doc: Updated textproc/gtkspell to 2.0.16nb30

(wiz)

gtkspell: update to 2.0.16nb30.

Switch from enchant to enchant2.

(wiz)

doc: Updated databases/ruby-sequel to 5.22.0

(taca)

databases/ruby-sequel: update to 5.22.0

=== 5.22.0 (2019-07-01)

* Fix Dataset#multi_insert and #import with return: :primary_key on MSSQL when the dataset has a row_proc (jeremyevans) (#1627)

* Support Dataset#with :materialized option on PostgreSQL 12 for [NOT] MATERIALIZED (jeremyevans)

* Make Database#primary_key_sequence work on tables without serial sequences on PostgreSQL 12 (jeremyevans)

* Support ruby 2.7+ startless ranges in the pg_range extension (jeremyevans)

* Support ruby 2.7+ startless, endless ranges in filters, using an always true condition for them (jeremyevans)

* Support ruby 2.7+ startless ranges in filters, using just a <= or < operator for them (jeremyevans)

(taca)

Pullup tickets #5990 to #5997

(bsiegert)

Pullup ticket #5997 - requested by taca
fonts/ricty-ttf: build fix

Revisions pulled up:
- fonts/ricty-ttf/Makefile                                      1.24

---
  Module Name: pkgsrc
  Committed By: tsutsui
  Date: Fri Jul  5 16:24:08 UTC 2019

  Modified Files:
  pkgsrc/fonts/ricty-ttf: Makefile

  Log Message:
  ricty-ttf: follow move of inconsolata-ttf installation path.

  Also explicitly require moved version:
    http://mail-index.netbsd.org/pkgsrc-changes/2019/04/06/msg190085.html
    > inconsolata-ttf: update to 20090207nb2.
    > Use fonts.mk: Fixes installation path.

(bsiegert)

Pullup ticket #5996 - requested by nia
audio/faad2: security fix

Revisions pulled up:
- audio/faad2/Makefile                                          1.53
- audio/faad2/distinfo                                          1.27
- audio/faad2/patches/patch-CVE-2018-20194                      1.1
- audio/faad2/patches/patch-CVE-2018-20362                      1.1
- audio/faad2/patches/patch-libfaad_bits.c                      1.1

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Thu Jul 11 09:03:35 UTC 2019

  Modified Files:
  pkgsrc/audio/faad2: Makefile distinfo
  Added Files:
  pkgsrc/audio/faad2/patches: patch-CVE-2018-20194 patch-CVE-2018-20362
      patch-libfaad_bits.c

  Log Message:
  faad2: Backport some security fixes from upstream.

  CVE-2018-20194:
  https://github.com/knik0/faad2/commit/6b4a7cde30f2e2cb03e78ef476cc73179cfffda3.patch

  CVE-2018-20362:
  https://github.com/knik0/faad2/commit/466b01d504d7e45f1e9169ac90b3e34ab94aed14.patch

  Misc buffer overflows:
  https://github.com/knik0/faad2/commit/942c3e0aee748ea6fe97cb2c1aa5893225316174.patch

(bsiegert)

Pullup ticket #5995 - requested by nia
audio/libmad: security fix

Revisions pulled up:
- audio/libmad/Makefile                                        1.22
- audio/libmad/distinfo                                        1.5
- audio/libmad/patches/patch-bit.c                              1.1
- audio/libmad/patches/patch-frame.c                            1.1
- audio/libmad/patches/patch-layer12.c                          1.1
- audio/libmad/patches/patch-layer3.c                          1.1

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Wed Jul 10 20:01:57 UTC 2019

  Modified Files:
  pkgsrc/audio/libmad: Makefile distinfo
  Added Files:
  pkgsrc/audio/libmad/patches: patch-bit.c patch-frame.c patch-layer12.c
      patch-layer3.c

  Log Message:
  libmad: Add patches for CVE-2017-8372, CVE-2017-8373, CVE-2017-8374.

  >From Kurt Roeckx / Debian.

  Tested with cmus and moc.

(bsiegert)

Pullup ticket #5994 - requested by schmonz
net/fehqlibs: bugfix
net/djbdnscurve6, net/ucspi-ssl, net/ucspi-tcp6: bump revision

Revisions pulled up:
- net/djbdnscurve6/Makefile                                    1.6
- net/fehqlibs/Makefile                                        1.5
- net/fehqlibs/distinfo                                        1.4
- net/ucspi-ssl/Makefile                                        1.32
- net/ucspi-tcp6/Makefile                                      1.14

---
  Module Name:    pkgsrc
  Committed By:  schmonz
  Date:          Wed Jul 10 10:35:11 UTC 2019

  Modified Files:
          pkgsrc/net/fehqlibs: Makefile distinfo

  Log Message:
  .9.12 has a serious regression in dns_ipq.c: only AAAA records are
  looked up, instead of AAAA and A. Revert to previous 0.9.10 (as
  "0.9.12.10").

---
  Module Name:    pkgsrc
  Committed By:  schmonz
  Date:          Wed Jul 10 10:49:36 UTC 2019

  Modified Files:
          pkgsrc/net/djbdnscurve6: Makefile
          pkgsrc/net/ucspi-ssl: Makefile
          pkgsrc/net/ucspi-tcp6: Makefile

  Log Message:
  Bump PKGREVISION for fehqlibs-using packages.

(bsiegert)

doc: Updated editors/nano to 4.3

(wiedi)

nano: update to 4.3

2019.06.18 - GNU nano 4.3 "Musa Kart"
• The ability to read from and write to a FIFO has been regained.
• Startup time is reduced by fully parsing a syntax only when needed.
• Asking for help (^G) when using --operatingdir does not crash.
• The reading of a huge or slow file can be stopped with ^C.
• Cut, zap, and copy operations are undone separately when intermixed.
• M-D reports the correct number of lines (zero for an empty buffer).

(wiedi)

clisp: make PS file generation dependent on the "doc" option.

It turns out disabling docs also disables generating the ps files.
Found while dealing with pullup ticket #5993 by he@.

(bsiegert)

Pullup ticket #5993 - requested by he
lang/clisp: build fix

Revisions pulled up:
- lang/clisp/Makefile                                          1.112

---
  Module Name: pkgsrc
  Committed By: he
  Date: Tue Jul  9 22:55:41 UTC 2019

  Modified Files:
  pkgsrc/lang/clisp: Makefile

  Log Message:
  Patterned after electric-fence, turn off builtins for calloc, malloc,
  memalign, realloc, valloc and free.  Makes clisp work with modern compilers.
  Bump PKGREVISION.

(bsiegert)

Updated www/py-flask, archivers/py-zipp

(adam)

py-zipp: updated to 0.5.2

v0.5.2
Parent of a directory now actually returns the parent.

(adam)

py-flask: updated to 1.1.1

Version 1.1.1

The flask.json_available flag was added back for compatibility with some extensions. It will raise a deprecation warning when used, and will be removed in version 2.0.0.

Version 1.1.0

Bump minimum Werkzeug version to >= 0.15.
Drop support for Python 3.4.
Error handlers for InternalServerError or 500 will always be passed an instance of InternalServerError. If they are invoked due to an unhandled exception, that original exception is now available as e.original_exception rather than being passed directly to the handler. The same is true if the handler is for the base HTTPException. This makes error handler behavior more consistent.
Flask.finalize_request() is called for all unhandled exceptions even if there is no 500 error handler.
Flask.logger takes the same name as Flask.name (the value passed as Flask(import_name). This reverts 1.0窶冱 behavior of always logging to "flask.app", in order to support multiple apps in the same process. A warning will be shown if old configuration is detected that needs to be moved.
flask.RequestContext.copy() includes the current session object in the request context copy. This prevents session pointing to an out-of-date object.
Using built-in RequestContext, unprintable Unicode characters in Host header will result in a HTTP 400 response and not HTTP 500 as previously.
send_file() supports PathLike objects as described in PEP 0519, to support pathlib in Python 3.
send_file() supports BytesIO partial content.
open_resource() accepts the 窶徨t窶� file mode. This still does the same thing as 窶徨窶�.
The MethodView.methods attribute set in a base class is used by subclasses.
Flask.jinja_options is a dict instead of an ImmutableDict to allow easier configuration. Changes must still be made before creating the environment.
Flask窶冱 JSONMixin for the request and response wrappers was moved into Werkzeug. Use Werkzeug窶冱 version with Flask-specific support. This bumps the Werkzeug dependency to >= 0.15.
The flask command entry point is simplified to take advantage of Werkzeug 0.15窶冱 better reloader support. This bumps the Werkzeug dependency to >= 0.15.
Support static_url_path that ends with a forward slash.
Support empty static_folder without requiring setting an empty static_url_path as well.
jsonify() supports dataclasses.dataclass objects.
Allow customizing the Flask.url_map_class used for routing.
The development server port can be set to 0, which tells the OS to pick an available port.
The return value from cli.load_dotenv() is more consistent with the documentation. It will return False if python-dotenv is not installed, or if the given path isn窶冲 a file.
Signaling support has a stub for the connect_via method when the Blinker library is not installed.
Add an --extra-files option to the flask run CLI command to specify extra files that will trigger the reloader on change.
Allow returning a dictionary from a view function. Similar to how returning a string will produce a text/html response, returning a dict will call jsonify to produce a application/json response.
Blueprints have a cli Click group like app.cli. CLI commands registered with a blueprint will be available as a group under the flask command..
When using the test client as a context manager (with client:), all preserved request contexts are popped when the block exits, ensuring nested contexts are cleaned up correctly.
Show a better error message when the view return type is not supported.
flask.testing.make_test_environ_builder() has been deprecated in favour of a new class flask.testing.EnvironBuilder.
The flask run command no longer fails if Python is not built with SSL support. Using the --cert option will show an appropriate error message.
URL matching now occurs after the request context is pushed, rather than when it窶冱 created. This allows custom URL converters to access the app and request contexts, such as to query a database for an id.

(adam)

Updated devel/yarn, textproc/py-deepdiff

(adam)

py-deepdiff: updated to 4.0.7

4.0.7:
Hashing of the number 1 vs. True

(adam)

yarn: updated to 1.17.3

1.17.3
Enforces https for the Yarn and npm registries.

1.17.2
Adds support for reading yarnPath from v2-produced .yarnrc.yml files.

1.17.0
Adds prereleases flags and prerelease identifier to yarn version.
Fixes audits when used with yarn add & yarn upgrade
Adds support for the --offline flag to yarn global add
Yarn will tolerate Yaml at parse time. Full support isn't ready yet and will only come at the next major.
Fixes a bug when using the link: protocol with a folder that doesn't contain a package.json

(adam)

doc: Updated mail/msmtp to 1.8.5

(leot)

msmtp: Update to 1.8.5

Changes:
1.8.5
-----
- Fixed OAUTHBEARER.
- Support for TLS client certificates via PKCS11 devices, e.g. smart cards.
- Various small bug fixes and improvements.

(leot)

doc: Updated meta-pkgs/xfce4-extras to 4.14pre2

(gutteridge)

xfce4-extras: also reflect version 4.14pre2 properly

(gutteridge)

doc: Updated meta-pkgs/xfce4 to 4.14pre2

(gutteridge)

xfce4: update to 4.14pre2

(gutteridge)

doc: Updated sysutils/xfce4-power-manager to 1.6.3

(gutteridge)

doc: Updated sysutils/xfce4-cpugraph-plugin to 1.1.0

(gutteridge)

xfce4-cpugraph-plugin: update to 1.1.0 (2/7/2019)

Change log:

1.1.0 (2/7/2019)
=====
- Updated translations

1.0.91 (22/6/2019)
=====
- Add option to disable the graph (Bug #15163)
- Use css to change bar colors (Bug #15186)
- Fix bars in horizontal mode
- Updated translations

(gutteridge)

doc: Updated sysutils/xfce4-appfinder to 4.13.4

(gutteridge)

xfce4-appfinder: update to 4.13.4

Change log:

4.13.4
======
- Improve xfce4-run comment (Bug #15473)
- Translation updates: Armenian, Belarusian, Bulgarian, Catalan,
  Chinese (Taiwan), Croatian, Czech, Danish, Dutch (Flemish), French, Galician,
  German, Hungarian, Interlingue, Italian, Lithuanian, Malay, Polish,
  Portuguese, Russian, Spanish

(gutteridge)

doc: Updated sysutils/xfce4-thunar to 1.8.7

(gutteridge)

xfce4-thunar: update to 1.8.7

Change log:

1.8.7
=====
- Fix crash on unmounted volume in tree pane right click (Bug #15452)
- Do not check G_FILE_ATTRIBUTE_ACCESS_CAN_WRITE anymore (Bug #15367)
- Deactivate "Move to Trash" menu entry on volumes without trash (Bug #15352)
- thunar-sendto-email.desktop: use xdg mail-send icon
- Restore "Empty File" menu icon (Bug #15540)
- Rename Camelcase to Title Case (Bug #15579)
- Update mimeapps.list only when necessary (Bug #15533)
- Prevent new bookmarks on sidebar when dragging files (Bug #14921)
- Translation updates: Albanian, Armenian (Armenia), Belarusian, Catalan,
Chinese (China), Chinese (Taiwan), Croatian, Czech, Danish,
English (Australia), Finnish, French, Galician, German, Hebrew, Hungarian,
Interlingue, Italian, Japanese, Malay, Norwegian Nynorsk, Portuguese, Russian,
Serbian, Spanish, Thai, Turkish

(gutteridge)

xfce4-power-manager: update to 1.6.3

Change log:

1.6.3
=====
- Revert "Read from actual_brightness instead of brightness"
- Translation updates:
  Danish, English (Australia), Portuguese, Serbian, Turkish

(gutteridge)

doc: Updated x11/xfce4-desktop to 4.13.5

(gutteridge)

xfce4-desktop: update to 4.13.5

Change log:

4.13.5
======
- Highlight drag target when hovering it (Bug #12695)
- Fix drag data being received multiple times (Bug #14471)
- Allow to load non-theme icons (Bug #15294)
- Add Next Background option (Bug #12261)
- Do not cycle backdrop twice
- Ensure that CSD is not applied to desktop window (Bug #15241)
- Use async dbus proxy initialization (Bug #15418)
- Open all selected icons on key press (Bug #15420)
- Improve fallback CSS
- Fix warning about ignoring return value (Bug #15410)
- Update README.xfconf (Bug #15457)
- Translation Updates: Albanian, Armenian (Armenia), Belarusian, Bulgarian,
  Catalan, Chinese (Taiwan), Croatian, Danish, Dutch, English (Australia),
  Finnish, French, Galician, German, Hebrew, Hungarian, Interlingue, Italian,
  Lithuanian, Malay, Persian (Iran), Polish, Portuguese, Russian, Serbian,
  Spanish, Thai, Turkish

(gutteridge)

doc: Updated x11/xfce4-tumbler to 0.2.5

(gutteridge)

xfce4-tumbler: update to 0.2.5

Change log:

0.2.5
=====
- Translation Updates: Armenian, Danish

(gutteridge)

doc: Updated x11/xfce4-session to 4.13.3

(gutteridge)

xfce4-session: update to 4.13.3

Change log:

4.13.3
======
- Reset font-size of logout dialog to default (Bug #15505)
- Report optional dependency on polkit (Bug #12761)
- Read data from correct group when editing autostart entry (Bug
  #10423)
- Improve layout of autostart add/edit dialogs
- Improve column layout of autostart tab (Bug #15448)
- settings: Fix crash when terminating programs (Bug #15489)
- Translation updates:
  Belarusian, Danish, English (Australia), Finnish, French, German,
  Hebrew, Hungarian, Kazakh, Malay, Portuguese, Portuguese (Brazilian),
  Turkish

(gutteridge)

doc: Updated x11/xfce4-settings to 4.13.7

(gutteridge)

xfce4-settings: update to 4.13.7

Change log:

4.13.7
======
- Bugfixes and other small changes:
  - color:
    - Fix crash when launching gcm in plugged dialog (Bug #15426)
    - Set correct icon in color dialogs
  - display:
    - Replace deprecated icon (Bug #15416)
    - Add mnemonics to minimal dialog buttons (Bug #15449)
    - Disable auto-enabling profiles by default
  - settings-manager: Fix missing icons on resize/add/remove (Bugs #15428, #15613)
  - xfsettingsd: Fix numlock state restoration (Bug #15642)
- Translation Updates:
    Belarusian, Danish, English (Australia), Finnish, French, Indonesian,
    Lithuanian, Portuguese (Brazilian), Serbian, Turkish

(gutteridge)

doc: Updated x11/xfce4-panel to 4.13.6

(gutteridge)

xfce4-panel: update to 4.13.6

Change log:

4.13.6
======
- Update default panel layout
- Bugfixes:
  - Retain original GDK_CORE_DEVICE_EVENTS setting for plugins (Bug
  #15044)
  - directorymenu: Fix plugin menu autohide behaviour
  - prefs: Add missing mnemonic accelerators (Bug #15652)
  - prefs: Improve window title (Bug #15653)
  - prefs: Correct capitalization of labels (Bug #15651)
  - arrow-button: Allow connect_after signals on draw
  - tasklist: Draw grouped windows count indicator (Bug #10844)
  - tasklist: Only base bg color of group indicator on Gtk theme
  - tasklist: Avoid draw signal loop
  - tasklist: Don't show actionsmenu in grouped windows (Bug #15622)
  - Add more accelerators to dialog buttons (Bug #15490)
  - AC_CONFIG_MACRO_DIR -> AC_CONFIG_MACRO_DIRS
  - Fix typo in debug output
- Translation updates:
    Albanian, Bulgarian, Catalan, Chinese (China), Chinese (Taiwan),
    Croatian, Czech, Danish, Dutch (Flemish), English (Australia), French,
    German, Italian, Lithuanian, Polish, Portuguese, Portuguese
    (Brazilian), Serbian, Spanish, Turkish

(gutteridge)

doc: Updated devel/xfce4-conf to 4.13.8

(gutteridge)

xfce4-conf: update to 4.13.8

XXX GObject introspection and Vala support has not yet been enabled in
pkgsrc. This is probably an optional dependency, TBD.

Change log:

4.13.8
======
- Add support for GObject introspection and vala
- Tests: Explicitly handle error reply from Ping method call
- Disable perl bindings by default
- Translation Updates: Danish, Armenian (Armenia)

(gutteridge)

doc: Updated x11/xfce4-garcon to 0.6.3

(gutteridge)

xfce4-garcon: update to 0.6.3

Change log:

0.6.3
=====
- Fix g_type_class_add_private deprecation in recent GLib
- Translation Updates:
  Albanian, Basque, Bengali, Czech, Danish, Hebrew, Icelandic, Italian,
  Kazakh, Polish, Russian, Spanish

(gutteridge)

doc: Updated wm/xfce4-wm to 4.13.3

(gutteridge)

xfce4-wm: update to 4.13.3

Change log:

4.13.3
======
- Update CSS for tabwinb only on theme change (Viktor Odintsev)
- HiDPI: Use GTK3 scaling attributes for window titles (Viktor Odintsev)
- HiDPI: Adjust default theme with scale
- Fix initial pointer location when zooming
- Fix double-click distance setting (Adam K)
- Allow the top of the frame to be cropped when maximised (Adam K,
  bug #14470)
- Update default theme to use maximized cropping
- Fix build without compositor (bug #15432)
- Improved GLX support with NVIDIA proprietary/closed source driver
  (bug #15453)
- Compositor updates with GLX
- Small optimization with zoom on GLX
- Increase X11 client priority of xfwm4
- Change default compositor background to plain black
- Fallback to resource class name for icons (Iharob Al Asimi, bug #15510)
- Clear shortcut in settings-dialog when removed (bug #12802)
- Remove icons from window menu
- Fix regression with maximized window (bug #15638)
- I18n: Update translations: bg, ca, cs, da, de, es, fr, gl, hr, hu,
  hy_AM, id, ie, it, lt, ms, nl, pl, pt, pt_BR, ru, sr, tr, zh_CN, zh_TW

(gutteridge)

doc: Updated x11/libxfce4ui to 4.13.6

(gutteridge)

libxfce4ui: update to 4.13.6

Change log:

4.13.6
======
- Update active contributors
- Translation Updates:
  Albanian, Belarusian, Catalan, Danish, Dutch (Flemish), English
  (Australia), Finnish, Galician, Hebrew, Hungarian, Italian, Japanese,
  Kazakh, Malay, Portuguese, Portuguese (Brazilian), Russian, Serbian,
  Spanish, Thai, Turkish

(gutteridge)

doc: Updated x11/libxfce4util to 4.13.4

(gutteridge)

libxfce4util: update to 4.13.4

Change log:

4.13.4
======
- Bump the Xfce version to 4.14pre2
- Translation Updates: Danish, Galician

(gutteridge)

doc: Updated devel/xfce4-dev-tools to 4.13.0

(gutteridge)

xfce4-dev-tools: update to 4.13.0

Change log:

4.13.0
======
- Merge exo-csource modifications in xdt-csource
- xdt-csource will replace exo-csource (projects using exo-csource needs to be updated)
- The work started in issue #6449 but the full migration has never been done.
- Remove svn support in xdt-autogen
- Simplify a bit the XDT_AUTOGEN_REQUIRED_VERSION detection
- Remove the check of the unused doc submodule
- Remove useless macros: m4macros/xdt-python.m4 and m4macros/xdt-xfce.m4 are not used
- Remove xdt-commit, used to generate Changelog, now done via make distcheck
- No -Wshadow flag for enable_debug=full (bug #11637). Use it only for enable_debug=yes.

(gutteridge)

Updated devel/protobuf, devel/py-protobuf

(adam)

py-protobuf: updated to 3.9.0

Protocol Buffers v3.9.0

Python

Change implementation of Name() for enums that allow aliases in proto2 in Python
to be in line with claims in C++ implementation (to return first value).
Explicitly say what field cannot be set when the new value fails a type check.
Duplicate register in descriptor pool will raise errors
Add slots to all well_known_types classes, custom attributes are not allowed anymore.
text_format only present 8 valid digits for float fields by default

(adam)

protobuf: updated to 3.9.0

Protocol Buffers v3.9.0

C++

Optimize and simplify implementation of RepeatedPtrFieldBase
Don't create unnecessary unknown field sets.
Remove branch from accessors to repeated field element array.
Added delimited parse and serialize util.
Reduce size by not emitting constants for fieldnumbers
Fix a bug when comparing finite and infinite field values with explicit tolerances.
TextFormat::Parser should use a custom Finder to look up extensions by number if one is provided.
Add MessageLite::Utf8DebugString() to make MessageLite more compatible with Message.
Fail fast for better performance in DescriptorPool::FindExtensionByNumber() if descriptor has no defined extensions.
Adding the file name to help debug colliding extensions
Added FieldDescriptor::PrintableNameForExtension() and DescriptorPool::FindExtensionByPrintableName().
The latter will replace Reflection::FindKnownExtensionByName().
Replace NULL with nullptr
Created a new Add method in repeated field that allows adding a range of elements all at once.
Enabled enum name-to-value mapping functions for C++ lite
Avoid dynamic initialization in descriptor.proto generated code
Move stream functions to MessageLite from Message.
Move all zero_copy_stream functionality to io_lite.
Do not create array of matched fields for simple repeated fields
Enabling silent mode by default to reduce make compilation noise.

(adam)

Updated databases/py-orderedmultidict, sysutils/py-crontab, devel/py-meson, time/py-aniso8601

(adam)

py-aniso8601: updated to 7.0.0

Changes 7.0.0
Handle all fractional components as an integer number of microseconds, eliminating rounding issues

(adam)

py-meson: updated to 0.51.1

0.51.1:
Unknown changes

(adam)

py-crontab: updated to 2.3.8

Version 2.3.8
- Updated RADME and special time setting fixes.
- Attempt a fix of issue 27 (no test suite test)
- Merge branch 'master' into 'master'
- update README.rst file
- Fix 48, specials can't be changed to another time.
- Bump version for pypi update
- Fix 41 dead link to github
- Ignore mypy_cache
- Fix 39 - Tab next to username will parse correctly
- Merge remote-tracking branch 'flotus/patch-1'
- Improve explaination about using the write function
- fixed environment

(adam)

py-orderedmultidict: updated to 1.0.1

1.0.1:
Unknown changes

(adam)

doc: Updated security/mit-krb5 to 1.16.2nb2

(jperkin)

mit-krb5: Support LDAP, fix plugin shared library naming.

The libtool-ification caused plugins to have a "lib" prefix, causing a mismatch
with what the code was trying to dlopen(), and failures.  Bump PKGREVISION.

(jperkin)

LDFLAGS.SunOS+=-lnsl -lsocket to fix SmartOS.

(schmonz)

Add PNG support.

Fixes PR pkg/54371

(hauke)

Updated databases/repmgr

(adam)

repmgr: updated to 4.4.0

4.4.0:
repmgr client enhancements
--------------------------

repmgr standby clone: prevent a standby from being cloned from a witness server (PostgreSQL 9.6 and later only).

repmgr witness register: prevent a witness server from being registered on the replication cluster primary server (PostgreSQL 9.6 and later only).

Registering a witness on the primary node would defeat the purpose of having a witness server, which is intended to remain running even if the cluster's primary goes down.

repmgr standby follow: note that an active, reachable cluster primary is required for this command; and provide a more helpful error message if no reachable primary could be found.

repmgr: when executing repmgr standby switchover, if --siblings-follow is not supplied, list all nodes which repmgr considers to be siblings (this will include the witness server, if in use), and which will remain attached to the old primary.

repmgr: when executing repmgr standby switchover, ignore nodes which are unreachable and marked as inactive. Previously it would abort if any node was unreachable, as that means it was unable to check if repmgrd is running.

However if the node has been marked as inactive in the repmgr metadata, it's reasonable to assume the node is no longer part of the replication cluster and does not need to be checked.

repmgr standby switchover and repmgr standby promote: when executing with the --dry-run option, continue checks as far as possible even if errors are encountered.

repmgr standby promote: add --siblings-follow (similar to repmgr standby switchover).

repmgr daemon status: make output similar to that of repmgr cluster show for consistency and to make it easier to identify nodes not in the expected state.

repmgr cluster show: display each node's timeline ID (PostgreSQL 9.6 and later only).

repmgr cluster show and repmgr daemon status: show the upstream node name as reported by each individual node - this helps visualise situations where the cluster is in an unexpected state, and provide a better idea of the actual cluster state.

For example, if a cluster has divided somehow and a set of nodes are following a new primary, when running either of these commands, repmgr will now show the name of the primary those nodes are actually following, rather than the now outdated node name recorded on the other side of the "split". A warning will also be issued about the unexpected situation.

repmgr cluster show and repmgr daemon status: check if a node is attached to its advertised upstream node, and issue a warning if the node is not attached.

repmgrd enhancements
--------------------

On the primary node, repmgrd is now able to monitor standby connections and, if the number of nodes connected falls below a certain (configurable) value, execute a custom script.

This provides an additional method for fencing an isolated primary node, and/or taking other action if one or more standys become disconnected.

See section Monitoring standby disconnections on the primary node for more details.

In a failover situation, repmgrd nodes on the standbys of the failed primary are now able confirm among themselves that none can still see the primary before continuing with the failover.

The repmgr.conf option primary_visibility_consensus must be set to true to enable this functionality.

See section Primary visibility consensus for more details.

Bug fixes
---------
Ensure BDR2-specific functionality cannot be used on BDR3 and later.

The BDR support present in repmgr is for specific BDR2 use cases.

repmgr: when executing repmgr standby clone in --dry-run mode, ensure provision of the --force option does not result in an existing data directory being modified in any way.

repmgr: when executing repmgr primary register with the --force option, if another primary record exists but the associated node is unreachable (or running as a standby), set that node's record to inactive to enable the current node to be registered as a primary.

repmgr: when executing repmgr standby clone with the --upstream-conninfo, ensure that application_name is set correctly in primary_conninfo.

repmgr: when executing repmgr standby switchover, don't abort if one or more nodes are not reachable and they are marked as inactive.

repmgr: canonicalize the data directory path when parsing the configuration file, so the provided path matches the path PostgreSQL reports as its data directory. Otherwise, if e.g. the data directory is configured with a trailing slash, repmgr node check --data-directory-config will return a spurious error.

repmgrd: fix memory leak which occurs while the monitored PostgreSQL node is not running.

Other
-----
The repmgr documentation has been converted to DocBook XML format, as currently used by the main PostgreSQL project. This means it can now be built against any PostgreSQL version from 9.5 (previously it was not possible to build the documentation against PostgreSQL 10 or later), and makes it easier to provide the documentation in other formats such as PDF.

(adam)

Updated databases/sqlite3 and friends

(adam)

sqlite3: updated to 3.29.0

SQLite Release 3.29.0:
Added the SQLITE_DBCONFIG_DQS_DML and SQLITE_DBCONFIG_DQS_DDL actions to sqlite3_db_config() for activating and deactivating the double-quoted string literal misfeature. Both default to "on" for legacy compatibility, but developers are encouraged to turn them "off", perhaps using the -DSQLITE_DQS=0 compile-time option.
-DSQLITE_DQS=0 is now a recommended compile-time option.

Improvements to the query planner:
Improved optimization of AND and OR operators when one or the other operand is a constant.
Enhancements to the LIKE optimization for cases when the left-hand side column has numeric affinity.
Added the "sqlite_dbdata" virtual table for extracting raw low-level content from an SQLite database, even a database that is corrupt.

Enhancements to the CLI:
Add the ".recover" command which tries to recover as much content as possible from a corrupt database file.
Add the ".filectrl" command useful for testing.
Add the long-standing ".testctrl" command to the ".help" menu.
Added the ".dbconfig" command

(adam)

Updated net/ndpi, net/ntopng

(adam)

ntopng: updated to 3.8

3.8 Stable

New features
* Remote assistance to temporarily grant encrypted ntopng access to remote
parties
* Custom URLs and IP addresses mappings to traffic categories
* Continuous traffic recording
* User activities logging
* Extended chart metrics

Improvements
* Alerts
* Improved InfluxDB support
* Handles slow and aborted queries
* Uses authentication
* Adds RADIUS and HTTP authenticators
* Options to allow users login via RADIUS and HTTP
* Lua 5.3 support
* Improved performance
* Better memory management
* Native support for 64-bit integers
* Native support for bitwise operations
* Adds the new libmaxminddb geolocation library
* Storage utilization indicators
* Global storage indicator to show the disk used by each interface
* Per-interface storage indicator to show the disk used to store timeseries and flows
* Support for Sonicwall PEN field names
* Option to disable LDAP referrals
* Requests and configures Keepalive support for ZMQ sockets
* Three-way-handshake detection
* Adds SNMP mac addresses to the search function

nEdge
* Implement nEdge policies test page
* Implement device presets
* DNS

Fixes
* Fixes missing flows dump on shutdown
* HTTP dissection fixes
* SNMP
* Properly handles endianness over ZMQ

(adam)

ndpi: updated to 2.8

2.8 Stable

New Supported Protocols and Services
* Added Modbus over TCP dissector

Improvements
* Wireshark Lua plugin compatibility with Wireshark 3
* Improved MDNS dissection
* Improved HTTP response code handling
* Full dissection of HTTP responses

Fixes
* Fixed false positive mining detection
* Fixed invalid TCP DNS dissection
* Releasing buffers upon realloc failures
* ndpiReader: Prevents references after free
* Endianness fixes
* Fixed IPv6 HTTP traffic dissection
* Fixed H.323 detection

Other
* Disabled ookla statistics which need to be improved
* Support for custom protocol files of arbitrary length
* Update radius.c to RFC2865

(adam)

Note addition of u-boot-a20-olinuxino-lime2 and u-boot-a20-olinuxino-lime2-emmc.

(thorpej)

Add u-boot packages for the Olimex A20-OLinuXino-LIME2.  There are two
flavors, one for the standard board, and one for the board with the optional
eMMC module.

(thorpej)

doc: Updated textproc/aspell-en to 2018.04.16.0nb1

(gutteridge)

aspell-en: fix PLIST issue

Addresses PR pkg/54359. (Bumping PKGREVISION since this is a PLIST
change.)

(gutteridge)

Remove www/php-nextcloud

(ryoon)

firefox: note new cbindgen and NSS minimum dependencies

cbindgen is now >= 0.8.7 and NSS is now >= 3.44.1.

(gutteridge)

firefox: note Rust dependency is now >= 1.34.0

(gutteridge)

doc: Updated net/youtube-dl to 20190712

(leot)

youtube-dl: Update to 20190712

Changes:
2019.07.12
----------
Core
+ [adobepass] Add support for AT&T U-verse (mso ATT) (#13938, #21016)

Extractors
+ [mgtv] Pass Referer HTTP header for format URLs (#21726)
+ [beeg] Add support for api/v6 v2 URLs without t argument (#21701)
* [voxmedia:volume] Improvevox embed extraction (#16846)
* [funnyordie] Move extraction to VoxMedia extractor (#16846)
* [gameinformer] Fix extraction (#8895, #15363, #17206)
* [funk] Fix extraction (#17915)
* [packtpub] Relax lesson URL regular expression (#21695)
* [packtpub] Fix extraction (#21268)
* [philharmoniedeparis] Relax URL regular expression (#21672)
* [peertube] Detect embed URLs in generic extraction (#21666)
* [mixer:vod] Relax URL regular expression (#21657, #21658)
+ [lecturio] Add support id based URLs (#21630)
+ [go] Add site info for disneynow (#21613)
* [ted] Restrict info regular expression (#21631)
* [twitch:vod] Actualize m3u8 URL (#21538, #21607)
* [vzaar] Fix videos with empty title (#21606)
* [tvland] Fix extraction (#21384)
* [arte] Clean extractor (#15583, #21614)

(leot)

devel/git: Clarify DESCR and hint at git-base

(gdt)

doc: Updated sysutils/flashrom to 1.1

(nia)

flashrom: Update to 1.1

New major user-visible features

    4-byte address support for many SPI programmers
    New option to use a reference file for flash contents (--flash-contents)
    Layout support for coreboot's FMAP format (--fmap, --fmap-file)
    BAUD rate selection for Buspirate SPI
    Support for the ENE Embedded Debug Interface (EDI), probably our first non-jedec SPI target
    On Intel ME enabled systems, internal flashing is allowed by default

New programmers

    ENE Embedded Debug Interface EDI
    Linux' MTD interface
    Digilent SPI for the iCEblink40 development board
    Developerbox/CP2104 bit banging
    J-Link SPI
    Dediprog firmwares >= 7.2.30
    Dediprog SF200
    Intel Kabylake PCHs

New chips

    AT25DF021A
    AT25SF041
    AT25SF081
    AT25SF161
    AT25SL128A
    KB9012 (EDI)
    GD25B128B
    IS25LP064
    IS25LP128
    IS25LP256
    IS25WP032
    IS25WP064
    IS25WP128
    IS25WP256
    MX25L6473F
    MX25L25635F
    MX66L51235F
    MX25U8032E
    MX25U51245G
    MX25R6435F
    N25Q256..3E/MT25QL256
    N25Q512..3E/MT25QL512
    LE25FU106B
    LE25FU206
    LE25FU206A
    S25FL256S......0
    SST26VF016B
    SST26VF032B
    SST26VF064B
    W25Q128.V..M
    W25Q256.V
    W25Q256JV_M
    W25Q40BW
    W25Q80BW
    W25Q40EW
    W25Q80EW
    W25P80
    W25P16
    W25P32
    ZD25D20
    ZD25D40

(nia)

Don't need it on Lion

(sevan)

gnutls

(sevan)

Update to v3.6.8

Changes
=======

* Version 3.6.8 (released 2019-05-28)

** libgnutls: Added gnutls_prf_early() function to retrieve early keying
  material (#329)

** libgnutls: Added support for AES-XTS cipher (#354)

** libgnutls: Fix calculation of Streebog digests (incorrect carry operation in
  512 bit addition)

** libgnutls: During Diffie-Hellman operations in TLS, verify that the peer's
  public key is on the right subgroup (y^q=1 mod p), when q is available (under
  TLS 1.3 and under earlier versions when RFC7919 parameters are used).

** libgnutls: the gnutls_srp_set_server_credentials_function can now be used
  with the 8192 parameters as well (#995).

** libgnutls: Fixed bug preventing the use of gnutls_pubkey_verify_data2() and
  gnutls_pubkey_verify_hash2() with the GNUTLS_VERIFY_DISABLE_CA_SIGN flag (#754)

** libgnutls: The priority string option %ALLOW_SMALL_RECORDS was added to allow
  clients to communicate with the server advertising smaller limits than 512

** libgnutls: Apply STD3 ASCII rules in gnutls_idna_map() to prevent
  hostname/domain crafting via IDNA conversion (#720)

** certtool: allow the digital signature key usage flag in CA certificates.
  Previously certtool would ignore this flag for CA certificates even if
  specified (#767)

** gnutls-cli/serv: added the --keymatexport and --keymatexportsize options.
  These allow testing the RFC5705 using these tools.

** API and ABI modifications:
gnutls_prf_early: Added
gnutls_record_set_max_recv_size: Added
gnutls_dh_params_import_raw3: Added
gnutls_ffdhe_2048_group_q: Added
gnutls_ffdhe_3072_group_q: Added
gnutls_ffdhe_4096_group_q: Added
gnutls_ffdhe_6144_group_q: Added
gnutls_ffdhe_8192_group_q: Added

(sevan)

Correction of PLIST with chrooted build. *.dot -> *.map/*.png

(mef)

devilutionx: Spell the name of the package properly.

nia needs to learn to type properly.

(nia)

doc: Removed xulrunner192

(nia)

Remove devel/xulrunner192 and devel/swt.

xulrunner192 was the last remains of Firefox 3.6 in pkgsrc.

The last package depending on xulrunner192 was devel/swt. swt isn't used by
anything in pkgsrc (old versions of eclipse which weren't imported, maybe),
and was originally added by jmcneill, who says it can be removed now.

(nia)

Update to 16.0.3

Changelog:
16.0.3
Changes
    Do not fail hard on new user mail error (server#16189)
    Fix redirect after rescanFailedIntegrityCheck to "Overview" page (server#16244)
    Fix permissions for drag-n-drop uploads (server#16249)
    Try to delete the cypress folder of the viewer app (server#16297)
    Send browser notifications again (notifications#373)

16.0.2
Changes
    Update ca bundle (server#15553)
    Update ca bundle checker (server#15554)
    User management/subadmin: rephrase ambiguous error message (server#15575)
    Update shipped.json to include privacy and recommendations (server#15592)
    Show supported apps in app management (server#15593)
    Update CRL due to revoked cookbook.crt (server#15628)
    Only show sharing section if it has content (server#15649)
    Remove quota feedback if no link set (server#15666)
    Allow redis cluster to use password (server#15686)
    Don't run repair step for every individual user, outsource that to background job (server#15718)
    Check the actual status code for 204 and 304 (server#15724)
    [Security] Bump tar from 2.2.1 to 2.2.2 (server#15728)
    Don't notify admins if no potentially over exposing links found (server#15745)
    Also allow dragging below the file list (server#15754)
    Change text color in search box in darktheme, ref #15598 (server#15768)
    Check for free space on touch (server#15772)
    Search files by id in shared storages last (server#15799)
    Hide newFile menu if quota is set to 0B (server#15856)
    Add core/js/dist/ to l10nignore (server#15948)
    Add LDAP integr. test for receiving share candidates with group limitation (server#15984)
    Remove auto focus of share input field on dialog open, fix #15261 (server#16010)
    LDAP) API: return one base properly when multiple are configured (server#16015)
    Handle storage exceptions when trying to set mtime (server#16038)
    Fix LDAP Wizard forgetting groups on select with search (server#16051)
    Revert "Fix userid casting in notifications" (server#16068)
    Fix appid argument for integrity:check-app (server#16080)
    Fix full text search for groupfolders (server#16082)
    Fall back to black for non-color values (server#16089)
    Check if uploading to lookup server is enabled before verifying (server#16091)
    Allow apps to store longer messages in the comments API (server#16105)
    Invalidates user when plugin reported deletion success (server#16112)
    Fix download link included in public share page with hidden download (server#16125)
    Better check reshare permissions (server#16127)
    Verify that paths are valid for recursive local move (server#16128)
    Don't allow to disable encryption via the API (server#16133)
    Do not show a internet connectivity warning if internet access is dis… (server#16146)
    Update Nextcloud version in docs link (server#16157)
    Allow apps to overwrite the maximum length when reading from database (server#16177)
    RefreshWebcalJob: replace ugly Regex with standard php utils (server#16201)
    Better check reshare permissions part2 (server#16211)
    Fix "unshare group share from self" activity (activity#380)
    Fix load of character maps (files_pdfviewer#141)
    [Security] Bump axios from 0.18.0 to 0.18.1 (firstrunwizard#192)
    Correctly show errors when setting the password (gallery#529)
    Blacklist using .noimage (gallery#533)
    Update dependabot deps in stable16 (notifications#359)
    Increase size of icon bubble for more visibility (notifications#368)
    Add app description to readme and appinfo (privacy#133)
    Catch and filter share that can't be found (recommendations#79)
    [Security] Bump axios from 0.18.0 to 0.18.1 (recommendations#92)
    [Security] Bump tar from 2.2.1 to 2.2.2 (viewer#113)
    [Security] Bump axios from 0.18.0 to 0.19.0 (viewer#117)

(ryoon)

Updated mail/thunderbird-l10n to 60.8.0

(ryoon)

Update to 60.8.0

* Sync with mail/thunderbird-60.8.0

(ryoon)

Updated mail/thunderbird to 60.8.0

(ryoon)