xf86-input-ws: stable releases of NetBSD lack WSCONS_EVENT_HSCROLL
and WSCONS_EVENT_VSCROLL (PR pkg/56958)

(nia)

Updated graphics/libwebp

(adam)

libwebp: updated to 1.2.4

version 1.2.4
This is a binary compatible release.
* restore CMake libwebpmux target name for compatibility with 1.2.2
* fix lossless crunch mode encoding with WEBP_REDUCE_SIZE

(adam)

doc: Updated devel/difftastic to 0.32.0

(pin)

devel/difftastic: update to 0.32.0

0.32 (released 7th August 2022)
-Improved performance in many cases, particularly for files with a fairly flat
structure.

-Difftastic now treats the path /dev/null as an empty file, even if that path
doesn't exist on the current machine. This fixes a crash when using difftastic
with git on Windows.

(pin)

doc: Updated devel/py-approvaltests to 5.4.1

(schmonz)

Update to 5.4.1. From the changelog:

Refactoring setup infrastructure: there should be no visible effects
from this release.

(schmonz)

wxGTK32: fix packaging when using configure

Also, add missing unused dependency that configure checks for,
but CMake doesn't.

(wiz)

(wiz)

gnucash: make p5-Finance-Quote optional

Default stays on; it is used if it's installed, but if not, just
stock quote fetching is disabled.

(wiz)

p5-Finance-Quote: update COMMENT

(wiz)

p5-Finance-Quote: simplify DESCR

(wiz)

doc: Updated sysutils/py-Glances to 3.2.7

(fox)

sysutils/py-Glances: Update to 3.2.7

Changes since 3.2.6.4:

===============
Version 3.2.7
===============

Enhancements:

    * Config to disable all plugins by default (or enable an exclusive list) #2089
    * Keybind(s) for modifying nice level #2081
    * [WEBUI] Reorganize help screen #2037
    * Add a Json stdout option #2060
    * Improve error message when export error occures
    * Improve error message when MQTT error occures
    * Change the way core are displayed
    * Remove unused key in the process list
    * Refactor top menu of the curse interface
    * Improve Irix display for the load plugin

Bug corrected:

    * In the sensor plugin thresholds in the configuration file should overwrite system ones #2058
    * Drive names truncated in Web UI #2055
    * Correct issue with CPU label

Documentation and CI:

    * Improve makefile help #2078
    * Add quote to the update command line (already ok for the installation). Related to #2073
    * Make Glances (almost) compliant with REUSE #2042
    * Update README for Debian package users
    * Update documentation for Docker
    * Update docs for new shortcut
    * Disable Pyright on the Git actions pipeline
    * Refactor comments
    * Except datutil import error
    * Another dep issue solved in the Alpine Docker + issue in the outdated method

Contributors for this version:

    * Nicolargo
    * Sylvain MOUQUET
    * FastThenLeft
    * Jiajie Chen
    * dbrennand
    * ewuerger

(fox)

doc: Updated audio/fasttracker2 to 1.56

(fox)

audio/fasttracker2: Update to 1.56

Changes since v1.55

v1.56 - 11.07.2022
- Fixed some possible issues with fullscreen in Linux (still buggy)
- Fixed some issues with restoring the window size and image stretch mode when
  loading or resetting the config when the program is running.
- Bugfix: Focus was lost when drag-n-dropping a file onto the tracker,
  which meant that the first following mouse click was ignored.
- Windows/macOS: Updated SDL from 2.0.20 to 2.0.22

(fox)

doc: Updated chat/ircd-hybrid to 8.2.41

(fox)

chat/ircd-hybrid: Update to 8.2.41

Changes since 8.2.40:

-- Noteworthy changes in version 8.2.41 (2022-07-15)
  * Fixed issue where WHO didn't work on channel names with two or more
    consequent asterisk characters
  * IRCv3 WHOX has been implemented. See doc/who.txt for more information
    about the new WHO options and features.
  * Clients that are connected via TLS are now flagged with the letter S in
    the who reply

(fox)

doc: Updated security/wolfssl to 5.4.0

(fox)

security/wolfssl: Update to v5.4.0

Changes since v5.3.0:

wolfSSL Release 5.4.0 (July 11, 2022)

Note:
** Future releases of wolfSSL will turn off TLS 1.1 by default
** Release 5.4.0 made SP math the default math implementation. To make an
  equivalent build as 窶電isable-fastmath from previous versions of wolfSSL, now
  requires using the configure option 窶兎nable-heapmath instead.

Release 5.4.0 of wolfSSL embedded TLS has bug fixes and new features including:

Vulnerabilities

* [High] Potential for DTLS DoS attack. In wolfSSL versions before 5.4.0 the
  return-routability check is wrongly skipped in a specific edge case. The check
  on the return-routability is there for stopping attacks that either consume
  excessive resources on the server, or try to use the server as an amplifier
  sending an excessive amount of messages to a victim IP. If using DTLS 1.0/1.2
  on the server side users should update to avoid the potential DoS
  attack. CVE-2022-34293
* [Medium] Ciphertext side channel attack on ECC and DH operations. Users on
  systems where rogue agents can monitor memory use should update the version of
  wolfSSL and change private ECC keys. Thanks to Sen Deng from Southern
  University of Science and Technology (SUSTech) for the report.
* [Medium] Public disclosure of a side channel vulnerability that has been fixed
  since wolfSSL version 5.1.0. When running on AMD there is the potential to
  leak private key information with ECDSA operations due to a ciphertext side
  channel attack. Users on AMD doing ECDSA operations with wolfSSL versions less
  than 5.1.0 should update their wolfSSL version used. Thanks to professor
  Yinqian Zhang from Southern University of Science and Technology (SUSTech),
  his Ph.D. student Mengyuan Li from The Ohio State University, and his M.S
  students Sen Deng and Yining Tang from SUStech along with other collaborators;
  Luca Wilke, Jan Wichelmann and Professor Thomas Eisenbarth from the University
  of Lubeck, Professor Shuai Wang from Hong Kong University of Science and
  Technology, Professor Radu Teodorescu from The Ohio State University, Huibo
  Wang, Kang Li and Yueqiang Cheng from Baidu Security and Shoumeng Yang from
  Ant Financial Services Group.
CVE-2020-12966
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013
CVE-2021-46744
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1033

New Feature Additions

DTLS 1.3

* Support for using the new DTLSv1.3 protocol was added
* Enhancements to bundled examples for an event driven server with DTLS 1.3 was
  added

Ports

* Update for the version of VxWorks supported, adding in support for version 6.x
* Support for new DPP and EAP-TEAP/EAP-FAST in wpa_supplicant
* Update for TSIP version support, adding support for version 1.15 for RX65N and
  RX72N
* Improved TSIP build to handle having the options WOLFSSL_AEAD_ONLY defined or
  NO_AES_CBC defined
* Added support for offloading TLS1.3 operations to Renesas RX boards with TSIP

Misc.

* Constant time improvements due to development of new constant time tests
* Initial translation of API headers to Japanese and expansion of Japanese help
  message support in example applications
* Add support for some FPKI (Federal PKI) certificate cases, UUID, FASC-N, PIV
  extension for use with smart cards
* Add support for parsing additional CSR attributes such as unstructured name
  and content type
* Add support for Linux getrandom() when defining the macro WOLFSSL_GETRANDOM
* Add TLS 1.2 ciphersuite ECDHE_PSK_WITH_AES_128_GCM_SHA256 from RFC 8442
* Expand CAAM support with QNX to include i.MX8 boards and add AES-CTR support
* Enhanced glitching protection by hardening the TLS encrypt operations

Math and Performance

SP Math Additions

* Support for ARMv3, ARMv6 and ARMv7a
    - Changes and improvements to get SP building for armv7-a
    - Updated assembly for moving large immediate values on ARMv6
    - Support for architectures with no ldrd/strd and clz
* Reworked generation using common asm ruby code for 32bit ARM
* Enable wolfSSL SP math all by default (sp_int.c)
* Update SP math all to not use sp_int_word when SQR_MUL_ASM is available

SP Math Fixes

* Fixes for constant time with div function
* Fix casting warnings for Windows builds and assembly changes to support
  XMM6-15 being non-volatile
* Fix for div_word when not using div function
* Fixes for user settings with SP ASM and ED/Curve25519 small
* Additional Wycheproof tests ran and fixes
* Fix for SP math ECC non-blocking to always check `hashLen`
* Fix for SP math handling edge case with submod

Improvements and Optimizations

Compatibility Layer

* Provide access to "Finished" messages outside of compatibility layer builds
* Remove unneeded FIPS guard on wolfSSL_EVP_PKEY_derive
* Fix control command issues with AES-GCM, control command EVP_CTRL_GCM_IV_GEN
* Add support for importing private only EC key to a WOLFSSL_EVP_PKEY struct
* Add support for more extensions to wolfSSL_X509_print_ex
* Update for internal to DER (i2d) AIPs to move the buffer pointer when passed
  in and the operation is successful
* Return subject and issuer X509_NAME object even when not set

Ports

* Renesas RA6M4 example update and fixes
* Support multi-threaded use cases with Renesas SCE protected mode and TSIP
* Add a global variable for heap-hint for use with TSIP
* Changes to support v5.3.0 cube pack for STM32
* Use the correct mutex type for embOS
* ESP-IDF build cleanup and enhancements, adding in note regarding ESP-IDF
  Version
* Support for SEGGER embOS and emNET
* Fix to handle WOLFSSL_DTLS macro in Micrium build

Build Options

* Support for verify only and no-PSS builds updated
* Add the enable options wolfssh (mapped to the existing 窶兎nable-ssh)
* Remove WOLFSSL_ALT_NAMES restriction on notBefore/notAfter use in Cert struct
* Move several more definitions outside the BUILDING_WOLFSSL gate with linux
  kernel module build
* Modify --enable-openssh to not enable non-FIPS algos for FIPS builds
* Remove the Python wrappers from wolfSSL source (use pip install instead of
  using wolfSSL with Python and our separate Python repository)
* Add --enable-openldap option to configure.ac for building the OpenLDAP port
* Resolve DTLS build to handle not having 窶兎nable-hrrcookie when not needed
* Add an --enable-strongswan option to configure.ac for building the Strongswan
  port
* Improve defaults for 64-bit BSDs in configure
* Crypto only build can now be used openssl extra
* Update ASN template build to properly handle WOLFSSL_CERT_EXT and
  HAVE_OID_ENCODING
* Allow using 3DES and MD5 with FIPS 140-3, as they fall outside of the FIPS
  boundary
* Add the build option --enable-dh=const which replaces setting the macro
  WOLFSSL_DH_CONST and now conditionally link to -lm as needed
* Add the macro WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY which is used to verify
  hostname/ip address using alternate name (SAN) only and does not use the
  common name
* WOLFSSL_DTLS_NO_HVR_ON_RESUME macro added (off by default to favor more
  security). If defined, a DTLS server will not do a cookie exchange on
  successful client resumption: the resumption will be faster (one RTT less) and
  will consume less bandwidth (one ClientHello and one HelloVerifyRequest
  less). On the other hand, if a valid SessionID is collected, forged
  clientHello messages will consume resources on the server.
* Misc.
* Refactoring of some internal TLS functions to reduce the memory usage
* Make old less secure TimingPadVerify implementation available
* Add support for aligned data with clang LLVM
* Remove subject/issuer email from the list of alt. Email names in the
  DecodedCerts struct
* Zeroizing of pre-master secret buffer in TLS 1.3
* Update to allow TLS 1.3 application server to send session ticket
* Improve the sniffer asynchronous test case to support multiple concurrent
  streams
* Clean up wolfSSL_clear() and add more logging
* Update to not error out on bad CRL next date if using NO_VERIFY when parsing
* Add an example C# PSK client
* Add ESP-IDF WOLFSSL_ESP8266 setting for ESP8266 devices
* Support longer sigalg list for post quantum use cases and inter-op with OQS's
  OpenSSL fork
* Improve AES-GCM word implementation of GMULT to be constant time
* Additional sanity check with Ed25519/Ed448, now defaults to assume public key
  is not trusted
* Support PSK ciphersuites in benchmark apps
* FIPS in core hash using SHA2-256 and SHA2-384
* Add ability to store issuer name components when parsing a certificate
* Make the critical extension flags in DecodedCert always available
* Updates to the default values for basic constraint with X509窶冱
* Support using RSA OAEP with no malloc and add additional sanity checks
* Leverage async code paths to support WANT_WRITE while sending packet fragments
* New azsphere example for continuous integration testing
* Update RSA key generation function to handle pairwise consistency tests with
  static memory pools used
* Resolve build time warning by passing in and checking output length with
  internal SetCurve function
* Support DTLS bidirectional shutdown in the examples
* Improve DTLS version negotiation and downgrade capability

General Fixes

* Fixes for STM32 Hash/PKA, add some missing mutex frees, and add an additional
  benchmark
* Fix missing return checks in KSDK ED25519 code
* Fix compilation warnings from IAR
* Fixes for STM32U5/H7 hash/crypto support
* Fix for using track memory feature with FreeRTOS
* Fixup XSTR processing for MICRIUM
* Update Zephyr fs.h path
* DTLS fixes with WANT_WRITE simulations
* Fixes for BER use with PKCS7 to have additional sanity checks and guards on
  edge cases
* Fix to handle exceptional edge case with TFM mp_exptmod_ex
* Fix for stack and heap measurements of a 32-bit build
* Fix to allow enabling AES key wrap (direct) with KCAPI
* Fix --enable-openssh FIPS detection syntax in configure.ac
* Fix to move wolfSSL_ERR_clear_error outside gate for OPENSSL_EXTRA
* Remove MCAPI project's dependency on zlib version
* Only use __builtin_offset on supported GCC versions (4+)
* Fix for c89 builds with using WOLF_C89
* Fix 64bit postfix for constants building with powerpc
* Fixed async Sniffer with TLS v1.3, async removal of `WC_HW_WAIT_E` and
  sanitize leak
* Fix for QAT ECC to gate use of HW based on marker
* Fix the supported version extension to always check minDowngrade
* Fix for TLS v1.1 length sanity check for large messages
* Fixes for loading a long DER/ASN.1 certificate chain
* Fix to expose the RSA public DER export functions with certgen
* Fixes for building with small version of SHA3
* Fix configure with WOLFSSL_WPAS_SMALL
* Fix to free PKCS7 recipient list in error cases
* Sanity check to confirm ssl->hsHashes is not NULL before attempting to
  dereference it
* Clear the leftover byte count in Aes struct when setting IV

(fox)

Updated devel/py-setuptools, textproc/py-tomlkit

(adam)

py-tomlkit: updated to 0.11.2

0.11.2

Fixed
- Fix adding float to an integer value.
- Keep the end-of-array style when adding items to or removing items from an array.
- Fix a bug of redundant table header shown when removing children from a super table.

(adam)

py-setuptools: updated to 63.4.2

v63.4.2
-------
Misc
* Bump vendored version of :pypi:`pyparsing` to 3.0.9.
* Add warning for potential ``install_requires`` and ``extras_require``
  misconfiguration in ``setup.cfg``
* Modified ``pyproject.toml`` validation exception handling to
  make relevant debugging information easier to spot.

(adam)

Note update of the "mutt" package to version 2.2.7

(tron)

mutt: Update to version 2.2.7

This is a bug-fix release, fixing a $edit_headers bug on MacOS, along with
several other small issues.  It also changes $query_command to be stricter
when parsing results, and adds '%s' expando support to $pager.

(tron)

doc: Updated audio/termusic to 0.7.2

(pin)

audio/termusic: update to 0.7.2

[v0.7.2]
Released on: August 06, 2022.
    New: Add album and genre in tag editor.
    Fix: Running sync database in background, to speed up start of program.
    Fix: Import cpal to supress warning from alsa.

(pin)

trufflehog: adjust grammar in DESCR

(gutteridge)

doc/pkgsrc.*: regen

(gutteridge)

fixes.xml: add a small section about atomic64.mk

(gutteridge)

alsa-utils: use same epoll-shim recipe as wayland

(tnn)

wayland: provide necessary -I for libepoll-shim

(tnn)

libepoll-shim: take out CFLAGS from the pkg-config file

This is a patently Gross Hack<TM>.
But without it random package's configure scripts that use gtk3+ can pick
up broken epoll support via "pkg-config --cflags gtk+-x11-3.0", since that
will include -I/usr/pkg/include/libepoll-shim.

Direct consumers of libepoll-shim must add the CFLAGS explicitly.

(tnn)

wxGTK32: add comment with upstream bug report about PLIST differences

(between CMake and configure builds)

(wiz)

wayland: g/c stale patches, delint

(tnn)

x11/wxGTK32: rebuild .mo locale files during build phase

thanks joerg@ for pointing this out

(dbj)

doc: Added security/trufflehog version 3.7.2

(leot)

security: Add trufflehog

(leot)

trufflehog: Import trufflehog-3.7.2 as security/trufflehog

TruffleHog find leaked credentials by scanning several sources like
Git, GitHub, GitLab, S3, filesystem and syslog.

Every potential secret that is detected is verified against API to
eliminate false positives.

(leot)

vte3: remove a line missed in previous commit (NFC)

(gutteridge)

webkit-gtk: drop now duplicated GCC special handling block (NFC)

Equivalent code is now present in mk/compiler/gcc.mk.

(gutteridge)

firefox102: Sync fixes with www/firefox

(nia)

Updated emulators/x16-rom to 41
Updated emulators/x16-emulator to 41

(thorpej)

Update to x16-emulator r41.

(thorpej)

Update to x16-rom r41.

(thorpej)

Add Commander X16 ROM license (this is a somewhat complex combination of
2/3-clause BSD, public domain, and commercial licenses for legacy ROM code
from Microsoft and Commodore Business Machines).

(thorpej)

vte3: remove now duplicated GCC special handling block (NFC)

Equivalent code is now present in mk/compiler/gcc.mk.

(gutteridge)

dnsdist: remove hacks.mk now that atomic64.mk is used

(gutteridge)

libfilezilla: remove probably unnecessary comment

(gutteridge)

rsyslog: adjust formatting, per pkglint

(gutteridge)

doc: Updated www/webkit-gtk to 2.36.6

(leot)

webkit-gtk: Update to 2.36.6

Changes:
2.36.6
======
- Fix handling of touchpad scrolling on GTK4 builds.
- Fix WebKitGTK not allowing to be used from non-main threads.
- Fix several crashes and rendering issues.

(leot)

harfbuzz-icu: uncomment PATCHDIR to fix the build

(tnn)

doc: appease pkglint

(tnn)

rsyslog: atomic64.mk is now in Makefile.common, de-duplicate

(gutteridge)

harfbuzz: fix build on arm and ppc (char unsignedness)

(tnn)

doc: Updated security/p5-Digest-CRC to 0.24

(ast)

security/p5-Digest-CRC update to 0.24
Upstream changes:
  - fixed issue with clone-method and addfile
    Thanks to Dirk Joos <dirk@tdmail.de>

(ast)

doc: Updated news/tuifeed to 0.2.0

(pin)

news/tuifeed: update to 0.2.0

Released on 05/08/2022

-If content in RSS feed is populated, use content instead of summary
-This should be preferred since contains much more information than just the
  summary. Unfortunately sometimes the content is empty, so summary should be
  used as fallback
-Changed stdlib Textarea to tui-realm-textarea component to improve readability
of summary
-Fixed the article date shown: was updated but should be published
-Migrated UI to tui-realm 1.7.1
-Updated dependencies

(pin)

TODO: remove gcc 12.3, doesn't exist yet

(wiz)

doc: Updated print/poppler to 22.08.0

(wiz)

poppler*: update to 22.08.0

Release 22.08.0:
        core:
        * Fix rendering text on some forms
        * CairoOutputDev: Support Type3 charprocs having Resources
        * Fix crashes on malformed files

(wiz)

net/rsyslog: actually use mk/atomic64.mk, and not nonexistent hacks.mk.

(he)

doc: Updated fonts/harfbuzz to 5.1.0

(wiz)

harfbuzz: update to 5.1.0.

Overview of changes leading to 5.1.0
Sunday, July 31, 2022
====================================
- More extensive buffer tracing messages. (Behdad Esfahbod)
- Fix hb-ft regression in bitmap fonts rendering. (Behdad Esfahbod)
- Support extension promotion of lookups in hb-subset-repacker. (Garret Rieger)
- A new HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL for scripts that use elongation
  (e.g. Arabic) to signify where it is safe to insert tatweel glyph without
  interrupting shaping. (Behdad Esfahbod)
- Add “--safe-to-insert-tatweel” to “hb-shape” tool. (Behdad Esfahbod)

- New API
+HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL
+HB_BUFFER_FLAG_PRODUCE_SAFE_TO_INSERT_TATWEEL

(wiz)

doc: Updated devel/py-frozenlist to 1.3.1

(wiz)

py-frozenlist: update to 1.3.1.

1.3.1 (2022-08-02)
==================

The published source distribution package became buildable
under Python 3.11.

(wiz)

doc: Updated print/texlab to 4.2.1

(wiz)

texlab: update to 4.2.1.

[4.2.1] - 05.08.2022

Fixed

    Deserialize server options with missing keys (or not keys at all) correctly (#707)
    Pass chktexrc files if they are not in the current directory (#683)
    Revert back to server-side file watching due to lack of client support (#679)

(wiz)

doc: Updated security/py-cyclonedx-python-lib to 2.7.1

(wiz)

py-cyclonedx-python-lib: update to 2.7.1.

What's Changed

    chore(deps-dev): bump flake8-isort from 4.1.1 to 4.1.2.post0 by @dependabot in #280
    fix: BOM validation fails when Components or Services are nested by @madpah in #276

(wiz)

doc: Updated math/double-conversion to 3.2.1

(wiz)

double-conversion: update to 3.2.1.

What's Changed

    Disable quiet nan test on windows by @floitsch in #174
    Test on all platforms. by @floitsch in #175
    Fix warnings on Windows by @floitsch in #176
    Run ctests first. by @floitsch in #177
    Give shared-lib option and test install by @floitsch in #179
    Install Windows debbuger (pdb) files. by @floitsch in #178
    Add a cast to silence a signedness conversion warning. by @pkasting in #182
    Issue #184 : Fixed all -Wzero-as-null-pointer-constant warnings by @seanm in #185

(wiz)

doc: Updated net/yt-dlp to 2022.7.18nb1

(wiz)

yt-dlp: fix arte support using upstream patch

Bump PKGREVISION

(wiz)

doc: Updated net/yt-dlp to 2022.7.18

(wiz)

yt-dlp: update to 2022.7.18.

Replace patch+sed with just sed.

### 2022.07.18

* Allow users to specify encoding in each config files by [Lesmiscore](https://github.com/Lesmiscore)
* Discard infodict from memory if no longer needed
* Do not allow extractors to return `None`
* Do not load system certificates when `certifi` is used
* Fix rounding of integers in format table
* Improve chapter sanitization
* Skip some fixup if remux/recode is needed by [Lesmiscore](https://github.com/Lesmiscore)
* Support `--no-progress` for `--wait-for-video`
* Fix bug in [612f2be](https://github.com/yt-dlp/yt-dlp/commit/612f2be5d3924540158dfbe5f25d841f04cff8c6)
* [outtmpl] Add alternate form `h` for HTML escaping
* [aes] Add multiple padding modes in CBC by [elyse0](https://github.com/elyse0)
* [extractor/common] Passthrough `errnote=False` to parsers
* [extractor/generic] Remove HEAD request
* [http] Ensure the file handle is always closed
* [ModifyChapters] Modify duration in infodict
* [options] Fix aliases to `--config-location`
* [utils] Fix `get_domain`
* [build] Consistent order for lazy extractors by [lamby](https://github.com/lamby)
* [build] Fix architecture suffix of executables by [odo2063](https://github.com/odo2063)
* [build] Improve `setup.py`
* [update] Do not check `_update_spec` when up to date
* [update] Prepare to remove Python 3.6 support
* [compat] Let PyInstaller detect _legacy module
* [devscripts/update-formulae] Do not change dependency section
* [test] Split download tests so they can be more easily run in CI
* [docs] Improve docstring of `download_ranges` by [FirefoxMetzger](https://github.com/FirefoxMetzger)
* [docs] Improve issue templates
* [build] Fix bug in [6d916fe](https://github.com/yt-dlp/yt-dlp/commit/6d916fe709a38e8c4c69b73843acf170b5165931)
* [cleanup, utils] Refactor parse_codecs
* [cleanup] Misc fixes and cleanup
* [extractor/acfun] Add extractors by [lockmatrix](https://github.com/lockmatrix)
* [extractor/Audiodraft] Add extractors by [Ashish0804](https://github.com/Ashish0804), [fstirlitz](https://github.com/fstirlitz)
* [extractor/cellebrite] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/detik] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/hytale] Add extractor by [llamasblade](https://github.com/llamasblade), [pukkandan](https://github.com/pukkandan)
* [extractor/liputan6] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/mocha] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/rtl.lu] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/rtvsl] Add extractor by [iw0nderhow](https://github.com/iw0nderhow), [pukkandan](https://github.com/pukkandan)
* [extractor/StarTrek] Add extractor by [scy](https://github.com/scy)
* [extractor/syvdk] Add extractor by [misaelaguayo](https://github.com/misaelaguayo)
* [extractor/theholetv] Add extractor by [dosy4ev](https://github.com/dosy4ev)
* [extractor/TubeTuGraz] Add extractor by [Ferdi265](https://github.com/Ferdi265), [pukkandan](https://github.com/pukkandan)
* [extractor/tviplayer] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/wetv] Add extractors by [elyse0](https://github.com/elyse0)
* [extractor/wikimedia] Add extractor by [EhtishamSabir](https://github.com/EhtishamSabir), [pukkandan](https://github.com/pukkandan)
* [extractor/youtube] Fix duration check for post-live manifestless mode
* [extractor/youtube] More metadata for storyboards by [ftk](https://github.com/ftk)
* [extractor/bigo] Fix extractor by [Lesmiscore](https://github.com/Lesmiscore)
* [extractor/BiliIntl] Fix subtitle extraction by [MinePlayersPE](https://github.com/MinePlayersPE)
* [extractor/crunchyroll] Improve `_VALID_URL`
* [extractor/fifa] Fix extractor by [ischmidt20](https://github.com/ischmidt20)
* [extractor/instagram] Fix post/story extractors by [pritam20ps05](https://github.com/pritam20ps05), [pukkandan](https://github.com/pukkandan)
* [extractor/iq] Set language correctly for Korean subtitles
* [extractor/MangoTV] Fix subtitle languages
* [extractor/Netverse] Improve playlist extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/philharmoniedeparis] Fix extractor by [sqrtNOT](https://github.com/sqrtNOT)
* [extractor/Trovo] Fix extractor by [u-spec-png](https://github.com/u-spec-png)
* [extractor/twitch] Support storyboards for VODs by [ftk](https://github.com/ftk)
* [extractor/WatchESPN] Improve `_VALID_URL` by [IONECarter](https://github.com/IONECarter), [dirkf](https://github.com/dirkf)
* [extractor/WSJArticle] Fix video id extraction by [sqrtNOT](https://github.com/sqrtNOT)
* [extractor/Ximalaya] Fix extractors by [lockmatrix](https://github.com/lockmatrix)
* [cleanup, extractor/youtube] Fix tests by [sheerluck](https://github.com/sheerluck)

### 2022.06.29

* Fix `--downloader native`
* Fix `section_end` of clips
* Fix playlist error handling
* Sanitize `chapters`
* [extractor] Fix `_create_request` when headers is None
* [extractor] Fix empty `BaseURL` in MPD
* [ffmpeg] Write full output to debug on error
* [hls] Warn user when trying to download live HLS
* [options] Fix `parse_known_args` for `--`
* [utils] Fix inconsistent default handling between HTTP and HTTPS requests by [coletdjnz](https://github.com/coletdjnz)
* [build] Draft release until complete
* [build] Fix release tag commit
* [build] Standalone x64 builds for MacOS 10.9 by [StefanLobbenmeier](https://github.com/StefanLobbenmeier)
* [update] Ability to set a maximum version for specific variants
* [compat] Fix `compat.WINDOWS_VT_MODE`
* [compat] Remove deprecated functions from core code
* [compat] Remove more functions
* [cleanup, extractor] Reduce direct use of `_downloader`
* [cleanup] Consistent style for file heads
* [cleanup] Fix some typos by [crazymoose77756](https://github.com/crazymoose77756)
* [cleanup] Misc fixes and cleanup
* [extractor/Scrolller] Add extractor by [LunarFang416](https://github.com/LunarFang416)
* [extractor/ViMP] Add playlist extractor by [FestplattenSchnitzel](https://github.com/FestplattenSchnitzel)
* [extractor/fuyin] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/livestreamfails] Add extractor by [nomevi](https://github.com/nomevi)
* [extractor/premiershiprugby] Add extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/steam] Add broadcast extractor by [HobbyistDev](https://github.com/HobbyistDev)
* [extractor/youtube] Mark videos as fully watched by [Brett824](https://github.com/Brett824)
* [extractor/CWTV] Extract thumbnail by [ischmidt20](https://github.com/ischmidt20)
* [extractor/ViMP] Add thumbnail and support more sites by [FestplattenSchnitzel](https://github.com/FestplattenSchnitzel)
* [extractor/dropout] Support cookies and login only as needed by [pingiun](https://github.com/pingiun), [pukkandan](https://github.com/pukkandan)
* [extractor/ertflix] Improve `_VALID_URL`
* [extractor/lbry] Use HEAD request for redirect URL by [flashdagger](https://github.com/flashdagger)
* [extractor/mediaset] Improve `_VALID_URL`
* [extractor/npr] Implement [e50c350](https://github.com/yt-dlp/yt-dlp/commit/e50c3500b43d80e4492569c4b4523c4379c6fbb2) differently
* [extractor/tennistv] Rewrite extractor by [pukkandan](https://github.com/pukkandan), [zenerdi0de](https://github.com/zenerdi0de)

(wiz)

doc/TODO: add some

+ MesaLib-22.1.5, double-conversion-3.2.1, harfbuzz-5.1.0, npm-8.16.0,
  poppler-22.08.0, py-cyclonedx-python-lib-2.7.1, py-frozenlist-1.3.1,
  rust-analyzer-0.0.20220801, texlab-4.2.1.

(wiz)

doc: Updated net/Geomyidae to 0.51

(leot)

Geomyidae: Update to 0.51

Changes:
0.51
====
Geomyidae v0.51 brcon2022 release.

I am happy to announce the geomyidae v0.51 brcon2022 release.

Thanks to everyone having contributed! It was much fun at the geomyidae
hackathon! I wish to repeat it.

Changes:

* Splice(1) speedup has been implemented on Linux for sending files.
* CPU usage is reduced by 80% and throughput increased by 20%.
* Was done at the geomyidae hackathon.

* New escaping in gph has been implemented. See below for description.
* Was done at the geomyidae hackathon.

* New external project for geomyidae CGI REST handling.
* git://bitreich.org/libgcgi
* Was done at the geomyidae hackathon.

* Add gph major-mode file for emacs.
* FreeBSD rc.d is now added.
* NetBSD compile options added to the Makefile.
* OpenBSD rc.d script has been fixed for 7.1 release.

## New Escaping

THIS IS IMPORTANT FOR EVERYONE!

The gph format has been changed, to simplify things in the future.

In the past, the escape for some line to not be interpreted was

ttext is here

becomes

text is here

This has changed. All lines beginning with t are now not escaped anymore.

The new escape way is:

[|text is here

becomes

text is here

In every gph script you already had to check for any line beginning with
'['. Now the already illegal case of an empty item type is reused for
escaping in gph.

This will make life easier for newcomers and oldcomers.

So be sure to change all escaping after the upgrade.

(leot)

firefox: regen distinfo to remove libwebrtc.diff, pointed out by tnn

(nia)

firefox: update DESCR

(nia)

firefox: Instead of including an autogenerated patch for libwebrtc,
do the automagic inside pre-patch. Also handle aarch64.

Require SSE2. It's probably not reasonable to patch -msse2 in everywhere,
and upstream has required SSE2 on x86 for years.

(nia)

graphics/MesaLib: after atomic64, remove now-redundant CFLAGS for i386.

Thanks to tnn@ for hint.

(he)

textproc/groonga: convert to using mk/atomic64.mk.

(he)

sysutils/rsyslog: hacks.mk no longer needed, already uses mk/atomic64.mk.

(he)

sysutils/R-later: convert to using mk/atomic64.mk.

(he)

print/cups-filters: convert to using mk/atomic64.mk.

(he)

net/isc-dhcpd4: convert to using mk/atomic64.mk.

(he)

net/isc-dhcp4: convert to using mk/atomic64.mk.

(he)

net/dnsdist: convert to using mk/atomic64.mk.

(he)

doc: Updated security/p5-Net-SSLeay to 1.92

(ast)

security/p5-Net-SSLeay update to 1.92
Upstream changes:
1.92 2022-01-12
        - New stable release incorporating all changes from developer releases 1.91_01
          to 1.91_03.
        - Summary of major changes since version 1.90:
          - Net::SSLeay now supports stable releases of OpenSSL 3.0.
            - OpenSSL 3.0.0 introduces the concept of "providers", which contain
              cryptographic algorithm implementations. Many outdated, deprecated and/or
              insecure algorithms have been moved to the "legacy" provider, which may
              need to be loaded explicitly in order to use them with Net::SSLeay. See
              "Low level API: OSSL_LIB_CTX and OSSL_PROVIDER related functions" in the
              Net::SSLeay module documentation for details.
            - Net::SSLeay's built-in PEM_get_string_PrivateKey() function depends on
              algorithms that have moved to the legacy provider described above; if
              OpenSSL has been compiled without the legacy provider, the tests
              t/local/33_x509_create_cert.t and t/local/63_ec_key_generate_key.t will
              fail when the test suite is run.
            - TLS 1.1 and below may only be used at security level 0 as of OpenSSL
              3.0.0; if a minimum required security level is imposed (e.g. in an
              OpenSSL configuration file managed by the operating system), the tests
              t/local/44_sess.t and t/local/45_exporter.t will fail when the test suite
              is run.
          - Net::SSLeay now supports stable releases of LibreSSL from the 3.2 - 3.4
            series (with the exception of 3.2.2 and 3.2.3 - see "COMPATIBILITY" in the
            Net::SSLeay module documentation for details).
            - The TLS 1.3 implementation in LibreSSL 3.1 - 3.3, parts of which are
              enabled by default, is not fully compatible with the libssl API and may
              not function as expected with Net::SSLeay; see "KNOWN BUGS AND CAVEATS"
              in the Net::SSLeay module documentation for details.
          - A number of new libcrypto/libssl constants and functions are now exposed,
            including SSL_CTX_set_keylog_callback() and SSL_CTX_set_msg_callback(),
            which are helpful when debugging TLS handshakes. See the release notes for
            the 1.91 developer releases below for a full list of newly-exposed
            constants and functions.
For details see https://metacpan.org/dist/Net-SSLeay/changes

(ast)

lang/llvm: convert to using mk/atomic64.mk.

(he)

graphics/vtk: convert to using mk/atomic64.mk.

(he)

graphics/MesaLib: convert to using mk/atomic64.mk.

(he)

finance/bitcoin: Convert to using mk/atomic64.mk.

(he)

doc: Updated security/p5-IO-Socket-SSL to 2.074

(ast)

devel/protobuf-c: convert to use mk/atomic64.mk.

(he)

security/p5-IO-Socket-SSL update to 2.074
Changes from upstream:
- add SSL_ciphersuites option for TLS 1.3 ciphers
- no longer use own default for ciphers, instead use system default but disable
  some weak ciphers which might still be enabled on older systems
- fix behavior and tests for openssl 3.0.1
- fix #110 - prevent internal error warning in some cases

(ast)

firefox102: update DESCR

(nia)

doc: Updated devel/binutils to 2.39

(fcambus)

binutils: update to 2.39.

This release contains numerous bug fixes, and also the following new
features:

  * The ELF linker will now generate a warning message if the stack is made
    executable.  Similarly it will warn if the output binary contains a
    segment with all three of the read, write and execute permission
    bits set.  These warnings are intended to help developers identify
    programs which might be vulnerable to attack via these executable
    memory regions.

    The warnings are enabled by default but can be disabled via a command
    line option.  It is also possible to build a linker with the warnings
    disabled, should that be necessary.

  * The ELF linker now supports a --package-metadata option that allows
    embedding a JSON payload in accordance to the Package Metadata
    specification.

  * In linker scripts it is now possible to use TYPE=<type> in an output
    section description to set the section type value.

  * The objdump program now supports coloured/colored syntax
    highlighting of its disassembler output for some architectures.
    (Currently: AVR, RiscV, s390, x86, x86_64).

  * The nm program now supports a --no-weak/-W option to make it ignore
    weak symbols.

  * The readelf and objdump programs now support a -wE option to prevent
    them from attempting to access debuginfod servers when following
    links.

  * The objcopy program's --weaken, --weaken-symbol, and
    --weaken-symbols options now works with unique symbols as well.

(fcambus)

doc: Updated devel/mold to 1.4.0

(fcambus)

mold: update to 1.4.0.

New features:

- Initial support for the 32-bit RISC-V (RV32) has landed.
- mold now demangles Rust symbols in error messages thanks to eddyb's
  rust-demangle.c.
- --export-dynamic-symbol and --export-dynamic-symbol-list are now supported
  for the sake of compatibility with LLVM lld. With these options, you
  can specify symbols that should be exported using glob pattern.
- [x86-64] PLT entries created by mold now always begins with ENDBR64
  instruction to improve compatibility with Intel IBT (Indirect Branch
  Tracking.)

Bug fixes and compatibility improvements:

- mold now defines __dso_handle symbol. The lack of this linker-synthesized
  symbol caused a link error with GCC in some environments.

(fcambus)

wxGTK30: Revert workaround for libepoll-shim setting BUILDLINK_INCDIRS.

(nia)