Bumps [golang.org/x/term](https://github.com/golang/term) from 0.41.0 to
0.42.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="52b71d3344"><code>52b71d3</code></a>
go.mod: update golang.org/x dependencies</li>
<li>See full diff in <a
href="https://github.com/golang/term/compare/v0.41.0...v0.42.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@xmldom/xmldom](https://github.com/xmldom/xmldom) from 0.8.11 to
0.8.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/xmldom/xmldom/releases"><code>@xmldom/xmldom</code>'s
releases</a>.</em></p>
<blockquote>
<h2>0.8.12</h2>
<p><a
href="https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12">Commits</a></p>
<h3>Fixed</h3>
<ul>
<li>preserve trailing whitespace in ProcessingInstruction data <a
href="https://redirect.github.com/xmldom/xmldom/pull/962"><code>[#962](https://github.com/xmldom/xmldom/issues/962)</code></a>
/ <a
href="https://redirect.github.com/xmldom/xmldom/issues/42"><code>[#42](https://github.com/xmldom/xmldom/issues/42)</code></a></li>
<li>Security: <code>createCDATASection</code> now throws
<code>InvalidCharacterError</code> when <code>data</code> contains
<code>"]]>"</code>, as required by the <a
href="https://dom.spec.whatwg.org/#dom-document-createcdatasection">WHATWG
DOM spec</a>. <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
<li>Security: <code>XMLSerializer</code> now splits CDATASection nodes
whose data contains <code>"]]>"</code> into adjacent CDATA
sections at serialization time, preventing XML injection via mutation
methods (<code>appendData</code>, <code>replaceData</code>, <code>.data
=</code>, <code>.textContent =</code>). <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
</ul>
<p>Code that passes a string containing <code>"]]>"</code>
to <code>createCDATASection</code> and relied on the previously unsafe
behavior will now receive <code>InvalidCharacterError</code>. Use a
mutation method such as <code>appendData</code> if you intentionally
need <code>"]]>"</code> in a CDATASection node's data.</p>
<p>Thank you,
<a
href="https://github.com/thesmartshadow"><code>@thesmartshadow</code></a>,
<a
href="https://github.com/stevenobiajulu"><code>@stevenobiajulu</code></a>,
for your contributions</p>
<p><a
href="https://github.com/xmldom/xmldom/discussions/357">https://github.com/xmldom/xmldom/discussions/357</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md"><code>@xmldom/xmldom</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12">0.8.12</a></h2>
<h3>Fixed</h3>
<ul>
<li>preserve trailing whitespace in ProcessingInstruction data <a
href="https://redirect.github.com/xmldom/xmldom/pull/962"><code>[#962](https://github.com/xmldom/xmldom/issues/962)</code></a>
/ <a
href="https://redirect.github.com/xmldom/xmldom/issues/42"><code>[#42](https://github.com/xmldom/xmldom/issues/42)</code></a></li>
<li>Security: <code>createCDATASection</code> now throws
<code>InvalidCharacterError</code> when <code>data</code> contains
<code>"]]>"</code>, as required by the <a
href="https://dom.spec.whatwg.org/#dom-document-createcdatasection">WHATWG
DOM spec</a>. <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
<li>Security: <code>XMLSerializer</code> now splits CDATASection nodes
whose data contains <code>"]]>"</code> into adjacent CDATA
sections at serialization time, preventing XML injection via mutation
methods (<code>appendData</code>, <code>replaceData</code>, <code>.data
=</code>, <code>.textContent =</code>). <a
href="https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp"><code>GHSA-wh4c-j3r5-mjhp</code></a></li>
</ul>
<p>Code that passes a string containing <code>"]]>"</code>
to <code>createCDATASection</code> and relied on the previously unsafe
behavior will now receive <code>InvalidCharacterError</code>. Use a
mutation method such as <code>appendData</code> if you intentionally
need <code>"]]>"</code> in a CDATASection node's data.</p>
<p>Thank you,
<a
href="https://github.com/thesmartshadow"><code>@thesmartshadow</code></a>,
<a
href="https://github.com/stevenobiajulu"><code>@stevenobiajulu</code></a>,
for your contributions</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="189cb78a83"><code>189cb78</code></a>
0.8.12</li>
<li><a
href="ed08df7572"><code>ed08df7</code></a>
fix: XML injection via unsafe CDATA serialization (GHSA-wh4c-j3r5-mjhp)
(<a
href="https://redirect.github.com/xmldom/xmldom/issues/968">#968</a>)</li>
<li><a
href="a5b929ba00"><code>a5b929b</code></a>
chore: clean up generated test artefacts before running ci-local</li>
<li><a
href="4e37a20562"><code>4e37a20</code></a>
ci: run format:check in lint job</li>
<li><a
href="ac0ac7714f"><code>ac0ac77</code></a>
chore: ignore generated files when checking formatting</li>
<li><a
href="968c893943"><code>968c893</code></a>
chore: add local CI script and format:check script</li>
<li><a
href="ac40424adf"><code>ac40424</code></a>
fix: preserve trailing whitespace in ProcessingInstruction data (<a
href="https://redirect.github.com/xmldom/xmldom/issues/962">#962</a>)</li>
<li><a
href="cece7521a3"><code>cece752</code></a>
chore: add .nvmrc pointing to node version 18</li>
<li><a
href="cbf44d90a4"><code>cbf44d9</code></a>
docs: improve links to changes in most recent release</li>
<li>See full diff in <a
href="https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~karfau">karfau</a>, a new releaser for
<code>@xmldom/xmldom</code> since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/wavetermdev/waveterm/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fixes#2778.
## Problem
`xterm.js`'s `getSelection()` returns lines padded to the full terminal
column width. Every copy path passed this directly to
`navigator.clipboard.writeText()`, so pasting into Slack, editors, etc.
included hundreds of trailing spaces.
## Solution
Adds a `term:trimtrailingwhitespace` setting (default `true`) that
strips trailing whitespace from each line before writing to the
clipboard. Applied to all three copy paths:
- copy-on-select (`termwrap.ts`)
- `Ctrl+Shift+C` (`term-model.ts`)
- right-click Copy context menu (`term-model.ts`)
OSC 52 is intentionally excluded — that path copies program-provided
text, not grid content.
The trim itself uses the same per-line `trimEnd()` approach already
present in `bufferLinesToText` via `translateToString(true)`.
Setting to `false` restores the previous behaviour.
## Files changed
- `pkg/wconfig/settingsconfig.go` — new `TermTrimTrailingWhitespace
*bool` field
- `pkg/wconfig/defaultconfig/settings.json` — default `true`
- `frontend/app/view/term/termutil.ts` — `trimTerminalSelection` helper
- `frontend/app/view/term/termwrap.ts` — copy-on-select path
- `frontend/app/view/term/term-model.ts` — Ctrl+Shift+C and right-click
paths
- Generated: `pkg/wconfig/metaconsts.go`, `frontend/types/gotypes.d.ts`,
`schema/settings.json`
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.42.0 to
0.43.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f33a730cd0"><code>f33a730</code></a>
windows: support nil security descriptor on GetNamedSecurityInfo</li>
<li><a
href="493d172598"><code>493d172</code></a>
cpu: add runtime import in cpu_darwin_arm64_other.go</li>
<li><a
href="2c2be756b9"><code>2c2be75</code></a>
windows: use syscall.SyscallN in Proc.Call</li>
<li><a
href="a76ec62d6c"><code>a76ec62</code></a>
cpu: roll back "use IsProcessorFeaturePresent to calculate ARM64 on
windows"</li>
<li>See full diff in <a
href="https://github.com/golang/sys/compare/v0.42.0...v0.43.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3)
from 1.14.37 to 1.14.40.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f92973809d"><code>f929738</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1384">#1384</a>
from mattn/raise-go121-cleanup</li>
<li><a
href="efae5e7686"><code>efae5e7</code></a>
raise minimum Go version to 1.21</li>
<li><a
href="b23d54cb76"><code>b23d54c</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1383">#1383</a>
from mattn/codex/next-row-batch-fetch</li>
<li><a
href="e1557be6ce"><code>e1557be</code></a>
batch row column fetches in Next</li>
<li><a
href="cc39db7160"><code>cc39db7</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1382">#1382</a>
from mattn/codex/sqlite3-bind-fastpath</li>
<li><a
href="9a908a9fd0"><code>9a908a9</code></a>
optimize sqlite bind fast path</li>
<li><a
href="edadafaf61"><code>edadafa</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1381">#1381</a>
from mattn/eliminate-bounds-checks</li>
<li><a
href="8f9f86ea43"><code>8f9f86e</code></a>
Eliminate unnecessary bounds checks in hot paths</li>
<li><a
href="0d2388125f"><code>0d23881</code></a>
Merge pull request <a
href="https://redirect.github.com/mattn/go-sqlite3/issues/1379">#1379</a>
from theimpostor/pr-1322-missing-constraint-op-types</li>
<li><a
href="84bdc43851"><code>84bdc43</code></a>
add missing index constraint op types</li>
<li>Additional commits viewable in <a
href="https://github.com/mattn/go-sqlite3/compare/v1.14.37...v1.14.40">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Add two icon buttons (horizontal/vertical split) to every block's header
bar, gated behind a new `app:showsplitbuttons` setting (default false).
When enabled, the buttons appear before the settings cog.
Motivation: for users who split panes frequently, having the buttons
always visible speeds up the workflow vs. right-click > context menu.
The split functionality already exists — this just surfaces it more
conveniently.
- New setting `app:showsplitbuttons` (Go + TS + default config)
- Split buttons in `blockframe-header.tsx`, using existing
`createBlockSplitHorizontally`/`createBlockSplitVertically`
- New pane clones the current block's meta so terminals inherit
shell/connection config
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion)
from 1.1.12 to 1.1.13.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6c353caf23"><code>6c353ca</code></a>
1.1.13</li>
<li><a
href="7fd684f89f"><code>7fd684f</code></a>
Backport fix for GHSA-f886-m6hf-6m8v (<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/95">#95</a>)</li>
<li>See full diff in <a
href="https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/wavetermdev/waveterm/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
## Summary
- Add `README.zh-TW.md` with Traditional Chinese translation, following
the same pattern as the existing Korean translation (`README.ko.md`)
- Enhanced feature descriptions with detailed explanations,
sub-sections, and emoji icons for better readability
- Updated language switcher in `README.md` and `README.ko.md` to include
the new `繁體中文` option
## Details
This is a community-contributed Traditional Chinese translation of the
README. Key differences from a direct translation:
- Each feature is broken into its own `###` sub-heading (vs. a single
bullet list in the original)
- Added contextual explanations (e.g., comparing Durable SSH Sessions to
traditional SSH pain points)
- Technical terms (SSH, API, WSH, etc.) are kept in English for clarity
> 本文件為社群繁體中文翻譯版本。最新原文請參閱 README.md。
## Test plan
- [ ] Verify `README.zh-TW.md` renders correctly on GitHub
- [ ] Verify language switcher links work in all three READMEs (EN, KO,
ZH-TW)
- [ ] Verify no broken image/badge links
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add ability to toggle the Widgets sidebar visibility via a button in the
tabbar. State persists across sessions and workspaces through workspace
metadata (layout:widgetsvisible).
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: sawka <mike@commandline.dev>
- Add Mouse-3/Mouse-4 (back/forward) navigation support in webviews
- Add COLORTERM=truecolor env variable for terminal sessions
- Fix AI button width calculation when button is hidden
- Fix setSizeAndPosition animation on tab layout updates
- Increase DevInitTimeout for slower startup scenarios
- Update .gitignore and package-lock.json
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fixes#746, fixes#2813
Drag a file from Finder into a terminal and it pastes the quoted path.
Uses `webUtils.getPathForFile()` through a preload bridge since Electron
32 killed `File.path`. Handles spaces in filenames.
Needs app restart after install (preload change).
## Summary
Upgrade GitHub Actions to their latest versions for improved features,
bug fixes, and security updates.
## Changes
| Action | Old Version(s) | New Version | Release | Files |
|--------|---------------|-------------|---------|-------|
| `actions/upload-pages-artifact` |
[`v3`](https://github.com/actions/upload-pages-artifact/releases/tag/v3)
|
[`v4`](https://github.com/actions/upload-pages-artifact/releases/tag/v4)
|
[Release](https://github.com/actions/upload-pages-artifact/releases/tag/v4)
| deploy-docsite.yml |
## Why upgrade?
Keeping GitHub Actions up to date ensures:
- **Security**: Latest security patches and fixes
- **Features**: Access to new functionality and improvements
- **Compatibility**: Better support for current GitHub features
- **Performance**: Optimizations and efficiency improvements
### Security Note
Actions that were previously pinned to commit SHAs remain pinned to SHAs
(updated to the latest release SHA) to maintain the security benefits of
immutable references.
### Testing
These changes only affect CI/CD workflow configurations and should not
impact application functionality. The workflows should be tested by
running them on a branch before merging.
Signed-off-by: Salman Muin Kayser Chishti <13schishti@gmail.com>
Bumps [yaml](https://github.com/eemeli/yaml) from 2.8.1 to 2.8.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eemeli/yaml/releases">yaml's
releases</a>.</em></p>
<blockquote>
<h2>v2.8.3</h2>
<ul>
<li>Add <code>trailingComma</code> ToString option for multiline flow
formatting (<a
href="https://redirect.github.com/eemeli/yaml/issues/670">#670</a>)</li>
<li>Catch stack overflow during node composition (1e84ebb)</li>
</ul>
<h2>v2.8.2</h2>
<ul>
<li>Serialize -0 as -0 (<a
href="https://redirect.github.com/eemeli/yaml/issues/638">#638</a>)</li>
<li>Do not double newlines for empty map values (<a
href="https://redirect.github.com/eemeli/yaml/issues/642">#642</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ce14587484"><code>ce14587</code></a>
2.8.3</li>
<li><a
href="1e84ebbea7"><code>1e84ebb</code></a>
fix: Catch stack overflow during node composition</li>
<li><a
href="6b24090280"><code>6b24090</code></a>
ci: Include Prettier check in lint action</li>
<li><a
href="9424dee38c"><code>9424dee</code></a>
chore: Refresh lockfile</li>
<li><a
href="d1aca82bc1"><code>d1aca82</code></a>
Add trailingComma ToString option for multiline flow formatting (<a
href="https://redirect.github.com/eemeli/yaml/issues/670">#670</a>)</li>
<li><a
href="43215099f7"><code>4321509</code></a>
ci: Drop the branch filter from GitHub PR actions</li>
<li><a
href="47207d0fc7"><code>47207d0</code></a>
chore: Update docs-slate</li>
<li><a
href="5212faeed5"><code>5212fae</code></a>
chore: Update docs-slate</li>
<li><a
href="086fa6b5ba"><code>086fa6b</code></a>
2.8.2</li>
<li><a
href="95f01e9803"><code>95f01e9</code></a>
chore: Add funding to package.json</li>
<li>Additional commits viewable in <a
href="https://github.com/eemeli/yaml/compare/v2.8.1...v2.8.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/wavetermdev/waveterm/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This updates the terminal shell-integration badge so it reflects Claude
Code activity instead of always rendering the generic AI icon. When the
active shell command is Claude Code, the header now shows the Claude
logo.
- **Terminal shell-integration badge**
- Updated `getShellIntegrationIconButton()` to render the Claude logo
while Claude Code is the active running command.
- Kept the existing shell-integration states and messaging intact for
non-Claude commands.
- **Claude Code detection**
- Added command detection for Claude Code in the OSC shell-integration
flow.
- Tracks active Claude sessions on `TermWrap`, including initial
runtime-info hydration and command lifecycle transitions.
- Handles common invocation forms, including direct binary paths and
commands wrapped by env var assignments / `env`.
- **UI rendering**
- Added `@lobehub/icons` and used its `Claude` icon in the terminal
header path.
- Reused the existing icon-button rendering contract by passing a React
node for the icon where needed.
- **Focused coverage**
- Added a small unit test for Claude command detection to lock in the
supported command forms.
```ts
const claudeCodeActive = get(this.termRef.current.claudeCodeActiveAtom);
const icon = claudeCodeActive ? React.createElement(TermClaudeIcon) : "sparkles";
```
- **screenshot**
- 
<!-- START COPILOT CODING AGENT TIPS -->
---
💬 Send tasks to Copilot coding agent from
[Slack](https://gh.io/cca-slack-docs) and
[Teams](https://gh.io/cca-teams-docs) to turn conversations into code.
Copilot posts an update in your thread when it's finished.
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: sawka <2722291+sawka@users.noreply.github.com>
Co-authored-by: sawka <mike@commandline.dev>
## Summary
- Fixes#2970: WaveTerm does not inherit `XDG_CONFIG_DIRS` (and
`XDG_DATA_DIRS`) when snap or other environments strip these variables
and PAM env files do not define them
- In `tryGetPamEnvVars()`, after the existing `XDG_RUNTIME_DIR`
fallback, adds identical fallback logic for `XDG_CONFIG_DIRS` (default:
`/etc/xdg`) and `XDG_DATA_DIRS` (default: `/usr/local/share:/usr/share`)
per the XDG Base Directory Specification
- No behavior change when these vars are already set by PAM env files
## Root Cause
Snap confinement strips several XDG environment variables.
`tryGetPamEnvVars()` already handles `XDG_RUNTIME_DIR` with a sensible
default, but `XDG_CONFIG_DIRS` and `XDG_DATA_DIRS` were left unhandled,
causing child shells to receive empty/unset values.
## Test plan
- [ ] `gofmt -l ./pkg/shellexec/` — no output (clean)
- [ ] `go build ./...` — succeeds
- [ ] On Linux with snap, verify that child shells receive
`XDG_CONFIG_DIRS=/etc/xdg` and
`XDG_DATA_DIRS=/usr/local/share:/usr/share` when the variables are not
set by the desktop environment
Signed-off-by: majiayu000 <1835304752@qq.com>
