Update go116 to 1.16.10.

go1.16.10 (released 2021-11-04) includes security fixes to the archive/zip and
debug/macho packages, as well as bug fixes to the compiler, linker, runtime,
the misc/wasm directory, and to the net/http package. See the Go 1.16.10
milestone on our issue tracker for details.

(bsiegert)

heimdal: fix build race condition

(adam)

doc: Added devel/packr version 2.8.1

(bsiegert)

New package packr-2.8.1. From Bartek Krawczyk via pkgsrc-wip.

Packr is a simple solution for bundling static assets inside of Go binaries.

(bsiegert)

Updated math/R to 4.1.2

(wen)

Update to 4.1.2

Upstream changes:
CHANGES IN R 4.1.2:

  C-LEVEL FACILITIES:

    * The workaround in headers R.h and Rmath.h (using namespace std;)
      for the Oracle Developer Studio compiler is no longer needed now
      C++11 is required so has been removed.  A couple more usages of
      log() (which should have been std::log()) with an int argument
      are reported on Solaris.

    * The undocumented limit of 4095 bytes on messages from the
      S-compatibility macros PROBLEM and MESSAGE is now documented and
      longer messages will be silently truncated rather than
      potentially causing segfaults.

    * If the R_NO_SEGV_HANDLER environment variable is non-empty, the
      signal handler for SEGV/ILL/BUS signals (which offers recovery
      user interface) is not set. This allows more reliable debugging
      of crashes that involve the console.

  DEPRECATED AND DEFUNCT:

    * The legacy S-compatibility macros PROBLEM, MESSAGE, ERROR, WARN,
      WARNING, RECOVER, ... are deprecated and will be hidden in R
      4.2.0. R's native interface of Rf_error and Rf_warning has long
      been preferred.

  BUG FIXES:

    * .mapply(F, dots, .) no longer segfaults when dots is not a list
      and uses match.fun(F) as always documented; reported by Andrew
      Simmons in PR#18164.

    * hist(<Date>, ...) and hist(<POSIXt>, ...)  no longer pass
      arguments for rect() (such as col and density) to axis().
      (Thanks to Sebastian Meyer's PR#18171.)

    * \Sexpr{ch} now preserves Encoding(ch). (Thanks to report and
      patch by Jeroen Ooms in PR#18152.)

    * Setting the RNG to "Marsaglia-Multicarry" e.g., by RNGkind(), now
      warns in more places, thanks to Andr'e Gillibert's report and
      patch in PR#18168.

    * gray(numeric(), alpha=1/2) no longer segfaults, fixing PR#18183,
      reported by Till Krenz.

    * Fixed dnbinom(x, size=<very_small>, .., log=TRUE) regression,
      reported by Martin Morgan.

    * as.Date.POSIXlt(x) now keeps names(x), thanks to Davis Vaughan's
      report and patch in PR#18188.

    * model.response() now strips an "AsIs" class typically, thanks to
      Duncan Murdoch's report and other discussants in PR#18190.

    * try() is considerably faster in case of an error and long call,
      as e.g., from some do.call().  Thanks to Alexander Kaever's
      suggestion posted to R-devel.

    * qqline(y = <object>) such as y=I(.), now works, see also
      PR#18190.

    * Non-integer mgp par() settings are now handled correctly in
      axis() and mtext(), thanks to Mikael Jagan and Duncan Murdoch's
      report and suggestion in PR#18194.

    * formatC(x) returns length zero character() now, rather than ""
      when x is of length zero, as documented, thanks to Davis
      Vaughan's post to R-devel.

    * removeSource(fn) now retains (other) attributes(fn).

(wen)

Updated graphics/py-Pillow, math/py-asteval

(adam)

py-asteval: updated to 0.9.25

0.9.25
fixes import errors for Py3.6 and 3.7, setting version with importlib_metadata.version if available.
also fixes CI testing with github actions so that the proper version of Python is actually used in the test!

0.9.24
use setuptools_scm and importlib for version

(adam)

doc: Added lang/jpm version 0.0.1

(nia)

doc: Updated lang/janet to 1.18.1

(nia)

janet: update to 1.18.1. jpm is now a separate package.

## 1.18.1 - 2021-10-16
- Fix some documentation typos
- Fix - Set pipes passed to subprocess to blocking mode.
- Fix `-r` switch in repl.

## 1.18.0 - 2021-10-10
- Allow `ev/cancel` to work on already scheduled fibers.
- Fix bugs with ev/ module.
- Add optional `base` argument to scan-number
- Add `-i` flag to janet binary to make it easier to run image files from the command line
- Remove `thread/` module.
- Add `(number ...)` pattern to peg for more efficient number parsing using Janet's
  scan-number function without immediate string creation.

## 1.17.2 - 2021-09-18
- Remove include of windows.h from janet.h. This caused issues on certain projects.
- Fix formatting in doc-format to better handle special characters in signatures.
- Fix some marshalling bugs.
- Add optional Makefile target to install jpm as well.
- Supervisor channels in threads will no longer include a wasteful copy of the fiber in every
  message across a thread.
- Allow passing a closure to `ev/thread` as well as a whole fiber.
- Allow passing a closure directly to `ev/go` to spawn fibers on the event loop.

## 1.17.1 - 2021-08-29
- Fix docstring typos
- Add `make install-jpm-git` to make jpm co-install simpler if using the Makefile.
- Fix bugs with starting ev/threads and fiber marshaling.

## 1.17.0 - 2021-08-21
- Add the `-E` flag for one-liners with the `short-fn` syntax for argument passing.
- Add support for threaded abstract types. Threaded abstract types can easily be shared between threads.
- Deprecate the `thread` library. Use threaded channels and ev instead.
- Channels can now be marshalled.
- Add the ability to close channels with `ev/chan-close` (or `:close`).
- Add threaded channels with `ev/thread-chan`.
- Add `JANET_FN` and `JANET_REG` macros to more easily define C functions that export their source mapping information.
- Add `janet_interpreter_interupt` and `janet_loop1_interrupt` to interrupt the interpreter while running.
- Add `table/clear`
- Add build option to disable the threading library without disabling all threads.
- Remove JPM from the main Janet distribution. Instead, JPM must be installed
  separately like any other package.
- Fix issue with `ev/go` when called with an initial value and supervisor.
- Add the C API functions `janet_vm_save` and `janet_vm_load` to allow
saving and restoring the entire VM state.

(nia)

py-Pillow: updated to 8.4.0

8.4.0

- Prefer global transparency in GIF when replacing with background color
- Added "exif" keyword argument to TIFF saving
- Copy Python palette to new image in quantize()
- Read ICO AND mask from end
- Actually check the framesize in FliDecode.c
- Determine JPEG2000 mode purely from ihdr header box
- Fixed using info dictionary when writing multiple APNG frames
- Allow saving 1 and L mode TIFF with PhotometricInterpretation 0
- For GIF save_all with palette, do not include palette with each frame
- Keep transparency when converting from P to LA or PA
- Copy palette to new image in transform()
- Added "transparency" argument to EpsImagePlugin load()
- Corrected pathlib.Path detection when saving
- Added WalImageFile class
- Consider I;16 pixel size when drawing text
- If default conversion from P is RGB with transparency, convert to RGBA
- Speed up rotating square images by 90 or 270 degrees
- Add support for reading DPI information from JPEG2000 images
- Catch TypeError from corrupted DPI value in EXIF
- Do not close file pointer when saving SGI images
- Deprecate ImagePalette size parameter
- Prefer command line tools SDK on macOS
- Added tags when saving YCbCr TIFF
- PSD layer count may be negative
- Fixed ImageOps expand with tuple border on P image
- Fixed error saving APNG with duplicate frames and different duration times

(adam)

Updated www/py-django3, devel/py-flakes

(adam)

py-flakes: updated to 2.4.0

2.4.0
- Remove unused tracing code (``traceTree``)
- Add support for ``match`` statement
- Detect ``typing`` module attributes when imported with ``import ... as ...``

(adam)

py-django3: updated to 3.2.9

Django 3.2.9 fixes a bug in 3.2.8 and adds compatibility with Python 3.10.

Bugfixes

Fixed a bug in Django 3.2 that caused a migration crash on SQLite when altering a field with a functional index

(adam)

Updated devel/py-prompt_toolkit, devel/py-ipython

(adam)

py-ipython: updated to 7.29.0

IPython 7.29 brings a couple of new functionalities to IPython and a number of bugfixes.
It is one of the largest recent release, relatively speaking, with close to 15 Pull Requests.

- fix an issue where base64 was returned instead of bytes when showing figures :ghpull:`13162`
- fix compatibility with PyQt6, PySide 6 :ghpull:`13172`. This may be of
  interest if you are running on Apple Silicon as only qt6.2+ is natively
  compatible.
- fix matplotlib qtagg eventloop :ghpull:`13179`
- Multiple docs fixes, typos, ... etc.
- Debugger will now exit by default on SigInt :ghpull:`13218`, this will be
  useful in notebook/lab if you forgot to exit the debugger. "Interrupt Kernel"
  will now exist the debugger.

(adam)

py-prompt_toolkit: updated to 3.0.22

3.0.22: 2021-11-04
------------------

Fixes:
- Fix stopping of telnet server (capture cancellation exception).

3.0.21: 2021-10-21
------------------

New features:
- Improved mouse support:
  * Support for click-drag, which is useful for selecting text.
  * Detect mouse movements when no button is pressed.
- Support for Python 3.10.

(adam)

Updated net/haproxy, net/py-lexicon

(adam)

py-lexicon: updated to 3.8.2

3.8.2:
Fix dreamhost provider since deprecated API endpoints are removed

(adam)

haproxy: updated to 2.4.8

2.4.8
- CLEANUP: server: always include the storage for SSL settings
- CLEANUP: sample: rename sample_conv_var2smp() to *_sint
- CLEANUP: sample: uninline sample_conv_var2smp_str()
- MINOR: sample: provide a generic var-to-sample conversion function
- BUG/MEDIUM: sample: properly verify that variables cast to sample
- BUG/MEDIUM: mux_h2: Handle others remaining read0 cases on partial frames
- DOC: configuration: add clarification on escaping in keyword arguments
- MINOR: initcall: Rename __GLOBL and __GLOBL1.
- BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back
- BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data
- BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD
- BUG/MEDIUM: stream: Keep FLT_END analyzers if a stream detects a channel error
- Revert "CLEANUP: server: always include the storage for SSL settings"
- BUG/MEDIUM: tcpcheck: Properly catch early HTTP parsing errors
- BUG/MAJOR: dns: tcp session can remain attached to a list after a free
- BUG/MAJOR: dns: attempt to lock globaly for msg waiter list instead of use barrier
- MINOR: resolvers: fix the resolv_str_to_dn_label() API about trailing zero
- BUG/MEDIUM: resolver: make sure to always use the correct hostname length
- BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records
- MINOR: resolvers: fix the resolv_dn_label_to_str() API about trailing zero
- BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix
- BUG/MEDIUM: resolvers: use correct storage for the target address
- MINOR: resolvers: merge address and target into a union "data"
- BUG/MAJOR: resolvers: add other missing references during resolution removal
- BUILD: resolvers: avoid a possible warning on null-deref
- BUG/MEDIUM: resolvers: always check a valid item in query_list
- BUG/MAJOR: buf: fix varint API post- vs pre- increment
- BUG/MINOR: task: do not set TASK_F_USR1 for no reason
- BUG/MINOR: mux-h2: do not prevent from sending a final GOAWAY frame
- BUG/MEDIUM: lua: fix memory leaks with realloc() on non-glibc systems
- MINOR: memprof: report the delta between alloc and free on realloc()
- MINOR: memprof: add one pointer size to the size of allocations
- BUILD: fix compilation on NetBSD
- BUG/MINOR: backend: fix improper insert in avail tree for always reuse
- BUILD: atomic: fix build on mac/arm64
- BUG/MINOR: mux-h1: Save shutdown mode if the shutdown is delayed
- BUG/MEDIUM: mux-h1: Perform a connection shutdown when the h1c is released
- CLEANUP: resolvers: do not export resolv_purge_resolution_answer_records()
- CLEANUP: always initialize the answer_list
- CLEANUP: resolvers: simplify resolv_link_resolution() regarding requesters
- CLEANUP: resolvers: replace all LIST_DELETE with LIST_DEL_INIT
- MEDIUM: resolvers: use a kill list to preserve the list consistency
- MEDIUM: resolvers: remove the last occurrences of the "safe" argument
- BUG/MEDIUM: resolvers: Don't recursively perform requester unlink
- BUG/MEDIUM: resolvers: Track api calls with a counter to free resolutions
- MINOR: halog: Add -qry parameter allowing to preserve the query string in -uX
- DOC: halog: Move the `-qry` parameter into the correct section in help text
- MINOR: halog: Rename -qry to -query
- CLEANUP: halog: Use consistent indentation in help()
- BUG/MINOR: halog: Add missing newlines in die() messages
- MINOR: halog: Add support for extracting captures using -hdr
- BUG/MEDIUM: http-ana: Drain request data waiting the tarpit timeout expiration
- BUG/MINOR: http: Authorization value can have multiple spaces after the scheme
- BUG/MEDIUM: stream-int: Block reads if channel cannot receive more data
- BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags
- BUG/MINOR: sample: fix backend direction flags consecutive to last fix
- DOC: config: Fix alphabetical order of fc_* samples
- BUILD/MINOR: cpuset freebsd build fix
- MINOR: stream: Improve dump of bogus streams
- DOC/peers: some grammar fixes for peers 2.1 spec
- SCRIPTS: git-show-backports: re-enable file-based filtering

(adam)

doc: Updated graphics/blender to 2.93.5 [mrg 2021-11-04]

(wiz)

update to blender 2.93.5.

among other things, fixes a problem with proxy creation for video
editing (T87932).  full list of fixes since 2.93.1:

LTS Release 2.93.2:
    Line Art Bug FIx: stroke default in-front should be on. [rB9e64fd461ac3fa05e4ae780ee3a9f41b18c7c216]
    Follow Path for empty works only in negative values. [T89153]
    Align Orientation to Target keeps rotation when toggled. [T89571]
    `bpy.ops.screen.screen_full_area()` resets certain fields of the context. [T89526]
    Fix edit-mesh random select regression in random seed use. [rB27e32652679]
    Use-after-free when tabbing through numeric inputs. [T89265]
    Fix invalid polygon normal array access building bake data. [rB32658bb5c9f]
    Select Similar Face Regions triggers AddressSanitizer crash. [T89247]
    Undefined Geometry nodes cause a crash when connected to a Group Output node. [T89004]
    Set Origin missing from Text object in 2.93. [T88808]
    Fix: Crash Requesting GPU_SHADER_GPENCIL_FILL builtin shader. [rB3c6a981fd98]
    Viewport Render Preview glitching with Eevee Render Engine. [T89405]
    Cleanup: Remove deprecated variables and functions calls from our ffmpeg code. [rBf522e8db228]
    Fix T87932: Failure to build movie strip proxy. [rBfe4cbe62dff]
    Make encoded video fps correct with ffmpeg < 4.4. [rB14308b0a5ef]
    Fix T88623, T87044: Make encoded videos play correctly in VLC. [rB19c0666d408]
    FFmpeg: Update proxy settings. [rB00ffe028200]
    Fix T57397: Movies are blurred after sws_scale. [rB13ab6b7bb60]
    FFmpeg: Fix seeking not returning the correct frame when not using TC index. [rB7eb3e77b94f]
    Fix: Wrong logic for checking if we can reuse decoded frame. [rB02a6be54432]
    Fix: Prevent small memory leak in VSE indexer. [rBcea80f1add5]
    Fix: VSE timecodes being used even when turned off. [rBa68f5456e48]
    Fix: VSE indexer seeking not working correctly. [rB7616f4ae577]
    Fix: VSE search in mpegts files would fail. [rB444a8cbc2fd]
    Fix: VSE seeking with proxy strips would fail on certain frames. [rBbec8e436a1c]
    UI: Collection tab should hide when scene master collection is active. [T89422]
    Blender crash when showing thumbnail of a strongly skewed .exr image. [T89868]
    Fix T89861: Checking face selection breaks UV stitch operator. [rB062764d5d01]
    Fix T70356: Scaling up 1�1 pixel image reads past buffer bounds. [rB41bd164e4c7]
    Fix object "Set Origin" operating on linked library data. [rB5d1ef0efd01]
    BlenderKit: draw categories in asset card. [rBA0d880d12]
    BlenderKit: many post-release fixes. [rBA526557bb]
    BlenderKit: fix category display. [rBA29db4b5f]
    BlenderKit: fix an error when trying to assign material to unsupported object type. [rBAae7be84e]
    Alembic export not respecting the renderable flag. [T89594]
    Alembic export: evaluation mode option. [rB7b94e7cca49]
    TGA Images with any alpha value smaller than one behaves unexpected. [T89034]
    Collection user counts are set to `1` on file load. Boolean modifier orphans Collections. [T89765]
    Round end-caps on Freestyle lines not working properly. [T88015]
    Crash when baking to vertex colors while "Normals-> Auto Smooth" is enabled. [T88756]
    Crash when using Cycles preview or render - custom data layer / auto smooth. [T89455]
    Crash when editing a Collection Instance referenced by Line Art object. [T89838]
    [2.93.2] Geometry nodes: wrongly detected "Node group has unidentified nodes or sockets" error. [T89851]
    Persistent data, motion blur, and geometry displacement results in glitchy meshes during rendering. [T89736]
    adding a custom AOV doesn't show the output on the compositors render layer node. [T89981]
    Geometry Nodes: `New' Button tries to create node_tree on active modifier, rather than button context. [T89982]
    Py API: `bpy.data.orphans_purge` incorrect argument parsing. [T89733]
    Drawing with make line tool in an empty scene results crash. [T89724]
    It can't snap vertices when using community addon `Snap_Utilities_Line'. [T89812]
    Blender File View - can't type space while holding shift key. [T85517]
    Separating meshes by material makes render passes in cycles stuck in 1/64. [T89884]

LTS Release 2.93.3:
    Cursor vertex snapping not working in UV editor. [T90477]
    Fix invalid index use for edit-mesh laplacian smooth. [rB4d7f10d6143]
    Fix slicing with negative indices. [rBe862874606b]
    Slicing certain BMEditSelSeq objects crashes Blender. [T89450]
    Fix broken logic in Windows directory query function. [rBa1b687c7a4a]
    font loading creates duplicate ID names. [T90417]
    Separate by loose parts weird result. [T85436]
    Edit mode. Spin tool. Spin center is always on 3d-cursor despite pivot selection. [T86030]
    Fix memory leaks in Python gizmo get/set handlers. [rB2be2aeaf0a5]
    Fix gpu.types.GPUTexture crash when the size argument was too big. [rBbc627fbf657]
    Fix memory leak with Python RNA property get callback errors. [rBa818ad5a549]
    LineArt: Occlusion accuracy fix. [rB69edb9c7d96]
    BlenderKit: fetch user's ratings from server. [rBA6a81558b]
    BlenderKit: improve ratings UI. [rBA78a5ae9b]
    GPencil: Dopesheet channel box selection is offset. [T89952]
    Very slow performance when copying rigid body physics. [T76356]
    Hair particles duplication with duplicate settings enabled copies all the particles instead of one selected. [T83317]
    NodeTree.links.new() can connect one output to a multi-input many times; access violation occurs when disconnecting. [T89416]
    UI: Output Metadata: Strip Name no long accessible. [T78469]
    Driver Editor not updated in real-time (blender >= 2.90). [T87041]
    Crash after Instancing to Scene after making linked Collection local. [T89835]
    Spline IK `joint_bindings` parameter is broken. [T83164]

LTS Release 2.93.4:
    VSE: Flush audio encode after finishing video export. [rB85c08c9717b]
    FFMPEG: Fix building with older versions that need FFMPEG_USE_DURATION_WORKAROUND. [rB7ec351c0d53]
    VSE: Fix "off by one" error when encoding audio. [rB9511009438d]
    VSE: Fix memory leak when adding bad image/movie strips. [rB54a821e8fd7]
    VSE: Fix video strip duration calculation. [rBd486d248687]
    VSE: Fix seeking issues. [rB00dd68405d8]
    VSE: Fix audaspace not reading ffmpeg files with start offset correctly. [rB489df7ac88c]
    VSE: Use lines to draw waveform. [rBc634d859b21]
    M2T video seeking is broken. [T87967]
    Add sanity NULL checks when loading sound sequences. [rB1a4122d4415]
    wrong address to get boost libraries in /build_files/build_environment/install_deps.sh. [T90719]
    Effect Strip added to a nested Metastrip gets duplicate name (thus inherits fcurves from other Strips). [T90737]
    Memorie spike shrink-wrap and geometry nodes. [T89429]
    Fix: DNA struct alignment on 32 bit. [rB9fb9bf59967]
    Makesdna: Fix detecting 32 bit padding issues. [rB70df9119f46]
    Fix FTBFS on mips64el architecture. [rB9d94b358ca1]
    Fix memory leak with building springs in the cloth simulator. [rB20f04ce62af]
    Knife project leaks memory each time a text, curve, or surface object is used for cutting. [T90791]
    Grease Pencil layer transformations ignored by select tool. [T90690]
    Fix memory leak in edit-mesh dissolve degenerate. [rBe1e2abd4bf0]
    Scale to Fit overflows into a second line. [T89241]
    Memory leak after importing a model/ toggling shading workspace. [T88033]
    ASAN: Trying to Undo a knife-project operation causes heap-use-after-free failure. [T90493]
    blender 2.93.1 fails to build with python 3.10.0b4 (upcoming python 3.10). [T89931]
    Incorrect result of Vector Projection (Geometry Nodes -> Attribute Vector Math). [T90567]
    Grease Pencil Reproject Strokes on surfaces from a camera's point of view is incorrectly placing the strokes on the Back Faces when canvas is intersecting the object. [T89101]
    Something in Blender can generate invalid (Nan) values in UVMaps. [T79775]
    Blender Crashing when opening file. [T89805]
    bpy.types.Object.parent_bone not reset when clearing a bone parent. [T88498]
    UI bugs in NLA Editor and Action Editor. [T87681]
    Animation channels widgets (graph, action, NLA, *dopesheet*) block input for the search channel, and invert search toggle. [T90364]

LTS Release 2.93.5:
    Crash selecting 3D tracking marker. [T90651]
    Image Editor not sampling color from the the currently selected pass. [T90772]
    PulseAudio breaks animation playback in new scene (no imported sound involved) LTS backport, 3.0 is fine. [T90887]
    Blender popup windows open on the wrong screen. [T90752]
    Fix buffer size mismatch in SCRIPT_OT_python_file_run. [rB515bdda3d9c]
    Fix invalid mask use for the UV-project modifier. [rB969d6d3a0ff]
    Fix "Text to Object" creating invisible object. [rB933c6b7d8a3]
    Fix T88909: Win32 getTitle() UTF8 Support. [rBd6facd44b53]
    Fix error scaling thumbnails to zero dimensions. [rB16637e7ff40]
    Audio causes issues with Playback when PC put to Sleep, Hibernate or when Screensaver appears. [T88887]
    GPencil Time Offset Modifier together with Armature Modifier or/and Lattice Modifier broken in 2.93.3. [T91060]
    Grease Pencil: Adding driver in Transform doesn't behave as expected during playback. [T88433]
    GPencil: Sculpt Smooth Brush is using Affect Pressure but is not used internally. [T91159]
    Loop Tools Relax. [T90600]
    Text "Scale to Fit" no longer working properly since 2.93.4. [T91401]
    Fix memory leak if an error occurred assigning id-property sequence. [rBec448d5a6ac]
    Bisect straight line gesture features dont work ("Flip" / "Snap" option). [T91320]
    Workbench doesn't respect GP simplify options when rendering. [T91448]
    GPencil: Scripting weight_get and Vertex Groups not working at expected with several groups. [T91511]
    GPencil: Interpolate Sequence crash and quit. [T91534]
    Eevee ambient occlusion is incorrect on M1 macMini. [T87801]
    Intel HD graphics: Changing Roughness Value to 0 causes mesh to be black. [T88754]
    VSE playback periodically refuses to work (Pulseaudio, OpenAL seems fine). [T89045]
    GPencil: Tint modifier "apply" removes the effect. [T91607]
    Texture Paint Stencil doesn't use assigned UV Layer. [T91557]
    Fix default surface resolution U/V mis-match. [rB4528c9a357a]
    Fix `WM_window_find_under_cursor'. [rB1ff10bb6d18]
    Fix building without audaspace. [rBaf42086e743]

(mrg)

doc: Updated wm/mlvwm to 0.9.4

(nia)

mlvwm: update to 0.9.4

Changes:

- Fixed ReadConfigFile() to prevent config command overlap collisions.
- Fixed SkipNonSpace() to consider new lines to be white space.
- Fixed handle_configure_request() to support moving windows.
- Added SwallowFocusClick configuration (default: disabled).

Released 2021-09-09 by Morgan Aldridge

(nia)

doc: Updated devel/kdiff3 to 1.9.3

(gutteridge)

kdiff3: update to 1.9.3

(Upstream change log incomplete in summarized form, highlights for the
1.9 bump follow.)

Version 1.9 - 2021-
===========================
*Rewrite of SourceData::FileData::preprocess now only loops through file contents once.
*Major rework of event handling
  -Move away from event filters where feasible, drop code for events now handled by qt.
  -decentralize handlers
*take advantage of Qt and boost signal/slot pattern to avoid needless nullptr checks.
  -decentralize cut/paste handling
*Introduce LineRef wrapper class
*Add enum types and use existing ones.
  -improves readability of code.
*split out doDirectoryCompare from improveFilenames
  -Principle of least surprise
*Stop mis-using c style [] pointer access there is no documented reason to assume QVector<T> has a
  c-style memory layout. Much less that this will remain so.

Not even going to try to list everything here.

See git history for complete log.

(gutteridge)

doc: Updated audio/pt2-clone to 1.37

(nia)

pt2-clone: update to 1.37

v1.37 - 28.10.2021
- Fixed potential thread issues between user input thread and audio thread, like
  when jamming a sample, toggling tuning tone, playing sample in the sample
  editor, adjusting sample loop, etc.

v1.36 - 10.10.2021 (23:12 GMT+2)
- Fixed clicking issues in v1.35 during sample looping. Sorry!
- Fixed an issue where the quadrascope was not updated properly when a F00
  command was triggered before the last channel.

v1.35 - 10.10.2021
- Implemented a config entry in protracker.ini for disabling the 2x downsample
  dialog that shows up when attempting to load >22kHz samples.
  (NO_DWNSMP_ON_SMP_LOAD)
- Don't attempt to center window after leaving fullscreen mode. This could lead
  to issues on multi-monitor setups.
- Further accuracy changes to the Paula emulator. Read two samples at once into
  the AUDxDAT buffer. This is a minor change, but it can have a very small
  impact on sample-changing commands (EFx/E8x).

(nia)

doc: Updated chat/dino to 0.2.2

(nia)

dino: update to 0.2.2

Maintenance release for GTK+ 3.24.30 support and bug fixes.

(nia)

Updated textproc/jsoncpp, security/libgpg-error

(adam)

libgpg-error: updated to 1.43

Noteworthy changes in version 1.43 (2021-11-03) [C32/A32/R1]
-----------------------------------------------

* Fix for building against GNU libc 2.34.  [T5547]

* Fix build problems on macOS.  [T5440,T5610]

* Fix gpgrt-config problems.  [T5381,T5595]

* Fix gpgrt_free for legacy platforms.  [448bf7b01cad]

* Fix truncation of error message in the middle of a character.
  [T5048]

* Fix the --disable-threads configure options.  [T5495]

* Improve lock-obj generation for cross-builds [99ae862a96a5]

* Improve cross-builds. [T5365]

* Improve gpgrt_wait_processes.  [T5381]

* Allow config files to read values from the Windows Registry and
  from envvars.  [b1790f4cc71f]

* Update the Russian and Czech translations.

(adam)

jsoncpp: updated to 1.9.5

1.9.5:
Minor bug-fixes (including for cmake)
Support for Bazel
Dropped compile-time deprecation warnings

(adam)

doc: Updated www/firefox91-l10n to 91.3.0

(nia)

firefox91-l10n: sync with firefox91

(nia)

doc: Updated www/firefox91 to 91.3.0

(nia)

firefox91: update to 91.3.0

Security Vulnerabilities fixed in Firefox ESR 91.3

    #CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets

    #CVE-2021-38504: Use-after-free in file picker dialog

    #CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode
    without notification or warning

    #CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass
    the Same-Origin-Policy on services hosted on other ports

    #MOZ-2021-0008: Use-after-free in HTTP2 Session object

    #CVE-2021-38508: Permission Prompt could be overlaid, resulting in user
    confusion and potential spoofing

    #CVE-2021-38509: Javascript alert box could have been spoofed onto an
    arbitrary domain

    #CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac
    OS

    #MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3

(nia)

doc: Updated www/lighttpd to 1.4.61nb1

(schmonz)

Apply upstream 584a69c4 to fix use-after-free. Bump PKGREVISION.

(schmonz)

(sysutils/R-ps) adhoc, purely tentative fix for RELRO

(mef)

pkg_install: Add an explicit dummy DEINSTALL script.

Even with DEINSTALL_SRC set empty, changes in the pkgsrc infrastructure over
the past few years will now create a dynamic +DEINSTALL script regardless,
and while only containing "exit 0", may have a #! using a shell from pkgsrc.

This can lead to upgrade issues if that shell happens to be unavailable
while pkg_install is being upgraded.  Creating our own dummy script that
explicitly uses /bin/sh avoids that problem.

(jperkin)

doc: Updated net/terraform-provider-vultr to 2.5.0

(tpaul)

terraform-provider-vultr: Update to 2.5.0

Upstream release notes:

v2.5.0
Enhancement:
- resource/vultr_kubernetes: New resource that allows for deployment of VKE
  clusters 165
- resource/vultr_kubernetes_node_pools: New resource that allows for
  deployment of node pools to existing VKE Cluster165

v2.4.2
Bug Fix:
- resource/load_balancer: added missing region and ssl_redirect values from
  being set 163

v2.4.1
Enhancement:
- resource/instance: increased default timeout for create/update from 20 to
  60 minutes 160

v2.4.0
Enhancement:
- resource/instance: add marketplace support with image_id 150
- resource/bare_metal: add marketplace support with image_id 150
- datasource/applications: adds marketplace support 150
- Add openBSD to builds 155
Bug Fix:
- resource/bare_metal: fix importer 157
- Doc updates 152 146 147
Dependency:
- updated terraform-plugin-sdk to v2.6.0 -> v2.7.0 149
- updated govultr to v2.5.1 -> v2.7.1 150

v2.3.3
Enhancement:
- resource/instance: adding wait if a plan is being upgrade 144

v2.3.2
Enhancement:
- resource/instance: allow plan changes to do in-place upgrades 142

v2.3.1
Bug Fix:
- resource/bare_metal: fix type issue on v6_network_size 140
- resource/bare_metal: fix missing mac_address definition in scheme 140

v2.3.0
IMPROVEMENTS:
- resource/vultr_instances: allow the configuration of backups_schedule
- resource/vultr_load_balancers: add support for new LB features
  private_network and firewall_rules 137
- resource/vultr_iso: support detaching during deletion 131 Thanks
  @johnrichardrinehart
- resource/vultr_instances: private_network_ids are now tracked in statefile
- resource/vultr_block_storage: new field added mount_id 135
- resource/vultr_plans: new field added disk_count 135
Dependency:
- updated terraform-plugin-sdk to v2.4.0 -> v2.6.0 134
- updated govultr to v2.3.1 -> v2.5.1 135
Deprecation:
- resources/vultr_instance: the enable_private_network field has been
  deprecated in favor of private_network_ids

(tpaul)

Updated meta-pkgs/bulk-large to 20211103

(nils)

Fix typo that prevents from running a (partial) bulk build.

(nils)

doc: Updated devel/php-composer to 2.1.11

(tpaul)

php-composer: Update to 2.1.11

Upstream release notes:

2.1.11
- Fixed issues in proxied binary files when using declare() on php <8 (#10249)
- Fixed GitHub Actions output escaping issues (#10243)

2.1.10
- Added type annotations to all classes, which may have an effect on
  CI/static analysis for people using Composer as a dependency (#10159)
- Fixed CurlDownloader requesting gzip encoding even when no gzip support is
  present (#10153)
- Fixed regression in 2.1.6 where the help command was not working for plugin
  commands (#10147)
- Fixed warning showing when an invalid cache dir is configured but
  unused (#10125)
- Fixed require command reverting changes even though dependency resolution
  succeeded when something fails in scripts for example (#10118)
- Fixed require not finding the right package version when some newly
  required extension is missing from the system (#10167)
- Fixed proxied binary file issues, now using output buffering (e1dbd65)
- Fixed and improved error reporting in several edge cases
  (#9804, #10136, #10163, #10224, #10209)
- Fixed some more Windows CLI parameter escaping edge cases

(tpaul)

doc: Updated sysutils/macchina to 5.0.3

(pin)

sysutils/macchina: update to 5.0.3

-general: moved miscellaneous theme structures to separate modules.
-netbsd: subtract "one" from pkgsrc's package count.

(pin)

ruby30-base: Fix ALTERNATIVES to use PKGMANDIR.

(jperkin)

doc: Updated devel/ncurses to 6.2nb5

(jperkin)

(x11/xview-lib) Purely temporarily, adhoc fix for RELRO for USE_IMAKE version

(mef)

ncurses: Fix install on case-insensitive file systems.

Bump PKGREVISION.

(jperkin)

Updated devel/py-nose2, net/py-lexicon

(adam)

py-lexicon: updated to 3.8.1

3.8.1:
Modified
Fix rackspace provider by not sending a body request for GET requests

(adam)

py-nose2: updated to 0.10.0

0.10.0 (2020-01-27)
-------------------

Added
~~~~~

* Support for subtests!

Notes for plugin authors about subtest support:

  * Subtest failures will produce a ``TestOutcomeEvent`` with ``outcome = "subtest"``

  * Subtest events can be failures, but they do not indicate success -- the
    containing test will send a success event if no subtests fail

Changed
~~~~~~~

* Drop support for Python 3.4

* Python 3.8 and 3.9 are now officially supported

* Improve helptext for the multiprocess plugin's ``-N`` option

* When run with reduced verbosity (e.g. with ``-q``), ``nose2`` will no longer
  print an empty line before test reports

Fixed
~~~~~

* The plugin registry will no longer contain duplicate plugins and or base
  ``event.Plugin`` instances

* Fix function test case implementation of ``id``, ``__str__``, and
  ``__repr__``. This removes the injected ``transplant_class.<locals>`` from
  reporting output

* Doctest loading will now skip ``setup.py`` files in the project root

* Class methods decorated (e.g. with ``mock.patch``) are no longer incorrectly
  picked up by the function loader

(adam)

Updated textproc/py-lxml, textproc/py-wcmatch

(adam)

py-wcmatch: updated to 8.3

8.3
- **NEW**: Officially support Python 3.10.
- **NEW**: Provide type hints for API.
- **FIX**: Gracefully handle calls with an empty pattern list.

(adam)

py-lxml: updated to 4.6.4

4.6.4

Features added

* A new property ``system_url`` was added to DTD entities.
* The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars.

(adam)

Updated www/py-httplib2, www/py-yarl

(adam)

py-yarl: updated to 1.7.2

1.7.2 (2021-11-01)

Bugfixes
- Changed call in ``with_port()`` to stop reencoding parts of the URL that were already encoded.

1.7.1 (2021-10-07)

Bugfixes
- Fix 1.7.0 build error

(adam)

py-httplib2: updated to 0.20.2

0.20.2
auth: support pyparsing v3 (AttributeError downcaseTokens)
proxy: correct extraction of errno from pysocks ProxyConnectionError

(adam)

Updated math/py-numpy, math/py-scipy

(adam)

py-scipy: updated to 1.7.1

SciPy 1.7.1 is a bug-fix release with no new features compared to 1.7.0.

1.7.0:

A new submodule for quasi-Monte Carlo, scipy.stats.qmc, was added
The documentation design was updated to use the same PyData-Sphinx theme as NumPy and other ecosystem libraries.
We now vendor and leverage the Boost C++ library to enable numerous improvements for long-standing weaknesses in scipy.stats
scipy.stats has six new distributions, eight new (or overhauled) hypothesis tests, a new function for bootstrapping, a class that enables fast random variate sampling and percentile point function evaluation, and many other enhancements.
cdist and pdist distance calculations are faster for several metrics, especially weighted cases, thanks to a rewrite to a new C++ backend framework
A new class for radial basis function interpolation, RBFInterpolator, was added to address issues with the Rbf class.

(adam)

py-numpy: updated to 1.21.3

1.21.0

New functions

Add PCG64DXSM BitGenerator

Deprecations

The .dtype attribute must return a dtype
Inexact matches for numpy.convolve and numpy.correlate are deprecated
np.typeDict has been formally deprecated
Exceptions will be raised during array-like creation
Four ndarray.ctypes methods have been deprecated

Expired deprecations

Remove deprecated PolyBase and unused PolyError and PolyDomainError

Compatibility notes

Error type changes in universal functions
__array_ufunc__ argument validation
__array_ufunc__ and additional positional arguments
Validate input values in Generator.uniform
/usr/include removed from default include paths
Changes to comparisons with dtype=...
Changes to dtype and signature arguments in ufuncs
Ufunc signature=... and dtype= generalization and casting
Distutils forces strict floating point model on clang

C API changes

Use of ufunc->type_resolver and ���type tuple���

New Features

Added a mypy plugin for handling platform-specific numpy.number precisions
Let the mypy plugin manage extended-precision numpy.number subclasses
New min_digits argument for printing float values
f2py now recognizes Fortran abstract interface blocks
BLAS and LAPACK configuration via environment variables
A runtime-subcriptable alias has been added for ndarray

Improvements

Arbitrary period option for numpy.unwrap
np.unique now returns single NaN
Generator.rayleigh and Generator.geometric performance improved
Placeholder annotations have been improved
Performance improvements
Improved performance in integer division of NumPy arrays
Improve performance of np.save and np.load for small arrays

Changes

numpy.piecewise output class now matches the input class
Enable Accelerate Framework

(adam)

doc: Pullup ticket #6523

(tm)

Pullup ticket #6523 - requested by david
lang/python27: bugfix

Revisions pulled up:
- lang/python27/Makefile                                        1.95
- lang/python27/distinfo                                        1.87
- lang/python27/patches/patch-Lib_urlparse.py                  1.2

---
  Module Name:    pkgsrc
  Committed By:  gutteridge
  Date:          Wed Oct 27 23:58:55 UTC 2021

  Modified Files:
          pkgsrc/lang/python27: Makefile distinfo
          pkgsrc/lang/python27/patches: patch-Lib_urlparse.py

  Log Message:
  python27: fix definition of variable added in security patch

  Correct a merge botch introduced in a previous commit. It was intended
  that a variable be redefined, but it was committed in an incomplete
  testing state.

(tm)

Updated games/wesnoth, audio/faudio

(adam)

faudio: updated to 21.11

21.11

GStreamer support is now deprecated.
Wine users should migrate to 6.20 and newer, and everyone else should move to codecs that are not patent-encumbered.
GStreamer support will be fully removed in the first release after Wine 7.0.

Removed Features:

Removed the C++ wrapper. Use the headers/PE binaries found in Wine 6.20 and newer.

Fixes:

Minor fixes and cleanups found by Coverity
Dont assert on WMA buffer and FAUDIO_FORMAT_EXTENSIBLE type
FACT: Send FACTNOTIFICATIONTYPE_CUESTOP Notification on Cue Stop
Continued work on the experimental Wine/Win32 platform backend

(adam)

wesnoth: updated to 1.16.0

Version 1.16.0
  Campaigns
  * Sceptre of Fire
    * S06: Fix some WML variable handling causing autodefeat in S06 or rune-equip bugs in a later scenario
  * Under the Burning Suns
    * S05: Avoid village just taken by the player being re-assigned to the enemy
  Lua API
  * Fixed `wesnoth.audio.volume = N` always setting volume to 0.
  Translations
  * Updated translations: British English, Czech, Finnish, Italian, Japanese, Portuguese (Brazil), Spanish.
  User interface
  * Don't display the locale API identifier on the Language button.
  Miscellaneous and Bug Fixes
  * Fix the engine exiting immediately due to a corrupt .mo file
  * When showing [message] with [options] but no default, highlight the first one
  * Ensure that [modify_unit] has some expected side-effects of unstoring a unit

Version 1.15.18
  Campaigns
  * Northern Rebirth
    * Give Eryssa窶冱 side a consistent team color
  * The Rise of Wesnoth
    * Remove time-runs-out lose condition for final scenario
  * Under the Burning Suns
    * Avoid a few possibilities where the Dust Devil could speak
    * Avoid dehydration status icon persisting into the next scenario
  Editor
  * Avoid rare crash situation after editing scenarios
  Translations
  * Updated translations: British English, Bulgarian, Czech, French, Italian, Portuguese (Brazil), Russian, Spanish.
  * gettext plural forms now have caret prefixes stripped as well.
  User interface
  * Steam cloud file is no longer listed in the Load Game dialog.
  * Redefine green text in dialogs and tool-tips so they are no longer 窶�too dark窶� with recent Pango versions
  * Gave the main menu's Language button a label again, now displaying the current language.
  * Tweaked margins around the main menu's bottom row.
  * Difficulty no longer displayed in the Load Game dialog when it is not relevant to a save file
  Miscellaneous and Bug Fixes
  * Correct unit display adjustments on certain tiles when at zoom level other than 100%

Version 1.15.17
  Campaigns
  * World Conquest is re-enabled.
  Translations
  * Updated translations: British English, Polish
  Miscellaneous and Bug Fixes
  * Messenger MAI: fixed bug of own units sometimes blocking the path to a waypoint for the messenger
  * A bug that would corrupt WML sent to the multiplayer and add-ons server was fixed.

Version 1.15.16
  Campaigns
  * Liberty
    * S06: Enforce failure condition for allied team
  * The South Guard
    * S8b: Reduced difficulty
  * Tutorial
    * S01: Don't let the first Quintain chase the player to a village
    * S01: Synchronise the choice of character dialog, so that replays don't get OOS
    * S01: Fix some glitches on HDPI displays
  * Secrets of the Ancients
    * Synchronise the walking corpse recruitment dialog, so that replays don't get OOS
  * Under the Burning Suns
    * S09: Reveal the boss of the scenario at the end of part 1
  * World Conquest
    * Add campaign icons, campaign image and credits
    * Update to new mushroom terrain from the deprecated mushroom terrain
  Multiplayer
  * If an add-on needs to be installed on all players' devices but doesn't specify a min version, assume it needs the latest
  Terrain
  * Fix transition between snowy mountains and castles
  Translations
  * Updated translations: British English, Chinese (Traditional), Czech, Finnish, French, Indonesian, Italian, Polish, Portuguese (Brazil), Russian, Turkish
  Units
  * Added and improved Naga animations
  * Added Troll defense animations
  User interface
  * The names of the abilities used as specials appear in the attack prediction window with specials weapons
  * In the Load Game dialog, list directories from previous versions in decending order
  * Refined design of the Faction Select screen
  * Made the campaign selection on bigger on HDPI screens
  Miscellaneous and Bug Fixes
  * Added a timeout when connecting to the wesnothd server
  * Improved logging of deprecation messages, fixing duplication and missing timestamps
  * Added `[era]` attributes to the schema
  * Added to wmllint an automatic update of four terrain-graphics macros
  * Removed wmllint's check for spaces in e-mail addresses
  * Standardised the date line of copyright statements, and updated them to 2021

Version 1.15.15
  Translations
  * Updated translations: British English, Bulgarian, Chinese (Traditional), Czech, Italian, Portuguese (Brazil), Russian, Spanish, Turkish
  User interface
  * Added a prompt to allow migrating settings and redownloading add-ons used in a previous version of Wesnoth when starting a new versions for the first time.
  Miscellaneous and Bug Fixes
  * Fixed: keyboard input during the loading screen intermittently caused a crash
  * AI: fixed custom synced commands not changing the game state

Version 1.15.14
  Add-ons client
  * Fixed: using the versions drop-down in small-screen mode returned to the title screen
  * Fixed: keyboard input in small-screen mode returned to the title screen
  Campaigns
  * A Tale of Two Brothers
    * S02: Dialog revisions.
  * Sceptre of Fire
    * Revisions to the last two scenarios.
  * Tutorial
    * S02: Mention the acceleration factor preference.
  Lua API
  * Pathfinding functions are now in a new wesnoth.paths module.
    * Pathfinding in map generation now takes an options table as the third argument.
  * New sync module that contains functions for multiplayer synchronization
    * In particular, wesnoth.synchronize_choice is now wesnoth.sync.evaluate_single
  * allow_end_turn and end_turn moved to the wesnoth.interface module
  * wesnoth.message is now wesnoth.interface.add_chat_message
  * Shroud and fog control are now in the wesnoth.sides module
    * Shroud data strings and the special string "all" are no longer supported by place_shroud -
      only a list of locations is supported
    * wesnoth.map.parse_bitmap transforms a shroud data string into a list of locations
    * wesnoth.map.make_bitmap builds a shroud data string from a list of locations
    * There are now two different ways of altering shroud: place_shroud merges with existing shroud,
      while override_shroud replaces the entire shroud with the new value.
  * New schedule module for working with schedules and time areas
    * wesnoth.map.get_time_area now returns the area's schedule object
    * The global scenario schedule is available as wesnoth.current.schedule
    * wesnoth.get_time_of_day is split into wesnoth.schedule.get_time_of_day (ignoring illumination)
      and wesnoth.get_illumination (which considers illumination). Both functions now take the location
      as the first argument.
    * wesnoth.get_max_liminal_bonus() is now wesnoth.current.schedule.liminal_bonus
    * wesnoth.replace_schedule is now wesnoth.schedule.replace
  * wesnoth.end_level() and wesnoth.get_end_level_data() are now removed - instead, there's
    an end_level_data field in wesnoth.scenario.that serves both purposes.
  * wesnoth.get_traits() is now wesnoth.game_config.global_traits
  * wesnoth.teleport moved to the units module
  Multiplayer
  * Added Isle of Mists, a new single player or coop survival scenario.
  Networking
  * Added support for encrypting connection using TLS to multiplayer/addon client/server
  * Moved password hashing code from client to server, relying on TLS to avoid sending cleartext passwords
  Packaging
  Terrain
  * Added some great tree variations
  * Added 'icy cobbles' (terrain code `Rra`) - mostly useful for the transitions
  Translations
  * Updated translations: British English, Chinese (Traditional), Czech, Indonesian, Italian, Japanese, Scottish Gaelic, Slovak, Spanish
  Units
  * Added missing Seahorse graphics
  * Revised Jinn (unit config and graphics)
  * Fire Wraith added
  * added LordBob's Jinn, Fire Guardian, and Fire Wraith portraits
  * Moved Naga guardian line from UtBS to core, and made some revisions
  * Dune Apothecary experience needed to level up changed from 100 to 65
  * Dune Captain experience needed to level up changed from 86 to 75
  * Dune Herbalist cost changed form 15 to 14
  * Dune Horse Archer experience needed to level up changed form 70 to 65
  * Naga Sicarius hp changed form 55 to 53 and melee damage changed form 9 to 6, new special "deflect" added to melee attack
  * Fire Guardian can now level into Fire Wraith, experience needed to level up for Fire Guardian changed from 50 to 29
  * Revised statistics of all animal horses, Bay Horse can now level into Great Horse
  Wesnoth Formula Language
  * The use of "side" on units and "owner" on terrain objects is now deprecated.
    Instead, you should use "side_number" or "owner_side", respectively.
    The old key returns 0 for side 1 and so on, so the new key is preferred.
  * A unit object now has a "terrain" key that returns the terrain object the unit is standing on.
  * Add new functions tod_bonus() and base_tod_bonus() to get the bonus on a specific location
  WML Engine
  * add 'unslowable' and 'unpetrifiable' status to immune to slow or petrifies
  * Schema validation now checks whether string values are translatable or not, according to what the
    schema specifies.
  * Fix schema validation rejecting Lua AI goals
  * Unit special notes are now read directly from weapon specials, abilities, and a few other places, meaning
    the `[special_note]` tag is usually not required in `[unit]` or `[unit_type]`.
  * A warning is now displayed when the next scenario is unknown.
  * Changed the default duration for `[print]` to 5000 milliseconds, and added support for `duration=unlimited`.
  Miscellaneous and Bug Fixes
  * The unit description tooltip in the sidebar now includes the text from `[special_note]`s.
  * Added a collection of item images
  * AI: fixed crash when using attacks aspect with invalidate_on_gamestate_change=no
  * AI: fixed crash when using custom_synced_commands
  * Micro AIs: fixed unit variables getting lost when continuing from replay
  * Fixed AI state initialization problem after reloading

Version 1.15.13
  Add-ons client
  * The details panel now shows the list of tags in each add-on.
  * Added a filter based on tags.
  Lua API
  * Added `pango_color` to the `wesnoth.colors` table, for easy use in formatted text.
  * Add new function `filesystem.resolve_asset` to convert `[binary_path]` relative paths to data-relative paths.
  * Add new function `filesystem.have_asset` which can determine if an image or sound exists.
  * `wesnoth.have_file`, `wesnoth.read_file`, `wesnoth.image_size` moved to new `filesystem` library
  * Add a more advanced way of manipulating version strings via `wesnoth.version` constructor function.
  * Add a `wesnoth.scenario` data module that consolidates everything there is to know about the current scenario. Much of this information was previously available through `wesnoth.game_config`, but there are some new details too.
  * Fixed a regression introduced in 1.15.5 causing GUI2 widgets set to a hidden state to remain visible but not able to be interacted with.
  * Fixed a regression introduced in 1.15.5 causing GUI2 listboxes to break when cleared and re-filled under certain circumstances.
  Packaging
  * Increased minimum required version of SDL to 2.0.8.
  Translations
  * Updated translations: British English, Czech, Dutch, Italian, Russian.
  Units
  * Horses added
  * Seahorse added
  * Zombie horse variation added
  * Update piglet/boar graphics
  User interface
  * The multiplayer "turns over" dialog now uses each team's colors when showing teams' names.
  WML Engine
  * Modify implementation of overwrite_specials attribute for replace yes/no parameter by none/one_side/both_sides and select abilities used like weapons and specials who must be overwrited(owned by fighter where special applied or both)
  * Add a `ability_id_active` attribute to `[filter]`
  * `[terrain_mask]` now accepts `mask_file` as an alternative to an inline mask. The file is loaded from the same place as `map_file` in the `[scenario]` tag (ie, a maps/ subdirectory of your binary path). Anyone who prefers to keep masks separate from regular maps is free to make a subdirectory for their masks (or just keep all their masks inline).
  * `[effect]apply_to=movement` now always affects vision too, except when given the `apply_to_vision=no` attribute
  Miscellaneous and Bug Fixes
  * More optimization in the UI drawing code, fixes the crash displaying the full credits.
  * Made GUI.pyw compatible with Python 3.9.
  * Removed workarounds for bugs affecting older SDL 2.0 versions, including an extra copy of the game screen made during gamemap scrolling.
  * FPS values calculated when the :fps or :benchmark are now written to a file which can then be used to track FPS values over time.
  * Removed old image optimisation scripts, as there's a rewrite in Python.

Version 1.15.12
  Add-ons client
  * When uploading or deleting an add-on, the game will now prompt for the required password if it is not present in the `_server.pbl` file.
  AI
  * Improved AI decisions about whether an attack with poison is better than one with higher direct damage.
  * Added options to the Patrol Micro AI on whether to notice invisible units, and on attack range.
  * Added a `[filter]` option to the Swarm Micro AI.
  * Replaced several uses of Formula AIs with Micro AIs, and removed Formula AIs from demo scenarios.
  * Removed experimental MP dev Formula AIs.
  * Fixed a crash in the Lurker Formula AI.
  Campaigns
  * Descent into Darkness
    * Buffed Malin.
  * Eastern Invasion
    * Dialogue changes in S07b.
  * Legend of Wesmere
    * S16: Replaced the Patrol Formula AI with the Patrol Micro AI.
  * Secrets of the Ancients
    * Reimplemented the zombie recruitment UI.
  * The Rise of Wesnoth
    * Balance changes.
  * The South Guard
    * Fix the new ally's upkeep when choosing the bandit branch.
  * Tutorial
    * Reimplemented the character-choice UI.
  * Under the Burning Suns
    * In S01, fixed one of the mystics spawning in the lake.
  Lua API
  * Fix issues with the wesnoth.map module.
  Multiplayer
  * Dark Forecast
    * Difficulty rebalanced so that two-player-mode is hard rather than impossible.
    * The weather now changes on side 1's turn instead of side 3's turn.
  * World Conquest
    * Many bugs have been fixed, however WC is still hidden while more bugs are fixed.
    * Converted GUI2 dialogs to WML.
    * Fixed an error in the destruction mechanic.
  Packaging
  * Removed the obsolete FindSDL2_ttf cmake module.
  Terrain
  * Improved transition between human castle ruins and sunken ruins.
  Translations
  * Updated translations: Chinese (Traditional), Czech, Italian.
  Units
  * New rock scorpion monster and scorpion zombie variation.
  * Rename tusker/gorer references to boars and piglets, to avoid stepping on existing UMC.
  * Dune Blademaster gold cost changed from 52 to 57.
  * Dune Captain alignment changed from liminal to lawful.
  * Dune Cataphract gold cost changed from 61 to 62.
  * Dune Firetrooper gold cost changed from 50 to 41.
  * Dune Harrier gold cost changed from 46 to 47.
  * Dune Luminary gold cost changed from 53 to 38.
  * Dune Maruder gold cost changed from 52 to 60.
  * Dune Sky Hunter gold cost changed from 47 to 51.
  * Dune Spearmaster gold cost changed from 51 to 57.
  * Dune Wayfarer gold cost changed from 52 to 55.
  * Dune Windbolt gold cost changed from 50 to 49.
  * Dune Warmaster gold cost changed from 56 to 57, hp changed from 57 to 59, alignment changed from liminal to lawful.
  * Naga Ophidian gold cost changed from 24 to 22, melee damage changed from 7 to 6, ranged damage changed from 10 to 12.
  * Naga Ringcaster gold cost changed from 24 to 22.
  * Naga Sicarus gold cost changed from 48 to 46, melee damage changed from 10 to 9, ranged damage changed from 12 to 13.
  * Naga Zephyr gold cost changed from 50 to 46.
  * Wose Sapling gold cost changed from 10 to 11.
  * Wose Shaman gold cost changed from 40 to 27, movement points changed from 3 to 4, melee damage changed from 9 to 12, ranged damage changed from 10 to 11, hp changed from 50 to 56.
  * Horned Scarab gold cost changed from 12 to 11.
  * Fixed the Walking Corpses of some river creatures having poor movement in deep water.
  * New descriptions for the Fire Ant, Roc and Sand Scuttler.
  * Fixed the Giant Scorpion having an empty variation name.
  User interface
  * Improved the attack dialog's recommendation about whether an attack with poison is better than one with higher direct damage.
  * Added logs folder path to the Game Version dialog on Windows.
  * Added built-in Lua engine version to the Game Version dialog and `--report`.
  * Made Accelerated Speed toggle announcement not stackable over itself or other announcements.
  * Minor adjustments to the sidebar's minimap area in the default game theme to reclaim empty and uneven space back. Note that this WILL break custom WML themes that use the same sidebar graphics as the default theme.
  * Minor adjustment to the placement of numerals on the debug clock.
  * Players now receive an error message when attempting to save games using illegal file names.
  * Fixed text labels containing only a single link becoming empty.
  * Separated floating labels' duration from the speed of their eventual fade-out.
  * Fixed font family leakage from GUI2 canvases to GUI1 elements such as the in-game chat overlay.
  WML Engine
  * In development builds, deprecation warnings are now shown in-game by default.
  * Conditional WML's `[variable]` tag now expects exactly one comparison, and will warn if given none or multiple tests.
  * `[store_reachable_locations]range=vision` now calculates vision, instead of using movement costs and max movement points.
  Miscellaneous and Bug Fixes
  * Fixed units with max movement set to zero being given one max movement point by `[unstore_unit]` or when loading a saved game.
  * Fixed an intermittent crash on the loading screen.
  * wmlunits (units.wesnoth.org) no longer incorrectly assumes that units with movement costs equal to their maximum movement can't move into the affected terrains.
  * Fixed a bug where log domains' severity could accidentally be reduced.
  * Changed the verbosity and error-handling of the `run_wml_tests` script.
  * Made `run_wml_tests` automatically skip tests which need strict mode when running without strict mode.
  * Made optimizations in the UI drawing code, these shouldn't have visible effects.
  * Optimized the command-line `wesnoth_addon_manager` tool.

(adam)

doc: Pullup ticket #6528, #6524, #6525, #6527, #6526

(tm)

Pullup ticket #6526 - requested by taca
lang/php80: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.342
- lang/php80/distinfo                                          1.11

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Fri Oct 22 15:09:52 UTC 2021

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php80: distinfo

  Log Message:
  lang/php80: update to 8.0.12

  This is a security fix release.

  21 Oct 2021, PHP 8.0.12

  - CLI:
    . Fixed bug #81496 (Server logs incorrect request method). (lauri)

  - Core:
    . Fixed bug #81435 (Observer current_observed_frame may point to an old
      (overwritten) frame). (Bob)
    . Fixed bug #81380 (Observer may not be initialized properly). (krakjoe)

  - DOM:
    . Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID).
      (Viktor Volkov)

  - FFI:
    . Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
      defined). (Dmitry)

  - FPM:
    . Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
      escalation) (CVE-2021-21703). (Jakub Zelenka)

  - Fileinfo:
    . Fixed bug #78987 (High memory usage during encoding detection). (Anatol)

  - Filter:
    . Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing).
      (cmb, Nikita)

  - Opcache:
    . Fixed bug #81472 (Cannot support large linux major/minor device number when
      read /proc/self/maps). (Lin Yang)

  - Reflection:
    . ReflectionAttribute is no longer final. (sasezaki)

  - SPL:
    . Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free).
      (cmb, Nikita, Tyson Andre)
    . Fixed bug #81477 (LimitIterator + SplFileObject regression in 8.0.1). (cmb)

  - Standard:
    . Fixed bug #69751 (Change Error message of sprintf/printf for missing/typo
      position specifier). (Aliaksandr Bystry)

  - Streams:
    . Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper).
      (cmb)

  - XML:
    . Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
      (Aliaksandr Bystry, cmb)

  - Zip:
    . Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi)
    . Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb)

(tm)

Pullup ticket #6527 - requested by taca
lang/php74: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.343
- lang/php74/distinfo                                          1.31

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Fri Oct 22 15:14:24 UTC 2021

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php74: distinfo

  Log Message:
  lang/php74: update to 7.4.25

  This is a security fix release.

  21 Oct 2021, PHP 7.4.25

  - DOM:
    . Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID).
      (Viktor Volkov)

  - FFI:
    . Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
      defined). (Dmitry)

  - Fileinfo:
    . Fixed bug #78987 (High memory usage during encoding detection). (Anatol)

  - Filter:
    . Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing).
      (cmb, Nikita)

  - FPM:
    . Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
      escalation) (CVE-2021-21703). (Jakub Zelenka)

  - SPL:
    . Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free).
      (cmb, Nikita, Tyson Andre)

  - Streams:
    . Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper).
      (cmb)

  - XML:
    . Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
      (Aliaksandr Bystry, cmb)

  - Zip:
    . Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi)
    . Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb)

(tm)

TODO: - dovecot2-pigeonhole-0.5.17, done.

(wiz)

sfsexp: Fix version number in buildlink3.mk

Before importing, I had forgotten to fix harf-baked buildlink3.mk.

(ryoon)

Updated mail/dovecot2, mail/dovecot2-pigeonhole

(adam)

dovecot2-pigeonhole: updated to 0.5.17

0.5.17:
- duplicate: The Sieve duplicate test is prone to false negatives when
  the user receives many e-mails concurrently, meaning that duplicate
  deliveries can still occur.
- fileinto: v2.3.16 regression: Sieve delivery crashes if mail is
  delivered to non-existing and existing folder.
- imap-filter-sieve: v2.3.15 regression: The CPU limits on Sieve
  execution are too easily exceeded in IMAP context (the IMAPSieve and
  FILTER=SIEVE capabilities). Changed the default to unlimited CPU time
  for IMAP context, since similar excessive resource usage can be caused
  by other means as well. The CPU limits on Sieve scripts executed at
  LDA/LMTP delivery are still enforced by default.
- redirect:  The Sieve redirect action has protections against users
  triggering mail loops. Unfortunately, the detection of a redirect mail
  loop sometimes causes the message to get lost if no other Sieve action
  is applied that delivers the message somewhere else.
- redirect: v2.3.16 regression: With certain Sieve scripts if redirect
  fails due to temporary failure, the lmtp process may crash after the
  delivery. Fixes:
  Panic: file mail-user.c: line 229 (mail_user_deinit):
  assertion failed: ((*user)->refcount == 1).

(adam)

dovecot2: updated to 2.3.17

2.3.17

* Dovecot now logs a warning if time seems to jump forward at least
  100 milliseconds.
* dict: Lines logged by the dict process now contain the dict name as
  the prefix.
* lib-index: mail_cache_fields, mail_always_cache_fields and
  mail_never_cache_fields now verifies that the listed header names are
  valid. Especially the UTF8 "–" character has sometimes been wrongly
  used instead of the ASCII "-".
+ *-login: Added login_proxy_rawlog_dir setting to capture
  rawlogs between proxy and backend.
+ dict: The server process now keeps the last 10 idle dict backends
  cached for maximum of 30 seconds. Practically this acts as a
  connection pool for dict-redis and dict-ldap. Note that this doesn't
  affect dict-sql, because it already had its own internal cache.
+ doveadm: New stats add/remove commands added to support changing the
  metrics configuration on runtime.
+ lazy_expunge: Added lazy_expunge_exclude settings to disable
  lazy_expunge for specific folders. \Special-use flags can be used as
  folder names.
+ lib-lua: Added a new helper function dovecot.restrict_global_variables()
  to disable or enable defining new global variables.
- LAYOUT=index List index rebuild was missing.
- LAYOUT=index: Duplicate GUIDs were not detected.
- acl: When using acl_ignore_namespace Dovecot attempted to access or
  create dovecot-acl-list even when the namespace should have been
  ignored. For virtual namespaces this could have yielded errors about
  "Read-only file system" or "Permission denied".
- auth: Setting the "master" passdb field to empty value would
  cause proxying to fail with an authentication error.
  Now an empty "master" field is ignored.
- doveadm-server: Duplicate error lines were sent for failed commands.
  This didn't normally cause visible problems, except when using
  wildcards in usernames or -A parameter to go through multiple users.
- doveadm-server: Logs written by doveadm-server were often missing log
  prefixes, especially mail_log_prefix for mail commands. Logs sent to
  doveadm TCP client were also missing log prefixes.
- doveadm: v2.3 regression: batch command always crashes.
- doveadm: v2.3.11 regression: Commands failed if ssl_cert or
  ssl_key files weren't readable by the user running doveadm, even
  though doveadm didn't actually use these settings
- imap-hibernate: Process may crash at deinit:
  Panic: file ioloop.c: line 928 (io_loop_destroy): assertion failed:
  (ioloop->cur_ctx == NULL).
- imap: Using imap_fetch_failure=no-after can cause assert-crash
  with some IMAP commands if reading the mail fails (e.g. wrong cached
  mail size). Fixes:
  Panic: file index-mail-headers.c: line 198 (index_mail_parse_header_init):
  assertion failed: (!mail->data.header_parser_initialized)
- imap: v2.3.10 regression: When using INDEXPVT to enable private
  \Seen flags (for shared or public namespaces) the STORE command did
  not send untagged replies for the \Seen flag changes.
- imap: v2.3.15 regression: If PREVIEW/SNIPPET is not the final FETCH
  option in the command, the IMAP FETCH response is broken.
- imap: v2.3.15 regression: MOVE command leaks mailbox if it can't be
  opened and crashes at deinit:
  Panic: file mail-user.c: line 229 (mail_user_deinit): assertion failed:
  ((*user)->refcount == 1).
- imapc: Copying nonexistent mail via imapc could have crashed. Fixes:
  Panic: file mail-storage.c: line 2385 (mailbox_transaction_commit_get_changes):
  assertion failed: (ret < 0 || seq_range_count(&changes_r->saved_uids) == save_count ||
  array_count(&changes_r->saved_uids) == 0).
- indexer: v2.3.15 regression: Process crashes if indexer-client
  disconnects while it's waiting for command reply. This happened for
  example if IMAP SEARCH triggered long fts indexing and the IMAP
  client disconnected while waiting for the reply.
- indexer: v2.3.15 regression: Process may have crashed in some situations.
- indexer: v2.3.15 regression: indexer-worker processes may not have
  reached the process_limit in some situations, possibly even using just
  one indexer-worker process even though there were many indexing
  requests queued.
- lib-compression: Reading lz4 compressed mdbox mails may crash. Fixes:
  Panic: file istream.c: line 345 (i_stream_read_memarea):
  assertion failed: (!stream->blocking).
- lib-compression: bench-compress crashes due to xz being read-only.
- lib-lua: Fix linking libdict_lua for non-GNU linkers when Lua support
  is disabled.
- lib-mail: There was no limit on how large an email header name could be.
  Processable header names are now limited to 1000 bytes.
- lib-oauth2: Dovecot disallowed JWT tokens if their validity time was
  older than token creation time (nbf < iat).
- lib-storage: Reduce memory footprint of certain storage operations.
- lib-storage: When listing mailboxes with storage name escape
  characters (^ or .) as part of the mailbox name, the listing could
  show corrupted mailbox names. Due to an issue in handling escaped
  parent folders, the listing of other mailbox names would become
  corrupted by prepending parts of the previously listed mailboxes
  parent folder as prefix to the actual mailbox names. The corruption
  can occur when using LAYOUT=INDEX and maildir or obox, or when using
  the listescape plugin.
- mail-crypt: Fix "-O" argument for "doveadm mailbox cryptokey password"
  command to be a boolean, and not expect a string.
- submission-login: Add support for not authenticating to next hop in
  submission proxying.
- submission-login: EHLO was not sent again after XCLIENT when doing
  submission proxying.
- virtual: Mailboxes do not correctly detect underlying mailboxes
  getting re-created even though they have a different UIDVALIDITY or
  GUID.

(adam)

Updated net/py-grpcio, net/py-grpcio-testing, net/py-grpcio-tools

(adam)

py-grpcio py-grpcio-testing py-grpcio-tools: updated to 1.14.1

Match devel/grpc

(adam)

Updated security/py-OpenSSL, net/py-responses

(adam)

py-responses: updated to 0.15.0

0.15.0
------

* Added `responses.PassthroughResponse` and
  `reponses.BaseResponse.passthrough`. These features make building passthrough
  responses more compatible with dynamcially generated response objects.
* Removed the unused ``_is_redirect()`` function from responses internals.
* Added `responses.matchers.request_kwargs_matcher`. This matcher allows you
  to match additional request arguments like `stream`.
* Added `responses.matchers.multipart_matcher`. This matcher allows you
  to match request body and headers for ``multipart/form-data`` data
* Added `responses.matchers.query_string_matcher`. This matcher allows you
  to match request query string, similar to `responses.matchers.query_param_matcher`.
* Added `responses.matchers.header_matcher()`. This matcher allows you to match
  request headers. By default only headers supplied to `header_matcher()` are checked.
  You can make header matching exhaustive by passing `strict_match=True` to `header_matcher()`.
* Changed all matchers output message in case of mismatch. Now message is aligned
  between Python2 and Python3 versions
* Deprecate ``stream`` argument in ``Response`` and ``CallbackResponse``
* Added Python 3.10 support

(adam)