doc: Updated devel/libntlm to 1.6

(wiz)

libntlm: update to 1.6.

* Version 1.6 (released 2020-04-19)

** Fix buffer overflow in buildSmbNtlmAuth* function.  CVE-2019-17455.
Reported by Kirin in <https://gitlab.com/jas/libntlm/-/issues/2> and
patch provided by Cedric Buissart.  See newly introduced regression
check test_CVE-2019-17455.c for test of a vulnerable library.

** API and ABI modifications.
No changes since last version.

(wiz)

doc/TODO: add some

+ ImageMagick-7.0.10.16, catch2-2.12.2, dbus-1.12.18,
  grafana-7.0.2, libgit2-1.0.1, pari-2.11.4, protobuf-3.12.3,
  py-google-api-python-client-1.9.1, py-google-auth-1.16.1,
  py-lazy-object-proxy-1.5.0, py-mercurial-5.4.1, py-setuptools_scm-4.1.2.

(wiz)

doc: Update mail/roundcube packages to 1.4.6

mail/roundcube
mail/roundcube-plugin-enigma
mail/roundcube-plugin-password
mail/roundcube-plugin-zipdownload

(taca)

mail/roundcube: update to 1.14.6

Update roundcube to 1.14.6.

RELEASE 1.4.6
-------------
- Installer: Fix regression in SMTP test section (#7417)

(taca)

It looks like "checksum" is optional, and "source" isn't for
"external" packages, so use the latter.

(he)

php-nextcloud: Clarify update version rule

Be more explicit and give examples.  (This rule is a workaroudn for
an upstream decision, and would not be expected.)  Based on discussion
on pkgsrc-changes with ryoon@.

(gdt)

doc: Updated devel/fossil to 2.11.1

(js)

py-pip: Add pip[23] as alternatives

pip2 and pip3 are widely used aliases which make sure the specific
major version is used.

Patch from Bartosz Kosiorek via <https://github.com/NetBSD/pkgsrc/pull/64>.

Closes NetBSD/pkgsrc#64

PKGREVISION++

(leot)

doc: Updated security/gnutls to 3.6.14

(leot)

gnutls: Update to 3.6.14

Changes:
3.6.14
------
* libgnutls: Fixed insecure session ticket key construction, since 3.6.4.
  The TLS server would not bind the session ticket encryption key with a
  value supplied by the application until the initial key rotation, allowing
  attacker to bypass authentication in TLS 1.3 and recover previous
  conversations in TLS 1.2 (#1011).
  [GNUTLS-SA-2020-06-03, CVSS: high]

* libgnutls: Fixed handling of certificate chain with cross-signed
  intermediate CA certificates (#1008).

* libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997).

* libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName
  (2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority
  Key Identifier (AKI) properly (#989, #991).

* certtool: PKCS #7 attributes are now printed with symbolic names (!1246).

* libgnutls: Added several improvements on Windows Vista and later releases
  (!1257, !1254, !1256). Most notably the system random number generator now
  uses Windows BCrypt* API if available (!1255).

* libgnutls: Use accelerated AES-XTS implementation if possible (!1244).
  Also both accelerated and non-accelerated implementations check key block
  according to FIPS-140-2 IG A.9 (!1233).

* libgnutls: Added support for AES-SIV ciphers (#463).

* libgnutls: Added support for 192-bit AES-GCM cipher (!1267).

* libgnutls: No longer use internal symbols exported from Nettle (!1235)

* API and ABI modifications:
    GNUTLS_CIPHER_AES_128_SIV: Added
    GNUTLS_CIPHER_AES_256_SIV: Added
    GNUTLS_CIPHER_AES_192_GCM: Added
    gnutls_pkcs7_print_signature_info: Added

(leot)

sysutils/xentools48: fix SUBST blocks

The additional 1s,/usr/bin/env is necessary for parserom.pl, which
differs from the other Perl files in that directory.

The pathsvar block is a no-op since tools/Makefile does not contain
"/var" anymore and the other file has been converted to GNU autoconf for
replacing the placeholders.

(rillig)

Pullup tickets up to #6227

(bsiegert)

Pullup ticket #6227 - requested by otis
net/powerdns: bugfixes

Revisions pulled up:
- net/powerdns/Makefile                                        1.55
- net/powerdns/Makefile.common                                  1.29
- net/powerdns/distinfo                                        1.40
- net/powerdns/patches/patch-pdns_iputils.hh                    deleted

---
  Module Name:    pkgsrc
  Committed By:  otis
  Date:          Sun Jun  7 18:55:13 UTC 2020

  Modified Files:
          pkgsrc/net/powerdns: Makefile Makefile.common distinfo
  Removed Files:
          pkgsrc/net/powerdns/patches: patch-pdns_iputils.hh

  Log Message:
  net/powerdns: Update to 4.2.2

  Changes since 4.2.1:

  * Released:
    - 9th of April 2020

  * New Features:
    - api: add includerings option to statistics endpoint

  * Improvements:
    - cache: strictly enforce maximum size, and improve cleanup routine

  * Bug Fixes:
    - fix records ending up in wrong packet section

    - avoid IXFR-in corruption when deltas come in close together.
      Please see the IXFR-in corruption upgrade notes

    - fix out-of-bound access for zero length "serialized" string when
      using lmdbbackend.

    - bind backend: pthread_mutex_t should be inited and destroyed and not be copied

  * Reference:
    - https://doc.powerdns.com/authoritative/changelog/4.2.html#change-4.2.2

(bsiegert)

doc: Updated print/foliate to 2.2.1

(fox)

print/foliate: Updates to 2.2.1

Changes since 2.2.0:

Changes:

  * Fixed blurry book covers on HiDPI
  * Fixed OPDS links to Standard Ebooks and Project Gutenberg
  * Fixed wrong view icon on startup

(fox)

Pullup ticket #6224 - requested by taca
www/ruby-em-http-request: security fix

Revisions pulled up:
- www/ruby-em-http-request/Makefile                            1.5
- www/ruby-em-http-request/PLIST                                1.5
- www/ruby-em-http-request/distinfo                            1.6

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Tue Jun  2 13:46:43 UTC 2020

  Modified Files:
  pkgsrc/www/ruby-em-http-request: Makefile PLIST distinfo

  Log Message:
  www/ruby-em-http-request: update to 1.1.6

  Update ruby-em-http-request to 1.1.6.

  1.1.6 (2020-06-02)

  - Merge TLS verification patch from Faraday (CVE-2020-13482)
  - IPv6 literal support

(bsiegert)

php-baikal: update HOMEPAGE.

(wiz)

Pullup ticket #6223 - requested by taca
www/ruby-puma: security fix

Revisions pulled up:
- www/ruby-puma/Makefile                                        1.23
- www/ruby-puma/distinfo                                        1.18

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sun May 24 13:47:49 UTC 2020

  Modified Files:
  pkgsrc/www/ruby-puma: Makefile distinfo

  Log Message:
  www/ruby-puma: update to 4.3.5

  Update ruby-puma to 4.3.5.

  4.3.4/4.3.5 and 3.12.5/3.12.6 / 2020-05-22

  Each patchlevel release contains a separate security fix. We recommend
  simply upgrading to 4.3.5/3.12.6.

  * Security

    Fix: Fixed two separate HTTP smuggling vulnerabilities that used the
    Transfer-Encoding header. CVE-2020-11076 and CVE-2020-11077.

(bsiegert)

doc: Updated www/zola to 0.11.0

(nikita)

zola: Update to version 0.11.0

Changelog taken from https://github.com/getzola/zola/releases/tag/v0.11.0:
  - Merge pull request #976 from getzola/next
  - Prepare for release
  - Fix panic in load_data(url=%s) (#1036)
  - Update deps
  - Update Cargo.lock (#1034)
  - Make path to config.toml independent from root dir (#1023) [ #1022 ]
  - Update changelog
  - Change get_url(cachebust=true) to use a hash (#1032) [ #519 ]
  - Consistent path for defult index section [ #995 ]
  - Wrap highlight code blocks with (#1026)
  - Use {{ page.permalink | safe }} in tutorial (#1024) [ #129 ]
  - Update syntect, using rust-onig with bindgen temporarily
  - Update syntaxes and syntect
  - Access heading level in anchor-link.html (#1008)
  - Remove implicit dependency on openssl-sys (#1001) (#1005)
  - Fix path of generated page (#1011)
  - Typos (#1010)
  - Fix tests + rustfmt
  - Rewrite link_checker to use a Result internally (#928)
  - Theme docs: actually edit the config (#996)
  - Some tweaks
  - Update pinned version in CI
  - Merge pull request #994 from chris-morgan/misc
  - Update themes
  - Fix tests
  - Add lang, taxonomy and term to feed template
  - WIP: add an 'updated' field to pages
  - Make config.description optional in atom.xml
  - Rename last_build_date to latest_date
  - Support and default to generating Atom feeds
  - Normalise built-in templates
  - Make live reload work with missing </body>
  - Fix documentation of TaxonomyConfig fields
  - Fix a broken Markdown link in the docs
  - Fix obsolete slugify_paths documentation
  - chmod -x a couple of files that needed it
  - Fix sass documentation error in example path name (#991)
  - Add an optionnal lang parameter to get_url (#982)
  - Ensure lang is always set on default sections
  - Mention how to get config variables in templates
  - Update docs on markdown filter [ #989 ]
  - Update deps + fix some misleading doc
  - Preserve timestamps when copying files (#974) (#983)
  - Merge pull request #981 from GaaH/fail-if-lang-set-twice
  - Fail if a language is set both in config.default_languages and config.languages
  - Pass lang to taxonomy list template [ #963 ]
  - Fix link checker not checking for capital id/name [ #948 ]
  - 0.10.2

(nikita)

Provide a new show-cargo-depends script which works with the coming
version of www/zola where the Cargo.lock file has no [metadata] section.

(he)

Updated devel/py-astroid, devel/py-pylint

(adam)

py-pylint: updated to 2.5.3

What's New in Pylint 2.5.3?
* Fix a regression where disable comments that have checker names with numbers in them are not parsed correctly
* `property-with-parameters` properly handles abstract properties
* `continue-in-finally` no longer emitted on Python 3.8 where it's now valid
* Fix a regression where messages with dash are not fully parsed
* Fix a regression where the score was not reported with multiple jobs
* In a TOML configuration file, it's now possible to use rich (non-string) types, such as list, integer or boolean instead of strings. For example, one can now define a *list* of message identifiers to enable like this::

    enable = [
        "use-symbolic-message-instead",
        "useless-suppression",
    ]
* Protect against `AttributeError` when checking `cell-var-from-loop`

(adam)

py-astroid: updated to 2.4.2

What's New in astroid 2.4.2?
* `FunctionDef.is_generator` properly handles `yield` nodes in `While` tests
* Properly construct the arguments of infered property descriptors

(adam)

Updated security/py-acme, security/py-certbot*

(adam)

py-acme py-certbot: updated to 1.5.0

Certbot 1.5.0

Added
Require explicit confirmation of snap plugin permissions before connecting.

Changed
Improved error message in apache installer when mod_ssl is not available.

Fixed
Add support for OCSP responses which use a public key hash ResponderID, fixing
interoperability with Sectigo CAs.
Fix TLS-ALPN test that fails when run with newer versions of OpenSSL.
More details about these changes can be found on our GitHub repo.

(adam)

Note update of security/opendnssec to 1.4.14nb4.

(he)

Add an m4 + configure patch so that -lcrypto is searched for
EVP_sha1 and EVP_sha256.  Without this, opendnssec would build
but would not recognize any of those algorithms for tsig, and
therefore be pretty useless.  I'll admit that I'm not entirely
certain why this is now suddenly required; those functions are
in the same library in 9.0 as in 8.0.

Bump PKGREVISION.

(he)

doc: Updated security/p5-GnuPG-Interface to 1.00

(wiz)

p5-GnuPG-Interface: update to 1.00.

1.0 - 2020-05-13
- Limit support to GnuPG 2.2+ and 1.4
- Additional information from keys when using GnuPG 2.2 or higher
- Add support for use of agent/pinentry
- Updated options to add ignore_mdc_error and logging
- Improvements to tests
- Update pubkey_data documentation
- Special thanks to dkg on Github for a large PR with updates for GnuPG 2
- Thanks also to ntyni on Github for a pointer to test updates also dealing
  with version changes

(wiz)

doc: Updated devel/p5-MooX-late to 0.100nb1

(wiz)

p5-MooX-late: update to 0.100nb1.

p5-Sub-HandlesVia is a runtime dependency.

(wiz)

Updated devel/py-ZopeComponent, devel/py-ZopeTestrunner

(adam)

py-ZopeTestrunner: updated to 5.1

5.1:
- Recover more gracefully when layer setUp or tearDown fails, producing
  useful subunit output.
- Prevent a spurious warning from the ``--require-unique`` option if the
  ``--module`` option was not used.
- Add optional buffering of standard output and standard error during tests,
  requested via the ``--buffer`` option or enabled by default for subunit.
- Fix incorrect failure counts in per-layer summary output, broken in 4.0.1.

5.0:
- Fix test failures and deprecation warnings occurring when using Python 3.8a1.
- Drop support for Python 3.4.

(adam)

py-ZopeComponent: updated to 4.6.1

4.6.1:
Ensure the resolution order of BaseGlobalComponents is consistent.

4.6.0:
Add support for Python 3.8.
Drop support for Python 3.4.
Fix tests on Python 2 following changes in ZODB 5.5.0.

(adam)

HElib: add upstream bug report URL

(wiz)

doc: Updated security/HElib to 1.0.1

(wiz)

HElib: update to 1.0.1.

Use github tarball instead of snapshot.
Fix HOMEPAGE

7 years of changes; I didn't find a concise changelog.

(wiz)

doc: Updated math/ntl to 11.4.3

(wiz)

ntl: update to 11.4.3.

7 years of changes. For details see
https://www.shoup.net/ntl/doc/tour-changes.html

Remove libtool patch. This is too big to be maintained in
pkgsrc and should be upstreamed if deemed interesting enough.

Bump API requirements in bl3.mk because of this change, and
also because HElib (the only consumer of this library in pkgsrc)
needs the new version anyway and will be updated next.

(wiz)

Updated devel/py-ZopeSchema, devel/py-ZopeI18NMessageid, devel/py-ZopeConfiguration

(adam)

py-ZopeConfiguration: updated to 4.4.0

4.4.0:
Ensure a consistent interface resolution order for all objects.
Drop support for Python 3.4.
Add support for Python 3.8.

(adam)

py-ZopeI18NMessageid: updated to 5.0.1

5.0.1:
Remove deprecated use of setuptools features.

5.0.0:
Drop support for Python 3.4.
Add support for Python 3.8.

(adam)

py-ZopeSchema: updated to 6.0.0

6.0.0:
Require zope.interface 5.0.
Ensure the resolution orders of all fields are consistent and make sense. In particular, Bool fields now correctly implement IBool before IFromUnicode.
Add support for Python 3.8.
Drop support for Python 3.4.

5.0.1:
Fix: add Text.unicode_normalization = 'NFC' as default, because some are persisting schema fields. Setting that attribute only in __init__ breaks loading old objects.

5.0:
Set IDecimal attributes min, max and default as Decimal type instead of Number.
Enable unicode normalization for Text fields. The default is NFC normalization. Valid forms are ���NFC���, ���NFKC���, ���NFD���, and ���NFKD���. To disable normalization, set unicode_normalization to False or None when calling __init__ of the Text field.

(adam)

Updated devel/py-zope.hookable, devel/py-ZopeInterface

(adam)

py-ZopeInterface: updated to 5.1.0

5.1.0:

- Make ``@implementer(*iface)`` and ``classImplements(cls, *iface)``
  ignore redundant interfaces. If the class already implements an
  interface through inheritance, it is no longer redeclared
  specifically for *cls*. This solves many instances of inconsistent
  resolution orders, while still allowing the interface to be declared
  for readability and maintenance purposes.

- Remove all bare ``except:`` statements. Previously, when accessing
  special attributes such as ``__provides__``, ``__providedBy__``,
  ``__class__`` and ``__conform__``, this package wrapped such access
  in a bare ``except:`` statement, meaning that many errors could pass
  silently; typically this would result in a fallback path being taken
  and sometimes (like with ``providedBy()``) the result would be
  non-sensical. This is especially true when those attributes are
  implemented with descriptors. Now, only ``AttributeError`` is
  caught. This makes errors more obvious.

  Obviously, this means that some exceptions will be propagated
  differently than before. In particular, ``RuntimeError`` raised by
  Acquisition in the case of circular containment will now be
  propagated. Previously, when adapting such a broken object, a
  ``TypeError`` would be the common result, but now it will be a more
  informative ``RuntimeError``.

  In addition, ZODB errors like ``POSKeyError`` could now be
  propagated where previously they would ignored by this package.

- Require that the second argument (*bases*) to ``InterfaceClass`` is
  a tuple. This only matters when directly using ``InterfaceClass`` to
  create new interfaces dynamically. Previously, an individual
  interface was allowed, but did not work correctly. Now it is
  consistent with ``type`` and requires a tuple.

- Let interfaces define custom ``__adapt__`` methods. This implements
  the other side of the :pep:`246` adaptation protocol: objects being
  adapted could already implement ``__conform__`` if they know about
  the interface, and now interfaces can implement ``__adapt__`` if
  they know about particular objects. There is no performance penalty
  for interfaces that do not supply custom ``__adapt__`` methods.

  This includes the ability to add new methods, or override existing
  interface methods using the new ``@interfacemethod`` decorator.

- Make the internal singleton object returned by APIs like
  ``implementedBy`` and ``directlyProvidedBy`` for objects that
  implement or provide no interfaces more immutable. Previously an
  internal cache could be mutated.

5.0.2:

- Ensure that objects that implement no interfaces (such as direct
  subclasses of ``object``) still include ``Interface`` itself in
  their ``__iro___`` and ``__sro___``. This fixes adapter registry
  lookups for such objects when the adapter is registered for
  ``Interface``.

5.0.1:

- Ensure the resolution order for ``InterfaceClass`` is consistent.

- Ensure the resolution order for ``collections.OrderedDict`` is
  consistent on CPython 2. (It was already consistent on Python 3 and PyPy).

- Fix the handling of the ``ZOPE_INTERFACE_STRICT_IRO`` environment
  variable. Previously, ``ZOPE_INTERFACE_STRICT_RO`` was read, in
  contrast with the documentation.

5.0.0:

- Make an internal singleton object returned by APIs like
  ``implementedBy`` and ``directlyProvidedBy`` immutable. Previously,
  it was fully mutable and allowed changing its ``__bases___``. That
  could potentially lead to wrong results in pathological corner
  cases.

- Support the ``PURE_PYTHON`` environment variable at runtime instead
  of just at wheel build time. A value of 0 forces the C extensions to
  be used (even on PyPy) failing if they aren't present. Any other
  value forces the Python implementation to be used, ignoring the C
  extensions.

- Cache the result of ``__hash__`` method in ``InterfaceClass`` as a
  speed optimization. The method is called very often (i.e several
  hundred thousand times during Plone 5.2 startup). Because the hash value never
  changes it can be cached. This improves test performance from 0.614s
  down to 0.575s (1.07x faster). In a real world Plone case a reindex
  index came down from 402s to 320s (1.26x faster).

- Change the C classes ``SpecificationBase`` and its subclass
  ``ClassProvidesBase`` to store implementation attributes in their structures
  instead of their instance dictionaries. This eliminates the use of
  an undocumented private C API function, and helps make some
  instances require less memory.

- Reduce memory usage in other ways based on observations of usage
  patterns in Zope (3) and Plone code bases.

  - Specifications with no dependents are common (more than 50%) so
    avoid allocating a ``WeakKeyDictionary`` unless we need it.
  - Likewise, tagged values are relatively rare, so don't allocate a
    dictionary to hold them until they are used.
  - Use ``__slots___`` or the C equivalent ``tp_members`` in more
    common places. Note that this removes the ability to set arbitrary
    instance variables on certain objects.

  The changes in this release resulted in a 7% memory reduction after
  loading about 6,000 modules that define about 2,200 interfaces.

  .. caution::

    Details of many private attributes have changed, and external use
    of those private attributes may break. In particular, the
    lifetime and default value of ``_v_attrs`` has changed.

- Remove support for hashing uninitialized interfaces. This could only
  be done by subclassing ``InterfaceClass``. This has generated a
  warning since it was first added in 2011 (3.6.5). Please call the
  ``InterfaceClass`` constructor or otherwise set the appropriate
  fields in your subclass before attempting to hash or sort it.

- Remove unneeded override of the ``__hash__`` method from
  ``zope.interface.declarations.Implements``. Watching a reindex index
  process in ZCatalog with on a Py-Spy after 10k samples the time for
  ``.adapter._lookup`` was reduced from 27.5s to 18.8s (~1.5x faster).
  Overall reindex index time shrunk from 369s to 293s (1.26x faster).

- Make the Python implementation closer to the C implementation by
  ignoring all exceptions, not just ``AttributeError``, during (parts
  of) interface adaptation.

- Micro-optimization in ``.adapter._lookup`` , ``.adapter._lookupAll``
  and ``.adapter._subscriptions``: By loading ``components.get`` into
  a local variable before entering the loop a bytcode "LOAD_FAST 0
  (components)" in the loop can be eliminated. In Plone, while running
  all tests, average speedup of the "owntime" of ``_lookup`` is ~5x.

- Add ``__all__`` declarations to all modules. This helps tools that
  do auto-completion and documentation and results in less cluttered
  results. Wildcard ("*") are not recommended and may be affected.

- Fix ``verifyClass`` and ``verifyObject`` for builtin types like
  ``dict`` that have methods taking an optional, unnamed argument with
  no default value like ``dict.pop``. On PyPy3, the verification is
  strict, but on PyPy2 (as on all versions of CPython) those methods
  cannot be verified and are ignored.

- Update the common interfaces ``IEnumerableMapping``,
  ``IExtendedReadMapping``, ``IExtendedWriteMapping``,
  ``IReadSequence`` and ``IUniqueMemberWriteSequence`` to no longer
  require methods that were removed from Python 3 on Python 3, such as
  ``__setslice___``. Now, ``dict``, ``list`` and ``tuple`` properly
  verify as ``IFullMapping``, ``ISequence`` and ``IReadSequence,``
  respectively on all versions of Python.

- Add human-readable ``__str___`` and ``__repr___`` to ``Attribute``
  and ``Method``. These contain the name of the defining interface
  and the attribute. For methods, it also includes the signature.

- Change the error strings raised by ``verifyObject`` and
  ``verifyClass``. They now include more human-readable information
  and exclude extraneous lines and spaces.

  .. caution:: This will break consumers (such as doctests) that
              depended on the exact error messages.

- Make ``verifyObject`` and ``verifyClass`` report all errors, if the
  candidate object has multiple detectable violations. Previously they
  reported only the first error.

  Like the above, this will break consumers depending on the exact
  output of error messages if more than one error is present.

- Add ``zope.interface.common.collections``,
  ``zope.interface.common.numbers``, and ``zope.interface.common.io``.
  These modules define interfaces based on the ABCs defined in the
  standard library ``collections.abc``, ``numbers`` and ``io``
  modules, respectively. Importing these modules will make the
  standard library concrete classes that are registered with those
  ABCs declare the appropriate interface.

- Add ``zope.interface.common.builtins``. This module defines
  interfaces of common builtin types, such as ``ITextString`` and
  ``IByteString``, ``IDict``, etc. These interfaces extend the
  appropriate interfaces from ``collections`` and ``numbers``, and the
  standard library classes implement them after importing this module.
  This is intended as a replacement for third-party packages like
  `dolmen.builtins <https://pypi.org/project/dolmen.builtins/>`_.

- Make ``providedBy()`` and ``implementedBy()`` respect ``super``
  objects. For instance, if class ``Derived`` implements ``IDerived``
  and extends ``Base`` which in turn implements ``IBase``, then
  ``providedBy(super(Derived, derived))`` will return ``[IBase]``.
  Previously it would have returned ``[IDerived]`` (in general, it
  would previously have returned whatever would have been returned
  without ``super``).

  Along with this change, adapter registries will unpack ``super``
  objects into their ``__self___`` before passing it to the factory.
  Together, this means that ``component.getAdapter(super(Derived,
  self), ITarget)`` is now meaningful.

- Fix a potential interpreter crash in the low-level adapter
  registry lookup functions.

- Adopt Python's standard `C3 resolution order
  <https://www.python.org/download/releases/2.3/mro/>`_ to compute the
  ``__iro__`` and ``__sro__`` of interfaces, with tweaks to support
  additional cases that are common in interfaces but disallowed for
  Python classes. Previously, an ad-hoc ordering that made no
  particular guarantees was used.

  This has many beneficial properties, including the fact that base
  interface and base classes tend to appear near the end of the
  resolution order instead of the beginning. The resolution order in
  general should be more predictable and consistent.

  .. caution::
    In some cases, especially with complex interface inheritance
    trees or when manually providing or implementing interfaces, the
    resulting IRO may be quite different. This may affect adapter
    lookup.

  The C3 order enforces some constraints in order to be able to
  guarantee a sensible ordering. Older versions of zope.interface did
  not impose similar constraints, so it was possible to create
  interfaces and declarations that are inconsistent with the C3
  constraints. In that event, zope.interface will still produce a
  resolution order equal to the old order, but it won't be guaranteed
  to be fully C3 compliant. In the future, strict enforcement of C3
  order may be the default.

  A set of environment variables and module constants allows
  controlling several aspects of this new behaviour. It is possible to
  request warnings about inconsistent resolution orders encountered,
  and even to forbid them. Differences between the C3 resolution order
  and the previous order can be logged, and, in extreme cases, the
  previous order can still be used (this ability will be removed in
  the future). For details, see the documentation for
  ``zope.interface.ro``.

- Make inherited tagged values in interfaces respect the resolution
  order (``__iro__``), as method and attribute lookup does. Previously
  tagged values could give inconsistent results.

- Add ``getDirectTaggedValue`` (and related methods) to interfaces to
  allow accessing tagged values irrespective of inheritance.

- Ensure that ``Interface`` is always the last item in the ``__iro__``
  and ``__sro__``. This is usually the case, but if classes that do
  not implement any interfaces are part of a class inheritance
  hierarchy, ``Interface`` could be assigned too high a priority.

- Implement sorting, equality, and hashing in C for ``Interface``
  objects. In micro benchmarks, this makes those operations 40% to 80%
  faster. This translates to a 20% speed up in querying adapters.

  Note that this changes certain implementation details. In
  particular, ``InterfaceClass`` now has a non-default metaclass, and
  it is enforced that ``__module__`` in instances of
  ``InterfaceClass`` is read-only.

(adam)

php-nextcloud: Add not for updaters

Please do not ignore stable pkgsrc branch users.

(ryoon)

py-zope.hookable: updated to 5.0.1

5.0.1:
- Stop using the setuptools ``Feature`` class, allowing this
  project to be built from source with newer versions of setuptools
  that remove that functionality.

5.0.0:
- Add support for Python 3.7 and 3.8.
- Drop support for Python 3.4.

(adam)

Updated devel/py-zope.deferredimport, www/py-paste

(adam)

py-paste: updated to 3.4.1

3.4.1
Fix next in iterators in wsgilib.py.

(adam)

py-zope.deferredimport: updated to 4.3.1

4.3.1:
- Avoid race condition in ``deferredmodule.ModuleProxy.__getattr__``

(adam)

Updated www/py-zope.proxy, databases/py-redis

(adam)

py-redis: updated to 3.5.3

3.5.3:
* Restore try/except clauses to __del__ methods. These will be removed
  in 4.0 when more explicit resource management if enforced.
* Update the master_address when Sentinels promote a new master.
* Update SentinelConnectionPool to not forcefully disconnect other in-use
  connections which can negatively affect threaded applications.

(adam)

py-zope.proxy: updated to 4.3.5

4.3.5:
- Stop installing C header files on PyPy (which is what zope.proxy before 4.3.4
  used to do)

4.3.4:
- Fix a compilation warning on Python 3.8. The slot ``tp_print``
  changed to ``tp_vectorcall_offset`` in 3.8 and must not be set.
  Prior to 3.8, it was reserved and ignored in all Python 3 versions.
- Remove deprecated use of setuptools features.

4.3.3:
- Add support for Python 3.8.
- Drop support for Python 3.4.

4.3.2:
- Fix error handling in ``ProxyBase.__setattr__``: any the exception raised by
  ``PyString_AsString``/``PyUnicode_AsUTF8`` would be silently swallowed up
  and ignored.

(adam)

seamonkey: Fix comment for inclusion.

(ryoon)

Updated net/haproxy, net/py-lexicon

(adam)

py-lexicon: updated to 3.3.24

v3.3.24
Fixed create and update operations for GoDaddy if CAA records are present

v3.3.23
Add initial support for UltraDNS provider Signed-off-by
remove hetzner special handling from dehydrated.default.sh as it's not supported anymore

(adam)

haproxy: updated to 2.1.6

2.1.6
- Revert "BUG/MEDIUM: connections: force connections cleanup on server changes"
- SCRIPTS: publish-release: pass -n to gzip to remove timestamp
- BUG/MINOR: peers: fix internal/network key type mapping.
- BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
- BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string
- BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
- BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics
- BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
- BUG/MINOR: init: -x can have a parameter starting with a dash
- BUG/MINOR: init: -S can have a parameter starting with a dash
- BUG/MEDIUM: mworker: fix the reload with an -- option
- BUG/MINOR: ssl: fix a trash buffer leak in some error cases
- BUG/MINOR: mworker: fix a memleak when execvp() failed

(adam)

cmake: Remove not needed patch for libarchive

According to comment:
https://gitlab.kitware.com/cmake/cmake/-/merge_requests/4833#note_769729
the libarchive 3.3.3 is required for CMake build.
It is already contain Zstd support.

Patch by <gang65>

Closes https://github.com/NetBSD/pkgsrc/pull/61

(kamil)

ImageMagick: Fix and future-proof CTF_FILES_SKIP.

(jperkin)

Updated net/haproxy, textproc/oniguruma

(adam)

oniguruma: updated to 6.9.5.1

Release 6.9.5 revised 1
Fixed Issue 192

Release 6.9.5
(Same as Release Candidate 2)
POSIX API disabled by default for Unix (* Enabled by: configure --enable-posix-api=yes)
Update Unicode version 13.0.0
NEW: Code point sequence notation \x{HHHH HHHH ...}, \o{OOOO OOOO ...}
NEW API: retry limit in search functions
NEW API: maximum nesting level of subexp call
Fixed behavior of isolated options in Perl and Java syntaxes. /...(?i).../

(adam)

haproxy: updated to 2.1.5

2.1.5
- BUG/MINOR: protocol_buffer: Wrong maximum shifting.
- MINOR: ssl: improve the errors when a crt can't be open
- BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
- BUG/MINOR: ssl: memleak of the struct cert_key_and_chain
- BUG/MINOR: connection: always send address-less LOCAL PROXY connections
- BUG/MINOR: peers: Incomplete peers sections should be validated.
- DOC: hashing: update link to hashing functions
- MINOR: version: Show uname output in display_version()
- DOC: Improve documentation on http-request set-src
- BUG/MINOR: ssl: default settings for ssl server options are not used
- BUG/MEDIUM: http-ana: Handle NTLM messages correctly.
- BUG/MINOR: tools: fix the i386 version of the div64_32 function
- BUG/MINOR: http: make url_decode() optionally convert '+' to SP
- DOC: option logasap does not depend on mode
- MEDIUM: memory: make pool_gc() run under thread isolation
- MINOR: contrib: make the peers wireshark dissector a plugin
- BUG/MINOR: check: Update server address and port to execute an external check
- MINOR: checks: Add a way to send custom headers and payload during http chekcs
- BUG/MINOR: checks: Respect the no-check-ssl option
- BUG/MEDIUM: server/checks: Init server check during config validity check
- BUG/MINOR: checks: chained expect will not properly wait for enough data
- BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function
- BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it
- BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream
- BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
- BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam
- BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam
- BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream
- BUG/MEDIUM: listener: mark the thread as not stuck inside the loop
- MINOR: threads: export the POSIX thread ID in panic dumps
- BUG/MINOR: debug: properly use long long instead of long for the thread ID
- BUG/MEDIUM: shctx: really check the lock's value while waiting
- BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock
- MINOR: stream: report the list of active filters on stream crashes
- MINOR: haproxy: export run_poll_loop
- MINOR: tools: add new function dump_addr_and_bytes()
- MINOR: tools: add resolve_sym_name() to resolve function pointers
- MINOR: debug: use resolve_sym_name() to dump task handlers
- MINOR: cli: make "show fd" rely on resolve_sym_name()
- MEDIUM: debug: add support for dumping backtraces of stuck threads
- MINOR: debug: call backtrace() once upon startup
- BUILD: Makefile: include librt before libpthread
- MINOR: wdt: do not depend on USE_THREAD
- MINOR: debug: report the number of entries in the backtrace
- MINOR: debug: improve backtrace() on aarch64 and possibly other systems
- MINOR: debug: use our own backtrace function on clang+x86_64
- MINOR: debug: dump the whole trace if we can't spot the starting point
- BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms
- BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr()
- BUILD: Makefile: add linux-musl to TARGET
- REGTEST: ssl: test the client certificate authentication
- REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script
- Revert "BUG/MINOR: connection: always send address-less LOCAL PROXY connections"
- Revert "BUG/MINOR: connection: make sure to correctly tag local PROXY connections"
- BUG/MINOR: checks/server: use_ssl member must be signed
- BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks
- BUG/MINOR: checks: Remove a warning about http health checks
- BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release()
- BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
- BUG/MEDIUM: connections: force connections cleanup on server changes
- BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed
- BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id()
- CLEANUP: connections: align function declaration
- BUG/MINOR: sample: Set the correct type when a binary is converted to a string
- BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
- BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
- BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT
- BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
- BUG/MINOR: http-ana: fix NTLM response parsing again
- BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
- BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered
- BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
- BUG/MINOR: pollers: remove uneeded free in global init
- BUG/MINOR: soft-stop: always wake up waiting threads on stopping
- BUILD: select: only declare existing local labels to appease clang
- BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry.
- BUG/MEDIUM: stream: Only allow L7 retries when using HTTP.
- BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt()
- BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason
- BUG/MEDIUM: ring: write-lock the ring while attaching/detaching
- BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified
- BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
- DOC: retry-on can only be used with mode http
- DOC/MINOR: halog: Add long help info for ic flag
- DOC: SPOE is no longer experimental
- BUG/MINOR: logs: prevent double line returns in some events.
- REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used
- BUG/MEDIUM: logs: fix trailing zeros on log message.
- BUG/MINOR: lua: Add missing string length for lua sticktable lookup
- BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf

(adam)

The update to lang/rust 1.44.0 was backed out.

(he)

Back out the update to version 1.44.0, revert to 1.43.1nb1.

This is primarily due to
  https://github.com/rust-lang/rust/issues/73117
(build failure on NetBSD/i386 8.0) which is reportedly seen also
on NetBSD/amd64 9.99.64 and 9.99.65.

(he)

ImageMagick: restore policy.xml

After some short discussion, we will keep the policy.xml patch for now.

(tm)

doc: Updated security/ca-certificates to 20200601

(kim)

Upgrade to 20200601

* Update Mozilla certificate authority bundle to version 2.40.
* Add distrusted Symantec CA list to blacklist for explicit removal.
* Blacklist expired root certificate, "AddTrust External Root".

The following certificate authorities were added (+):
+ "Certigna Root CA"
+ "emSign ECC Root CA - C3"
+ "emSign ECC Root CA - G3"
+ "emSign Root CA - C1"
+ "emSign Root CA - G1"
+ "Entrust Root Certification Authority - G4"
+ "GTS Root R1"
+ "GTS Root R2"
+ "GTS Root R3"
+ "GTS Root R4"
+ "Hongkong Post Root CA 3"
+ "UCA Extended Validation Root"
+ "UCA Global G2 Root"

The following certificate authorities were removed (-):
- "AddTrust External Root"
- "Certinomis - Root CA"
- "Certplus Class 2 Primary CA"
- "Deutsche Telekom Root CA 2"
- "GeoTrust Global CA"
- "GeoTrust Primary Certification Authority"
- "GeoTrust Primary Certification Authority - G2"
- "GeoTrust Primary Certification Authority - G3"
- "GeoTrust Universal CA"
- "thawte Primary Root CA"
- "thawte Primary Root CA - G2"
- "thawte Primary Root CA - G3"
- "VeriSign Class 3 Public Primary Certification Authority - G4"
- "VeriSign Class 3 Public Primary Certification Authority - G5"
- "VeriSign Universal Root Certification Authority"

Changes for pkgsrc packaging:
* Add README.pkgsrc, replacing MESSAGE.
* Improve DESCR to better describe the functionality of the package.
* Install changelog and README.source from the distribution package.

(kim)

Match not only NetBSD releases but also _BETA and _STABLE

(bouyer)

retroarch: don't install stuff to etc

(nia)

doc: Updated games/dMagnetic to 0.23

(wiz)

dMagnetic: update to 0.23.

Provided by Thomas Dettbarn in PR 55359.

This release saw major improvements when playing the original games
from the MS DOS releases. The images packaged in there used a
slightly different format than the AMIGA versions, resulting in
muted colours when playing with the LOW ANSI output.

An alternative algorithm has been introduced, called -vmode low_ansi2,
resulting in much more colourful, nuanced pictures. Just have a
look yourself!

(wiz)

ImageMagick: remove policy.xml because it's no longer required

Remove no longer required security fix in policy.xml because we already provide
a fixed version of GhostScript and ImageMagick.

(tm)

Updated devel/py-sortedcontainers, devel/py-wcwidth

(adam)

py-wcwidth: updated to 0.2.4

0.2.4:
Bug fixes

(adam)

py-sortedcontainers: updated to 2.2.2

2.2.2:
Add ���small slice��� optimization to SortedList.__getitem__.
Silence warning when testing SortedList.iloc.

2.2.1:
Fix a warning regarding classifiers in setup.py.

2.2.0:
Change SortedDict to avoid cycles for CPython reference counting.

(adam)

doc/pkgsrc.*: regen

(rillig)

doc/guide: explain how to force compiler options in the build phase

https://mail-index.netbsd.org/tech-pkg/2020/06/07/msg023309.html

(rillig)

Note update of lang/rust to 1.44.0.

(he)

Update rust to version 1.44.0.

Pkgsrc changes:
* Remove a couple diffs which are now integrated upstream.
* Adjust cargo checksums after upstream upgrades.
* Belatedly bump the curl dependency
* Unset DESTDIR during the build phase, to work around a mysterious
  build bug deep in the bowels of llvm.
* Bump nearly all bootstraps to 1.43.1.

Upstream changes:

Version 1.44.0 (2020-06-04)
==========================

Language
--------
- [You can now use `async/.await` with `#[no_std]` enabled.][69033]
- [Added the `unused_braces` lint.][70081]

**Syntax-only changes**

- [Expansion-driven outline module parsing][69838]
```rust
#[cfg(FALSE)]
mod foo {
    mod bar {
        mod baz; // `foo/bar/baz.rs` doesn't exist, but no error!
    }
}
```

These are still rejected semantically, so you will likely receive an error but
these changes can be seen and parsed by macros and conditional compilation.

Compiler
--------
- [Rustc now respects the `-C codegen-units` flag in incremental mode.][70156]
  Additionally when in incremental mode rustc defaults to 256 codegen units.
- [Refactored `catch_unwind`, to have zero-cost unless unwinding is enabled and
  a panic is thrown.][67502]
- [Added tier 3\* support for the `aarch64-unknown-none` and
  `aarch64-unknown-none-softfloat` targets.][68334]
- [Added tier 3 support for `arm64-apple-tvos` and
  `x86_64-apple-tvos` targets.][68191]

Libraries
---------
- [Special cased `vec![]` to map directly to `Vec::new()`.][70632] This allows
  `vec![]` to be able to be used in `const` contexts.
- [`convert::Infallible` now implements `Hash`.][70281]
- [`OsString` now implements `DerefMut` and `IndexMut` returning
  a `&mut OsStr`.][70048]
- [Unicode 13 is now supported.][69929]
- [`String` now implements `From<&mut str>`.][69661]
- [`IoSlice` now implements `Copy`.][69403]
- [`Vec<T>` now implements `From<[T; N]>`.][68692] Where `N` is less than 32.
- [`proc_macro::LexError` now implements `fmt::Display` and `Error`.][68899]
- [`from_le_bytes`, `to_le_bytes`, `from_be_bytes`, `to_be_bytes`,
  `from_ne_bytes`, and `to_ne_bytes` methods are now `const` for all
  integer types.][69373]

Stabilized APIs
---------------
- [`PathBuf::with_capacity`]
- [`PathBuf::capacity`]
- [`PathBuf::clear`]
- [`PathBuf::reserve`]
- [`PathBuf::reserve_exact`]
- [`PathBuf::shrink_to_fit`]
- [`f32::to_int_unchecked`]
- [`f64::to_int_unchecked`]
- [`Layout::align_to`]
- [`Layout::pad_to_align`]
- [`Layout::array`]
- [`Layout::extend`]

Cargo
-----
- [Added the `cargo tree` command which will print a tree graph of
  your dependencies.][cargo/8062] E.g.
  ```
    mdbook v0.3.2 (/Users/src/rust/mdbook)
  +-- ammonia v3.0.0
  |  +-- html5ever v0.24.0
  |  |  +-- log v0.4.8
  |  |  |  +-- cfg-if v0.1.9
  |  |  +-- mac v0.1.1
  |  |  +-- markup5ever v0.9.0
  |  |      +-- log v0.4.8 (*)
  |  |      +-- phf v0.7.24
  |  |      |  +-- phf_shared v0.7.24
  |  |      |      +-- siphasher v0.2.3
  |  |      |      +-- unicase v1.4.2
  |  |      |          [build-dependencies]
  |  |      |          +-- version_check v0.1.5
  ...
  ```
  You can also display dependencies on multiple versions of the same crate with
  `cargo tree -d` (short for `cargo tree --duplicates`).

Misc
----
- [Rustdoc now allows you to specify `--crate-version` to have rustdoc include
  the version in the sidebar.][69494]

Compatibility Notes
-------------------
- [Rustc now correctly generates static libraries on Windows GNU targets with
  the `.a` extension, rather than the previous `.lib`.][70937]
- [Removed the `-C no_integrated_as` flag from rustc.][70345]
- [The `file_name` property in JSON output of macro errors now points the actual
  source file rather than the previous format of `<NAME macros>`.][70969]
  **Note:** this may not point a file that actually exists on the user's system.
- [The minimum required external LLVM version has been bumped to LLVM 8.][71147]
- [`mem::{zeroed, uninitialised}` will now panic when used with types that do
  not allow zero initialization such as `NonZeroU8`.][66059] This was
  previously a warning.
- [In 1.45.0 (the next release) converting a `f64` to `u32` using the `as`
  operator has been defined as a saturating operation.][71269] This was
  previously undefined behaviour, you can use the `{f64, f32}::to_int_unchecked`
  methods to continue using the current behaviour which may desirable in rare
  performance sensitive situations.

Internal Only
-------------
These changes provide no direct user facing benefits, but represent significant
improvements to the internals and overall performance of rustc and
related tools.

- [dep_graph Avoid allocating a set on when the number reads are small.][69778]
- [Replace big JS dict with JSON parsing.][71250]

[69373]: https://github.com/rust-lang/rust/pull/69373/
[66059]: https://github.com/rust-lang/rust/pull/66059/
[68191]: https://github.com/rust-lang/rust/pull/68191/
[68899]: https://github.com/rust-lang/rust/pull/68899/
[71147]: https://github.com/rust-lang/rust/pull/71147/
[71250]: https://github.com/rust-lang/rust/pull/71250/
[70937]: https://github.com/rust-lang/rust/pull/70937/
[70969]: https://github.com/rust-lang/rust/pull/70969/
[70632]: https://github.com/rust-lang/rust/pull/70632/
[70281]: https://github.com/rust-lang/rust/pull/70281/
[70345]: https://github.com/rust-lang/rust/pull/70345/
[70048]: https://github.com/rust-lang/rust/pull/70048/
[70081]: https://github.com/rust-lang/rust/pull/70081/
[70156]: https://github.com/rust-lang/rust/pull/70156/
[71269]: https://github.com/rust-lang/rust/pull/71269/
[69838]: https://github.com/rust-lang/rust/pull/69838/
[69929]: https://github.com/rust-lang/rust/pull/69929/
[69661]: https://github.com/rust-lang/rust/pull/69661/
[69778]: https://github.com/rust-lang/rust/pull/69778/
[69494]: https://github.com/rust-lang/rust/pull/69494/
[69403]: https://github.com/rust-lang/rust/pull/69403/
[69033]: https://github.com/rust-lang/rust/pull/69033/
[68692]: https://github.com/rust-lang/rust/pull/68692/
[68334]: https://github.com/rust-lang/rust/pull/68334/
[67502]: https://github.com/rust-lang/rust/pull/67502/
[cargo/8062]: https://github.com/rust-lang/cargo/pull/8062/
[`PathBuf::with_capacity`]: https://doc.rust-lang.org/std/path/struct.PathBuf.html#method.with_capacity
[`PathBuf::capacity`]: https://doc.rust-lang.org/std/path/struct.PathBuf.html#method.capacity
[`PathBuf::clear`]: https://doc.rust-lang.org/std/path/struct.PathBuf.html#method.clear
[`PathBuf::reserve`]: https://doc.rust-lang.org/std/path/struct.PathBuf.html#method.reserve
[`PathBuf::reserve_exact`]: https://doc.rust-lang.org/std/path/struct.PathBuf.html#method.reserve_exact
[`PathBuf::shrink_to_fit`]: https://doc.rust-lang.org/std/path/struct.PathBuf.html#method.shrink_to_fit
[`f32::to_int_unchecked`]: https://doc.rust-lang.org/std/primitive.f32.html#method.to_int_unchecked
[`f64::to_int_unchecked`]: https://doc.rust-lang.org/std/primitive.f64.html#method.to_int_unchecked
[`Layout::align_to`]: https://doc.rust-lang.org/std/alloc/struct.Layout.html#method.align_to
[`Layout::pad_to_align`]: https://doc.rust-lang.org/std/alloc/struct.Layout.html#method.pad_to_align
[`Layout::array`]: https://doc.rust-lang.org/std/alloc/struct.Layout.html#method.array
[`Layout::extend`]: https://doc.rust-lang.org/std/alloc/struct.Layout.html#method.extend

(he)

seamonkey: use correct mozilla-common, missed commit...

(nia)

doc: Updated devel/ruby-regexp_parser to 1.7.1

(taca)

devel/ruby-regexp_parser: update to 1.7.1

Update ruby-regexp_parser to 1.7.1

### [1.7.1] - 2020-06-07 - [Ammar Ali](mailto:ammarabuali@gmail.com)

### Fixed

- Support for literals that include the unescaped delimiters `{`, `}`, and `]`. These
  delimiters are informally supported by various regexp engines.

(taca)

doc: update roundcube related packages to 1.4.5

mail/roundcube
mail/roundcube-plugin-enigma
mail/roundcube-plugin-zipdownload
mail/roundcube-plugin-password

(taca)

mail/roundcube-plugin-password: update to 1.4.5

Update roundcube-plugin-password to 1.4.5

RELEASE 1.4.5
-------------
- Password: Fix issue with Modoboa driver (#7372)

(taca)

mail/roundcube: update to 1.4.5

Update roundcube to 1.4.5, including some security fixes.

pkgsrc change:

* Proper replace PHP interpreter.
* Fix php-sockets option to work.

RELEASE 1.4.5
-------------
- Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364)
- Fix so the database setup description is compatible with MySQL 8 (#7340)
- Markasjunk: Fix regression in jsevent driver (#7361)
- Fix missing flag indication on collapsed thread in Larry and Elastic (#7366)
- Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367)
- Mailvelope: Use sender's address to find pubkeys to check signatures (#7348)
- Mailvelope: Fix Encrypt button hidden in Elastic (#7353)
- Fix PHP warning: count(): Parameter must be an array or an object... in ID command handler (#7392)
- Fix error when user-configured skin does not exist anymore (#7271)
- Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)
- Fix bug where PDF attachments marked as inline could have not been attached on mail forward (#7382)
- Security: Fix a couple of XSS issues in Installer (#7406)
- Security: Fix XSS issue in template object 'username' (#7406)
- Security: Better fix for CVE-2020-12641
- Security: Fix cross-site scripting (XSS) via malicious XML attachment

(taca)

doc: Updated net/powerdns to 4.2.2

(otis)

net/powerdns: Update to 4.2.2

Changes since 4.2.1:

* Released:
  - 9th of April 2020

* New Features:
  - api: add includerings option to statistics endpoint

* Improvements:
  - cache: strictly enforce maximum size, and improve cleanup routine

* Bug Fixes:
  - fix records ending up in wrong packet section

  - avoid IXFR-in corruption when deltas come in close together.
    Please see the IXFR-in corruption upgrade notes

  - fix out-of-bound access for zero length "serialized" string when
    using lmdbbackend.

  - bind backend: pthread_mutex_t should be inited and destroyed and not be copied

* Reference:
  - https://doc.powerdns.com/authoritative/changelog/4.2.html#change-4.2.2

(otis)

x11/gtkmm3: restore ABI_DEPENDS as API_DEPENDS

wiz says: Packages are not supposed to set BUILDLINK_ABI_DEPENDS for
other packages, they should set BUILDLINK_API_DEPENDS (P instead of B).

After that change, all these entries actually have an effect since they
are greater than their corresponding default BUILDLINK_API_DEPENDS, and
pkglint no longer complains.

(rillig)

bsd.buildlink3.mk: add ABI_DEPENDS and API_DEPENDS to show-all-bl3

(rillig)

x11/gtkmm3: move gtk3 buildlink above the PKG_BUILD_OPTIONS

Before, "bmake show-all" showed that PLIST.x11 was commented out.  This
was misleading since during the actual package build, that variable is
active, and the corresponding files are included in the PLIST.

This inconsistency was due to the magic of MAKEVARS and the barrier.

When bmake is run, the build options of gtk3 are determined and added
to MAKEVARS.  At that point PLIST.x11 is still undefined.  That doesn't
matter since this variable is not evaluated yet.  Before the actual PLIST
generation happens, the value of PKG_BUILD_OPTIONS.gtk3 is stored in
work/.build_makevars.mk, which acts as a cache.

After that, the barrier steps in, and bmake calls an inner bmake to do
the actual work.  This inner bmake reads the package Makefile again, and
when bsd.prefs.mk is included, the makevars.mk cache is loaded as well.
This makes PKG_BUILD_OPTIONS.gtk3 known at load time, and at that point,
PLIST.x11 is evaluated as expected and becomes "yes".

Luckily, PLIST.x11 was not added to MAKEVARS.  Otherwise it would have
been evaluated too early, the early value would have been cached, and the
whole trick wouldn't have worked.

(rillig)