doc: Updated graphics/digikam to 8.0.0nb9

(wiz)

digkam: switch to ffmpeg5

Bump PKGREVISION.

(wiz)

doc: Added time/tzdiff version 1.1.1

(taca)

time/Makefile; add and enable tzdiff

(taca)

time/tzdiff: add package version 1.1.1

tzdiff is a simple command line tool to show time pairs
between target timezone and localtime.

(taca)

p5-Alien-Hunspell: revert description changes

They were more accurate before, if a little misleading, in that this
package is also used as a build tool.

(gutteridge)

nghttp2: Move fetch-ocsp-response script to nghttp2-tools.

Used only by the tools, not by the library.

This drops the Python dependency on the library, which is needed by
curl -- should help mitigate the ouroboros of curling pythons here.

(riastradh)

Correction, sorry makoto -> mef

(mef)

doc: Updated math/R-repurrrsive to 1.1.0

(mef)

(math/R-repurrrsive) Updated 1.0.0 to 1.1.0

# repurrrsive 1.1.0

* Some NSFW content has been removed from `got_chars` (#26).

* `gmaps_cities` is a new dataset, containing the results of geocoding five
  US cities.

(mef)

doc: Updated math/R-robustbase to 0.95.1

(mef)

(math/R-robustbase) Updated 0.95.0 to 0.95.1

CHANGES in robustbase VERSION 0.95-1 (2023-03-28, svn r903):

  BUG FIXES:

        * Fixed 'covMcd()': 'raw.only=TRUE' does not work in the case
          'nsamp="deterministic"'

  NEW FEATURES:

        * New 'lmc()' and 'rmc()' for robust tail weight ("robust
          kurtosis").

  Misc:

        * Our 'tests/*.R' no longer rely on the 'Matrix'
          'test-tools.R' collection but rather use our much smaller
          own one in 'xtraR/test-tools.R'.

        * fixed '\' escape in 'man/aircraft.Rd'.

        * initialize equed in 'src/lmrob.c' to avoid false positive
          compiler warning.

        * document "internal" '.regularize.Mpsi()'.

        * replace '()' by '(void)' arguments for 'F77_SUB(println)'.

(mef)

mk/compiler/gcc.mk: Missed a spot for TOOLS_USE_CROSS_COMPILE.

Fixes build of tool dependencies like m4 of cross-libtool-base from a
clean tree with no packages; I must have already had m4 built when I
used this before.

(riastradh)

buildlink3: Fix missing CROSS_DESTDIR qualifier for cd.

Not clear why this didn't fail noisily, but it had the effect of just
not creating the appropriate buildlink3 symlinks if the library in
question wasn't installed natively too.

(riastradh)

cross-libtool-base: Sync with libtool-base to fix libtoolize.in #!.

(riastradh)

doc: Updated textproc/p5-Text-Hunspell to 2.16

(gutteridge)

p5-Text-Hunspell: update to 2.16

While here, take maintainership.

2.16    2022/07/15 13:04:00 Europe/Oslo (cosimo)

        Included LICENSE file in distribution manifest.

2.15    2022/07/15 12:19:00 Europe/Oslo (cosimo)

        Documentation and license improvements:
        - Merged https://github.com/cosimo/perl5-text-hunspell/pull/14 by @manwar (from 2015! Sorry)
        - Merged https://github.com/cosimo/perl5-text-hunspell/pull/16 by @choroba (from 2016! Sorry)
        - Merged https://github.com/cosimo/perl5-text-hunspell/pull/18 by @JJ (from a month ago)

(gutteridge)

p5-Alien-Hunspell: correct descriptions

(gutteridge)

doc: Updated textproc/p5-Alien-Hunspell to 0.17nb1

(gutteridge)

p5-Alien-Hunspell: correct dependency to fix sandboxed builds

p5-Alien-Build is a full dependency; it must be present in the build
environment in order for p5-Alien-Hunspell to function when it in turn
builds p5-Text-Hunspell. Addresses various bulk build failures. While
here, take maintainership.

(gutteridge)

qt5-qtwebengine: patches for ffmpeg>=5 and for python3 - via ArchLinux

(markd)

#6761

(spz)

Pullup ticket #6761 - requested by bsiegert
print/cups-base: security fix

Revisions pulled up:
- print/cups-base/Makefile                                      1.57
- print/cups-base/distinfo                                      1.33
- print/cups-base/patches/patch-cups_string.c                  1.1

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Thu Jun  1 11:39:33 UTC 2023

  Modified Files:
          pkgsrc/print/cups-base: Makefile distinfo
  Added Files:
          pkgsrc/print/cups-base/patches: patch-cups_string.c

  Log Message:
  cups-base: fix security problem.

  Bump PKGREVISION.

  To generate a diff of this commit:
  cvs rdiff -u -r1.56 -r1.57 pkgsrc/print/cups-base/Makefile
  cvs rdiff -u -r1.32 -r1.33 pkgsrc/print/cups-base/distinfo
  cvs rdiff -u -r0 -r1.1 pkgsrc/print/cups-base/patches/patch-cups_string.c

(spz)

doc: Updated net/sniffnet to 1.2.1

(pin)

net/sniffnet: update to 1.2.1

New features
- Considerably refined the app packaging strategy, introducing support for more
  architectures and other advancements �沒ｦ (see #246 for additional details)
- Added button to clear all the current search filters quickly in inspect page
- Added Swedish translation �汞ｸ�汞ｪ (#213)

Improvements
- Updated most of the existing translations to v1.2:
    - German �汞ｩ�汞ｪ (#191)
    - Spanish �汞ｪ�汞ｸ (#203)
    - Persian �汞ｮ�汞ｷ (#193)
    - Korean �汞ｰ�汞ｷ (#205)
    - Polish �汞ｵ�汞ｱ (#244)
    - Romanian �汞ｷ�汞ｴ (#241)
    - Russian �汞ｷ�汞ｺ (#187)
    - Turkish �汞ｹ�汞ｷ (#192)
    - Ukrainian �汞ｺ�汞ｦ (#216)
    - Chinese �汞ｨ�汞ｳ (#214)
- Renamed "Administrative entity" to "Autonomous System name" to avoid
  confusion
- Improved filter columns relative width to avoid the "Application protocol"
  label being cut when displayed in Swedish
- Footer URLs have been updated to include links to Sniffnet's official website
  and GitHub Sponsor page
- Updated docs including installation instruction for Arch Linux (#185)
- Minor improvements to packets and bytes number format
- Minor improvements to:
    - code readability (#248)
    - docs (#235)

Fixes
- Various issues have been fixed by the refined packaging strategy (#199, #220,
  #223, #224, #225, #242)
- Solved a minor problem that caused flags to be slightly misaligned in inspect
  page table

(pin)

doc: Updated math/R-DEoptimR to 1.0.13

(mef)

(math/R-DEoptimR) Updated 1.0.11 to 1.0.13 inst/NEWS.Rd is not updated

(mef)

doc: Updated math/R-rstudioapi to 0.14

(mef)

(math/R-rstudioapi) Updated 0.13 to 0.14

# rstudioapi 0.14 (UNRELEASED)

* `documentPath()` now marks the encoding of file paths as UTF-8. (#257)

* `getSourceEditorContext()` gains the `id` argument, to be used to request
  the editor context for a document with an already-known ID. (#251)

* Added `documentOpen()`, for opening a document in RStudio and optionally
  navigating the cursor to a particular point in the file. The method is
  synchronous and returns the document ID upon completion.

* Fixed an issue where `rstudioapi::askForSecret()` would erroneously fall back
  to using `rstudioapi::askForPassword()` during Knit.

* Added `registerCommandCallback`, `registerCommandStreamCallback`, and
  `unregisterCommandCallback`, used to execute a callback after an IDE command
  is executed.

(mef)

doc: Updated math/R-sandwich to 3.0.2

(mef)

(math/R-sandwich) Updated 3.0.1 to 3.0.2

# sandwich 3.0-2

* Added new argument `aggregate = TRUE` to `meatPL()` which is thus inherited by
  `vcovPL()`. By default, this still yields the Driscoll & Kraay (1998) covariance
  matrix. When setting `aggregate = FALSE` the cross-sectional and cross-serial
  correlation is set to zero, yielding the "pure" panel Newey-West covariance
  matrix.

* Bug fix in `vcovCL(..., type = "HC2")` for `glm` objects or `lm` objects
  with weights. The code had erroneously assumed that the hat matrices were
  all symmetric (as in the `lm` case without weights). This is corrected now.
  (Detected and reported by Bixi Zhang.)

* Issue a warning in `vcovHC()` for HC2/HC3/HC4/HC4m/HC5 if any of the hat values
  are numerically equal to 1. This leads to numerically unstable covariances,
  in the most extreme case `NaN` because the associated residuals are equal to
  0 and divided by 0. (Suggested by Ding Peng and John Fox.)

* Speed improvement in `vcovBS.lm()`: For `"xy"` bootstrap, `.lm.fit()` rather than
  `lm.fit()` is used which is somewhat more efficient in some situations (suggested
  by Grant McDermott). For `"residual"` and wild bootstrap, the bootstrap by default
  still samples coefficients via QR decomposition in each iteration (`qrjoint = FALSE`)
  but may alternatively sample the dependent variable and then apply the QR
  decomposition jointly only once (`qrjoint = TRUE`). If the sample size (and the
  number of coefficients) is large, then `qrjoint = TRUE` may be significantly faster
  while requiring much more memory (proposed by Alexander Fischer).

* Enable passing score matrix (as computed by `estfun()`) directly to
  `bwAndrews()` and `bwNeweyWest()`. If this is used, the score matrix should
  either have a column `(Intercept)` or the `weights` argument should be set
  appropriately to identify the column pertaining to the intercept (if any).

* The vignettes have been tweaked so that they still "run" without technical errors
  when suggested packages (listed in the VignetteDepends) are not available. This is
  achieved by defining replacement functions that do not fail but lead to partially
  non-sensical output. A warning is added in the vignettes if any of the replacements
  is used.

(mef)

doc: Updated math/R-sets to 1.0.24

(mef)

(math/R-sets) Updated 1.0.18 to 1.0.24

(R CMD Rdconv -t txt  /tmp/math/R-sets/work/sets/inst/NEWS.Rd | head -40 )
News for Package 'sets'

Changes in version 1.0-24:

        * add missing methods in NAMESPACE

Changes in version 1.0-23:

        * Fix formals mismatch in .as.list.gset()

Changes in version 1.0-22:

        * Add ORCID IDs

Changes in version 1.0-21:

        * Vectorize all [cg]set predicates and check for correct
          arguments

        * add 'as.vector()' methods for [cg]sets

        * rename element class to gset_element to avoid name clash with
          ggplot

Changes in version 1.0-20:

        * Some small fixes in interval code

        * '[gc]set_complement(a, b)' now use the union of the universes
          of 'a' and 'b', and the max. bound of 'a' and 'b' if no
          global defaults are specified.

Changes in version 1.0-19:

        * no user-level changes

(mef)

textproc/py-rapidfuzz: Actually change to gcc10

(The previous commit explained why I chose 10 for GCC_REQD, but
accidentally contained 8 because I was  testing that.  While 8 seems
to work, various code is increasingly troubled by non-recent
compilers, and it doesn't seem useful to try to live on the edge.)

(gdt)

Improve portability with newer libstdc++

(joerg)

textproc/py-rapidjson: Increase compiler requirements

On netbsd-9, some files failed to build with an ICE.  (The upstream
build system unhelpfully retried the build without the C extension,
making this harder to debug, but PLIST caught it.)

Declare C++17 because upstream README says so.
Require gcc 10, because gcc 7 on NetBSD 9 fails, and 10 is the new
normal.

(gdt)

doc: Updated lang/php80 to 8.0.29

(taca)

lang/php80: update to 8.0.29

8.0.29 (2023-06-08)

Soap:

* Fixed bug GHSA-76gg-c692-v2mw (Missing error check and insufficient random
  bytes in HTTP Digest authentication for SOAP).

(taca)

devel/scons4: Require a version with working rpath

4.5.2 does not handle rpath correctly, and e.g. gpsd fails to build;
this is fixed in 4.5.2nb1.  In build.mk, require a working version.

(gdt)

Updated finance/py-eth-typing, finance/py-eth-hash, finance/py-eth-utils, finance/py-eth-abi, finance/py-eth-keyfile

(adam)

py-eth-keyfile: updated to 0.6.1

0.6.1
-----
- Remove deprecated `setuptools-markdown` dependency (https://github.com/ethereum/eth-keyfile/pull/37)
- Use twine to upload package to pypi

(adam)

py-eth-keys: allow Python 3.11

(adam)

py-eth-abi: updated to 4.0.0

eth-abi v4.0.0 (2023-03-22)

No significant changes.

eth-abi v4.0.0-beta.3 (2023-03-20)

Breaking Changes

Upgrade Parsimonious dependency to allow >=0.9,<0.10

eth-abi v4.0.0-beta.2 (2022-11-21)

Features

Add support for Python 3.11

eth-abi v4.0.0-beta.1 (2022-09-27)

Bugfixes

Reconcile differences in 32-byte padding between eth-abi encoders for dynamic types and Solidity's abi.encode() for 0 or empty values

Breaking Changes

Remove encode_abi_single(), encode_packed_single(), and decode_abi_single(). Rename encode_abi(), encode_abi_packed(), and decode_abi() to encode(), encode_packed(), and decode(), respectively.

(adam)

py-eth-utils: updated to 2.1.1

eth-utils v2.1.1 (2023-06-07)

Internal Changes - for eth-utils Contributors

Add currency tests with float ether inputs.
remove unused docs deps, bump version of remaining
merge updates from the python project template

(adam)

py-eth-hash: updated to 0.5.2

eth-hash v0.5.2 (2023-06-07)

Internal Changes - for eth-hash Contributors

remove unused docs deps, bump version of remaining
merge updates from the python project template

(adam)

py-eth-typing: updated to 3.4.0

eth-typing v3.4.0 (2023-06-07)

Improved Documentation

pull in ethereum-python-project-template updates

Features

Add Cancun to ForkName enum.

Internal Changes - for eth-typing Contributors

remove unused docs deps, bump version of remaining
pull in ethereum-python-project-template updates
For CircleCI builds, update pip and pip install tox under sys instead of --user to avoid virtualenv versioning issues.

v3.3.0 (2023-03-08)

Features

Add Shanghai to ForkName enum.
Add support for python 3.11.

Internal Changes - for eth-typing Contributors

tox related updates for make docs to work properly. Remove some old references to python 3.5 and 3.6.
Bump mypy version to 0.910 to avoid issues installing the "[dev]" extra on Python 3.10. Update test suite to require installing the full dependency suite to help catch these errors.

(adam)

py-poetry-plugin-export: update DEPENDS

(adam)

py-poetry: update DEPENDS

(adam)

Updated lang/py311-html-docs, devel/py-cachecontrol

(adam)

py-cachecontrol: updated to 0.13.1

v0.13.1
serialize: remove v1 and v2 formats
refactor: move the serialization implementation to method
feat: drop support of Python older than 3.7
fix(typing): fix wrong types
workflows: add a release workflow
cachecontrol: 0.13.1

(adam)

py311-html-docs: updated to 3.11.4

(adam)

doc: Updated audio/chromaprint to 1.5.1nb3

(wiz)

chromaprint: support ffmpeg5 using upstream patch.

Bump PKGREVISION.

(wiz)

doc: Updated geography/gpsd to 3.25nb1

(wiz)

gpsd: switch to scons4

Add missing dependency for gpsplot.

Bump PKGREVISION.

(wiz)

wxGTK31: remove, development version for wxGTK32

All pkgsrc users switched.

(wiz)

scons4: fix some pkglint

(wiz)

doc: Updated devel/scons4 to 4.5.2nb1

(wiz)

scons4: carry over rpath hack from devel/scons

Improve build.mk, add test target.

(wiz)

scons: add upper bound to avoid pulling in scons4

(wiz)

nmap: remove patch that was removed from distinfo during update

(wiz)

doc: Updated devel/py-virtualenv to 20.23.0nb1

(jperkin)

py-virtualenv: Requires py-expat.

Bump PKGREVISION.

(jperkin)

doc/TODO: scons update done (new scons4 package)

(wiz)

serf: switch to devel/scons4

(wiz)

doc: Added devel/scons4 version 4.5.2

(wiz)

devel/Makefile: + scons4

(wiz)

devel/scons4: import py-scons-4.5.2

SCons is an Open Source software construction tool--that is, a build tool;
an improved substitute for the classic Make utility; a better way to build
software.

(wiz)

doc: Updated games/woof to 11.1.4

(micha)

games/woof: Update to 11.1.4

Woof! 11.1.4
============

Bug Fixes
---------
- more fixes for DSDHacked sprites and sounds.

Woof! 11.1.3
============

Bug Fixes
---------
- more fixes for DSDHacked sprites and sounds.

Woof! 11.1.2
============

New Features and Improvements
-----------------------------
- woofhud: implement centered widgets, avoid collisions with left/right
  aligned widgets.

Bug Fixes
---------
- memio: init reset_eof field.
- fix automap overlay reset.
- fix DSDHacked crash.
- winmidi: prevent hanging notes when pausing game (@ceski-1).
- woofhud: avoid collisions between very long left/right aligned widgets.
- make cheat restrictions consistent for menu and player input.

Thanks @MrAlaux for reporting most of these bugs!

Woof! 11.1.1
============

New Features and Improvements
-----------------------------
- winmidi: Sync with Chocolate Doom (@ceski-1).

Bug Fixes
---------
- Fix setting EOF in memio, this bug broke most DEH lumps.
- Do not disable Widescreen menu item without Aspect Ratio Correction
  anymore (thanks @MrAlaux).
- Set display resolution when toggling Exclusive Fullscreen.

Woof! 11.1.0
============

New Features and Improvements
-----------------------------
- Allow bound keys to be unbound in menus by pressing the same key.
- Implementation of the Native MIDI module for macOS (fixed regression
  after removing SDL_Mixer).
- Add -dumptables command line option to export generated translation
  tables to PWAD.
- Windows Native MIDI improvements (@ceski-1):
  - Fix EMIDI global looping.
  - Add MIDI compatibility levels. winmm_complevel config option:
    0: Vanilla (Emulates DMX MPU-401 mode)
    1: Standard (Emulates MS GS Synth) (Default)
    2: Full (Send everything to device, including SysEx)
- Distinguish exit with message on error and on success.

Bug Fixes
---------
- Fix memory issues in dehacked parser found with ASan.
- Fix "Smooth pixel scaling" inconsistencies (now it should match
  Crispy Doom).
- More robust fallback logic for music modules (@joanbm).
- Always print player coords if automap is inactive.
- Eat key if cheat found (e.g. don't switch weapons when typing
  IDCLEV11).
- Resetting the MUSINFO track after changing the level.
- Add initialization checks to music modules. Fixed crash if sound
  device not found (thanks to @joanbm).
- Fix initialization with invalid video_display setting (@joanbm).

Woof! 11.0.0
============

New Features and Improvements
-----------------------------
- HUD updates.
  - Introduce new WOOFHUD lump with ability to tweak widgets positions.
    See the woofhud.lmp example in docs/ and documentation in the wiki.
  - The three-line level stats and player coords widgets have been
    consolidated into single lines, the FPS counter is now a separate
    widget.
  - Ability to choose standard Doom font for widgets.
  - Smooth Health/Armor count (@MrAlaux).
  - HUD font patches updates (@liPillON).
- Switch to OpenAl Soft for sound mixing.
  - Massive improvements to sound mixing quality. Fixes issues with
    sound "clicking" (first room of DBP25.wad), sound overload
    (Revenants scream) and others.
  - Use libsndfile for SFX and music files loading. Support for a lot of
    WAV formats, Ogg, FLAC, MP3, Opus and others.
  - Use libxmp for tracker music.
  - Use a linear resampler and simple 2D panning to not differ too much
    from vanilla sound.
- New video options in General menu:
  - Add framerate limiting (@mikeday0).
  - Exclusive fullscreen mode. Activated only when normal fullscreen
    mode is enabled.
  - "Smooth pixel scaling" from Crispy Doom.
- Make mouse settings exactly the same as in Crispy Doom. Add mouse
  acceleration options to the General menu.
- Support BRGHTMPS lump from Doom Retro.
  - Format extension with the ability to set SPRITE, FLAT and STATE
    brightmaps.
  - De hardcode in-engine brightmaps. See brghtmps.lmp files in
    autoload/ directory.
- Generate color translation tables.
  - Improve readability and colors of custom fonts in menus and HUD.
  - Always draw demo progress bar with the lightest and darkest color
    available.
- Textscreen updates (ENDOOM screen and woof-setup)
  - Resizable textscreen windows.
  - Increase the default window size.
  - Render textscreen content to an upscaled intermediate texture.
    Improve non-integer window size scaling.
- Add a menu for binding cheats to keys/buttons.
  Ability to bind "Fake Archvile Jump".
- New cheats:
  - FREEZE Stops all monsters, projectiles and item animations, but not
    the player animations (from ZDoom).
  - IDDKT/IDDST/IDDIT (kill, secret, item) finder cheats from DSDA-Doom.
  - IDBEHOLDH (health) and IDBEHOLDM (megaarmor) from PrBoom.
  - SKILL cheat to show (or change) game skill level from Crispy Doom.
  - List of all cheats available in the wiki.
- Add options to disable certain HUD messages (@MrAlaux).
- Introduce hide weapon cosmetic option (see Weapons menu).
- Implement support for new author field in UMAPINFO.
- Add key binding for "clean screenshots" without any HUD elements.
- Rearrange the startup messages.
- Support monster infight field in Dehacked (taken from Chocolate Doom).
  Fixes monsters infight in 100krevs.wad.
- Add support for loading old Doom (< v1.2) IWADs. Not demo compatible.
- Complete donut overrun emulation (from PrBoom+/Chocolate Doom).
- Only delete the entire savegame name if not modified.
- Update strings edit in menu. Set cursor position at end of line,
  Backspace and Del work as expected.
- Play quit sound only if showing ENDOOM (@ceski-1).
- Disable "180 turn" in strict mode (new DSDA rule).
- Config updates. Do not store comments and deprecated entries, sort and
  group, clean up.
- Check if drag-n-dropped .lmp files could be demo lumps.
- Always interpolate idle weapon bob with uncapped FPS (@ceski-1).
- Add M_VBOX and M_PALSEL lumps from PrBoom+.
- Play a sound if the menu is activated with a different key than ESC.
- Support for QUITMSG1..QUITMSG14 in Dehacked (quit messages in
  D2ISOv2.wad).
- The demo footer is now compatible with PrBoom+/DSDA-Doom demo
  autoplay.

Bug Fixes
---------
- Better automap controls, fix some rotate/follow/overlay
  inconsistencies.
- Windows Native MIDI fixes.
  - Fix songs with missing "hold pedal off" events (@ceski-1).
  - Update volume after "reset all controllers" event. In certain cases
    the channel can be audible even if the music volume slider is set to
    zero (@ceski-1).
  - Detect SysEx "part level" messages. Fixes volume in Valiant.wad
    MAP30 (@ceski-1).
- Fix stutter in custom weapon switch animations (thanks to @MrAlaux).
- Fix colorized player names in network chats.
- Clip interpolated weapon sprites (thanks to @mikeday0).
- Fix always gray percent / always red mismatch in status bar.
- Fix -dogs default value.
- Fix desync due to randomly mirrored corpses feature (fixes DBP31.wad).
- Add check for wrong indexes in P_LoadSegs() (fixes 1killtng.wad
  map13).
- ESC key resets a menu item with multiple options.
- Fix crash when trying to send chat macro with key ASCII code < '0'
  (thanks to @MrAlaux).
- Properly center colorized messages (thanks to @MrAlaux).
- Fix alt-tab with exclusive fullscreen on Windows.
- Fix -dumplumps command line parameter.
- Fix puff interpolation on the floor level (thanks to @JNechaevsky).
- Print error and skip PNG patch (fixes practicehub.wad).
- Avoid ZIP file directory name clashes.
- Fix disappearing icon on fullscreen switch on Windows.
- Fix restart MUSINFO music loaded from save.
- Fix a skull in the menu being drawn over the confirmation box when
  deleting a save (thanks to @MrAlaux).
- Fix crosshair drawn over bezel in lock-on mode (thanks to @MrAlaux).

Miscellaneous
-------------
- Static build under Windows, there are no library DLLs in the
  distribution archive.

(micha)

doc: Updated security/polkit to 121

(wiz)

polkit: update to 121.

## polkit 121

### Highlights:
- new versioning
- duktape added as backend JS engine
- autotools build system removed
- new translations

### Changes since polkit 0.120:

* Simon McVittie
    * meson and testsuite fixes
* Bastien Nocera
    * add ability to create policyconfig-1.dtd file
* Xi Ruoyao
    * port to newer mozjs-91, jsauthority tweaks
* Wu Xiaotian and Gustavo Lima Chaves
    * Add duktape as javascript engine
* Nathan Follens
    * Dutch translation
* Daniel E
    * duktape fixup
* Fabrice Fontaine
    * fix build without C++
* Dan Nicholson
    * fixup in group permision checking (backend)
* Phaedrus Leeds
    * typo fix
* Adrian Vovk
    * add option (--keep-cwd) for pkexec
* Matt Turner
    * Allow --version and --help even if not setuid root
* Benedikt Ames
    * fixes in polkitagent
* Vincent Mihalkovic
    * development support

(wiz)

audio/fluidsynth: Fix bl3 file

Provide file "bin/fluidsynth" for target "FluidSynth::fluidsynth"
in "lib/cmake/fluidsynth/FluidSynthTargets.cmake".

(micha)

doc: Updated net/ucspi-ssl to 0.999.12.7nb1

(schmonz)

ucspi-ssl: remove non-meaningful 'inet6' option. Bump PKGREVISION.

The dependency was to ensure the runtime presence of tcprules(1),
described at HOMEPAGE thus:

    Optional but indispensible: ucspi-tcp6 to build the cdb to control
    incoming connections for sslserver using tcprules coming with the
    ucspi-tcp6 package. Older versions of ucspi-tcp can be used as well,
    but don't provide neither IPv4 CIDR nor IPv6 capabilities. The
    generated cdb however, is binary compatible among all versions.

Depending on either of net/ucspi-tcp{,6} here was complicating the
dependency graph in exchange for... still getting in the way of other
packages installing what they need (e.g. mail/bincimap). Trust the
sysadmin to notice if they don't already have tcprules and decide what
to install in that case.

(schmonz)

doc: Updated www/goaccess to 1.7.2

(schmonz)

Update to 1.7.2. From the changelog:

1.7.2:
- Added a color-coding scheme to HTTP status codes.
- Added '--external-assets' command line option to output external JS+CSS
  files. Great when used with Content Security Policy (CSP).
- Ensure there's a fallback for 'Windows' if it appears on the user-agent.
- Ensure we construct the WebSocket URL in a way that supports multiple use
  cases when used along '--ws-url' and '--port'.
- Fixed a segfault due to a null pointer exception on FreeBSD.
- Fixed build with '--disable-nls'.
- Fixed invalid read (heap-buffer-overflow) when parsing an XFF spec via
  JSON.
- Fixed segfault when parsing a specific XFF specifier.

1.7.1:
- Added 'inlang' for easy localization (i18n) updates.
  https://inlang.com/editor/github.com/allinurl/goaccess
- Added nanosecond parsing option via the '%n' specifier. Great for parsing
  'Traefik' JSON logs duration field.
- Fixed issue with '--unknowns-as-crawlers' where it did not process them as
  such.

1.7:
- Added an option to classify unknown OS and browsers as crawlers using
  `--unknowns-as-crawlers`.
- Added highlighting to certain metrics on the HTML report for readability.
- Added a new panel that displays ASN data for GeoIP2 and legacy databases.
  Great for detecting malicious traffic and blocking accordingly.
- Added an ASN metric per IP/host.
- Changed and prioritize user's browsers list over heuristics.
- Ensure `--geoip-database=<path>` can be used multiple times to support
  different databases.
- Fixed invalid read when loading the list of agents for an IP.
- Fixed issue where a file containing a NUL `\0` character would crash the
  program.
- Updated Swedish i18n.

(schmonz)

libheif: Disable rav1e option explicitly

If you have installed multimedia/rav1e, the build fails.

(ryoon)

firefox: Try to fix build failure for older NetBSD

* Fix build when MAKE_JOBS is not defined under NetBSD 9.3 or earlier.

(ryoon)

doc: Updated shells/nushell to 0.81.0

(pin)

shells/nushell: update to 0.81.0

Themes of this release / New features
Polishing the experience
This release focuses on improving the user experience, fixing some
long-standing bugs, and adding a few helpful features.

One of the bugs that was fixed for 0.81 was a long-standing issue with
reedline, Nushell's line editor. Now, Nushell will prefer to move to make room
for text that had been output rather than risking writing over top of it.
This maybe improve the general experience of working in the terminal,
resizing, and more.

There have also been fixes to table printing to make it work better for more
cases.

Startup time improvements

Startup times have also been improved. Through a combination of various fixes
to both how the standard library files were handles and how the parser worked,
we've been able to see significant improvements, sometimes as high as
30-50% faster.

Breaking changes
We had to remove ARMv7 and RISC-V from this release due to a breaking change
in one of the dependencies. We hope to resolve this for future releases.

Exclude globs now need square brackets

view source now works over rest arguments

alias calls are now position dependent

(pin)

graphics/graphviz: Declare minimum required API versions of librsvg and pango

As documented by upstream.

(micha)

Updated lang/python3*, lang/py3*-html-docs

(adam)

python311: updated to 3.11.4

Python 3.11.4

Security
gh-103142: The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u to address several CVEs.
gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified.
gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler.
gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii.
Core and Builtins
gh-105164: Ensure annotations are set up correctly if the only annotation in a block is within a match block. Patch by Jelle Zijlstra.
gh-104615: Fix wrong ordering of assignments in code like a, a = x, y. Contributed by Carl Meyer.
gh-104482: Fix three error handling bugs in ast.c窶冱 validation of pattern matching statements.
gh-102818: Do not add a frame to the traceback in the sys.setprofile and sys.settrace trampoline functions. This ensures that frames are not duplicated if an exception is raised in the callback function, and ensures that frames are not omitted if a C callback is used and that does not add the frame.
gh-104405: Fix an issue where some bytecode instructions could ignore PEP 523 when 窶彿nlining窶� calls.
gh-104018: Disallow the 窶忝窶� format specifier in %-format of bytes objects.
gh-103971: Fix an issue where incorrect locations numbers could be assigned to code following case blocks.
gh-102310: Change the error range for invalid bytes literals.
gh-103590: Do not wrap a single exception raised from a try-except* construct in an ExceptionGroup.
gh-101517: Fix bug in line numbers of instructions emitted for except*.
gh-103242: Migrate set_ecdh_curve() method not to use deprecated OpenSSL APIs. Patch by Dong-hee Na.
gh-102700: Allow built-in modules to be submodules. This allows submodules to be statically linked into a CPython binary.
gh-101857: Fix xattr support detection on Linux systems by widening the check to linux, not just glibc. This fixes support for musl.
gh-99184: Bypass instance attribute access of __name__ in repr of weakref.ref.
gh-96670: The parser now raises SyntaxError when parsing source code containing null bytes. Backported from aab01e3. Patch by Pablo Galindo
bpo-31821: Fix pause_reading() to work when called from connection_made() in asyncio.

Library
gh-105080: Fixed inconsistent signature on derived classes for inspect.signature()
gh-104874: Document the __name__ and __supertype__ attributes of typing.NewType. Patch by Jelle Zijlstra.
gh-104340: When an asyncio pipe protocol loses its connection due to an error, and the caller doesn窶冲 await wait_closed() on the corresponding StreamWriter, don窶冲 log a warning about an exception that was never retrieved. After all, according to the StreamWriter.close() docs, the wait_closed() call is optional (窶從ot mandatory窶�).
gh-104372: Refactored the _posixsubprocess internals to avoid Python C API usage between fork and exec when marking pass_fds= file descriptors inheritable.
gh-75367: Fix data descriptor detection in inspect.getattr_static().
gh-104536: Fix a race condition in the internal multiprocessing.process cleanup logic that could manifest as an unintended AttributeError when calling process.close().
gh-104399: Prepare the _tkinter module for building with Tcl 9.0 and future libtommath by replacing usage of deprecated functions mp_to_unsigned_bin_n() and mp_unsigned_bin_size() when necessary.
gh-104307: socket.getnameinfo() now releases the GIL while contacting the DNS server
gh-87695: Fix issue where pathlib.Path.glob() raised OSError when it encountered a symlink to an overly long path.
gh-104265: Prevent possible crash by disallowing instantiation of the _csv.Reader and _csv.Writer types. The regression was introduced in 3.10.0a4 with PR 23224 (bpo-14935). Patch by Radislav Chugunov.
gh-104035: Do not ignore user-defined __getstate__ and __setstate__ methods for slotted frozen dataclasses.
gh-103987: In mmap, fix several bugs that could lead to access to memory-mapped files after they have been invalidated.
gh-103935: Use io.open_code() for files to be executed instead of raw open()
gh-100370: Fix potential OverflowError in sqlite3.Connection.blobopen() for 32-bit builds. Patch by Erlend E. Aasland.
gh-103848: Add checks to ensure that [ bracketed ] hosts found by urllib.parse.urlsplit() are of IPv6 or IPvFuture format.
gh-103872: Update the bundled copy of pip to version 23.1.2.
gh-103861: Fix zipfile.Zipfile creating invalid zip files when force_zip64 was used to add files to them. Patch by Carey Metcalfe.
gh-103685: Prepare tkinter.Menu.index() for Tk 8.7 so that it does not raise TclError: expected integer but got "" when it should return None.
gh-81403: urllib.request.CacheFTPHandler no longer raises URLError if a cached FTP instance is reused. ftplib窶冱 endtransfer method calls voidresp to drain the connection to handle FTP instance reuse properly.
gh-103578: Fixed a bug where pdb crashes when reading source file with different encoding by replacing io.open() with io.open_code(). The new method would also call into the hook set by PyFile_SetOpenCodeHook().
gh-103556: Now creating inspect.Signature objects with positional-only parameter with a default followed by a positional-or-keyword parameter without one is impossible.
gh-103559: Update the bundled copy of pip to version 23.1.1.
gh-103365: Set default Flag boundary to STRICT and fix bitwise operations.
gh-103472: Avoid a potential ResourceWarning in http.client.HTTPConnection by closing the proxy / tunnel窶冱 CONNECT response explicitly.
gh-103449: Fix a bug in doc string generation in dataclasses.dataclass().
gh-103256: Fixed a bug that caused hmac to raise an exception when the requested hash algorithm was not available in OpenSSL despite being available separately as part of hashlib itself. It now falls back properly to the built-in. This could happen when, for example, your OpenSSL does not include SHA3 support and you want to compute hmac.digest(b'K', b'M', 'sha3_256').
gh-103225: Fix a bug in pdb when displaying line numbers of module-level source code.
gh-93910: Remove deprecation of enum memmber.member access.
gh-102978: Fixes unittest.mock.patch() not enforcing function signatures for methods decorated with @classmethod or @staticmethod when patch is called with autospec=True.
gh-103204: Fixes http.server accepting HTTP requests with HTTP version numbers preceded by 窶�+窶�, or 窶�-窶�, or with digit-separating 窶論窶� characters. The length of the version numbers is also constrained.
gh-102953: The extraction methods in tarfile, and shutil.unpack_archive(), have a new a filter argument that allows limiting tar features than may be surprising or dangerous, such as creating files outside the destination directory. See Extraction filters for details.
gh-101640: argparse.ArgumentParser now catches errors when writing messages, such as when sys.stderr is None. Patch by Oleg Iarygin.
gh-96522: Fix potential deadlock in pty.spawn()
gh-87474: Fix potential file descriptor leaks in subprocess.Popen.

Documentation
gh-89455: Add missing documentation for the max_group_depth and max_group_width parameters and the exceptions attribute of the traceback.TracebackException class.
gh-89412: Add missing documentation for the end_lineno and end_offset attributes of the traceback.TracebackException class.
gh-104943: Remove mentions of old Python versions in typing.NamedTuple.
gh-67056: Document that the effect of registering or unregistering an atexit cleanup function from within a registered cleanup function is undefined.
gh-48241: Clarifying documentation about the url parameter to urllib.request.urlopen and urllib.request.Requst needing to be encoded properly.

Tests
gh-104494: Update test_pack_configure_in and test_place_configure_in for changes to error message formatting in Tk 8.7.
gh-104461: Run test_configure_screen on X11 only, since the DISPLAY environment variable and -screen option for toplevels are not useful on Tk for Win32 or Aqua.
gh-103329: Regression tests for the behaviour of unittest.mock.PropertyMock were added.
gh-85984: Utilize new 窶忤insize窶� functions from termios in pty tests.
gh-75729: Fix the os.spawn* tests failing on Windows when the working directory or interpreter path contains spaces.

Build
gh-90005: Fix a regression in configure where we could end up unintentionally linking with libbsd.
gh-104106: Add gcc fallback of mkfifoat/mknodat for macOS. Patch by Dong-hee Na.
gh-99069: Extended workaround defining static_assert when missing from the libc headers to all clang and gcc builds. In particular, this fixes building on macOS <= 10.10.

Windows
gh-105146: Updated the links at the end of the installer to point to Discourse rather than the mailing lists.
gh-104623: Update Windows installer to use SQLite 3.42.0.
gh-102997: Update Windows installer to use SQLite 3.41.2.
gh-88013: Fixed a bug where TypeError was raised when calling ntpath.realpath() with a bytes parameter in some cases.

macOS
gh-103142: Update macOS installer to use OpenSSL 1.1.1u.
gh-104623: Update macOS installer to SQLite 3.42.0.
gh-102997: Update macOS installer to SQLite 3.41.2.

IDLE
gh-104719: Remove IDLE窶冱 modification of tokenize.tabsize and test other uses of tokenize data and methods.
gh-104499: Fix completions for Tk Aqua 8.7 (currently blank).
gh-104496: About prints both tcl and tk versions if different (expected someday).
gh-88496: Fix IDLE test hang on macOS.

(adam)

python310 py310-html-docs: updated to 3.10.12

Python 3.10.12

Security
gh-103142: The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u to address several CVEs.
gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified.
gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler.
gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii.

Library
gh-103935: Use io.open_code() for files to be executed instead of raw open()
gh-102953: The extraction methods in tarfile, and shutil.unpack_archive(), have a new a filter argument that allows limiting tar features than may be surprising or dangerous, such as creating files outside the destination directory. See Extraction filters for details.

Documentation
gh-89412: Add missing documentation for the end_lineno and end_offset attributes of the traceback.TracebackException class.

Build
gh-103262: Fixes Windows installer build to work with latest compilers.

(adam)

python39 py39-html-docs: updated to 3.9.17

Python 3.9.17

Security
gh-103142: The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u to address several CVEs.
gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified.
gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler.
gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii.
gh-101727: Updated the OpenSSL version used in Windows and macOS binary release builds to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per the OpenSSL 2023-02-07 security advisory.
gh-101283: subprocess.Popen now uses a safer approach to find cmd.exe when launching with shell=True. Patch by Eryk Sun, based on a patch by Oleg Iarygin.

Core and Builtins
gh-102126: Fix deadlock at shutdown when clearing thread states if any finalizer tries to acquire the runtime head lock. Patch by Kumar Aditya.
gh-100892: Fix race while iterating over thread states in clearing threading.local. Patch by Kumar Aditya.

Library
gh-103935: Use io.open_code() for files to be executed instead of raw open()
gh-102953: The extraction methods in tarfile, and shutil.unpack_archive(), have a new a filter argument that allows limiting tar features than may be surprising or dangerous, such as creating files outside the destination directory. See Extraction filters for details.
gh-101997: Upgrade pip wheel bundled with ensurepip (pip 23.0.1)

Windows
gh-100180: Update Windows installer to OpenSSL 1.1.1s

macOS
gh-103142: Update macOS installer to use OpenSSL 1.1.1u.

(adam)

python38 py38-html-docs: updated to 3.8.17

Python 3.8.17

Security
gh-103142: The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u to address several CVEs.
gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified.
gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler.
gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii.
gh-101727: Updated the OpenSSL version used in Windows and macOS binary release builds to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per the OpenSSL 2023-02-07 security advisory.
gh-101283: subprocess.Popen now uses a safer approach to find cmd.exe when launching with shell=True. Patch by Eryk Sun, based on a patch by Oleg Iarygin.

Library
gh-103935: Use io.open_code() for files to be executed instead of raw open()
gh-102953: The extraction methods in tarfile, and shutil.unpack_archive(), have a new a filter argument that allows limiting tar features than may be surprising or dangerous, such as creating files outside the destination directory. See Extraction filters for details.
gh-101997: Upgrade pip wheel bundled with ensurepip (pip 23.0.1)

Build
gh-102306: [3.8] Avoid GHA CI macOS test_posix failure by using the appropriate macOS SDK.

Windows
gh-100180: Update Windows installer to OpenSSL 1.1.1s

macOS
gh-103142: Update macOS installer to use OpenSSL 1.1.1u.

(adam)

python37 py37-html-docs: updated to 3.7.17

Python 3.7.17

Security
gh-103142: The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u to address several CVEs.
gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified.
gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler.
gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii.
gh-101727: Updated the OpenSSL version used in Windows and macOS binary release builds to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per the OpenSSL 2023-02-07 security advisory.
gh-101283: subprocess.Popen now uses a safer approach to find cmd.exe when launching with shell=True. Patch by Eryk Sun, based on a patch by Oleg Iarygin.

Library
gh-101997: Upgrade pip wheel bundled with ensurepip (pip 23.0.1)

Build
gh-102306: Avoid GHA CI macOS test_posix failure by using the appropriate macOS SDK.

Windows
gh-100180: Update Windows installer to OpenSSL 1.1.1s

(adam)

doc: Updated math/R-shapefiles to 0.7.2

(mef)

(math/R-shapefiles) Updated 0.7 to 0.7.2, NEWS.md unknown

(mef)

doc: Updated math/R-sp to 1.6.1

(mef)

(math/R-sp) Updated 1.5.1 to 1.6.1

Changes in version 1.6-1 (2023-05-16):

        * add evolution vignette, drop over vignette, add startup
          message

Changes in version 1.6-0 (2023-01-19):

        * add get_evolution_status() and set_evolution_status()

(mef)

doc: Updated math/R-gstat to 2.1.1

(mef)

(math/R-gstat) Updated 2.0.9 to 2.1.1 (NEWS.md is not fully updated)

# version 2.1-0

* import `sftime`; modify `krigeST()` variogram functions to accept
  `sftime` objects for `data` (as alternative to `STI` or `STIDF`),
  and `stars` or `sftime` objects for `newdata`; #108 with great help
  from @henningte

* fix Gaussian cosimulation, probably introduced in 2016, #106

(mef)

Added time/R-sftime version 0.2.0

(mef)

time/R-sftime: import R-sftime-0.2.0

Classes and methods for spatial objects that have a registered time
column, in particular for irregular spatiotemporal data. The time
column can be of any type, but needs to be ordinal. Regularly laid out
spatiotemporal data (vector or raster data cubes) are handled by
package 'stars'.

(mef)