@Matt-Brown said in Find / Replace All Behavior Change:

@PeterJones Thank you! Probably my own bone-headed oversight. I know it updated recently and afterwards I noticed the behavior…I’ve never intentionally touched the “wrap around” checkbox. It was unchecked. I appreciate the explanation.

That happens. Glad you figured it out.

(I deleted my intervening post, which was made before your post got approved in the post queue)

@Todd-Marshall ,

Some comments, based on your two most recent posts:

We had no way to know how exactly you used the AI – it could have been either of the following: you prompted it to “take a common problem found in Notepad++ and propose a solution” This version was why I suggested it might have been hallucination Since you didn’t say earlier, I had no way to know this wasn’t what had happened. you prompted it with "brace matching is not working for me in Notepad++, with details X, Y, Z. could you re-write this as a “proposal for improvement” This version was why I suggested that it was bad data fed into the prompt (ie, that you were wrong) This turned out to be closer to the truth, as you described. Both in regards to what you actually asked the AI to do, and with regard to the fact that you were wrong or incomplete in your description to the AI This was a lot of extra effort on your part. Instead of explaining to the AI what you wanted to say, and then have it re-write your text in its own words, you could have just explained it to us in your own words. And it would have been better, because it wouldn’t have introduced the AI-garbage uncertainty. And you wouldn’t have been violating the forums rules for posting. So it would have been better all around. Your posts don’t even match the AI text you posted. In your two most-recent posts, you claim you suggested Ctrl+D, but your AI text actually suggested Ctrl+] … that’s two different keystrokes. So by going through the AI intermediary, you didn’t even know what you posted. Re: Documentation: I have no idea what you mean by “mired in COIK” As the primary maintainer of the Notepad++ documentation, if you have concrete examples of how the Online User Manual is “poorly organized”, feel free to create an issue in the user manual repo with concrete descriptions… but understand that the basic structure is pretty set-in-stone at this point. But if you really meant, “I have been burned by other documentation before, so I don’t bother reading any documentation”, the onus is still on you to give each new application’s documentation a chance before rejecting it out-of-hand. I really don’t care about how good or bad the documentation for a major corporation’s huge flagship product is, and you basing your decision on whether or not to read any documentation based on a bad experience with a huge, gigantic application like that is rather unfair of you to any other documentation Re: the root cause being mismatched braces: you cannot really expect a feature that says “go to matching brace” to work as you described you wanted when the braces aren’t matching. And, in fact, the way that Notepad++ does work helps to indicate that the braces are mismatched, now that you know what that symptom means.

To sum up: don’t post AI-generated content in a Community of human Users of Notepad++; it’s not allowed, and it didn’t work well for you when you did.

Talking about “the game of the summer,” it’s always interesting to see how different communities interpret “fun” — for some that’s about building an in‑game world, for others it’s just kicking back and enjoying downtime.

@SammyBolt said in autoupdater and connection temp.sh:

Regarding the WinGup fix in v8.8.8, Was the temp.sh (or similar) exfiltration vector reported in v8.8.4 possible on a clean, official installation of Notepad++?

The temporary fix prevents the hijacking attempts that redirect to the domain other than github.com. However, it cannot protect against malware that is hosted on github.com.

The full fix will be included in the upcoming version, as mentioned below.

You mentioned the fix landed in v8.8.8, but can you confirm if this vulnerability was introduced specifically in v8.8.4 (due to changes in the updater), or were versions prior to 8.8.4 (like 8.8.2/8.8.3) also susceptible to this specific gup.exe hijacking technique? What about 8.8.5-8.8.7?

We still cannot determine the exact method used by the attacker. But it is not a case of “a vulnerability introduced in version X”.

For users currently running v8.8.4 who want to verify they haven’t been impacted before updating: Aside from monitoring network traffic for temp.sh, are there specific things we can check for, like modifications to the update xml file or other modified files/logs in the program directory?

I do not have complete information to provide specific advice. However, here’s an article from a security expert who appears to have investigated this issue:
https://doublepulsar.com/small-numbers-of-notepad-users-reporting-security-woes-371d7a3fd2d9

My suggestion is download & install v8.8.8 manually from the official website.
The upcoming release v8.8.9 will be available in a few days. In this release the code signing certificates will be verified on the downloaded binary before update installation.
Then please update to v8.8.9, in which the vulnerability is fully addressed.

@mpheath
Thank you very much, adding these lines to the startup.py did indeed solve the problem og not correctly highlighted brackets with modern css selectors!

@PeterJones

Thanks for pointing me to that Github issue. I somewhat researched the topic (using VS code/Electron) repos and added a suggestion there.

The issue, I think, is that instead of using a dedicated shell API, Notepad++ tries to manually launch an Explorer process.