digikam: fix build with exiv2 0.28.0

(wiz)

finance/ruby-activemerchant: update to 1.131.0

1.131.0 (2023-06-21)

* Redsys: Add supported countries [jcreiff] #4811
* Authorize.net: Truncate nameOnAccount for bank refunds [jcreiff] #4808
* CheckoutV2: Add support for several customer data fields [rachelkirk]
  #4800
* Worldpay: check payment_method responds to payment_cryptogram and eci
  [bbraschi] #4812
* IPG: Update live url to correct endpoint [curiousepic] #4121

(taca)

doc: Updated devel/ruby-rspec-support to 3.12.1

(taca)

devel/ruby-rspec-support: update to 3.12.1

3.12.1 (2023-06-26)

Bug Fixes:

* Fix RSpec::Support.thread_local_data to be Thread local but not Fiber
  local. (Jon Rowe, #581)

(taca)

doc: Updated devel/ruby-rgl to 0.6.5

(taca)

devel/ruby-rgl: update to 0.6.5

0.6.4 (2023-06-19)

Bug Fixes

* add test case for bfs_search_tree_from (fixes #99) (54f92e4)
* Remove require of the file if already required (0ef2ce5)

0.6.5 (2023-06-19)

Bug Fixes

* Fixes links in README (#114) (682e4e6)

(taca)

doc: Updated devel/ruby-inline to 3.14.0

(taca)

devel/ruby-inline: update to 3.14.0

3.14.0 (2023-06-28)

3 minor enhancements:

* Changed File.write_with_backup to write the content and return renamed
  path.
* Dropped #inline ancient options processing code. 2005, yo.
* Preemptively require language extension if not defined yet.

1 bug fix:

* Declare Init_* to be (void) to prevent some compilers from complaining.

(taca)

doc: Updated devel/ruby-gettext_i18n_rails to 1.12.0

(taca)

devel/ruby-gettext_i18n_rails: update to 1.12.0

1.12.0 (2023-06-21)

* drop support for gettext < 3
* improve haml and slim harsing

(taca)

doc: Updated databases/ruby-sequel to 5.70.0

(taca)

databases/ruby-sequel: upate to 5.70.7

5.70.0 (2023-07-01)

* Make static_cache plugin better handle cases where forbid_lazy_load plugin
  is already loaded (jeremyevans)

* Fix ShardedThreadedConnectionPool#remove_server to disconnect all
  connections if removing multiple servers (jeremyevans)

* Support SEQUEL_DEFAULT_CONNECTION_POOL environment variable for choosing
  connection pool when :pool_class Database option is not set (jeremyevans)

* Add sharded_timed_queue connection pool (jeremyevans)

* Make connection_{validator,expiration} and async_thread_pool extensions
  work with timed_queue connection pool (jeremyevans)

* Make connection_{validator,expiration} extensions raise error when used
  with single threaded pools (HoneyryderChuck, jeremyevans) (#2049)

* Workaround possible resource starvation in threaded connection pool
  (ioquatix) (#2048)

(taca)

*: recursive bump for exiv2 0.28.0

(wiz)

gexiv2: fix build with exiv2 0.28.0 using upstream patches.

(wiz)

kfilemetadata5: fix build with exiv2 0.28.0 using upstream patch

(wiz)

doc: Updated graphics/exiv2 to 0.28.0

(wiz)

exiv2: update to 0.28.0, again.

geeqie already supports it, patches for two others incoming.

(wiz)

doc: Updated x11/alacritty to 0.12.2

(pin)

x11/alacritty: update to 0.12.2

Fixed
- Hyperlink preview not being shown when the terminal has exactly 2 lines
- Crash on Windows when changing display scale factor
- Freeze with some drivers when using GLX
- Crash when shrinking the terminal scrolled into the history

(pin)

doc: Updated shells/oh-my-posh to 17.5.3

(pin)

shells/oh-my-posh: update to 17.5.3

Bug Fixes
- lucky7 formatting in markdown (1374227)

(pin)

Downgrade oculante

(pin)

graphics/oculante: downgrade to 0.6.65

0.6.66 requires Rust-1.70

(pin)

doc: Updated audio/fasttracker2 to 1.68

(fox)

audio/fasttracker2: Update to 1.68

Changes since v1.66

v1.68 - 29.06.2023
- Windows: On double-click of file associated with program, de-minimize window
  (if minimized) and set input focus.
- De-minimize window (if minimized) and set focus after drag n' drop of file
- Windows/macOS: Updated SDL to v2.28.0

v1.67 - 25.04.2023
- The song-to-WAV export screen now defaults to the tracker's bit depth and
  audio rate. This was actually the behavior for earlier versions of the FT2
  clone, but I decided to change it back.
- The song-to-WAV exporter now allows rates up to 384kHz
- Alpha-based fade in for the about screen content (who cares..? :-)
- Some small text string changes (config and song-to-WAV export screen)
- Windows/macOS: Updated SDL to v2.26.5

(fox)

doc: Updated security/wolfssl to 5.6.3

(fox)

security/wolfssl: Update to v5.6.3

Changes since v5.6.0:

wolfSSL Release 5.6.3 (Jun 16, 2023)

Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:

* Fix for setting the atomic macro options introduced in release 5.6.2. This
  issue affects GNU gcc autoconf builds. The fix resolves a potential mismatch of
  the generated macros defined in options.h file and the macros used when the
  wolfSSL library is compiled. In version 5.6.2 this mismatch could result in
  unstable runtime behavior.
* Fix for invalid suffix error with Windows build using the macro
  GCM_TABLE_4BIT.
* Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM)
  implementations for modular exponentiation in SP math-all (sp_int.c) and TFM
  (tfm.c).
* Improvements to SendAlert for getting output buffer.

wolfSSL Release 5.6.2 (Jun 09, 2023)

Release 5.6.2 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance

NOTE: * --enable-heapmath is being deprecated and will be removed by 2024

Release 5.6.2 of wolfSSL embedded TLS has bug fixes and new features including:

Vulnerabilities
* [Low] In cases where a malicious agent could analyze cache timing at a very
  detailed level, information about the AES key used could be leaked during T/S
  Box lookups. One such case was shown on RISC-V hardware using the MicroWalk tool
  (https://github.com/microwalk-project/Microwalk). A hardened version of T/S Box
  lookups was added in wolfSSL to help mitigate this potential attack and is now
  on by default with RISC-V builds and can be enabled on other builds if desired
  by compiling wolfSSL with the macro WOLFSSL_AES_TOUCH_LINES. Thanks to Jan
  Wichelmann, Christopher Peredy, Florian Sieck, Anna P辰tschke, Thomas Eisenbarth
  (University of L端beck): MAMBO-V: Dynamic Side-Channel Leakage Analysis on
  RISC-V. Fixed in the following GitHub pull request
  https://github.com/wolfSSL/wolfssl/pull/6309
* [High] In previous versions of wolfSSL if a TLS 1.3 client gets neither a PSK
  (pre shared key) extension nor a KSE (key share extension) when connecting to a
  malicious server, a default predictable buffer gets used for the IKM value when
  generating the session master secret. Using a potentially known IKM value when
  generating the session master secret key compromises the key generated, allowing
  an eavesdropper to reconstruct it and potentially allowing surreptitious access
  to or meddling with message contents in the session. This issue does not affect
  client validation of connected servers, nor expose private key information, but
  could result in an insecure TLS 1.3 session when not controlling both sides of
  the connection. We recommend that TLS 1.3 client side users update the version
  of wolfSSL used. Thanks to Johannes from Sectra Communications and Link旦ping
  University for the report. Fixed in the following GitHub pull request
  https://github.com/wolfSSL/wolfssl/pull/6412

New Feature Additions

New Ports and Expansions
* Add support for STM32H5
* Add support for Renesas TSIP v1.17
* Add Renesas SCE RSA crypto-only support
* STARCORE DSP port and example builds added
* Add the function wc_PKCS7_SetDefaultSignedAttribs for setting PKCS7 signed
  attributes to use with PKCS7 bundle creation
* NXP IMX6Q CAAM port with QNX and performance optimizations for AES-CTR

New Build Options
* ASN.1 print utility to decode ASN.1 syntax and print out human readable text
  --enable-asn-print. Utility app is located in the directory ./examples/asn1/
* Add introspection for math build, wc_GetMathInfo() to get information about
  the math library compiled into the linked wolfSSL library
* Implement TLS recommendations from RFC 9325 for hardening TLS/DTLS security.
  Enabled with the autoconf flag --enable-harden-tls.
* Add option to support disabling thread local storage, --disable-threadlocal
* Added wc_DsaSign_ex() and wc_DsaVerify_ex() for handling alternative digest
  algorithms with DSA Sign/Verify
* Implement atomic operations interface. Macros auto-detect if atomic operations
  are expected to be available, can be turned off with the macro
  WOLFSSL_NO_ATOMICS
* Added support for DTLS 1.3 Authentication and Integrity-Only Cipher Suites
* Expand crypto callback to have a device ID find callback function with
  wc_CryptoCb_SetDeviceFindCb. Enabled with the macro WOLF_CRYPTO_CB_FIND

Enhancements and Optimizations

Optimizations
* Increased performance with ChaCha20 C implementation and general XOR
  operations
* Added integer type to the ASN.1 sequencing with ASN.1 Integer sequence
* With wolfSSL_get_x509_next_altname reset alt name list to head once cycled
  through if compiling with the macro WOLFSSL_MULTICIRCULATE_ALTNAMELIST
* Additional key validity sanity checks on input to wolfSSL_EC_KEY_set_private_key
* adds support for TLSv1.3 stateful session tickets when using SSL_OP_NO_TICKET

Memory Optimizations
* Improvements to stack usage and management with SP int math library
* Optimization to TLS 1.3 server to remove caching messages for Ed25519/Ed448
* Added a HAVE_CURL macro build for building a subset of the wolfSSL library
  when linking with cURL
* Memory usage improvement with reducing the size of alignment needed with AES
* Reduce run time memory used with ECC operations and ALT_ECC_SIZE
* Fixes and improvements for building edge cases such as crypto callback without
  hash-drbg with low footprint options
* Support HAVE_SESSION_TICKET build option without depending on realloc

Documentation
* Instructions for GPDMA on STM32 configuration added
* Add in instructions for compiling with zephyr on STM32
* Documentation fixup for wolfSSL_get_chain_cert()
* Fix the file pointed to in the TI RTOS documentation that we maintain
* Documentation for wolfSSL_CertManagerFreeCRL
* Updates made to AES and Chacha documentation
* Update Japanese comments for Ed25519, AES, and other miscellaneous items

Tests
* Add in an option for easily testing malloc failures when building with
  WOLFSSL_MEM_FAIL_COUNT macro
* Updated in process for using Expect vs Assert to facilitate more malloc
  failure tests
* Enhance wolfCrypt test for builds that do not have ECC SECP curves enabled
* ESP32 platform-specific VisualGDB test & benchmark projects
* Update to dependencies in docker container file used for tests
* Fix up for base 10 output with bundled benchmark application

Port Updates
* Zephyr port update, compile time warning fixes, misc. fixes when used with TLS
  and update of includes
* Update RIOT-OS to not compile out use of writev by default
* Update Micrium port to enable use of STM32_RNG
* Micrium updates for XMEMOVE and XSTRTOK use
* Various Espressif HW crypto, SHA2, AES, MP updates
* Added in ASIO build option with CMake builds

General Enhancements
* Global codebase cleanup for C89 compliance and wolfCrypt -Wconversion hygiene
* PKCS#11 enhancement adding a callback for RSA key size when using a hardware
  key, by default 2048 bit key is used
* Allow for unknown OIDs in extensions in wolfSSL_X509_set_ext()
* Allow user to override XSTAT by defining the macro XSTAT when compiling
* Support UPN and SID with x509 certificate extensions and custom OID build
* Write next IV in wolfSSL_DES_ede3_cbc_encrypt for better handling of inline
  encryption
* Adding NO_ASN_TIME_CHECK build option for compiling out certificate
  before/after checks
* Improve different peer recvfrom handling and error reporting with ipv4 vs ipv6

Fixes
* Fix for STM32 ECC sign and verify out of bounds buffer write when the hash
  length passed in is larger than the key size. Thanks to Maximilian for the
  report.
* Fix to skip Async_DevCtxInit when using init rsa/ecc label/id api's
* Revert WOLFSSL_NO_ASN_STRICT macro guard around alternate names directory list
* In async mode, don't retry decrypting if a valid error is encountered on a
  packet parse attempt
* Add additional sanity check on PKCS7 index value in wc_PKCS7_DecryptKekri
* Fix for padding when using an AuthEnvelope PKCS7 type with GCM/CCM stream
  ciphers
* Fix siphash assembly so that no register is left behind
* Fix to not send a TLS 1.3 session ID resume response when resuming and
  downgrading to a protocol less than TLS 1.3
* Fix overwriting serialNumber by favouriteDrink when generating a certificate
  using Cert struct
* Fix for the default realloc used with EspressIf builds
* Track SetDigest usage to avoid invalid free under error conditions
* DTLS v1.3 fix for epoch 0 check on plaintext message
* Fix for session ticket memory leak in wolfSSL_Cleanup
* Fixes for propagating SendAlert errors when the peer disconnects
* Replace XMEMCPY with XMEMMOVE to fix valgrind-3.15.0 reports "Source and
  destination overlap in memcpy" when using --enable-aesgcm-stream
* Fix for potential out-of-bounds write edge case in fp_mod_2d with
  --enable-fastmath math library
* Fix getting ECC key size in stm32_ecc_sign_hash_ex
* Fix for case where wc_PeekErrorNodeLineData was not unlocking error queue on
  error
* Fix for async ECC shared secret state
* Fix for better error checking with sp_gcd with SP int math library
* Fix memory leak in TLSX_KeyShare_Setup when handling an error case
* Fix for double free edge case in InitOCSPRequest when handling a memory
  allocation failure
* X509 NAME Entry fix for leaking memory on error case
* Fix wolfssl_asn1_time_to_tm setting unexpected fields in tm struct
* Fix for FIPS ECC integrity check with crypto callback set
* BN_to_ASN1_INTEGER fix for handling leading zero byte padding when needed
* Fix a typo in PP macro and add a ceiling to guard against implementation bugs
* DTLS 1.3 fix for using the correct label when deriving the resumption key
* OCSP fix for GetDateInfo edge case with non ASN template builds
* Allow a user set certificate callback function to override the skipAddCA flag
  when parsing a certificate
* SP int: sp_radix_size when radix 10 fix temp size for handling edge case
* Fixes and improvements for handling failures with memory allocations
* Fix for DecodeECC_DSA_Sig to handle r and s being initialized
* Fix for wc_ecc_is_point to ensure that the x and y are in range [0, p-1] and z
  is one (affine ordinates)

Build Fixes
* Fix for building on Windows with CMake and using USER_SETTINGS and fix for
  options.h creation with CMake when using USER_SETTINGS
* CMake fixes and improvements for use with mingw32
* Fix for building with wpas and x509 small options
* Check if colrm is available for options.h creation when using autoconf
* Clean up NO_BIG_INT build, removing WOLFSSL_SP_MATH macro and heapmath compile
* Fix PKCS#7 build with NO_PKCS7_STREAM
* Fix compilation error in CC-RX and remove unnecessary public key import
* SP Build fixes for ARM assembly with ARMv6 clz and ARM thumb debug build
* For to not advertise support for RSA in TLS extensions when compiled with
  NO_RSA

(fox)

doc: Updated www/jira-cli to 1.4.0

(fox)

www/jira-cli: Update to 1.4.0

Changes since 1.3.0:

v1.4.0

This release adds support for Jira v9, a serverinfo command to quickly check
your Jira server build info, lets you set resolution, assignee and comment on
issue move, and many more.

## What's added?
- feat(tui): Allow issue transition from the ui by @ankitpokhrel in #544
- feat(tui): Add help page by @ankitpokhrel in #563
- feat: Filter by multiple statuses by @ankitpokhrel in #573
- feat: Support for adding watcher to Issue by @ankitpokhrel in #584
- feat: Allow different jira server for API and for UI by @markhatch in #613

## What's fixed?
- fix: Shell completion for Fish and PowerShell by @ankitpokhrel in #553
- fix: Worklog comment don't work together with prompt by @ankitpokhrel in #562
- fix: Use http client wrapper instead of round trip by @ankitpokhrel in #530
- fix: Try to detect if JIRA v8 server is not using the createmeta REST endpoint
  by @tristianc in #574
- fix: Issue with -c flag on config generation by @ankitpokhrel in #582
- fix: Issue with value assignment in init by @ankitpokhrel in #606
- fix: Issue with epic field on create by @ankitpokhrel in #607
- fix: Comment author name is not always displayed by @ankitpokhrel in (#618)

## Other changes
- ehc: Improve PAGER selection by @ankitpokhrel in #570
- dep: Upgrade cobra to v1.7.0 by @dbirks in #608
- ci: Upgrade actions by @ankitpokhrel in #590

## New Contributors
- @tristianc made their first contribution in #574
- @dbirks made their first contribution in #608
- @markhatch made their first contribution in #613

Full Changelog: https://github.com/ankitpokhrel/jira-cli/compare/v1.3.0...v1.4.0

(fox)

fix changelog entry

(nia)

doc: Updated databases/mariadb106-server to 10.6.14

(nia)

mariadb105: update to 10.5.21

                        MariaDB 10.5.21 Release Notes

Notable Items

  InnoDB

    * Server crashes in st_join_table::choose_best_splitting (MDEV-31403)
    * Crash with condition pushable into derived and containing outer
      reference (MDEV-31240)
    * InnoDB does not free UNDO after the fix of MDEV-30671 (MDEV-31234)
    * Revert "MDEV-30473 : Do not allow GET_LOCK() / RELEASE_LOCK() in
      cluster"

  Optimizer

    * Crash with condition pushable into derived and containing outer
      reference (MDEV-31403 MDEV-31240)
    * Crash with EXPLAIN EXTENDED for multi-table update of system table
      (MDEV-31224)

                        MariaDB 10.5.20 Release Notes

Notable Items

  InnoDB

    * Crash on ROLLBACK in a ROW_FORMAT=COMPRESSED table (MDEV-30882)
    * UNIQUE USING HASH accepts duplicate entries for tricky collations
      (MDEV-30034)
    * rec_get_offsets() is not optimal (MDEV-30567)
    * Performance regression in fil_space_t::try_to_close() introduced in
      MDEV-23855 (MDEV-30775)
    * InnoDB recovery hangs when buffer pool ran out of memory (MDEV-30551)
    * InnoDB undo log truncation fails to wait for purge of history
      (MDEV-30671
    * Fix miscount of doublewrites by Innodb_data_written (MDEV-31124)

Backup

    * mariadb-backup doesn't utilise innodb-undo-log-directory (if specified
      as a relative path) during copy-back operation (MDEV-28187)
    * mariabackup issues error messages during InnoDB tablespaces export on
      partial backup preparing (MDEV-29050)
    * mariadb-backup does not copy Aria logs if aria_log_dir_path is used
      (MDEV-30968)
    * Race condition between buffer pool flush and log file deletion in
      mariadb-backup --prepare (MDEV-30860)

  Replication

    * Fixed a deadlock on parallel slave involving full image Write event on
      the sequence engine (MDEV-29621)
    * Fixed an attempted out-of-order binlogging error on slave involving
      ALTER on the sequence engine (MDEV-31077)
    * Corrected non-versioned master to versioned slave replication on
      no-unique attribute table (MDEV-30430)
    * Mended encrypted binlog master to error out to gtid-mode slave when
      master could not decrypt a binlog file (MDEV-28798)
    * Refined optimistic parallel slave to error-exit without any hang
      (MDEV-30780)
    * Ensured SHOW-SLAVE-STATUS is processed on the parallel slave having a
      necessary mutex always intialized (MDEV-30620)
    * Fixed the slave applier to report a correct error when gtid_slave_pos
      insert fails for some (engine) reasons (MDEV-31038)

  Optimizer

    * Split Materialized optimization is improved to re-fill the
      materialized table only if necessary. The fewer number of table
      refills is taken into account when choosing query plan, too
      (MDEV-26301).
    * Queries using SELECT DISTINCT some_expression(aggregate_function())
      could produce wrong query result. (MDEV-20057)
    * A GROUP BY query with MIN(primary_key) in select list and
      primary_key<>const in the WHERE could produce wrong result when
      executed with "Using index for group-by" strategy (MDEV-30605)
    * EXPLAIN could erroneously report that Rowid Filter optimization is
      used for partitioned tables. Partitioned tables do not support it.
      (MDEV-30596)
    * A bug in selectivity computations for SINGLE/DOUBLE_PREC_HB histograms
      could cause wrong estimates to be produced. This could cause the
      optimizer to pick sub-optimal query plans (MDEV-31067).

  Security

    * Fixes for the following security vulnerabilities:
          * CVE-2022-47015

(nia)

mate-calc: assumes compiler defaults to c99

(nia)

meta-pkgs: Fix incorrect use of TOOL_DEPENDS inside bulk-test-*.

(nia)

openldap-server: assumes compiler defaults to c99

(nia)

zenity: assumes compiler defaults to c99

(nia)

py-genshi: assumes compiler defaults to c99

(nia)

pciutils: assumes compiler defaults to c99

(nia)

gst-plugins1-good: assumes compiler defaults to c99

(nia)

w3m: assumes compiler defaults to c99

(nia)

doc: Updated databases/mariadb106-server to 10.6.14

(nia)

mariadb106: update to 10.6.14

                        MariaDB 10.6.14 Release Notes

Notable Items

  InnoDB

    * Server crashes in st_join_table::choose_best_splitting (MDEV-31403)
    * Crash with condition pushable into derived and containing outer
      reference (MDEV-31240)
    * InnoDB does not free UNDO after the fix of MDEV-30671 (MDEV-31234)
    * InnoDB hang fixes (MDEV-31158, MDEV-31343, MDEV-31350)
    * Innodb_buffer_pool_read_requests is not updated correctly (MDEV-31309)
    * InnoDB monitor trx_rseg_history_len was accidentally disabled by
      default (MDEV-31308)
    * Revert "MDEV-30473 : Do not allow GET_LOCK() / RELEASE_LOCK() in
      cluster"

  Optimizer

    * Crash with condition pushable into derived and containing outer
      reference (MDEV-31403 MDEV-31240)
    * Crash with EXPLAIN EXTENDED for multi-table update of system table
      (MDEV-31224)

                        MariaDB 10.6.13 Release Notes

Notable Items

  InnoDB

    * Crash on ROLLBACK in a ROW_FORMAT=COMPRESSED table (MDEV-30882)
    * UNIQUE USING HASH accepts duplicate entries for tricky collations
      (MDEV-30034)
    * rec_get_offsets() is not optimal (MDEV-30567)
    * Performance regression in fil_space_t::try_to_close() introduced in
      MDEV-23855 (MDEV-30775)
    * InnoDB recovery hangs when buffer pool ran out of memory (MDEV-30551)
    * InnoDB undo log truncation fails to wait for purge of history
      (MDEV-30671
    * MariaDB crash due to DB_FAIL reported for a corrupted page
      (MDEV-30397)
    * Deadlock between INSERT and InnoDB non-persistent statistics update
      (MDEV-30638)
    * InnoDB hang on B-tree split or merge (MDEV-29835)
    * Performance regression in locking reads from secondary indexes
      (MDEV-30357)
    * Improve adaptive flushing (MDEV-26055)
    * Make page flushing even faster (MDEV-26827)
    * Purge misses a chance to free not-yet-reused undo pages (MDEV-29593)
    * InnoDB temporary tablespace: reclaiming of free space does not work
      (MDEV-26782)
    * Fix miscount of doublewrites by Innodb_data_written (MDEV-31124)

  Backup

    * mariadb-backup doesn't utilise innodb-undo-log-directory (if specified
      as a relative path) during copy-back operation (MDEV-28187)
    * mariabackup issues error messages during InnoDB tablespaces export on
      partial backup preparing (MDEV-29050)
    * mariadb-backup does not copy Aria logs if aria_log_dir_path is used
      (MDEV-30968)
    * Race condition between buffer pool flush and log file deletion in
      mariadb-backup --prepare (MDEV-30860)

  Replication

    * Fixed a deadlock on parallel slave involving full image Write event on
      the sequence engine (MDEV-29621)
    * Fixed an attempted out-of-order binlogging error on slave involving
      ALTER on the sequence engine (MDEV-31077)
    * Corrected non-versioned master to versioned slave replication on
      no-unique attribute table (MDEV-30430)
    * Mended encrypted binlog master to error out to gtid-mode slave when
      master could not decrypt a binlog file (MDEV-28798)
    * Refined optimistic parallel slave to error-exit without any hang
      (MDEV-30780)
    * Ensured SHOW-SLAVE-STATUS is processed on the parallel slave having a
      necessary mutex always intialized (MDEV-30620)
    * Fixed the slave applier to report a correct error when gtid_slave_pos
      insert fails for some (engine) reasons (MDEV-31038)
    * Made parallel slave reports in performance schema consistent with that
      of show-slave-status (MDEV-26071)

  Optimizer

    * Split Materialized optimization is improved to re-fill the
      materialized table only if necessary. The fewer number of table
      refills is taken into account when choosing query plan, too
      (MDEV-26301).
    * New optimizer_switch option, hash_join_cardinality, is added. It is
      off by default. When set to ON, the optimizer will produce tighter
      bounds for hash join output cardinality. (MDEV-30812)
    * Queries using SELECT DISTINCT some_expression(aggregate_function())
      could produce wrong query result. (MDEV-20057)
    * ANALYZE FORMAT=JSON now prints more information about Block Nested
      Loop joins: block-nl-join element now has r_loops, r_effective_rows
      and r_other_time_ms fields (MDEV-30806, MDEV-30972).
    * A GROUP BY query with MIN(primary_key) in select list and
      primary_key<>const in the WHERE could produce wrong result when
      executed with "Using index for group-by" strategy (MDEV-30605)
    * EXPLAIN could erroneously report that Rowid Filter optimization is
      used for partitioned tables. Partitioned tables do not support it.
      (MDEV-30596)
    * A bug in selectivity computations for SINGLE/DOUBLE_PREC_HB histograms
      could cause wrong estimates to be produced. This could cause the
      optimizer to pick sub-optimal query plans (MDEV-31067).

  Security

    * Fixes for the following security vulnerabilities:
          * CVE-2022-47015

(nia)

python-versions-check: add more checks for automatic package selection

Bump version.

(wiz)

botan3: fix PLIST on archs that does not have processor rng support

(nros)

py-service_identity: restore PKGNAME

(wiz)

doc: Updated devel/py-tox to 4.6.3

(wiz)

py-tox: update to 4.6.3.

v4.6.3 (2023-06-19)

Bugfixes - 4.6.3

    Ensure that get_requires_for_build_wheel is called before
    prepare_metadata_for_build_wheel, and get_requires_for_build_editable
    is called before prepare_metadata_for_build_editable - by
    @abravalheri. (#3043)

Improved Documentation - 4.6.3

    Linked environment variable substitutions docs in set_env and
    pass_env config docs. (#3039)

v4.6.2 (2023-06-16)

Bugfixes - 4.6.2

    Avoid cache collision between editable wheel build and normal
    wheel build – by @f3flight. (#3035)

v4.6.1 (2023-06-15)

No significant changes.

v4.6.0 (2023-06-05)

Features - 4.6.0

    Addded --list-dependencies and --no-list-dependencies CLI
    parameters. If unspecified, defaults to listing when in CI,
    but not otherwise. (#3024)

Misc - 4.6.0

    #3020

(wiz)

doc: Updated textproc/py-sphinx-rtd-theme to 1.2.2

(wiz)

py-sphinx-rtd-theme: update to 1.2.2.

No summary of changes found. 5 months of development.

(wiz)

doc: Updated textproc/py-sphinx-autodoc-typehints to 1.23.2

(wiz)

py-sphinx-autodoc-typehints: update to 1.23.2.

1.23.2

What's Changed

    Test against 3.12 beta 2 by @gaborbernat in #360
    Remove dependency on itself from pyproject.toml by @0-wiz-0 in #361

1.23.1

What's Changed

    Fix broken github link in README.md by @thisch in #346
    Bump deps and tools by @gaborbernat in #348
    Add trusted-publish by @gaborbernat in #350
    Add 3.12 support by @gaborbernat in #352
    Bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.6 by @dependabot in #354
    Use ruff by @gaborbernat in #359

(wiz)

doc: Updated security/py-service_identity to 23.1.0

(wiz)

service_identity: update to 23.1.0.

## [23.1.0](https://github.com/pyca/service-identity/compare/21.1.0...23.1.0) - 2023-06-14

### Removed

- All Python versions up to and including 3.7 have been dropped.
- Support for `commonName` in certificates has been dropped.
  It has been deprecated since 2017 and isn't supported by any major browser.
- The oldest supported pyOpenSSL version (when using the `pyopenssl` backend) is now 17.0.0.
  When using such an old pyOpenSSL version, you have to pin *cryptography* yourself to ensure compatibility between them.
  Please check out [`contraints/oldest-pyopenssl.txt`](https://github.com/pyca/service-identity/blob/main/tests/constraints/oldest-pyopenssl.txt) to verify what we are testing against.

### Deprecated

- If you've used `service_identity.(cryptography|pyopenssl).extract_ids()`, please switch to the new names `extract_patterns()`.
  [#56](https://github.com/pyca/service-identity/pull/56)

### Added

- `service_identity.(cryptography|pyopenssl).extract_patterns()` are now public APIs (FKA `extract_ids()`).
  You can use them to extract the patterns from a certificate without verifying anything.
  [#55](https://github.com/pyca/service-identity/pull/55)
- *service-identity* is now fully typed.
  [#57](https://github.com/pyca/service-identity/pull/57)

(wiz)

doc: Updated devel/py-project-api to 1.5.2

(wiz)

py-project-api: update to 1.5.2.

What's Changed

    Bump deps and tools by @gaborbernat in #56
    Add pyproject-fmt by @gaborbernat in #57
    Bump pypa/gh-action-pypi-publish from 1.6.5 to 1.7.1 by @dependabot in #60
    docs: remove (dynamic) years from copyright by @paravoid in #58
    Bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1 by @dependabot in #61
    Bump deps and tools by @gaborbernat in #62
    Bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3 by @dependabot in #63
    Bump pypa/gh-action-pypi-publish from 1.8.3 to 1.8.5 by @dependabot in #66
    Bump deps and tools by @gaborbernat in #67
    Bump deps and tools by @gaborbernat in #70
    Drop 2.7 test by @gaborbernat in #72
    Add trusted-publish by @gaborbernat in #73
    Add 3.12 support by @gaborbernat in #74
    Bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.6 by @dependabot in #76
    git ls-files -z -- .github/workflows/check.yml | xargs -0 sed -i 's|3.12.0-alpha.7|3.12.0-beta.1|g' by @gaborbernat in #80
    Add ruff by @gaborbernat in #81

(wiz)

doc: Updated pkgtools/python-versions-check to 1.1

(wiz)

python-versions-check: add -d (debug) flag, improve docs

Bump version.

(wiz)

doc: Updated lang/gcc12 to 12.3.0

(wiz)

gcc12: update to 12.3.0

x86-64

    GCC now supports AMD CPUs based on the znver4 core via
    -march=znver4. The switch makes GCC consider using 512 bit
    vectors when auto-vectorizing.

Bugfixes.

(wiz)

doc: Added pkgtools/python-versions-check version 1.0

(wiz)

pkgtools/Makefile: + python-versions-check

(wiz)

pkgtools/python-versions-check: import python-versions-check-1.0

python-versions-check is a script for pkgsrc developers that compares
the Python versions supported by a package to the ones supported
by its dependencies and the packages depending on it.

This helps recognizing problems when a package wants to use another
package which does not support all the Python versions it supports.

(wiz)

revbump: Not for Python 2

(wiz)

revbump: fix LICENSE

(wiz)

Updated devel/libgsf, devel/libuv

(adam)

libuv: updated to 1.46.0

Version 1.46.0 (Stable)

Changes since version 1.45.0:
* Add SHA to ChangeLog (Santiago Gimeno)
* misc: update readthedocs config (Jameson Nash)
* test: remove erroneous RETURN_SKIP (Ben Noordhuis)
* android: disable io_uring support (Ben Noordhuis)
* linux: add some more iouring backed fs ops (Santiago Gimeno)
* build: add autoconf option for disable-maintainer-mode (Jameson Nash)
* fs: use WTF-8 on Windows (Stefan Karpinski)
* unix,win: replace QUEUE with struct uv__queue (Ben Noordhuis)
* linux: fs_read to use io_uring if iovcnt > IOV_MAX (Santiago Gimeno)
* ios: fix uv_getrusage() ru_maxrss calculation (Ben Noordhuis)
* include: update outdated code comment (Ben Noordhuis)
* linux: support abstract unix sockets (Ben Noordhuis)
* unix,win: add UV_PIPE_NO_TRUNCATE flag (Ben Noordhuis)
* unix: add loongarch support (liuxiang88)
* doc: add DPS8M to LINKS.md (Jeffrey H. Johnson)
* include: add EUNATCH errno mapping (Abdirahim Musse)
* src: don't run timers if loop is stopped/unref'd (Trevor Norris)
* win: fix -Wpointer-to-int-cast warning (Ben Noordhuis)
* test,win: fix -Wunused-variable warning (Ben Noordhuis)
* test,win: fix -Wformat warning (Ben Noordhuis)
* linux: work around io_uring IORING_OP_CLOSE bug (Ben Noordhuis)
* win: remove unused functions (Ben Noordhuis)
* bench: add bench to check uv_loop_alive (Trevor Norris)
* test: add uv_cancel test for threadpool (Trevor Norris)
* unix: skip prohibited syscalls on tvOS and watchOS (絨����)
* unix,fs: make no_pwritev access thread-safe (Santiago Gimeno)
* unix: fix build for lower versions of Android (絨����)

(adam)

libgsf: updated to 1.14.50

libgsf 1.14.50
* Fix error handling problem when writing ole files.

libgsf 1.14.49
* Use g_date_time_new_from_iso8601 and g_date_time_format_iso8601
  when available.  See merge request 9.
* Fix problems with non-western text in OLE properties.

libgsf 1.14.48
* Fix win32 build.
* Add "zip64" readable property of GsfInfileZip.

(adam)

py-colorama: not for Python 2 any longer

(wiz)

*: mark dependencies of py-colorama as not-for-Python-2

(wiz)

py-pygccxml: mark as not for Python 2

(wiz)

doc: Updated math/py-numpy to 1.25.0

(wiz)

py-numpy: update to 1.25.0.

NumPy 1.25.0 is now available. The highlights of the release are:

    Support for MUSL, there are now MUSL wheels.
    Support for the Fujitsu C/C++ compiler.
    Object arrays are now supported in einsum.
    Support for the inplace matrix multiplication (@=).

The NumPy 1.25.0 release continues the ongoing work to improve the
handling and promotion of dtypes, increase the execution speed,
and clarify the documentation. There has also been preparatory work
for the future NumPy 2.0.0, resulting in a large number of new and
expired deprecations.

The Python versions supported by this release are 3.9-3.11.

(wiz)

*: restrict py-numpy users to 3.9+ in preparation for update

(wiz)

doc: Updated meta-pkgs/bulk-medium to 20230701

(wiz)

bulk-medium: switch to Python 3.10

Bump version.

(wiz)

doc: Updated net/nanotodon to 0.3.1

(tsutsui)

nanotodon: update to 0.3.1.

Upstream changes
https://github.com/taka-tuos/nanotodon/releases/tag/0.3.1
https://github.com/taka-tuos/nanotodon/releases/tag/0.3.0

0.3.1
* Decode apostrophe correctly

0.3.0
* use sjson instread of json-c(reduce dependency)
* multi profile
* and more

(tsutsui)

diesel-cli: use appropriate INSTALL_* macros

(wiz)

doc: Updated sysutils/fzf to 0.42.0

(iquiw)

fzf: update to 0.42.0

* Added new info style: --info=right
* Added new info style: --info=inline-right
* Added new border style thinblock which uses symbols for legacy computing
  one eighth block elements
  * Similarly to block, this style is suitable when using a different
    background color because the window is completely contained within the
    border.

    BAT_THEME=GitHub fzf --info=right --border=thinblock --preview-window=border-thinblock \
        --margin=3 --scrollbar=������ --preview='bat --color=always --style=numbers {}' \
        --color=light,query:238,fg:238,bg:251,bg+:249,gutter:251,border:248,preview-bg:253

  * This style may not render correctly depending on the font and the
    terminal emulator.

(iquiw)

doc: Updated x11/qt6-qtbase to 6.5.0nb3

(bacon)

x11/qt6-qtbase: Add GCC_REQD to buildlink3.mk

Dependent packages need to use a C++17-compatible compiler
in order to find some headers used by Qt6, such as <filesystem>.
This patch unbreaks wip/qmediamanager.

(bacon)

Updated www/unit-php to 1.30.1nb1
Updated www/unit-python to 1.30.1nb1
Updated www/unit-ruby to 1.30.1nb1

(osa)

www/unit-*: add multiple versions support for python and ruby

Multiple versions of python and ruby programming languages can coexist,
so adding versions to modules make them coexist as well.

Bump PKGREVISION.

(osa)

www/unit-php: added PHP 8.2 as supported version

Bump PKGREVISION.

(osa)

doc: Updated print/foomatic4-db to 20230629

(bsiegert)

foomatic4-db: update to 20230629

Changes: five years of new printers, I guess

(bsiegert)

Pullup ticket #6766 - requested by taca
www/ruby-rails61: security fix

Revisions pulled up:
- databases/ruby-activerecord61/distinfo                        1.19
- devel/ruby-activejob61/distinfo                              1.19
- devel/ruby-activemodel61/distinfo                            1.19
- devel/ruby-activestorage61/distinfo                          1.19
- devel/ruby-activesupport61/distinfo                          1.19
- devel/ruby-railties61/distinfo                                1.19
- lang/ruby/rails.mk                                            1.146
- mail/ruby-actionmailbox61/distinfo                            1.19
- mail/ruby-actionmailer61/distinfo                            1.19
- textproc/ruby-actiontext61/distinfo                          1.19
- www/ruby-actioncable61/distinfo                              1.19
- www/ruby-actionpack61/distinfo                                1.19
- www/ruby-actionview61/distinfo                                1.19
- www/ruby-rails61/distinfo                                    1.19

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Tue Jun 27 13:35:19 UTC 2023

  Modified Files:
  pkgsrc/databases/ruby-activerecord61: distinfo
  pkgsrc/devel/ruby-activejob61: distinfo
  pkgsrc/devel/ruby-activemodel61: distinfo
  pkgsrc/devel/ruby-activestorage61: distinfo
  pkgsrc/devel/ruby-activesupport61: distinfo
  pkgsrc/devel/ruby-railties61: distinfo
  pkgsrc/lang/ruby: rails.mk
  pkgsrc/mail/ruby-actionmailbox61: distinfo
  pkgsrc/mail/ruby-actionmailer61: distinfo
  pkgsrc/textproc/ruby-actiontext61: distinfo
  pkgsrc/www/ruby-actioncable61: distinfo
  pkgsrc/www/ruby-actionpack61: distinfo
  pkgsrc/www/ruby-actionview61: distinfo
  pkgsrc/www/ruby-rails61: distinfo

  Log Message:
  www/rails61: update to 6.1.7.4

  Rails 6.1.7.4 (2023-06-26)

  Action Pack

  *  Raise an exception if illegal characters are provide to redirect_to
      [CVE-2023-28362]

      *Zack Deveau*

(bsiegert)

Updated devel/p5-Term-ProgressBar to 2.23

(wen)

doc/TODO: + opencv-4.8.

(wiz)

Update to 2.23

Upstream changes:
2.23  2022-10-08 MANWAR
      - Merged PR #11: Added a check to print a full bar at the end, thanks @cwallacetlc.

(wen)

Updated devel/p5-Term-ReadLine-Gnu to 1.45

(wen)

Update to 1.45

Upstream changes:
1.45  2022-11-27
        - add support MSWin32
            - require the GNU Readline Library 8.1 or later
            - use xfree in the GNU Readline Library
            - INSTALL.md: add section "MSWin32 (Strawberry Perl)"
        - Makefile.PL
            - On macOS Big Sur or later 'perl Makefile.PL' does not warn any
              more without using ExtUtils::MakeMaker 7.58 or later.
        - ppport.h: update from version 3.62 to version 3.68.
            - suppress warning messages, Wcompound-token-split-by-macro,
              generated by clang 12 or later
            - https://github.com/Perl/perl5/issues/18780
        - expand tabs, trim trailing white-spaces

1.44  2022-11-06
        - change the TERM check as bash does (#11)
            - Use `Term::ReadLine::Stub` if the environment variable `TERM` is
              set to `"emacs"` or the environment variable `INSIDE_EMACS` or
              `EMACS` is defined.

1.43  2022-09-27
        - readline-8.2 support
            new functions
                rl_trim_arg_from_keyseq
                rl_set_timeout
                rl_clear_timeout
                rl_timeout_remaining
            new variables
                rl_eof_found
                rl_timeout_event_hook
            new state values for rl_readline_state
                RL_STATE_TIMEOUT
                RL_STATE_EOF
        - t/00checkver.t: check if $TERM is set properly [#11]
        - Makefile.PL
            - warn if $TERM is not set properly [#11]
            - fix for MSYS2: take care of `\r\n` in the output of rlmalloc
            - guess_malloc_names(): simplify the control structure
        - INSTALL: add a section for "MSYS2"
        - Gnu.xs: no more non-ANSI C compiler support (remove PARAM macros)
        - Gnu.pm, Gnu.xs, Gnu/XS.pm: expand tabs
        - README.md, INSTALL.md: changed to Markdown

(wen)

Updated devel/p5-Term-Shell to 0.13

(wen)