v0.1.2

Security hardening for control-mode protocol

This patch release hardens the tmux control-mode protocol layer against injection attacks.

Changes

• Harden control-mode protocol against newline injection — reject or sanitize inputs containing newline characters that could break the control-mode framing protocol (43c5cdc)
• Add format string quoting and security regression tests — quote tmux format strings to prevent interpretation of user-controlled data as format variables, with regression tests covering injection vectors (97db0a6)
• Harden control-mode protocol against injection — additional hardening across the protocol layer to prevent command injection via crafted session/window/pane names (91bf5db)

Maintenance

• Add .worktrees/ to .gitignore (e97ef58)

Upgrading

go get github.com/atomicstack/gotmuxcc@v0.1.2

v0.1.1

empty-server control-mode startup fix

this release fixes a constructor bug in gotmuxcc.NewTmux() / NewTmuxWithOptions() when connecting to a tmux server that has no existing sessions.

previously, gotmuxcc could fall through to bare tmux -C during startup. tmux interprets that as an implicit new-session, which created an unwanted session as a side effect of opening the control-mode connection.

fixes

• use an explicit startup plan instead of falling through to bare tmux -C
• attach to an existing session when one is available
• when no sessions exist, create a uniquely named detached bootstrap session instead of consuming the next numeric session name such as 0
• propagate unexpected list-sessions discovery failures as constructor errors instead of silently treating them as "no sessions"
• clean up the bootstrap session with a best-effort kill-session when the Tmux handle is closed

tests

• added unit coverage for existing-session startup
• added unit coverage for empty-server bootstrap startup
• added unit coverage for discovery error propagation
• added unit coverage for bootstrap-session cleanup on Close()

caveat

if a caller keeps a Tmux handle open while the server still has no real user sessions, the named bootstrap session may remain visible until Close() is called. this avoids stealing the first numeric session name and keeps the control-mode client alive, but it is not yet an immediate auto-retirement of the bootstrap session.

commit

• 9111a04 fix: avoid phantom tmux sessions on empty servers

v0.1.0

target-string APIs and missing surfaces

this release adds target-string methods and option struct extensions so
consumers can create and manipulate sessions, windows, and panes by tmux target
string (e.g. "mysession:2", "mysession:2.1") without needing materialized
Go objects. this is particularly useful for bulk session restore workflows.

new methods

• Tmux.SplitWindow(target, opts) — split a pane by target string,
  with optional direction, start directory, detached mode, and startup command
• Tmux.SelectLayout(target, layout) — apply a layout string (including
  custom checksum layouts) to a window by target string
• Tmux.GlobalOption(key) — query server-level global options via
  show-option -gqv; returns empty string for unset options

extended option structs

• NewWindowOptions — added Index *int (target a specific window index)
  and ShellCommand string (startup command as last positional arg)
• SplitWindowOptions — added Detached bool (-d flag to keep focus on
  current pane)

notes

• Tmux.SelectPane(target) and Tmux.SelectWindow(target) were already
  available since v0.0.1
• SessionOptions.ShellCommand already supported startup commands for
  new-session since v0.0.1
• no breaking changes — all existing APIs are unchanged

commits

• e429228 feat: add Index and ShellCommand fields to NewWindowOptions
• 7a1ce5f feat: add Detached to SplitWindowOptions; add Tmux.SplitWindow()
• ffbb3c9 feat: add Tmux.GlobalOption() for server-level option queries
• 0738282 feat: add Tmux.SelectLayout() for target-based layout selection