Always do a roundtrip at kitten exit, except for special purpose
kittens. This slows down exit by one round trip time (capped at 2
seconds), however it ensures that we never get terminal response leak.
Fixes#9839
Timing-safe comparisons:
- crypto.c: Replace memcmp with CRYPTO_memcmp for Secret equality,
require equal lengths before comparing
- remote_control.py: Constant-time password lookup to avoid leaking
valid passwords via dict hash timing
- file_transmission.py: Use hmac.compare_digest for bypass token
comparison instead of ==
Memory safety:
- child-monitor.c: Fix inverted condition in write_to_peer that
prevented memmove from ever executing on partial writes
- ibus_glfw.c: Null-terminate IBUS_ADDRESS copy to prevent string
overread when strlen >= PATH_MAX
- x11_window.c: Add NULL checks after realloc in clipboard/DnD
data handling (two sites)
- dnd.c: Cap accepted_mimes at 1MB to prevent unbounded growth,
fix realloc to not lose the original pointer on failure
- png-reader.c: Cast to size_t before multiplication to prevent
integer overflow on 32-bit platforms
Secrets hygiene:
- disk-cache.c: Zero encryption_key with explicit_bzero before free
Tar extraction hardening:
- tar.go: Validate hardlink targets against destination prefix to
prevent writing outside extraction directory
- tar.go: Strip setuid/setgid/sticky bits from extracted files
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add --allow-fallback option to the map command that controls shifted
and ascii (alternate_key) fallback for individual key mappings.
For non-Latin keyboard layouts, when the current layout key is
non-ascii (codepoint > 127 and < 0xE000), the alternate_key from
the base layout is used for matching if the mapping opts in via
--allow-fallback=shifted,ascii.
Default kitty bindings use --allow-fallback=shifted,ascii so they
work out of the box with non-Latin layouts. User custom mappings
default to --allow-fallback=shifted (preserving existing shifted_key
behavior without ascii fallback).
--allow-fallback=none disables all fallback for a mapping.
Python side: parse_options_for_map() in options/utils.py handles flag
parsing, ShortcutMapping uses it in __init__. get_shortcut() filters
candidates by per-mapping allow_fallback.
Go side: ParseMap() handles --allow-fallback, KeyAction stores
AllowFallback, ShortcutTracker.Match passes it to matching.
MatchesParsedShortcut defaults to shifted,ascii for hardcoded shortcuts.
Migrated kittens (themes, command_palette, diff, choose_files) to
use ShortcutTracker with configurable map entries.
Tests added for Python (5 test methods) and Go (ParseMap + key matching).
- Rename all options from pane_title_* to window_title_*
- Use foreground/background instead of fg/bg in color option names
- Change color options to to_color_or_none defaulting to None,
falling back to corresponding tab bar colors
- Add bell_symbol, activity_symbol, progress_percent template vars
using existing bell_on_tab and tab_activity_symbol options
- Add custom script support via window_title_bar.py in config dir
(draw_window_title function exposed as {custom} in templates)
- Update C structs, Python references, and regenerate config files
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add an optional title bar that displays above or below each window pane
when multiple windows are visible in a tab. This is similar to tmux's
pane-border-format or Terminator's pane title bars.
New configuration options:
- pane_title_bar: none/top/bottom (default: none)
- pane_title_template: f-string template (same syntax as tab_title_template)
- active_pane_title_template: override for active pane
- pane_title_bar_active_fg/bg: colors for active pane title
- pane_title_bar_inactive_fg/bg: colors for inactive pane titles
- pane_title_bar_align: left/center/right text alignment
The title bars are rendered using virtual Screen objects registered with
the GPU, following the same model as the tab bar. Title bars are
automatically hidden when only a single window is visible.
Ref: https://github.com/kovidgoyal/kitty/discussions/9448
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add a Go-based command_palette kitten that provides a searchable,
interactive overlay for browsing and triggering keyboard shortcuts
and actions.
- New Go kitten at kittens/command_palette/ with FZF fuzzy search,
grouped/flat views, and remote control action triggering
- Python collect_keys_data() does data collection, passed via stdin
- Navigation: arrows, ctrl+j/k (vim), ctrl+n/p (emacs), page up/down
- Enter triggers the selected action via RC command
- Help text displayed in footer for selected binding
- Added Go tests (main_test.go) and Python tests (command_palette.py)
