doc: Removed security/p5-OpenSSL

(nia)

security: Remove p5-OpenSSL. Broken with OpenSSL 1.1, dead upstream.

p5-Net-SSLeay seems more popular in Perl-land.

(nia)

doc: Removed print/pdfmod

(nia)

print: remove pdfmod

unmaintained gnome2 component, archived upstream

(nia)

opencv-contrib-face: Fix possible build failure when jasper is installed

When jasper is installed the build fails because it is accidentally recognized.

Discussed on pkgsrc-changes@:

https://mail-index.NetBSD.org/pkgsrc-changes/2020/02/16/msg206681.html

(leot)

opencv: Restore optionality of jasper

bump PKGREVISION

(nia)

doc: Updated net/youtube-dl to 20200301

(leot)

youtube-dl: Update to 20200301

Changes:
20200301
--------
Core
* [YoutubeDL] Force redirect URL to unicode on python 2
- [options] Remove duplicate short option -v for --version (#24162)

Extractors
* [xhamster] Fix extraction (#24205)
* [franceculture] Fix extraction (#24204)
+ [telecinco] Add support for article opening videos
* [telecinco] Fix extraction (#24195)
* [xtube] Fix metadata extraction (#21073, #22455)
* [youjizz] Fix extraction (#24181)
- Remove no longer needed compat_str around geturl
* [pornhd] Fix extraction (#24128)
+ [teachable] Add support for multiple videos per lecture (#24101)
+ [wistia] Add support for multiple generic embeds (#8347, 11385)
* [imdb] Fix extraction (#23443)
* [tv2dk:bornholm:play] Fix extraction (#24076)

(leot)

doc: Removed audio/gimmix

(nia)

audio: Remove gimmix

Upstream disappeared around 7 years ago. This isn't the latest version which
is apparently 0.5.7.2.

Plenty of other mpd clients are available.

(nia)

updates to texworks and texstudio

(markd)

texstudio: update to 2.12.22

2020-01-18: 2.12.22
It fixes garbled symbols in OSX, crash when changing magic language
comment and pdf search path handling.

2020-01-13: 2.12.20
It fixes a problem with replacing when search highlight is activated.

2019-12-26: 2.12.18
This is mainly a bug fix release. Most notably change is better support
of regexp in search (Qt5 version only).

(markd)

glabels: gets gnome category

(nia)

texworks: update to 0.6.3

also add patch to work around qt5.14 issue.

Release 0.6.3 (TL'19) [March 2019]
* Implement "Insert Citations..." dialog
* Implement indenting/unindenting by Tab/Shift+Tab (thanks to fsonner)
* Make synchronization granularity configurable (highlight corresponding
  character, word, or line)
* Add ability to distinguish identically named files by displaying the
  respective folders they are in in the window title, window menu, and under
  "Open Recent"
* Implement "Fit to content width" PDF zoom (which ignores empty space
  around the text)
* Disable unavailable typesetting engines
* Allow to change the editor font size by Ctrl+Mousewheel (thanks to Tim
  Hoffmann)
* Improve the detection of spellchecking languages (add ability to search
  multiple directories and list all results)
* Hide the menu bar in PDF full screen mode
* Rework/expand code completion strings (thanks to Joseph Wright)
* Add/update syntax highlighting for LaTeX, ConTeXt, Lua, DTX (all thanks to
  Joseph Wright), and BibTeX
* Add cleanup-patterns for beamer files .nav & .snm
* Add new/unified icons for typeset (thanks to Tim Hoffmann) and zooming
* Display paper size and file size in the PDF metadata

* Fix infinite loop in syntax highlighter (which caused significant
  slow-down especially for large files)
* Fix underline when spellchecking with syntax highlighting
* Fix "Place on Left/Right", especially on multi-screen setups
* Avoid 'file "" not found' errors when synchronizing
* Fix synchronization while searching in a PDF
* Fix fine-grained synchronization near paragraph boundaries
* Fix the PDF copy menu command
* Fix PDF text selection
* Fix font color reset when searching and using stylesheets
* Fix crashes when working with locked PDFs
* Fix unexpected cursor movement when using a combination of backspace and
  up/down arrow keys (thanks to Markus Kuhn)
* Fix the font in the log parser output
* Fix persistent magnifying glass
* Remove unimplemented PDF menu items cut, paste, clear

* Update translations
* Update libraries for pre-built binaries

(markd)

glabels: missing schema include

(nia)

PKGREVISION bump for poppler dependency change

(markd)

doc: Updated print/glabels to 3.4.1

(nia)

glabels: Remove file that's no longer needed

(nia)

glabels: Update to 3.4.1

Updated to gtk3 version, no longer depends on gnome2 libraries

(nia)

doc: Fix changes line

(nia)

doc: Removed games/sirius

(nia)

games: Remove sirius - old GNOME 2 game with dead upstream site

appears to be barely available outside pkgsrc, but there's another 'sirius'
package - a "domain specific library for electronic structure calculations"
which is actively maintained

(nia)

mplayer-share: mention mencvcd in a comment

(wiz)

doc: Updated sysutils/mencvcd to 1.4

(wiz)

mencvcd: update to 1.4.

This switches it to use the script from the mplayer sources.
Modification date is still from 2011.
Changes not found.

(wiz)

libgadu: Switch from openssl to gnutls

This resolves build issues with OpenSSL 1.1 and ensures the resulting
binary is GPL compliant.

Bump PKGREVISION

(nia)

doc: Removed net/libdmapsharing successor net/libdmapsharing3

(nia)

net: Remove libdmapsharing, successor libdmapsharing3

No longer used by anything in pkgsrc

(nia)

bulk-medium: Remove jabberd1

(nia)

ruby-railties52: fix path in ALTERNATIVES

(markd)

poppler-cpp: PKGREVISION bump for previous.

(markd)

poppler*: reenable splash backend - needed to display output in poppler-qt
based backends.
also add nss dependency and be explicit in the tiff dependency.

(markd)

py-pygit2: sort PLIST

(wiz)

doc: Updated devel/py-pygit2 to 1.1.0

(nia)

py-pygit2: Update to 1.1.0

1.1.0 (2020-03-01)
-------------------------

- Upgrade to libgit2 0.99
  `#959 <https://github.com/libgit2/pygit2/pull/959>`_

- Continued work on custom odb backends
  `#948 <https://github.com/libgit2/pygit2/pull/948>`_

- New ``Diff.patchid`` getter
  `#960 <https://github.com/libgit2/pygit2/pull/960>`_
  `#877 <https://github.com/libgit2/pygit2/issues/877>`_

- New ``settings.disable_pack_keep_file_checks(...)``
  `#908 <https://github.com/libgit2/pygit2/pull/908>`_

- New ``GIT_DIFF_`` and ``GIT_DELTA_`` constants
  `#738 <https://github.com/libgit2/pygit2/issues/738>`_

- Fix crash in iteration of config entries
  `#970 <https://github.com/libgit2/pygit2/issues/970>`_

- Travis: fix printing features when building Linux wheels
  `#977 <https://github.com/libgit2/pygit2/pull/977>`_

- Move ``_pygit2`` to ``pygit2._pygit2``
  `#978 <https://github.com/libgit2/pygit2/pull/978>`_

Requirements changes:

- Now libgit2 0.99 is required
- New requirement: cached-property

Breaking changes:

- In the rare case you're directly importing the low level ``_pygit2``, the
  import has changed::

    # Before
    import _pygit2

    # Now
    from pygit2 import _pygit2

(nia)

pkgtools/pkg_install: add errno details when remove fails

Before, it wasn't clear why removing the file failed. It could be ENOENT
or EPERM or EBUSY, and these lead to different causes.

https://mail-index.netbsd.org/pkgsrc-users/2020/02/28/msg030552.html

(rillig)

doc/TODO: add some

+ ImageMagick-7.0.9.27, gimp-2.10.18, glib2-2.64.0, libnotify-0.7.9,
  libsoup-2.68.4, ncursesw-6.2, picard-2.3.1, poppler-0.86.0.

(wiz)

coq

(dholland)

lang/coq now needs adwaita-icon-theme.

(without it the new coqide is missing things, and it seems to
specifically refer to adwaita-icon-theme by name)

Bump PKGREVISION to 1, since coqide is a default-on option.

(dholland)

szip: fix typo

(gutteridge)

doc: Updated textproc/py-X to 0.15

(gutteridge)

py-X: update to 0.15

(Spurred by the fact net/scapy expects the SVG support introduced back
in 2015.)

0.15 (2019/07/14):
  - text module:
    - introduce UnicodeEngine
    - MultiEngineText to express combined text data for TeX based engines and
      the new UnicodeEngine
    - Text and StackedText classes for simple typesetting operations on
      UnicodeEngine text
    - rename TexRunner and LatexRunner to TexEngine and LatexEngine
    - rename cls argument of text.set to engine (with fallback and
      deprecation warning in place)
    - improve error handling when input cannot be encoded by texenc
    - add support for virtual fonts in virtual fonts
    - font maps: treat font files without extension as Type 1 (to
      prevent warnings occuring especially with Minion or Libertine fonts)
    - fix UnicodeDecodeError for invalid character responses by TeX/LaTeX
      (reported by Gert Ingold)
  - new examples:
    - non-ASCII TeX encoding
  - t1font:
    - use integers in auto-guessed font descriptors to prevent an issue in pdftex
      (reported by Michael Hartmann)
    - fix typo: ItalicAngles -> ItalicAngle (thanks to Ross Moore)
  - graph.axis.texter:
    - unify exponential and mixed texter to default texter
    - use MultiEngineText in all texters (decimal, default, factional)
  - pdfwriter, pswriter, svgwriter:
    - removed underscore in  PS and PDF and SVG writer options strip_fonts,
      text_as_path, mesh_as_bitmap, mesh_as_bitmap_resolution
      (new: stripfonts, textaspath, meshasbitmap and meshasbitmapresolution)
      to prevent ambiquity with write_ prefixes.
    - Fix color output in SVG (reported by Michael Hartmann)
  - deformer:
    - Fix parallel deformer for empty normsubpaths (thanks to Michael J Gruber)
  - graph.style:
    - Use RGBA instead of ARGB in the bitmap fallback of graph.style.density
      Fix saving SVG as supported modes are limited (thanks to Michael J Gruber)
  - pattern:
    - inject default linewidth (reported by Michael J Gruber)
  - version control:
    - switched to git on 2018/07/16 with main repository on GitHub

0.14.1 (2015/11/02):
  - distribution:
    - upload to PyPI (including old releases)
    - remove old releases from sourceforge
  - text module:
    - fix load_def message parser (reported by Mico Fil坦s)
  - normpath:
    - fix intersect with empty normsubpaths (bug #62, thanks to Florent Hivert)

0.14 (2015/04/30):
  - new svgwriter module:
    - complete SVG output
    - SVG font output disabled by default due to missing support by
      most browsers, fallback by rendering fonts as paths
  - new svgfile module:
    - SVG reader
    - unparsed mode: embedd svg in other svg
    - parsed mode: supports reading paths (including styles,
      tranformations, etc.) into a PyX canvas
  - bitmap module:
    - using bytes in image type conversions and channel extraction
  - color module:
    - fix grey class
    - fix rgb css binary issue and short code index error
  - epsfile module:
    - fix parsing of bounding box
  - text module:
    - no end of pages test when no dvi is created at all
    - add chroot config option needed to use a chrooted TeX installation
  - graph module:
    - add xy12axesat feature to graphxyz
  - canvas module:
    - fix clipping and transformation applied together
    - provide _repr_svg_ in canvas for use by IPython
    - new constructor argument ipython_bboxenlarge
  - deco module:
    - remove shortcut for ornaments only to not skip global styles

(gutteridge)

doc: Updated www/ruby-puma to 4.3.3

(taca)

www/ruby-puma: update to 4.3.3

Update ruby-puma to 4.3.3.

## 4.3.3 and 3.12.4 / 2020-02-28
  * Bugfixes
    * Fix: Fixes a problem where we weren't splitting headers correctly on newlines (#2132)
  * Security
    * Fix: Prevent HTTP Response splitting via CR in early hints.

(taca)

(doc/CHANGES-2020) Updated archivers/p5-Archive-Tar to 2.36

(mef)

(archivers/p5-Archive-Tar) Updated 2.3.2 to 2.3.6

2.36  02/02/2020
- Add xz test files to MANIFEST

2.34  01/02/2020 (HEANEY && SKAJI)
- Add xz support
- Use 4 digit year in Time::Local call

(mef)

doc: Updated archivers/szip to 2.1.1

(mef)

(archivers/szip) Updated 2.1 to 2.1.1

                      Release notes for SZIP 2.1.1
                                January 13, 2017
Bug fixes:
  -- None.

New features:
  -- Add CMake support.

Know problems:
  -- On IRIX64-6.5, shared library version 3.0 is created instead of 2.0.
  -- There is no support for shared library on the AIX 5.* systems.

User support:
    Report all problems to help@hdfgroup.org.
    For more information on SZIP, see:
    http://www.hdfgroup.org/doc_resource/SZIP/

(mef)

doc: Updated x11/xfce4-whiskermenu-plugin to 2.4.2

(gutteridge)

xfce4-whiskermenu-plugin: update to 2.4.2

Change log:

2.4.2
=====
- Fix crash when selecting desktop action. (bug #16445)
- Translation updates: Chinese (China), Croatian, Georgian.

2.4.1
=====
- Fix narrow iconview columns.
- Fix bad hyphenation by increasing iconview column width.
- Translation updates: Finnish, Serbian.

2.4.0
=====
- Add option to show as icons. (bug #15675)
- Add hiding menu items. (bug #14816)
- Add searching keywords of menu items. (bug #15047)
- Add tooltip to profile picture for editing profile. (bug #15501)
- Adjust wording of switch user command. (bug #15398)
- Add icons to context menu.
- New default layout.
- Make panel button square only if single row and title hidden.
- Rearrange settings dialog.
- Redesign session confirmation dialogs.
- Refactor code.
- Rewrite menu load to match GarconGtkMenu.
- Switch categories with keyboard focus if hover enabled.
- Use custom icon renderer.
- Use link time optimization if available.
- Increase C++ version.
- Translation updates: Bulgarian, Catalan, Chinese (Taiwan), Czech,
  Danish, Dutch, Finnish, French, Galician, Georgian, German, Greek,
  Icelandic, Indonesian, Interlingue, Italian, Japanese, Lithuanian,
  Malay, Nepali, Norwegian Bokm奪l, Polish, Portuguese,
  Portuguese (Brazil), Slovak, Spanish, Turkish.

(gutteridge)

doc: Updated misc/xfce4-weather-plugin to 0.10.1

(gutteridge)

xfce4-weather-plugin: update to 0.10.1

Change log:

0.10.1
======
- Switch to 'locationforecast' product and use a more recent API
version (bug #16268)
- Fix invalid scrollbar index to add a label (bug #16023)
- Update URLs from goodies.x.o to docs.x.o (bug #16182)
- Fix build with panel 4.15
- Make build output less verbose
- Use standard icon names (bug #16059)
- Translation Updates:
  Albanian, Croatian, Finnish, Galician, Greek, Portuguese, Slovak,
  Slovenian

(gutteridge)

py-qt5: add LICENSE entry

(gutteridge)

doc: Updated sysutils/xfce4-thunar to 1.8.12

(gutteridge)

xfce4-thunar: update to 1.8.12

Change log:

1.8.12
======
- NULL is the proper sentinel for g_object_new() (Bug #16310)
- Drop timer on finalize (Bug #15305)
- Store column width setting asynchronously and only once (Bug #15305)
- When move to trash fails, ask whether to delete files (Bug #15975)
- Ctrl+Mousewheel does not enlarge/shrink entries (for detailed list
view) (Bug #15936)
- Extra padding for Eject button when scrollbar is visible (Bug #15312)
- Use standard icon instead of custom
- Translation Updates: Albanian, Chinese (China), Chinese (Taiwan), Croatian,
  Czech, Dutch, French, Galician, Greek, Hungarian, Italian, Japanese,
  Norwegian Bokm奪l, Portuguese, Portuguese (Brazil), Russian, Serbian, Slovak,
  Spanish, Swedish, Ukrainian

(gutteridge)

Updated www/py-MechanicalSoup, www/py-flask-admin

(adam)

py-flask-admin: updated to 1.5.5

v1.5.5
Werkzeug 1.0 compatibility fix
Use fa-circle-o icon for unchecked booleans
A few SQLAlchemy-related bug fixes

(adam)

py-MechanicalSoup: updated to 0.12.0

Version 0.12

Main changes:
* Changes in official python version support: added 3.7 and dropped 3.4.
* Added ability to submit a form without updating ``StatefulBrowser`` internal
  state: ``submit_selected(..., update_state=False)``. This means you get a
  response from the form submission, but your browser stays on the same page.
  Useful for handling forms that result in a file download or open a new tab.

Bug fixes
* Improve handling of form enctype to behave like a real browser.
* HTML ``type`` attributes are no longer required to be lowercase.
* Form controls with the ``disabled`` attribute will no longer be submitted
  to improve compliance with the HTML standard. If you were relying on this
  bug to submit disabled elements, you can still achieve this by deleting the
  ``disabled`` attribute from the element in the :class:`~mechanicalsoup.Form`
  object directly.
* When a form containing a file input field is submitted without choosing a
  file, an empty filename & content will be sent just like in a real browser.
* ``<option>`` tags without a ``value`` attribute will now use their text as
  the value.
* The optional ``url_regex`` argument to ``follow_link`` and ``download_link``
  was fixed so that it is no longer ignored.
* Allow duplicate submit elements instead of raising a LinkNotFoundError.

(adam)

gcc9: better PLIST for Darwin

(adam)

doc: Updated net/mosquitto to 1.6.9

(gdt)

net/mosquitto: Update to 1.6.9

Upstream NEWS equivalent is:

  Bugfixes

  Use presence of password file as indicator for whether username
  checks should take place, not whether usernames are defined in the
  password file. Closes #1545. [This is a security fix for
  misconfigured systems.]

(gdt)

print/libgnomeprint: Bark as BROKEN if cups is requested

(gdt)

doc: Updated archivers/zutils to 1.8

(mef)

(archivers/zutils) Updated 1.6 to 1.8

Changes in version 1.8:

A buffer overflow has been fixed in zcat which happened sometimes when
the '-v, --show-nonprinting' option was used (or indirectly enabled).
A canary byte has been added to the output buffer to prevent the buffer
overflow from happening again.

The option '-R, --dereference-recursive', which recursively follows
symbolic links, has been added to zcat, zgrep, ztest and zupdate.

The option '-r, --recursive' now skips symlinks that are encountered
recursively.

If no files are given to zcat, zgrep, ztest and zupdate, a recursive
search will now examine the current working directory.

Recursive directory loops are now detected.

zcat and zgrep now ignore directories given in the command line if
'--recursive' is not specified, instead of reporting an error.

Extra trailing slashes are now removed from directories given in the
command line before recursing into them.

zcat and zgrep now show the right error when they can't open an input
file instead of showing "No such file or directory".

Killed decompressors are now waited for, preventing failure caused by
too many open pipes.

Test and document that if a file fails to decompress, zcat, zgrep and
ztest continue processing the rest of the files.

Test and document that if an error happens while recompressing a file,
zupdate exits immediately without recompressing the rest of the files.

The configure script now accepts appending options to CXXFLAGS using the
syntax 'CXXFLAGS+=OPTIONS'.

(mef)

doc: Updated archivers/zopfli to 1.0.3

(mef)

(archivers/zopfli) Updated 1.0.1 to 1.0.3, ChangeLog not easily found

(mef)

print/foliate: lang/gjs is a runtime dependency, not build-time.

(rhialto)

Updated textproc/py-sphinxcontrib-qthelp, textproc/py-sphinx

(adam)

py-sphinx: updated to 2.4.3

Release 2.4.3:

Bugs fixed
* autodoc: ``*args`` and ``**kwarg`` in type comments are not handled
  properly
* autodoc: classmethod coroutines are not detected
* intersphinx: ``:attr:`` reference to property is broken
* html search: Search breaks/hangs when built with dirhtml builder
* todo: emit doctree-resolved event with non-document node incorrectly

(adam)

py-sphinxcontrib-qthelp: updated to 1.0.3

Release 1.0.3:
* Fix package metadata has broken

(adam)

Updated textproc/py-sphinxcontrib-applehelp, textproc/py-sphinxcontrib-devhelp, textproc/py-sphinxcontrib-htmlhelp, textproc/py-sphinxcontrib-serializinghtml

(adam)

py-sphinxcontrib-serializinghtml: updated to 1.1.4

1.1.4:
Unknown changes

(adam)

py-sphinxcontrib-htmlhelp: updated to 1.0.3

Release 1.0.3:
* htmlhelp builder should generate HTML4 docs instead of HTML5

(adam)

py-sphinxcontrib-devhelp: updated to 1.0.2

Release 1.0.2:
* Fix package metadata has broken

(adam)

py-sphinxcontrib-applehelp: updated to 1.0.2

Release 1.0.2:
* Fix package metadata has broken

(adam)

doc: Removed audio/rtunes

(nia)

audio: Remove rtunes

This is dead upstream since 2009 and fails to build against OpenSSL 1.1.

(nia)

powder-toy: Drop MAINTAINER

(nia)

libgit2: Correct buildlink3

(nia)

Recursive revbump for libgit2-0.99.0

(nia)

doc: Updated security/mbedtls to 2.16.5

(nia)

mbedtls: Update to 2.16.5

= mbed TLS 2.16.5 branch released 2020-02-20

Security
  * Fix potential memory overread when performing an ECDSA signature
    operation. The overread only happens with cryptographically low
    probability (of the order of 2^-n where n is the bitsize of the curve)
    unless the RNG is broken, and could result in information disclosure or
    denial of service (application crash or extra resource consumption).
    Found by Auke Zeilstra and Peter Schwabe, using static analysis.
  * To avoid a side channel vulnerability when parsing an RSA private key,
    read all the CRT parameters from the DER structure rather than
    reconstructing them. Found by Alejandro Cabrera Aldaya and Billy Bob
    Brumley. Reported and fix contributed by Jack Lloyd.
    ARMmbed/mbed-crypto#352

Bugfix
  * Fix an unchecked call to mbedtls_md() in the x509write module.
  * Fix a bug in mbedtls_pk_parse_key() that would cause it to accept some
    RSA keys that would later be rejected by functions expecting private
    keys. Found by Catena cyber using oss-fuzz (issue 20467).
  * Fix a bug in mbedtls_pk_parse_key() that would cause it to accept some
    RSA keys with invalid values by silently fixing those values.

(nia)

doc: Updated devel/libgit2 to 0.99.0

(nia)

libgit2: Update to 0.99.0

v0.99
-----

This is v0.99 "Torschlusspanik".  This will be the last minor release
before libgit2 v1.0.  We expect to only respond to bugs in this release,
to stabilize it for next major release.

It contains significant refactorings, but is expected to be API-compatible
with v0.28.0.

### Changes or improvements

* When fetching from an anonymous remote using a URL with authentication
  information provided in the URL (eg `https://foo:bar@example.com/repo`),
  we would erroneously include the literal URL in the FETCH_HEAD file.
  We now remove that to match git's behavior.

* Some credential structures, enums and values have been renamed:
  `git_cred` is now `git_credential`.  `git_credtype_t` is now
  `git_credential_t`.  Functions and types beginning with
  `git_cred_` now begin with `git_credential`, and constants beginning
  with `GIT_CREDTYPE` now begin with `GIT_CREDENTIAL`.  The former names
  are deprecated.

* Several function signatures have been changed to return an `int` to
  indicate error conditions.  We encourage you to check them for errors
  in the standard way.

  * `git_attr_cache_flush`
  * `git_error_set_str`
  * `git_index_name_clear`
  * `git_index_reuc_clear`
  * `git_libgit2_version`
  * `git_mempack_reset`
  * `git_oid_cpy`
  * `git_oid_fmt`
  * `git_oid_fromraw`
  * `git_oid_nfmt`
  * `git_oid_pathfmt`
  * `git_remote_stop`
  * `git_remote_disconnect`
  * `git_repository__cleanup`
  * `git_repository_set_config`
  * `git_repository_set_index`
  * `git_repository_set_odb`
  * `git_repository_set_refdb`
  * `git_revwalk_reset`
  * `git_revwalk_simplify_first_parent`
  * `git_revwalk_sorting`
  * `git_treebuilder_clear`
  * `git_treebuilder_filter`

* The NTLM and Negotiate authentication mechanisms are now supported when
  talking to git implementations hosted on Apache or nginx servers.

* The `HEAD` symbolic reference can no longer be deleted.

* `git_merge_driver_source_repo` no longer returns a `const git_repository *`,
  it now returns a non-`const` `git_repository *`.

* Relative symbolic links are now supported on Windows when `core.symlinks`
  is enabled.

* Servers that provide query parameters with a redirect are now supported.

* `git_submodule_sync` will now resolve relative URLs.

* When creating git endpoint URLs, double-slashes are no longer used when
  the given git URL has a trailing slash.

* On Windows, a `DllMain` function is no longer included and thread-local
  storage has moved to fiber-local storage in order to prevent race
  conditions during shutdown.

* The tracing mechanism (`GIT_TRACE`) is now enabled by default and does
  not need to be explicitly enabled in CMake.

* The size of Git objects is now represented by `git_object_size_t`
  instead of `off_t`.

* Binary patches without data can now be parsed.

* A configuration snapshot can now be created from another configuration
  snapshot, not just a "true" configuration object.

* The `git_commit_with_signature` API will now ensure that referenced
  objects exist in the object database.

* Stash messages containing newlines will now be replaced with spaces;
  they will no longer be (erroneously) written to the repository.

* `git_commit_create_with_signature` now verifies the commit information
  to ensure that it points to a valid tree and valid parents.

* `git_apply` has an option `GIT_APPLY_CHECK` that will only do a dry-run.
  The index and working directory will remain unmodified, and application
  will report if it would have worked.

* Patches produced by Mercurial (those that lack some git extended headers)
  can now be parsed and applied.

* Reference locks are obeyed correctly on POSIX platforms, instead of
  being removed.

* Patches with empty new files can now be read and applied.

* `git_apply_to_tree` can now correctly apply patches that add new files.

* The program data configuration on Windows (`C:\ProgramData\Git\config`)
  must be owned by an administrator, a system account or the current user
  to be read.

* `git_blob_filtered_content` is now deprecated in favor of `git_blob_filter`.

* Configuration files can now be included conditionally using the
  `onbranch` conditional.

* Checkout can now properly create and remove symbolic links to directories
  on Windows.

* Stash no longer recomputes trees when committing a worktree, for
  improved performance.

* Repository templates can now include a `HEAD` file to default the
  initial default branch.

* Some configuration structures, enums and values have been renamed:
  `git_cvar_map` is now `git_configmap`, `git_cvar_t` is now
  `git_configmap_t`, `GIT_CVAR_FALSE` is now `GIT_CONFIGMAP_FALSE`,
  `GIT_CVAR_TRUE` is now `GIT_CONFIGMAP_TRUE`, `GIT_CVAR_INT32` is now
  `GIT_CONFIGMAP_INT32`, and `GIT_CVAR_STRING` is now `GIT_CONFIGMAP_STRING`.
  The former names are deprecated.

* Repositories can now be created at the root of a Windows drive.

* Configuration lookups are now more efficiently cached.

* `git_commit_create_with_signature` now supports a `NULL` signature,
  which will create a commit without adding a signature.

* When a repository lacks an `info` "common directory", we will no
  longer erroneously return `GIT_ENOTFOUND` for all attribute lookups.

* Several attribute macros have been renamed: `GIT_ATTR_TRUE` is now
  `GIT_ATTR_IS_TRUE`, `GIT_ATTR_FALSE` is now `GIT_ATTR_IS_FALSE`,
  `GIT_ATTR_UNSPECIFIED` is now `GIT_ATTR_IS_UNSPECIFIED`.  The
  attribute enum `git_attr_t` is now `git_attr_value_t` and its
  values have been renamed: `GIT_ATTR_UNSPECIFIED_T` is now
  `GIT_ATTR_VALUE_UNSPECIFIED`, `GIT_ATTR_TRUE_T` is now
  `GIT_ATTR_VALUE_TRUE`, `GIT_ATTR_FALSE_T` is now `GIT_ATTR_VALUE_FALSE`,
  and `GIT_ATTR_VALUE_T` is now `GIT_ATTR_VALUE_STRING`.  The
  former names are deprecated.

* `git_object__size` is now `git_object_size`.  The former name is
  deprecated.

* `git_tag_create_frombuffer` is now `git_tag_create_from_buffer`.  The
  former name is deprecated.

* Several blob creation functions have been renamed:
  `git_blob_create_frombuffer` is now named `git_blob_create_from_buffer`,
  `git_blob_create_fromdisk` is now named `git_blob_create_from_disk`,
  `git_blob_create_fromworkdir` is now named `git_blob_create_from_workdir`,
  `git_blob_create_fromstream` is now named `git_blob_create_from_stream`,
  and `git_blob_create_fromstream_commit` is now named
  `git_blob_create_from_stream_commit`.  The former names are deprecated.

* The function `git_oid_iszero` is now named `git_oid_is_zero`.  The
  former name is deprecated.

* Pattern matching is now done using `wildmatch` instead of `fnmatch`
  for compatibility with git.

* The option initialization functions suffixed by `init_options` are now
  suffixed with `options_init`.  (For example, `git_checkout_init_options`
  is now `git_checkout_options_init`.)  The former names are deprecated.

* NTLM2 authentication is now supported on non-Windows platforms.

* The `git_cred_sign_callback` callback is now named `git_cred_sign_cb`.
  The `git_cred_ssh_interactive_callback` callback is now named
  `git_cred_ssh_interactive_cb`.

* Ignore files now:

  * honor escaped trailing whitespace.
  * do not incorrectly negate sibling paths of a negated pattern.
  * honor rules that stop ignoring files after a wildcard

* Attribute files now:

  * honor leading and trailing whitespace.
  * treat paths beginning with `\` as absolute only on Windows.
  * properly handle escaped characters.
  * stop reading macros defined in subdirectories

* The C locale is now correctly used when parsing regular expressions.

* The system PCRE2 or PCRE regular expression libraries are now used
  when `regcomp_l` is not available on the system.  If none of these
  are available on the system, an included version of PCRE is used.

* Wildcards in reference specifications are now supported beyond simply
  a bare wildcard (`*`) for compatibility with git.

* When `git_ignore_path_is_ignored` is provided a path with a trailing
  slash (eg, `dir/`), it will now treat it as a directory for the
  purposes of ignore matching.

* Patches that add or remove a file with a space in the path can now
  be correctly parsed.

* The `git_remote_completion_type` type is now `git_remote_completion_t`.
  The former name is deprecated.

* The `git_odb_backend_malloc` is now `git_odb_backend_data_alloc`.  The
  former name is deprecated.

* The `git_transfer_progress_cb` callback is now `git_indexer_progress_cb`
  and the `git_transfer_progress` structure is now `git_indexer_progress`.
  The former names are deprecated.

* The example projects are now contained in a single `lg2` executable
  for ease of use.

* libgit2 now correctly handles more URLs, such as
  `http://example.com:/repo.git` (colon but no port),
  `http://example.com` (no path),
  and `http://example.com:8080/` (path is /, nonstandard port).

* A carefully constructed commit object with a very large number
  of parents may lead to potential out-of-bounds writes or
  potential denial of service.

* The ProgramData configuration file is always read for compatibility
  with Git for Windows and Portable Git installations.  The ProgramData
  location is not necessarily writable only by administrators, so we
  now ensure that the configuration file is owned by the administrator
  or the current user.

### API additions

* The SSH host key now supports SHA-256 when `GIT_CERT_SSH_SHA256` is set.

* The diff format option `GIT_DIFF_FORMAT_PATCH_ID` can now be used to
  emit an output like `git patch-id`.

* The `git_apply_options_init` function will initialize a
  `git_apply_options` structure.

* The remote callbacks structure adds a `git_url_resolve_cb` callback
  that is invoked when connecting to a server, so that applications
  may edit or replace the URL before connection.

* The information about the original `HEAD` in a rebase operation is
  available with `git_rebase_orig_head_name`.  Its ID is available with
  `git_rebase_orig_head_id`.  The `onto` reference name is available with
  `git_rebase_onto_name` and its ID is available with `git_rebase_onto_id`.

* ODB backends can now free backend data when an error occurs during its
  backend data creation using `git_odb_backend_data_free`.

* Options may be specified to `git_repository_foreach_head` to control
  its behavior: `GIT_REPOSITORY_FOREACH_HEAD_SKIP_REPO` will not skip
  the main repository's HEAD reference, while
  `GIT_REPOSITORY_FOREACH_HEAD_SKIP_WORKTREES` will now skip the
  worktree HEAD references.

* The `GIT_OPT_DISABLE_PACK_KEEP_FILE_CHECKS` option can be specified to
  `git_libgit2_opts()` to avoid looking for `.keep` files that correspond
  to packfiles.  This setting can improve performance when packfiles are
  stored on high-latency filesystems like network filesystems.

* Blobs can now be filtered with `git_blob_filter`, which allows for
  options to be set with `git_blob_filter_options`, including
  `GIT_FILTER_NO_SYSTEM_ATTRIBUTES` to disable filtering with system-level
  attributes in `/etc/gitattributes` and `GIT_ATTR_CHECK_INCLUDE_HEAD` to
  enable filtering with `.gitattributes` files in the HEAD revision.

### API removals

* The unused `git_headlist_cb` function declaration was removed.

* The unused `git_time_monotonic` API is removed.

* The erroneously exported `inttypes.h` header was removed.

# Security Fixes

- CVE-2019-1348: the fast-import stream command "feature
  export-marks=path" allows writing to arbitrary file paths. As
  libgit2 does not offer any interface for fast-import, it is not
  susceptible to this vulnerability.

- CVE-2019-1349: by using NTFS 8.3 short names, backslashes or
  alternate filesystreams, it is possible to cause submodules to
  be written into pre-existing directories during a recursive
  clone using git. As libgit2 rejects cloning into non-empty
  directories by default, it is not susceptible to this
  vulnerability.

- CVE-2019-1350: recursive clones may lead to arbitrary remote
  code executing due to improper quoting of command line
  arguments. As libgit2 uses libssh2, which does not require us
  to perform command line parsing, it is not susceptible to this
  vulnerability.

- CVE-2019-1351: Windows provides the ability to substitute
  drive letters with arbitrary letters, including multi-byte
  Unicode letters. To fix any potential issues arising from
  interpreting such paths as relative paths, we have extended
  detection of DOS drive prefixes to accomodate for such cases.

- CVE-2019-1352: by using NTFS-style alternative file streams for
  the ".git" directory, it is possible to overwrite parts of the
  repository. While this has been fixed in the past for Windows,
  the same vulnerability may also exist on other systems that
  write to NTFS filesystems. We now reject any paths starting
  with ".git:" on all systems.

- CVE-2019-1353: by using NTFS-style 8.3 short names, it was
  possible to write to the ".git" directory and thus overwrite
  parts of the repository, leading to possible remote code
  execution. While this problem was already fixed in the past for
  Windows, other systems accessing NTFS filesystems are
  vulnerable to this issue too. We now enable NTFS protecions by
  default on all systems to fix this attack vector.

- CVE-2019-1354: on Windows, backslashes are not a valid part of
  a filename but are instead interpreted as directory separators.
  As other platforms allowed to use such paths, it was possible
  to write such invalid entries into a Git repository and was
  thus an attack vector to write into the ".git" dierctory. We
  now reject any entries starting with ".git\" on all systems.

- CVE-2019-1387: it is possible to let a submodule's git
  directory point into a sibling's submodule directory, which may
  result in overwriting parts of the Git repository and thus lead
  to arbitrary command execution. As libgit2 doesn't provide any
  way to do submodule clones natively, it is not susceptible to
  this vulnerability. Users of libgit2 that have implemented
  recursive submodule clones manually are encouraged to review
  their implementation for this vulnerability.

### Breaking API changes

* The "private" implementation details of the `git_cred` structure have been
  moved to a dedicated `git2/sys/cred.h` header, to clarify that the underlying
  structures are only provided for custom transport implementers.
  The breaking change is that the `username` member of the underlying struct
  is now hidden, and a new `git_cred_get_username` function has been provided.

### Breaking CMake configuration changes

* The CMake option to use a system http-parser library, instead of the
  bundled dependency, has changed.  This is due to a deficiency in
  http-parser that we have fixed in our implementation.  The bundled
  library is now the default, but if you wish to force the use of the
  system http-parser implementation despite incompatibilities, you can
  specify `-DUSE_HTTP_PARSER=system` to CMake.

* The interactions between `USE_HTTPS` and `SHA1_BACKEND` have been
  streamlined. The detection was moved to a new `USE_SHA1`, modeled after
  `USE_HTTPS`, which takes the values "CollisionDetection/Backend/Generic", to
  better match how the "hashing backend" is selected, the default (ON) being
  "CollisionDetection". If you were using `SHA1_BACKEND` previously, you'll
  need to check the value you've used, or switch to the autodetection.

### Authors

The following individuals provided changes that were included in this
release:

* Aaron Patterson
* Alberto Fanjul
* Anders Borum
* Augie Fackler
* Augustin Fabre
* Ayush Shridhar
* brian m. carlson
* buddyspike
* Carlos Martín Nieto
* cheese1
* Dan Skorupski
* Daniel Cohen Gindi
* Dave Lee
* David Brooks
* David Turner
* Denis Laxalde
* Dhruva Krishnamurthy
* Dominik Ritter
* Drew DeVault
* Edward Thomson
* Eric Huss
* Erik Aigner
* Etienne Samson
* Gregory Herrero
* Heiko Voigt
* Ian Hattendorf
* Jacques Germishuys
* Janardhan Pulivarthi
* Jason Haslam
* Johannes Schindelin
* Jordan Wallet
* Josh Bleecher Snyder
* kas
* kdj0c
* Laurence McGlashan
* lhchavez
* Lukas Berk
* Max Kostyukevich
* Patrick Steinhardt
* pcpthm
* Remy Suen
* Robert Coup
* romkatv
* Scott Furry
* Sebastian Henke
* Stefan Widgren
* Steve King Jr
* Sven Strickroth
* Tobias Nießen
* Tyler Ang-Wanek
* Tyler Wanek

(nia)

musicpd: fix build with clang 9.0.0

Sent this and another patch upstream, so add URL to second patch.

(wiz)

Python's only used at buildtime, not runtime.

(dogcow)

doc: Updated www/ruby-puma to 4.3.2

(taca)

www/ruby-puma: update to 4.3.2

Update ruby-puma to 4.3.2.

## 4.3.2 and 3.12.3 / 2020-02-27

* Security
  * Fix: Prevent HTTP Response splitting via CR/LF in header
    values. CVE-2020-5247.

(taca)

doc: fix format of last couple of entries.

(wiz)

libffi: kludge for aarch64. Bump rev.

Disable i-cache flushing. This is wrong but the previous version of
libffi didn't do it either and that worked in practice.

(tnn)

Added math/harmbase2 20191229 [plunky 2020-02-28]

(plunky)

add harmbase2 subdir

(plunky)

Add harmbase2-20191229

Harmbase is a database application for managing harmonic constants.

It is not "plug and play" software. It's not designed to be useful
to someone who does not know how to hack Ruby code or write
interactive SQL queries.

(plunky)

Added math/harmgen 3.1.3 [plunky 2020-02-28]

(plunky)

add harmgen subdir

(plunky)

Add harmgen 3.1.3

Harmgen is a program to derive harmonic constants from water level
observations, by David Flater

(plunky)

Added math/congen 1.7 [plunky 2020-02-28]

(plunky)

add congen subdir

(plunky)