py-httpx: updated to 0.17.0

0.17.0

Added

Add httpx.MockTransport(), allowing to mock out a transport using pre-determined responses.
Add httpx.HTTPTransport() and httpx.AsyncHTTPTransport() default transports.
Add mount API support, using httpx.Client(mounts=...).
Add chunk_size parameter to iter_raw(), iter_bytes(), iter_text().
Add keepalive_expiry parameter to httpx.Limits() configuration.
Add repr to httpx.Cookies to display available cookies.
Add support for params=<tuple> (previously only params=<list> was supported).

Fixed

Add missing raw_path to ASGI scope.
Tweak create_ssl_context defaults to use trust_env=True.
Properly URL-escape WSGI PATH_INFO.
Properly set default ports in WSGI transport.
Properly encode slashes when using base_url.
Properly map exceptions in request.aclose().

(adam)

py-zstandard: updated to 0.15.2

0.15.2

Backwards Compatibility Notes

ZstdCompressor.multi_compress_to_buffer() and
ZstdDecompressor.multi_decompress_to_buffer() are no longer
available when linking against a system zstd library. These
experimental features are only available when building against the
bundled single file zstd C source file distribution.

Changes

setup.py now recognizes a ZSTD_EXTRA_COMPILER_ARGS
environment variable to specify additional compiler arguments
to use when compiling the C backend.
PyPy build and test coverage has been added to CI.
Added CI jobs for building against external zstd library.
Wheels supporting macOS ARM/M1 devices are now being produced.
References to Python 2 have been removed from the in-repo Debian packaging
code.
Significant work has been made on a Rust backend. It is currently feature
complete but not yet optimized. We are not yet shipping the backend as part
of the distributed wheels until it is more mature.
The .pyi type annotations file has replaced various default argument
values with ....

(adam)

Updated multimedia/mkvtoolnix, sysutils/py-supervisor, net/grpc, net/py-grpcio, net/py-grpcio-testing, net/py-grpcio-tools

(adam)

grpc: updated to 1.36.0

Release v1.36.0

Core
Remove unnecessary internal pollset set in c-ares DNS resolver.
Fix implicit declaration error in zlib + macOS.
Support Default Root Certs in Tls Credentials.

C++
Move third party identity C++ api out of experimental namespace.
refactor!: change error_details functions to templates.
Support ServerContext for callback API.

Python
Implement Python Client and Server xDS Creds.

(adam)

py-supervisor: updated to 4.2.2

4.2.2 (2021-02-26)
------------------

- Fixed a bug where ``supervisord`` could crash if a subprocess exited
  immediately before trying to kill it.

- Fixed a bug where the ``stdout_syslog`` and ``stderr_syslog`` options
  of a ``[program:x]`` section could not be used unless file logging for
  the same program had also been configured.  The file and syslog options
  can now be used independently.  Patch by Scott Stroupe.

- Fixed a bug where the ``logfile`` option in the ``[supervisord]``
  section would not log to syslog when the special filename of
  ``syslog`` was supplied, as is supported by all other log filename
  options.  Patch by Franck Cuny.

- Fixed a bug where environment variables defined in ``environment=``
  in the ``[supervisord]`` section or a ``[program:x]`` section could
  not be used in ``%(ENV_x)s`` expansions.  Patch by MythRen.

- The  ``supervisorctl signal`` command now allows a signal to be sent
  when a process is in the ``STOPPING`` state.  Patch by Mike Gould.

- ``supervisorctl`` and ``supervisord`` now print help when given ``-?``
  in addition to the existing ``-h``/``--help``.

(adam)

mkvtoolnix: updated to 54.0.0

Version 54.0.0 "F Maj Pixie"

New features and enhancements

* mkvmerge: added support for using ISO 639-3 language codes in IETF BF47
  language tags.
* mkvmerge: AC-3 parser: added support for byte-swapped AC-3 data.
* mkvmerge: Matroska reader: for audio tracks that have the bit depth track
  header set mkvmerge will now keep that header even for codecs that don't
  require it for decoding.
* mkvmerge: MPEG transport stream reader, PCM audio tracks: mkvmerge will now
  re-order the channels for 5.1, 7.0 and 7.1 channel tracks from the Blu-ray
  layout to the WAVEFORMATEXTENSIBLE layout expected in Matroska.
* mkvmerge, mkvinfo, mkvpropedit, MKVToolNix GUI: added support for the
  following new track header elements: "hearing impaired" flag, "visual
  impaired" flag, "text descriptions" flag, "original" flag, "commentary"
  flag.
* MKVToolNix GUI: added support for using ISO 639-3 language codes in IETF
  BF47 language tags. As there are several thousand of them, they're
  deactivated by default and must be activated in the preferences ("GUI" →
  "Often used selections" → "Languages").
* MKVToolNix GUI: multiplexer: when adding Blu-rays the user can select
  multiple playlists to add simultaneously in the "select playlist to add"
  dialog.
* MKVToolNix GUI: multiplexer: the file name extensions "eb3" and "ec3" were
  added for Dolby Digital Plus & "mpl" for Dolby TrueHD in the file
  dialogs.
* MKVToolNix GUI: multiplexer: when adding multiple files the dialog asking
  the user what to do with them has gained a new checkbox. If enabled, all
  files containing at least one video track will always be placed in newly
  created multiplex setting.
* MKVToolNix GUI: multiplexer: added a menu entry in the "Multiplexer" for
  adding all files that are currently in the clipboard.

Bug fixes

* all: Windows: fixed compatibility with gettext 0.21 and newer on mingw.
* all: Windows: fixed several of the programs having problems with certain
  Unicode characters (primarily emojis) in file names (e.g. mkvextract
  wrongfully complaining about an "invalid mode" or the GUI not being able to
  find parts of Blu-ray file structures).
* mkvextract: AAC: fixed wrong channel mask field in the ADTS headers for 7.1
  channel layouts.
* mkvextract: h.265/HEVC extraction: if the first frame starts with the
  parameter sets (SPS, PPS & VPS), the ones from CodecPrivate aren't written
  and the ones from the first frame are kept.
* mkvmerge: fixed the calculation of chapter timestamps read from NTSC
  DVDs.
* MKVToolNix GUI: IETF BCP 47 language widget: the language combo box will now
  always contain the language code the user enters in the free-form field,
  even if it isn't in the list of often-used languages the user configured in
  the preferences.
* MKVToolNix GUI: multiplexer: when browsing for the destination file name the
  default directory is now chosen according to the preferences regarding how
  the destination file name should be formed. For example, if the policy is
  set to "fixed output directory" then that output directory will be the one
  initially set when the directory selection dialog is opened.
* MKVToolNix GUI: multiplexer: fixed the removal of appended source files if
  the "delete source files" end-of-job action is enabled.
* MKVToolNix GUI: chapter editor: when importing chapters from DVDs the IETF
  BCP 47 language elements will be set, too, not just the legacy language
  elements.

Build system changes

* libEBML v1.4.2 and libMatroska v1.6.3 are now required. The optional,
  bundled copies of both libraries have been updated to those versions. This
  bump in requirements fixes several heap overflow bugs in libEBML.
* MKVToolNix is now using the C++17 library feature "file system library"
  instead of Boost's "file system" and "system" libraries. For the GNU
  Compiler Collection (gcc) libstdc++ this means v8 or newer is required; for
  clang's libc++ it means v7 or newer. For macOS this means that provided disk
  image will only run on 10.15 "Catalina" or newer.

(adam)

Updated net/rabbitmq, www/py-uvicorn

(adam)

py-uvicorn: updated to 0.13.4

0.13.4 - 2021-02-20

Fixed
Fixed wsgi middleware PATH_INFO encoding
Fixed uvloop dependency
Relax watchgod up bound
Return 'connection: close' header in response

Added
Docs: Nginx + websockets
Document the default value of 1 for workers
Enabled permessage-deflate extension in websockets

(adam)

rabbitmq: updated to 3.8.12

RabbitMQ 3.8.12 is a maintenance release that contains bug fixes.

(adam)

erlang: remove max_fds patch - not needed any more, fixes build on Darwin

(adam)

Updated devel/cmake, www/py-aiohttp

(adam)

py-aiohttp: updated to 3.7.4

3.7.4 (2021-02-25)

Bugfixes

(SECURITY BUG) Started preventing open redirects in the aiohttp.web.normalize_path_middleware middleware. For more details, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg.

Thanks to Beast Glatisant for finding the first instance of this issue and Jelmer Vernoo蝶 for reporting and tracking it down in aiohttp.

Fix interpretation difference of the pure-Python and the Cython-based HTTP parsers construct a yarl.URL object for HTTP request-target.

Before this fix, the Python parser would turn the URI's absolute-path for //some-path into / while the Cython code preserved it as //some-path. Now, both do the latter.

(adam)

cmake: updated to 3.19.6

CMake 3.19.6
* Intel: Make explicit Fortran preprocessing under Ninja more robust
* Tests: Update for upstream ninja change to write status on stderr
* CMakePresets.json: Remove undocumented support for comments
* FindPython: fix erroneous variable handling

(adam)

Updated sysutils/ansible, www/py-WebOb

(adam)

py-WebOb: updated to 1.8.7

1.8.7

Bugfix
- Decoding deflate-encoded responses now supports data which is packed in
  a zlib container as it is supposed to be. The old, non-standard behaviour
  is still supported.

(adam)

ansible: updated to 2.9.18

v2.9.18
=======

Release Summary
---------------

| Release Date: 2021-02-18
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - The ``pylint`` sanity test is now supported on Python 3.8.
- inventory cache - do not show a warning when the cache file does not (yet) exist.

Security Fixes
--------------

- **security issue** - Mask default and fallback values for ``no_log`` module options (CVE-2021-20228)
- _sf_account_manager - `initiator_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- _sf_account_manager - `target_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_active_directory - `api_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_active_directory - `secret_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_filesystems - `api_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_filesystems - `secret_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_pool - `api_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_pool - `secret_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_snapshots - `api_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_snapshots - `secret_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- bitbucket_pipeline_variable - hide user sensitive information which are marked as ``secured`` from logging into the console (https://github.com/ansible-collections/community.general/pull/1635) (CVE-2021-20180).
- ce_vrrp - `auth_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- cp_mgmt_vpn_community_meshed - `shared_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- cp_mgmt_vpn_community_star - `shared_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- docker_swarm - `signing_ca_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_backend_service - `oauth2_client_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_disk - `disk_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_disk - `source_image_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_disk - `source_snapshot_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_image - `image_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_image - `source_disk_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_instance_template - `disk_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_instance_template - `source_image_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_region_disk - `disk_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_region_disk - `source_snapshot_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_snapshot - `snapshot_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_snapshot - `source_disk_encryption_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_ssl_certificate - `private_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_vpn_tunnel - `shared_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_sql_instance - `client_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gitlab_runner - `registration_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- iap_start_workflow - `token_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- ibm_sa_host - `iscsi_chap_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- keycloak_client - `auth_client_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- keycloak_client - `registration_access_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- keycloak_clienttemplate - `auth_client_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- keycloak_group - `auth_client_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- librato_annotation - `api_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- na_elementsw_account - `initiator_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- na_elementsw_account - `target_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- netscaler_lb_monitor - `radkey` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- nios_nsgroup - `tsig_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- nxos_aaa_server - `global_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- nxos_pim_interface - `hello_auth_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- oneandone_firewall_policy - `auth_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- oneandone_load_balancer - `auth_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- oneandone_monitoring_policy - `auth_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- oneandone_private_network - `auth_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- oneandone_public_ip - `auth_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- ovirt - `instance_rootpw` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- pagerduty_alert - `api_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- pagerduty_alert - `integration_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- pagerduty_alert - `service_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- pulp_repo - `feed_client_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- rax_clb_ssl - `private_key` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- snmp_facts - hide user sensitive information such as ``privkey`` and ``authkey`` from logging into the console (https://github.com/ansible-collections/community.general/pull/1621) (CVE-2021-20178).
- spotinst_aws_elastigroup - `multai_token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- spotinst_aws_elastigroup - `token` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).
- utm_proxy_auth_profile - `frontend_cookie_secret` is now masked with no_log and no longer emitted in logging/output (CVE-2021-20191).

Bugfixes
--------

- Fix incorrect variable scoping when using ``import with context`` in Jinja2 templates. (https://github.com/ansible/ansible/issues/72615)
- ansible-test - Temporarily limit ``cryptography`` to versions before 3.4 to enable tests to function.
- ansible-test - The ``--remote`` option has been updated for Python 2.7 to work around breaking changes in the newly released ``get-pip.py`` bootstrapper.
- ansible-test - The ``--remote`` option has been updated to use a versioned ``get-pip.py`` bootstrapper to avoid issues with future releases.
- display correct error information when an error exists in the last line of the file (https://github.com/ansible/ansible/issues/16456)
- facts - properly report virtualization facts for Linux guests running on bhyve (https://github.com/ansible/ansible/issues/73167)
- mysql_user - add ``INVOKE LAMBDA`` privilege support (https://github.com/ansible-collections/community.general/issues/283).
- mysql_user - add ``SHOW_ROUTINE`` privilege support (https://github.com/ansible-collections/community.mysql/issues/86).
- mysql_user - add missed privileges to support (https://github.com/ansible-collections/community.general/issues/617).
- pause - do not warn when running in the background if a timeout is provided (https://github.com/ansible/ansible/issues/73042)
- postgresql_info - fix crash caused by wrong PgSQL version parsing (https://github.com/ansible-collections/community.postgresql/issues/40).
- postgresql_ping - fix crash caused by wrong PgSQL version parsing (https://github.com/ansible-collections/community.postgresql/issues/40).
- postgresql_query - fix datetime.timedelta type handling (https://github.com/ansible-collections/community.postgresql/issues/47).
- postgresql_query - fix decimal handling (https://github.com/ansible-collections/community.postgresql/issues/45).
- postgresql_set - return a message instead of traceback when a passed parameter has not been found (https://github.com/ansible-collections/community.postgresql/issues/41).
- psrp connection plugin - ``to_text(stdout)`` before json.loads in psrp.Connection.put_file in case stdout is bytes.
- win_find - Get-FileStat used [int] instead of [int64] for file size calculations

v2.9.17
=======

Release Summary
---------------

| Release Date: 2021-01-18
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - Added a ``--export`` option to the ``ansible-test coverage combine`` command to facilitate multi-stage aggregation of coverage in CI pipelines.
- ansible-test - added a ``--venv-system-site-packages`` option for use with the ``--venv`` option
- ansible-test - virtualenv helper scripts now prefer ``venv`` on Python 3 over ``virtualenv`` if the ``ANSIBLE_TEST_PREFER_VENV`` environment variable is set
- bigiq_device_info module - add information on BIG-IQ 7.x support

Bugfixes
--------

- Fix bytestring vs string comparison in module_utils.basic.is_special_selinux_path() so that special-cased filesystems which don't support SELinux context attributes still allow files to be manipulated on them. (https://github.com/ansible/ansible/issues/70244)
- Freeform actions did not work with ``ansible.builtin.`` or ``ansible.legacy.`` FQCN (https://github.com/ansible/ansible/pull/72958).
- async - Fix Python 3 interpreter parsing from module by comparing with bytes (https://github.com/ansible/ansible/issues/70690)
- bigiq_device_info module - fix iteration bug in a _transform_name_attribute method
- docker_image - if ``push=true`` is used with ``repository``, and the image does not need to be tagged, still push. This can happen if ``repository`` and ``name`` are equal (https://github.com/ansible-collections/community.docker/issues/52, https://github.com/ansible-collections/community.docker/pull/53).
- docker_image - report error when loading a broken archive that contains no image (https://github.com/ansible-collections/community.docker/issues/46, https://github.com/ansible-collections/community.docker/pull/55).
- docker_image - report error when the loaded archive does not contain the specified image (https://github.com/ansible-collections/community.docker/issues/41, https://github.com/ansible-collections/community.docker/pull/55).
- inventory - pass the vars dictionary to combine_vars instead of an individual key's value (https://github.com/ansible/ansible/issues/72975).
- k8s - add support for python-kubernetes v12 and later - backport of support in community.kubernetes
- paramiko connection plugin - Ensure we only reset the connection when one has been previously established (https://github.com/ansible/ansible/issues/65812)
- systemd - preserve the full unit name when using a templated service and ``systemd`` failed to parse dbus due to a known bug in ``systemd`` (https://github.com/ansible/ansible/pull/72985)

- unsafe_proxy - Ensure that data within a tuple is marked as unsafe (https://github.com/ansible/ansible/issues/65722)
- user - do the right thing when ``password_lock=True`` and ``password`` are used together (https://github.com/ansible/ansible/issues/72992)

v2.9.16
=======

Release Summary
---------------

| Release Date: 2020-12-14
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-doc - provide ``has_action`` field in JSON output for modules. That information is currently only available in the text view (https://github.com/ansible/ansible/pull/72359).
- ansible-galaxy - find any collection dependencies in the globally configured Galaxy servers and not just the server the parent collection is from.

- ansible-test - Added the ``-remote rhel/7.9`` option to run tests on RHEL 7.9
- ansible-test - Fix container hostname/IP discovery for the ``acme`` test plugin.
- ansible-test - centos6 end of life - container image updated to point to vault base repository (https://github.com/ansible/distro-test-containers/pull/54)
- iptables - reorder comment postition to be at the end (https://github.com/ansible/ansible/issues/71444).
- lvol - fix idempotency issue when using lvol with ``%VG`` or ``%PVS`` size options and VG is fully allocated (https://github.com/ansible-collections/community.general/pull/229).

Bugfixes
--------

- Adjust various hard-coded action names to also include their ``ansible.builtin.`` and ``ansible.legacy.`` prefixed version (https://github.com/ansible/ansible/issues/71817, https://github.com/ansible/ansible/issues/71818, https://github.com/ansible/ansible/pull/71824).
- Collection callbacks were ignoring options and rules for stdout and adhoc cases.
- Fix virt module to support list_vms with a status of paused (https://github.com/ansible/ansible/issues/72059)
- Fixed issue when `netstat` is either missing or doesn't have execution permissions leading to incorrect command being executed.
- Try to load action plugin from the same collection as the module (https://github.com/ansible/ansible/pull/66701)
- account for bug in Python 2.6 that occurs during interpreter shutdown to avoid stack trace
- ansible-test - Correctly detect changes in a GitHub pull request when running on Azure Pipelines.
- ansible-test - Skip installing requirements if they are already installed.
- ansible-test - add constraint for ``cffi`` to prevent failure on systems with older versions of ``gcc`` (https://foss.heptapod.net/pypy/cffi/-/issues/480)

- ansible-test - convert target paths to unicode on Python 2 to avoid ``UnicodeDecodeError`` (https://github.com/ansible/ansible/issues/68398, https://github.com/ansible/ansible/pull/72623).
- ansible-test - improve classification of changes to ``.gitignore``, ``COPYING``, ``LICENSE``, ``Makefile``, and all files ending with one of ``.in`, ``.md`, ``.rst``, ``.toml``, ``.txt`` in the collection root directory (https://github.com/ansible/ansible/pull/72353).
- ansible-test now uses GNU tar format instead of the Python default when creating payloads for remote systems
- azure_rm inventory plugin - update to fetch availability zone information of VM in hostvars. (https://github.com/ansible-collections/azure/issues/161)
- dnf - fix filtering to avoid dependncy conflicts (https://github.com/ansible/ansible/issues/72316)
- ec2_group - Fixes error handling during tagging failures (https://github.com/ansible-collections/amazon.aws/issues/210).
- ensure 'local' connection always has the correct default user for actions to consume.
- network_cli - Update paramiko play_context when network_cli's play context is updated so that ssh parameters can be updated as well.
- network_cli connection plugin - Perform privilege escalation before setting terminal.
- pause - Fix indefinite hang when using a pause task on a background process (https://github.com/ansible/ansible/issues/32142)

- remove redundant remote_user setting in play_context for local as plugin already does it, also removes fork/thread issue from use of pwd library.
- set_mode_if_different - handle symlink if it is inside a directory with sticky bit set (https://github.com/ansible/ansible/pull/45198)

- systemd - account for templated unit files using ``@`` when searching for the unit file (https://github.com/ansible/ansible/pull/72347#issuecomment-730626228)

- systemd - follow up fix to https://github.com/ansible/ansible/issues/72338 to use ``list-unit-files`` rather than ``list-units`` in order to show all units files on the system.

- systemd - work around bug with ``systemd`` 245 and 5.8 kernel that does not correctly report service state (https://github.com/ansible/ansible/issues/71528)

- wait_for - catch and ignore errors when getting active connections with psutil (https://github.com/ansible/ansible/issues/72322)

v2.9.15
=======

Release Summary
---------------

| Release Date: 2020-11-02
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - Add a ``--docker-network`` option to choose the network for running containers when using the ``--docker`` option.
- ansible-test - Collections can now specify pip constraints for unit and integration test requirements using ``tests/unit/constraints.txt`` and ``tests/integration/constraints.txt`` respectively.
- dnf - now shows specific package changes (installations/removals) under ``results`` in check_mode. (https://github.com/ansible/ansible/issues/66132)
- module_defaults - add new module s3_metrics_configuration from community.aws to aws module_defaults group (https://github.com/ansible/ansible/pull/72145).
- vmware_guest_custom_attributes - Fixed issue when trying to set a VM custom attribute when there are custom attributes with the same name for other object types (https://github.com/ansible-collections/community.vmware/issues/412).

Breaking Changes / Porting Guide
--------------------------------

- ansible-galaxy login command has been removed (see https://github.com/ansible/ansible/issues/71560)

Bugfixes
--------

- Restore the ability for changed_when/failed_when to function with group_by.
- ansible-test - Always connect additional Docker containers to the network used by the current container (if any).
- ansible-test - Always map ``/var/run/docker.sock`` into test containers created by the ``--docker`` option if the docker host is not ``localhost``.
- ansible-test - Attempt to detect the Docker hostname instead of assuming ``localhost``.
- ansible-test - Correctly detect running in a Docker container on Azure Pipelines.
- ansible-test - Prefer container IP at ``.NetworkSettings.Networks.{NetworkName}.IPAddress`` over ``.NetworkSettings.IPAddress``.
- ansible-test - The ``cs`` and ``openshift`` test plugins now search for containers on the current network instead of assuming the ``bridge`` network.
- ansible-test - Using the ``--remote`` option on Azure Pipelines now works from a job running in a container.
- ansible-test - disable ansible-doc sanity test for vars plugins in collections, which are not supported by Ansible 2.9 (https://github.com/ansible/ansible/pull/72336).
- async_wrapper - Fix race condition when ``~/.ansible_async`` folder tries to be created by multiple async tasks at the same time - https://github.com/ansible/ansible/issues/59306
- dnf - it is now possible to specify both ``security: true`` and ``bugfix: true`` to install updates of both types. Previously, only security would get installed if both were true. (https://github.com/ansible/ansible/issues/70854)
- facts - fix distribution fact for SLES4SAP (https://github.com/ansible/ansible/pull/71559).
- kubectl - follow up fix in _build_exec_cmd API (https://github.com/ansible/ansible/issues/72171).
- nmcli - typecast parameters to string as required (https://github.com/ansible/ansible/issues/59095).
- ovirt_disk - don't move disk when already in storage_domain (https://github.com/oVirt/ovirt-ansible-collection/pull/135).
- postgresql_pg_hba - fix a crash when a new rule with an 'options' field replaces a rule without or vice versa (https://github.com/ansible-collections/community.general/issues/1108).
- postgresql_privs - fix the module mistakes a procedure for a function (https://github.com/ansible-collections/community.general/issues/994)
- powershell - remove getting the PowerShell version from the env var ``POWERSHELL_VERSION``. This feature never worked properly and can cause conflicts with other libraries that use this var
- user - AnsibleModule.run_command returns a tuple of return code, stdout and stderr. The module main function of the user module expects user.create_user to return a tuple of return code, stdout and stderr. Fix the locations where stdout and stderr got reversed.

- user - Local users with an expiry date cannot be created as the ``luseradd`` / ``lusermod`` commands do not support the ``-e`` option. Set the expiry time in this case via ``lchage`` after the user was created / modified. (https://github.com/ansible/ansible/issues/71942)

- zfs - fixed ``invalid character '@' in pool name"`` error when working with snapshots on a root zvol (https://github.com/ansible-collections/community.general/issues/932).

v2.9.14
=======

Release Summary
---------------

| Release Date: 2020-10-05
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - Added CI provider support for Azure Pipelines.
- ansible-test - Added support for Ansible Core CI request signing for Shippable.
- ansible-test - Allow custom ``--remote-stage`` options for development and testing.
- ansible-test - Fix ``ansible-test coverage`` reporting sub-commands (``report``, ``html``, ``xml``) on Python 2.6.
- ansible-test - Refactored CI related logic into a basic provider abstraction.
- ansible-test - Remove the discontinued ``us-east-2`` choice from the ``--remote-aws-region`` option.
- ansible-test - Request remote resources by provider name for all provider types.
- ansible-test - Show a warning when the obsolete ``--remote-aws-region`` option is used.
- ansible-test - Support custom remote endpoints with the ``--remote-endpoint`` option.
- ansible-test - Update built-in service endpoints for the ``--remote`` option.
- ansible-test - Use new endpoint for Parallels based instances with the ``--remote`` option.
- vmware_guest - Support HW version 15 / vSphere 6.7U2 (https://github.com/ansible-collections/vmware/pull/99).

Security Fixes
--------------

- kubectl - connection plugin now redact kubectl_token and kubectl_password in console log (https://github.com/ansible-collections/community.kubernetes/issues/65) (CVE-2020-1753).

Bugfixes
--------

- Handle write_files option in cgroup_perf_recap callback plugin (https://github.com/ansible/ansible/issues/64936).
- Prevent templating unused variables for {% include %} (https://github.com/ansible/ansible/issues/68699)
- Provide more information in AnsibleUndefinedVariable (https://github.com/ansible/ansible/issues/55152)
- ansible-doc - do not crash if plugin name cannot be found (https://github.com/ansible/ansible/pull/71965).
- ansible-doc - properly show plugin name when ``name:`` is used instead of ``<plugin_type>:`` (https://github.com/ansible/ansible/pull/71965).
- ansible-test - Change classification using ``--changed`` now consistently handles common configuration files for supported CI providers.
- ansible-test - The ``resource_prefix`` variable provided to tests running on Azure Pipelines is now converted to lowercase to match other CI providers.
- ansible-test - for local change detection, allow to specify branch to compare to with ``--base-branch`` for all types of tests (https://github.com/ansible/ansible/pull/69508).
- docker_login - now correctly reports changed status on logout for Docker versions released after June 2020.
- docker_login - now obeys check_mode for logout
- interfaces_file - escape regular expression characters in old value (https://github.com/ansible-collections/community.general/issues/777).
- ovirt_disk - fix upload when direct upload fails (https://github.com/oVirt/ovirt-ansible-collection/pull/120).
- postgres_user - remove false positive ``no_log`` warning for ``no_password_changes`` option (https://github.com/ansible/ansible/issues/68106).
- psrp - Fix hang when copying an empty file to the remote target
- runas - create a new token when running as ``SYSTEM`` to ensure it has the full privileges assigned to that account

(adam)

Updated net/py-botocore, net/py-boto3, net/py-awscli, security/py-google-auth

(adam)

py-google-auth: updated to 1.27.0

1.27.0

Features
workload identity federation support

Bug Fixes
add pyopenssl as extra dependency

(adam)

py-awscli: updated to 1.19.15

1.19.15
api-change:appflow: Update appflow command to latest version
api-change:ecr-public: Update ecr-public command to latest version
api-change:mediapackage-vod: Update mediapackage-vod command to latest version
api-change:compute-optimizer: Update compute-optimizer command to latest version
api-change:es: Update es command to latest version

1.19.14
api-change:glue: Update glue command to latest version
api-change:iotevents: Update iotevents command to latest version
api-change:autoscaling: Update autoscaling command to latest version
api-change:quicksight: Update quicksight command to latest version
api-change:redshift-data: Update redshift-data command to latest version
api-change:connect: Update connect command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:s3control: Update s3control command to latest version

1.19.13
api-change:sagemaker-runtime: Update sagemaker-runtime command to latest version
api-change:sagemaker: Update sagemaker command to latest version

1.19.12
api-change:rds: Update rds command to latest version

1.19.11
api-change:cloudformation: Update cloudformation command to latest version
api-change:codebuild: Update codebuild command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:health: Update health command to latest version

1.19.10
api-change:lookoutvision: Update lookoutvision command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:config: Update config command to latest version

1.19.9
api-change:devops-guru: Update devops-guru command to latest version
api-change:codebuild: Update codebuild command to latest version

1.19.8
api-change:medialive: Update medialive command to latest version
api-change:workmailmessageflow: Update workmailmessageflow command to latest version
api-change:mediatailor: Update mediatailor command to latest version
api-change:redshift-data: Update redshift-data command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:config: Update config command to latest version
api-change:lightsail: Update lightsail command to latest version
api-change:kinesis-video-archived-media: Update kinesis-video-archived-media command to latest version

1.19.7
api-change:detective: Update detective command to latest version
api-change:personalize-events: Update personalize-events command to latest version
api-change:rds: Update rds command to latest version
api-change:appsync: Update appsync command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:elbv2: Update elbv2 command to latest version
api-change:eks: Update eks command to latest version
api-change:codepipeline: Update codepipeline command to latest version
api-change:wafv2: Update wafv2 command to latest version
api-change:iam: Update iam command to latest version

1.19.6
api-change:databrew: Update databrew command to latest version
api-change:rds: Update rds command to latest version

1.19.5
api-change:gamelift: Update gamelift command to latest version
api-change:mediaconvert: Update mediaconvert command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:qldb-session: Update qldb-session command to latest version
api-change:quicksight: Update quicksight command to latest version

1.19.4
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:globalaccelerator: Update globalaccelerator command to latest version
api-change:ivs: Update ivs command to latest version
api-change:cloudtrail: Update cloudtrail command to latest version
api-change:elbv2: Update elbv2 command to latest version
api-change:dataexchange: Update dataexchange command to latest version
api-change:elasticache: Update elasticache command to latest version

1.19.3
api-change:elbv2: Update elbv2 command to latest version
api-change:macie: Update macie command to latest version
api-change:organizations: Update organizations command to latest version

1.19.2
api-change:emr-containers: Update emr-containers command to latest version
api-change:dlm: Update dlm command to latest version
api-change:quicksight: Update quicksight command to latest version
api-change:athena: Update athena command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:appflow: Update appflow command to latest version

1.19.1
api-change:lambda: Update lambda command to latest version
api-change:compute-optimizer: Update compute-optimizer command to latest version
api-change:securityhub: Update securityhub command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:workmail: Update workmail command to latest version
api-change:codebuild: Update codebuild command to latest version
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:ce: Update ce command to latest version
api-change:auditmanager: Update auditmanager command to latest version
api-change:databrew: Update databrew command to latest version

1.19.0
api-change:appmesh: Update appmesh command to latest version
api-change:organizations: Update organizations command to latest version
api-change:location: Update location command to latest version
api-change:route53: Update route53 command to latest version
feature:Python: Dropped support for Python 3.4 and 3.5
api-change:rds-data: Update rds-data command to latest version
api-change:s3control: Update s3control command to latest version
api-change:lookoutvision: Update lookoutvision command to latest version
api-change:application-autoscaling: Update application-autoscaling command to latest version
api-change:iotwireless: Update iotwireless command to latest version
api-change:medialive: Update medialive command to latest version

1.18.223
api-change:medialive: Update medialive command to latest version
api-change:connect: Update connect command to latest version
api-change:macie2: Update macie2 command to latest version

1.18.222
api-change:wellarchitected: Update wellarchitected command to latest version
api-change:databrew: Update databrew command to latest version
api-change:robomaker: Update robomaker command to latest version
api-change:iot: Update iot command to latest version
api-change:cloudwatch: Update cloudwatch command to latest version
api-change:managedblockchain: Update managedblockchain command to latest version

1.18.221
api-change:lightsail: Update lightsail command to latest version
api-change:accessanalyzer: Update accessanalyzer command to latest version
api-change:sesv2: Update sesv2 command to latest version
api-change:customer-profiles: Update customer-profiles command to latest version
api-change:es: Update es command to latest version
api-change:elasticache: Update elasticache command to latest version

1.18.220
api-change:backup: Update backup command to latest version

1.18.219
api-change:ec2: Update ec2 command to latest version
api-change:lexv2-runtime: Update lexv2-runtime command to latest version
api-change:ssm: Update ssm command to latest version
api-change:lexv2-models: Update lexv2-models command to latest version
api-change:redshift: Update redshift command to latest version
api-change:rds: Update rds command to latest version
api-change:greengrassv2: Update greengrassv2 command to latest version

1.18.218
api-change:kafka: Update kafka command to latest version
api-change:resourcegroupstaggingapi: Update resourcegroupstaggingapi command to latest version
enhancement:codeartifact: Added login support for NuGet client v4.9.4
api-change:securityhub: Update securityhub command to latest version

1.18.217
api-change:chime: Update chime command to latest version
api-change:acm-pca: Update acm-pca command to latest version
api-change:ecs: Update ecs command to latest version

1.18.216
api-change:sns: Update sns command to latest version

1.18.215
api-change:cognito-identity: Update cognito-identity command to latest version
api-change:pinpoint: Update pinpoint command to latest version
api-change:sagemaker: Update sagemaker command to latest version
api-change:s3control: Update s3control command to latest version

(adam)

py-boto3: updated to 1.17.15

1.17.15
api-change:es: [botocore] Update es client to latest version
api-change:mediapackage-vod: [botocore] Update mediapackage-vod client to latest version
api-change:appflow: [botocore] Update appflow client to latest version
api-change:ecr-public: [botocore] Update ecr-public client to latest version
api-change:compute-optimizer: [botocore] Update compute-optimizer client to latest version

1.17.14
api-change:glue: [botocore] Update glue client to latest version
api-change:redshift-data: [botocore] Update redshift-data client to latest version
api-change:s3control: [botocore] Update s3control client to latest version
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:pinpoint: [botocore] Update pinpoint client to latest version
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:iotevents: [botocore] Update iotevents client to latest version
api-change:connect: [botocore] Update connect client to latest version

1.17.13
api-change:sagemaker-runtime: [botocore] Update sagemaker-runtime client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version

1.17.12
api-change:rds: [botocore] Update rds client to latest version

1.17.11
api-change:health: [botocore] Update health client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version

1.17.10
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:config: [botocore] Update config client to latest version
api-change:lookoutvision: [botocore] Update lookoutvision client to latest version

1.17.9
api-change:devops-guru: [botocore] Update devops-guru client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version

1.17.8
api-change:lightsail: [botocore] Update lightsail client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:kinesis-video-archived-media: [botocore] Update kinesis-video-archived-media client to latest version
api-change:config: [botocore] Update config client to latest version
api-change:pinpoint: [botocore] Update pinpoint client to latest version
api-change:redshift-data: [botocore] Update redshift-data client to latest version
api-change:workmailmessageflow: [botocore] Update workmailmessageflow client to latest version
api-change:mediatailor: [botocore] Update mediatailor client to latest version

1.17.7
api-change:personalize-events: [botocore] Update personalize-events client to latest version
api-change:eks: [botocore] Update eks client to latest version
api-change:iam: [botocore] Update iam client to latest version
api-change:codepipeline: [botocore] Update codepipeline client to latest version
api-change:detective: [botocore] Update detective client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:wafv2: [botocore] Update wafv2 client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:appsync: [botocore] Update appsync client to latest version
api-change:rds: [botocore] Update rds client to latest version

1.17.6
api-change:databrew: [botocore] Update databrew client to latest version
api-change:rds: [botocore] Update rds client to latest version

1.17.5
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:mediaconvert: [botocore] Update mediaconvert client to latest version
api-change:qldb-session: [botocore] Update qldb-session client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version
api-change:gamelift: [botocore] Update gamelift client to latest version

1.17.4
api-change:dataexchange: [botocore] Update dataexchange client to latest version
api-change:cloudtrail: [botocore] Update cloudtrail client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:ivs: [botocore] Update ivs client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:globalaccelerator: [botocore] Update globalaccelerator client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
api-change:elasticache: [botocore] Update elasticache client to latest version

1.17.3
api-change:macie: [botocore] Update macie client to latest version
api-change:elbv2: [botocore] Update elbv2 client to latest version
api-change:organizations: [botocore] Update organizations client to latest version

1.17.2
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:appflow: [botocore] Update appflow client to latest version
api-change:emr-containers: [botocore] Update emr-containers client to latest version
api-change:dlm: [botocore] Update dlm client to latest version
api-change:athena: [botocore] Update athena client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version

1.17.1
api-change:lambda: [botocore] Update lambda client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:ce: [botocore] Update ce client to latest version
api-change:databrew: [botocore] Update databrew client to latest version
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:workmail: [botocore] Update workmail client to latest version
api-change:auditmanager: [botocore] Update auditmanager client to latest version
api-change:compute-optimizer: [botocore] Update compute-optimizer client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version

1.17.0
api-change:appmesh: [botocore] Update appmesh client to latest version
feature:Python: Dropped support for Python 3.4 and 3.5
api-change:application-autoscaling: [botocore] Update application-autoscaling client to latest version
api-change:lookoutvision: [botocore] Update lookoutvision client to latest version
api-change:organizations: [botocore] Update organizations client to latest version
feature:Python: [botocore] Dropped support for Python 3.4 and 3.5
api-change:s3control: [botocore] Update s3control client to latest version
api-change:rds-data: [botocore] Update rds-data client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:route53: [botocore] Update route53 client to latest version
api-change:location: [botocore] Update location client to latest version
enhancement:s3: [botocore] Amazon S3 now supports AWS PrivateLink, providing direct access to S3 via a private endpoint within your virtual private network.
api-change:iotwireless: [botocore] Update iotwireless client to latest version

1.16.63
api-change:macie2: [botocore] Update macie2 client to latest version
api-change:connect: [botocore] Update connect client to latest version
api-change:medialive: [botocore] Update medialive client to latest version

1.16.62
api-change:wellarchitected: [botocore] Update wellarchitected client to latest version
api-change:managedblockchain: [botocore] Update managedblockchain client to latest version
api-change:cloudwatch: [botocore] Update cloudwatch client to latest version
api-change:databrew: [botocore] Update databrew client to latest version
bugfix:Validator: [botocore] Fix showing incorrect max-value in error message for range and length value validation
api-change:iot: [botocore] Update iot client to latest version
api-change:robomaker: [botocore] Update robomaker client to latest version

1.16.61
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:customer-profiles: [botocore] Update customer-profiles client to latest version
api-change:sesv2: [botocore] Update sesv2 client to latest version
api-change:accessanalyzer: [botocore] Update accessanalyzer client to latest version
api-change:lightsail: [botocore] Update lightsail client to latest version
api-change:es: [botocore] Update es client to latest version

1.16.60
api-change:backup: [botocore] Update backup client to latest version

1.16.59
api-change:greengrassv2: [botocore] Update greengrassv2 client to latest version
api-change:redshift: [botocore] Update redshift client to latest version
api-change:lexv2-runtime: [botocore] Update lexv2-runtime client to latest version
api-change:rds: [botocore] Update rds client to latest version
api-change:lexv2-models: [botocore] Update lexv2-models client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version

1.16.58
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:kafka: [botocore] Update kafka client to latest version
api-change:resourcegroupstaggingapi: [botocore] Update resourcegroupstaggingapi client to latest version

1.16.57
api-change:acm-pca: [botocore] Update acm-pca client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:ecs: [botocore] Update ecs client to latest version

1.16.56
api-change:sns: [botocore] Update sns client to latest version

1.16.55
api-change:pinpoint: [botocore] Update pinpoint client to latest version
api-change:cognito-identity: [botocore] Update cognito-identity client to latest version
api-change:s3control: [botocore] Update s3control client to latest version
api-change:sagemaker: [botocore] Update sagemaker client to latest version

(adam)

py-botocore: updated to 1.20.15

1.20.15
api-change:es: Update es client to latest version
api-change:mediapackage-vod: Update mediapackage-vod client to latest version
api-change:appflow: Update appflow client to latest version
api-change:ecr-public: Update ecr-public client to latest version
api-change:compute-optimizer: Update compute-optimizer client to latest version

1.20.14
api-change:glue: Update glue client to latest version
api-change:redshift-data: Update redshift-data client to latest version
api-change:s3control: Update s3control client to latest version
api-change:autoscaling: Update autoscaling client to latest version
api-change:pinpoint: Update pinpoint client to latest version
api-change:quicksight: Update quicksight client to latest version
api-change:iotevents: Update iotevents client to latest version
api-change:connect: Update connect client to latest version

1.20.13
api-change:sagemaker-runtime: Update sagemaker-runtime client to latest version
api-change:sagemaker: Update sagemaker client to latest version

1.20.12
api-change:rds: Update rds client to latest version

1.20.11
api-change:health: Update health client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:cloudformation: Update cloudformation client to latest version
api-change:codebuild: Update codebuild client to latest version

1.20.10
api-change:ec2: Update ec2 client to latest version
api-change:config: Update config client to latest version
api-change:lookoutvision: Update lookoutvision client to latest version

1.20.9
api-change:devops-guru: Update devops-guru client to latest version
api-change:codebuild: Update codebuild client to latest version

1.20.8
api-change:lightsail: Update lightsail client to latest version
api-change:medialive: Update medialive client to latest version
api-change:kinesis-video-archived-media: Update kinesis-video-archived-media client to latest version
api-change:config: Update config client to latest version
api-change:pinpoint: Update pinpoint client to latest version
api-change:redshift-data: Update redshift-data client to latest version
api-change:workmailmessageflow: Update workmailmessageflow client to latest version
api-change:mediatailor: Update mediatailor client to latest version

1.20.7
api-change:personalize-events: Update personalize-events client to latest version
api-change:eks: Update eks client to latest version
api-change:iam: Update iam client to latest version
api-change:codepipeline: Update codepipeline client to latest version
api-change:detective: Update detective client to latest version
api-change:macie2: Update macie2 client to latest version
api-change:wafv2: Update wafv2 client to latest version
api-change:elbv2: Update elbv2 client to latest version
api-change:appsync: Update appsync client to latest version
api-change:rds: Update rds client to latest version

1.20.6
api-change:databrew: Update databrew client to latest version
api-change:rds: Update rds client to latest version

1.20.5
api-change:quicksight: Update quicksight client to latest version
api-change:mediaconvert: Update mediaconvert client to latest version
api-change:qldb-session: Update qldb-session client to latest version
api-change:sagemaker: Update sagemaker client to latest version
api-change:gamelift: Update gamelift client to latest version

1.20.4
api-change:dataexchange: Update dataexchange client to latest version
api-change:cloudtrail: Update cloudtrail client to latest version
api-change:elbv2: Update elbv2 client to latest version
api-change:ivs: Update ivs client to latest version
api-change:macie2: Update macie2 client to latest version
api-change:globalaccelerator: Update globalaccelerator client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
api-change:elasticache: Update elasticache client to latest version

1.20.3
api-change:macie: Update macie client to latest version
api-change:elbv2: Update elbv2 client to latest version
api-change:organizations: Update organizations client to latest version

1.20.2
api-change:quicksight: Update quicksight client to latest version
api-change:appflow: Update appflow client to latest version
api-change:emr-containers: Update emr-containers client to latest version
api-change:dlm: Update dlm client to latest version
api-change:athena: Update athena client to latest version
api-change:ec2: Update ec2 client to latest version

1.20.1
api-change:lambda: Update lambda client to latest version
api-change:codebuild: Update codebuild client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:ce: Update ce client to latest version
api-change:databrew: Update databrew client to latest version
api-change:securityhub: Update securityhub client to latest version
api-change:workmail: Update workmail client to latest version
api-change:auditmanager: Update auditmanager client to latest version
api-change:compute-optimizer: Update compute-optimizer client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version

1.20.0
api-change:appmesh: Update appmesh client to latest version
api-change:application-autoscaling: Update application-autoscaling client to latest version
api-change:lookoutvision: Update lookoutvision client to latest version
api-change:organizations: Update organizations client to latest version
feature:Python: Dropped support for Python 3.4 and 3.5
api-change:s3control: Update s3control client to latest version
api-change:rds-data: Update rds-data client to latest version
api-change:medialive: Update medialive client to latest version
api-change:route53: Update route53 client to latest version
api-change:location: Update location client to latest version
enhancement:s3: Amazon S3 now supports AWS PrivateLink, providing direct access to S3 via a private endpoint within your virtual private network.
api-change:iotwireless: Update iotwireless client to latest version

1.19.63
api-change:macie2: Update macie2 client to latest version
api-change:connect: Update connect client to latest version
api-change:medialive: Update medialive client to latest version

1.19.62
api-change:wellarchitected: Update wellarchitected client to latest version
api-change:managedblockchain: Update managedblockchain client to latest version
api-change:cloudwatch: Update cloudwatch client to latest version
api-change:databrew: Update databrew client to latest version
bugfix:Validator: Fix showing incorrect max-value in error message for range and length value validation
api-change:iot: Update iot client to latest version
api-change:robomaker: Update robomaker client to latest version

1.19.61
api-change:elasticache: Update elasticache client to latest version
api-change:customer-profiles: Update customer-profiles client to latest version
api-change:sesv2: Update sesv2 client to latest version
api-change:accessanalyzer: Update accessanalyzer client to latest version
api-change:lightsail: Update lightsail client to latest version
api-change:es: Update es client to latest version

1.19.60
api-change:backup: Update backup client to latest version

1.19.59
api-change:greengrassv2: Update greengrassv2 client to latest version
api-change:redshift: Update redshift client to latest version
api-change:lexv2-runtime: Update lexv2-runtime client to latest version
api-change:rds: Update rds client to latest version
api-change:lexv2-models: Update lexv2-models client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ec2: Update ec2 client to latest version

1.19.58
api-change:securityhub: Update securityhub client to latest version
api-change:kafka: Update kafka client to latest version
api-change:resourcegroupstaggingapi: Update resourcegroupstaggingapi client to latest version

1.19.57
api-change:acm-pca: Update acm-pca client to latest version
api-change:chime: Update chime client to latest version
api-change:ecs: Update ecs client to latest version

1.19.56
api-change:sns: Update sns client to latest version

1.19.55
api-change:pinpoint: Update pinpoint client to latest version
api-change:cognito-identity: Update cognito-identity client to latest version
api-change:s3control: Update s3control client to latest version
api-change:sagemaker: Update sagemaker client to latest version

(adam)

Updated security/py-rsa, devel/py-rply

(adam)

py-rply: updated to 0.7.8

0.7.8
Unknown changes

(adam)

mongo-tools: updated to 4.2.12

4.2.12:
Unknown changes

(adam)

Updated net/openvpn, security/py-rsa

(adam)

py-rsa: updated to 4.7.2

Version 4.7.2
Fix picking/unpickling issue introduced in 4.7

(adam)

openvpn: updated to 2.5.1

Version 2.5.1
* Fix auth-token not being updated if auth-nocache is set
* Remove auth_user_pass.wait_for_push variable
* Fix port-share option with TLS-Crypt v2
* Zero initialise msghdr prior to calling sendmesg
* Fix tls-auth mismatch OCC message when tls-cryptv2 is used.
* build: Fix missing install of man page in certain environments
* Fix too early argv freeing when registering DNS
* Remove 1 second delay before running netsh
* Skip DHCP renew with Wintun adapter
* Change travis build scripts to use https when fetching prerequisites.
* Fix line number reporting on config file errors after <inline> segments
* Clarify --block-ipv6 intent and direction.
* Document common uses of 'echo' directive, re-enable logging for 'echo'.
* Make OPENVPN_PLUGIN_ENABLE_PF failures FATAL
* clean up / rewrite sample-plugins/defer/simple.c
* Fix naming error in sample-plugins/defer/simple.c
* Documentation fixes around openvpn_plugin_func_v3 in openvpn-plugin.h.in
* Update openvpn_plugin_func_v2 to _v3 in sample-plugins/defer/simple.c
* More explicit versioning compatibility in sample-plugins/defer/simple.c
* Explain structver usage in sample defer plugin.
* Man page sections corrections
* Quote the domain name argument passed to the wmic command
* tls-crypt-v2: fix server memory leak
* tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key)

(adam)

Updated databases/mongo-c-driver, devel/py-pylint

(adam)

py-pylint: updated to 2.7.1

Pylint 2.7.1
* Expose `UnittestLinter` in pylint.testutils
* Don't check directories starting with '.' when using register_plugins

(adam)

mongo-c-driver: updated to 1.17.4

mongo-c-driver 1.17.4

libbson

It is my pleasure to announce libbson 1.17.4.

No changes since 1.17.3; release to keep pace with libmongoc's version.

libmongoc

It is my pleasure to announce the MongoDB C Driver 1.17.4.

Bug fixes:

Fix crash on macOS on client pool shutdown.
Fix spacing in extended JSON output for numberLong.
Clear error in mongoc_collection_find_and_modify_with_opts on a successful retry.

(adam)

nodejs10/12: switch to .tar.xz

(adam)

Updated lang/nodejs10, lang/nodejs12, lang/nodejs

(adam)

nodejs: updated to 14.16.0

Version 14.16.0 'Fermium' (LTS)

This is a security release.

Notable changes

Vulnerabilities fixed:

CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion
Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.
CVE-2021-22884: DNS rebinding in --inspect
Affected Node.js versions are vulnerable to denial of service attacks when the whitelist includes ���localhost6���. When ���localhost6��� is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the ���localhost6��� domain. As long as the attacker uses the ���localhost6��� domain, they can still apply the attack described in CVE-2018-7160.
CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate
This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210216.txt

(adam)

nodejs12: updated to 12.21.0

Version 12.21.0 'Erbium' (LTS)

This is a security release.

Notable changes

Vulnerabilities fixed:

CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion
Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.
CVE-2021-22884: DNS rebinding in --inspect
Affected Node.js versions are vulnerable to denial of service attacks when the whitelist includes ���localhost6���. When ���localhost6��� is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the ���localhost6��� domain. As long as the attacker uses the ���localhost6��� domain, they can still apply the attack described in CVE-2018-7160.
CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate
This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210216.txt

(adam)

nodejs10: updated to 10.24.0

Version 10.24.0 'Dubnium' (LTS)

This is a security release.

Notable changes

Vulnerabilities fixed:

CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion
Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.
CVE-2021-22884: DNS rebinding in --inspect
Affected Node.js versions are vulnerable to denial of service attacks when the whitelist includes ���localhost6���. When ���localhost6��� is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the ���localhost6��� domain. As long as the attacker uses the ���localhost6��� domain, they can still apply the attack described in CVE-2018-7160.
CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate
This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210216.txt

(adam)

Updated devel/protobuf, devel/py-protobuf

(adam)

protobuf py-protobuf: updated to 3.15.2

Protocol Buffers v3.15.2

C++

Fix PROTOBUF_CONSTINIT macro redefinition

(adam)

Updated devel/py-jaraco.classes, finance/py-stripe

(adam)

py-stripe: updated to 2.56.0

2.56.0
Add support for the Billing Portal Configuration API

(adam)

py-jaraco.classes: updated to 3.2.1

v3.2.1
======

Refreshed package metadata.

v3.2.0
======

Switched to native namespace for jaraco package.

v3.1.1
======

Packaging refresh and associated cleanups, including fix
for 4 (failing black check).

v3.1.0
======

``classproperty`` decorator now supplies a
``classproperty.Meta`` class. Classes that wish to have
a class property should derive from that metaclass. This
approach solves the unintended behavior of the property
only being set on a given instance. For compatibility, the
old behavior is retained if the metaclass is not used.

v3.0.0
======

Project now requires Python 3.6 or later.

2.0
===

Switch to `pkgutil namespace technique
<https://packaging.python.org/guides/packaging-namespace-packages/#pkgutil-style-namespace-packages>`_
for the ``jaraco`` namespace.

(adam)

Updated textproc/py-precis-i18n, databases/py-aiosqlite, textproc/py-tabulate, databases/py-pypika

(adam)

py-pypika: updated to 0.47.7

0.47.7
Unknown changes

(adam)

py-tabulate: updated to 0.8.9

- 0.8.9: Bug fix. Revert support of decimal separators.
- 0.8.8: Python 3.9 support, 3.10 ready.
  New formats: ``unsafehtml``, ``latex_longtable``, ``fancy_outline``.
  Support lists of UserDicts as input.
  Support hyperlinks in terminal output.
  Improve testing on systems with proxies.
  Migrate to pytest.
  Various bug fixes and improvements.

(adam)

py-aiosqlite: updated to 0.17.0

v0.17.0

Feature release

* Connection objects now raise ValueError when closed and a command is executed
* Fix documented examples in readme

(adam)

py-precis-i18n: updated to 1.0.3

1.0.3
- MANIFEST.in excludes `test_derived_props_files.py`; test data files are not packaged.
- CI script now builds source package and runs tests from it.
- Use Github Actions for continuous integration.
- Update copyright year (2021).

(adam)

Updated devel/py-astroid, devel/py-pylint

(adam)

py-pylint: updated to 2.7.0

What's New in Pylint 2.7.0?

* Introduce DeprecationMixin for reusable deprecation checks.
* Fix false positive for ``builtin-not-iterating`` when ``map`` receives iterable
* Python 3.6+ is now required.
* Fix false positive for ``builtin-not-iterating`` when ``zip`` receives iterable
* Add `nan-comparison` check for NaN comparisons
* Bug fix for empty-comment message line number.
* Only emit `bad-reversed-sequence` on dictionaries if below py3.8
* Handle class decorators applied to function.
* Add check for empty comments
* Fix minor documentation issue in contribute.rst
* Enums are now required to be named in UPPER_CASE by ``invalid-name``.
* Add missing checks for deprecated functions.
* Postponed evaluation of annotations are now recognized by default if python version is above 3.10
* Fix column metadata for anomalous backslash lints
* Drop support for Python 3.5
* Add support for pep585 with postponed evaluation
* Check alternative union syntax - PEP 604
* Fix multiple false positives with assignment expressions
* Fix TypedDict inherit-non-class false-positive Python 3.9+
* Fix issue with nested PEP 585 syntax
* Fix issue with nested PEP 604 syntax
* Fix a crash in `undefined-variable` caused by chained attributes in metaclass
* Fix false positive for `not-async-context-manager` when `contextlib.asynccontextmanager` is used
* Fix linter multiprocessing pool shutdown (triggered warnings when runned in parallels with other pytest plugins)
* Fix a false-positive emission of `no-self-use` and `unused-argument` for methods
  of generic structural types (`Protocol[T]`)
* Fix bug that lead to duplicate messages when using ``--jobs 2`` or more.
* Adds option ``check-protected-access-in-special-methods`` in the ClassChecker to activate/deactivate
  ``protected-access`` message emission for single underscore prefixed attribute in special methods.
* Fix vulnerable regular expressions in ``pyreverse``
* ``inconsistent-return-statements`` message is now emitted if one of ``try/except`` statement
  is not returning explicitly while the other do.
* Fix ``useless-super-delegation`` false positive when default keyword argument is a dictionnary.
* Fix a crash when a specified config file does not exist
* Add support to ``ignored-argument-names`` in DocstringParameterChecker and adds `useless-param-doc` and `useless-type-doc` messages.
* Enforce docparams consistently when docstring is not present
* Fix ``duplicate-code`` false positive when lines only contain whitespace and non-alphanumeric characters (e.g. parentheses, bracket, comman, etc.)
* Improve lint message for `singleton-comparison` with bools
* Fix spell-checker crash on indented docstring lines that look like # comments
* Fix AttributeError in checkers/refactoring.py
* Improve sphinx directives spelling filter
* Fix a bug with postponed evaluation when using aliases for annotations.
* Fix minor documentation issues
* Improve the performance of the line length check.
* Removed incorrect deprecation of ``inspect.getfullargspec``
* Fix ``signature-differs`` false positive for functions with variadics
* Fix a crash in `consider-using-enumerate` when encountering `range()` without arguments
* `len-as-conditions` is now triggered only for classes that are inheriting directly from list, dict, or set and not implementing the `__bool__` function, or from generators like range or list/dict/set comprehension. This should reduce the false positives for other classes, like pandas's DataFrame or numpy's Array.
* Fixes duplicate-errors not working with -j2+
* `generated-members` now matches the qualified name of members
* Add check for bool function to `len-as-condition`
* Add `simplifiable-condition` check for extraneous constants in conditionals using and/or.
* Add `condition-evals-to-constant` check for conditionals using and/or that evaluate to a constant.
* Changed setup.py to work with [distlib](https://pypi.org/project/distlib)
* New check: ``consider-using-generator``
  This check warns when a comprehension is used inside an `any` or `all` function,
  since it is unnecessary and should be replaced by a generator instead.
  Using a generator would be less code and way faster.
* Add Github Actions to replace Travis and AppVeyor in the future

(adam)

py-astroid: updated to 2.5

What's New in astroid 2.5?

* Adds `attr_fset` in the `PropertyModel` class.
* Remove support for Python 3.5.
* Remove the runtime dependency on ``six``. The ``six`` brain remains in
  astroid.
* Enrich the ``brain_collection`` module so that ``__class_getitem__`` method is added to `deque` for
  ``python`` version above 3.9.
* The ``context.path`` is now a ``dict`` and the ``context.push`` method
  returns ``True`` if the node has been visited a certain amount of times.
* Adds a brain for type object so that it is possible to write `type[int]` in annotation.
* Add ``__class_getitem__`` method to ``subprocess.Popen`` brain under Python 3.9 so that it is seen as subscriptable by pylint.
* Adds `degrees`, `radians`, which are `numpy ufunc` functions, in the `numpy` brain. Adds `random` function in the `numpy.random` brain.
* Fix deprecated importlib methods
* Fix a crash in inference caused by `Uninferable` container elements
* Add `python 3.9` support.
* The flat attribute of ``numpy.ndarray`` is now inferred as an ``numpy.ndarray`` itself.
  It should be a ``numpy.flatiter`` instance, but this class is not yet available in the numpy brain.
* Fix a bug for dunder methods inference of function objects
* Fixes a bug in the signature of the ``ndarray.__or__`` method,
  in the ``brain_numpy_ndarray.py`` module.
* Fixes a to-list cast bug in ``starred_assigned_stmts`` method,
  in the ``protocols.py` module.
* Added a brain for ``hypothesis.strategies.composite``
* The transpose of a ``numpy.ndarray`` is also a ``numpy.ndarray``
* Added a brain for ``sqlalchemy.orm.session``
* Separate string and bytes classes patching
* Prevent recursion error for self referential length calls
* Added missing methods to the brain for ``mechanize``, to fix pylint false positives
* Added more supported parameters to ``subprocess.check_output``
* Fix recursion errors with pandas
* Added exception inference for `UnicodeDecodeError`
* `FunctionDef.is_generator` properly handles `yield` nodes in `If` tests
* Fixed exception-chaining error messages.
* Fix failure to infer base class type with multiple inheritance and qualified names
* Fix interpretation of ``six.with_metaclass`` class definitions.
* Reduce memory usage of astroid's module cache.
* Remove dependency on `imp`.
* Do not crash when encountering starred assignments in enums.
* Fix a crash in functools.partial inference when the arguments cannot be determined
* Fix a crash caused by a lookup of a monkey-patched method
* ``is_generator`` correctly considers `Yield` nodes in `AugAssign` nodes
  This fixes a false positive with the `assignment-from-no-return` pylint check.
* Corrected the parent of function type comment nodes.
  These nodes used to be parented to their original ast.FunctionDef parent
  but are now correctly parented to their astroid.FunctionDef parent.

(adam)

py-yaml: needs py-cython

(adam)

Updated x11/gtk3, textproc/py-yaml

(adam)

py-yaml: updated to 5.4.1

5.4.1
* Fix stub compat with older pyyaml versions that may unwittingly load it

5.4
* Build modernization, remove distutils, fix metadata, build wheels, CI to GHA
* Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader
* Fix memory leak in implicit resolver setup
* Fix py2 copy support for timezone objects
* Fix compatibility with Jython

(adam)

gtk3: updated to 3.24.25

Overview of Changes in GTK+ 3.24.25
===================================

* Settings:
- Make cursor aspect ratio setting work

* Broadway:
- Fix touchscreen event handling
- Support Android / Chrome on-screen keyboard

* Windows:
- Fix issues with Intel graphics drivers
- Avoid UAC for gtk-update-icon-cache

* Wayland:
- Avoid crashes with tablet input
- Add api to support clients with subsurfaces better

* Inspector:
- Make the inspector available in non-debug builds

* Theme:
- Make scrollbars larger
- Disable shadows on maximized, fullscreen and tiled windows

* Printing:
- Support Avahi-discovered printers better

* Input:
- Show preedit for compose sequences
- Support long compose sequences
- Support compose sequences producing multiple characters

* Translation updates
Belarusian
British English
Catalan
Friulian
Galician
Japanese
Persian
Serbian

(adam)

Updated multimedia/ffmpeg4, multimedia/ffplay4

(adam)

ffmpeg4 ffplay4: updated to 4.3.2

version 4.3.2:
avcodec/hapdec: Change compressed_offset to unsigned 32bit
avformat/rmdec: Check codec_length without overflow
avformat/mov: Check element count in mov_metadata_hmmt()
avcodec/vp8: Move end check into MB loop in vp78_decode_mv_mb_modes()
avcodec/fits: Check gcount and pcount being non negative
avformat/nutdec: Check timebase count against main header length
avformat/electronicarts: Clear partial_packet on error
avformat/r3d: Check samples before computing duration
avcodec/pnm_parser: Check av_image_get_buffer_size() for failure
avformat/wavdec: Consider AV_INPUT_BUFFER_PADDING_SIZE in set_spdif()
avformat/rmdec: Check remaining space in debug av_log() loop
avformat/flvdec: Treat high ts byte as unsigned
avformat/samidec: Sanity check pts
avcodec/jpeg2000dec: Check atom_size in jp2_find_codestream()
avformat/avidec: Use 64bit in get_duration()
avformat/mov: Check for duplicate st3d
avformat/mvdec: Check for EOF in read_index()
avcodec/jpeglsdec: Fix k=16 in ls_get_code_regular()
avformat/id3v2: Check the return from avio_get_str()
avcodec/hevc_sei: Check payload size in decode_nal_sei_message()
libavutil/eval: Remove CONFIG_TRAPV special handling
avformat/wtvdec: Check len in parse_chunks() to avoid overflow
avformat/asfdec_f: Add an additional check for the extradata size
avformat/3dostr: Check sample_rate
avformat/4xm: Make audio_frame_count 64bit
avformat/mov: Use av_mul_q() to avoid integer overflows
avcodec/vp9dsp_template: Fix integer overflows in itxfm_wrapper
avformat/rmdec: Reorder operations to avoid overflow
avcodec/mxpegdec: fix SOF counting
avcodec/rscc: Check inflated_buf size whan it is used
avformat/mvdec: Sanity check SAMPLE_WIDTH
avcodec/nvenc: fix timestamp offset ticks logic
avformat/rmdec: Fix codecdata_length overflow check
avcodec/simple_idct: Fix undefined integer overflow in idct4row()
avformat/wavdec: Check block_align vs. channels before combining them
avformat/tta: Use 64bit intermediate for index
avformat/soxdec: Check channels to be positive
avformat/smacker: Check for too small pts_inc
avformat/sbgdec: Use av_sat_add64() in str_to_time()
avcodec/cscd: Check output len in zlib as in lzo
avcodec/vp3: Check input amount in theora_decode_header()
avformat/wavdec: Check avio_get_str16le() for failure
avformat/flvdec: Check for EOF in amf_skip_tag()
avformat/aiffdec: Check size before subtraction in get_aiff_header()
avformat/electronicarts: More chunk_size checks
avcodec/cfhd: check peak.offset
avformat/tedcaptionsdec: Check for overflow in parse_int()
avformat/nuv: Check channels
avcodec/siren: Increase noise category 5 and 6
avformat/mpc8: Check size before implicitly converting to int
avformat/nutdec: Fix integer overflow in count computation
avformat/mvi: Use 64bit for testing dimensions
avformat/utils: Check dts in update_initial_timestamps() more
avformat/mpsubdec: Use av_sat_add/sub64() in fracval handling
avformat/flvdec: Check for avio_read() failure in amf_get_string()
avformat/flvdec: Check for nesting depth in amf_skip_tag()
avformat/flvdec: Check for nesting depth in amf_parse_object()
avformat/asfdec_o: Check for EOF in asf_read_marker()
avformat/flvdec: Use av_sat_add64() for pts computation
avformat/utils: Check dts - (1<<pts_wrap_bits) overflow
avformat/bfi: Check chunk_header
avformat/ads: Check size
avformat/iff: Check block align also for ID_MAUD
avcodec/utils: Check for integer overflow in get_audio_frame_duration() for ADPCM_DTK
avformat/fitsdec: Better size checks
avformat/mxfdec: Fix integer overflow in next position in mxf_read_local_tags()
avformat/avidec: dv does not support palettes
avformat/dhav: Break out of infinite dhav search loop
libavformat/utils: consider avio_size() failure in ffio_limit()
avformat/nistspheredec: Check bits_per_coded_sample and channels
avformat/asfdec_o: Check size vs. offset in detect_unknown_subobject()
avformat/utils: check for integer overflow in av_get_frame_filename2()
avutil/timecode: Avoid undefined behavior with large framenum
avformat/mov: Check a.size before computing next_root_atom
avformat/sbgdec: Reduce the amount of floating point in str_to_time()
avformat/mxfdec: Free all types for both Descriptors
uavformat/rsd: check for EOF in extradata
avcodec/wmaprodec: Check packet size
avformat/dhav: Check position for overflow
avcodec/rasc: Check frame before clearing
avformat/vividas: Check number of audio channels
avcodec/alsdec: Fix integer overflow with quant_cof
avformat/mpegts: Fix argument type for av_log
avformat/cafdec: clip sample rate
avcodec/ffv1dec: Fix off by 1 error with quant tables
avformat/mpegts: Increase pcr_incr width to 64bit
avcodec/utils: Check bitrate for overflow in get_bit_rate()
avformat/mov: Check if hoov is at the end
avcodec/hevc_ps: check scaling_list_dc_coef
avformat/iff: Check data_size
avformat/matroskadec: Sanity check codec_id/track type
avformat/rpl: Check the number of streams
avformat/vividas: Check sample_rate
avformat/vividas: Make len signed
avcodec/h264idct_template: Fix integer overflow in ff_h264_chroma422_dc_dequant_idct()
avformat/dsfdec: Check block_align more completely
avformat/mpc8: Check remaining space in mpc8_parse_seektable()
avformat/id3v2: Sanity check tlen before alloc and uncompress
avformat/vqf: Check len for COMM chunks
avformat/mov: Avoid overflow in end computation in mov_read_custom()
avcodec/hevc_cabac: Limit value in coeff_abs_level_remaining_decode() tighter
avformat/cafdec: Check the return code from av_add_index_entry()
avformat/cafdec: Check for EOF in index read loop
avformat/cafdec: Check that bytes_per_packet and frames_per_packet are non negative
avformat/mpc8: correct integer overflow in mpc8_parse_seektable()
avformat/mpc8: correct 32bit timestamp truncation
avcodec/exr: Check ymin vs. h
avformat/avs: Use 64bit for the avio_tell() output
avformat/wavdec: More complete size check in find_guid()
avcodec/mv30: Use unsigned in idct_1d()
avformat/iff: Check size before skip
avformat/rmdec: Check for EOF in index packet reading
avcodec/vp3dsp: Use unsigned constant to avoid undefined integer overflow in ff_vp3dsp_set_bounding_values()
avformat/icodec: Check for zero streams and stream creation failure
avformat/icodec: Factor failure code out in read_header()
avformat/bintext: Check width
avformat/sbgdec: Check that end is not before start
avformat/lvfdec: Check stream_index before use
avformat/au: cleanup on EOF return in au_read_annotation()
avformat/mpegts: Limit copied data to space
avformat/bintext: Check width in idf_read_header()
avformat/iff: check size against INT64_MAX
avformat/vividas: improve extradata packing checks in track_header()
avformat/paf: Check for EOF in read_table()
avformat/gxf: Check pkt_len
avformat/aiffdec: Check packet size
avformat/concatdec: use av_strstart()
avformat/wavdec: Refuse to read chunks bigger than the filesize in w64_read_header()
avformat/rsd: Check size and start before computing duration
avformat/vividas: better check of current_sb_entry
avformat/iff: More completely check body_size
avformat/vividas use avpriv_set_pts_info()
avformat/xwma: Check for EOF in dpds_table read code
avcodec/utils: Check sample rate before use for AV_CODEC_ID_BINKAUDIO_DCT in get_audio_frame_duration()
avcodec/dirac_parser: do not offset AV_NOPTS_OFFSET
avformat/rmdec: Make expected_len 64bit
avformat/pcm: Check block_align
avformat/lrcdec: Clip timestamps
avutil/mathematics: Use av_sat_add64() for the last addition in av_add_stable()
avformat/electronicarts: Check for EOF in each iteration of the loop in ea_read_packet()
avformat/ifv: Check that total frames do not overflow
avcodec/vp9dsp_template: Fix some overflows in iadst8_1d()
avcodec/fits: Check bscale
avformat/nistspheredec: Check bps
avformat/jacosubdec: Use 64bit inside get_shift()
avformat/genh: Check block_align
avformat/mvi: Check count for overflow
avcodec/magicyuv: Check slice size before reading flags and pred
avformat/asfdec_f: Check for negative ext_len
avformat/bethsoftvid: Check image dimensions before use
avformat/genh: Check block_align for how it will be used in SDX2_DPCM
avformat/au: Check for EOF in au_read_annotation()
avformat/vividas: Check for zero v_size
avformat/segafilm: Do not assume AV_CODEC_ID_NONE is 0
avformat/segafilm: Check that there is a stream
avformat/wtvdec: Check dir_length
avformat/ffmetadec: finalize AVBPrint on errors
avcodec/decode/ff_get_buffer: Check for overflow in FFALIGN()
avcodec/exr: Check limits to avoid overflow in delta computation
avformat/boadec: Check that channels and block_align are set
avformat/asfdec_f: Check name_len for overflow
avcodec/h264idct_template: Fix integer overflow in ff_h264_chroma422_dc_dequant_idct()
avformat/sbgdec: Check for timestamp overflow in parse_time_sequence()
avcodec/aacdec_fixed: Limit index in vector_pow43()
avformat/kvag: Fix integer overflow in bitrate computation
avcodec/h264_slice: fix undefined integer overflow with POC in error concealment
avformat/rmdec: sanity check coded_framesize
avformat/flvdec: Check for EOF in amf_parse_object()
avcodec/mv30: Fix multiple integer overflows
avcodec/smacker: Check remaining bits in SMK_BLK_FULL
avcodec/cook: Check subpacket index against max
avcodec/utils: Check for overflow with ATRAC* in get_audio_frame_duration()
avcodec/hevcpred_template: Fix diagonal chroma availability in 4:2:2 edge case in intra_pred
avformat/icodec: Change order of operations to avoid NULL dereference
avcodec/exr: Fix overflow with many blocks
avcodec/vp9dsp_template: Fix integer overflows in idct16_1d()
avcodec/ansi: Check initial dimensions
avcodec/hevcdec: Check slice_cb_qp_offset / slice_cr_qp_offset
avcodec/sonic: Check for overread
avformat/subviewerdec: fail on AV_NOPTS_VALUE
avcodec/exr: Check line size for overflow
avcodec/exr: Check xdelta, ydelta
avcodec/celp_filters: Avoid invalid negation in ff_celp_lp_synthesis_filter()
avcodec/takdsp: Fix negative shift in decorrelate_sf()
avcodec/dxtory: Fix negative stride shift in dx2_decode_slice_420()
avformat/asfdec_f: Change order or operations slightly
avformat/dxa: Use av_rescale() for duration computation
avcodec/vc1_block: Fix integer overflow in ac value
avcodec/mv30: Fix several integer overflows in idct_1d()
avformat/iff: Check data_size not overflowing int64
avcodec/dxtory: Fix negative shift in dx2_decode_slice_410()
avcodec/sonic: Check channels before deallocating
avformat/vividas: Check for EOF in first loop in track_header()
avformat/wvdec: Check rate for overflow
avcodec/ansi: Check nb_args for overflow
avformat/wc3movie: Cleanup on wc3_read_header() failure
avformat/wc3movie: Move wc3_read_close() up
avcodec/tiff: Fix default white level
avcodec/diracdsp: Fix integer anomaly in dequant_subband_*
avutil/fixed_dsp: Fix integer overflows in butterflies_fixed_c()
avcodec/mv30: Check remaining mask in decode_inter()
avcodec/wmalosslessdec: Check remaining space before padding and channel residue
avformat/cdg: Fix integer overflow in duration computation
avcodec/mpc: Fix multiple numerical overflows in ff_mpc_dequantize_and_synth()
avcodec/agm: Fix off by 1 error in decode_inter_plane()
avformat/electronicarts: Check if there are any streams
avcodec/ffwavesynth: Fix integer overflow in wavesynth_synth_sample / WS_SINE
avcodec/vp9dsp_template: Fix integer overflow in iadst8_1d()
avformat/avidec: Fix io_fsize overflow
avcodec/cfhd: Check transform type
avcodec/tiff: Check jpeg context against jpeg frame parameters
avcodec/tiff: Restrict tag order based on specification
avcodec/tiff: Avoid abort with DNG RAW TIFF with YA8
avcodec/tiff: Check the linearization table size
avformat/siff: Reject audio packets without audio stream
avformat/mpeg: Check avio_read() return value in get_pts()
avcodec/tiff: Check bpp/bppcount for 0
avcodec/snowdec: Sanity check hcoeff
avformat/mov: Check comp_brand_size
avformat/ape: Error out in case of EOF in the header
avcodec/alac: Check decorr_shift to avoid invalid shift
avcodec/tdsc: Fix tile checks
opusdec: do not fail when LBRR frames are present
configure: update copyright year
avfilter/vf_framerate: fix infinite loop with 1-frame input
avformat/url: Change () position in ff_make_absolute_url()
avformat/mpegts: make sure mpegts_read_header always stops at the first pmt
avformat/alp: fix handling of TUN files
avformat/argo_asf: fix handling of v1.1 files
swscale/x86/yuv2rgb: fix crashes when loading alpha from unaligned buffers
lavf/url: fix relative url parsing when the query string or fragment has a colon
avformat/libsrt: fix cleanups on failed libsrt_open() and libsrt_setup()
avcodec/cuviddec: backport extradata fixes
avcodec/cuviddec: handle arbitrarily sized extradata
lavf/srt: fix build fail when used the libsrt 1.4.1
avformat/libsrt: close listen fd in listener mode
lavf/url: rewrite ff_make_absolute_url() using ff_url_decompose().
lavf/url: add ff_url_decompose().
avcodec/cbs_av1: fix setting FrameWidth in frame_size_with_refs()
avcodec/cbs_av1: use a more appropiate AV1ReferenceFrameState pointer variable name
avcodec/cbs_av1: fix handling reference frames on show_existing_frame frames
avcodec/cbs_av1: infer frame_type in show_existing_frame frames earlier
avcodec/cbs_av1: add OrderHint to CodedBitstreamAV1Context
avcodec/cbs_av1: infer frame_type when parsing a show_existing_frame frame
cbs_av1: Fix test for presence of buffer_removal_time element
avcodec/cbs_av1: fix storage size for render_{width,height}_minus_1
lavc: Lower MediaFoundation audio encoder priority.
x86/yuv2rgb: fix crashes when storing data on unaligned buffers
checkasm/vf_blend: use the correct depth parameters to initialize the blend modes
x86/vf_blend: fix warnings about trailing empty parameters
x86/h264_deblock: fix warning about trailing empty parameter
avutil/x86inc: fix warnings when assembling with Nasm 2.15

(adam)

Updated devel/meson, devel/glib2, devel/glib2-tools, devel/gdbus-codegen, devel/py-cython, x11/py-pyperclip

(adam)

py-pyperclip: updated to 1.8.2

1.8.2:
Unknown changes

(adam)

py-cython: updated to 0.29.22

0.29.22 (2021-02-20)
====================

Features added
--------------
* Some declarations were added to the provided pxd includes.

Bugs fixed
----------
* A crash when calling certain functions in Py3.9 and later was resolved.

* ``const`` memory views of structs failed to compile.

* ``const`` template declarations could not be nested.

* The declarations in the ``cpython.pycapsule`` module were missing their
  ``const`` modifiers and generated incorrect C code.

* Casts to memory views failed for fused dtypes.

* ``repr()`` was assumed to return ``str`` instead of ``unicode`` with ``language_level=3``.

* Calling ``cpdef`` functions from cimported modules crashed the compiler.

* Cython no longer validates the ABI size of the NumPy classes it compiled against.
  See the discussion in https://github.com/numpy/numpy/pull/432

* A C compiler warning about enum value casting was resolved in GCC.

* Coverage reporting in the annotated HTML file failed in Py3.9.

* The embedding code now reports Python errors as exit status.

* Long type declarations could lead to (harmless) random changes in the
  C file when used in auto-generated Python wrappers or pickled classes.

Other changes
-------------
* Variables defined as ``cpdef`` now generate a warning since this
  is currently useless and thus does not do what users would expect.

(adam)

glib2 glib2-tools gdbus-codegen: updated to 2.66.7

Overview of changes in GLib 2.66.7
==================================

* Fix various regressions caused by rushed security fixes in 2.66.6
  (work by Simon McVittie and Jan Alexander Steffens) (!1933, !1943)

* Fix a silent integer truncation when calling `g_byte_array_new_take()` for
  byte arrays bigger than `G_MAXUINT` (work by Krzesimir Nowak) (!1944)

* Disallow using currently-undefined D-Bus connection or server flags to prevent
  forward-compatibility problems with new security-sensitive flags likely to be
  released in GLib 2.68 (work by Simon McVittie) (!1945)

* Bugs fixed:
- !1933 [2.66] Fix regressions in 2.66.6 where negative gssize indicates strlen()
- !1943 Backport !1941 窶徃keyfilesettingsbackend: Fix basename handling when group is unset窶� to glib-2-66
- !1944 Backport !1942 窶徃bytearray: Do not accept too large byte arrays窶� to glib-2-66
- !1945 Backport !1934 窶徃dbus: Reject attempts to set future connection or server flags窶� to glib-2-66

Overview of changes in GLib 2.66.6
==================================

* Fix various instances within GLib where `g_memdup()` was vulnerable to a
  silent integer truncation and heap overflow problem (discovered by
  Kevin Backhouse, work by Philip Withnall)

* Bugs fixed:
- !1927 Backport !1926 窶廣dd g_memdup2()窶� to glib-2-66

Overview of changes in GLib 2.66.5
==================================

* Fix some issues with handling over-long (invalid) input when parsing for `GDate` (!1824)

* Don窶冲 load GIO modules or parse other GIO environment variables when `AT_SECURE`
  is set (i.e. in a setuid/setgid/setcap process). GIO has always been
  documented as not being safe to use in privileged processes, but people persist
  in using it unsafely, so these changes should harden things against potential
  attacks at least a little. Unfortunately they break a couple of projects which
  were relying on reading `DBUS_SESSION_BUS_ADDRESS`, so GIO continues to read
  that for setgid/setcap (but not setuid) processes. This loophole will be closed
  in GLib 2.70 (see issue 2316), which should give modules 6 months to change
  their behaviour. (Work by Simon McVittie and Philip Withnall)

* Fix `g_spawn()` searching `PATH` when it wasn窶冲 meant to (work by
  Simon McVittie and Thomas Haller) (!1913)

* Bugs fixed:
- giomodule: Loads GIO modules even if setuid, etc.
- g_private_replace ordering issue
- GIO security hardening causing gnome-keyring to regress when session bus is provided by dbus-launch (dbus-x11)
- gthread: Destroy value after replacing it in g_private_replace()
- Backport !1821 窶徃date: Limit length of dates which can be parsed as valid窶� to glib-2-66
- gdatetime.c: Fix MSVC builds for lack of NAN items
- Backport !1827 窶弩indows: fix FD_READ condition flag still set on recoverable UDP socket errors.窶� to glib-2-66
- Backport !1862 窶徃io: Ignore various environment variables when running as setuid窶� to glib-2-66
- Backport !1868 窶徃desktopappinfo: Fix validation of XDG_CURRENT_DESKTOP窶� to glib-2-66
- Backport !1902 窶徭pawn: Don't set a search path if we don't want to search PATH窶� to glib-2-66
- Backport !1920 窶彝esolve GDBus regressions in setcap/setgid programs窶� to glib-2-66

(adam)

meson: updated to 0.57.1

Release 0.57.0
* Project version can be specified with a file
* Support for reading files at configuration time with the fs module
* meson install --dry-run
* Experimental support for C++ modules in Visual Studio
* Qt6 module
* Unstable Rust module
* Meson test() now accepts protocol : 'rust'
* MSVC/Clang-Cl Argument Changes/Cleanup
* Buildtype remains even if dependent options are changed
* Passing internal dependencies to the compiler object
* unstable_external_project improvements
* gnome.post_install()
* "Edit and continue" (/ZI) is no longer used by default for Visual Studio
* Minimum required Python version updated to 3.6
* Packaging a subproject
* custom_target() and run_target() now accepts an env keyword argument
* summary() accepts external programs or dependencies
* CMake find_package version support
* meson test only rebuilds test dependencies
* The add_*_script methods now accept a File as the first argument
* Unity build with Vala disabled
* New logging format for meson test
* Specify DESTDIR on command line
* Skip install scripts if DESTDIR is set
* Add support for prelinked static libraries
* Rust now has an std option
* Ctrl-C behavior in meson test
* Support added for LLVM's thinLTO
* test() timeout and timeout_multiplier value <= 0
* Knob to control LTO thread
* summary() now uses left alignment for both keys and values
* // is now allowed as a function id for meson rewrite.
* Get keys of configuration data object

(adam)

Updated devel/protobuf, devel/py-protobuf

(adam)

protobuf py-protobuf: updated to 3.15.1

Protocol Buffers v3.15.1

C++

Small fixes for MinGW and for C++20 with GCC

(adam)

Updated lang/python38, lang/python39, lang/py38-html-docs, lang/py39-html-docs

(adam)

python39 py39-html-docs: updated to 3.9.2

Python 3.9.2 final
Release date: 2021-02-19

Windows
bpo-43155: PyCMethod_New() is now present in python3.lib.
Python 3.9.2 release candidate 1
Release date: 2021-02-16

Security
bpo-42967: Fix web cache poisoning vulnerability by defaulting the query args separator to &, and allowing the user to choose a custom separator.
bpo-42938: Avoid static buffers when computing the repr of ctypes.c_double and ctypes.c_longdouble values.

Core and Builtins
bpo-42819: readline: Explicitly disable bracketed paste in the interactive interpreter, even if it���s set in the inputrc, is enabled by default (eg GNU Readline 8.1), or a user calls readline.read_init_file(). The Python REPL has not implemented bracketed paste support. Also, bracketed mode writes the "\x1b[?2004h" escape sequence into stdout which causes test failures in applications that don���t support it. It can still be explicitly enabled by calling readline.parse_and_bind("set enable-bracketed-paste on"). Patch by Dustin Rodrigues.
bpo-42806: Fix the column offsets for f-strings ast nodes surrounded by parentheses and for nodes that spawn multiple lines. Patch by Pablo Galindo.
bpo-40631: Fix regression where a single parenthesized starred expression was a valid assignment target.
bpo-32381: Fix encoding name when running a .pyc file on Windows: PyRun_SimpleFileExFlags() now uses the correct encoding to decode the filename.
bpo-42536: Several built-in and standard library types now ensure that their internal result tuples are always tracked by the garbage collector:

collections.OrderedDict.items()
dict.items()
enumerate()
functools.reduce()
itertools.combinations()
itertools.combinations_with_replacement()
itertools.permutations()
itertools.product()
itertools.zip_longest()
zip()
Previously, they could have become untracked by a prior garbage collection. Patch by Brandt Bucher.
bpo-42195: The __args__ of the parameterized generics for typing.Callable and collections.abc.Callable are now consistent. The __args__ for collections.abc.Callable are now flattened while typing.Callable���s have not changed. To allow this change, types.GenericAlias can now be subclassed and collections.abc.Callable���s __class_getitem__ will now return a subclass of types.GenericAlias. Tests for typing were also updated to not subclass things like Callable[..., T] as that is not a valid base class. Finally, both types no longer validate their argtypes, in Callable[[argtypes], resulttype] to prepare for PEP 612. Patch by Ken Jin.

Library
bpo-43102: The namedtuple __new__ method had its __builtins__ set to None instead of an actual dictionary. This created problems for introspection tools.
bpo-43108: Fixed a reference leak in the curses module. Patch by Pablo Galindo
bpo-42944: Fix random.Random.sample when counts argument is not None.
bpo-42931: Add randbytes() to random.__all__.
bpo-42780: Fix os.set_inheritable() for O_PATH file descriptors on Linux.
bpo-42851: remove __init_subclass__ support for Enum members
bpo-41748: Fix HTMLParser parsing rules for element attributes containing commas with spaces. Patch by Karl Dubost.
bpo-42759: Fixed equality comparison of tkinter.Variable and tkinter.font.Font. Objects which belong to different Tcl interpreters are now always different, even if they have the same name.
bpo-42756: Configure LMTP Unix-domain socket to use socket global default timeout when a timeout is not explicitly provided.
bpo-23328: Allow / character in username, password fields on _PROXY envars.
bpo-42655: subprocess extra_groups is now correctly passed into setgroups() system call.
bpo-42727: EnumMeta.__prepare__ now accepts **kwds to properly support __init_subclass__
bpo-42681: Fixed range checks for color and pair numbers in curses.
bpo-37961: Fix crash in tracemalloc.Traceback.__repr__() (regressed in Python 3.9).
bpo-42630: tkinter functions and constructors which need a default root window raise now RuntimeError with descriptive message instead of obscure AttributeError or NameError if it is not created yet or cannot be created automatically.
bpo-42644: logging.disable will now validate the types and value of its parameter. It also now accepts strings representing the levels (as does loging.setLevel) instead of only the numerical values.
bpo-36541: Fixed lib2to3.pgen2 to be able to parse PEP-570 positional only argument syntax.
bpo-42517: Enum: private names will raise a DeprecationWarning; in 3.10 they will become normal attributes
bpo-42678: Enum: call __init_subclass__ after members have been added
bpo-42532: Remove unexpected call of __bool__ when passing a spec_arg argument to a Mock.
bpo-42388: Fix subprocess.check_output(���, input=None) behavior when text=True to be consistent with that of the documentation and universal_newlines=True.
bpo-34463: Fixed discrepancy between traceback and the interpreter in formatting of SyntaxError with lineno not set (traceback was changed to match interpreter).
bpo-42375: subprocess module update for DragonFlyBSD support.
bpo-42384: Make pdb populate sys.path[0] exactly the same as regular python execution.
bpo-42383: Fix pdb: previously pdb would fail to restart the debugging target if it was specified using a relative path and the current directory changed.
bpo-42318: Fixed support of non-BMP characters in tkinter on macOS.
bpo-42163: Restore compatibility for uname_result around deepcopy and _replace.
bpo-39825: Windows: Change sysconfig.get_config_var('EXT_SUFFIX') to the expected full platform_tag.extension format. Previously it was hard-coded to .pyd, now it is compatible with distutils.sysconfig and will result in something like .cp38-win_amd64.pyd. This brings windows into conformance with the other platforms.
bpo-42059: typing.TypedDict types created using the alternative call-style syntax now correctly respect the total keyword argument when setting their __required_keys__ and __optional_keys__ class attributes.
bpo-39101: Fixed tests using IsolatedAsyncioTestCase from hanging on BaseExceptions.
bpo-42005: Fix CLI of cProfile and profile to catch BrokenPipeError.
bpo-41907: fix format() behavior for IntFlag
bpo-41889: Enum: fix regression involving inheriting a multiply-inherited enum
bpo-41891: Ensure asyncio.wait_for waits for task completion
bpo-41604: Don���t decrement the reference count of the previous user_ptr when set_panel_userptr fails.
bpo-40219: Lowered tkinter.ttk.LabeledScale dummy widget to prevent hiding part of the content label.
bpo-40084: Fix Enum.__dir__: dir(Enum.member) now includes attributes as well as methods.
bpo-39068: Fix initialization race condition in a85encode() and b85encode() in base64. Patch by Brandon Stansbury.
bpo-33289: Correct call to tkinter.colorchooser to return RGB triplet of ints instead of floats. Patch by Cheryl Sabella.

Documentation
bpo-40304: Fix doc for type(name, bases, dict). Patch by Boris Verkhovskiy and ��ric Araujo.
bpo-42811: Updated importlib.utils.resolve_name() doc to use __spec__.parent instead of __package__. (Thanks Yair Frid.)
bpo-17140: Add documentation for the multiprocessing.pool.ThreadPool class.

Tests
bpo-42794: Update test_nntplib to use offical group name of news.aioe.org for testing. Patch by Dong-hee Na.
bpo-40810: In sqlite3, fix CheckTraceCallbackContent for SQLite pre 3.7.15.

Build
bpo-43174: Windows build now uses /utf-8 compiler option.
bpo-42692: Fix __builtin_available check on older compilers. Patch by Joshua Root.
bpo-42604: Now all platforms use a value for the ���EXT_SUFFIX��� build variable derived from SOABI (for instance in freeBSD, ���EXT_SUFFIX��� is now ���.cpython-310d.so��� instead of ���.so���). Previosuly only Linux, Mac and VxWorks were using a value for ���EXT_SUFFIX��� that included ���SOABI���.
bpo-42598: Fix implicit function declarations in configure which could have resulted in incorrect configuration checks. Patch contributed by Joshua Root.
bpo-29076: Add fish shell support to macOS installer.

Windows
bpo-41837: Updated Windows installer to include OpenSSL 1.1.1i
bpo-42584: Upgrade Windows installer to use SQLite 3.34.0.

macOS
bpo-42504: Ensure that the value of sysconfig.get_config_var(���MACOSX_DEPLOYMENT_TARGET���) is always a string, even in when the value is parsable as an integer.
bpo-42361: Update macOS installer build to use Tcl/Tk 8.6.11 (rc2, expected to be final release).
bpo-41837: Update macOS installer build to use OpenSSL 1.1.1i.
bpo-42584: Update macOS installer to use SQLite 3.34.0.

IDLE
bpo-43008: Make IDLE invoke sys.excepthook() in normal, 2-process mode. Patch by Ken Hilton.
bpo-33065: Fix problem debugging user classes with __repr__ method.
bpo-23544: Disable Debug=>Stack Viewer when user code is running or Debugger is active, to prevent hang or crash. Patch by Zackery Spytz.
bpo-32631: Finish zzdummy example extension module: make menu entries work; add docstrings and tests with 100% coverage.

Tools/Demos
bpo-42726: Fixed Python 3 compatibility issue with gdb/libpython.py handling of attribute dictionaries.
bpo-42613: Fix freeze.py tool to use the prope config and library directories. Patch by Victor Stinner.

C API
bpo-43030: Fixed a compiler warning in Py_UNICODE_ISSPACE() on platforms with signed wchar_t.
bpo-42591: Export the Py_FrozenMain() function: fix a Python 3.9.0 regression. Python 3.9 uses -fvisibility=hidden and the function was not exported explicitly and so not exported.
bpo-40052: Fix an alignment build warning/error in function PyVectorcall_Function(). Patch by Andreas Schneider, Antoine Pitrou and Petr Viktorin.

(adam)

python38 py38-html-docs: updated to 3.8.8

Python 3.8.8

Security
bpo-42967: Fix web cache poisoning vulnerability by defaulting the query args separator to &, and allowing the user to choose a custom separator.
bpo-42938: Avoid static buffers when computing the repr of ctypes.c_double and ctypes.c_longdouble values.

Core and Builtins
bpo-42819: readline: Explicitly disable bracketed paste in the interactive interpreter, even if it窶冱 set in the inputrc, is enabled by default (eg GNU Readline 8.1), or a user calls readline.read_init_file(). The Python REPL has not implemented bracketed paste support. Also, bracketed mode writes the "\x1b[?2004h" escape sequence into stdout which causes test failures in applications that don窶冲 support it. It can still be explicitly enabled by calling readline.parse_and_bind("set enable-bracketed-paste on"). Patch by Dustin Rodrigues.

Library
bpo-43108: Fixed a reference leak in the curses module. Patch by Pablo Galindo
bpo-42780: Fix os.set_inheritable() for O_PATH file descriptors on Linux.
bpo-41748: Fix HTMLParser parsing rules for element attributes containing commas with spaces. Patch by Karl Dubost.
bpo-42759: Fixed equality comparison of tkinter.Variable and tkinter.font.Font. Objects which belong to different Tcl interpreters are now always different, even if they have the same name.
bpo-23328: Allow / character in username, password fields on _PROXY envars.
bpo-42681: Fixed range checks for color and pair numbers in curses.
bpo-42531: importlib.resources.path() now works for packages missing the optional __file__ attribute (more specifically, packages whose __spec__.origin is None).
bpo-42388: Fix subprocess.check_output(窶ｦ, input=None) behavior when text=True to be consistent with that of the documentation and universal_newlines=True.
bpo-42384: Make pdb populate sys.path[0] exactly the same as regular python execution.
bpo-42383: Fix pdb: previously pdb would fail to restart the debugging target if it was specified using a relative path and the current directory changed.
bpo-42318: Fixed support of non-BMP characters in tkinter on macOS.
bpo-42005: Fix CLI of cProfile and profile to catch BrokenPipeError.
bpo-41604: Don窶冲 decrement the reference count of the previous user_ptr when set_panel_userptr fails.
bpo-26407: Unexpected errors in calling the __iter__ method are no longer masked by TypeError in csv.reader(), csv.writer.writerow() and csv.writer.writerows().
bpo-39068: Fix initialization race condition in a85encode() and b85encode() in base64. Patch by Brandon Stansbury.
bpo-36589: The curses.update_lines_cols() function now returns None instead of 1 on success.
bpo-33289: Correct call to tkinter.colorchooser to return RGB triplet of ints instead of floats. Patch by Cheryl Sabella.

Documentation
bpo-40304: Fix doc for type(name, bases, dict). Patch by Boris Verkhovskiy and ﾃ詠ic Araujo.
bpo-42811: Updated importlib.utils.resolve_name() doc to use __spec__.parent instead of __package__. (Thanks Yair Frid.)

Tests
bpo-42794: Update test_nntplib to use offical group name of news.aioe.org for testing. Patch by Dong-hee Na.
bpo-40810: In sqlite3, fix CheckTraceCallbackContent for SQLite pre 3.7.15.

Build
bpo-29076: Add fish shell support to macOS installer.

Windows
bpo-41837: Updated Windows installer to include OpenSSL 1.1.1i
bpo-42584: Upgrade Windows installer to use SQLite 3.34.0.

macOS
bpo-41837: Update macOS installer build to use OpenSSL 1.1.1i.
bpo-42584: Update macOS installer to use SQLite 3.34.0.

IDLE
bpo-43008: Make IDLE invoke sys.excepthook() in normal, 2-process mode. Patch by Ken Hilton.
bpo-33065: Fix problem debugging user classes with __repr__ method.
bpo-42508: Keep IDLE running on macOS. Remove obsolete workaround that prevented running files with shortcuts when using new universal2 installers built on macOS 11.
bpo-23544: Disable Debug=>Stack Viewer when user code is running or Debugger is active, to prevent hang or crash. Patch by Zackery Spytz.
bpo-32631: Finish zzdummy example extension module: make menu entries work; add docstrings and tests with 100% coverage.

Tools/Demos
bpo-42726: Fixed Python 3 compatibility issue with gdb/libpython.py handling of attribute dictionaries.

C API
bpo-43030: Fixed a compiler warning in Py_UNICODE_ISSPACE() on platforms with signed wchar_t.
bpo-40052: Fix an alignment build warning/error in function PyVectorcall_Function(). Patch by Andreas Schneider, Antoine Pitrou and Petr Viktorin.

(adam)

Updated devel/protobuf, devel/py-protobuf

(adam)

protobuf py-protobuf: updated to 3.15.0

Protocol Buffers v3.15.0

Protocol Compiler

Optional fields for proto3 are enabled by default, and no longer require
the --experimental_allow_proto3_optional flag.

C++

MessageDifferencer: fixed bug when using custom ignore with multiple
unknown fields
Use init_seg in MSVC to push initialization to an earlier phase.
Runtime no longer triggers -Wsign-compare warnings.
Fixed -Wtautological-constant-out-of-range-compare warning.
DynamicCastToGenerated works for nullptr input for even if RTTI is disabled
Arena is refactored and optimized.
Clarified/specified that the exact value of Arena::SpaceAllocated() is an
implementation detail users must not rely on. It should not be used in
unit tests.
Change the signature of Any::PackFrom() to return false on error.
Add fast reflection getter API for strings.
Constant initialize the global message instances
Avoid potential for missed wakeup in UnknownFieldSet
Now Proto3 Oneof fields have "has" methods for checking their presence in
C++.
Bugfix for NVCC
Return early in _InternalSerialize for empty maps.
Adding functionality for outputting map key values in proto path logging
output (does not affect comparison logic) and stop printing 'value' in the
path. The modified print functionality is in the
MessageDifferencer::StreamReporter.
Ensure that null char symbol, package and file names do not result in a
crash.
Constant initialize the global message instances
Pretty print 'max' instead of numeric values in reserved ranges.
Removed remaining instances of std::is_pod, which is deprecated in C++20.
Changes to reduce code size for unknown field handling by making uncommon
cases out of line.
Fix std::is_pod deprecated in C++20
Fix some -Wunused-parameter warnings
Fix detecting file as directory on zOS issue 8051
Don't include sys/param.h for _BYTE_ORDER
remove CMAKE_THREAD_LIBS_INIT from pkgconfig CFLAGS
Fix TextFormatMapTest.DynamicMessage issue 5136
Fix for compiler warning issue 8145
fix: support deprecated enums for GCC < 6
Fix some warning when compiling with Visual Studio 2019 on x64 target

Python

Provided an override for the reverse() method that will reverse the internal
collection directly instead of using the other methods of the BaseContainer.
MessageFactory.CreateProtoype can be overridden to customize class creation.
Fix PyUnknownFields memory leak
Add macOS big sur compatibility

(adam)

Updated devel/py-uvloop, devel/py-pkgconfig

(adam)

py-pkgconfig: updated to 1.5.2

1.5.2:
Unknown changes

(adam)

py-uvicorn: mark as incompatible with Python 3.6

(adam)

py-asyncpg: mark as incompatible with Python 3.6

(adam)

py-uvloop: updated to 0.15.2

v0.15.2
Add python_requires in setup.py to fix dependency resolution issues

(adam)

Updated devel/libebml, multimedia/libmatroska

(adam)

libmatroska: updated to 1.6.3

Release v1.6.3.
* libEBML v1.4.2 is now required.
* Added classes for new track header elements:
  "KaxFlagHearingImpaired", "KaxFlagVisualImpaired",
  "KaxFlagTextDescriptions", "KaxFlagOriginal" and
  "KaxFlagCommentary".

(adam)

libebml: updated to 1.4.2

Release v1.4.2.
* Fixed several heap overflow bugs in the `ReadData` functions of
  various data type classes. This fixes CVE-2021-3405.

(adam)

Updated sysutils/py-magic, net/py-xandikos, converters/py-zfec, net/py-python-socks

(adam)

py-python-socks: updated to 1.2.1

1.2.1:
Unknown changes

(adam)

py-zfec: updated to 1.5.5

* Release 1.5.5 (2020-11-12)

** Upload wheel packages to the Python Package Index.
  Wheel packages for Python 2.7/Windows turned out to be broken
  (issue 34).  Version 1.5.5 is simply an update to address this.
  No changes to zfec itself.

(adam)

py-xandikos: updated to 0.2.4

0.2.4:
* Wait for entire body to arrive.

(adam)

py-magic: updated to 0.4.22

Changes to 0.4.21, 0.4.22

- Unify dll loader between the standard and compat library, fixing load
failures on some previously supported platforms.

Changes to 0.4.20

- merge in a compatability layer for the upstream libmagic python binding.
  Since both this package and that one are called 'magic', this compat layer
  removes a very common source of runtime errors.  Use of that libmagic API will
  produce a deprecation warning.

- support python 3.9 in tests and pypi metadata

- add support for magic_descriptor functions, which take a file descriptor
  rather than a filename.

- sometimes the returned description includes snippets of the file, e.g a title
  for MS Word docs.  Since this is in an unknown encoding, we would throw a
  unicode decode error trying to decode.  Now, it decodes with
  'backslashreplace' to handle this more gracefully.  The undecodable characters
  are replaced with hex escapes.

- add support for MAGIC_EXTENSION, to return possible file extensions.

- add mypy typing stubs file, for type checking

(adam)

Updated security/libgcrypt, security/nettle

(adam)

nettle: updated to 3.7.1

NEWS for the Nettle 3.7.1 release

This is primarily a bug fix release, fixing a couple of
problems found in Nettle-3.7.

The new version is intended to be fully source and binary
compatible with Nettle-3.6. The shared library names are
libnettle.so.8.2 and libhogweed.so.6.2, with sonames
libnettle.so.8 and libhogweed.so.6.

Bug fixes:

* Fix bug in chacha counter update logic. The problem affected
  ppc64 and ppc64el, with the new altivec assembly code
  enabled. Reported by Andreas Metzler, after breakage in
  GnuTLS tests on ppc64.

* Support for big-endian ARM platforms has been restored.
  Fixes contributed by Michael Weiser.

* Fix build problem on OpenBSD/powerpc64, reported by Jasper
  Lievisse Adriaanse.

* Fix corner case bug in ECDSA verify, it would produce
  incorrect result in the unlikely case of an all-zero
  message hash. Reported by Guido Vranken.

New features:

* Support for pbkdf2_hmac_sha384 and pbkdf2_hmac_sha512,
  contributed by Nicolas Mora.

Miscellaneous:

* Poorly performing ARM Neon code for doing single-block
  Salsa20 and Chacha has been deleted. The code to do two or
  three blocks in parallel, introduced in Nettle-3.7, is
  unchanged.

NEWS for the Nettle 3.7 release

This release adds one new feature, the bcrypt password hashing
function, and lots of optimizations. There's also one
important change to how Nettle is configured: Fat builds are
now on by default.

The release adds PowerPC64 assembly for a few algorithms,
resulting in great speedups. Benchmarked on a Power9 machine,
speedup was 13 times for AES256-CTR and AES256-GCM, and 3.5
times for Chacha. For fat builds (now the default), the new
code is used automatically, on processors supporting the needed
instruction set extensions.

The new version is intended to be fully source and binary
compatible with Nettle-3.6. The shared library names are
libnettle.so.8.1 and libhogweed.so.6.1, with sonames
libnettle.so.8 and libhogweed.so.6.

New features:

* Support for bcrypt, contributed by Stephen R. van den Berg.

Optimizations:

* Much faster AES and GCM on PowerPC64 processors supporting
  the corresponding crypto extensions. Contributed by Mamone
  Tarsha.

* Speed of Chacha improved on PowerPC64, x86_64 and ARM Neon.

* Speed of Salsa20 improved on x86_64 and ARM Neon.

* Overhaul of some elliptic curve primitives, improving ECDSA
  signature speed.

Configure:

* Fat builds are enabled by default on the architectures where
  it is supported (x86_64, arm and powerpc64). To disable
  runtime selection, and instead specify the processor flavor
  at configure time, you need to pass --disable-fat to the
  configure script.

Known issues:

* The ARM assembly code in this release doesn't work correctly
  on big-endian ARM systems. This will hopefully be fixed in a
  later release.

Miscellaneous:

* Use a few more gmp-6.1 functions: mpn_cnd_add_n,
  mpn_cnd_sub_n, mpn_cnd_swap. Delete corresponding internal
  Nettle functions.

* Convert all assembly files to use the default m4 quote
  characters.

(adam)

libgcrypt: updated to 1.9.2

Noteworthy changes in version 1.9.2 (2021-02-17)
------------------------------------------------
* Bug fixes:
  - Fix build problem for macOS in the random code.
  - Fix building with --disable-asm on x86.
  - Check public key for ECDSA verify operation.
  - Make sure gcry_get_config (NULL) returns a nul-terminated string.
  - Fix a memory leak in the ECDH code.
  - Fix a reading beyond end of input buffer in SHA2-avx2.

* Other features:
  - New test driver to allow for standalone regression
    tests.

(adam)

sqlrelay: needs c++11 compiler

(adam)

Updated security/py-cryptodome, www/py-django-extensions

(adam)

py-django-extensions: updated to 3.1.1

3.1.1
- Improvement: graph_models, add option --app-labels
- Improvement: shell_plus, update shell_plus for jupyterlab 3
- Improvement: tests, add Python 3.9

(adam)

py-cryptodome: updated to 3.10.1

3.10.1 (9 February 2021)

Other changes

Python 3 wheels use abi3 ABI tag.
Remove Appveyor CI.

3.10.0 (6 February 2021)

Resolved issues

Fixed a potential memory leak when initializing block ciphers.
* Crypto.Math.miller_rabin_test() was still using the system random source and not the one provided as parameter.
* RSA objects have the method public_key() like ECC objects. The old method publickey() is still available for backward compatibility.
* Crypto.Util.Padding.unpad() was raising an incorrect exception in case of zero-length inputs. Thanks to Captainowie.
* better exception message when Counter.new() is called with an integer initial_value than doesn't fit into nbits bits.
* added missing block_size member for ECB cipher objects. Thanks to willem.
* nonce member of an XChaCha20 cipher object was not matching the original nonce. Thanks to Charles Machalow.

Other changes

The bulk of the test vectors have been moved to the separate package pycryptodome-test-vectors. As result, packages pycryptodome and pycryptodomex become significantly smaller (from 14MB to 3MB).
Moved CI tests and build service from Travis CI to GitHub Actions.

Breaks in compatibility

Drop support for Python 2.6 and 3.4.

(adam)

Removed security/py-ezPyCrypto, databases/py-elixir, www/py-cherrypy17, www/py-gdata

(adam)

py-gdata: removed (outdated)

(adam)

Removed cherrypy17 from versioned_dependencies.mk

(adam)

Removed cherrypy17 from versioned_dependencies.mk

(adam)

py-cherrypy17: removed

(adam)

py-elixir: removed

(adam)

py-ezPyCrypto: removed

(adam)

Updated devel/py-dulwich, net/py-dropbox

(adam)

py-dropbox: updated to 11.2.0

v11.2.0
Automated Spec Update
Bump peter-evans/create-pull-request from v3.7.0 to v3.8.2

(adam)

py-dulwich: updated to 0.20.19

0.20.19
* Fix handling of negative matches in nested gitignores.

0.20.18
* Fix formatting in setup.py.
* Add release configuration.

0.20.17
* credentials: ignore end-of-line character.
* Fix failure in get_untracked_paths when the repository contains symlinks.
* docs: Clarify that Git objects are created on `git add`.

0.20.16
* Add flag to only attempt to fetch ignored untracked files when specifically requested.

(adam)

Updated devel/py-cffi, devel/py-configargparse, devel/py-txaio, textproc/py-dominate

(adam)

py-dominate: updated to 2.6.0

2.6.0:
Add get_current() to return the current active element in a with context.

(adam)

py-txaio: updated to 20.12.1

20.12.1
- new: CI/CD migrated to GitHub Actions
- new: support Python 3.9 (CI / testing added)
- new: minimum Python version is now 3.6

(adam)

py-configargparse: updated to 1.3

1.3:
Unknown changes

(adam)

py-cffi: updated to 1.14.5

v1.14.5

Source fix for old gcc versions
This and future releases should include wheels on more platforms, thanks to our new release managers Matt and Matt!

(adam)

Updated lang/python36, lang/python37, lang/py36-html-docs, lang/py37-html-docs

(adam)

python37 py37-html-docs: updated to 3.7.10

Python 3.7.10

Security
bpo-42967: Fix web cache poisoning vulnerability by defaulting the query args separator to &, and allowing the user to choose a custom separator.
bpo-42938: Avoid static buffers when computing the repr of ctypes.c_double and ctypes.c_longdouble values.
bpo-42103: Prevented potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
bpo-42051: The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. This should not affect users as entity declarations are not used in regular plist files.
bpo-40791: Add volatile to the accumulator variable in hmac.compare_digest, making constant-time-defeating optimizations less likely.

Library
bpo-42103: InvalidFileException and RecursionError are now the only errors caused by loading malformed binary Plist file (previously ValueError and TypeError could be raised in some specific cases).
bpo-41976: Fixed a bug that was causing ctypes.util.find_library() to return None when triying to locate a library in an environment when gcc>=9 is available and ldconfig is not. Patch by Pablo Galindo

Documentation
bpo-17140: Add documentation for the multiprocessing.pool.ThreadPool class.

Tests
bpo-42794: Update test_nntplib to use offical group name of news.aioe.org for testing. Patch by Dong-hee Na.
bpo-41944: Tests for CJK codecs no longer call eval() on content received via HTTP.

(adam)

python36 py36-html-docs: updated to 3.6.13

Python 3.6.13 final

Security
bpo-42967: Fix web cache poisoning vulnerability by defaulting the query args separator to &, and allowing the user to choose a custom separator.
bpo-42938: Avoid static buffers when computing the repr of ctypes.c_double and ctypes.c_longdouble values.
bpo-42103: Prevented potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
bpo-42051: The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. This should not affect users as entity declarations are not used in regular plist files.
bpo-40791: Add volatile to the accumulator variable in hmac.compare_digest, making constant-time-defeating optimizations less likely.

Core and Builtins
bpo-35560: Fix an assertion error in format() in debug build for floating point formatting with ���n��� format, zero padding and small width. Release build is not impacted. Patch by Karthikeyan Singaravelan.

Library
bpo-42103: InvalidFileException and RecursionError are now the only errors caused by loading malformed binary Plist file (previously ValueError and TypeError could be raised in some specific cases).

Tests
bpo-42794: Update test_nntplib to use offical group name of news.aioe.org for testing. Patch by Dong-hee Na.
bpo-41944: Tests for CJK codecs no longer call eval() on content received via HTTP.

(adam)

Updated security/py-rsa, devel/py-atpublic, www/py-sanic, security/py-google-auth

(adam)

py-google-auth: updated to 1.26.1

1.26.1

Documentation

fix a typo in the user guide (avaiable -> available)

Bug Fixes

revert workload identity federation support

1.26.0

Features

workload identity federation support

(adam)

py-sanic: updated to 20.12.2

Version 20.12.2

Dependencies

Fix uvloop to 0.14 because 0.15 drops Python 3.6 support
Remove old chardet requirement, add in hard multidict requirement

(adam)

py-atpublic: updated to 2.1.3

2.1.3
* I `blue <https://blue.readthedocs.io/en/latest/>`_ it!

(adam)

py-rsa: updated to 4.7.1

Version 4.7.1
Fix threading issue introduced in 4.7

(adam)

Updated devel/rudiments, databases/sqlrelay; Removed lang/nodejs8

(adam)

nodejs8: removed

(adam)

sqlrelay: updated to 1.8.0

SQL Relay 1.8.0

This release mainly lays the groundwork for some future features, including a generic import/export framework. Some notable progress was also made on the JDBC driver, though it's still not finished. The most significant (finshed) new feature is an aes128 password encryption module.

There are some bugfixes as well. A long-standing issue with postgresql that could cause results from multiple open cursors to get confused has been resolved. A subtle error that could cause counting of bind variables on the client-side to hang has been fixed. A long-standing, but apparently obscure, issue that could cause tables from other MySQL schemas to be included in a "show tables" command has been fixed. As well as various other issues.

Full ChangeLog follows:

unattended tests
added sqlrresultsetdomnode class to c++ client API
fixed datedelimiters parameter
added support for SQLParamOptions with SQLUINTEGER arguments
sqlr-import detects uppercase .CSV suffix now
fixed a csv number-detection but in sqlr-import
fixed a delete[] of a const in sqlr-import
it's possible to specify a commitcount of 0 with sqlr-import now
moved sqlrimportxml/csv classes into libsqlrclient
moved sqlrexportxml/csv classes into libsqlrclient
csv import/export is consistent now
added some event methods to sqlrexport
migrated parsedatetime functions to rudiments datetime class
different postgresql cursors use different stmtNames now
sqlrimportcsv can create a primary key that's not in the CSV now
sqlrexportcsv quotes 12+ digit numbers now
fixed subtle, count-related issues when validating bind variables on the client side, that could cause a hang
added an aes128 pwdenc module
applied a patch to fix a crash in the debug logger (missing "%s")
added a tweak to getsitearchdir.rb to fix incorrect lib/lib64 reporting on some centos x64 systems
fixed mysql getColumnList to distinquish proper db/schema

SQL Relay 1.7.0

This release adds 2 significant features: support for the PostgreSQL client-server protocol, and a "replay" module to help automatically recover from deadlocks and lock-timeouts, but also has the usual assortment of minor bugfixes and internal changes.

Full ChangeLog follows:

added postgresql protocol module
updated postgresql connection module to get column info pre-execute
fixed postgresql connection module type oid bug
added tag filter/moduledata
added moduledata(s)::closeResultSet()/endTransaction()/endSession()
mysql protocol returns empty lobs correctly now (not as nulls)
configure replaces -lfbclient with -lgds on freebsd/firebird-2.0.3
fixed a bug that could cause sqlr-stop to try to kill pid 0
fixed unixodbc detection on solaris 11.4
added configure test for PQdescribePrepared
test improvements
documentation improvements
split sqlrelay-crash directive into its own module
deprecated drop-in replacement libraries in favor of protocol support
fixed various mysql 4.x bugs
sqlr-status creates statistics on heap now instead of stack, to work on platforms with a small default ulimit stack
mysql stored procedure test is bypassed for older mysql
tls test is bypassed for older openssl
added NULL handoff socket workaround
improved shutdown/crash handlers for sqlr-listener/connection
fixed hang when more-than-one address was specified in the instance:addresses attribute
*_null used instead of *_unset on PHP 7.4

SQL Relay 1.6.0

This release mainly addresses some recently discovered regressions, but also adds some internal features that required the minor version to be bumped.

ChangeLog follows:

added begin, commit, rollback events
fixed array_init() calls for php-7.3
integrated my_bool fix for mysql 8.0.1+
mysql sslmode=require/prefer + bad sslca/sslcapath generates warning rather than error now (like the mysql cli)
refactored various routines that parse bind variables out of queries
added bindvariabledelimiters config option to define supported bind variable delimiters
added fakeinputbindvariablesunicodestrings config option
added bind variable delimiters config methods to c++ api
replay trigger can now run a query (eg. "show engine innodb status") and log the reslits to a file when a replay condition occurs
replay trigger doesn't log/replay selects by defalit now (but this is configurable)
updated normalize translation to support queries containing binary data
fixed a backslash-escape bug in the normalize translation
refactored some sqlrclient api private methods
refactored various bind-manipliation/detection methods
sqlr-listener creates tmpdir now on start, if it doesn't exist (because this is often in /run, which is often a tmpfs)
postgresql connection modlie forces re-fetch of column data after execute now
everything uses charstring::isYes/isNo now, instead of direct comparisons against "yes" or "no"
fixed subtle sqlexecdirect bug
fixed subtle sqlserver max-varchar bind length bug
fixed various subtle sqlserver bugs where column-info isn't valid until after execute
odbc connection modlie sets column precision = column length if column precision = -1
when using odbc on front and back end, the object type works in SQLTables now
reslit set translations work with "show databases/tables/etc." queries with an ODBC backend now
increased oid buffer sizes in postgresql connection
fixed typemangling->tablemangling typo in postgresql connection - tablemangling sholid work without typemangling now
fixed a '...\\''...' parsing bug
non-odbc connection modlies now return odbc-compatible(ish) table lists
client info is no longer reset during endSession
fixed a bug that colid cause sqlite "show tables like '...'" to crash
fixed odbc unicode nlil user/password bug
fixed PyString_AsString for python 3.<3
fixed bug that caused some MSSQL lobs to sometimes be returned as nlils when using ODBC on the backend
fixed bug that caused some MSSQL date fields to get returned as garbage
fixed a few older sqlrclient compatibility bugs
fixed SQLFetch parameter type mismatch in ODBC api
removed a non-c++17-compliant "register" from custom_nw logger
added support for nodejs 12
SQLDriverConnect can take an inline DSN now
fixed odbc maxcolumncount=-1 crash
odbc, db2, and informix set bind format error now

(adam)

rudiments: updated to 1.3.1

Rudiments 1.3.1

This patch release fixes a bug in the rpm spec file and a missing library dependency in the link command for librudiments-apache.

Rudiments 1.3.0

This release mainly featured integration of code from other projects. The remnants of the old firstworks project "stencil" have been merged in, as well as some MVC base classes from other projects. Some date-time parsing code from SQL Relay has been pushed down into the datetime class.

There are some new features as well - most notably an encryption framework and aes128 class. There are also sax/dom parsers for CSV, ini, and java-style properties files as well, similar to the xml/json sax/dom classes.

The logger classes have been refactored a bit, in back-incompatible ways. Thus the minor version bump.

Full ChangeLog follows:

unattended tests
added support for escaping single/double-quotes to templateengine
migrated in clasess from stencil project
added librudiments-apache
added \r\n support when parsing CSVs
integrated MVC base classes from other projects
added inisax/inidom and propsax/propdom classes
added cronschedule class
added logger start/end methods
logger string-write works like printf now
logger indent uses uint32_t now
removed some unused logger::write() methods
added a log level to the logger class
process::spawn()'s forked child exits if exec() fails now
charstring::replace() methods are null-safe now
migrated datetime::parse() and datetime::formatAs() from sqlrelay
csvsax accepts empty (or all whitespace) files now
logger::write() is null-safe now
base64encode is whitespace-safe now
added support for 5-part dates and day-month-year 4-part dates
added datetime::getWeekOfYear
added file::extension
added directory::createTemporaryDirectory
added directory::removeTree
added encryption interface
added aes128 encryption
added charstring::startsWith/endsWith

Rudiments 1.2.2

This is a minor bug-fix release. ChangeLog follows:

fixed another long-standing charstring::httpEscape bug
-Wno-deprecated-declarations is now included if possible
added configure tests for RB_HALT/AUTOBOOT (enums on solaris 11.4)
certificate tests use sha1 if sha256 is unavailable
filedescriptor::pvt->_lstnr is initialzed to NULL in clone operation now
listener::listen() safely handles non pollin/out events now
removed waitForChildren() from shutdown/crash handlers
sigsuspend() fails if errno!=EINTR now instead of whether it returns -1
filtered out -Wl,-Bsymbolic-functions -Wl,-z,relro from krb5-config

Rudiments 1.2.1

This is a minor bug-fix release. ChangeLog follows:

charstring::isYes includes "on" and charstring::isNo includes "off"
tabs are url-encoded correctly now
"unsafe" characters are url-encoded now
httpEscape uses character::isAlphanumeric now (to improve perforamnce)
some file-descriptor-passing tweaks for modern FreeBSD
fixed some json parsing bugs
updated default_md=sha256 in ca.cnf to generate ca.pem in tests
fixed a possible double-free in listener::cleanUp

Rudiments 1.2.0

This release adds a few minor features, and fixes a few minor bugs...

The jsonsax/dom classes handle escaping correctly now.

The url class features a getError() method which returns more detailed error information than the error class. For example, if there's a protocol error, as opposed to an operating-system-level error, then url::getError() returns it.

A sha256 class has been added. The sha1, sha256, and md5 classes now prefer to use libcrypto implementations, if they are available, as they might be hardware accelerated, but fall back to internal implementations if they are not available.

hash::getHash() returns binary data now, for all hashes. Previously sha1/256 returned binary data and md5 returned a string.

charstring::hexEncode()/hexDecode(), and charstring::before()/between()/after() methods have been added to the charstring class.

The url class now supports setting the user agent and other headers for http urls. It also supports making http POST requests.

The various container classes (linkedlist, avltree, dictionary, etc.) all support remove/clearAnd(Array)Delete methods. The removeAnd(Array)Delete methods remove the node from the container and delete the value stored in the node as well. The clearAnd(Array)Delete methods operate similarly, removing all nodes.

(adam)

Updated misc/py-immutables, graphics/libwebp

(adam)

libwebp: updated to 1.2.0

version 1.2.0
* API changes:
  - libwebp:
    encode.h: add a qmin / qmax range for quality factor (cwebp adds -qrange)
* lossless encoder improvements
* SIMD support for Wasm builds
* add xcframeworkbuild.sh, supports Mac Catalyst builds
* import fuzzers from oss-fuzz & chromium
* webpmux: add an '-set loop <value>' option
* toolchain updates and bug fixes

(adam)

py-immutables: updated to 0.15

v0.15
New Features

Add support for Python 3.10 and more tests
Make __repr__ more similar to other mapping types

Misc

Minor docs and CI fixes

(adam)

Updated devel/cmake, devel/py-uvloop

(adam)

py-uvloop: updated to 0.15.1

v0.15.1

Bug Fixes

Fix a segfault issue when a Cython protocol is de-referencing itself from Context.run() callbacks

(adam)

cmake: updated to 3.19.5

3.19.5
When IOS_INSTALL_COMBINED is enabled and the Xcode generator is used, it is now possible to initiate an install or package creation by running cmake --install or cpack from the command line. When using the Xcode new build system, these are the only supported methods due to a limitation of Xcode. Initiating these operations by building the install or package targets in Xcode is only supported when using the legacy build system.
The framework handling introduced in 3.19.0 as part of supporting Xcode窶冱 Link Binaries With Libraries build phase broke the ability to switch between device and simulator builds without reconfiguring. That capability has now been restored.

(adam)

Updated databases/postgresqlNN

(adam)

postgresql: updated to 13.2, 12.6, 11.11, 10.16, 9.6.21, and 9.5.25

The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 13.2, 12.6, 11.11, 10.16, 9.6.21, and 9.5.25. This release closes two security vulnerabilities and fixes over 80 bugs reported over the last three months.

Additionally, this is the final release of PostgreSQL 9.5. If you are running PostgreSQL 9.5 in a production environment, we suggest that you make plans to upgrade.

For the full list of changes, please review the release notes.

Security Issues

CVE-2021-3393: Partition constraint violation errors leak values of denied columns

Versions Affected: 11 - 13.

A user having an UPDATE privilege on a partitioned table but lacking the SELECT privilege on some column may be able to acquire denied-column values from an error message. This is similar to CVE-2014-8161, but the conditions to exploit are more rare.

The PostgreSQL project thanks Heikki Linnakangas for reporting this problem.

CVE-2021-20229: Single-column SELECT privilege enables reading all columns

Versions Affected: 13.

A user having a SELECT privilege on an individual column can craft a special query that returns all columns of the table.

Additionally, a stored view that uses column-level privileges will have incomplete column-usage bitmaps. In installations that depend on column-level permissions for security, it is recommended to execute CREATE OR REPLACE on all user-defined views to force them to be re-parsed.

The PostgreSQL project thanks Sven Klemm for reporting this problem.

Bug Fixes and Improvements

This update fixes over 80 bugs that were reported in the last several months. Some of these issues only affect version 13, but could also apply to other supported versions.

Some of these fixes include:

Fix an issue with GiST indexes where concurrent insertions could lead to a corrupt index with entries placed in the wrong pages. You should REINDEX any affected GiST indexes.
Fix CREATE INDEX CONCURRENTLY to ensure rows from concurrent prepared transactions are included in the index. Installations that have enabled prepared transactions should REINDEX any concurrently-built indexes.
Fix for possible incorrect query results when a hash aggregation is spilled to disk.
Fix edge case in incremental sort that could lead to sorting results incorrectly or a "retrieved too many tuples in a bounded sort" error.
Avoid crash when a CALL or DO statement that performs a transaction rollback is executed via extended query protocol, such as from prepared statements.
Fix a failure when a PL/pgSQL procedure used CALL on another procedure that has OUT parameters that executed a COMMIT or ROLLBACK.
Remove errors from BEFORE UPDATE triggers on partitioned tables for restrictions that no longer apply.
Several fixes for queries with joins that could lead to error messages such as "no relation entry for relid N" or "failed to build any N-way joins".
Do not consider parallel-restricted or set-returning functions in an ORDER BY expressions when trying to parallelize sorts.
Fix ALTER DEFAULT PRIVILEGES to handle duplicate arguments safely.
Several fixes in behavior when wal_level is set to minimal, including when tables are rewritten within a transaction.
Several fixes for CREATE TABLE LIKE.
Ensure that allocated disk space for a dropped relation (e.g. a table) is released promptly when a transaction is committed.
Fix progress reporting for CLUSTER.
Fix handling of backslash-escaped multibyte characters in COPY FROM.
Fix recently-introduced race conditions in LISTEN/NOTIFY queue handling.
Allow the jsonb concatenation operator (||) to handle all combinations of JSON data types.
Fix WAL-reading logic so that standbys can handle timeline switches correctly. This issue could have shown itself with errors like "requested WAL segment has already been removed".
Several leak fixes for the walsender process around logical decoding and replication.
Ensure that a nonempty value of krb_server_keyfile always overrides any setting of KRB5_KTNAME in the server environment
Several fixes for GSS encryption support.
Ensure the \connect command allows the use of a password in the connection_string argument.
Fix assorted bugs with the \help command.
Several fixes for pg_dump.
Ensure that pg_rewind accounts for all WAL when rewinding a standby server.
Fix memory leak in contrib/auto_explain.
Ensure all postgres_fdw connections are closed if the a user mapping or foreign server object those connections depend on are dropped.
Fix JIT compilation to be compatible with LLVM 11 and LLVM 12.
This update also contains tzdata release 2021a for DST law changes in Russia (Volgograd zone) and South Sudan, plus historical corrections for Australia, Bahamas, Belize, Bermuda, Ghana, Israel, Kenya, Nigeria, Palestine, Seychelles, and Vanuatu.

Notably, the Australia/Currie zone has been corrected to the point where it is identical to Australia/Hobart.

For the full list of changes available, please review the release notes.

PostgreSQL 9.5 is EOL

This is the final release of PostgreSQL 9.5. If you are running PostgreSQL 9.5 in a production environment, we suggest that you make plans to upgrade to a newer, supported version of PostgreSQL. Please see our versioning policy for more information.

(adam)

Updated lang/nodejs10, lang/nodejs12

(adam)

nodejs12: updated to 12.20.2

Version 12.20.2 'Erbium' (LTS)

Notable changes

deps:
upgrade npm to 6.14.11

(adam)

nodejs10: updated to 10.23.3

Version 10.23.3 'Dubnium' (LTS)

Notable changes

The update to npm 6.14.11 has been relanded so that npm correctly reports its version.

Version 10.23.2 'Dubnium'

Notable changes

Release keys have been synchronized with the main branch.

deps:
upgrade npm to 6.14.11

(adam)

Updated devel/msgpack, textproc/py-phonenumbers

(adam)

py-phonenumbers: updated to 8.12.18

8.12.18:
Unknown changes

(adam)

msgpack: updated to 3.3.0

version 3.3.0
* Add json example for C
* Add both header and body packing functions for C
* Set default ref_size and chunk_size to vrefbuffer
* Add examples
* Improve build system
* Improve tests
* Improve documents
* Remove some warnings
* Improve CI environment

(adam)

Updated devel/libuv, lang/py-py3c, devel/subversion, textproc/py-xmlschema

(adam)

py-xmlschema: updated to 1.5.1

v1.5.1
* Optimize NamespaceView read-only mapping
* Add experimental XML data bindings with a DataBindingConverter
* Add experimental PythonGenerator for static codegen with Jinja2

(adam)

subversion: updated to 1.14.1

Subversion 1.14.1.

This is a stable bugfix and security release of the Apache Subversion
open source version control system.

THIS RELEASE CONTAINS AN IMPORTANT SECURITY FIX:

  CVE-2020-17525
  "Remote unauthenticated denial-of-service in Subversion mod_authz_svn"

The full security advisory for CVE-2020-17525 is available at:
  https://subversion.apache.org/security/CVE-2020-17525-advisory.txt

A brief summary of this advisory follows:

  Subversion's mod_authz_svn module will crash if the server is using
  in-repository authz rules with the AuthzSVNReposRelativeAccessFile
  option and a client sends a request for a non-existing repository URL.

  This can lead to disruption for users of the service.

  We recommend all users to upgrade to the 1.10.7 or 1.14.1 release
  of the Subversion mod_dav_svn server.

  As a workaround, the use of in-repository authz rules files with
  the AuthzSVNReposRelativeAccessFile can be avoided by switching
  to an alternative configuration which fetches an authz rules file
  from the server's filesystem, rather than from an SVN repository.

(adam)

py-py3c: updated to 1.3

v1.3

Compatibility:
Tested with Python 3.9.0

Additions:
To help avoid compiler warning about uninitialized members, extra members are added to the PyModuleDef structure for Python 2: m_slots, m_traverse, m_clear and m_free. Under Python 2, they must be set to NULL (usually by continuing to leave them out).

(adam)

libuv: updated to 1.41.0

Version 1.41.0 (Stable)

Changes since version 1.40.0:
* mailmap: update contact information for richardlau (Richard Lau)
* build: add asan checks (gengjiawen)
* unix: report bind error in uv_tcp_connect() (Ben Noordhuis)
* doc: uv_tcp_bind() never returns UV_EADDRINUSE (Ben Noordhuis)
* test: fix pump and tcp_write_batch benchmarks (Santiago Gimeno)
* doc: mark IBM i as Tier 2 support (Jesse Gorzinski)
* doc,poll: add notes (repeated cb & cancel pending cb) (Elad Nachmias)
* linux: fix -Wincompatible-pointer-types warning (Ben Noordhuis)
* linux: fix -Wsign-compare warning (Ben Noordhuis)
* android: add system call api guards (Ben Noordhuis)
* unix,win: harmonize uv_read_start() error handling (Ben Noordhuis)
* unix,win: more uv_read_start() argument validation (Ben Noordhuis)
* build: turn on -fno-strict-aliasing (Ben Noordhuis)
* stream: add uv_pipe and uv_socketpair to the API (Jameson Nash)
* unix,win: initialize timer `timeout` field (Ben Noordhuis)
* bsd-ifaddrs: improve comments (Darshan Sen)
* test: remove unnecessary uv_fs_stat() calls (Ben Noordhuis)
* fs: fix utime/futime timestamp rounding errors (Ben Noordhuis)
* test: ensure reliable floating point comparison (Jameson Nash)
* unix,fs: fix uv_fs_sendfile() (Santiago Gimeno)
* unix: fix uv_fs_stat when using statx (Simon Kadisch)
* linux,macos: fix uv_set_process_title regression (Momtchil Momtchev)
* doc: clarify UDP errors and recvmmsg (Ethel Weston)
* test-getaddrinfo: use example.invalid (Drew DeVault)
* Revert "build: fix android autotools build" (Bernardo Ramos)
* unix,fs: on DVS fs, statx returns EOPNOTSUPP (Mark Klein)
* win, fs: mkdir really return UV_EINVAL for invalid names (Nicholas Vavilov)
* tools: migrate tools/make_dist_html.py to python3 (Dominique Dumont)
* unix: fix uv_uptime() on linux (schamberg97)
* unix: check for partial copy_file_range support (Momtchil Momtchev)
* win: bump minimum supported version to windows 8 (Ben Noordhuis)
* poll,unix: ensure safety of rapid fd reuse (Bob Weinand)
* test: fix some warnings (Issam E. Maghni)
* unix: fix uv_uptime() regression (Santiago Gimeno)
* doc: fix versionadded metadata (cjihrig)
* test: fix 'incompatible pointer types' warnings (cjihrig)
* unix: check for EXDEV in uv__fs_sendfile()

(adam)

Updated devel/py-fasteners, mail/py-imapclient

(adam)

py-imapclient: updated to 2.2.0

Version 2.2.0
=============

Changed
-------
- Performance improvements
  - 2x faster _maybe_int_to_bytes for Python 2
  - Fix _proc_folder_list quadratic runtime
  - Faster utf7 encode. ~40% faster for input with a mix of unicode and
    ASCII chars.
  - Cache regex in _process_select_response
- poll() when available to surpass 1024 file descriptor limit with select()
- Use next instead of six.next as imapclient doesn't claim Python 2.5 support.
- Moved "Logged in/out" traces from INFO to DEBUG level
- Run tests on Python 3.8 and 3.9
- Support the Deleted special folder used by Outlook
- Clean up timeout handling
- Run the Black code formatter over the entire project

Added
-----
- MULTIAPPEND and LITERAL+ support
- Use ptpython for interactive shell if available
- Allow any custom SASL mechanism to be provided. This allows mechanisms such
  as EXTERNAL, GSSAPI or SCRAM-SHA-256 to be used in the same way as with
  imaplib.
- Add SASL OAUTHBEARER support
- add optional timeout parameter to IMAP4_TLS.open

Fixed
-----
- fixed special folder searching
- Catch the right exception in folder_status
- test_imapclient: Fix LoggerAdapter version check
- Fix config file parsing for None attributes
- Fix useless ref cycle in lexer
- Protocol parsing: Prevent converting numbers with leading zeroes to int.
- Prevent UnicodeDecodeError in IMAPlibLoggerAdapter
- Fix invalid string escape sequences
- Ensure timeout is used on Python 2.7.  _create_socket isn't used with the
  Python 2 version of imaplib so the open method has been overrided to make it
  consistent across Python version.
- Fix IMAP4_TLS for imaplib in Python 3.9+

(adam)

py-fasteners: updated to 0.16

0.16:
- Move from travis and appveyor to github actions
- Add interprocess reader writer lock
- Improve README
- remove unused eventlet import
- use stdlib monotonic instead of external for python >= 3.4

(adam)

Updated security/py-josepy, misc/py-tqdm

(adam)

py-tqdm: updated to 4.56.2

tqdm v4.56.2 stable

fix attribute errors when disabled
- reset()
- unpause()
add tests

tqdm v4.56.1 stable

fix repr() & format_dict when disabled
rename __repr__() => __str__()
minor documentation updates
- fix Binder demo notebook
- remove explicit Dockerfile
- move some images to external repo
add & update tests

(adam)

py-josepy: updated to 1.7.0

1.7.0:
Dropped support for Python 2.7.
Added support for EC keys.

(adam)

Updated databases/prometheus, databases/py-ldap3

(adam)

py-ldap3: updated to 2.9

2.9:
- new feature: SafeRestartable strategy (SAFE_RESTARTABLE) for using a restartable Connection object in a multi-threading program
- tested against Python 3.9
- added requirements-dev.txt
- fixed logging unicode exceptions in python2.7
- added more granular control over use of reverse dns with Kerberos (thanks Azaria)
- support MS Active Directory persistent search (thanks eLeX)
- added support for LDAP signing when using DIGEST-MD5 authentication (thanks Augustin-FL)
- check only for searchResEntries in LDIF conversion (thanks Jay)
- modify-increment now works properly in mock strategies (thanks Saint-Marcel)
- objectGUID are now converted properly (thanks Janne)
- default timeout in asynchronous strategies raised to 20 seconds

(adam)

prometheus: updated to 2.24.1

2.24.1
[ENHANCEMENT] Cache basic authentication results to significantly improve performance of HTTP endpoints (via an update of prometheus/exporter-toolkit).
[BUGFIX] Prevent user enumeration by timing requests sent to authenticated HTTP endpoints (via an update of prometheus/exporter-toolkit).

2.24.0
[FEATURE] Add TLS and basic authentication to HTTP endpoints.
[FEATURE] promtool: Add check web-config subcommand to check web config files.
[FEATURE] promtool: Add tsdb create-blocks-from openmetrics subcommand to backfill metrics data from an OpenMetrics file.
[ENHANCEMENT] HTTP API: Fast-fail queries with only empty matchers.
[ENHANCEMENT] HTTP API: Support matchers for labels API.
[ENHANCEMENT] promtool: Improve checking of URLs passed on the command line.
[ENHANCEMENT] SD: Expose IPv6 as a label in EC2 SD.
[ENHANCEMENT] SD: Reuse EC2 client, reducing frequency of requesting credentials.
[ENHANCEMENT] TSDB: Add logging when compaction takes more than the block time range.
[ENHANCEMENT] TSDB: Avoid unnecessary GC runs after compaction.
[BUGFIX] HTTP API: Avoid double-closing of channel when quitting multiple times via HTTP.
[BUGFIX] SD: Ignore CNAME records in DNS SD to avoid spurious Invalid SRV record warnings.
[BUGFIX] SD: Avoid config error triggered by valid label selectors in Kubernetes SD.

(adam)

Updated lang/nodejs

(adam)

nodejs: updated to 14.15.5

Version 14.15.5 'Fermium' (LTS)

Notable Changes

deps:
upgrade npm to 6.14.11
V8: backport dfcf1e86fac0
Note: Node.js is not believed to be vulnerable to CVE-2021-21148.
stream,zlib: do not use _stream_* anymore

(adam)

Moved www/py-socks to net/py-python-socks

(adam)

py-socks: renamed to net/py-python-socks

(adam)

Quickly rename www/py-socks to net/py-pythons-socks as suggested by @leot

(adam)

Added www/py-socks, www/py-httpx-socks; Updated www/py-aiohttp-socks, databases/py-pypika

(adam)

py-pypika: updated to 0.47.4

0.47.4:
Unknown changes

(adam)

py-aiohttp-socks: updated to 0.5.5

v0.5.5:
Fix asyncio DeprecationWarning: The loop argument is deprecated

(adam)

py-httpx-socks: added version 0.3.1

The httpx-socks package provides proxy transports for httpx client. SOCKS4(a),
SOCKS5, HTTP (tunneling) proxy supported. It uses python-socks for core proxy
functionality.

(adam)

py-socks: added version 1.2.0

The python-socks package provides a core proxy client functionality for Python.
Supports SOCKS4(a), SOCKS5, HTTP (tunneling) proxy and provides sync and async
(asyncio, trio, curio) APIs. You probably don't need to use python-socks
directly. It is used internally by aiohttp-socks and httpx-socks packages.

(adam)

Updated devel/py-prompt_toolkit2, devel/py-ipython

(adam)

py-ipython: updated to 7.20.0

IPython 7.20
============

IPython 7.20 is the accumulation of 3 month of work on IPython, spacing between
IPython release have been increased from the usual once a month for various
reason.

  - Mainly as I'm too busy and the effectively sole maintainer, and
  - Second because not much changes happened before mid December.

The main driver for this release was the new version of Jedi 0.18 breaking API;
which was taken care of in the master branch early in 2020 but not in 7.x as I
though that by now 8.0 would be out.

The inclusion of a resolver in pip did not help and actually made things worse.
If usually I would have simply pinned Jedi to ``<0.18``; this is not a solution
anymore as now pip is free to install Jedi 0.18, and downgrade IPython.

I'll do my best to keep the regular release, but as the 8.0-dev branch and 7.x
are starting to diverge this is becoming difficult in particular with my limited
time, so if you have any cycles to spare I'll appreciate your help to respond to
issues and pushing 8.0 forward.

Here are thus some of the changes for IPython 7.20.

  - Support for PyQt5 >= 5.11 :ghpull:`12715`
  - ``%reset`` remove imports more agressively :ghpull:`12718`
  - fix the ``%conda`` magic :ghpull:`12739`
  - compatibility with Jedi 0.18, and bump minimum Jedi version. :ghpull:`12793`

(adam)

py-prompt_toolkit2: updated to 3.0.15

3.0.15: 2021-02-10
------------------
Fixes:
- Set stdout blocking when writing in vt100 output. Fixes an issue when uvloop
  is used and big amounts of text are written.
- Guarantee height of at least 1 for both labels and text areas.
- In the `Window` rendering, take `dont_extend_width`/`dont_extend_height` into
  account. This fixes issues where one window is enlarged unexpectedly because
  it's bundled with another window in a `HSplit`/`VSplit`, but with different
  width/height.
- Don't handle `SIGWINCH` in progress bar anymore. (The UI runs in another
  thread, and we have terminal size polling now).
- Fix several thread safety issues and a race condition in the progress bar.
- Fix thread safety issues in `Application.invalidate()`. (Fixes a
  `RuntimeError` in some situations when using progress bars.)
- Fix handling of mouse events on Windows if we have a Windows 10 console with
  ANSI support.
- Disable `QUICK_EDIT_MODE` on Windows 10 when mouse support is requested.

3.0.14: 2021-01-24
------------------
New features:
- Disable bell when `PROMPT_TOOLKIT_BELL=false` environment variable has been
  set.

Fixes:
- Improve cancellation of history loading.

3.0.13: 2021-01-21
------------------
Fixes:
- Again, fixed the race condition in `ThreadedHistory`. Previous fix was not
  correct.

3.0.12: 2021-01-21
------------------
Fixes:
- Fixed a race condition in `ThreadedHistory` that happens when continuously
  pasting input text (which would continously repopulate the history).
- Move cursor key mode resetting (for vt100 terminals) to the renderer. (Mostly
  cleanup).

3.0.11: 2021-01-20
------------------
New features:
- Poll terminal size: better handle resize events when the application runs in
  a thread other than the main thread (where handling SIGWINCH doesn't work) or
  in the Windows console.

Fixes:
- Fix bug in system toolbar. The execution of system commands was broken.
- A refactoring of patch_stdout that includes several fixes.
  * We know look at the `AppSession` in order to see which application is
    running, rather then looking at the event loop which is installed when
    `StdoutProxy` is created. This way, `patch_stdout` will work when
    prompt_toolkit applications with a different event loop run.
  * Fix printing when no application/event loop is running.
  * Fixed the `raw` argument of `PatchStdout`.
- A refactoring of the `ThreadedHistory`, which includes several fixes, in
  particular a race condition (see issue 1158) that happened when editing
  input while a big history was still being loaded in the background.

(adam)