modular-xorg-server*: update to 21.1.5

This release fixes 6 recently reported security vulnerabilities in
various extensions. The CVE numbers are:
CVE-2022-46340, CVE-2022-46341, CVE-2022-46342, CVE-2022-46343,
CVE-2022-46344, and CVE-2022-4283

For details on the these issues please see the security advisory here:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html

Jeremy Huddleston Sequoia (3):
      xquartz: Remove unused macro (X11LIBDIR)
      xquartz: Move default applications list outside of the main executable
      meson: Don't build COMPOSITE for XQuartz

Peter Hutterer (8):
      Xtest: disallow GenericEvents in XTestSwapFakeInput
      Xi: disallow passive grabs with a detail > 255
      Xext: free the XvRTVideoNotify when turning off from the same client
      Xext: free the screen saver resource when replacing it
      Xi: return an error from XI property changes if verification failed
      Xi: avoid integer truncation in length check of ProcXIChangeProperty
      xkb: reset the radio_groups pointer to NULL after freeing it
      xserver 21.1.5

(wiz)

doc: Updated sysutils/syslog-ng to 3.38.1

(wiz)

syslog-ng*: update to 3.38.1

snmp module untested since net-snmp doesn't currently build on NetBSD-current

Changes:

3.38.1
======

## Highlights

### Sneak peek into syslog-ng v4.0

syslog-ng v4.0 is right around the corner.

This release (v3.38.1) contains all major changes, however, they are
currently all hidden behind a feature flag.
To enable and try those features, you need to specify `@version: 4.0` at the
top of the configuration file.

You can find out more about the 4.0 changes and features
[here](https://github.com/syslog-ng/syslog-ng/blob/master/NEWS-4.0.md).

Read our practical introduction to typing at
[syslog-ng-future.blog](https://syslog-ng-future.blog/syslog-ng-4-progress-3-38-1-release/).

## Features

  * `grouping-by()`: added `inject-mode(aggregate-only)`

    This inject mode will drop individual messages that make up the correlation
    context (`key()` groups) and would only yield the aggregate messages
    (e.g. the results of the correlation).
    ([#3998](https://github.com/syslog-ng/syslog-ng/pull/3998))
  * `add-contextual-data()`: add support for type propagation, e.g. set the
    type of name-value pairs as they are created/updated to the value returned
    by the template expression that we use to set the value.

    The 3rd column in the CSV file (e.g. the template expression) now supports
    specifying a type-hint, in the format of "type-hint(template-expr)".

    Example line in the CSV database:

    selector-value,name-value-pair-to-be-created,list(foo,bar,baz)
    ([#4051](https://github.com/syslog-ng/syslog-ng/pull/4051))
  * `$(format-json)`: add --key-delimiter option to reconstruct JSON objects
    using an alternative structure separator, that was created using the
    key-delimiter() option of json-parser().
    ([#4093](https://github.com/syslog-ng/syslog-ng/pull/4093))
  * `json-parser()`: add key-delimiter() option to extract JSON structure
    members into name-value pairs, so that the names are flattened using the
    character specified, instead of dot.

    Example:
      Input: {"foo":{"key":"value"}}

      Using json-parser() without key-delimiter() this is extracted to:

          foo.key="value"

      Using json-parser(key-delimiter("~")) this is extracted to:

          foo~key="value"

    This feature is useful in case the JSON keys contain dots themselves, in
    those cases the syslog-ng representation is ambigious.
    ([#4093](https://github.com/syslog-ng/syslog-ng/pull/4093))

## Bugfixes

  * Fixed buffer handling of syslog and timestamp parsers

    Multiple buffer out-of-bounds issues have been fixed, which could cause
    hangs, high CPU usage, or other undefined behavior.
    ([#4110](https://github.com/syslog-ng/syslog-ng/pull/4110))
  * Fixed building with LibreSSL
    ([#4081](https://github.com/syslog-ng/syslog-ng/pull/4081))
  * `network()`: Fixed a bug, where syslog-ng halted the input instead of skipping a character
    in case of a character conversion error.
    ([#4084](https://github.com/syslog-ng/syslog-ng/pull/4084))
  * `redis()`: Fixed bug where using redis driver without the `batch-lines` option caused program crash.
    ([#4114](https://github.com/syslog-ng/syslog-ng/pull/4114))
  * `pdbtool`: fix a SIGABRT on FreeBSD that was triggered right before pdbtool
    exits. Apart from being an ugly crash that produces a core file,
    functionally the tool behaved correctly and this case does not affect
    syslog-ng itself.
    ([#4037](https://github.com/syslog-ng/syslog-ng/pull/4037))
  * `regexp-parser()`: due to a change introduced in 3.37, named capture groups
    are stored indirectly in the LogMessage to avoid copying of the value.  In
    this case the name-value pair created with the regexp is only stored as a
    reference (name + length of the original value), which improves performance
    and makes such name-value pairs use less memory.  One omission in the
    original change in 3.37 is that syslog-ng does not allow builtin values to
    be stored indirectly (e.g.  $MESSAGE and a few of others) and this case
    causes an assertion to fail and syslog-ng to crash with a SIGABRT. This
    abort is now fixed. Here's a sample config that reproduces the issue:

        regexp-parser(patterns('(?<MESSAGE>.*)'));
    ([#4043](https://github.com/syslog-ng/syslog-ng/pull/4043))
  * set-tag: fix cloning issue when string literal were used (see #4062)
    ([#4065](https://github.com/syslog-ng/syslog-ng/pull/4065))
  * `add-contextual-data()`: fix high memory usage when using large CSV files
    ([#4067](https://github.com/syslog-ng/syslog-ng/pull/4067))

## Other changes

  * The `json-c` library is no longer bundled in the syslog-ng source tarball

    Since all known OS package managers provide json-c packages nowadays, the json-c
    submodule has been removed from the source tarball.

    The `--with-jsonc=internal` option of the `configure` script has been removed
    accordingly, system libraries will be used instead. For special cases, the JSON
    support can be disabled by specifying `--with-jsonc=no`.
    ([#4078](https://github.com/syslog-ng/syslog-ng/pull/4078))
  * platforms: Dropped support for ubuntu-impish as it became EOL
    ([#4088](https://github.com/syslog-ng/syslog-ng/pull/4088))

(wiz)

mariadb105-server: fix PLIST after update

(wiz)

doc: Updated emulators/sameboy to 0.15.8

(nia)

sameboy: update to 0.15.8

                                    Changes

Version 0.15.8

  This version is backwards compatible with save states from SameBoy 0.14.3
  and newer, as well as save states from any BESS compliant emulator

  New/Improved Features

    * The button mapped to B, on both the keyboard and controllers, can now
      be used to return from menus in the SDL frontend

Version 0.15.7

  This version is backwards compatible with save states from SameBoy 0.14.3
  and newer, as well as save states from any BESS compliant emulator

  New/Improved Features

    * The debugger now has an interrupt command, in addition to the
      previously-available ^C key sequence
    * The lcd command now displays the background shifter and fetcher states
    * The tick debugger command now has an optional keep argument, which
      prevents resetting the tick count

  Accuracy Improvements/Fixes

    * Fixed a regression that made DMA restart timing inaccurate
    * Fixed a regression that caused ROMs that trigger one of the pixel
      insertion glitches to display incorrectly (Release builds) or trigger
      an assertion (Debug builds)
    * Fixed a different regression in a different pixel insertion glitch

  Bug Fixes

    * Fixed a bug where the debugger finish command did not behave as
      expected in certain cases where the ROM manipulated the stack

  Misc Internal Changes

    * SameBoy (and SameBoot) can now be built with RGBDS 0.6.x; support for
      RGBDS 0.4.x has been dropped
    * Fixed potential compilation warnings for incoming versions of Clang
      and GCC
    * Added the GB_quick_reset API

Version 0.15.6

  This version is backwards compatible with save states from SameBoy 0.14.3
  and newer, as well as save states from any BESS compliant emulator

  New/Improved Features

    * All CGB revisions, as well as MGB, are now available in the libretro
      core
    * The debugger now guides users to use the help command
    * Both frontends can now selectively mute and unmute each of the 4 audio
      channels
    * Both frontends now support cartridge hot swapping

  Accuracy Improvements/Fixes

    * Fixed a bug where the libretro core sometimes ran at an incorrect
      speed after switching models
    * Fixed a minor DMA regression

(nia)

doc: Updated www/luakit to 2.3.3

(nia)

luakit: update to 2.3.3

## [2.3.3]

### Fixed

- Fixed a trailing white space, which fixes the test-suite.

### Contributors to this release:

- c0dev0id          (1 commits)

## [2.3.2]

### Changed

- Mention FAQ, Quick Start, etc on :help

### Fixed

- Fix for glib now using pcre2
- Show proper error message on :tab, :tabd[o] without parameter
- Fix undoclose test

### Contributors to this release:

- taobert          (2 commits)
- c0dev0id          (2 commits)

(nia)

options.description: Add QT6

(triaxx)

java-qdbm: restrict acceptable java vms

This doesn't build with Java>=something, perhaps 15?

(wiz)

gmplayer: update distinfo for new patch

(wiz)

wasi-libcxx: catch up with LLVM bump

(gutteridge)

wasi-compiler-rt: catch up with LLVM bump

(gutteridge)

php-mongodb: mark as not supporting php 8.1 and 8.2

This package needs an update to a newer version to support them.

(wiz)

couchdb: remove unrecognized configure argument

to fix
WARNING: Unknown option '--with-curl', ignoring
shift: can't shift that many

(wiz)

erlang21: fix umportable test(1) operator

Some pkglint whitespace cleanup while here

(wiz)

Fix MASTER_SITE, which was weirdly botched between test and commit.  No
functional code change.

Reported by jklos@.

(sekiya)

Update package to UDFclient.0.8.20 adding support for UDF `realtime' file
types as found on discs created by a PVR.

(reinoud)

doc: Added shells/es-shell version 0.9.2

(nikita)

shells/es-shell: Import version 0.9.2

Es is an extensible shell. The language was derived from the Plan 9
shell, rc, and was influenced by functional programming languages, such as
Scheme, and the Tcl embeddable programming language. This implementation is
derived from Byron Rakitzis's public domain implementation of rc, and was
written by Paul Haahr and Byron Rakitzis.

(nikita)

doc: Updated lang/gleam to 0.25.1

(nikita)

lang/gleam: update to version 0.25.1

Changelog (taken from https://github.com/gleam-lang/gleam/blob/main/CHANGELOG.md)

v0.25.1 - 2022-12-11
- New Gleam projects are now configured to explicitly install rebar3 using
  GitHub actions erlef/setup-beam.
- A better error message is now shown when attempting to use a function within a
  constant expression.
- Changed float size limit in bitstring expressions to 16, 32 or 64, when static.
  Also allowed dynamic size.
- New Gleam projects are created using GitHub actions erlef/setup-beam@v1.15.0.
- Fixed a bug where returning an anonymous function from a pipeline and calling
  it immediately without assigning it to a variable would produce invalid Erlang
  code.
- Fixed a bug where the formatter would remove the braces from negating boolean
  expressions.

v0.25.0 - 2022-11-24

v0.25.0-rc2 - 2022-11-23
- Fixed a bug where Gleam dependency packages with a `priv` directory could fail
  to build.
- Fixed a regression where Elixir and Erlang Markdown code blocks in generated
  documentation would not be highlighted.

v0.25.0-rc1 - 2022-11-19
- Generated HTML documentation now includes the `theme-color` HTML meta tag.
- The `use` expression has been introduced. This is a new syntactic sugar that
  permits callback using code to be written without indentation.
- Nightly builds are now also published as OCI container images hosted on
  GitHub.
- Fixed a bug where the build tool would not hook up stdin for Gleam programs it
  starts.
- Fixed a bug where using a record constructor as a value could generate a
  warning in Erlang.
- Fixed a bug where the build tool would use precompiled code from Hex packages
  rather than the latest version, which could result in incorrect external
  function usage in some cases.
- Fixed a bug where the warning for `todo` would not print the type of the code
  to complete.
- Fixed a bug where `try` expressions inside blocks could generate incorrect
  JavaScript.
- Generated HTML documentation now includes all static assets (but the web
  fonts), so that it can be accessed offline or in far future once CDNs would
  404.
- New Gleam projects are created using GitHub actions erlef/setup-beam@v1.14.0
- The `javascript.typescript_declarations` field in `gleam.toml` now applies to
  the entire project rather than just the top level package.
- The formatter now adds a 0 to floats ending with `.` (ie 1. => 1.0).
- New projects require `gleam_stdlib` v0.25.

(nikita)

Note shells/bash update to 5.2.15

(kre)

Update shells/bash from 5.2.12 to 5.2.15 by adding the 3 most
recent releases patches, which fix:

Patch-13:
Bash can leak memory when referencing a noneexistent
associative array element.

Patch-14:
Bash defers processing additional terminating signals when
running the EXIT trap while exiting due to a terminating signal.
This patch allows the new terminating signal to kill the shell
immediately.

Patch-15:
There are several cases where bash is too aggressive when
optimizing out forks in subshells. For example, `eval' and
traps should never be optimized.

(kre)

libfyaml: use proper distfile

avoids dependency on autotools, and fixes build since pkg-config m4
file was not depended on.

(wiz)

sais: add cc-by-nc-v4.0-license to LICENSE for data

(wiz)

sais: add upstream bug report URL

(wiz)

doc: Added games/sais version 1.6.3

(wiz)

games/Makefile: + sais

(wiz)

games/sais: import sais-1.6.3

Strange Adventures in Infinite Space, a time-limited space exploration
game.

(wiz)

doc: Updated graphics/pngcheck to 3.0.3

(fcambus)

pngcheck: update to 3.0.3.

* ChangeLog (oldest first):

* 20070709 GRR: tweaked color definitions slightly to work better on terminals
*              with white/light backgrounds
* 20070712 GRR: added Makefile.mingw32
* 20100504 GRR: fixed DHDR (pre-MNG-1.0) bug identified by Winfried <szukw000@arcor.de>
* 20170713 GRP: added eXIf support (GRR: added check for II/MM/unknown format)
* 20201012 BB:  converted static const help/usage-related strings to macros so
*              -Werror=format-security doesn't trigger (Ben Beasley)
* 20201015 BB:  added (help2man-generated) man pages for all three utils
* 20201017 GRR: added top-level LICENSE file; fixed various compiler warnings
* 20201031 GRR: replaced gpl/COPYING (outdated address, references to Library
*              GPL) with https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
*              (thanks to Ben Beasley for catching that)
* 20201031 GRR: released version 2.4.0
*              ----------------------
* 20201113 BB:  fixed buffer-overflow vulnerability discovered by "giantbranch
*              of NSFOCUS Security Team"
*              https://bugzilla.redhat.com/show_bug.cgi?id=1897485
* 20201128 BB:  found and fixed four additional vulnerabilities (null-pointer
*              dereference and three buffer overruns)
* 20201209 LP:  fixed an off-by-one bug in check_magic() (Lucy Phipps)
* 20201209 LL:  converted two zlib-version warnings/errors to go to stderr
*              (Lemures Lemniscati, actually from 20180318; forwarded by LP)
* 20201210 BB:  fixed another buffer-overflow vulnerability discovered by
*              "giantbranch of NSFOCUS Security Team"
*              https://bugzilla.redhat.com/show_bug.cgi?id=1905775
* 20201212 GRR: removed -f ("force") option due to multiple security issues
* 20201212 GRR: released version 3.0.0
*              ----------------------
* 20201214 BB:  generalized previous sPLT buffer-overrun fix, and found and
*              fixed a PPLT vulnerability
* 20210124 GRR: released version 3.0.1
*              ----------------------
* 20201217 BB:  fixed a crash bug (and probable vulnerability) in large (MNG)
*              LOOP chunks
* 20210131 GRR: updated Makefile.mingw32 for modern versions and added
*              Makefile.mingw64 (targets Win64); both are essentially
*              UNTESTED, however!
* 20210131 GRR: released version 3.0.2
*              ----------------------
* 20210416 BB:  fixed a divide-by-zero crash bug (and probable vulnerability)
*              in interlaced images with extra compressed data beyond the
*              nominal end of the image data (found by "chiba of topsec alpha
*              lab")
* 20210425 GRR: released version 3.0.3
*              ----------------------

(fcambus)

mplayer*: make mplayer builds on NetBSD/m68k.

(tsutsui)

php-xdebug: does not support php 8.2

(wiz)

libuuid: revert setting INCDIRS in buildlink3.mk

This breaks python311 on at least NetBSD-current.

(wiz)

doc: Updated biology/biolibc-tools to 0.1.4.1

(bacon)

biology/biolibc-tools: Update to 0.1.4.1

deromanize:

Check for NULL field to prevent crash in some situations
Take optional input file as second argument

(bacon)

devel/Makefile: + pijul

(wiz)

doc: Added devel/pijul version 1.0.0.beta2

(nikita)

devel/pijul: import pijul-1.0.0.beta2

Pijul is a version control system based on patches, that can mimic the
behaviour and workflows of both Git and Darcs, but contrarily to those
systems, Pijul is based on a mathematically sound theory of patches.

Pijul was started out of frustration that no version control system
was at the same time fast and sound:

- Git has non-associative merges, which might lead to security problems.
  Concretely, this means that the commits you merge might not be the same as
  the ones you review and test.

- Handling of conflicts: Pijul has an explicit internal representation of
  conflicts, a rock-solid theory of how they behave, and super-fast data
  structures to handle them.

- Speed! The complexity of Pijul is low in all cases, whereas previous
  attempts to build a mathematically sound distributed version control
  system had huge worst-case complexities. The use of Rust
  additionally yields a blazingly fast implementation.

(nikita)

REPLACE_BASH *.sh one subdirectory further, fixing

- src/crypto/internal/boring/build.sh
- src/go/doc/comment/mkstd.sh

when ${PREFIX} != "/usr/pkg".

(schmonz)

texstudio update.

(markd)

texstudio: update to 4.4.0

TeXstudio 4.4.0
-----------------
- new icon theme Colibri (by geolta)
- modernized manual
- faster removing of multiple lines
- end multi cursor mode with esc
- switch to CMAKE build system (qmake deprecated)
- hide/filter configuration completer list
- bug fixes

TeXstudio 4.3.1
-----------------
- fix loading files various times if relative path is used for \include
- fix custom verbatim highlighting
- fix label highlighting
- fix version checking

TeXstudio 4.3.0
-----------------
- show most used command at first place in completer
- more cwls
- get position into clipboard in pdf on ctrl+shift+click
- copy/paste table content into table/matrix wizard
- move to next/previous word now stops at every delimiter (no skip
  over several brackets)
- small bug fixes

TeXstudio 4.2.3
-----------------
- xindex engine added
- fix math highlighting in keyvals
- add context menu in embbeded pdf viewer to invert pdf colors
- remember window state (maximized/normal) of config dialog
- fix (and speed-up) miktex package detection
- fix handling apostrophed words better in spellchecker
- regular expression in extended search behave the same as in normal search
- more cwls

TeXstudio 4.2.2
-----------------
- more cwls
- use picture highlighting for tikz env and similar

TeXstudio 4.2.1
-----------------
- fix placeholder issues
- handle NewDocumentsCommand better for completer
- enable "open in explorer" again
- fix building for poppler >=22.x
- more cwls

TeXstudio 4.2.0
-----------------
- more cwls
- fix user menu handling
- filter available dictionaries in status/language selection
- change placeHolder behavior: autoremove when content in placeholder
  is changed, don't use placeholder for cutBuffer

TeXstudio 4.1.2
-----------------
- allow resizing the different sections in the symbol widget
- fix automatic session restore on OSX/Qt6
- scale inline preview if visible linewidth is too small
- fix latex package name parsing on Qt5 builds
- added cwls

TeXstudio 4.1.1
-----------------
- fix weird OSX issue that cursor keys were not working
- allow maximise config dialog

TeXstudio 4.1.0
-----------------
- change session format to json in order to circumvent OSX/Qt6 issue
- make edview accessible from js

TeXstudio 4.0.0
-----------------
- adapt to Qt6/poppler-qt6
- remodel structure handling in order to avoid (rare) crashes
- more and updated completion word lists thanks to mbertucci47
- handle text (e.g. \text{text}) in mathenv as text with spell checking
- performance improvement for large files with large number of labels
  and/or large number of includes
- some bug fixes

TeXstudio 3.1.2
-----------------
- completed global TOC (background color coded, can be adjusted in config)
- fontawesome5 symbol pane
- another dark theme style (Orion Dark)
- results from styleparser gets immediately updated

TeXstudio 3.1.1
-----------------
- let global TOC update as you type

TeXstudio 3.1.0
-----------------
- fix changing GUI language
- global TOC added which needs to be updated for now (WIP)

TeXstudio 3.0.5
-----------------
- fix crash when deleting all elements of a build chain
- fix large tooltips on win with ADWAITA style
- number of pdf rendering threads limited to 8 (or to set value)
- add command line option --texpath to force a tex path
- adapt speller dialog to find the same errors as the online checker
- fix replace in global search

TeXstudio 3.0.2
-----------------
- changed behaviour for cut buffer and Ctrl+e (insert env)
- texdoc added as selectable command
- larger number of default dictionaries added

TeXstudio 3.0.0
-----------------
- speed up document parsing, should result in faster document load times
- spell checking is done asynchronously
- custom verbatim/math env highlighting abandoned for a cwl based approach
- better dark-mode support
- qt4 support abandoned

(markd)

emulators/hercules4sdl: add patch from upstream for networking crash

Fix issue https://github.com/SDL-Hercules-390/hyperion/issues/525
which can cause a segfault if networking is used.
Created a patch file from an upstream commit, therefore it patches multiple
files. It should be possible to remove it at the next release.

(rhialto)

Updated www/nginx-devel to 1.23.3

(osa)

www/nginx-devel: update 1.23.2 -> 1.23.3

<ChangeLog>

*) Bugfix: an error might occur when reading PROXY protocol version 2
  header with large number of TLVs.

*) Bugfix: a segmentation fault might occur in a worker process if SSI
  was used to process subrequests created by other modules.
  Thanks to Ciel Zhao.

*) Workaround: when a hostname used in the "listen" directive resolves
  to multiple addresses, nginx now ignores duplicates within these
  addresses.

*) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
  connections to backends were used.

</ChangeLog>

(osa)

lang/ruby/gem.mk: format consistency

Format consistency in comment.

(taca)

irrlicht: Work around NetBSD unzip for patched files.

(jperkin)

htmllint: Work around NetBSD unzip for patched files.

(jperkin)

qtcreator: Work around NetBSD unzip for patched files.

(jperkin)

simh3: Work around NetBSD unzip for patched files.

(jperkin)

FlightCrew: Work around NetBSD unzip for patched files.

(jperkin)

fmsx: Work around NetBSD unzip vs others for patched files.

(jperkin)

freeimage: Fix unzip problems.

Move fix out of hacks.mk and generalise for all systems, the problem is that
NetBSD unzip behaves differently to other implementations, which is why we end
up with these problems.  Also make it pkglint clean while here.

(jperkin)

freeimage: Fix BUILDLINK_API_DEPENDS.

(jperkin)

open-cobol-ce: Explicitly disable nls.

(jperkin)

gourmet: Use PKGLOCALEDIR.

(jperkin)

gkrellmpc: Use PKGLOCALEDIR.

(jperkin)

gkrellsun: Build and PKGLOCALEDIR fixes.

(jperkin)

wxmaxima: USE PKGLOCALEDIR and PKGMANDIR.

(jperkin)

spek: Use PKGLOCALEDIR.

(jperkin)

evince: Use PKGLOCALEDIR.

(jperkin)

appstream-glib: Use PKGLOCALEDIR.

(jperkin)

libuuid: Set INCDIRS, fixes some dependent packages.

(jperkin)

doc: Updated emulators/free42 to 3.0.16

(gdt)

emulators/free42: Update to 3.0.16

bugfixes and minor improvements

(gdt)

fcitx5: Fix paths to gettext/libuuid.

(jperkin)

Avoid extracting the vendored discount library. We don't use it at all
(instead buildlinking textproc/discount), and it sometimes contains
macOS xattrs that break extraction as root on other systems.

Fixes "Cannot restore extended attributes: com.apple.quarantine
com.apple.quarantine" seen with pkg_comp(8) on NetBSD/amd64 9.3.

(schmonz)

e2fsprogs: Drop -rpath-link on SunOS.

(jperkin)

py-MyHDL: Remove -export-dynamic on SunOS.

(jperkin)

kio-extras: Remove --as-needed on SunOS.

(jperkin)

libretro-virtualjaguar: Remove unsupported SunOS linker arg.

(jperkin)

Updated biology/htslib, biology/samtools

(adam)

samtools: updated to 1.16.1

1.16.1

Bug fixes:

Fixed a bug with the template-coordinate sort which caused incorrect ordering when using threads, or processing large files that don't fit completely in memory.

Fixed a crash that occurred when trying to use samtools merge in template-coordinate mode.

1.16

New work and changes:

samtools reference command added. This subcommand extracts the embedded reference out of a CRAM file.

samtools import now adds grouped by query-name to the header.

Made samtools view read error messages more generic. Former error message would claim that there was a "truncated file or corrupt BAM index file" with no real justification. Also reset errno in stream_view which could lead to confusing error messages.

Make samtools view -p also clear mqual, tlen and cigar.

Add bedcov option -c to report read count.

Add UMI/barcode handling to samtools markdup.

Add a new template coordinate sort order to samtools sort and samtools merge. This is useful when working with unique molecular identifiers (UMIs).

Rename mpileup --ignore-overlaps to --ignore-overlaps-removal or --disable-overlap-removal. The previous name was ambiguous and was often read as an option to enable removal of overlapping bases, while in reality this is on by default and the option turns off the ability to remove overlapping bases.

The dict command can now read BWA's .alt file and add AH:* tags indicating reference sequences that represent alternate loci.

The samtools index command can now accept multiple alignment filenames with the new -M option, and will index each of them separately. (Specifying the output index filename via out.index or the new -o option is currently only applicable when there is only one alignment file to be indexed.)

Allow samtools fastq -T "*". This allows all tags from SAM records to be written to fastq headers. This is a counterpart to samtools import -T "*".

Bug Fixes:

Re-enable --reference option for samtools depth. The reference is not used but this makes the command line usage compatible with older releases.

Fix regex coordinate bug in samtools markdup.

Fix divide by zero in plot-bamstats -m, on unmapped data.

Fix missing RG headers when using samtools merge -r.

Fix a possible unaligned access in samtools reference.

Documentation:

Add documentation on CRAM compression profiles and some of the newer options that appear in CRAM 3.1 and above.

Add sclen filter expression keyword documentation.

Extend FILTER EXPRESSION man page section to match the changes made in HTSlib.

Non user-visible changes and build improvements:

Ensure generated test files are ignored (by git) and cleaned (by make testclean)

(adam)

htslib: updated to 1.16

1.16

Make hfile_s3 refresh AWS credentials on expiry in order to make HTSlib work better with AWS IAM credentials, which have a limited lifespan.

Allow BAM headers between 2GB and 4GB in size once more. This is not permitted in the BAM specification but was allowed in an earlier version of HTSlib. There is now a warning at 2GB and a hard failure at 4GB.

Improve error message when failing to load an index.

Permit MM (base modification) tags containing . and ? suffixes. These define implicit vs explicit coordinates. See the SAM tags specification for details.

Warn if spaces instead of tabs are detected in a VCF file to prevent confusion.

Add an sclen filter expression keyword. This is the length of a soft-clip, both left and right end. It may be combined with qlen (qlen-sclen) to obtain the number of bases in the query sequence that have been aligned to the genome ie it provides a way to compare local-alignment vs global-alignment length.

Improve error messages for CRAM reference mismatches. If the user specifies the wrong reference, the CRAM slice header MD5sum checks fail. We now report the SQ line M5 string too so it is possible to validate against the whole chr in the ref.fa file. The error message has also been improved to report the reference name instead of #num. Finally, we now hint at the likely cause, which counters the misleading samtools supplied error of "truncated or corrupt" file.

Expose more of the CRAM API and add new functionality to extract the reference from a CRAM file.

Improvements to the implementation of embedded references in CRAM where no external reference is specified.

The CRAM writer now allows alignment records with RG:Z: aux tags that don't have a corresponding @RG ID in the file header. Previously these tags would have been silently dropped. HTSlib will complain whenever it has to add one though, as such tags do not conform to recommended practice for the SAM, BAM and CRAM formats.

Set tab delimiter in man page for tabix GFF3 sort.

When using libdeflate, the 1...9 scale of BGZF compression levels is now remapped to the 1...12 range used by libdeflate instead of being passed directly. In particular, HTSlib levels 8 and 9 now map to libdeflate levels 10 and 12, so it is possible to select the highest (but slowest) compression offered by libdeflate.

The VCF variant API has been extended so that it can return separate flags for INS and DEL variants as well as the existing INDEL one. These flags have not been added to the old bcf_get_variant_types() interface as it could break existing users. To access them, it is necessary to use new functions bcf_has_variant_type() and bcf_has_variant_types().

The missing, but trivial, le_to_u8() function has been added to hts_endian.

bcf_format_gt() now works properly on big-endian platforms.

(adam)

Updated databases/redis, devel/py-traitlets, security/py-google-auth-oauthlib, devel/pcre2

(adam)

pcre2: updated to 10.42

Version 10.42 11-December-2022
------------------------------

1. Change 19 of 10.41 wasn't quite right; it put the definition of a default,
empty value for PCRE2_CALL_CONVENTION in src/pcre2posix.c instead of
src/pcre2posix.h, which meant that programs that included pcre2posix.h but not
pcre2.h failed to compile.

2. To catch similar issues to the above in future, a new small test program
that includes pcre2posix.h but not pcre2.h has been added to the test suite.

3. When the -S option of pcre2test was used to set a stack size greater than
the allowed maximum, the error message displayed the hard limit incorrectly.
This was pointed out on GitHub pull request 171, but the suggested patch
didn't cope with all cases. Some further modification was required.

4. Supplying an ovector count of more than 65535 to pcre2_match_data_create()
caused a crash because the field in the match data block is only 16 bits. A
maximum of 65535 is now silently applied.

5. Merged @carenas patch 175 which fixes 86 - segfault on aarch64 (ARM),

(adam)

py-google-auth-oauthlib: updated to 0.8.0

0.8.0 (2022-12-08)

Features

Add support for Python 3.11
Introduce granted scopes to credentials

(adam)

py-traitlets: updated to 5.7.1

5.7.1

Bugs fixed
- fix: some descriptors raise AttributeError

(adam)

redis: updated to 7.0.6

Redis 7.0.6
===========

Upgrade urgency: MODERATE, Contains fixes for a few non-critical or unlikely bugs,
and some dramatic optimizations to Geo, EVAL, and Sorted sets commands.

Potentially Breaking Bug Fixes for new Redis 7.0 features
=======================================================

* RM_ResetDataset module API should not clear the functions
* RM_Call module API used with the "C" flag to run scripts, would now cause
  the commands in the script to check ACL with the designated user

Performance and resource utilization improvements
=================================================

* Geo commands speedups
* Fix EVAL command performance regression from Redis 7.0
* Reduce EXPIRE commands performance regression from Redis 7.0
* Optimize commands returning double values, mainly affecting zset commands
* Optimize Lua parsing of some command responses
* Optimize client memory usage tracking operation while client eviction is disabled

Platform / toolchain support related improvements
=================================================

* Fix compilation on Solaris

Module API changes
==================

* RM_SetContextUser, RM_SetModuleUserACLString, RM_GetModuleUserACLString
* Fix crash in CLIENT_CHANGE event, when the selected database is not 0

Changes in CLI tools
====================

* redis-benchmark avoid aborting on NOPERM from CONFIG GET

Bug Fixes
=========

* Avoid hang of diskless replication fork child when parent crashes
* Fix crash with module API of list iterator and RM_ListDelete
* Fix TLS error handling to avoid connection drops on timeouts
* Fix runtime changes to cluster-announce-*-port to take effect on the local node too
* Fix sentinel function that compares hostnames if failed resolve
* Fix MIGRATE with AUTH set to "keys" is getting wrong key names leading to MOVED or ACL errors

Fixes for issues in previous releases of Redis 7.0
--------------------------------------------------

* Fix command line startup --sentinel problem
* Fis missing FCALL commands in monitor
* Fix CLUSTER SHARDS showing empty hostname
* Replica that asks for rdb-only could have missed the EOF and hang

(adam)

doc: Updated biology/biolibc-tools to 0.1.4

(bacon)

biology/biolibc-tools: Update to 0.1.4

Add deromanize subcommand to convert Roman numeral chromosome IDs
fastx-stats: Report standard deviation for read length

Changes:    https://github.com/auerlab/biolibc-tools/releases

(bacon)

lang/php82: fix version upper bound

(taca)

doc: Updated x11/xhost to 1.0.9

(wiz)

xhost: update to 1.0.9.

This release delivers upstream two changes we've been shipping in Solaris
for many years - a fix to the command line handling to allow specifying
IPv6 addresses directly ("xhost +2001:DB8::11") and the use of gettext()
to allow localizing output & error messages.  Unfortunately, this release
only includes the changes to use gettext, but does not include any
translations.

Alan Coopersmith (6):
      gitlab CI: add a basic build test
      Build xz tarballs instead of bzip2
      Recognize raw IPv6 numeric address
      Use gettext() to localize messages if available
      Simplify i18n of 'unable to get ... address for ...' error message
      xhost 1.0.9

(wiz)

Updated net/bind918

(sekiya)

Fix build for PKG_DEVELOPER=yes (from taca@)

Bump pkgsrc version.

(sekiya)

Updated devel/git

(adam)

git: updated to 2.38.2

Git 2.38.2 Release Notes
========================

This is to backport various fixes accumulated during the development
towards Git 2.39, the next feature release.

Fixes since v2.38.1
-------------------

* Update CodingGuidelines to clarify what features to use and avoid
  in C99.

* The codepath that reads from the index v4 had unaligned memory
  accesses, which has been corrected.

* "git remote rename" failed to rename a remote without fetch
  refspec, which has been corrected.

* "git clone" did not like to see the "--bare" and the "--origin"
  options used together without a good reason.

* Fix messages incorrectly marked for translation.

* "git fsck" failed to release contents of tree objects already used
  from the memory, which has been fixed.

* "git rebase -i" can mistakenly attempt to apply a fixup to a commit
  itself, which has been corrected.

* In read-only repositories, "git merge-tree" tried to come up with a
  merge result tree object, which it failed (which is not wrong) and
  led to a segfault (which is bad), which has been corrected.

* Force C locale while running tests around httpd to make sure we can
  find expected error messages in the log.

* Fix a logic in "mailinfo -b" that miscomputed the length of a
  substring, which lead to an out-of-bounds access.

* The codepath to sign learned to report errors when it fails to read
  from "ssh-keygen".

* "GIT_EDITOR=: git branch --edit-description" resulted in failure,
  which has been corrected.

* Documentation on various Boolean GIT_* environment variables have
  been clarified.

* "git multi-pack-index repack/expire" used to repack unreachable
  cruft into a new pack, which have been corrected.

* The code to clean temporary object directories (used for
  quarantine) tried to remove them inside its signal handler, which
  was a no-no.

* "git branch --edit-description" on an unborh branch misleadingly
  said that no such branch exists, which has been corrected.

* GitHub CI settings have been adjusted to recent reality, merging
  and cherry-picking necessary topics that have been prepared for Git
  2.39.

* `git rebase --update-refs` would delete references when all `update-ref`
  commands in the sequencer were removed, which has been corrected.

Also contains various documentation updates and code clean-ups.

(adam)

doc: Added audio/parlatype version 3.1

(wiz)

audio/Makefile: + parlatype

(wiz)

audio/parlatype: import parlatype-3.1

Parlatype is a minimal audio player for manual speech transcription,
written for the GNOME desktop environment. It plays audio sources
to transcribe them in your favourite text application.

It's intended to be useful for journalists, students, scientists
and whoever needs to transcribe audio files.

(wiz)

doc: Updated graphics/oculante to 0.6.28

(pin)

graphics/oculante: update to 0.6.28

0.6.28 (2022-12-11)
Bug Fixes
- Allow building without default features (10a0f6a4)

0.6.27 (2022-12-10)
- ui tweaks

(pin)

doc: Updated emulators/simh3 to 3.12.3

(rhialto)

emulators/simh3: update to V3.12-3.

The version still under 100% control of Bob Supnik.
Changes are given as
"It is mostly bug fixes to the PDP11 and Sigma simulators."

(rhialto)

doc: Updated devel/makedepend to 1.0.8

(wiz)

makedepend: update to 1.0.8.

This bug fix release corrects a regression introduced in 1.0.7 that
caused running makedepend on larger bodies of source to incorrectly
hit the "out of space: increase MAXFILES" error, and made makedepend
run measuribly slower than before.

Alan Coopersmith (3):
      man page: add line breaks in Synopsis section
      Bug #2: fix regression introduced by fix for bug #1
      makedepend 1.0.8

(wiz)

biology/Makefile: Add rna-seq meta-package

(bacon)

doc: Added biology/rna-seq version 1.0

(bacon)

biology/rna-seq: Core tools needed for RNA-Seq analysis

The rna-seq meta-package provides the core tools needed for performing
a typical RNA-Seq differential gene expression analysis, including
adapter trimming, quality control, alignment, and identification of
differentially expressed genes.  Researchers may want additional tools
for data manipulation, gene ontology, etc.

(bacon)

biology/Makefile: Add fasda

(bacon)

doc: Added biology/fasda version 0.1.2

(bacon)

biology/fasda: Fast and simple differential analysis

FASDA aims to provide a fast and simple differential analysis tool
that just works and does not require any knowledge beyond basic Unix
command-line skills. The code is written entirely in C to maximize
efficiency and portability, and to provide a simple command-line user
interface.

(bacon)