go-module.mk: document print-go-modules

(wiz)

doc: Updated sysutils/restic to 0.16.4

(wiz)

restic: update to 0.16.4.

# Changelog for restic 0.16.4 (2024-02-04)

* Fix #4677: Downgrade zstd library to fix rare data corruption at max. compression
* Enh #4529: Add extra verification of data integrity before upload

(wiz)

go: go-modules.mk: add print-go-modules alias for show-go-modules

I always get confused between Rust and Go packages because it's
print-cargo-depends for the one but
show-go-modules for the other.

Adding an alias costs very little and makes lives easier.

(wiz)

doc: Updated security/py-yubikey-manager to 5.3.0

(wiz)

doc: Updated security/ykman to 5.3.0

(wiz)

py-yubikey, ykman: update to 5.3.0

Version 5.3.0 (released 2024-01-31)

FIDO: Add new CLI commands for PIN management and authenticator config (force-change, set-min-length, toggle-always-uv, enable-ep-attestation).
PIV: Improve handling of legacy "PUK blocked" flag.
PIV: Improve handling of malformed certificates.
PIV: Display key information in "piv info" output on supported devices.
OTP: Fix some commands incorrectly showing errors when used over NFC/CCID.
Add tab-completion for YubiKey serial numbers and NFC readers.

(wiz)

doc: Updated textproc/py-sphinx-autodoc-typehints to 2.0.0

(wiz)

py-sphinx-autodoc-typehints: update to 2.0.0.

Add option to force unions (and options) to be rendered with bars
by @hoodmane in #418 (on by default, hence major version bump)

(wiz)

doc: Updated graphics/py-glad2 to 2.0.5

(wiz)

py-glad2: update to 2.0.5.

Fix missing Vulkan video headers
Use FindPython instead of FindPythonInterp by @gaboroszkar in #429
Add --version option to command-line interface by @chloekek in #417
Remove one duplicated check for glGetString(GL_VERSION) by @z-s-e in #402
Fix extensions loading and parsing by @lephilousophe in #448
Provide CMake package by @cNoNim in #453

(wiz)

doc: Updated devel/jj to 0.14.0

(wiz)

jj: update to 0.14.0.

## [0.14.0] - 2024-02-07

### Deprecations

* `jj checkout` and `jj merge` are both deprecated; use `jj new` instead to
  replace both of these commands in all instances.

  **Rationale**: `jj checkout` and `jj merge` both implement identical
  functionality, which is a subset of `jj new`. `checkout` creates a new working
  copy commit on top of a single specified revision, i.e. with one parent.
  `merge` creates a new working copy commit on top of *at least* two specified
  revisions, i.e. with two or more parents.

  The only difference between these commands and `jj new`, which *also* creates
  a new working copy commit, is that `new` can create a working copy commit on
  top of any arbitrary number of revisions, so it can handle both the previous
  cases at once. The only actual difference between these three commands is the
  command syntax and their name. These names were chosen to be familiar to users
  of other version control systems, but we instead encourage all users to adopt
  `jj new` instead; it is more general and easier to remember than both of
  these.

  `jj checkout` and `jj merge` will no longer be shown as part of `jj help`, but
  will still function for now, emitting a warning about their deprecation.

  **Deadline**: `jj checkout` and `jj merge` will be deleted and are expected
  become a **hard error later in 2024**.

* `jj init --git` and `jj init --git-repo` are now deprecated and will be removed
  in the near future.

  Use `jj git init` instead.

### Breaking changes

* (Minor) Diff summaries (e.g. `jj diff -s`) now use `D` for "Deleted" instead
  of `R` for "Removed". @joyously pointed out that `R` could also mean
  "Renamed".

* `jj util completion` now takes the shell as a positional argument, not a flag.
  the previous behavior is deprecated, but supported for now. it will be removed
  in the future.

### New features

* `jj util completion` now supports powershell and elvish.

* Official binaries for macOS running on Apple Silicon (`aarch64-apple-darwin`)
  are now available, alongside the existing macOS x86 binaries.

* New `jj op abandon` command is added to clean up the operation history. Git
  refs and commit objects can be further compacted by `jj util gc`.

* `jj util gc` now removes unreachable operation, view, and Git objects.

* `jj branch rename` will now warn if the renamed branch has a remote branch, since
  those will have to be manually renamed outside of `jj`.

* `jj git push` gained a `--tracked` option, to push all the tracked branches.

* There's now a virtual root operation, similar to the [virtual root
  commit](docs/glossary.md#root-commit). It appears at the end of `jj op log`.

* `jj config list` gained a `--include-overridden` option to allow
  printing overridden config values.

* `jj config list` now accepts `--user` or `--repo` option to specify
  config origin.

* New `jj config path` command to print the config file path without launching
  an editor.

* `jj tag list` command prints imported git tags.

* `jj next` and `jj prev` now prompt in the event of the next/previous commit
  being ambiguous, instead of failing outright.

* `jj resolve` now displays the file being resolved.

* `jj workspace root` was aliased to `jj root`, for ease of discoverability

* `jj diff` no longer shows the contents of binary files.

* `jj git` now has an `init` command that initializes a git backed repo.

* New template function `surround(prefix, suffix, content)` is added.

### Fixed bugs

* Fixed snapshots of symlinks in `gitignore`-d directory.
  [#2878](https://github.com/martinvonz/jj/issues/2878)

* Fixed data loss in dirty working copy when checked-out branch is rebased or
  abandoned by Git.
  [#2876](https://github.com/martinvonz/jj/issues/2876)

(wiz)

doc: Updated meta-pkgs/lxqt to 1.4.0nb2

(gutteridge)

lxqt: bump for pcmanfm-qt 1.4.1

(gutteridge)

doc: Updated sysutils/pcmanfm-qt to 1.4.1

(gutteridge)

pcmanfm-qt: update to 1.4.1

pcmanfm-qt-1.4.1 / 2024-02-09
==============================
* Fixed a regression in setting wallpaper with command-line.

(gutteridge)

Mention pullup tickets #6835 and #6836

(bsiegert)

Pullup ticket #6836 - requested by taca
net/bind916: security fix

Revisions pulled up:
- net/bind916/Makefile                                          1.67-1.68
- net/bind916/distinfo                                          1.53
- net/bind916/patches/patch-lib_dns_rbtdb.c                    1.3
- net/bind916/patches/patch-lib_isc_netmgr_netmgr.c            1.3

---
  Module Name: pkgsrc
  Committed By: adam
  Date: Tue Jan 30 18:29:21 UTC 2024

  Modified Files:
  pkgsrc/audio/libilbc: Makefile
  pkgsrc/audio/termusic: Makefile
  pkgsrc/biology/plinkseq: Makefile
  pkgsrc/chat/ekg: Makefile
  pkgsrc/chat/libgadu: Makefile buildlink3.mk
  pkgsrc/databases/postgresql-postgis2: Makefile
  pkgsrc/devel/abseil: buildlink3.mk
  pkgsrc/devel/compizconfig-backend-gconf: Makefile buildlink3.mk
  pkgsrc/devel/cre2: Makefile
  pkgsrc/devel/libcompizconfig: Makefile buildlink3.mk
  pkgsrc/devel/protobuf: Makefile buildlink3.mk
  pkgsrc/devel/protobuf-c: Makefile buildlink3.mk
  pkgsrc/devel/py-compizconfig: Makefile buildlink3.mk
  pkgsrc/devel/re2: Makefile buildlink3.mk
  pkgsrc/graphics/opencv: Makefile buildlink3.mk
  pkgsrc/graphics/opencv-contrib-face: Makefile buildlink3.mk
  pkgsrc/graphics/py-Willow: Makefile
  pkgsrc/inputmethod/fcitx5-mozc: Makefile
  pkgsrc/misc/libreoffice: Makefile
  pkgsrc/net/bind916: Makefile
  pkgsrc/net/bind918: Makefile
  pkgsrc/net/dnsdist: Makefile
  pkgsrc/net/frr: Makefile
  pkgsrc/net/grpc: Makefile buildlink3.mk
  pkgsrc/net/mosh: Makefile
  pkgsrc/net/py-grpcio: Makefile
  pkgsrc/net/py-grpcio-tools: Makefile
  pkgsrc/net/qt6-qtgrpc: Makefile buildlink3.mk
  pkgsrc/net/ratman: Makefile
  pkgsrc/net/unbound: Makefile
  pkgsrc/sysutils/collectd-grpc: Makefile
  pkgsrc/sysutils/collectd-pinba: Makefile
  pkgsrc/sysutils/collectd-riemann: Makefile
  pkgsrc/sysutils/collectd-write_prometheus: Makefile
  pkgsrc/sysutils/riemann-client: Makefile
  pkgsrc/wm/ccsm: Makefile

  Log Message:
  revbump for devel/abseil

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Tue Feb 13 15:25:33 UTC 2024

  Modified Files:
  pkgsrc/net/bind916: Makefile distinfo
  pkgsrc/net/bind916/patches: patch-lib_dns_rbtdb.c
      patch-lib_isc_netmgr_netmgr.c

  Log Message:
  net/bind916: update to 9.16.48

  --- 9.16.48 released ---

  6343. [bug] Fix case insensitive setting for isc_ht hashtable.
  [GL #4568]

  --- 9.16.47 released ---

  6322. [security] Specific DNS answers could cause a denial-of-service
  condition due to DNS validation taking a long time.
  (CVE-2023-50387) [GL #4424]

  6321. [security] Change 6315 inadvertently introduced regressions that
  could cause named to crash. [GL #4234]

  --- 9.16.46 released ---

  6319. [security] Query patterns that continuously triggered cache
  database maintenance could exhaust all available memory
  on the host running named. (CVE-2023-6516) [GL #4383]

  6317. [security] Restore DNS64 state when handling a serve-stale timeout.
  (CVE-2023-5679) [GL #4334]

  6316. [security] Specific queries could trigger an assertion check with
  nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]

  6315. [security] Speed up parsing of DNS messages with many different
  names. (CVE-2023-4408) [GL #4234]

  6314. [bug] Address race conditions in dns_tsigkey_find().
  [GL #4182]

  6304. [bug] The wrong time was being used to determine what RRSIGs
  where to be generated when dnssec-policy was in use.
  [GL #4494]

  6282. [func] Deprecate AES-based DNS cookies. [GL #4421]

(bsiegert)

Pullup ticket #6835 - requested by taca
net/bind918: security fix

Revisions pulled up:
- net/bind918/Makefile                                          1.25-1.27
- net/bind918/buildlink3.mk                                    1.2
- net/bind918/distinfo                                          1.14-1.15
- net/bind918/patches/patch-lib_dns_rbtdb.c                    1.2
- net/bind918/patches/patch-lib_isc_netmgr_netmgr.c            1.2

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Fri Jan  5 01:52:20 UTC 2024

  Modified Files:
  pkgsrc/net/bind918: Makefile distinfo

  Log Message:
  net/bind918: update to 9.18.21

  9.18.21 (2023-12-20)

  6297. [bug] Improve LRU cleaning behaviour. [GL #4448]

  6296. [func] The "resolver-nonbackoff-tries" and
  "resolver-retry-interval" options are deprecated;
  a warning will be logged if they are used. [GL #4405]

  6294. [bug] BIND might sometimes crash after startup or
  re-configuration when one 'tls' entry is used multiple
  times to connect to remote servers due to initialisation
  attempts from contexts of multiple threads. That has
  been fixed. [GL #4464]

  6290. [bug] Dig +yaml will now report "no servers could be reached"
  also for UDP setup failure when no other servers or
  tries are left. [GL #1229]

  6287. [bug] Recognize escapes when reading the public key from file.
  [GL !8502]

  6286. [bug] Dig +yaml will now report "no servers could be reached"
  on TCP connection failure as well as for UDP timeouts.
  [GL #4396]

  6282. [func] Deprecate AES-based DNS cookies. [GL #4421]

---
  Module Name: pkgsrc
  Committed By: adam
  Date: Tue Jan 30 18:29:21 UTC 2024

  Modified Files:
  pkgsrc/audio/libilbc: Makefile
  pkgsrc/audio/termusic: Makefile
  pkgsrc/biology/plinkseq: Makefile
  pkgsrc/chat/ekg: Makefile
  pkgsrc/chat/libgadu: Makefile buildlink3.mk
  pkgsrc/databases/postgresql-postgis2: Makefile
  pkgsrc/devel/abseil: buildlink3.mk
  pkgsrc/devel/compizconfig-backend-gconf: Makefile buildlink3.mk
  pkgsrc/devel/cre2: Makefile
  pkgsrc/devel/libcompizconfig: Makefile buildlink3.mk
  pkgsrc/devel/protobuf: Makefile buildlink3.mk
  pkgsrc/devel/protobuf-c: Makefile buildlink3.mk
  pkgsrc/devel/py-compizconfig: Makefile buildlink3.mk
  pkgsrc/devel/re2: Makefile buildlink3.mk
  pkgsrc/graphics/opencv: Makefile buildlink3.mk
  pkgsrc/graphics/opencv-contrib-face: Makefile buildlink3.mk
  pkgsrc/graphics/py-Willow: Makefile
  pkgsrc/inputmethod/fcitx5-mozc: Makefile
  pkgsrc/misc/libreoffice: Makefile
  pkgsrc/net/bind916: Makefile
  pkgsrc/net/bind918: Makefile
  pkgsrc/net/dnsdist: Makefile
  pkgsrc/net/frr: Makefile
  pkgsrc/net/grpc: Makefile buildlink3.mk
  pkgsrc/net/mosh: Makefile
  pkgsrc/net/py-grpcio: Makefile
  pkgsrc/net/py-grpcio-tools: Makefile
  pkgsrc/net/qt6-qtgrpc: Makefile buildlink3.mk
  pkgsrc/net/ratman: Makefile
  pkgsrc/net/unbound: Makefile
  pkgsrc/sysutils/collectd-grpc: Makefile
  pkgsrc/sysutils/collectd-pinba: Makefile
  pkgsrc/sysutils/collectd-riemann: Makefile
  pkgsrc/sysutils/collectd-write_prometheus: Makefile
  pkgsrc/sysutils/riemann-client: Makefile
  pkgsrc/wm/ccsm: Makefile

  Log Message:
  revbump for devel/abseil

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Fri Jan  5 01:53:35 UTC 2024

  Modified Files:
  pkgsrc/net/bind918: buildlink3.mk

  Log Message:
  net/bind918: fix BUILDLINK_ABI_DEPENDS

  We have 9.8.21 but not yet 9.18.30nb1.

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Tue Feb 13 13:50:39 UTC 2024

  Modified Files:
  pkgsrc/net/bind918: Makefile distinfo
  pkgsrc/net/bind918/patches: patch-lib_dns_rbtdb.c
      patch-lib_isc_netmgr_netmgr.c

  Log Message:
  net/bind918: update to 9.18.24

  9.18.24 (2024-02-13)

  --- 9.18.24 released ---

  6343. [bug] Fix case insensitive setting for isc_ht hashtable.
  [GL #4568]

  --- 9.18.23 released ---

  6322. [security] Specific DNS answers could cause a denial-of-service
  condition due to DNS validation taking a long time.
  (CVE-2023-50387) [GL #4424]

  6321. [security] Change 6315 inadvertently introduced regressions that
  could cause named to crash. [GL #4234]

  6320. [bug] Under some circumstances, the DoT code in client
  mode could process more than one message at a time when
  that was not expected. That has been fixed. [GL #4487]

  --- 9.18.22 released ---

  6319. [func] Limit isc_task_send() overhead for RBTDB tree pruning.
  [GL #4383]

  6317. [security] Restore DNS64 state when handling a serve-stale timeout.
  (CVE-2023-5679) [GL #4334]

  6316. [security] Specific queries could trigger an assertion check with
  nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]

  6315. [security] Speed up parsing of DNS messages with many different
  names. (CVE-2023-4408) [GL #4234]

  6314. [bug] Address race conditions in dns_tsigkey_find().
  [GL #4182]

  6312. [bug] Conversion from NSEC3 signed to NSEC signed could
  temporarily put the zone into a state where it was
  treated as unsigned until the NSEC chain was built.
  Additionally conversion from one set of NSEC3 parameters
  to another could also temporarily put the zone into a
  state where it was treated as unsigned until the new
  NSEC3 chain was built. [GL #1794] [GL #4495]

  6310. [bug] Memory leak in zone.c:sign_zone. When named signed a
  zone it could leak dst_keys due to a misplaced
  'continue'. [GL #4488]

  6306. [func] Log more details about the cause of "not exact" errors.
  [GL #4500]

  6304. [bug] The wrong time was being used to determine what RRSIGs
  where to be generated when dnssec-policy was in use.
  [GL #4494]

  6302. [func] The "trust-anchor-telemetry" statement is no longer
  marked as experimental. This silences a relevant log
  message that was emitted even when the feature was
  explicitly disabled. [GL #4497]

  6300. [bug] Fix statistics export to use full 64 bit signed numbers
  instead of truncating values to unsigned 32 bits.
  [GL #4467]

  6299. [port] NetBSD has added 'hmac' to libc which collides with our
  use of 'hmac'. [GL #4478]

(bsiegert)

doc: Updated net/bind916 to 9.16.48

(taca)

net/bind916: update to 9.16.48

--- 9.16.48 released ---

6343. [bug] Fix case insensitive setting for isc_ht hashtable.
[GL #4568]

--- 9.16.47 released ---

6322. [security] Specific DNS answers could cause a denial-of-service
condition due to DNS validation taking a long time.
(CVE-2023-50387) [GL #4424]

6321. [security] Change 6315 inadvertently introduced regressions that
could cause named to crash. [GL #4234]

--- 9.16.46 released ---

6319. [security] Query patterns that continuously triggered cache
database maintenance could exhaust all available memory
on the host running named. (CVE-2023-6516) [GL #4383]

6317. [security] Restore DNS64 state when handling a serve-stale timeout.
(CVE-2023-5679) [GL #4334]

6316. [security] Specific queries could trigger an assertion check with
nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]

6315. [security] Speed up parsing of DNS messages with many different
names. (CVE-2023-4408) [GL #4234]

6314. [bug] Address race conditions in dns_tsigkey_find().
[GL #4182]

6304. [bug] The wrong time was being used to determine what RRSIGs
where to be generated when dnssec-policy was in use.
[GL #4494]

6282. [func] Deprecate AES-based DNS cookies. [GL #4421]

(taca)

doc/pkg-vulnerabilities: add bind916 security problems

(taca)

doc/pkg-vulnerabilities: add bind918 security problems

(taca)

Add the two new entries for unbound:

  CVE-2023-50387, DNSSEC verification complexity can be exploited to
  exhaust CPU resources and stall DNS resolvers.
and
  CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.

Nist doesn't have those yet, so use cve.mitre.org (even though
they are only "candidate CVEs" there at the time of this commit.

(he)

Note update of net/unbound to 1.19.1.

(he)

Update net/unbound to version 1.19.1.

Pkgsrc changes:
* none, other than checksums.

Upstream changes:
This security release fixes two DNSSEC validation vulnerabilities:
CVE-2023-50387 (referred here as the KeyTrap vulnerability) and
CVE-2023-50868 (referred here as the NSEC3 vulnerability).

The KeyTrap vulnerability works by using a combination of Keys
(also colliding Keys), Signatures and number of RRSETs on a malicious
zone.  Answers from that zone can force a DNSSEC validator down a
very CPU intensive and time costly validation path.

The NSEC3 vulnerability uses specially crafted responses on a
malicious zone with multiple NSEC3 RRSETs to force a DNSSEC validator
down a very CPU intensive and time costly NSEC3 hash calculation path.

Both can force Unbound to spend an enormous time (comparative to
regular traffic) validating a single specially crafted DNSSEC
response while everything else is on hold for that thread. A
trivially orchestrated attack could render all threads busy with
such responses leading to denial of service.

From version 1.19.1 on, Unbound introduces suspension on DNSSEC
response validations that seem to require more attempts than Unbound
is willing to make per response validation run. Suspension means
that Unbound will continue with other work before resuming a
suspended validation offering CPU time between validation resumptions
to other tasks. There is a backoff timer when suspending which is
further influenced by the number of suspends already used and the
amount of work currently in Unbound.

The introduced builtin limits in Unbound are:

- Max 4 DNSSEC key collissions are allowed when building chain of trust.
  More than that without a secure key treats the delegation as bogus.
- 8 validation attempts per RRSET (combination of keys + signatures).
  If more are needed and Unbound has yet to find a valid signature
  the RRSET is treated as bogus.
- More than 8 validation attempts per answer will suspend validation.
- 8 NSEC3 hash calculations are allowed before suspension. More than
  that will suspend validation.
- The limit of total suspensions is 16 after which the query will error
  out. Any completed RRSET validations populate the cache for use in
  future queries.

While under attack Unbound could show higher CPU load because of the
needed validations but the suspend strategy would guarantee the CPU is
not locked on any particular validation task.

We would like to thank Elias Heftrig, Haya Schulmann, Niklas Vogel,
and Michael Waidner from the German National Research Center for
Applied Cybersecurity ATHENE for discovering and responsibly
disclosing the KeyTrap vulnerability.

We would like to thank Petr Spacek from ISC for discovering and
responsibly disclosing the NSEC3 vulnerability.

Bug Fixes
- Fix CVE-2023-50387, DNSSEC verification complexity can be exploited to
  exhaust CPU resources and stall DNS resolvers.
- Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.

(he)

doc: Updated net/bind918 to 9.18.24

(taca)

net/bind918: update to 9.18.24

9.18.24 (2024-02-13)

--- 9.18.24 released ---

6343. [bug] Fix case insensitive setting for isc_ht hashtable.
[GL #4568]

--- 9.18.23 released ---

6322. [security] Specific DNS answers could cause a denial-of-service
condition due to DNS validation taking a long time.
(CVE-2023-50387) [GL #4424]

6321. [security] Change 6315 inadvertently introduced regressions that
could cause named to crash. [GL #4234]

6320. [bug] Under some circumstances, the DoT code in client
mode could process more than one message at a time when
that was not expected. That has been fixed. [GL #4487]

--- 9.18.22 released ---

6319. [func] Limit isc_task_send() overhead for RBTDB tree pruning.
[GL #4383]

6317. [security] Restore DNS64 state when handling a serve-stale timeout.
(CVE-2023-5679) [GL #4334]

6316. [security] Specific queries could trigger an assertion check with
nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]

6315. [security] Speed up parsing of DNS messages with many different
names. (CVE-2023-4408) [GL #4234]

6314. [bug] Address race conditions in dns_tsigkey_find().
[GL #4182]

6312. [bug] Conversion from NSEC3 signed to NSEC signed could
temporarily put the zone into a state where it was
treated as unsigned until the NSEC chain was built.
Additionally conversion from one set of NSEC3 parameters
to another could also temporarily put the zone into a
state where it was treated as unsigned until the new
NSEC3 chain was built. [GL #1794] [GL #4495]

6310. [bug] Memory leak in zone.c:sign_zone. When named signed a
zone it could leak dst_keys due to a misplaced
'continue'. [GL #4488]

6306. [func] Log more details about the cause of "not exact" errors.
[GL #4500]

6304. [bug] The wrong time was being used to determine what RRSIGs
where to be generated when dnssec-policy was in use.
[GL #4494]

6302. [func] The "trust-anchor-telemetry" statement is no longer
marked as experimental. This silences a relevant log
message that was emitted even when the feature was
explicitly disabled. [GL #4497]

6300. [bug] Fix statistics export to use full 64 bit signed numbers
instead of truncating values to unsigned 32 bits.
[GL #4467]

6299. [port] NetBSD has added 'hmac' to libc which collides with our
use of 'hmac'. [GL #4478]

(taca)

x11/alacritty: correct tag

(pin)

Updated net/py-twine, sysutils/py-puremagic

(adam)

py-puremagic: updated to 1.20

Version 1.20
------------

- Adding support for multi-part header checks (thanks to Andy)
- Fixing matches for webp (thanks to Nicolas Wicht)
- Fixing matches for epub (thanks to Alexander Walters)

(adam)

py-twine: updated to 5.0.0

Twine 5.0.0 (2024-02-10)

Bugfixes
- Use ``email.message`` instead of ``cgi`` as ``cgi`` has been deprecated

(adam)

doc: Updated sysutils/eza to 0.18.2

(pin)

sysutils/eza: update to v0.18.2

v0.18.2 (security release)
This security release fixes GHSA-3qx3-6hxr-j2ch.
Bug Fixes
- Update libgit2 to 1.7.2

v0.18.1
- Moving to rayon provided a major performance upgrade, see #823 (comment) as
  an example

v0.18.0
Features
- [breaking] Add --classify=always,auto,never

Miscellaneous Tasks
- Remove rustfmt config file that has a nightly only option in favor of
  rustfmt skip directive which is already in place
- Fix small typo in pull request template

Refactor
- Change cast to coertion, remove rustfmt skip and clippy lint ignore
  directives

Testing
- Regenerate classification related tests

(pin)

doc: Updated devel/difftastic to 0.55.0

(pin)

devel/difftastic: update to 0.55.0

0.55 (released 1st February 2024)
Parsing
- Added support for Objective-C and VHDL.
- Files starting with <?xml are now parsed as XML.
- Fixed a munmap_chunk(): invalid pointer crash on parsing some large files,
  particularly JSON.

Display
- The default display width for tabs has changed to 4.
- Fixed an issue where difftastic would sometimes output literal tabs rather
  than respecting the display width for tabs.

Build
- difftastic now requires Rust 1.65 to build.

(pin)

doc: Updated sysutils/zoxide to 0.9.3

(pin)

sysutils/zoxide: update to 0.9.3

0.9.3 - 2024-02-13
Added
- Nushell: support for v0.89.0.

(pin)

doc: Updated shells/oh-my-posh to 19.10.0

(pin)

shells/oh-my-posh: update to 19.10.0

v19.10.0
Features
- revert to go1.21.4 (50cb721)

v19.9.0
Features
- upgrade to go1.22.0 (915b37e)

Warning
This build is broken on Windows due to reasons unknown. I'm investigating the
upgrade to go1.22 which is postponed until further notice.

(pin)

Updated textproc/py-black, graphics/py-tifffile

(adam)

py-tifffile: updated to 2024.2.12

2024.2.12

- Pass 5074 tests.
- Deprecate dtype, add chunkdtype parameter in FileSequence.asarray.
- Add imreadargs parameters passed to FileSequence.imread.

(adam)

py-black: updated to 24.2.0

24.2.0

Stable style

- Fixed a bug where comments where mistakenly removed along with redundant parentheses

Preview style

- Move the `hug_parens_with_braces_and_square_brackets` feature to the unstable style
due to an outstanding crash and proposed formatting tweaks
- Fixed a bug where base expressions caused inconsistent formatting of \*\* in tenary
expression
- Checking for newline before adding one on docstring that is almost at the line limit

- Remove redundant parentheses in `case` statement `if` guards

Configuration

- Fix issue where _Black_ would ignore input files in the presence of symlinks
- _Black_ now ignores `pyproject.toml` that is missing a `tool.black` section when
discovering project root and configuration. Since _Black_ continues to use version
control as an indicator of project root, this is expected to primarily change behavior
for users in a monorepo setup (desirably). If you wish to preserve previous behavior,
simply add an empty `[tool.black]` to the previously discovered `pyproject.toml`

Output

- Black will swallow any `SyntaxWarning`s or `DeprecationWarning`s produced by the `ast`
module when performing equivalence checks

Integrations

- Add a JSONSchema and provide a validate-pyproject entry-point

(adam)

Remove leftover patches.

(hans)

doc: Updated meta-pkgs/courier to 1.3.5

(hans)

Update meta-pkg/courier

(hans)

doc: Updated mail/sqwebmail to 6.2.5

(hans)

Update SqWebmail to 6.2.5

Changes since 5.5.3: Too many to list here (5.5.3 was released in 2011).
The full changelog can be found here:
https://sourceforge.net/p/courier/courier-libs.git/ci/b7f06ca767a6f7c03a9d24e49f659c3a23238c7a/tree/sqwebmail/ChangeLog

Note that the Maildir unicode format has changed in the 6.0 release. See
mail/courier-maildir/MESSAGE.UTF8 for details.

(hans)

doc: Updated mail/courier-imap to 5.2.6

(hans)

Update Courier-IMAP to 5.2.6

Changes since 4.10.0: Too many to list here (4.10.0 was released in 2011).
The full changelog can be found here:
https://sourceforge.net/p/courier/courier-libs.git/ci/b7f06ca767a6f7c03a9d24e49f659c3a23238c7a/tree/imap/ChangeLog

Note that the Maildir unicode format has changed in the 5.0 release. See
mail/courier-maildir/MESSAGE.UTF8 for details.

(hans)

doc: Updated mail/maildrop to 3.1.6

(hans)

Update maildrop to 3.1.6

Deliver makedat and makedatprog directly in ${PREFIX}/bin to avoid conflicts with courier-imap.

Changes since 3.0.0:
* maildrop: fix compilation error.
* Fix spurious gcc 13 compiler warnings.
* Updated Dovecode authentication fix.
* Fix build with Dovecot authentication turned on.
* Update to C++11, replacing internal classes with modern C++ library classes.
* Fix the -V command line option to also explicitly set VERBOSE, fix assorted -V logging bugs.
* all: update configure.ac to require at least version 2.0.5 of libidn
* maildrop: remove unsafe SIGALRM handler.

(hans)

doc: Updated mail/courier-mta, mail/courier-maildir, and net/couriertcpd to 1.3.3

(hans)

Update Courier-MTA to 1.3.5

This updates the following packages that are all built from the same
source:
mail/courier-mta
mail/courier-maildir
net/couriertcpd

Changes since 0.68.1: Too many to list here (0.68.1 was released in 2012).
The full changelog can be found here:
https://sourceforge.net/p/courier/courier.git/ci/713d051033c8d94b594b6bc61f0652b0951af752/tree/courier/ChangeLog

Note that the Maildir unicode format has changed in the 1.0 release. See
mail/courier-maildir/MESSAGE.UTF8 for details.

(hans)

Added www/py-jupyterlab-widgets; Updated www/py-ipywidgets, www/py-nbconvert, www/py-notebook

(adam)

py-notebook: updated to 7.0.8

7.0.8

Maintenance and upkeep improvements

- Add upper bound on `jupyterlab<4.1`
- Fix `check_links` on CI

Documentation improvements

- Add documentation for updating `notebook` imports
- Fix link in `CONTRIBUTING.md`

(adam)

py-nbconvert: updated to 7.16.0

7.16.0

Enhancements made

- Add a toggle to skip the svg encoding of images

7.15.0

Enhancements made

- Support configurable width and height of reveal presentations

Maintenance and upkeep improvements

- chore: update pre-commit hooks
- handle xhtml void elements in mermaid diagrams

(adam)

py-ipywidgets: updated to 8.1.2

Release 8.1.1

Bug fixed

Raise error when copy method is used on base widget class
Reverts 3689 and 3738 back to the original working codebase

Docs

Update to JupyterLite 0.1.0

(adam)

py-jupyterlab-widgets: added version 3.0.10

A JupyterLab 3.0 extension for Jupyter/IPython widgets.

(adam)

doc: Updated security/courier-authlib to 0.72.1

(hans)

Update courier-authlib to 0.72.1

Changes since 0.72.0:
* Use strncmp instead of memcmp.
* Various fixes for calls to getgrnam_r/getpwnam_r

(hans)

doc: Updated mail/courier-unicode to 2.3.0

(hans)

Update courier-unicode to 2.3.0

Changes since 2.1:
* Unicode 15 update. Added unicode_derived_<name>() lookup for derived core properties. Added unicode_general_category_lookup() for general category lookups. Fix GB11 rule.
* configure.ac: gcc 12, autotool updates.
* Fix compilation error on CentOS 7.
* unicode_bidi.c: Implement unicode_bidi_combining(). Implement canonical and compatibility decomposition and canonical composition.
* unicode_bidi.c (unicode_bidi_needs_embed): Make its return code what its documentation says its return code is.
* Implement unicode_bidi_needs_embed(), unicode_bidi_cleaned_size(), unicode::bidi_override, unicode_bidi_calc and unicode_bidi_calc_levels return a unicode_bidi_direction object, to indicate whether the computer paragraph embedding level was explicitly computed or defaulted.
* courier-unicode-version.m4: split version checking macro into its own m4 file.
* unicode::bidi_calc - an empty string with an explicit embedding level should return the requested embedding level.
* unicode::iconvert::convert, fix uninitialized variable.
* Implement bidirectional algorithm, canonical or equivalent character mappings.
* Unicode 13 update. Adds lookup of EastAsianWidth property, emoji property lookup, adds an alternative sequence-based grapheme API that handles multi-character emoji rules.
* Add bidi property lookups.
* Makefile.am: Regenerate docs due to broken man page links.
* unicodebuf.c (unicode_buf_remove): Bug fix.

(hans)

doc: Updated mail/courier-analog to 0.22

(hans)

Update mail/courier-analog to 0.22

Changes since 0.16:
* Switch to libidn2.
* configure.ac: autotools update
* Add --journal option, to read from journalctl.
* Warning fixes.
* courier-analog.in: Fix inadvertent creation of empty directories in root, if --html is not specified.

(hans)

doc: Updated graphics/ruby-RMagick to 5.4.2

(taca)

graphics/ruby-RMagick: update to 5.4.2

5.4.2 (2024-02-11)

Improvements

* Check C++ compiler exists (#1453)

(taca)

doc: Updated devel/ruby-pairing_heap to 3.1.0

(taca)

devel/ruby-pairing_heap: update to 3.1.0

3.1.0 (2024-02-12)

* Implement merge operation for SimplePairingHeap

(taca)

doc: Updated lang/rakudo to 2024.01

(mef)

(lang/rakudo) Updated 2023.11 to 2024.01

See:
https://rakudo.org/post/announce-rakudo-release-2024.01

Rakudo compiler, Release #168 (2024.01)

2024-01-16

On behalf of the Rakudo development team, I窶冦 very happy to announce
the January 2024 release of Rakudo #168. Rakudo is an implementation
of the Raku1 language.

The source tarball for this release is available from
https://rakudo.org/files/rakudo. Pre-compiled archives will be
available shortly.

New in 2024.01:

    Improvements:
        Make dd show types better [57bda882]

        Make use of native unsigned integers better performant [c0340fc7]

        Add dispatchers for handling unassigned elements in hashes and
        arrays resulting in better performance in some specific idioms
        [0e2e20a4] [fa4cc823][1ef51856][70d53fb6][79728078]

    Additions:

        New nqp::syscall/register/delegate/track/guard ops as
        shortcuts to otherwise very verbose nqp::dispatch arguments
        [a3645497][2d8839e1]

        Document dispatchers [9b179a55][690c6c01][93f2a8aa][bafa5ad4]
        [f0673003][2aa796fd][ac5c89bb][6ba5ee53][1721f00b][5394496a][5dd90860]
        [e0952486][9a07a6c8][87bcbe6a][b356bbfd][f651e9d6][2e9c0cc1][26ab5c21]
        [4dc737c3][62a67452][93c31ce9][e002a7a8][7456e6dc][b94e98fc][6819b9de]
        [bb384c41][fd5e4da6][f2b09f7e][6f75ed00][808885d7][fc670bb8][8bf824a5]
        [2cfa0768][d6d7d154][45b1025a][6b6548d8][d327d14a][120a06c7][95770d31]
        [f13ba1d0][12db03a5][11734d4f]

    Fixes:
        Handle .extension("foo") on IOs without extension as if :parts(0) is specified [8cda0bc6]

    Deprecations:
        Deprecate many Distribution::Resource methods [c83eccfa][cd231798][4d797bbb] [7ac9aeab]
        Deprecate the use of PERL6LIB [47fdc20d]

    Internal:
        Show :auth:ver:api of module loaded (for RAKUDO_MODULE_DEBUG) [91a062d2] [fcf22b4f]
        Prevent possible recursion in archetypes dispatcher [6b61de2c]
        Move backend tests from runtime to system build time [69b8a24a]
        Use new nqp::syscall/register/delegate ops [becb682e]
        nqp::syscall is Moar specific, so protect it [b8aaffd6]
        Use new nqp::track / nqp::guard ops [13439539]
        Ensure that nqp::track/guard also have their args unboxed [5d377a12]
        Use nqp::track/guard in NativeCall dispatchers [6008a00e]

        Document and/or streamline dispatchers and related
        [9b179a55][690c6c01]
        [93f2a8aa][bafa5ad4][f0673003][2aa796fd][ac5c89bb][6ba5ee53][1721f00b]
        [5394496a][5dd90860][e0952486][9a07a6c8][87bcbe6a][0e2e20a4][b356bbfd]
        [fa4cc823][1ef51856][70d53fb6][79728078][f651e9d6][2e9c0cc1][26ab5c21]
        [4dc737c3][62a67452][93c31ce9][e002a7a8][7456e6dc][b94e98fc][6819b9de]
        [bb384c41][fd5e4da6][f2b09f7e][6f75ed00][808885d7][fc670bb8][8bf824a5]
        [2cfa0768][d6d7d154][45b1025a][6b6548d8][d327d14a][120a06c7][95770d31]
        [f13ba1d0][12db03a5][11734d4f]

    RakuAST Development:

        some work was done on RakuAST development, but the number of
        passing spectest files did not increase this round.

        [1ecff5c5][3b9de763][35484381][54ee127b][5268106d][000ac084][94e58e05]
        [3c7057c0][c389de26][e1fef673][4bfde24c][91c157d2][3f6fff74][bef0a9bf]
        [3c1ad110][4b6f77f4][f5e9b2dc][bdfea0b0][d992bf6a][7ea760a0]

(mef)

Updated math/py-numexpr, devel/py-line_profiler

(adam)

py-line_profiler: updated to 4.1.2

4.1.2
~~~~
* ENH: Add support for Python 3.12
* ENH: Add osx universal2 and arm64 wheels
* ENH: Fix issue with integer overflow on 32 bit systems

4.1.1
~~~~
* FIX: ``get_stats`` is no longer slowed down when profiling many code sections

4.1.0
~~~~
* FIX: skipzeros now checks for zero hits instead of zero time
* FIX: Fixed errors in Python 3.11 with duplicate functions.
* FIX: ``show_text`` now increases column sizes or switches to scientific notation to maintain alignment
* ENH: ``show_text`` now has new options: sort and summarize
* ENH: Added new CLI arguments ``-srm`` to ``line_profiler`` to control sorting, rich printing, and summary printing.
* ENH: New global ``profile`` function that can be enabled by ``--profile`` or ``LINE_PROFILE=1``.
* ENH: New auto-profile feature in ``kernprof`` that will profile all functions in specified modules.
* ENH: Kernprof now outputs instructions on how to view results.
* ENH: Added readthedocs integration: https://kernprof.readthedocs.io/en/latest/index.html

4.0.3
~~~~
* FIX: Stop requiring bleeding-edge Cython unless necesasry (for Python 3.12).

4.0.2
~~~~~
* FIX: AttributeError on certain methods.

4.0.1
~~~~~
* FIX: Profiling classmethods works again.

4.0.0
~~~~~
* ENH: Python 3.11 is now supported.
* ENH: Profiling overhead is now drastically smaller, thanks to reimplementing almost all of the tracing callback in C++. You can expect to see reductions of between 0.3 and 1 microseconds per line hit, resulting in a speedup of up to 4x for codebases with many lines of Python that only do a little work per line.
* ENH: Added the ``-i <# of seconds>`` option to the ``kernprof`` script. This uses the threading module to output profiling data to the output file every n seconds, and is useful for long-running tasks that shouldn't be stopped in the middle of processing.
* CHANGE: Cython's native cythonize function is now used to compile the project, instead of scikit-build's convoluted process.
* CHANGE: Due to optimizations done while reimplementing the callback in C++, the profiler's code_map and last_time attributes now are indexed by a hash of the code block's bytecode and its line number. Any code that directly reads (and processes) or edits the code_map and/or last_time attributes will likely break.

(adam)

(lang/nqp) Add  two componet on PLIST, update buildlink3.mk

lang/rakudo wants two componet on @INC path from this package

(mef)

py-numexpr: updated to 2.9.0

Changes from 2.8.8 to 2.9.0
---------------------------
* Support for PyPy. The full test suite
  should pass now, at least for the 3.10 version.
* Fixed more sanitizer issues.
* Modernized the test suite to avoid some warnings.

(adam)

Added devel/py-jaraco.test; Updated textproc/py-cssutils

(adam)

py-cssutils: updated to 2.9.0

v2.9.0
Features
- Made URL fetcher lenient to missing metadata.

v2.8.0
Features
- Require Python 3.8 or later.

Bugfixes
- Made some unreachable tests reachable.

v2.7.1
Refactored to restore docs builds without warning-errors.

v2.7.0
Updated deprecated usage of ``cgi`` module.
Updated deprecated setup/teardown from ``nose`` in tests.
Other miscellaneous cleanup and packaging updates.

v2.6.0
Added support for custom CSS variables with ``--`` prefix.

v2.5.1
Some refactoring.

v2.5.0
Substantial code refresh. Ported tests to native pytest.
Enrolled project with Tidelift.

(adam)

py-jaraco.test: added version 5.3.0

This package provides functions and fixtures for facilitating tests.

(adam)

doc: Updated editors/tp-note to 1.23.5

(pin)

editors/tp-note: update to 1.23.5

Minor breaking change: format string syntax

See chapter: 6.2.3. Local links with format strings
https://blog.getreu.net/projects/tp-note/tpnote--manpage.html#links-to-resources-and-other-documents

Format strings

(pin)

doc: Updated misc/rust-kanban to 0.9.2

(pin)

misc/rust-kanban: update to 0.9.2

- free performance improvement with dependency bump

(pin)

Updated devel/py-zope.configuration, www/py-flask-frozen

(adam)

py-flask-frozen: updated to 1.0.2

v1.0.2
Use a syntax closer to .gitignore to ignore paths in walk_directory.

(adam)

py-zope.configuration: updated to 5.0.1

5.0.1 (2024-02-12)
- Fix tests when running from a distribution.

(adam)

Updated graphics/py-imageio, fonts/py-fonttools

(adam)

py-fonttools: updated to 4.48.1

4.48.1 (released 2024-02-06)
----------------------------

- Fixed uploading wheels to PyPI, no code changes since v4.48.0.

4.48.0 (released 2024-02-06)
----------------------------

- [varLib] Do not log when there are no OTL tables to be merged.
- [setup.py] Do not restrict lxml<5 any more, tests pass just fine with lxml>=5.
- [feaLib] Remove glyph and class names length restrictions in FEA
- [roundingPens] Added ``transformRoundFunc`` parameter to the rounding pens to allow
  for custom rounding of the components' transforms
- [feaLib] Keep declaration order of ligature components within a ligature set, instead
  of sorting by glyph name
- [feaLib] Fixed ordering of alternates in ``aalt`` lookups, following the declaration
  order of feature references within the ``aalt`` feature block
- [varLib.instancer] Fixed a bug in the instancer's IUP optimization
- [sbix] Support sbix glyphs with new graphicType "flip"
- [svgPathPen] Added ``--glyphs`` option to dump the SVG paths for the named glyphs
  in the font (0572f78).
- [designspaceLib] Added "description" attribute to ``<mappings>`` and ``<mapping>``
  elements, and allow multiple ``<mappings>`` elements to group ``<mapping>`` elements
  that are logically related
- [otlLib] Correctly choose the most compact GSUB contextual lookup format

(adam)

py-imageio: updated to 2.34.0

v2.34.0 (2024-02-12)

Feature

Forward constructor kwargs to PyAV

(adam)

comms/hylafax: Drop MESSAGE

It:
  - gives wrong advice about rc.local, when there is an rc.d file
  - is redundant with upstream docs, which are extensive
and thus does not contain anything that belongs iN MESSAGE.

(gdt)