devel/Makefile: + p5-Compiler-Lexer

(wiz)

devel/p5-Compiler-Lexer: import p5-Compiler-Lexer-0.23

Lexical Analyzer for Perl5

(wiz)

sollya: Import sollya-7.0 as math/sollya

Sollya is a tool environment and a library for safe floating-point
code development, particularly targeted at automated implementation
of math libraries like libm.

Derived from wip/sollya.

(riastradh)

fplll: Import fplll-5.3.2 as math/fplll

fplll is a library of floating-point lattice algorithms.

Derived from wip/fplll.

(riastradh)

mpfi: Import mpfr-1.5.4 as math/mpfr

mpfr is a multiprecision floating-point interval arithmetic library.

Derived from wip/mpfi.

(riastradh)

Clarifications.

(hauke)

doc: Updated parallel/parallel to 20200422

(nia)

parallel: Update to 20200422
20200422

This release celebrates GNU Parallel's 10 years as a GNU tool:

> commit ed2dfb1043768154d4e7678e01e10287155fa834
> Author: Ole Tange <ole@tange.dk>
> Date:  Thu Apr 22 01:23:00 2010 +0200
>
>    Name change: Parallel is now GNU Parallel.
>    Basic structure for sshlogin and sshloginfile.

New in this release:

* parsort makes GNU sort run faster for files with more than 1M lines.

* Bug fixes and man page updates.

News about GNU Parallel:

* Several clusters have updated their documentation of GNU Parallel:
  https://www.grid5000.fr/w/GNU_Parallel
  https://research-it.berkeley.edu/virtual-training-running-jobs-parallel-savio
  http://www.hpc.lsu.edu/training/archive/tutorials.php

* add_pho uses GNU Parallel: https://github.com/SeedlingsBabylab/add_pho

* GNU parallel使用笔记https://zhuanlan.zhihu.com/p/37340011

* Virtual Workshop: Running Jobs in Parallel on Savio
  https://ais.berkeley.edu/events/virtual-workshop-running-jobs-parallel-savio/2020-04-20

* Free Concurrency with GNU Parallel
  https://phili.pe/posts/free-concurrency-with-gnu-parallel/

20200322

* Bug fixes and man page updates.

News about GNU Parallel:

* The GNU Parallel course in Copenhagen is cancelled
  https://www.prosa.dk/nc/arrangementer/arrangement/gnu-parallel-med-ole-tange/

* The GNU Parallel course in Århus is cancelled
  https://www.prosa.dk/nc/arrangementer/arrangement/gnu-parallel-og-parallelisering-i-unix-shellen/

* The 10 year anniversary may be cancelled, see
  https://www.gnu.org/software/parallel/10-years-anniversary.html

* Running shell commands in parallel, via GNU Parallel
  https://dev.to/saveriomiroddi/running-shell-commands-in-parallel-via-gnu-parallel-3a72

* Faster nmap scanning with the help of GNU parallel
  https://badshah.io/experiment/faster-nmap-scanning-with-the-help-of-gnu-parallel/

20200222

* Bug fixes and man page updates.

20200122

* --blocktimeout dur - Time out for reading block when using
  --pipe. If it takes longer than dur to read a full block, use the
  partial block read so far.

* Bug fixes and man page updates.

News about GNU Parallel:

* GNU Parallel course in Copenhagen
  https://www.prosa.dk/nc/arrangementer/arrangement/gnu-parallel-med-ole-tange/

* GNU Parallel course in Århus
  https://www.prosa.dk/nc/arrangementer/arrangement/gnu-parallel-og-parallelisering-i-unix-shellen/

* GNU Parallel pour accélérer vos process sous Linux
  https://www.yvonh.com/gnu-parallel-pour-accelerer-vos-process-sous-linux/

* How to copy a file to multiple directories in Linux
  https://net2.com/how-to-copy-a-file-to-multiple-directories-in-linux/

* Running linux commands in parallel https://dev.to/voyeg3r/runing-linux-commands-in-parallel-4ff8

20191222

* GNU Parallel course in Copenhagen
  https://www.prosa.dk/nc/arrangementer/arrangement/gnu-parallel-med-ole-tange/

* GNU Parallel course in Århus
  https://www.prosa.dk/nc/arrangementer/arrangement/gnu-parallel-og-parallelisering-i-unix-shellen/

* GNU Parallel is used in
  https://github.com/JeffersonLab/rfw_tsf_extractor

* Bug fixes and man page updates.

20191122

* GNU Parallel was presented at Driving IT. Slides:
  cloud.prosa.dk/s/drivingit

* Restarting supervisord processes in parallel
  https://blog.naderman.de/2019/11/14/restarting-supervisord-processes-in-parallel/

* Using GNU Parallel to Create Archives Faster
  https://www.reddit.com/r/DataHoarder/comments/dsgmhc/parallel_archiving_techniques/

* Bug fixes and man page updates.

20191022

* --tee will use --output-error=warn-nopipe if supported by tee.

* GNU Parallel will be presented at Driving IT 2019:
  https://ida.dk/arrangementer-og-kurser/konferencer/driving-it/tools

* UMN Duluth: Job parallelization with task arrays and GNU parallel
  https://www.msi.umn.edu/tutorials/umn-duluth-job-parallelization-task-arrays-and-gnu-parallel

* Genome updater uses GNU Parallel
  https://github.com/pirovc/genome_updater

* Using GNU-Parallel for bioinformatics
  https://www.danielecook.com/using-gnu-parallel-for-bioinformatics/

* Speeding up PostgreSQL ETL pipeline with the help of GODS
  https://cfengine.com/company/blog-detail/speeding-up-postgresql-etl-pipeline-with-the-help-of-gods/

* Runing linux commands in parallel
  https://dev.to/voyeg3r/runing-linux-commands-in-parallel-4ff8

* Research Computing University of Colorado Boulder contains an intro
  to GNU Parallel
  https://readthedocs.org/projects/curc/downloads/pdf/latest/

* 如何使用Parallel在Shell中并行执行命令
  https://www.myfreax.com/gnu-parallel/

* 如何测试 Amazon Elastic File System
  https://aws.amazon.com/cn/blogs/china/how-to-test-drive-amazon-elastic-file-system/

* Bug fixes and man page updates.

20190922

* --nice is now inherited by the nice level that GNU Parallel is
  started at. So 'nice -n10 parallel' will also cause remote jobs to
  be run at nice level 10.

* --delay is now accurate to within 10 ms

* GNU Parallel will be presented at Driving IT 2019:
  https://ida.dk/arrangementer-og-kurser/konferencer/driving-it/tools

* Greenland Ice Sheet solid ice discharge from 1986 through 2017
  https://www.earth-syst-sci-data.net/11/769/2019/essd-11-769-2019.pdf

* App Center Cloud Build Machines > Installed Software > Utilities
  https://docs.microsoft.com/en-us/appcenter/build/software

* Curryfinger - SNI & Host header spoofing utility
  https://dualuse.io/blog/curryfinger/

* Hyak parallel-sql
  https://wiki.cac.washington.edu/display/hyakusers/Hyak+parallel-sql

* A meditation on analysing data with Perl in parallel using GNU Parallel
  https://www.reddit.com/r/perl/comments/cyo2qc/a_meditation_on_analysing_data_with_perl_in/

* Accélérer ses tâches avec GNU Parallel et les lots de tâches (UL)
  https://www.eventbrite.ca/e/inscription-accelerer-ses-taches-avec-gnu-parallel-et-les-lots-de-taches-ul-71412840729

* RMACC Summit GNU Parallel
  https://curc.readthedocs.io/en/latest/software/GNUParallel.html

* Introducing Parallel into Shell
  https://petelawson.com/post/parallel-in-shell/

* Linux Productivity Tools
  https://www.usenix.org/conference/lisa19/presentation/maheshwari

* Gnu/parallel + Nfs 实现共享文件网络的并发计算等操作
  http://atomicer.cn/2018/01/18/gnu-parallel-nfs-%E5%AE%9E%E7%8E%B0%E5%85%B1%E4%BA%AB%E6%96%87%E4%BB%B6%E7%BD%91%E7%BB%9C%E7%9A%84%E5%B9%B6%E5%8F%91%E8%AE%A1%E7%AE%97%E7%AD%89%E6%93%8D%E4%BD%9C/#more

* Bug fixes and man page updates.

(nia)

doc: Added devel/p5-Class-Refresh version 0.07

(wiz)

devel/Makefile: + p5-Class-Refresh

(wiz)

devel/p5-Class-Refresh: import p5-Class-Refresh-0.07

During development, it is fairly common to cycle between writing
code and testing that code. Generally the testing happens within
the test suite, but frequently it is more convenient to test things
by hand when tracking down a bug, or when doing some exploratory
coding. In many situations, however, this becomes inconvenient -
for instance, in a REPL, or in a stateful web application, restarting
from the beginning after every code change can get pretty tedious.
This module allows you to reload your application classes on the
fly, so that the code/test cycle becomes a lot easier.

(wiz)

doc: Updated www/php-glpi to 9.4.6

(hauke)

Update www/php-glpi to v9.4.6

Upstream says...

You'll find below the changes of this bugfixes version:
- (security) Prevent execution of SQL injection while assigning a technician,
- (security) Permit to change key used to store passwords,
- (security) Improve CSRF token,
- (security) Fix several possible XSS,
- (security) Fix a few possible SQL injections,
- Fix SCSS caching issues,
- Fix inline images handling on item update,
- Fix PHP 7.4 compatibility,
- Connect to database using socket,
- and more!

The full changelog is available:
<https://github.com/glpi-project/glpi/milestone/39?closed=1>

(hauke)

p5-aliased: this wants to use Module::Build::Tiny

(wiz)

doc: Updated devel/pcre2 to 10.35

(nia)

pcre2: Update to 10.35

Version 10.35 09-May-2020
---------------------------

1. Use PCRE2_MATCH_EMPTY flag to detect empty matches in JIT.

2. Fix ARMv5 JIT improper handling of labels right after a constant pool.

3. A JIT bug is fixed which allowed to read the fields of the compiled
pattern before its existence is checked.

4. Back in the PCRE1 day, capturing groups that contained recursive back
references to themselves were made atomic (version 8.01, change 18) because
after the end a repeated group, the captured substrings had their values from
the final repetition, not from an earlier repetition that might be the
destination of a backtrack. This feature was documented, and was carried over
into PCRE2. However, it has now been realized that the major refactoring that
was done for 10.30 has made this atomicizing unnecessary, and it is confusing
when users are unaware of it, making some patterns appear not to be working as
expected. Capture values of recursive back references in repeated groups are
now correctly backtracked, so this unnecessary restriction has been removed.

5. Added PCRE2_SUBSTITUTE_LITERAL.

6. Avoid some VS compiler warnings.

7. Added PCRE2_SUBSTITUTE_MATCHED.

8. Added (?* and (?<* as synonms for (*napla: and (*naplb: to match another
regex engine. The Perl regex folks are aware of this usage and have made a note
about it.

9. When an assertion is repeated, PCRE2 used to limit the maximum repetition to
1, believing that repeating an assertion is pointless. However, if a positive
assertion contains capturing groups, repetition can be useful. In any case, an
assertion could always be wrapped in a repeated group. The only restriction
that is now imposed is that an unlimited maximum is changed to one more than
the minimum.

10. Fix *THEN verbs in lookahead assertions in JIT.

11. Added PCRE2_SUBSTITUTE_REPLACEMENT_ONLY.

12. The JIT stack should be freed when the low-level stack allocation fails.

13. In pcre2grep, if the final line in a scanned file is output but does not
end with a newline sequence, add a newline according to the --newline setting.

14. (?(DEFINE)...) groups were not being handled correctly when checking for
the fixed length of a lookbehind assertion. Such a group within a lookbehind
should be skipped, as it does not contribute to the length of the group.
Instead, the (DEFINE) group was being processed, and if at the end of the
lookbehind, that end was not correctly recognized. Errors such as "lookbehind
assertion is not fixed length" and also "internal error: bad code value in
parsed_skip()" could result.

15. Put a limit of 1000 on recursive calls in pcre2_study() when searching
nested groups for starting code units, in order to avoid stack overflow issues.
If the limit is reached, it just gives up trying for this optimization.

16. The control verb chain list must always be restored when exiting from a
recurse function in JIT.

17. Fix a crash which occurs when the character type of an invalid UTF
character is decoded in JIT.

18. Changes in many areas of the code so that when Unicode is supported and
PCRE2_UCP is set without PCRE2_UTF, Unicode character properties are used for
upper/lower case computations on characters whose code points are greater than
127.

19. The function for checking UTF-16 validity was returning an incorrect offset
for the start of the error when a high surrogate was not followed by a valid
low surrogate. This caused incorrect behaviour, for example when
PCRE2_MATCH_INVALID_UTF was set and a match started immediately following the
invalid high surrogate, such as /aa/ matching "\x{d800}aa".

20. If a DEFINE group immediately preceded a lookbehind assertion, the pattern
could be mis-compiled and therefore not match correctly. This is the example
that found this: /(?(DEFINE)(?<foo>bar))(?<![-a-z0-9])word/ which failed to
match "word" because the "move back" value was set to zero.

21. Following a request from a user, some extensions and tidies to the
character tables handling have been done:

  (a) The dftables auxiliary program is renamed pcre2_dftables, but it is still
  not installed for public use.

  (b) There is now a -b option for pcre2_dftables, which causes the tables to
  be written in binary. There is also a -help option.

  (c) PCRE2_CONFIG_TABLES_LENGTH is added to pcre2_config() so that an
  application that wants to save tables in binary knows how long they are.

22. Changed setting of CMAKE_MODULE_PATH in CMakeLists.txt from SET to
LIST(APPEND...) to allow a setting from the command line to be included.

23. Updated to Unicode 13.0.0.

24. CMake build now checks for secure_getenv() and strerror(). Patch by Carlo.

25. Avoid using [-1] as a suffix in pcre2test because it can provoke a compiler
warning.

26. Added tests for __attribute__((uninitialized)) to both the configure and
CMake build files, and then applied this attribute to the variable called
stack_frames_vector[] in pcre2_match(). When implemented, this disables
automatic initialization (a facility in clang), which can take time on big
variables.

27. Updated CMakeLists.txt (patches by Uwe Korn) to add support for
pcre2-config, the libpcre*.pc files, SOVERSION, VERSION and the
MACHO_*_VERSIONS settings for CMake builds.

28. Another patch to CMakeLists.txt to check for mkostemp (configure already
does). Patch by Carlo Marcelo Arenas Belon.

29. Check for the existence of memfd_create in both CMake and configure
configurations. Patch by Carlo Marcelo Arenas Belon.

30. Restrict the configuration setting for the SELinux compatible execmem
allocator (change 10.30/44) to Linux and NetBSD.

(nia)

Fix ctype use. Bump revision.

(joerg)

Needs pip

(joerg)

Build as egg. Bump revision.

(joerg)

Avoid rebuilding everything for doxygen, just the docs are fine. Don't
keep an insanely long hand-maintained list of Python files, go with
wildcards. Simplify various build commands.

(joerg)

Fix sphinx name.

(joerg)

Fix a number of long-standing race conditions in cmake's autogen
handling. Bump revision.

(joerg)

doc: Updated graphics/ImageMagick to 7.0.10.13

(nia)

ImageMagick: Update to 7.0.10-13

2020-05-15  7.0.10-12 Cristy  <quetzlzacatenango@image...>
  * Release ImageMagick version 7.0.10-12, GIT revision 17242:e14b3fb:20200515.

2020-05-12  7.0.10-12 Cristy  <quetzlzacatenango@image...>
  * Black artefacts during quantization (reference
    https://github.com/ImageMagick/ImageMagick/discussions/2007#discussioncomment-13546).

2020-05-08  7.0.10-11 Cristy  <quetzlzacatenango@image...>
  * Release ImageMagick version 7.0.10-11, GIT revision 17230:088df0e:20200508.

2020-04-28  7.0.10-11 Cristy  <quetzlzacatenango@image...>
  * Disable "random" OpenCL kernel.  Previously the work load was distributed
    but each started with the same random seed.
  * Finished implementation of -distort rigid-affine.
  * Enable threaded PNG coder.

(nia)

Updated databases/repmgr, sysutils/ansible

(adam)

ansible: updated to 2.9.9

v2.9.9

Bugfixes
--------
- Fix an issue with the ``fileglob`` plugin where passing a subdirectory of non-existent directory would cause it to fail - https://github.com/ansible/ansible/issues/69450

v2.9.8
======

Minor Changes
-------------
- Add test for reboot & wait_for_connection on EOS & IOS (https://github.com/ansible/ansible/pull/63014)
- Fixed 'intersect' filter spelling in constructed inventory plugin example.
- Move cli prompt check logic from action to cliconf plugin (https://github.com/ansible/ansible/pull/63945)
- Point inventory script location to their respective version rather than devel version in documentation.
- ansible-test - Now includes testing support for RHEL 8.2
- ansible-test - Remove obsolete support for provisioning remote vCenter instances. The supporting services are no longer available.

Bugfixes
--------
- Collections - Allow a collection role to call a stand alone role, without needing to explicitly add ``ansible.legacy`` to the collection search order within the collection role. (https://github.com/ansible/ansible/issues/69101)
- Fix cli context check for network_cli connection (https://github.com/ansible/ansible/pull/64697)
- Revert 5f6427b1fc7449a5c42212013d3f628665701c3d as it breaks netconf connection
- Role Installation - Ensure that a role containing files with non-ascii characters can be installed (https://github.com/ansible/ansible/issues/69133)
- Update ActionBase._low_level_execute_command to honor executable (https://github.com/ansible/ansible/issues/68054)
- collections - Handle errors better for filters and tests in collections, where a non-existent collection is specified, or importing the plugin results in an exception (https://github.com/ansible/ansible/issues/66721)
- deal with cases in which just a file is pased and not a path with directories, now fileglob correctly searches in 'files/' subdirs.
- dnf - Unified error messages when trying to install a nonexistent package with newer dnf (4.2.18) vs older dnf (4.2.9)
- dnf - Unified error messages when trying to remove a wildcard name that is not currently installed, with newer dnf (4.2.18) vs older dnf (4.2.9)
- hostname - make module work on Manjaro Linux (https://github.com/ansible/ansible/issues/61382)
- mysql_user - fix the error No database selected (https://github.com/ansible/ansible/issues/68070).
- ovirt_disk: add warning when uploading wrong format
- ovirt_disk: upload image auto detect size
- ovirt_network: allow to remove vlan_tag
- pip - The virtualenv_command option can now include arguments without requiring the full path to the binary. (https://github.com/ansible/ansible/issues/52275)
- pip - check_mode with ``state: present`` now returns the correct state for pre-release versioned packages
- postgresql_set - fix converting value to uppercase (https://github.com/ansible/ansible/issues/67377).
- redfish_config - fix support for boolean bios attrs (https://github.com/ansible/ansible/pull/68251)
- service_facts - Now correctly parses systemd list-unit-files for systemd >=245
- sysvinit - Add missing parameter ``module`` in call to ``daemonize()``.
- the default parsing will now show existing JSON errors and not just YAML (last attempted), also we avoid YAML parsing when we know we only want JSON issue
- win_psmodule - Fix TLS 1.2 compatibility with PSGallery.
- win_psrepository - Fix TLS 1.2 compatibility with PSGallery.
- win_psrepository - Fix ``Ignore`` error when trying to retrieve the list of registered repositories
- zabbix_template - no longer fails with KeyError when there are no macros present in existing template (see https://github.com/ansible-collections/community.zabbix/issues/19)

(adam)

repmgr: updated to 5.1.0

5.1.0

repmgr: remove BDR 2.x support
repmgr: don't query upstream's data directory
repmgr: rename --recovery-conf-only to --replication-conf-only
repmgr: ensure postgresql.auto.conf is created with correct permissions
repmgr: minimize requirement to check upstream data directory location
  during "standby clone"
repmgr: warn about missing pg_rewind prerequisites when excuting
  "standby clone"
repmgr: add --upstream option to "node check"
repmgr: report error code on follow/rejoin failure due to non-available
  replication slot
repmgr: ensure "node rejoin" checks for available replication slots
repmgr: improve "standby switchover" completion checks
repmgr: add replication configuration file ownership check to
  "standby switchover"
repmgr: check the demotion candidate's registered repmgr.conf file can
  be found
repmgr: consolidate replication connection code
repmgr: check permissions for "pg_promote()" and fall back to pg_ctl
  if necessary
repmgr: in --dry-run mode, display promote command which will be used
repmgr: enable "service_promote_command" in PostgreSQL 12
repmgr: accept option -S/--superuser for "node check"

(adam)

Updated net/py-ldapdomaindump, textproc/py-regex

(adam)

py-regex: updated to 2020.5.14

2020.5.14:
Unknown changes

(adam)

py-ldapdomaindump: updated to 0.9.2

0.9.2:
Unknown changes

(adam)

doc: Updated net/freerdp2 to 2.1.0

(nia)

freerdp2: Update to 2.1.0

# 2020-05-05  Version 2.1.0

Important notes:

* fix multiple CVEs: CVE-2020-11039, CVE-2020-11038, CVE-2020-11043, CVE-2020-11040, CVE-2020-11041,
  CVE-2020-11019, CVE-2020-11017, CVE-2020-11018
* fix multiple leak and crash issues (#6129, #6128, #6127, #6110, #6081, #6077)

Noteworthy features and improvements:
* Fixed sound issues (#6043)
* New expert command line options /tune and /tune-list to modify all client
  settings in a generic way.
* Fixes for smartcard cache, this improves compatibility of smartcard devices
  with newer smartcard channel.
* Shadow server can now be instructed to listen to multiple interfaces.
* Improved server certificate support (#6052)
* Various fixes for wayland client (fullscreen, mouse wheel, ...)
* Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible.
* USB redirection command line improvements (filter options)
* Various translation improvements for android and ios clients

For a complete and detailed change log since the last release candidate run:
git log 2.0.0..2.1.0

# 2020-04-09  Version 2.0.0

Important notes:

* fix multiple CVEs: CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526
* fix multiple other security related issues (#6005, #6006, #6007, #6008, #6009, #6010, #6011, #6012, #6013)
* sha256 is now used instead of sha1 to fingerprint certificates. This will
  invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a
  new connection is established after the update

Noteworthy features and improvements:

* First version of the RDP proxy was added (#5372) - thanks to @kubistika
* Smartcard received some refactoring. Missing functions were added and input
  validation was improved (#5884)
* A new option /cert that unifies all certificate related options (#5880)
  The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still
  available but marked as deprecated
* Support for Remote Assistance Protocol Version 2 [MS-RA]
* The DirectFB client was removed because it was unmaintained
* Unified initialization of OrderSupport
* Fix for licensing against Windows Server 2003
* Font smoothing is now enabled per default
* Flatpack support was added
* Smart scaling for Wayland using libcairo was added (#5215)
* Unified update->BeginPaint and update->EndPaint
* An image scaling API for software drawing was added
* Rail was updated to the latest spec version 28.0
* Support for H.264 in the shadow server is now detected at runtime
* Add mask=<value> option for /gfx and /gfx-h264  (#5771)
* Code reformatting (#5667)
* A new option /timeout was added to adjust the TCP ACK timeout (#5987)

For a complete and detailed change log since the last release candidate run:
git log 2.0.0-rc4..2.0.0

(nia)

json-c: Explicitly disable doxygen and werror

(nia)

The smb.conf(5) man page builds fine on netbsd-9, so re-add it.

This is probably the most important of the Samba man pages, and it
should not have been excluded from the build without a detailed
explanation, "just to make the pkg build".

(hauke)

Recursive revbump for json-c-0.14

(nia)

json-c: Update to 0.14

0.14 (up to commit 9ed00a6, 2020/04/14)
=========================================

Deprecated and removed features:
--------------------------------
* bits.h has been removed
* lh_abort() has been removed
* lh_table_lookup() has been removed, use lh_table_lookup_ex() instead.
* Remove TRUE and FALSE defines, use 1 and 0 instead.

Build changes:
--------------
## Deprecated and removed features:
* bits.h has been removed
* lh_abort() has been removed
* lh_table_lookup() has been removed, use lh_table_lookup_ex() instead.
* Remove TRUE and FALSE defines, use 1 and 0 instead.
* autoconf support, including autogen.sh, has been removed.  See details about cmake, below.
* With the addition of json_tokener_get_parse_end(), access to internal fields of json_tokener, as well as use of many other symbols and types in json_tokener.h, is deprecated now.
* The use of Android.configure.mk to build for Android no longer works, and it is unknown how (or if) the new cmake-based build machinery can be used.
    * Reports of success, or pull requests to correct issues are welcome.

## Notable improvements and new features

### Builds and documentation
* Build machinery has been switched to CMake.  See README.md for details about how to build.
    * TL;DR: `mkdir build ; cd build ; cmake -DCMAKE_INSTALL_PREFIX=/some/path ../json-c ; make all test install`
    * To ease the transition, there is a `cmake-configure` wrapper that emulates the old autoconf-based configure script.
    * This has enabled improvements to the build on Windows system; also all public functions have been fixed to be properly exported.  For best results, use Visual Studio 2015 or newer.
* The json-c style guide has been updated to specify the use of clang-format, and all code has been reformatted.
    * Since many lines of code have trivial changes now, when using git blame, be sure to specify -w
* Numerous improvements have been made to the documentation including function effects on refcounts, when passing a NULL is safe, and so on.

### json_tokener changes
* Added a json_tokener_get_parse_end() function to replace direct access of tok->char_offset.
    * The char_offset field, and the rest of the json_tokener structure remain exposed for now, but expect a future release to hide it like is done with json_object_private.h
* json_tokener_parse_ex() now accepts a new JSON_TOKENER_VALIDATE_UTF8 flag to validate that input is UTF8.
    * If validation fails, json_tokener_get_error(tok) will return json_tokener_error_parse_utf8_string (see enum json_tokener_error).

### Other changes and additions
* Add support for unsigned 64-bit integers, uint64_t, to gain one extra bit of magnitude for positive ints.
    * json_tokener will now parse values up to UINT64_MAX (18446744073709551615)
    * Existing methods returning int32_t or int64_t will cap out-of-range values at INT32_MAX or INT64_MAX, preserving existing behavior.
    * The implementation includes the possibility of easily extending this to larger sizes in the future.
* A total of 7 new functions were added:
    * json_object_get_uint64 ( struct json_object const* jso )
    * json_object_new_uint64 ( uint64_t i )
    * json_object_set_uint64 ( struct json_object* jso, uint64_t new_value )
    * json_parse_uint64 ( char const* buf, uint64_t* retval )
        * See description of uint64 support, above.
    * json_tokener_get_parse_end ( struct json_tokener* tok )
        * See details under "json_tokener changes", above.
    * json_object_from_fd_ex ( int fd, int in_depth )
        * Allows the max nesting depth to be specified.
    * json_object_new_null ( )
        * Simply returns NULL.  Its use is not recommended.
* The size of struct json_object has decreased from 96 bytes to 88 bytes.

### Testing
* Many updates were made to test cases, increasing code coverage.
* There is now a quick way (JSONC_TEST_TRACE=1) to turn on shell tracing in tests.
* To run tests, use `make test`; the old "check" target no longer exists.

## Significant bug fixes
For the full list of issues and pull requests since the previous release, please see issues_closed_for_0.14.md

* [Issue #389](https://github.com/json-c/json-c/issues/389): Add an assert to explicitly crash when _ref_count is corrupted, instead of a later "double free" error.
* [Issue #407](https://github.com/json-c/json-c/issues/407): fix incorrect casts in calls to ctype functions (isdigit and isspace) so we don't crash when asserts are enabled on certain platforms and characters > 128 are parsed.
* [Issue #418](https://github.com/json-c/json-c/issues/418): Fix docs for json_util_from_fd and json_util_from_file to say that they return NULL on failures.
* [Issue #422](https://github.com/json-c/json-c/issues/422): json_object.c:set errno in json_object_get_double() when called on a json_type_string object with bad content.
* [Issue #453](https://github.com/json-c/json-c/issues/453): Fixed misalignment in JSON serialization when JSON_C_TO_STRING_SPACED and JSON_C_TO_STRING_PRETTY are used together.
* [Issue #463](https://github.com/json-c/json-c/issues/463): fix newlocale() call to use LC_NUMERIC_MASK instead of LC_NUMERIC, and remove incorrect comment.
* [Issue #486](https://github.com/json-c/json-c/issues/486): append a missing ".0" to negative double values to ensure they are serialized as floating point numbers.
* [Issue #488](https://github.com/json-c/json-c/issues/488): use JSON_EXPORT on functions so they are properly exported on Windows.
* [Issue #539](https://github.com/json-c/json-c/issues/539): use an internal-only serializer function in json_object_new_double_s() to avoid potential conflicts with user code that uses the json_object_userdata_to_json_string serializer.

(nia)

doc: Updated games/teeworlds to 0.7.5

(nia)

teeworlds: Update to 0.7.5

An exploit was discovered, that allows to crash any 0.7 Teeworlds server.
Though it does not compromise the security of the host (e.g. no arbitrary
accesses in memory) it lets an attacker force a server to repetitively shut
down (CVE-2020-12066).

The 0.7.5 release is a security update that aims to patch this server
exploit. As such, it is very light in features, and is mostly made of fixes.

(nia)

doc: Updated games/powermanga to 0.93.1

(nia)

powermanga: Update to 0.93.1

2015-06-28
Powermanga 0.93.1
- Fixes the speed of the stars after a new game that follows congratulation.
- Clears all gems after the final boss. Thanks to Josh Triplett for the report
  (Debian #764009)
- Disable insecure temporary file "/tmp/powermanga-log.txt". Thanks to
  Josh Triplett for the report (Debian #764144)
- Translation of the man page in French.
- Fix file permissions in HTML directory. Thanks to  nemysisbsd for
  the report.
- Allows the joystick to be configured either from the command line or
  from the config file. Thanks to Maurerp for the patch.
- The __FUNCTION__ macro has been replaced by __func__ macro. ISO C does not
  support ���__FUNCTION__��� predefined identifier. (Debian #778072)
- Remove -Werror and -pedantic flags for non-test builds.

2014-09-20
Powermanga 0.93
- Fix man page: The option to play the game in fullscreen mode
  must be --fullscreen not --full. (Patch Debian)
- Added keywords and a comment in German and French to the desktop file
  (Patch Debian)
- Fix configure.ac: Add custom CFLAGS (Patch Debian)
- Fix segmentation fault in the About menu (English version)
- Fixes wrong joystick behaviour in display_sdl.c and allows the ship to move
  to the left side again. Thanks to Kalle Olavi Niemitalo for the report
  (Debian #561670)
- Allow compilation with Clang

2014-08-19
Powermanga 0.92
- Fix Debian bug #478213
- Fix configure.ac: replace AM_CONFIG_HEADER to AC_CONFIG_HEADERS
- Add  explicitly link with needed libm, fix Debian bug #632945
- Fix PNG_iTXt_SUPPORTED support
- Add italian language
- Fix negative coordinates explosions that caused a segmentation fault.

2012-08-26
Powermanga 0.91
- Update "configure.ac" file.
- Fix compilation warnings (GCC 4.6.3 and Visual Studio)
- Fix alignment constraint (ARM and MIPS processors)
- Adds the ability to export all the game's graphics in PNG files
  using the command line.
- Build test (without sound support) with Visual Studio and run
  successfully on Windows Mobile (HTC Touch P3450)
- Recognizes all the joysticks connected at startup
- Rewrites the file "music_game.zik" with Milkytracker.
  Now the library "SDL_mixer" can read and play this module.
- The application switches to pause when it loses focus.
- Minor bugfixes and improvements

(nia)

doc: Updated games/doomlegacy to 1.48.4

(micha)

doc: Updated graphics/libexif to 0.6.22

(nia)

games/doomlegacy: Update to 1.48.4

pkgsrc changes:
- Patches for NetBSD support removed (merged upstream)
- Define "SOLARIS" for SunOS based operating systems
- MESSAGE replaced by file "share/doc/doomlegacy/INSTALL.pkgsrc"
- Man page is now installed in section 6
- Patch to disable launcher replaced by startscript
  (upstream suggested to use an unsupported option for this purpose)
- Patch for extended node support added (Feature request #95)
  Supported formats: DeeP V4, ZDoom uncompressed, ZDoom compressed
  Without this patch the engine may crash with unsupported node formats
- Patch for local blockmap creation added
  Command line option "-blockmap" added for activation (no automatic mode)

The extended node and blockmap patches allow to play modern PWADs like NOVA III
and Lost Civilization.

Upstream changelog since 1.47.2 is very long, refer to this page:
http://doomlegacy.sourceforge.net/docs/whatsnew.html

(micha)

libexif: Update to 0.6.22

libexif-0.6.22 (2020-05-18):
  * New translations: ms
  * Updated translations for most languages
  * Fixed C89 compatibility
  * Fixed warnings on recent versions of autoconf
  * Some useful EXIF 2.3 tag added:
    * EXIF_TAG_GAMMA
    * EXIF_TAG_COMPOSITE_IMAGE
    * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE
    * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE
    * EXIF_TAG_GPS_H_POSITIONING_ERROR
    * EXIF_TAG_CAMERA_OWNER_NAME
    * EXIF_TAG_BODY_SERIAL_NUMBER
    * EXIF_TAG_LENS_SPECIFICATION
    * EXIF_TAG_LENS_MAKE
    * EXIF_TAG_LENS_MODEL
    * EXIF_TAG_LENS_SERIAL_NUMBER
  * Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others.
    * CVE-2018-20030: Fix for recursion DoS
    * CVE-2020-13114: Time consumption DoS when parsing canon array markers
    * CVE-2020-13113: Potential use of uninitialized memory
    * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes
    * CVE-2020-0093: read overflow
    * CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs
    * CVE-2020-12767: fixed division by zero
    * CVE-2016-6328: fixed integer overflow when parsing maker notes
    * CVE-2017-7544: fixed buffer overread

(nia)

doc: Updated audio/qsynth to 0.6.2

(nia)

qsynth: Update to 0.6.2

0.6.2  2020-03-24  A Spring'20 Release.

- A scalable (.svg) icon version has been added.

- Make man page compression reproducible (after request
  by Jelle van der Waa, while on the Vee-Ones, thanks).

- Ditching deprecated QTime methods for QElapsedTimer's
  (in compliance to Qt >= 5.14.0).

- Bumped copyright headers into the New Year (2020).

(nia)

doc: Updated x11/rofi to 1.5.4

(nia)

rofi: Update to 1.5.4

v1.5.4: Painful tardiness
- SSH: Fix wrong malloc size, causing crash.

v1.5.3: Time delayed progress
- Update manpage with missing entry. (#937)
- Rename sidebar widget to mode-switcher and allow configuration from theme.
- Timing: Moving timing output to glib debug system.
- SSH: Fix unitialized variable issue.
- SSH: resolve ':' conflict in history entries.
- RASI Lexer: Fix nested () in variable default field.
- USABILITY: When mode not found, show in gui not just on commandline.
- ICON: Allow aligning image in icon widget.
- Meson build system: cleanups and improvements.
- Meson build system: add documentation (#943)
- Window: Fix default formatting and remove (invalid) deprecation warning.
- DMenu: Add support for showing icons infront of displayed list.
- Overlay: Fix overlay widget to correctly integrate in new theme format.
- Update libnkutils, libgwater.
- SSH: be case-insensitive when parsing keywords.
- DMENU: Add format option to strip pango markup from return value.
- ListView: allow user to change ellipsizing displayed value at run-time.

(nia)

doc: Updated sysutils/rox to 2.11

(nia)

rox: Update to 2.11

Release 2.11 (2011-10-09)

- Converted from Glade to GtkBuilder.

- Fixed typo in German translation (Alek).

- "build" script runs autoconf and build the documentation if necessary. This
  is needed for Git checkouts.

- Don't lower panel when the pointer moves over an applet. Reported by mark76
  on IRC.

- Centre the pinboard image correctly if larger than the screen (Mohamed Amine
  IL Idrissi). Patch sent to Ubuntu anonymously and forwarded; see Ubuntu bug
  #615490.

- Depend on 0compile 0.19.1. Fixes bug using distribution-provided pkg-config.

- Added build dependency on pkg-config.

- Bugfix: unselect item when menu is closed. We used to listen for
  "unmap_event", but this is no longer emitted in recent versions of GTK.
  Switched to using "selection-done" instead. Closes #2925212 (reported by
  Barry Kauler).

- Added button to options window to create the 'rox' start up script (Stephen
  Watson).

- Updated Italian translation (Yuri).

- Updated Brazilian Portuguese translation (S辿rgio Cipolla).

- Updated Spanish and Galician translations (Antonio S叩nchez). The
  how-to-change-permissions explanation had a mistake that made the help window
  appear blank.

- Updated Spanish translation (Antonio S叩nchez and Luis Felipe Abad).

- Turn the error on invalid line breaks in uri_list_to_glist into a warning
  (Stephen Watson). Firefox 3.5 upto and including 3.5.2 gets it wrong, but we
  don't want to stop drops working until they fix it.

- Eliminated the duplicated code between pixmap_background_thumb() and
  pixmap_try_thumb(). pixmap_background_thumb() now calls pixmap_try_thumb() to
  get from memory or load from cache (Stephen Watson).

- Added option to place panels under the control of the _NET_WORKAREA property
  (Stephen Watson). Note it only checks the work area at the point it creates
  the panel.

- Fix bug in XDG MIME magic: if two matches at the same priority returned
  exactly the same type, it was considered a conflict (Stephen Watson).

- Newer versions of GTK+ issue warnings if a spin button has a non-zero page
  size (Stephen Watson).

- If a file has a thumbnail, display it in the infobox (Stephen Watson).

(nia)

doc/TODO: bind-9.16.3

+ bind-9.16.3.

(taca)

doc: Updated net/bind914 to 9.14.12

(taca)

net/bind914: update to 9.14.12

Update bind914 to 9.14.12 (BIND 9.14.12).

Note from release announce:

BIND 9.14.12 is the final planned release in the now End-of-Life (EOL)
9.14 branch.

--- 9.14.12 released ---

5395. [security] Further limit the number of queries that can be
triggered from a request.  Root and TLD servers
are no longer exempt from max-recursion-queries.
Fetches for missing name server address records
are limited to 4 for any domain. (CVE-2020-8616)
[GL #1388]

5390. [security] Replaying a TSIG BADTIME response as a request could
trigger an assertion failure. (CVE-2020-8617)
[GL #1703]

5376. [bug] Fix ineffective DNS rebinding protection when BIND is
configured as a forwarding DNS server. Thanks to Tobias
Klein. [GL #1574]

5358. [bug] Inline master zones whose master files were touched
but otherwise unchanged and were subsequently reloaded
may have stopped re-signing. [GL !3135]

5357. [bug] Newly added RRSIG records with expiry times before
the previous earliest expiry times might not be
re-signed in time.  This was a side effect of 5315.
[GL !3137]

(taca)

doc: Updated net/bind911 to 9.11.19

(taca)

net/bind911: update to 9.11.19

Update bind911 to 9.11.19 (BIND 9.11.19).

--- 9.11.19 released ---

5404. [bug] 'named-checkconf -z' could incorrectly indicate
success if errors were found in one view but not in a
subsequent one. [GL #1807]

5398. [bug] Named could fail to restart if a zone with a double
quote (") in its name was added with 'rndc addzone'.
[GL #1695]

5395. [security] Further limit the number of queries that can be
triggered from a request.  Root and TLD servers
are no longer exempt from max-recursion-queries.
Fetches for missing name server address records
are limited to 4 for any domain. (CVE-2020-8616)
[GL #1388]

5394. [cleanup] Named formerly attempted to change the effective UID and
GID in named_os_openfile(), which could trigger a
spurious log message if they were already set to the
desired values. This has been fixed. [GL #1042]
[GL #1090]

5390. [security] Replaying a TSIG BADTIME response as a request could
trigger an assertion failure. (CVE-2020-8617)
[GL #1703]

5387. [func] Warn about AXFR streams with inconsistent message IDs.
[GL #1674]

(taca)

libetpan: Resolve pkgconfig mess

(nia)

py-cairosvg: Add setup_requires packages to BUILD_DEPENDS.

(kleink)

doc: Updated mail/libetpan to 1.9.4

(nia)

libetpan: Update to 1.9.4

Changes:

- Bugfixes on QUOTA
- Various warning fixes & build fixes
- Added IMAP CLIENTID / SMTP CLIENTID support
- Use Cyrus SASL 2.1.27
- Support of TLS SNI
- LMDB for cache DB
- Fixed build with recent versions of curl

(nia)

rust: Bump libLLVM version for SunOS bootstrap.

(jperkin)

Updated databases/redis, devel/py-cython

(adam)

py-cython: updated to 0.29.18

0.29.18

Bugs fixed
* Exception position reporting could run into race conditions on threaded code.
  It now uses function-local variables again.
* Error handling early in the module init code could lead to a crash.
* Error handling in ``cython.array`` creation was improved to avoid calling
  C-API functions with an error held.
* A memory corruption was fixed when garbage collection was triggered during calls
  to ``PyType_Ready()`` of extension type subclasses.
* Memory view slicing generated unused error handling code which could negatively
  impact the C compiler optimisations for parallel OpenMP code etc.  Also, it is
  now helped by static branch hints.
* Cython's built-in OpenMP functions were not translated inside of call arguments.
* Complex buffer item types of structs of arrays could fail to validate.
* Decorators were not allowed on nested `async def` functions.
* C-tuples could use invalid C struct casting.
* Optimised ``%d`` string formatting into f-strings failed on float values.
* Optimised aligned string formatting (``%05s``, ``%-5s``) failed.
* When importing the old Cython ``build_ext`` integration with distutils, the
  additional command line arguments leaked into the regular command.
* When using the ``CYTHON_NO_PYINIT_EXPORT`` option in C++, the module init function
  was not declared as ``extern "C"``.
* Three missing timedelta access macros were added in ``cpython.datetime``.

(adam)

redis: updated to 6.0.3

Redis 6.0.3:
Upgrade urgency CRITICAL: a crash introduced in 6.0.2 is now fixed.

Redis 6.0.2:
Upgrade urgency MODERATE: many not critical bugfixes in different areas.
                          Critical fix to client side caching when
                          keys are evicted from the tracking table but
                          no notifications are sent.

The following are the most serious fix:

* XPENDING should not update consumer's seen-time
* optimize memory usage of deferred replies - fixed
* Fix CRC64 initialization outside the Redis server itself.
* stringmatchlen() should not expect null terminated strings.
* Cluster nodes availability checks improved when there is
  high Pub/Sub load on the cluster bus.
* Redis Benchmark: Fix coredump because of double free
* Tracking: send eviction messages when evicting entries.
* rax.c updated from upstream antirez/rax.
* fix redis 6.0 not freeing closed connections during loading.

New features:
dd
* Support setcpuaffinity on linux/bsd
* Client Side Caching: Add Tracking Prefix Number Stats in Server Info
* Add --user argument to redis-benchmark.c (ACL)

(adam)

vlc: don't list x11 in SUGGESTED_OPTIONS twice

It is already under an if !Darwin clause.

(tnn)

Note update of net/unbound to 1.10.1.

(he)

Update unbound to version 1.10.1.

Pkgsrc changes:
* None.

Upstream changes:

This release fixes CVE-2020-12662 and CVE-2020-12663.

Bug Fixes:
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
  query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
  used to make Unbound unresponsive.

(he)

audio/din: Updates the description.

A better description from the author of the software.

Submitted by: Jagannathan Sampath <jag@dinisnoise.org>

(fox)

missing PLIST updates

(adam)

regress/infra-unittests: demonstrate relative paths in +BUILD_VERSION

Pointed out by wiz@.

This occured in math/libixion/Makefile.common until 2020-05-19, and still
occurs in math/xyconvert/Makefile.  In all other packages, PKGDIR is
prefixed with  ${.CURDIR} and is thus an absolute path.

It should not be necessary to always specify PATCHDIR as an absolute
path, and the code in mk/pkgformat/pkg/metadata.mk seems to be the only
place where relative paths are handled wrong.

(rillig)

regress/infra-unittests: remove unnecessary tmpdir handling

The test infrastructure from test.subr already takes care of setting up a
temporary directory.

(rillig)

py-cmake-language-server: mark as not for python 2.x due to py-pygls

(wiz)

regress/plus_build_version: the bug has been fixed in January 2020

(rillig)

ldb: pkgsrc toolify previous (preferred sed may not be "sed")

(gutteridge)

(editors/TeXmacs) fix WARNING: [subst.mk:init] Nothing changed

(mef)

libixion: clean some pkglint

(wiz)

libixion: use .CURDIR

distinfo and patches paths must be absolute

(wiz)

irssi: remove random debug leftover

(maya)

doc: Updated pkgtools/pkglint to 20.1.7

(rillig)

pkgtools/pkglint: update to 20.1.7

Changes since 20.1.6:

Versioned Python dependencies may end with :test or :tool, as the code in
lang/python/versioned_dependencies.mk says.

(rillig)

doc: Updated chat/irssi to 1.2.2nb4

(maya)

irssi: grab pull request from upstream fixing hangs with ctrl+space

bump pkgrevision

(maya)

qemu: Remove no longer used prefix subst class

(leot)

py-pygls: Sort PLIST

(leot)

include-what-you-use: make it use c++14 and GCC 5

Like the rest of the llvm packages.
Remove now unneeded patch.

(wiz)

rust: if variables are supposed to be overridable, set them with ?=

(wiz)

rust: Update COMMENT

(nia)

lang: Add rust-bin.

Dumb package that selects and installs a binary rust distribution
based on its guess of your platform (FreeBSD, NetBSD, Linux x86_64 are
all supported). These binaries are the official ones provided by
rust upstream and are the same as those provided by the `rustup` tool.

You can choose to use a binary rust distribution by setting:
RUST_TYPE=bin in mk.conf
(or source distribution with RUST_TYPE=src).

Currently, RUST_TYPE=bin by default ONLY for NetBSD-x86_64. This is
because TNF has been shown to _repeatedly_ be unable and _unwilling_ to
ensure that rust-dependent packages build properly on their
infrastructure, and NetBSD users are all suffering for it.

This was based on minskim's work in pkgsrc-wip.

It was tested by building librsvg and firefox-esr with the resulting
binaries.

(nia)

Unbreak building without ldap support - the library got built and
installed, anyway, resulting in a PLIST error.

ldb's snazzy little build system has no official configuration option
for this, so we reach in and flick the switch by hand.

(hauke)