces whose native
state is closing or closed. All callers already handle nil gracefully by
falling back to inherited config values.
When a non-Latin input source like Korean 두벌식 is active,
event.charactersIgnoringModifiers returns Hangul characters (e.g. ㅅ
for T key) instead of Latin letters. This caused all character-based
shortcut matching to fail — Cmd+T, Cmd+D, Cmd+1-9, Ctrl+N/P, etc.
Root cause: KeyboardLayout.character(forKeyCode:modifierFlags:) assumed
CJK input sources lack kTISPropertyUnicodeKeyLayoutData, but Korean
두벌식 has it. UCKeyTranslate returned Korean characters and the ASCII
fallback was never reached.
Fix:
- KeyboardLayout.character(): check result is ASCII before accepting;
fall through to TISCopyCurrentASCIICapableKeyboardInputSource() when
the current source returns non-ASCII characters
- Add KeyboardLayout.normalizedCharacters(for:) helper that normalizes
event.charactersIgnoringModifiers for shortcut comparison
- Apply normalization in handleCustomShortcut (AppDelegate),
BrowserPanelView omnibar key handler, and BrowserPopupWindowController
Cmd+W handler
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Add regressions for SSH image transfer followups
* Fix SSH image transfer followup regressions
---------
Co-authored-by: Lawrence Chen <lawrencecchen@users.noreply.github.com>
* Add regression test for browser back history
* Fix browser back history handoff
* Fix browser tab favicon not updating on navigation
Two issues caused stale or missing favicons in browser tabs:
1. KVO race: The isLoading observer read webView.isLoading inside a deferred
Task instead of capturing the KVO change value at observation time. For fast
navigations (back-forward cache), isLoading flips true→false before the Task
runs, so handleWebViewLoadingChanged(true) was never called and the old
favicon was never cleared.
2. SPA favicon discovery: Sites that inject <link rel="icon"> via JavaScript
(e.g. React apps) had no favicon link in the DOM when didFinish fired. The
fallback to /favicon.ico often 404'd, leaving the globe icon permanently.
Now retries the JS query after 600ms to give client-side scripts time to
add the tag.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Add dynamic OG image and use large Twitter cards
Generate a 1200x630 OG image with the cmux logo, tagline, and
description using next/og ImageResponse. Switch Twitter card type
from "summary" to "summary_large_image" across all pages so shared
links show a full-width preview instead of the tiny favicon thumbnail.
* Use Geist font and app screenshot in OG image, update landing/README images
Replace the centered text-only OG image with a split layout: branding
on the left (logo, name, tagline) and a full app screenshot on the
right. Load Geist Regular/SemiBold from Google Fonts for consistent
typography. Replace the homepage landing image and README screenshot
with a new screenshot showing cmux with multiple workspaces, tabs,
browser panel, and code diffs.
* Fine-tune OG image layout and update homepage/README screenshots
Apply tuned values from OG editor: 112px logo, 48px title with -8
translateY, 34px subtitle at #cfcfcf, 320px fade height. Use Geist
font loaded from Google Fonts. Render at 2x (2400x1260) for sharper
previews on social platforms. Remove GitHub URL from footer.
Add pre-resized og-screenshot.png (2208px wide) for the OG image to
avoid Satori downscale blur. Update homepage landing image and README
screenshot with new app screenshot.
---------
Co-authored-by: Lawrence Chen <lawrencecchen@users.noreply.github.com>
Rapid pushes to main spawn 7+ WarpBuild jobs simultaneously, causing
intermittent runner failures (shutdown during submodule clone, lost
communication). Add workflow-level concurrency groups to ci.yml and
build-ghosttykit.yml.
On PRs, stale runs are canceled when a new push arrives. On main, runs
queue serially (cancel-in-progress is false to avoid GitHub treating
cancelled runs as failures).
Co-authored-by: Lawrence Chen <lawrencecchen@users.noreply.github.com>
CAPTCHA providers (reCAPTCHA, hCaptcha, Cloudflare Turnstile) detect
environment tampering in their cross-origin iframes. With
forMainFrameOnly: false, the telemetry hooks (overridden console.*)
and address bar focus tracker (__cmux* globals) run inside CAPTCHA
iframes, causing challenges to fail or score the session as a bot.
Change forMainFrameOnly from false to true on:
- telemetryHookBootstrapScriptSource
- addressBarFocusTrackingBootstrapScript
Both only need to run in the top-level page context.
Fixes#1429
