cde/NEWS

This documents significant changes in the 93u+m branch of AT&T ksh93.
For full details, see the git log at:
	https://github.com/modernish/ksh

Any uppercase BUG_* names are modernish shell bug IDs.

2020-05-21:

- Fix truncating of files with the combined redirections '<>;file' and
  '<#pattern'. The bug was caused by out-of-sync streams.
  Details and discussion: https://github.com/att/ast/issues/61

- Patched code injection vulerability CVE-2019-14868. As a result, you can
  no longer use expressions in imported numeric environment variables; only
  integer literals are allowed.

2020-05-20:

- Fix BUG_ISSETLOOP. Expansions like ${var+set} remained static when used
  within a 'for', 'while' or 'until' loop; the expansions din't change along
  with the state of the variable, so they could not be used to check whether a
  variable is set within a loop if the state of that variable changed in the
  course of the loop.

- Fix BUG_IFSISSET. ${IFS+s} always yielded 's', and [[ -v IFS ]] always
  yielded true, even if IFS is unset. This applied to IFS only.

2020-05-19:

- Fix 'command -p'. The -p option causes the operating system's standard
  utilities path (as output by 'getconf PATH') to be searched instead of $PATH.
  Before this fix, this was broken on non-interactive shells as the internal
  variable holding the default PATH value was not correctly initialised.

2020-05-16:

- Fix 'test -t 1', '[ -t 1 ]', '[[ -t 1 ]]' in command substitutions.
  Standard output (file descriptor 1) tested as being on a terminal within a
  command substitution, which makes no sense as the command substitution is
  supposed to be catching standard output.
	v=$(echo begincomsub
	    [ -t 1 ] && echo oops
	    echo endcomsub)
	echo "$v"
  This now does not output "oops".

2020-05-14:

- Fix syncing history when print -s -f is used. For example, the
  following now correctly adds a 'cd' command to the history:
	print -s -f 'cd -- %q\n' "$PWD"
  Ref.:	https://github.com/att/ast/issues/425
	https://github.com/att/ast/pull/442

- Fix BUG_PUTIOERR: Output builtins now correctly detect and report
  input/output errors. This allows scripts to check for a nonzero exit
  status on the 'print', 'printf' and 'echo' builtins and prevent possible
  infinite loops if SIGPIPE is ignored.

- Add a convenient bin/run_ksh_tests script to the source tree that
  sets up the necessary environment and runs the ksh regression tests.

2020-05-13:

- Fix BUG_CASELIT: an undocumented 'case' pattern matching misbehaviour that
  goes back to the original Bourne shell, but wasn't discovered until 2018.
  If a pattern doesn't match as a pattern, it was tried again as a literal
  string. This broke common validation use cases, e.g.:
      n='[0-9]'
      case $n in
      ( [0-9] )  echo "$n is a number" ;;
      esac
  would output "[0-9] is a number" as the literal string fallback matches the
  pattern. As this misbehaviour was never documented anywhere (not for Bourne,
  ksh88, or ksh93), and it was never replicated in other shells (not even in
  ksh88 clones pdksh and mksh), it is unlikely any scripts rely on it.
     Of course, a literal string fallback, should it be needed, is trivial to
  implement correctly without this breakage:
      case $n in
      ( [0-9] | "[0-9]")  echo "$n is a number or the number pattern" ;;
      esac
  Ref.: https://github.com/att/ast/issues/476

- Fix BUG_REDIRIO: ksh used to redirect standard output by default when no
  file descriptor was specified with the rarely used '<>' reading/writing
  redirection operator. It now redirects standard input by default, as POSIX
  specifies and as all other POSIX shells do. To redirect standard output
  for reading and writing, you now need '1<>'.
  Ref.:	https://github.com/att/ast/issues/75
	http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_07_07