Add exercism: Command line tool for exercism.org

The Exercism CLI is the link between the exercism.org website and your
local work environment. It lets you download exercises and submit your
solution to the site.

(schmonz)

Note exercism addition.

(schmonz)

doc: Updated security/go-mkcert to 1.4.4

(schmonz)

Update to 1.4.4. From the changelog:

1.4.4:
- Firefox packaged in a Snap, which is the default browser of Ubuntu
  22.04, is now supported
- Fixed a crash when a CSR doesn't have SANs
- Calling mkcert with no arguments only prints the help text

1.4.3:
- The EKU logic is now simpler, and it follows the following rules
    - if an IP address, DNS name, or URI SAN is present, serverAuth
      is included
    - if -client is used, clientAuth is included
    - if an email address SAN in present, emailProtection is included
- Certificate generation based on CSRs is now consistent with standard
  certificate generation

1.4.2:
- Reduce certificate lifetime to 2 years and 3 months
- Detect various flavors of Firefox (#225, #280)

pkgsrc changes:

- Simplify packaging
- Take MAINTAINER

(schmonz)

doc: Added shells/oh-my-posh version 14.14.1

(schmonz)

Add and enable oh-my-posh.

(schmonz)

Add oh-my-posh: Prompt theme engine for any shell

Oh My Posh is a blazing fast cross platform/shell prompt renderer. Features:

- Shell and platform agnostic
- Easily configurable
- The most configurable prompt utility
- Fast
- Secondary prompt
- Right prompt
- Transient prompt

(schmonz)

Category makefiles say "SUBDIR+=", not "SUBDIRS+=".

(schmonz)

Updated devel/libcbor, security/libfido2

(adam)

doc: Updated benchmarks/hyperfine to 1.16.0

(pin)

libfido2: updated to 1.13.0

Version 1.13.0 (2023-02-20)
** Support for linking against OpenSSL on Windows.
** New API calls:
  - fido_assert_empty_allow_list;
  - fido_cred_empty_exclude_list.
** fido2-token: fix issue when listing large blobs.
** Improved support for different fuzzing engines.

Version 1.12.0 (2022-09-22)
** Support for COSE_ES384.
** Support for hidraw(4) on FreeBSD.
** Improved support for FIDO 2.1 authenticators.
** New API calls:
  - es384_pk_free;
  - es384_pk_from_EC_KEY;
  - es384_pk_from_EVP_PKEY;
  - es384_pk_from_ptr;
  - es384_pk_new;
  - es384_pk_to_EVP_PKEY;
  - fido_cbor_info_certs_len;
  - fido_cbor_info_certs_name_ptr;
  - fido_cbor_info_certs_value_ptr;
  - fido_cbor_info_maxrpid_minpinlen;
  - fido_cbor_info_minpinlen;
  - fido_cbor_info_new_pin_required;
  - fido_cbor_info_rk_remaining;
  - fido_cbor_info_uv_attempts;
  - fido_cbor_info_uv_modality.
** Documentation and reliability fixes.

(adam)

benchmarks/hyperfine: update to 1.16.0

v1.16.0

Features
- Added new `--input` option, see #541 and #563 (@snease)
- Added possibility to specify `-` as the filename in the
  `--export-*` options, see #615 and #623 (@humblepenguinn)

Changes
- Improve hints for outlier warnings if `--warmup` or `--prepare` are in use
  already, see #570 (@sharkdp)

Bugfixes
- Fix uncolored output on Windows if `TERM` is not set, see #583
  (@nabijaczleweli)
- On Windows, only run `cmd.exe` with the `/C` option. Use `-c` for all other
  shells. See #568 and #582 (@FilipAndersson245)

Other
- Thanks to @berombau for working on dependency upgrades, see #584
- Fixed installationm on Windows, see #595 and #596 (@AntoniosBarotsis)

(pin)

libcbor: updated to 0.10.2

0.10.2 (2023-01-31)

Fixed minor test bug causing failures for x86 Linux (discovered by trofi)
Actual libcbor functionality not affected, bug was in the test suite
Made tests platform-independent

0.10.1 (2022-12-30)

Fix a regression in cbor_serialize_alloc that caused serialization of zero-length strings and bytestrings or byte/strings with zero-length chunks to fail (discovered by martelletto)

0.10.0 (2022-12-29)

Make the buffer_size optional in cbor_serialize_alloc
BREAKING: Improved half-float encoding for denormalized numbers.
Denormalized half-floats will now preserve data in the mantissa
Note: Half-float NaNs still lose data
BUILD BREAKING: Minimum CMake version is 3.0
See https://repology.org/project/cmake/versions for support; the vast majority of users should not be affected.
Fix a potential memory leak when the allocator fails during array or map decoding
Fix a memory leak when the allocator fails when adding chunks to indefinite bytestrings. (discovered by James-ZHANG)
Fix a memory leak when the allocator fails when adding chunks to indefinite strings
Potentially BUILD BREAKING: Add nodiscard attributes to most functions
Warning: This may cause new build warnings and (in rare cases, depending on your configuration) errors
BREAKING: Fix cbor_copy leaking memory and creating invalid items when the allocator fails.
Previously, the failures were not handled in the interface. Now, cbor_copy may return NULL upon failure; clients should check the return value
Fix cbor_build_tag illegal memory behavior when the allocator fails
Add a new cbor_serialized_size API
Reworked cbor_serialize_alloc to allocate the exact amount of memory necessary upfront
This should significantly speed up cbor_serialize_alloc for large items by avoiding multiple reallocation iterations
Clients should not use the return value of cbor_serialize_alloc. It may be removed in the future.
BUILD BREAKING: Deprecate CBOR_CUSTOM_ALLOC
cbor_set_allocs will always be enabled from now on
Note: The flag will be kept as a no-op triggering a warning when used for one version and then removed completely

(adam)

doc: Updated devel/ruby-rspec-mocks to 3.12.4

(taca)

devel/ruby-rspec-mocks: update to 3.12.4

3.12.4 (2023-01-17)

Bug Fixes:

* Fix an issue with asserting that Array#reverse is never called. (Brad
  Trick, #1533)
* Fix compatibility issue with Rails where active_support monkey patches
  with. (Jean Boussier, #1531, #1534)

(taca)

doc: Updated devel/ruby-octokit to 6.1.0

(taca)

devel/ruby-octokit: update to 6.1.0

6.1.0 (2023-03-09)

What's Changed

Features

* Allow using the response_headers or headers when getting Rate Limit Info
  by @DougEdey in #1533
* Add Faraday DEFAULT_EXCEPTIONS for when retry middleware is available by
  @DougEdey in #1546

Bugs

* Repository: Fix issue with fragment identifier in branch name by
  @pier-oliviert in #1529

Docs

* Add using GitHub app authentication in README by @Tatsumi0000 in #1512
* Fix missing and broken links in README table of contents by @Jarvl in
  #1513
* Add Ruby 3.2 to tested implementations in README by @koic in #1545

Maintenance

* updated Workflows @octokitbot
* Update rubocop requirement from 1.39.0 to 1.42.0 by @dependabot in #1525
* Adds a stale action to clean up old PRs/Issues by @nickfloyd in #1511
* Bump actions/stale from 6 to 7 by @dependabot in #1527
* Update rubocop requirement from 1.42.0 to 1.43.0 by @dependabot in #1531
* Update rubocop requirement from 1.43.0 to 1.44.1 by @dependabot in #1537
* Rename obsolete parameter IgnoredMethods to AllowedMethods by @kyoshidajp
  in #1530
* Remove jruby-specific platform by @kfcampbell in #1520
* Adds Ruby 3.2 to the CI matrix by @petergoldstein in #1524
* Update rubocop requirement from 1.44.1 to 1.45.1 by @dependabot in
  https://github.com/octokit/otokit.rb/pull/1541
* Specify TargetRubyVersion: 2.7 in .rubocop.yml by @koic in #1544
* Bump actions/add-to-project from 0.4.0 to 0.4.1 by @dependabot in #1547
* Update rubocop requirement from 1.45.1 to 1.46.0 by @dependabot in #1548
* Specify --require spec_helper in .rspec by @koic in #1549

New Contributors

* @octokitbot made their first contribution in #1516
* @Tatsumi0000 made their first contribution in #1512
* @Jarvl made their first contribution in #1513
* @pier-oliviert made their first contribution in #1529
* @kyoshidajp made their first contribution in #1530
* @DougEdey made their first contribution in #1533
* @koic made their first contribution in #1545

(taca)

doc: Updated devel/ruby-io-event to 1.1.7

(taca)

devel/ruby-io-event: update to 1.1.7

1.1.7 (2023-03-11)

* Introduce cancellation support for asynchronous io_read and io_write
  operations.  by @ioquatix in #55

(taca)

doc: Updated devel/ruby-git to 1.17.2

(taca)

devel/ruby-git: update to 1.17.2

1.17.0 (2023-03-05)

Changes since 1.16.0:

* 1311 Add deprecation mechanism (introduces runtime dependency on
  ActiveSupport) (#645)
* 50b8 Add the push_option option for Git::Lib#push (#644)
* a799 Make Git::Base#ls_tree handle commit objects (#643)
* 6db3 Implememt Git.default_branch (#571)

1.17.2 (2023-03-07)

Changes since 1.17.1:

* f43d6 Fix branch name parsing to handle names that include slashes (#651)

1.17.1 (2023-03-06)

Changes since 1.17.0:

* 774e Revert introduction of ActiveSupport dependency (#649)

(taca)

doc: Updated devel/ruby-async to 2.4.2

(taca)

devel/ruby-async: update to 2.4.2

2.4.1 (2023-03-07)

* Allow running the test in isolation.

* Avoid race conditions in Scheduler#interrupt and Scheduler#unblock. (#216)

2.4.2 (2023-03-11)

* Ensure all tasks are completed before closing scheduler. (#219)

(taca)

doc: Updated databases/ruby-moneta to 1.6.0

(taca)

databases/ruby-moneta: update to 1.6.0

1.6.0 (2023-03-13)

* Adapters - Support for Rails 6.1 and above (Adapters::ActiveRecord,
  Adapters::ActiveSupportCache, ActiveSupportCache::MonetaStore)

* Adapters::YAML - add theadsafe option

* Adapters::Sequel - fix deadlock issue with #increment on MySQL in newer
  Sequel versions (#244)

* Adapters::Sequel - fix issue with Postgres HStore on newer Postgres (#243)

* Adapters - fixed an issue many adapters had where #merge! errored if
  passed an empty hash (#246)

* Support changes - Drop support for 2.3 and 2.4, add support for 3.x

(taca)

doc: Updated devel/py-approvaltests to 8.2.4

(schmonz)

Update to 8.2.4. From the changelog:

- Build fixes

(schmonz)

doc: Updated devel/py-approval-utilities to 8.2.4

(schmonz)

Update to 8.2.4. From the changelog:

- Build fixes

(schmonz)

py-Willow: fix typo

(wiz)

doc: Updated security/php-pecl-mcrypt to 1.0.6

(taca)

security/php-pecl-mcrypt: update to 1.0.6

1.0.6 (2023-02-28)

* Make release to advertise PHP 8.2 support, which it already had.

(taca)

doc: Updated devel/php-igbinary to 3.2.14

(taca)

devel/php-igbinary: update to 3.2.14

3.2.14 (2023-02-26)

* Fix build error in PHP 8.3-dev
* Fix test expectation errors in php 8.3-dev due to change to php's
  TypeErrors.

(taca)

py-numpy: stop using < with _PYTHON_VERSION

Per pkglint.

(wiz)

doc: Updated devel/ruby-redmine50 to 5.0.5

(taca)

devel/ruby-redmine50: update to 5.0.5

5.0.5 (2023-03-05)

Code cleanup/refactoring

* Patch #38141: Update copyright year to 2023

Documentation

* Defect #38114: Example plugin (extra/sample_plugin) breaks Activity page

Gems support

* Defect #38239: Test failure with Commonmarker 0.23.8
* Patch #38135: Allow use of Puma 6.0.0 or later
* Patch #38272: Update RBPDF to 1.21

[Groups]

* Patch #38144: Refactoring: Use Group.visible instead of manual visibility
  check in GroupsController

[Importers]

* Defect #38254: Time Entry Import fails to import custom fields with "User"
  format

[Issues]

* Defect #37755: Mentioning users with certain characters renders
  incorrectly
* Defect #38217: "Property changes" tab does not appear when all issue
  journals have both notes and property changes

[PDF export]

* Defect #32740: Incorrect characters when copying out of a Redmine
  generated PDF
* Defect #36452: Infinite loop on PDF export if image included with
  attributes

[Project settings]

* Defect #38064: Avoid exception when adding a project without any givable
  roles defined

[Rails support]

* Defect #36273: Modifying the source code of a plugin does not reload it
  after r21295
* Defect #38199: Fix deprecation warning for db:structure:dump in db:migrate
  when using sql schema format
* Patch #38191: Update Rails to 6.1.7.2

[Security]

* Defect #38063: Avoid double-render error with
  ApplicationController#find_optional_project
* Defect #38070: Role#permission_tracker? and related does not consider
  whether the base permission is (still) set
* Defect #38133: Update Nokogiri to fix several security issues
* Defect #38297: Insufficient permission checks when adding attachments to
  issues

[SEO]

* Defect #38201: Fix robots.txt to disallow issue lists with a sort or
  query_id parameter in any position

[Text formatting]

* Defect #37881: Thumbnails are no longer fetched for all notes of an issue
* Defect #38073: CommonMark Markdown formatter does not support min-width,
  max-width, min-height, and max-height CSS properties
* Defect #38215: Nested CommonMark Markdown task lists are not indented

[Time tracking]

* Defect #35066: Missing project_id in redirect after clicking "Create and
  add another" button
* Defect #38237: Unable to choose any user other than the current user when
  logging spent time after clicking "Create and add another"

(taca)

doc: Updated devel/ruby-redmine42 to 4.2.10

(taca)

devel/ruby-redmine42: update to 4.2.10

4.2.10 (2023-03-05)

Code cleanup/refactoring

* Patch #38141: Update copyright year to 2023

Documentation

* Defect #38114: Example plugin (extra/sample_plugin) breaks Activity page

Gems support

* Patch #38272: Update RBPDF to 1.21

Issues

* Defect #38217: "Property changes" tab does not appear when all issue
  journals have both notes and property changes

[PDF export]

* Defect #32740: Incorrect characters when copying out of a Redmine
  generated PDF

* Defect #36452: Infinite loop on PDF export if image included with
  attributes

[Project settings]

* Defect #38064: Avoid exception when adding a project without any givable
  roles defined

[Security]

* Defect #38063: Avoid double-render error with
  ApplicationController#find_optional_project

* Defect #38070: Role#permission_tracker? and related does not consider
  whether the base permission is (still) set

* Defect #38133: Update Nokogiri to fix several security issues

* Defect #38297: Insufficient permission checks when adding attachments to
  issues

[SEO]

* Defect #38201: Fix robots.txt to disallow issue lists with a sort or
  query_id parameter in any position

[Time tracking]

* Defect #35066: Missing project_id in redirect after clicking "Create and
  add another" button

* Defect #38237: Unable to choose any user other than the current user when
  logging spent time after clicking "Create and add another"

(taca)

doc: Updated print/ruby-rbpdf to 1.21.0

(taca)

py-Willow: supports python 3.x only

(wiz)

print/ruby-rbpdf: update to 1.21.0

1.21.0 (2023-02-13)

* Support for Ruby 3.0.0, 3.1.0, 3.2.0. (Drop support for Ruby 2.2 and
  earlier.) #66

* Support Rails 6 and Rails 7. (Drop support for Rails 3.x, 4.x) #66, #72

* Fix RMagick 5.0 compatible. #66

* Infinite loop has been resolved. #68, #74

* Fixed a bug that caused the x position to shift when an <img> tag was
  behind a <li> tag in HTML. #74

* fix: Incorrect characters when copying out of a generated PDF with Unicode
  fonts. #71

* Suppresses output for Circle(), Ellipse(), PieSector(), and PieSectorXY()
  when the radius is 0. #67

* Don't change an object while iterating over it #59 (by thegcat)

* fix : bidi bug #56 (by ahorek)

* Avoid rdoc stack level too deep (SystemStackError) in gem install. #76

* PDF example output option OUTPUT=true added #70

* Make the image file path acquisition process extensible #58 (by yui-har)

(taca)

Adjust slim default config for NetBSD

Add SLIM_LOGIN_CMD and SLIM_XSERVER_ARGUMENTS values which are
substituted into the default slim.conf, and provide more optimal
values for NetBSD

SLIM_XSERVER_ARGUMENTS: "vt05 -noretro"

  This makes the "vt05" NetBSD specific, so no longer affecting
  other platforms, plus hides the default rootweave (which would
  be replaced by a slim image shortly after startup)

SLIM_LOGIN_CMD: "/bin/sh - /etc/X11/xdm/Xsession"

  /etc/X11/xdm/Xsession is the canonical way to start an xsession
  on NetBSD. The slim shipped defaults rely on a user having
  ~/.xinitrc, otherwise the session fails back to login (which is
  a little unfriendly for new users). As a side effect we lose the
  default ability to pass the theme as a %session parameter to
  .xinitrc, but this is probably a reasonable trade off to have a
  working Out Of The Box config. As a benefit we can drop the
  dependency on bash for NetBSD (which is nice for smaller platforms).

For non NetBSD platforms xserver_arguments is now as originally
shipped, and login_cmd is as shipped modulus bash path substitution

Suggestions/adjustments for other platforms encouraged :)

Bump PKGREVISION

(abs)

doc: note update of www/rails70 and related packages to 7.0.4.3

devel/ruby-activesupport70
devel/ruby-activemodel70
devel/ruby-activejob70
www/ruby-actionview70
www/ruby-actionpack70
databases/ruby-activerecord70
devel/ruby-activestorage70
mail/ruby-actionmailer70
mail/ruby-actionmailbox70
www/ruby-actioncable70
devel/ruby-railties70
textproc/ruby-actiontext70
www/ruby-rails70

(taca)

www/ruby-rails70: update to 7.0.4.3

7.0.4.3 (2023-03-13)

Active Support

* Implement SafeBuffer#bytesplice

  [CVE-2023-28120]

Action View

* Ignore certain data-* attributes in rails-ujs when element is
  contenteditable

  [CVE-2023-23913]

(taca)

doc: note update of www/rails61 and related packages to 6.1.7.3

devel/ruby-activesupport61
devel/ruby-activemodel61
devel/ruby-activejob61
www/ruby-actionview61
www/ruby-actionpack61
databases/ruby-activerecord61
devel/ruby-activestorage61
mail/ruby-actionmailer61
mail/ruby-actionmailbox61
www/ruby-actioncable61
devel/ruby-railties61
textproc/ruby-actiontext61
www/ruby-rails61

(taca)

www/ruby-rails61: update to 6.1.7.3

6.1.7.3 (2023-03-13)

Active Support

* Implement SafeBuffer#bytesplice

  [CVE-2023-28120]

Action View

* Ignore certain data-* attributes in rails-ujs when element is
  contenteditable

  [CVE-2023-23913]

(taca)

Updated devel/snappy, devel/cmake, devel/cmake-gui

(adam)

cmake: updated to 3.26.0

CMake 3.26 Release Notes
************************

Changes made since CMake 3.25 include the following.

New Features
============

Languages
---------

* The "ASM_MARMASM" language was added to support the Microsoft ARM
assembler language.

Command-Line
------------

* The "cmake -E copy" command-line tool now supports a "-t" argument.

* The "cmake -E copy_directory_if_different" command-line tool was
added.

Configure Log
-------------

* CMake now writes a YAML log of configure-time checks to
"CMakeFiles/CMakeConfigureLog.yaml" under the top of the build tree.
See the "cmake-configure-log(7)" manual.

File-Based API
--------------

* The "cmake-file-api(7)" "codemodel" version 2 "version" field has
been updated to 2.5.

* The "cmake-file-api(7)" "codemodel" version 2 "target" object gained
a new "fileSets" field and associated "fileSetIndex" field to
"sources" objects.

* The "cmake-file-api(7)" gained a new "configureLog" object kind that
enables stable access to the "cmake-configure-log(7)".

Commands
--------

* The "add_custom_command()" and "add_custom_target()" commands now
support "generator expressions" in their "COMMENT" option.

* The "message()" command gained a "CONFIGURE_LOG" mode to record an
entry in the "cmake-configure-log(7)".

* The "string(TIMESTAMP)" and "file(TIMESTAMP)" commands now support
the "%z" and "%Z" specifiers for the time zone.

* The "try_compile()" and "try_run()" commands gained a
"LOG_DESCRIPTION" option specifying text to be recorded in the
"cmake-configure-log(7)".

* The "try_compile()" and "try_run()" commands gained a "NO_LOG"
option to skip recording a "cmake-configure-log(7)" entry.

Variables
---------

* The "CMAKE_<LANG>_COMPILER_FRONTEND_VARIANT" variable is now set for
"GNU", "MSVC", and "AppleClang" compilers that have only one
frontend variant.

* A "CMAKE_VS_VERSION_BUILD_NUMBER" variable is now set by Visual
Studio Generators for VS 2017 and above to report the four-component
Visual Studio version number.

Properties
----------

* The "<LANG>_CLANG_TIDY_EXPORT_FIXES_DIR" target property was added
to allow the "clang-tidy" tool to export its suggested fixes to a
set of ".yaml" files. A new
"CMAKE_<LANG>_CLANG_TIDY_EXPORT_FIXES_DIR" variable was created to
initialize this property.

* The "XCODE_EMBED_EXTENSIONKIT_EXTENSIONS" target property was added
to tell the "Xcode" generator to embed ExtensionKit-based extensions
such as extensions using the Background Assets framework.  Aspects
of the embedding can be customized with:

* "XCODE_EMBED_EXTENSIONKIT_EXTENSIONS_PATH"

* "XCODE_EMBED_EXTENSIONKIT_EXTENSIONS_CODE_SIGN_ON_COPY"

* "XCODE_EMBED_EXTENSIONKIT_EXTENSIONS_REMOVE_HEADERS_ON_COPY"

Modules
-------

* The "ExternalProject" module's "ExternalProject_Add()" command
gained an "INSTALL_BYPRODUCTS" option to specify files generated by
the "install" step.

* The "FindCUDAToolkit" module:

* gained support for the "sbsa-linux" cross compilation target, and

* now provides an imported target for "nvrtc_static", if found.

* The "FindImageMagick" module now provides imported targets.

* The "FindPython3" and "FindPython" modules gained support for the
Stable Application Binary Interface.

* The "UseSWIG" module gained support for the "perl5" language.

Generator Expressions
---------------------

* The "lt;BUILD_LOCAL_INTERFACE:...>" generator expression was added to
prevent usage requirements from being exported to dependent
projects.

CTest
-----

* The "CTEST_NO_TESTS_ACTION" environment variable was added to
provide a default value for the "--no-tests=<action>" command line
argument of "ctest(1)".

Deprecated and Removed Features
===============================

* The "CMakeFiles/CMakeOutput.log" and "CMakeFiles/CMakeError.log"
files are no longer populated by CMake's built-in modules.
"cmake(1)" no longer suggests looking at them after a "CMake Error"
occurs.  Information previously logged to those files is instead
logged to the "cmake-configure-log(7)".

* On CYGWIN, the undocumented "CMAKE_LEGACY_CYGWIN_WIN32" mode for
compatibility with CMake versions older than 2.8.4 has been removed.

Other Changes
=============

* Language Standard Flags, such as "-std=c++11", when generated due to
"target_compile_features()" or "CMAKE_<LANG>_STANDARD", are now
placed before flags added by "target_compile_options()", rather than
after them.

* For all "COMPILE_DEFINITIONS" properties, any leading "-D" on an
item is removed whether or not it was specified by a generator
expression.

* The "compile_commands.json" database enabled by
"CMAKE_EXPORT_COMPILE_COMMANDS" now provides the "output" field in
the compile commands objects.  This allows multi-config generators,
such as the "Ninja Multi-Config" generator, to provide the compile
commands for all configurations.

* The "USE_FOLDERS" global property is treated as "ON" by default. See
policy "CMP0143".

* The top-level "project()" call will now emit an author warning if
the documented command order in relation to
"cmake_minimum_required()" is not respected.

* The "cmake --trace" option now follows "try_compile()" and
"try_run()" invocations.

(adam)

snappy: updated to 1.1.10

Snappy 1.1.10
Performance improvements
Compilation fixes for various environments

(adam)

doc: Updated www/ruby-rack2 to 2.2.6.4

(taca)

www/ruby-rack2: update to 2.2.6.4

2.2.6.4 (2023-03-13)

* Avoid ReDoS problem: Split headers on commas, then strip the strings in
  order to avoid ReDoS issues.

  [CVE-2023-27539]

(taca)

doc: Updated www/ruby-rack to 3.0.6.1

(taca)

www/ruby-rack: update to 3.0.6.1

3.0.5 (2023-03-12)

* test-external.yaml - use ruby/setup-ruby-pkgs (#2048)
* Split form/query parsing into two steps (#2038)

3.0.6 (2023-03-13)

* Add QueryParser#missing_value for handling missing values + tests.
  (#2052)

3.0.6.1 (2023-03-14)

* Avoid ReDoS problem: Split headers on commas, then strip the strings in
  order to avoid ReDoS issues.

  [CVE-2023-27539]

(taca)

Updated math/py-bottleneck, net/py-geventhttpclient

(adam)

py-geventhttpclient: updated to 2.0.9

2.0.9
Add square brackets for Host header when using IPv6 address
Enable ppc64le wheels

(adam)

py-bottleneck: updated to 1.3.7

Bottleneck 1.3.7

Enhancements
- Python 3.11 wheel available

(adam)

Updated devel/py-pathspec, converters/py-simplejson

(adam)

py-simplejson: updated to 3.18.4

Version 3.18.4 released 2023-03-14

* Test the sdist to prevent future regressions
  https://github.com/simplejson/simplejson/pull/311
* Enable ppc64le wheels
  https://github.com/simplejson/simplejson/pull/312

(adam)

py-pathspec: updated to 0.11.1

0.11.1 (2023-03-14)

Bug fixes:
- Include directory should override exclude file.

Improvements:
- Fix partially unknown PathLike type.
- Convert `os.PathLike` to a string properly using `os.fspath`.

(adam)

doc: Updated geography/qgis to 3.28.4

(gdt)

geography/qgis: Update to 3.28.4

This is a micro release.

(gdt)

qemu: Various SunOS fixes.

(jperkin)

doc: Added sysutils/erdtree version 1.5.2

(pin)

Add erdtree

(pin)

sysutils/erdtree: import package

A modern, vibrant, and multi-threaded file-tree visualizer and disk usage
analyzer that respects hidden files and .gitignore rules by default, i.e.
the secret love child of tree and du.

erdtree is a modern alternative to tree and du in that it:
  - offers a minimal and user-friendly CLI
  - respects hidden files and .gitignore rules by default
  - displays file sizes in human-readable format by default
  - leverages parallism to traverse the file-system
  - displays files using ANSI colors by default
  - supports icons! (checkout the Icons section before using)

If the chosen defaults don't meet your requirements and you don't want to bloat
your shell configs with aliases, you can use a configuration file instead.

(pin)

doc: Updated shells/nushell to 0.77.0

(pin)

shells/nushell: update to 0.77.0

Themes of this release / New features
- Reworked aliases (Breaking changes!) (kubouch)
  Aliases have been a constant source of panics and growing code complexity as
  a result of trying to patch the panics. In this release, we re-implement
  aliases from scratch. Instead of replacing spans of expressions, aliases are
  implemented as another type of command, quite like extern is used to
  implement known externals. Alias is a command that wraps another command
  call. As a result, in some cases, aliases do not behave exactly the same as
  before. Here are the key facts:
    - Alias can only alias another command call. For example, alias la = ls -a
    works, but the following does not:
      - alias foo = "foo"
            "foo" is not a command call, use alias foo = echo "foo" instead
      - alias lsn = (ls | sort-by type name -i)
            subexpression is not a command call, use a custom command instead
    - Alias cannot alias command named the same as the alias. E.g., alias
    ls = ls -a is not possible currently, and gives an unhelpful error message.
    We plan to fix this as soon as possible and in the future we aim for this
    to work.
    - Some parser keywords are not allowed to be aliased. Currently, overlay
    commands can be aliased but the other parser keywords can not. We can add
    support for aliasing more parser keywords in the future.

If some of the above is too limiting for you, the old aliases are still
unchanged and available as old-alias. Just change alias to old-alias and it
should work the same as before. If there are no more problems with the new
alias implementation, and we manage to iron out the recursive alias issue,
we will remove old-alias in the next release, otherwise, we'll keep it around
longer.

- More consistent timestamp handling (bobhy)
  Simplified conversion between Nushell date type and unix timestamps (#8244).

Nushell now standardizes on representing a Unix timestamp as a number of
nanoseconds relative to the unix epoch 1970-01-01 00:00:00 +0000 (UTC).
Since the timestamp is stored in a (64 bit signed) Nushell int type, this
limits the range of dates that can be represented to approximately 21-sep-1677
through 11-apr-2262.

In prior versions, Nushell attempted to extend the range of representable dates
by allowing multiple resolutions of timestamps (seconds, milliseconds as well
as nanoseconds) to be stored and relied on arbitrary range check heuristics to
disambiguate the value intended. However, there were bugs in the checks and
incorrect results could be produced.

With this change <int> | into datetime assumes the input is a number of
nanoseconds and can never produce a date outside this range.
The timestamp epoch is the standard unix epoch. Note the timezone is UTC/GMT.

<datetime> | into int can now produce an error if the input is outside the
supported range.

And finally, although not strictly required by the above fix,
<date> | date to-record and <date> | date to-table now have a nanosecond field
containing the subsecond residue of the input value (however it was produced).

- New XML format (NotLebedev)

New format for xml data created and accepted by from xml and to xml commands
(#7947).

Commands from xml and to xml now use format where each xml entry is represented
by a single {tag: <tag name> attributes: <tag attributes> content:
[<child entries>]} record. Special xml entries also use this record, replacing
irrelevant fields with null for easier use.

Creating a little html page. In case of to xml one can deviate from rigid
structure and omit empty fields of records.

- New additions to $nu (StevenDoesStuffs, amtoine)
The builtin $nu variable now contains new entries:
  - is-interactive: Nushell was launched in interactive mode
  - is-login: Nushell was launched in login mode
  - startup_time: Nushell's startup time

- Reworked http subcommands (jaudiger)

The http command now has more subcommands and existing subcommands have been
reworked.

Make sure to browse the help messages of these commands. They contain fully
functional examples thanks to pointing at www.example.com.

- Breaking changes

    - Alias changes, see above
    - env command has been removed, use $env instead
    (https://github.com/nushell/nushell/pull/8185)
    - str trim no longer has --all, --both, and --format flags. str replace
    should be an adequate replacement; please let us know if it is not (#8205)
    - The changes to timestamp handling noted above (#8244) can require code
    changes to existing scripts:
      - Saved data containing the results of an old datetime-to-timestamp
      conversion will not deserialize correctly when read back by the current
      version of Nushell. In general, Nushell will produce incorrect datetime
      values without noting an error.
      - <int> | into datetime now assumes nanosecond scaling for all timestamps.
      You must ensure all timestamps computed by your script or retrieved from
      external sources are scaled appropriately.
      - <date> | into int can now fail, as noted above. You cannot rely on this
      operation to persist a arbitrary date.
    - The change to from xml and to xml commands noted above (#7947) will
    require to update scripts relying on old output/input format.
    - mkdir, cp, mv and rm return nothing. Errors and actions with --verbose
    flag are printed to stderr instead (#8014).
    - Plugin authors relying on nu_protocol::Value may need to update their
    code to account for a change to Value::Error (#8375    )
    - Different types of lists can now be appended. This can break scripts that
    were relying on the stricter behavior
    (https://github.com/nushell/nushell/pull/8157)

(pin)

doc: Updated sysutils/dust to 0.8.5

(pin)

sysutils/dust: update to 0.8.5

- refactor: simplify filter.rs
- refactor: DisplayData
- feat: default option for depth from config file
- remove depth from config.toml and fix style issues
- Fix: some panics are occuring when creating rayon

(pin)

texlive-collection-langenglish: update to revision 65496

(markd)

texlive-collection-langeuropean: update to revision 66452

(markd)

texlive-collection-xetex: update to revision 64951

(markd)

texlive-collection-publishers: update to revision 66335

(markd)

texlive-collection-pstricks: update to revision 65367

(markd)

texlive-collection-plaingeneric: update to revision 65622

(markd)

texlive-collection-pictures: update to revision 66377

(markd)

texlive-collection-music: update to revision 65862

(markd)

texlive-collection-mathscience: update to revision 65753

(markd)

emulators/aranym: Actually include options.mk

(charlotte)

texlive-collection-luatex: update to revision 65791

(markd)

doc: Updated sysutils/node_exporter to 1.5.0

(jperkin)

node_exporter: Update to 1.5.0.

## 1.5.0 / 2022-11-29

NOTE: This changes the Go runtime "GOMAXPROCS" to 1. This is done to limit the
  concurrency of the exporter to 1 CPU thread at a time in order to avoid a
  race condition problem in the Linux kernel (#2500) and parallel IO issues
  on nodes with high numbers of CPUs/CPU threads (#1880).

* [CHANGE] Default GOMAXPROCS to 1 #2530
* [FEATURE] Add multiple listeners and systemd socket listener activation #2393
* [ENHANCEMENT] Add RTNL version of netclass collector #2492, #2528
* [BUGFIX] Fix diskstats exclude flags #2487
* [BUGFIX] Bump go/x/crypt and go/x/net #2488
* [BUGFIX] Fix hwmon label sanitizer #2504
* [BUGFIX] Use native endianness when encoding InetDiagMsg #2508
* [BUGFIX] Fix btrfs device stats always being zero #2516
* [BUGFIX] Security: Update exporter-toolkit (CVE-2022-46146) #2531

## 1.4.1 / 2022-11-29

* [BUGFIX] Fix diskstats exclude flags #2487
* [BUGFIX] Security: Update go/x/crypto and go/x/net (CVE-2022-27191
          CVE-2022-27664) #2488
* [BUGFIX] Security: Update exporter-toolkit (CVE-2022-46146) #2531

(jperkin)

texlive-collection-langgreek: update to revision 65038

(markd)

Updated net/haproxy, sysutils/ansible-lint

(adam)

ansible-lint: updated to 6.14.2

v6.14.2

Bugfixes

Ignore risky-shell-pipe with pwsh
Implement galaxy[no-runtime] check for meta/runtime.yml file
Fixed args rule error for synchronize module
Avoid test ... require a dictionary error with jinja rule

(adam)

texlive-collection-humanities: update to revision 65216

(markd)

texlive-collection-games: update to revision 65631

(markd)

texlive-collection-fontsextra: update to revision 64952

(markd)

haproxy: updated to 2.7.4

2.7.4
- BUG/MINOR: mworker: stop doing strtok directly from the env
- BUG/MEDIUM: mworker: prevent inconsistent reload when upgrading from old versions
- BUG/MEDIUM: mworker: don't register mworker_accept_wrapper() when master FD is wrong
- MINOR: startup: HAPROXY_STARTUP_VERSION contains the version used to start
- BUG/MINOR: lua/httpclient: missing free in hlua_httpclient_send()
- BUG/MEDIUM: httpclient/lua: fix a race between lua GC and hlua_ctx_destroy
- BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached
- BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping
- BUG/MINOR: sched: properly report long_rq when tasks remain in the queue
- BUG/MEDIUM: sched: allow a bit more TASK_HEAVY to be processed when needed
- MINOR: h3/hq-interop: handle no data in decode_qcs() with FIN set
- BUG/MINOR: mux-quic: transfer FIN on empty STREAM frame
- BUG/MINOR: mworker: prevent incorrect values in uptime
- MINOR: h3: add traces on decode_qcs callback
- BUG/MINOR: quic: Possible unexpected counter incrementation on send*() errors
- MINOR: quic: Add new traces about by connection RX buffer handling
- MINOR: quic: Move code to wakeup the timer task to avoid anti-amplication deadlock
- BUG/MINOR: quic: Really cancel the connection timer from qc_set_timer()
- MINOR: quic: Simplication for qc_set_timer()
- MINOR: quic: Kill the connections on ICMP (port unreachable) packet receipt
- MINOR: quic: Add traces to qc_kill_conn()
- MINOR: quic: Make qc_dgrams_retransmit() return a status.
- BUG/MINOR: quic: Missing call to task_queue() in qc_idle_timer_do_rearm()
- MINOR: quic: Add a trace to identify connections which sent Initial packet.
- MINOR: quic: Add <pto_count> to the traces
- BUG/MINOR: quic: Do not probe with too little Initial packets
- BUG/MINOR: quic: Wrong initialization for io_cb_wakeup boolean
- BUG/MINOR: quic: Do not drop too small datagrams with Initial packets
- BUG/MINOR: quic: Missing padding for short packets
- MINOR: quic: adjust request reject when MUX is already freed
- BUG/MINOR: quic: also send RESET_STREAM if MUX released
- BUG/MINOR: quic: acknowledge STREAM frame even if MUX is released
- BUG/MINOR: h3: prevent hypothetical demux failure on int overflow
- MEDIUM: h3: enforce GOAWAY by resetting higher unhandled stream
- MINOR: mux-quic: define qc_shutdown()
- MINOR: mux-quic: define qc_process()
- MINOR: mux-quic: implement client-fin timeout
- MEDIUM: mux-quic: properly implement soft-stop
- MINOR: quic: mark quic-conn as jobs on socket allocation
- MEDIUM: quic: trigger fast connection closing on process stopping
- MINOR: mux-h2/traces: do not log h2s pointer for dummy streams
- MINOR: mux-h2/traces: add a missing TRACE_LEAVE() in h2s_frt_handle_headers()
- BUG/MEDIUM: quic: Missing TX buffer draining from qc_send_ppkts()
- DOC: config: Fix description of options about HTTP connection modes
- DOC: config: Add the missing tune.fail-alloc option from global listing
- REGTESTS: Fix ssl_errors.vtc script to wait for connections close
- BUG/MINOR: cache: Cache response even if request has "no-cache" directive
- BUG/MINOR: cache: Check cache entry is complete in case of Vary
- BUILD: quic: 32-bits compilation issue with %zu in quic_rx_pkts_del()
- BUG/MINOR: ring: do not realign ring contents on resize
- BUILD: thead: Fix several 32 bits compilation issues with uint64_t variables
- BUG/MEDIUM: fd: avoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list
- BUG/MEDIUM: h1-htx: Never copy more than the max data allowed during parsing
- DOC: config: Clarify the meaning of 'hold' in the 'resolvers' section
- BUG/MINOR: fd: used the update list from the fd's group instead of tgid
- BUG/MEDIUM: fd: make fd_delete() support being called from a different group
- CLEANUP: listener: only store conn counts for local threads
- MEDIUM: quic: improve fatal error handling on send
- MINOR: quic: consider EBADF as critical on send()
- BUG/MEDIUM: connection: Clear flags when a conn is removed from an idle list
- BUG/MINOR: mux-h1: Don't report an error on an early response close
- BUG/MINOR: http-check: Don't set HTX_SL_F_BODYLESS flag with a log-format body
- BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory
- MINOR: quic: simplify return path in send functions
- MINOR: quic: implement qc_notify_send()
- MINOR: quic: purge txbuf before preparing new packets
- MEDIUM: quic: implement poller subscribe on sendto error
- MINOR: quic: notify on send ready
- BUG/MINOR: http-ana: Don't increment conn_retries counter before the L7 retry
- BUG/MINOR: http-ana: Do a L7 retry on read error if there is no response
- BUG/MINOR: mxu-h1: Report a parsing error on abort with pending data
- BUG/MINOR: ssl: Use 'date' instead of 'now' in ocsp stapling callback
- MINOR: ssl: rename confusing ssl_bind_kws
- BUG/MINOR: config: crt-list keywords mistaken for bind ssl keywords
- BUG/MEDIUM: quic: properly handle duplicated STREAM frames
- BUG/MINOR: cli: fix CLI handler "set anon global-key" call
- BUG/MINOR: quic: Do not send too small datagrams (with Initial packets)
- MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams
- BUG/MINOR: quic: Ensure to be able to build datagrams to be retransmitted
- BUG/MINOR: quic: v2 Initial packets decryption failed
- MINOR: quic: Add traces about QUIC TLS key update
- BUG/MINOR: quic: Remove force_ack for Initial,Handshake packets
- BUG/MINOR: quic: Ensure not to retransmit packets with no ack-eliciting frames
- BUG/MINOR: quic: Do not resend already acked frames
- BUG/MINOR: quic: Missing detections of amplification limit reached
- MINOR: quic: Send PING frames when probing Initial packet number space
- BUG/MEDIUM: quic: do not crash when handling STREAM on released MUX
- BUG/MAJOR: fd/thread: fix race between updates and closing FD
- BUG/MINOR: mux-quic: properly init STREAM frame as not duplicated
- MINOR: quic: Do not accept wrong active_connection_id_limit values
- MINOR: quic: Store the next connection IDs sequence number in the connection
- MINOR: quic: Typo fix for ACK_ECN frame
- MINOR: quic: RETIRE_CONNECTION_ID frame handling (RX)
- MINOR: quic: Useless TLS context allocations in qc_do_rm_hp()
- MINOR: quic: Add spin bit support
- MINOR: quic: Add transport parameters to "show quic"
- MINOR: h3: add traces on h3_init_uni_stream() error paths
- MINOR: quic: create a global list dedicated for closing QUIC conns
- MINOR: quic: handle new closing list in show quic
- MEDIUM: quic: release closing connections on stopping
- BUG/MINOR: quic: Wrong RETIRE_CONNECTION_ID sequence number check
- MINOR: fd/cli: report the polling mask in "show fd"
- MINOR: quic: Do not stress the peer during retransmissions of lost packets
- BUG/MINOR: init: properly detect NUMA bindings on large systems
- BUG/MINOR: thread: report thread and group counts in the correct order
- BUG/MAJOR: fd/threads: close a race on closing connections after takeover
- BUG/MINOR: mworker: use MASTER_MAXCONN as default maxconn value
- BUG/MINOR: quic: Missing listener accept queue tasklet wakeups
- MINOR: quic_sock: un-statify quic_conn_sock_fd_iocb()
- DOC/CLEANUP: fix typos

(adam)

Updated devel/py-filelock, math/py-gmpy2

(adam)

py-gmpy2: updated to 2.1.5

2.1.5

Final (?) release of the 2.1.x series. No code changes since 2.1.3. Fixes to build Apple Silicon binary builds are the only changes since 2.1.3.

(adam)

texlive-collection-binextra: update to revision 65204

(markd)

texlive-collection-bibtexextra: update to revision 65257

(markd)

py-filelock: updated to 3.9.1

3.9.1

[pre-commit.ci] pre-commit autoupdate
Bump deps and tools
Bump pypa/gh-action-pypi-publish from 1.6.4 to 1.7.1
use time.perf_counter instead of time.monotonic

(adam)