Pullup ticket #6697 - requested by taca
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                            1.262
- www/curl/PLIST                                                1.92
- www/curl/distinfo                                            1.186

---
  Module Name: pkgsrc
  Committed By: wiz
  Date: Wed Oct 26 07:44:01 UTC 2022

  Modified Files:
  pkgsrc/www/curl: Makefile PLIST distinfo

  Log Message:
  curl: update to 7.86.0.

  Changes:

      NPN: remove support for and use of
      Websockets: initial support

  Bugfixes:

      altsvc: reject bad port numbers
      altsvc: use 'h3' for h3
      amiga: do not hardcode openssl/zlib into the os config
      amiga: set SIZEOF_CURL_OFF_T=8 by default
      amigaos: add missing curl header
      asyn-ares: set hint flags when calling ares_getaddrinfo
      autotools: allow --enable-symbol-hiding with windows
      autotools: allow unix sockets on Windows
      autotools: reduce brute-force when detecting recv/send arg list
      aws_sigv4: fix header computation
      bearssl: make it proper C89 compliant
      CI/GHA: cancel outdated CI runs on new PR changes
      CI/GHA: merge msh3 and openssl3 builds into linux workflow
      cirrus-ci: add macOS build with m1
      cirrus: use make LDFLAGS=-all-static instead of curl_LDFLAGS
      cli tool: do not use disabled protocols
      cmake: add missing inet_ntop check
      cmake: add the check of HAVE_SOCKETPAIR
      cmake: define BUILDING_LIBCURL in lib/CMakeLists, not config.h
      cmake: delete duplicate HAVE_GETADDRINFO test
      cmake: enable more detection on Windows
      cmake: fix original MinGW builds
      cmake: improve usability of CMake build as a sub-project
      cmake: set HAVE_GETADDRINFO_THREADSAFE on Windows
      cmake: set HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID on Windows
      cmake: sync HAVE_SIGNAL detection with autotools
      cmdline/docs: add a required 'multi' keyword for each option
      configure: correct the wording when checking grep -E
      configure: deprecate builds with small curl_off_t
      configure: fail if '--without-ssl' + explicit parameter for an ssl lib
      configure: the ngtcp2 option should default to 'no'
      connect: change verbose IPv6 address:port to [address]:port
      connect: fix builds without AF_INET6
      connect: fix Curl_updateconninfo for TRNSPRT_UNIX
      connect: fix the wrong error message on connect failures
      content_encoding: use writer struct subclasses for different encodings
      cookie: reject cookie names or content with TAB characters
      ctype: remove all use of <ctype.h>, use our own versions
      curl-compilers.m4: for gcc + want warnings, set gnu89 standard
      curl-compilers.m4: use -O2 as default optimize for clang
      curl-wolfssl.m4: error out if wolfSSL is not usable
      curl.h: fix mention of wrong error code in comment
      curl/add_file_name_to_url: use the libcurl URL parser
      curl/add_parallel_transfers: better error handling
      curl/get_url_file_name: use libcurl URL parser
      curl: warn for --ssl use, considered insecure
      curl_ctype: convert to macros-only
      curl_easy_pause.3: unpausing is as fast as possible
      curl_escape.3: fix typo
      curl_setup: disable use of FLOSS for 64-bit NonStop builds
      curl_setup: include curl.h after platform setup headers
      curl_setup: include only system.h instead of curl.h
      curl_strequal.3: fix argument typo
      curl_url_set.3: document CURLU_APPENDQUERY proper
      CURLMOPT_PIPELINING.3: dedup manpage xref
      CURLOPT_ACCEPT_ENCODING.3: remove "four" as they are five
      CURLOPT_AUTOREFERER.3: highlight the privacy leak risk
      CURLOPT_COOKIEFILE: insist on "" for enable-without-file
      CURLOPT_COOKIELIST.3: fix formatting mistake
      CURLOPT_DNS_INTERFACE.3: mention it works for almost all protocols
      CURLOPT_MIMEPOST.3: add an (inline) example
      CURLOPT_POSTFIELDS.3: refer to CURLOPT_MIMEPOST
      CURLOPT_PROXY_SSLCERT_BLOB.3: this is for HTTPS proxies
      CURLOPT_WILDCARDMATCH.3: Fix backslash escaping under single quotes
      CURLSHOPT_UNLOCKFUNC.3: the callback has no 'access' argument
      DEPRECATE.md: Support for systems without 64 bit data types
      docs/examples: avoid deprecated options in examples where possible
      docs/INSTALL: update Android Instructions for newer NDKs
      docs/libcurl/symbols-in-versions: add several missing symbols
      docs: 100+ spellfixes
      docs: correct missing uppercase in Markdown files
      docs: document more server names for test files
      docs: fix deprecation versions inconsistencies
      docs: make sure libcurl opts examples pass in long arguments
      docs: remove mentions of deprecated '--without-openssl' parameter
      docs: tag curl options better in man pages
      docs: tell about disabled protocols in CURLOPT_*PROTOCOLS_STR.
      docs: update sourceforge project links
      easy: fix the #include order
      easy: fix the altsvc init for curl_easy_duphandle
      easy_lock: check for HAVE_STDATOMIC_H as well
      examples/chkspeed: improve portability
      formdata: fix warning: 'CURLformoption' is promoted to 'int'
      ftp: ignore a 550 response to MDTM
      ftp: remove redundant if
      functypes: provide the recv and send arg and return types
      getparameter: return PARAM_MANUAL_REQUESTED for -M even when disabled
      GHA: build tests in a separate step from the running of them
      GHA: run proselint on markdown files
      github: initial CODEOWNERS setup for CI configuration
      header: define public API functions as extern c
      headers: reset the requests counter at transfer start
      hostip: guard PF_INET6 use
      hostip: lazily wait to figure out if IPv6 works until needed
      http, vauth: always provide Curl_allow_auth_to_host() functionality
      http2: make nghttp2 less picky about field whitespace
      HTTP3.md: update Caddy example
      http: try parsing Retry-After: as a number first
      http_proxy: restore the protocol pointer on error
      httpput-postfields.c: shorten string for C89 compliance
      ldap: delete stray CURL_HAS_MOZILLA_LDAP reference
      lib1560: extended to verify detect/reject of unknown schemes
      lib517: fix C89 constant signedness
      lib: add missing limits.h includes
      lib: add required Win32 setup definitions in setup-win32.h
      lib: prepare the incoming of additional protocols
      lib: sanitize conditional exclusion around MIME
      lib: set more flags in config-win32.h
      lib: the number four in a sequence is the "fourth"
      libssh: if sftp_init fails, don't get the sftp error code
      Makefile.m32: deduplicate build rules
      Makefile.m32: drop CROSSPREFIX and our CC/AR defaults
      Makefile.m32: exclude libs & libpaths for shared mode exes
      Makefile.m32: fix regression with tool_hugehelp
      Makefile.m32: major rework
      Makefile.m32: reintroduce CROSSPREFIX and -W -Wall
      Makefile.m32: support more options
      manpage-syntax.pl: all libcurl option symbols should be \fI-tagged
      manpages: Fix spelling of "allows to" -> "allows one to"
      misc: ISSPACE() => ISBLANK()
      misc: use the term "null-terminate" consistently
      mprintf: reject two kinds of precision for the same argument
      mprintf: use snprintf if available
      mqtt: return error for too long topic
      mqtt: spell out CONNECT in comments
      msh3: change the static_assert to make the code C89
      netrc: compare user name case sensitively
      netrc: replace fgets with Curl_get_line
      netrc: use the URL-decoded user
      ngtcp2: fix build errors due to changes in ngtcp2 library
      ngtcp2: fix C89 compliance nit
      noproxy: support proxies specified using cidr notation
      openssl: make certinfo available for QUIC
      README.md: add GHA status badges for Linux and macOS builds
      RELEASE-PROCEDURE.md: mention patch releases
      resolve: make forced IPv4 resolve only use A queries
      runtests: fix uninitialized value on ignored tests
      schannel: ban server ALPN change during recv renegotiation
      schannel: don't reset recv/send function pointers on renegotiation
      schannel: when importing PFX, disable key persistence
      scripts: use `grep -E` instead of `egrep`
      setopt: use the handler table for protocol name to number conversions
      setopt: when POST is set, reset the 'upload' field
      setup-win32: no longer define UNICODE/_UNICODE implicitly
      single_transfer: use the libcurl URL parser when appending query parts
      smb: replace CURL_WIN32 with WIN32
      strcase: add and use Curl_timestrcmp
      strerror: improve two URL API error messages
      symbol-scan.pl: also check for LIBCURL* symbols
      symbol-scan.pl: scan and verify .3 man pages
      symbols-in-versions: add missing LIBCURL* symbols
      symbols-in-versions: CURLOPT_ENCODING is deprecated since 7.21.6
      test1119: scan all public headers
      test1275: verify uppercase after period in markdown
      test972: verify the output without using external tool
      tests/certs/scripts: insert standard curl source headers
      tests/Makefile: remove run time stats from ci-test
      tests: avoid CreateThread if _beginthreadex is available
      tests: fix tag syntax errors in test files
      tests: skip mime/form tests when mime is not built-in
      tidy-up: delete parallel/unused feature flags
      tidy-up: delete unused HAVE_STRUCT_POLLFD
      TODO: provide the error body from a CONNECT response
      tool: avoid generating ambiguous escaped characters in --libcurl
      tool: remove dead code
      tool: reorganize function c_escape around a dynbuf
      tool_hugehelp: make hugehelp a blank macro when disabled
      tool_main: exit at once if out of file descriptors
      tool_operate: avoid a few #ifdefs for disabled-libcurl builds
      tool_operate: more transfer cleanup after parallel transfer fail
      tool_operate: prevent over-queuing in parallel mode
      tool_operate: reduce errorbuffer allocs
      tool_paramhelp: asserts verify maximum sizes for string loading
      tool_paramhelp: make the max argument a 'double'
      tool_progress: remove 'Qd' from the parallel progress bar
      tool_setopt: use better English in --libcurl source comments
      tool_xattr: save the original URL, not the final redirected one
      unit test 1655: make it C89-compliant
      url: a zero-length userinfo part in the URL is still a (blank) user
      url: allow non-HTTPS HSTS-matching for debug builds
      url: rename function due to name-clash in Watt-32
      url: use IDN decoded names for HSTS checks
      urlapi: detect scheme better when not guessing
      urlapi: fix parsing URL without slash with CURLU_URLENCODE
      urlapi: leaner with fewer allocs
      urlapi: reject more bad characters from the host name field
      winbuild/MakefileBuild.vc: handle spaces in libssh(2) include paths
      winbuild: use NMake batch-rules for compilation
      windows: add .rc support to autotools builds
      windows: adjust name of two internal public functions
      windows: autotools .rc warnings fixup
      wolfSSL: fix session management bug.

(bsiegert)

doc: openssl updated to 1.1.1s

(wiz)

openssl: pkglint cleanup

(wiz)

openssl: update to 1.1.1s.

  Major changes between OpenSSL 1.1.1r and OpenSSL 1.1.1s [1 Nov 2022]

      o Fixed a regression introduced in OpenSSL 1.1.1r not refreshing the
        certificate data to be signed before signing the certificate.

  Major changes between OpenSSL 1.1.1q and OpenSSL 1.1.1r [11 Oct 2022]

      o Added a missing header for memcmp that caused compilation failure on
        some platforms

(wiz)

doc: Added x11/xtrlock version 2.15

(pin)

Add xtrlock

(pin)

x11/xtrlock: import pkg

xtrlock is a very minimal X display lock program, which uses
nothing except the Xlib library. It doesn't obscure the screen,
it is completely idle while the display is locked and you don't
type at it, and it doesn't do funny things to the X access control
lists.

Original by Matthias Petermann, fixes by Paolo Vincenzo Olivo in wip

(pin)

doc: Added x11/xss-lock version 0.3.0

(pin)

Add xss-lock

(pin)

x11/xss-lock: import pkg

xss-lock allows to set an external locker as the X screensaver.

By Paolo Vincenzo Olivo in wip

(pin)

Pullup ticket #6695 - requested by nia
www/arcticfox: arm build fix

Revisions pulled up:
- www/arcticfox/Makefile                                        1.16

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Wed Oct 26 13:55:17 UTC 2022

  Modified Files:
  pkgsrc/www/arcticfox: Makefile

  Log Message:
  arcticfox: Use latest versions of config.guess/config.sub from pkgsrc.

  Should help armv[6-7] builds, since arcticfox's embedded copy of ICU
  still contains versions from 2013 that don't know about NetBSD arm
  variants.

(bsiegert)

Pullup ticket #6694 - requested by taca
devel/samba4: security fix

via patch -- update to 4.16.6

---
  Samba 4.16.6 fixes these security problems.

  4.16.6 (2022-10-25)

  This is a security release in order to address the following defect:

  o CVE-2022-3437:  There is a limited write heap buffer overflow in the GSSAPI
    unwrap_des() and unwrap_des3() routines of Heimdal (included
    in Samba).
    https://www.samba.org/samba/security/CVE-2022-3437.html

  Changes since 4.16.5
  ---------------------

  o  Joseph Sutton <josephsutton@catalyst.net.nz>
      * BUG 15134: CVE-2022-3437.

(bsiegert)

doc: Updated textproc/split-thai to 2.22

(scole)

Update to 2.22
- fix memory leaks in st-icu.cc
- for st-swath, don't spawn new process for every stdin readline

  pthai.el:
- clean up pthai-unknown* funcs and add toggle to highlight unknown words
- add option to use external processes for swath and icu which is
  faster and gives more split choices
- add pause and pthai-no-audio-pause-length custom setting for pausing
  on words with no audio when attempting audio play
- clean-ups for pthai-currency* functions
- consolidate text highlighting into pthai-highlight-on/off functions
- when reloading pthai.el library, don't clear 'pthai-dictionary

(scole)

doc: Added shells/yash version 2.53

(pin)

Add yash

(pin)

shells/yash: import pkg

Yash, yet another shell, is a POSIX-compliant command line shell written
in C99 (ISO/IEC 9899:1999). Yash is intended to be the most POSIX -
compliant shell in the world while supporting features for daily
interactive and scripting use. Notable features are:

- Global aliases
- Arrays
- Socket redirection, pipeline redirection, and process redirection
- Brace expansion and extended globbing
- Fractional numbers in arithmetic expansion
- Prompt command and command-not-found handler
- Command line completion with predefined completion scripts for more
  than 100 commands
- Command line prediction based on command history

By Paolo Vincenzo Olivo in wip

(pin)

doc: Updated security/signify to 0.12

(pin)

security/signify: update to 0.12.

The version number is kept consistent with that of outils.
Sources have been synced with upstream OpenBSD/src.

Changes relevant to signify:

- Unused variables moved under !VERIFYONLY
- In -C mode, the public key is optional since it can be deduced from
the untrusted comment.  In this case, don't ignore -t but rather make
it work as expected.

(pin)

doc: Updated x11/drawterm to 20221013

(pin)

drawterm: update to 20221013

Sources synced with upstream.
Corrected redundant DIST_SUBDIR naming.

Noticeable changes commited since 20220603:

- wayland: grab monitor size from compositor
- wayland: release pointer/keyboard on seat capabilities change
- wayland: support media keys
- wayland: correct keyboard ctl handling

(pin)

doc: Updated shells/ksh93 to 1.0.4

(pin)

ksh93: update to 1.0.4.

Main changes between 1.0.3 and 1.0.4:

- Fixed multiple scoping-related bugs in the += additive assignment
  operator.
- A number of crashing bugs have been fixed.
- Various fixes for the Haiku operating system, notably 'ulimit -a'
  now works.
- Fixed the expansion of out-of-range \n back references in the
  string part of ${parameter//pattern/string}. For example:
v=AB; echo "${v/@(A)B/\0:\1:\2}"
  now yields 'AB:A:' instead of 'AB:A:\2'.
- Fixed quoted '!', '^' and '-' within [bracket] expressions in
  glob patterns; single or double quotes failed to disable their
  operator behaviour.
- Fixed a bug introduced on 2021-04-04 that incorrectly allowed
  'typeset' to turn off the readonly and export attributes on a
  readonly variable.
- In the emacs line editor, the Ctrl+R reverse-search prompt is
  now visually distinct from a literal control character ("^R: "
  instead of "^R").
- In the vi line editor, fixed the behaviour of 'C', 'c$' and 'I'
  to be consistent with standard vi(1) and with Bolsky & Korn
  (1995, p. 121).
- Aliases for many GNU long options have been added to the
  /opt/ast/bin built-in commands. Additionally, 'kill -s' now has
  a --signal long option alias compatible with the util-linux
  option.
- Backported support for 'print -u p' from ksh 93v- for
  compatibility with scripts written for 93v-/ksh2020 (this is
  equivalent to 'print -p').

(pin)

doc: Updated sysutils/ripdrag to 0.2.1

(pin)

sysutils/ripdrag: update to 0.2.1

- Bump to 0.2.1 and updated README
- Merge pull request #16 from tranzystorek-io/clap-v4
- Bump clap version to 4.0
- Merge pull request #13 from 0323pin/master

(pin)

doc: Updated sysutils/broot to 1.16.2

(pin)

sysutils/broot: update to 1.16.2

v1.16.2 - 2022-11-04
- you can restrict the panels in which verbs apply with the verb configuration
  panels parameter
- fix rm on Windows behaving "recursively" (it was cmd /c del /Q /S {file}) -
  Fix #627

(pin)

doc: Added security/gopass version 1.14.9

(nikita)

Import wip/gopass as security/gopass.

Add gopass version 1.14.9, packaged by Iku Iwasa.

gopass is a rewrite of the pass password manager in Go with the aim of
making it cross-platform and adding additional features.  Our target
audience are professional developers and sysadmins (and especially teams of
those) who are well versed with a command line interface.  One explicit
goal for this project is to make it more approachable to non-technical
users.  We go by the UNIX philosophy and try to do one thing and do it
well, providing a stellar user experience and a sane, simple interface.

(nikita)

Pullup ticket #6692 - requested by taca
devel/git: security fix

via patch -- update to 2.37.4

---
  This release merges the security fix that appears in v2.30.6; see
  the release notes for that version for details.

(bsiegert)

Update chat/element-web to 1.11.13

Upstream mentions an important bug fix, but unfortunately doesn't go into any
details, so better to update.

(js)

x11/ocaml-lablgtk3: Adjust DESCR wording (minor)

Adjust language in GTK reference.

(gdt)

Updated devel/cmake, devel/cmake-gui

(adam)

cmake cmake-gui: updated to 3.24.3

CMake 3.24.3
* cmStringAlgorithms: Add functions to parse strings to long long integers
* file: Avoid strange istringstream crash in cmake.org binaries on Alpine Linux
* Xcode: Drop CMAKE_INTDIR= definition in Swift targets
* Tests: Update RunCMake.XcodeProject iOS cases for Xcode 14.0
* gitlab-ci: update macOS jobs to use Xcode 14.0
* COMPILE_WARNING_AS_ERROR: Fix internal formatting of options table
* LLVMFlang: Add support for mixed-language linking with Fortran
* Help: Add versionadded for string(TIMESTAMP) %f specifier
* try_compile: Honor CMP0128 setting in test project
* Tests: Explicitly allow usage of git file-based protocol in test cases
* cm/filesystem: Fix crash with pre-C++11 std::string GNU ABI in C++17
* Tests: Avoid running C++11 test on GNU < 4.7
* VS: Fix crash finding vswhere on 32-bit Windows
* Ninja: Restore support for non-ascii paths on Windows with ninja<=1.10
* Tests: Add case for ninja with non-ascii chars
* CPack/IFW: Add support for QtIFW 4.4
* CPack: Require no argument for --trace and --trace-expand
* Apple: Fix regression when linking a framework with postfix
* FindMatlab: Add MEX binary file suffix for Apple Silicon native Matlab
* FindMatlab: add R2022b 9.13 version map
* Intel/IntelLLVM: Fortran has distinct "-Werror"-like flag
* CPack/NSIS: Fix installer not waiting for uninstaller to finish
* CUDA: Add support for the two new architectures in 11.8
* FindJNI: replace CMAKE_ANDROID_API by CMAKE_SYSTEM_VERSION
* Android: Avoid searching API level directories matching architecture bitness
* ctest: only report make-level errors when no others are found
* LLVMFlang: Add support for Windows
* LLVMFlang: Add a required line to define linking rules on Windows

(adam)

Updated devel/py-hypothesis, www/tidy

(adam)

tidy: updated to 5.8.0

5.8.0

Finally, the latest stable HTML Tidy 5.8.0 is official!

This is an even minor version number release, which means that we guarantee ABI/API stability throughout the entire release cycle of 5.8.x, meaning that this is a stable release. This is the release that other repository maintainers should be tracking for release!

If you don't require ABI/API stability in your application, make sure you continue to monitor our next branch. This is where new features and HTML process bug fixes are generally applied.

(adam)

py-hypothesis: add ALTERNATIVES

(adam)

py-hypothesis: fix build for Python 3.7; avoid self-conflict; bump revision

(adam)

doc: Updated sysutils/tsm8 to 8.1.15.0

(hauke)

sysutils/tsm8: Update from 8.1.13 to 8.1.15

This is a bugfix release; upstream does not provide a changelog.

(hauke)

Add the libcrypt1 library, for the sake of sysutils/tsm8.

(hauke)

doc/TODO: add some

+ calibre-6.8, rust-1.65.0, sile-0.14.3, tor-browser-11.5.7.

(wiz)

Remove vestige of the tty-vs-x11 dualism from DESCR.

(schmonz)

Oops, commit sums for new patch filenames.

(schmonz)

doc: Updated security/sudo to 1.9.12nb1

(taca)

security/sudo: add fix for CVE-2022-43995

Add patch from upstream to fix CVE-2022-43995.

Bump PKGREVISION.

(taca)

doc: Updated lang/php74 to 7.4.33

(taca)

lang/php74: update to 7.4.33

7.4.33 (2022-11-03)

- GD:
  . Fixed bug #81739: OOB read due to insufficient input validation in
    imageloadfont(). (CVE-2022-31630) (cmb)

- Hash:
  . Fixed bug #81738: buffer overflow in hash_update() on long parameter.
    (CVE-2022-37454) (nicky at mouha dot be)

(taca)

thunderbird52: improve DESCR re. EOL status and rationale

(gutteridge)

thunderbird68: fix build with cbindgen > 0.23

Tested on NetBSD 9.3/amd64.

While here, also update the DESCR to note this is a now unsupported
release.

(gutteridge)

libdrm: Fix building on FreeBSD

pkgsrc changes:
---------------
  * Remove dependency on pthread-stubs for FreeBSD.
  * Bum revision.

(triaxx)

doc: Fix out-dated x11/libdrm

This wrong commit is due to bmake commit-changes-entry after a failing
cvs commit because the package was not up to date.

(triaxx)

doc: Updated sysutils/fd-find to 8.5.2

(pin)

sysutils/fd-find: update to 8.5.2

v8.5.2
Bugfixes
- Fix --owner option value parsing, see #1163 and #1164 (@tmccombs)

v8.5.1
Bugfixes
- Fix --threads/-j option value parsing, see #1160 and #1162 (@sharkdp)

v8.5.0
Features
--type executable/-t now works on Windows, see #1051 and #1061 (@tavianator)

Bugfixes
- Fixed differences between piped / non-piped output. This changes fds
  behavior back to what we had before 8.3.0, i.e. there will be no leading
  ./ prefixes, unless --exec/-x, --exec-batch/-X, or --print0/-0 are used.
  --strip-cwd-prefix can be used to strip that prefix in those cases.
  See #1046, #1115, and #1121 (@tavianator)
- fd could previously crash with a panic due to a race condition in Rusts
  standard library (see rust-lang/rust#39364). This has been fixed by switching
  to a different message passing implementation, see #1060 and #1146
  (@tavianator)
- fds memory usage will not grow unboundedly on huge directory trees,
  see #1146 (@tavianator)
- fd returns an error when current working directory does not exist while a
  search path is specified, see #1072 (@vijfhoek)
- Improved "command not found" error message, see #1083 and #1109 (@themkat)
- Preserve command exit codes when using --exec-batch, see #1136 and #1137
  (@amesgen)

Changes
- No leading ./ prefix for non-interactive results, see above.
- fd now colorizes paths in parallel, significantly improving performance,
  see #1148 (@tavianator)
- fd can now avoid stat syscalls even when colorizing paths, as long as the
  color scheme doesn't require metadata, see #1148 (@tavianator)
- The statically linked musl versions of fd now use jmalloc, leading to a
  significant performance improvement, see #1062 (@tavianator)

Other
- Added link back to GitHub in man page and --help text, see #1086
  (@scottchiefbaker)
- Major update in how fd handles command line options internally,
  see #1067 (@tmccombs)

v8.4.0
Features
- Support multiple --exec <cmd> instances, see #406 and #960 (@tmccombs)

Bugfixes
- "Argument list too long" errors can not appear anymore when using
  --exec-batch/-X, as the command invocations are automatically batched at the
  maximum possible size, even if --batch-size is not given. See #410 and
  #1020 (@tavianator)

Changes
- Directories are now printed with an additional path separator at the end:
  foo/bar/, see #436 and #812 (@yyogo)
- The -u flag was changed to be equivalent to -HI (previously, a single -u was
  only equivalent to -I). Additional -u flags are still allowed, but ignored.
  See #840 and #986 (@jacksontheel)

Other
- Added installation instructions for RHEL8, see #989 (@ethsol)

(pin)

doc: Updated misc/wthrr to 0.4.2

(pin)

misc/wthrr: update to 0.4.2

- make -f -w -d behave as -f
- fix formatting and typos

(pin)

doc: Updated x11/libdrm to 2.4.113nb1

(triaxx)

todoman: add comment

When someone adds zsh completion support to this package, jq is needed.

(wiz)

Remove stray comment.

(schmonz)

Missed a removal in previous.

(schmonz)

Note removal (and successor) of ce-{doc,x11}.

(schmonz)

Retire ce-doc and ce-x11 packages.

(schmonz)

doc: Updated editors/ce to 4.8

(schmonz)

Update to 4.8. No changelog. From the diffs:

- Update maintainer email address
- Regenerate with Autoconf 2.61
- Remove --with-purify configure option
- Remove old malloc
- Improve build system
- Remove TODO
- Sprinkle missing return types
- Fix bugs

pkgsrc changes:

- Specify license
- Merge ce-doc (always installed) and ce-x11 (with the 'x11' option)
  into this package
- Remove MAKE_JOBS_SAFE=no (seems fine)
- Comment patches and modernize patch filenames

(schmonz)

Updated www/py-sanic, textproc/py-regex

(adam)

py-regex: updated to 2022.10.31

2022.10.31
Bug fixes

(adam)

py-sanic: updated to 22.9.1

22.9.1
docs: sanic now supports windows
Upgrade markdown templates to issue forms
improve error message if no apps found in registry
fix: sideeffects created by changing fork to spawn
22.9 Docs
Add interval sleep in reloader
Resolve edge case in nested BP Groups
Add GenericCreator for loading SSL certs in processes

(adam)

fcitx-libthai: fix building with const **char in second argument to iconv

(nros)

Updated devel/py-libmc, textproc/py-dominate

(adam)

py-dominate: updated to 2.7.0

2.7.0:
Bug fixed

(adam)

py-libmc: updated to 1.6.3

1.6.3:
Bug fixes

(adam)

doc: Updated sysutils/nnn to 4.6

(sjmulder)

sysutils/nnn: Update to 4.6

Changes in 4.6:
- icon handling overhaul (#1432, #1436)
  - better performance, memory usage and reduced binary size
- emoji support for supporting distros and terminals (#1346)
- open the target directory of symlinked bookmarks (#1353)
- enable show hidden when a hidden file is passed as argument
- add Colemak-DH layout keybinds to patch framework (#1421)
- set bsdtar as the default archive utility
- support 4 byte unicode keybinds (#1428)
- enable directory auto-enter during filter operation (-A to disable)
- enable filter prompt inside the bookmark/plugin dirs
- show volume usage information in help
- add new icon colors for mp4 and flac files
- use stat -x for file details on *BSD and macOS (#1389)
- interpret suffix $nnn when paging (#1355)
- disable key e (edit file) in explorer mode (#1394)
- fix double order chars on filter case match change
- .cbcp: more verbose message on paste without a selection
- plugin preview-tui: scale-up kitty previews
- plugin preview-tui: account for ueberzug offset
- plugin preview-tui: support SPLIT_SIZE for preview pane (#1431)
- plugin autojump: support z.lua
- new Makefile target shellcheck to verify plugins

Changes in 4.5:
- disable filter info if file details (option -i) enabled
- open previous active context on context quit
- switch ^J and + functionality:
  - +: toggle file selection
  - ^J: toggle auto-jump on file open
- allow symlink creation with name @ to a single file (#1345)
- clear selection on successful operation at native prompt with "%j" (#1330)
- reverse timestamps of entries modified/created within 5 minutes
- avoid using non-portable xargs flags on macOS (#1299)
- quitcd script for Elvish shell > 0.17.0 (#1344)
- plugin openall to open selected files together (#1333)
- plugin gitroot to jump to git root directory from a subtree
- plugin gsconnect to send the selected files to Android using gsconnect
- icon for opus and webp files
- preview-tui - fix gif conversion and whitespace name
- preview-tui - add support for windows terminal split
- preview-tui - djvu file previews
- nuke - add support for imv when named _imv_
- gsconnect - support connection to multiple devices
- export NNN_INCLUDE_HIDDEN to plugins (#1308)
- respect NNN_TRASH in .nmv (#1306)
- add GNU sed as a dependency with support for env var SED
- use bold > to point at current entry in detail mode
- add 2 spaces after icons for better visibility
- documentation refresh
- make option O_NOSORT to load directories unsorted on entry

(sjmulder)

doc: Updated multimedia/nostt to 1.2.2

(sjmulder)

multimedia/nostt: Update to 1.2.2

Changes:
- Fixed: API error caused by use of old HTTP endpoint. Switched to same
  endpoint but HTTPS.

(sjmulder)

doc: Updated editors/micro to 2.0.11

(sjmulder)

editors/micro: Update to 2.0.11

Changes:
- Support for clipboard in WSL via clip.exe.
- New hlsearch option to highlight search results.
- Fixes for OSC52 clipboard support.
- Syntax highlighting fixes, improvements, and new languages.
- Rust clippy and go vet linters.
- Switch to using go embed instead of go-bindata.
- Bug fixes.

(sjmulder)

Added sysutils/u-boot-zynq-zturn version 2022.10

(jmcneill)

+ u-boot-zynq-zturn

(jmcneill)

Initial import of u-boot-zynq-zturn version 2022.10.

U-Boot is a bootloader for embedded boards based on PowerPC, ARM, MIPS and
several other processors, which can be installed in a boot ROM and used to
initialize and test the hardware or to download and run application code.

This package provides U-Boot for MYIR Tech Z-Turn Board development boards.

(jmcneill)

Add patches for U-Boot 2022.10

(jmcneill)

Updated devel/py-hypothesis, math/py-numexpr

(adam)

py-numexpr: updated to 2.8.4

Changes from 2.8.3 to 2.8.4
---------------------------
* Support for Python 3.11 has been added.
* Thanks to Tobias Hangleiter for an improved accuracy complex `expm1` function.
  While it is 25 % slower, it is significantly more accurate for the real component
  over a range of values and matches NumPy outputs much more closely.
* Thanks to Kirill Kouzoubov for a range of fixes to constants parsing that was
  resulting in duplicated constants of the same value.
* Thanks to Mark Harfouche for noticing that we no longer need `numpy` version
  checks. `packaging` is no longer a requirement as a result.

(adam)

py-hypothesis: updated to 6.56.4

6.56.4 - 2022-10-28
This patch updates some docs, and depends on exceptiongroup 1.0.0 final to avoid a bug in the previous version.

(adam)

doc: Updated x11/pixman to 0.42.2

(wiz)

pixman: update to 0.42.2.

This version contains a fix for a heap overflow. A CVE has been
requested.

(wiz)

doc: Updated x11/libdrm to 2.4.114

(wiz)

libdrm: update to 2.4.114.

Alex Deucher (5):
      amdgpu.ids: use consistent formatting for RID
      amdgpu.ids: sort the file
      amdgpu.ids: update to the latest marketing name
      amdgpu_ids: add MI marketing names
      amdgpu: Add a default marketing name if none is found

Eli Schwartz (1):
      meson: fast-fail on unsupported OSes

Jordan Justen (2):
      include/drm/drm_fourcc.h: Update from Linux v6.0-rc7
      include/drm/i915_drm.h: Update from Linux v6.0-rc7

Marco Felsch (1):
      tests/util: add imx-lcdif driver

Simon Ser (9):
      intel: move declarations to top in drm_intel_gem_bo_unreference()
      build: automatically disable Intel if pciaccess is not found
      xf86drm: handle DRM_FORMAT_BIG_ENDIAN in drmGetFormatName()
      amdgpu: silence uninitialized variable warning
      xf86drmMode: add helpers for dumb buffers
      modetest: drop unused offset field in struct bo
      modetest: use sized integers in struct bo
      modetest: use dumb buffer helpers
      build: bump version to 2.4.114

(wiz)

mk: Skip many more CTF and debug files by default.

Leave CTF_FILES_SKIP and STRIP_FILES_SKIP purely for packages to set any
additional paths to skip.

(jperkin)

mk: Support PKGSRC_CONFIG_SITE.

Allows users to specify a suitably sanitised and tested CONFIG_SITE file, while
retaining the default behaviour of ignoring CONFIG_SITE to avoid surprises.

(jperkin)

doc: Updated time/ruby-tzinfo-data to 1.2022.6

(taca)

time/ruby-tzinfo-data: update to 1.2022.6

1.2022.6 (2022-10-29)

* Based on version 2022f of the IANA Time Zone Database
  (https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html).

(taca)

security/pear-Crypt_GPG: utilize REPLACE_PHP

Instead of using own REPLACE_INTERPRETER, use REPLACE_PHP.

(taca)

py-audiotools: remove

no users in pkgsrc, dead upstream

Successor project seems to be pyAudioAnalysis (not packaged yet)

(wiz)

Fix packaging after recent py-sphinx update.

(schmonz)

Fix macOS build with the 13.0 SDK, which has its own definition of
__deprecated__.

(schmonz)

taglib: fixup scuffed dylibs with install_name_tool in post-install

(tnn)

taglib: fix build breakage. Don't build tests unless asked to.

(test suite currently fails with run path errors)

(tnn)

mysql80: Build out of srcdir.

(jperkin)

doc: Updated editors/tp-note to 1.18.2

(pin)

editors/tp-note: update to 1.18.2

- Refactor tpnote_lib API

(pin)

thunderbird: reflect new minimum dependency of cbindgen >= 0.24

We're carrying a patch that will only build with recent cbindgen.
Issue noted by Todd Gruhn on pkgsrc-users@.

(gutteridge)

firefox102: reflect new minimum dependency of cbindgen >= 0.24

We're carrying a patch that will only build with recent cbindgen.
Issue noted by Todd Gruhn on pkgsrc-users@.

(gutteridge)

firefox91: reflect new minimum dependency of cbindgen >= 0.24

We're carrying a patch that will only build with recent cbindgen.
Issue noted by Todd Gruhn on pkgsrc-users@.

(gutteridge)