terraform: updated to 0.12.26

v0.12.26
ENHANCEMENTS:
backend/remote: Can now accept -target options when creating a plan using remote operations, if supported by the target server. (Server-side support for this in Terraform Cloud and Terraform Enterprise will follow in forthcoming releases of each.)
cli: A special new lifecycle mode for provider plugins where they are assumed to be controlled by an external process outside of Terraform. This is for automated provider plugin testing only, and is not an end-user feature.

(adam)

sshfp: fix installation

(adam)

py-nacl: needs wheel to build

(adam)

py-impacket: be consistent across platforms regarding data files

(adam)

Updated databases/redis, devel/py-joblib

(adam)

py-joblib: updated 0.15.1

Release 0.15.1
- Make joblib work on Python 3 installation that do not ship with the lzma
  package in their standard library.

(adam)

redis: updated to 6.0.4

Redis 6.0.4
===========

Upgrade urgency CRITICAL: this release fixes a severe replication bug.

Redis 6.0.4 fixes a critical replication bug caused by a new feature introduced
in Redis 6. The feature, called "meaningful offset" and strongly wanted by
myself (antirez) was an improvement that avoided that masters were no longer
able, during a failover where they were demoted to replicas, to partially
synchronize with the new master. In short the feature was able to avoid full
synchronizations with RDB. How did it work? By trimming the replication backlog
of the final "PING" commands the master was sending in the replication channel:
this way the replication offset would no longer go "after" the one of the
promoted replica, allowing the master to just continue in the same replication
history, receiving only a small data difference.

However after the introduction of the feature we (the Redis core team) quickly
understood there was something wrong: the apparently harmless feature had
many bugs, and the last bug we discovered, after a joined effort of multiple
people, we were not even able to fully understand after fixing it. Enough was
enough, we decided that the complexity cost of this feature was too high.
So Redis 6.0.4 removes the feature entirely, and fixes the data corruption that
it was able to cause.

However there are two facts to take in mind.

Fact 1: Setups using chained replication, that means that certain replicas
are replicating from other replicas, up to Redis 6.0.3 can experience data
corruption. For chained replication we mean that:

    +--------+          +---------+        +-------------+
    | master |--------->| replica |-------->| sub-replica |
    +--------+          +---------+        +-------------+

People using chained replication SHOULD UPGRADE ASAP away from Redis 6.0.0,
6.0.1, 6.0.2 or 6.0.3 to Redis 6.0.4.

To be clear, people NOT using this setup, but having just replicas attached
directly to the master, SHOUDL NOT BE in danger of any problem. But we
are no longer confident on 6.0.x replication implementation complexities
so we suggest to upgrade to 6.0.4 to everybody using an older 6.0.3 release.
We just so far didn't find any bug that affects Redis 6.0.3 that does not
involve chained replication.

People starting with Redis 6.0.4 are fine. People with Redis 5 are fine.
People upgrading from Redis 5 to Redis 6.0.4 are fine.
TLDR: The problem is with users of 6.0.0, 6.0.1, 6.0.2, 6.0.3.

Fact 2: Upgrading from Redis 6.0.x to Redis 6.0.4, IF AND ONLY IF you
use chained replication, requires some extra care:

1. Once you attach your new Redis 6.0.4 instance as a replica of the current
  Redis 6.0.x master, you should wait for the first full synchronization,
  then you should promote it right away, if your setup involves chained
  replication. Don't give it the time to do a new partial synchronization
  in the case the link between the master and the replica  will break in
  the mean time.

2. As an additional care, you may want to set the replication ping period
  to a very large value (for instance 1000000) using the following command:

      CONFIG SET repl-ping-replica-period 1000000

  Note that if you do "1" with care, "2" is not needed.
  However if you do it, make sure to later restore it to its default:

      CONFIG SET repl-ping-replica-period 10

So this is the main change in Redis 6. Later we'll find a different way in
order to achieve what we wanted to achieve with the Meaningful Offset feature,
but without the same complexity.

Other changes in this release:

* PSYNC2 tests improved.
* Fix a rare active defrag edge case bug leading to stagnation
* Fix Redis 6 asserting at startup in 32 bit systems.
* Redis 6 32 bit is now added back to our testing environments.
* Fix server crash for STRALGO command,
* Implement sendfile for RDB transfer.
* TLS fixes.
* Make replication more resistant by disconnecting the master if we
  detect a protocol error. Basically we no longer accept inline protocol
  from the master.
* Other improvements in the tests.

(adam)

Updated devel/protobuf, devel/py-protobuf

(adam)

protobuf py-protobuf: updated to 3.12.2

Protocol Buffers v3.12.2

C++
Simplified the template export macros to fix the build for mingw32.

(adam)

Updated security/py-nacl, devel/py-test-cov

(adam)

py-test-cov: updated to 2.9.0

2.9.0:
* Fixed ``RemovedInPytest4Warning`` when using Pytest 3.10.
* Made pytest startup faster when plugin not active by lazy-importing.
* Various CI improvements.
* Various Python support updates (drop EOL 3.4, test against 3.8 final).
* Changed ``--cov-append`` to always enable ``data_suffix`` (a coverage setting).
  Contributed by Harm Geerts in
* Changed ``--cov-append`` to handle loading previous data better
  (fixes various path aliasing issues).
* Various other testing improvements, github issue templates, example updates.
* Fixed internal failures that are caused by tests that change the current working directory by
  ensuring a consistent working directory when coverage is called.

(adam)

py-nacl: updated to 1.4.0

1.4.0:
* Update ``libsodium`` to 1.0.18.
* **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1``
  wheels. Continuing to produce them was a maintenance burden.
* Added support for Python 3.8, and removed support for Python 3.4.
* Add low level bindings for extracting the seed and the public key
  from crypto_sign_ed25519 secret key
* Add low level bindings for deterministic random generation.
* Add ``wheel`` and ``setuptools`` setup_requirements in ``setup.py``
* Fix checks on very slow builders
* Add low-level bindings to ed25519 arithmetic functions
* Update low-level blake2b state implementation
* Fix wrong short-input behavior of SealedBox.decrypt()
* Raise CryptPrefixError exception instead of InvalidkeyError when trying
  to check a password against a verifier stored in a unknown format
* Add support for minimal builds of libsodium. Trying to call functions
  not available in a minimal build will raise an UnavailableError
  exception. To compile a minimal build of the bundled libsodium, set
  the SODIUM_INSTALL_MINIMAL environment variable to any non-empty
  string (e.g. ``SODIUM_INSTALL_MINIMAL=1``) for setup.

(adam)

Updated www/py-meinheld, sysutils/py-supervisor

(adam)

py-supervisor: updated to 4.2.0

4.2.0:

- When ``supervisord`` is run in the foreground, a new ``--silent`` option
  suppresses the main log from being echoed to ``stdout`` as it normally
  would.

- Parsing ``command=`` now supports a new expansion, ``%(numprocs)d``, that
  expands to the value of ``numprocs=`` in the same section.

- Web UI buttons no longer use background images.

- The Web UI now has a link to view ``tail -f stderr`` for a process in
  addition to the existing ``tail -f stdout`` link.  Based on a
  patch by OuroborosCoding.

- The HTTP server will now send an ``X-Accel-Buffering: no`` header in
  logtail responses to fix Nginx proxy buffering.

- When ``supervisord`` reaps an unknown PID, it will now log a description
  of the ``waitpid`` status.

- Fixed a bug introduced in 4.0.3 where ``supervisorctl tail -f foo | grep bar``
  would fail with the error ``NoneType object has no attribute 'lower'``.  This
  only occurred on Python 2.7 and only when piped.

(adam)

py-meinheld: updated to 1.0.2

1.0.2
* Fix: HTTP Request Smuggling

(adam)

Updated devel/py-modulegraph, devel/py-rope

(adam)

py-rope: updated to 0.17.0

New release 0.17.0:
Make tests compatible with Python 3.8
Use context manager for open()
Don窶冲 use UserDict (!!!) and collections.MutableMapping.
assertEquals has been deprecated for long time (-> assertEqual)
Remove weird escpaing of 's' character, which is the syntax error these days.
Add testing for Python 3.8 as well
Fix pattern for matching short strings
Work with deprecated types and using aliased ones.
Don't use underscored _ast, but use ast instead
Direct import from collections is getting deprecated.
Use .is_alive method instead of a deprecated .isAlive in threading.Thread
Fix simple typo: sitaution -> situation
Two more assertEquals happened.

(adam)

py-modulegraph: updated to 0.18

0.18
* Avoid exception when one of the items on "packages" is not a package
  (modulegraph.find_modules.find_needed_modules)
* ``Modulegraph.foldReferences()`` called the wrong method

(adam)

Updated sysutils/py-crontab, www/py-beautifulsoup4

(adam)

py-beautifulsoup4: updated to 4.9.1

4.9.1:

* Added a keyword argument 'on_duplicate_attribute' to the
  BeautifulSoupHTMLParser constructor (used by the html.parser tree
  builder) which lets you customize the handling of markup that
  contains the same attribute more than once, as in:
  <a href="url1" href="url2">

* Added a distinct subclass, GuessedAtParserWarning, for the warning
  issued when BeautifulSoup is instantiated without a parser being
  specified.

* Added a distinct subclass, MarkupResemblesLocatorWarning, for the
  warning issued when BeautifulSoup is instantiated with 'markup' that
  actually seems to be a URL or the path to a file on
  disk.

* The new NavigableString subclasses (Stylesheet, Script, and
  TemplateString) can now be imported directly from the bs4 package.

* If you encode a document with a Python-specific encoding like
  'unicode_escape', that encoding is no longer mentioned in the final
  XML or HTML document. Instead, encoding information is omitted or
  left blank.

* Fixed test failures when run against soupselect 2.0.

(adam)

py-crontab: updated to 2.5.1

2.5.1:
Bug fixes

(adam)

Updated lang/py-six, net/py-botocore, net/py-boto3, net/py-awscli

(adam)

py-awscli: updated to 1.18.67

1.18.67
api-change:quicksight: Update quicksight command to latest version
api-change:macie: Update macie command to latest version
api-change:elasticache: Update elasticache command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:dlm: Update dlm command to latest version
api-change:ssm: Update ssm command to latest version

1.18.66
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:autoscaling: Update autoscaling command to latest version

1.18.65
api-change:codebuild: Update codebuild command to latest version
api-change:s3: Update s3 command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:synthetics: Update synthetics command to latest version

1.18.64
api-change:codedeploy: Update codedeploy command to latest version
api-change:securityhub: Update securityhub command to latest version
api-change:chime: Update chime command to latest version
api-change:medialive: Update medialive command to latest version
api-change:backup: Update backup command to latest version
api-change:application-autoscaling: Update application-autoscaling command to latest version
api-change:appmesh: Update appmesh command to latest version

1.18.63
api-change:health: Update health command to latest version
bugfix:s3: Mute warnings for not restored glacier deep archive objects if --ignore-glacier-warnings option enabled. Fixes #4039
api-change:transcribe: Update transcribe command to latest version
api-change:ec2: Update ec2 command to latest version
api-change:chime: Update chime command to latest version

1.18.62
api-change:qldb: Update qldb command to latest version
api-change:ecs: Update ecs command to latest version
api-change:dynamodb: Update dynamodb command to latest version
api-change:macie2: Update macie2 command to latest version
api-change:chime: Update chime command to latest version
api-change:ec2: Update ec2 command to latest version

1.18.61
api-change:ecr: Update ecr command to latest version
api-change:glue: Update glue command to latest version
api-change:cloudformation: Update cloudformation command to latest version
api-change:sts: Update sts command to latest version

1.18.60
api-change:imagebuilder: Update imagebuilder command to latest version
api-change:ec2: Update ec2 command to latest version

1.18.59
api-change:elasticache: Update elasticache command to latest version
api-change:macie2: Update macie2 command to latest version

1.18.58
api-change:iotsitewise: Update iotsitewise command to latest version
api-change:workmail: Update workmail command to latest version

(adam)

py-boto3: updated to 1.13.17

1.13.17
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:dlm: [botocore] Update dlm client to latest version
api-change:quicksight: [botocore] Update quicksight client to latest version
api-change:ssm: [botocore] Update ssm client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:macie: [botocore] Update macie client to latest version

1.13.16
api-change:autoscaling: [botocore] Update autoscaling client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version

1.13.15
api-change:synthetics: [botocore] Update synthetics client to latest version
api-change:codebuild: [botocore] Update codebuild client to latest version
api-change:s3: [botocore] Update s3 client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version

1.13.14
api-change:backup: [botocore] Update backup client to latest version
api-change:codedeploy: [botocore] Update codedeploy client to latest version
api-change:securityhub: [botocore] Update securityhub client to latest version
api-change:chime: [botocore] Update chime client to latest version
api-change:medialive: [botocore] Update medialive client to latest version
api-change:application-autoscaling: [botocore] Update application-autoscaling client to latest version
api-change:appmesh: [botocore] Update appmesh client to latest version

1.13.13
api-change:transcribe: [botocore] Update transcribe client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:health: [botocore] Update health client to latest version
api-change:chime: [botocore] Update chime client to latest version

1.13.12
api-change:chime: [botocore] Update chime client to latest version
api-change:qldb: [botocore] Update qldb client to latest version
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:ecs: [botocore] Update ecs client to latest version
api-change:dynamodb: [botocore] Update dynamodb client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version

1.13.11
api-change:sts: [botocore] Update sts client to latest version
api-change:ecr: [botocore] Update ecr client to latest version
api-change:glue: [botocore] Update glue client to latest version
api-change:cloudformation: [botocore] Update cloudformation client to latest version

1.13.10
api-change:ec2: [botocore] Update ec2 client to latest version
api-change:imagebuilder: [botocore] Update imagebuilder client to latest version

1.13.9
api-change:elasticache: [botocore] Update elasticache client to latest version
api-change:macie2: [botocore] Update macie2 client to latest version

1.13.8
api-change:workmail: [botocore] Update workmail client to latest version
api-change:iotsitewise: [botocore] Update iotsitewise client to latest version
enchancement:Endpoints: [botocore] Improved endpoint resolution for clients with unknown regions

(adam)

py-botocore: updated to 1.16.17

1.16.17
api-change:elasticache: Update elasticache client to latest version
api-change:dlm: Update dlm client to latest version
api-change:quicksight: Update quicksight client to latest version
api-change:ssm: Update ssm client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:macie: Update macie client to latest version

1.16.16
api-change:autoscaling: Update autoscaling client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version

1.16.15
api-change:synthetics: Update synthetics client to latest version
api-change:codebuild: Update codebuild client to latest version
api-change:s3: Update s3 client to latest version
api-change:ec2: Update ec2 client to latest version

1.16.14
api-change:backup: Update backup client to latest version
api-change:codedeploy: Update codedeploy client to latest version
api-change:securityhub: Update securityhub client to latest version
api-change:chime: Update chime client to latest version
api-change:medialive: Update medialive client to latest version
api-change:application-autoscaling: Update application-autoscaling client to latest version
api-change:appmesh: Update appmesh client to latest version

1.16.13
api-change:transcribe: Update transcribe client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:health: Update health client to latest version
api-change:chime: Update chime client to latest version

1.16.12
api-change:chime: Update chime client to latest version
api-change:qldb: Update qldb client to latest version
api-change:ec2: Update ec2 client to latest version
api-change:ecs: Update ecs client to latest version
api-change:dynamodb: Update dynamodb client to latest version
api-change:macie2: Update macie2 client to latest version

1.16.11
api-change:sts: Update sts client to latest version
api-change:ecr: Update ecr client to latest version
api-change:glue: Update glue client to latest version
api-change:cloudformation: Update cloudformation client to latest version

1.16.10
api-change:ec2: Update ec2 client to latest version
api-change:imagebuilder: Update imagebuilder client to latest version

1.16.9
api-change:elasticache: Update elasticache client to latest version
api-change:macie2: Update macie2 client to latest version

1.16.8
api-change:workmail: Update workmail client to latest version
api-change:iotsitewise: Update iotsitewise client to latest version
enchancement:Endpoints: Improved endpoint resolution for clients with unknown regions

(adam)

py-six: updated to 1.15.0

1.15.0:
Optimize `six.ensure_str` and `six.ensure_binary`.

(adam)

Updated net/py-zeroconf, databases/py-pypika

(adam)

py-pypika: updated to 0.37.7

0.37.7:
Bug fixes

(adam)

py-zeroconf: updated to 0.26.3

0.26.3
Improved readability of logged incoming data.
Threads are given unique names now to aid debugging.
Fixed a regression where get_service_info() called within a listener add_service method would deadlock, timeout and incorrectly return None.

(adam)

py-ldapdomaindump: add ALTERNATIVES

(adam)

Removed net/py-dnspython

(adam)

py-dnspython: removed; duplicate of py-dns

(adam)

sshfp: fix HOMEPAGE and DEPENDS

(adam)

Removed security/py-cryptodomex

(adam)

py-cryptodomex: removed; use py-cryptodome instead

(adam)

py-impacket: fix DEPENDS; fix PLIST; fix binaries with Python version suffix; bump revision

(adam)

py-keyring: PYTHON_VERSIONS_INCOMPATIBLE before pyversion.mk

(adam)

Updated lang/nodejs12, net/py-prometheus_client

(adam)

py-prometheus_client: updated to 0.8.0

0.8.0:
[FEATURE] Added ASGI application
[FEATURE] Add support for parsing timestamps in Prometheus exposition format.
[FEATURE] Add target_info to registries
[ENHANCEMENT] Handle empty and slashes in label values for pushgateway
[ENHANCEMENT] Various updates for latest OpenMetrics draft spec
[ENHANCEMENT] Add HELP output for auto-created metrics
[ENHANCEMENT] Use mmap.PAGESIZE constant as value for first read.
[ENHANCEMENT] Add __repr__ method to metric objects, make them debug friendly.
[ENHANCEMENT] Add observability check to metrics
[BUGFIX] Fix urlparse in python >= 3.7.6
[BUGFIX] Cleaning up name before appending unit on name
[BUGFIX] Allow for OSError on Google App Engine

(adam)

nodejs12: updated to 12.17.0

Version 12.17.0 'Erbium' (LTS):

Notable Changes

ECMAScript Modules - --experimental-modules flag removal
AsyncLocalStorage API (experimental)
REPL previews
REPL reverse-i-search
REPL substring-based search
Error monitoring
Monitoring uncaught exceptions
File system APIs
Console groupIndentation option
maxStringLength option for util.inspect()
Stable N-API release 6
Stable diagnostic reports
Increase of the default server headers timeout

(adam)

Updated emulators/wine, databases/prometheus

(adam)

prometheus: updated to 2.18.1

2.18.1:
[BUGFIX] TSDB: Fixed snapshot API.

2.18.0:
[CHANGE] Federation: Only use local TSDB for federation (ignore remote read).
[CHANGE] Rules: rule_evaluations_total and rule_evaluation_failures_total have a rule_group label now.
[FEATURE] Tracing: Added experimental Jaeger support
[ENHANCEMENT] TSDB: Significantly reduce WAL size kept around after a block cut.
[ENHANCEMENT] Discovery: Add architecture meta label for EC2.
[BUGFIX] UI: Fixed wrong MinTime reported by /status.
[BUGFIX] React UI: Fixed multiselect legend on OSX.
[BUGFIX] Remote Write: Fixed blocked resharding edge case.
[BUGFIX] Remote Write: Fixed remote write not updating on relabel configs change.

(adam)

wine: updated to 4.0.4

Bugs fixed in 4.0.4 (total 65):
* NEXON client installers using embedded IE browser control: buttons don't respond to click (Lunia Senki, Combat Arms, War Rock)
* Microsoft Document Explorer 2008 crashes when using MS Help 2 URL from command line (ieframe's WebBrowser COM object doesn't support aggregation)
* Password Safe crashes with page fault when renaming entries
* Brothers In Arms Hell's Highway : Setup asks for DVD for every .cab file (SetupPromptForDiskA/W should only show a dialog if the file doesn't exist)
* LegoLand: crashes at main menu without native directmusic
* TSDoctor 1.0.58 fails to run
* treeview wstr overrun in TVN_GETDISPINFOW (ExamXML crashes when opening an XML file)
* UFO: Extraterrestrials Gold - crash at start caused by wine's built-in dsound/directmusic
* GdipGraphicsClear() needs to overwrite pixels, not alpha blend (Text misrendered in Brain Workshop)
* Skyrim (Steam) hangup on quit
* In The Adventures Of Lomax some graphic elements flicker, disappear or are garbled
* Problems with Russian localization in page setup dialog
* using winegcc with stdin passes arguments in the wrong position to gcc
* FXCM Trading Station II installer reports 'OLE error 80004001' when running as 'Windows Vista' or higher ('ITaskbarList3::ThumbBarSetImageList' is a stub)
* 64-bit dlls/msdaps/row_server_p.c generates build warnings (discarded "const" qualifier)
* Broken geometry in Indiana Jones and the Emperor's Tomb
* Broken Sword: The Angel of Death demo needs IDirectSoundFXI3DL2Reverb interface
* The Moment of Silence launcher unusable (displays only black)
* Wine with freetype 2.7 causes font rendering issues
* The Witcher 2: Assassins of Kings - menus and subtitles rendered incorrectly (with built-in d3dx9)
* VSDC Video Editor. Crashes in ole32 when opening.
* HashMyFiles: Drag & Drop from native File Managers (Dolphin, Nautilus, ...) does not work
* Multiple .NET applications (Chime, DxO Photolab 2 trial) crash, need  RegisterApplicationRecoveryCallback  to return S_OK
* Tetris for Windows has wrong colors for the game pieces and the score box
* HotS - taking screenshot causes client crash, needs d3dx11_42.dll.D3DX11SaveTextureToFileW
* Far Cry 5 Cannot Steer Land Vehicles
* Multiple applications need msvcr120.dll.?_Yield@_Context@details@Concurrency@@SAXXZ (Darkest Dungeon, Noita, Amazon Kindle for PC)
* Shed installer - text overflow in browse-for-folder dialog
* Abiword 2.6.8 comboboxes should have a white background color
* 亮Torrent has squares in its update dialog
* Smoke not rendering properly in Castlevania: Lords of Shadow 2
* IVMU Social Network Client (500 series) crashes when selecting menu / settings
* Adobe DNG Converter 11.2+ runs into Call to unimplemented function api-ms-win-core-winrt-error-l1-1-0.dll.GetRestrictedErrorInfo
* winetricks -q --verify dotnet461 crashes under win64
* type command in cmd.exe with two files and stdout redirect, behavior is different
* boolean type defined as 'unsigned char' rather than 'char'
* 32-bit LAVFilters 0.74.x installer fails to register 64-bit AX codec/filters in Wow64 environment (32-bit regsvr32.exe needs to support 64-bit dll registration and vice versa by re-exec with proper bitness)
* Multiple 64-bit game and application crash reporting tools need x86_64 'ntdll.RtlCaptureStackBackTrace' implementation
* Glide wrapper - Configuration buttons misbehaving
* Accel World vs. Sword Art Online needs WTSRegisterSessionNotificationEx() to return true.
* ListBox LB_SETSEL doesn't scroll to newly selected item
* _putws outputs NULs, other wchar.h functions don't
* ExHIBIT (Sample Project): Can't select menu item in the title screen
* Zoom Edit&Share 5.0.0.0: installer crashes starting with wine-3.19
* commit "winex11.drv: Wake up the display on user input." introduced severe performance issues with atomic modesetting kernel drivers
* iCloud refuses to install: "Your computer is missing Media features."
* putty.exe displays an error at startup when placed in a path with accented characters.
* Magic: The Gathering Arena installer needs powershell.exe (cannot find it)
* FindFirstFileExW believes every directory entry has been read if NtQueryDirectoryFile underfills buffer
* FindFirstFileExW seems to be missing FILE_OPEN_FOR_BACKUP_INTENT flag to NtOpenFile
* Need for Speed: Carbon - Autosculpt causes geometry corruption and GL_INVALID_OPERATION error
* Blur: cars have no wheels when Wine is compiled with Ryzen optimisations
* Nextiva: Logging in fails with "Client is unable to connect to the server."
* IGMP source specific multicast does not create join requests for source
* NtCreateFile incorrectly returns STATUS_OBJECT_NAME_NOT_FOUND when RootDirectory is populated
* R-Studio (file recovery tool) wants ntoskrnl.exe.IoCreateUnprotectedSymbolicLink
* motec i2 pro v1.0 data logger fails to start
* Multiple applications need shcore.dll.GetScaleFactorForMonitor stub (Karafun player, Sync)
* UPlay fails to start : "Error at hooking API NtProtectVirtualMemory" (UPlay's hooking engine can't handle ENDBR32 instruction inserted at non-hotpatch API entries due to distro build environments '-fcf-protection')
* Visual C++ Express 2005 needs shell32.PathResolveW implementation (or fake success)
* Wrong color mapping with client-side graphics on 256-color X server
* IXMLDOMDocument_load() paths aren't URL-unescaped (Microsoft Document Explorer 2008 startup error)
* Building wine on CentOS7 fails due to lack of libkrb5
* Dell Latitude E6440 BIOS updater crashes on unimplemented function ntoskrnl.exe.KeSetImportanceDpc
* Arma Cold War Assault: Cursor stuck at low fps since Wine 5.0-rc6

(adam)

Updated databases/sqlite3, databases/sqlite3-docs, databases/sqlite3-tcl, devel/lemon

(adam)

sqlite3: updated to 3.32.1

Changes in version 3.32.1:

Fix two long-standing bugs that allow malicious SQL statements to crash the process that is running SQLite. These bugs were announced by a third-party approximately 24 hours after the 3.32.0 release but are not specific to the 3.32.0 release.

Other minor compiler-warning fixes and whatnot.

(adam)

py-aiosqlite: switch to distutils

(adam)

Updated net/ndpi, net/ntopng

(adam)

ntopng: updated to 4.0

ntopng 4.0:

Breakthroughs

* Plugins engine to tap into flows, hosts and other network elements
* Migration to Bootstrap 4 and Font Awesome 5 for a renewed ntopng look-and-feel with light and dark themes
* Processes and containers monitoring thanks to the eBPF integration via libebpfflow https://github.com/ntop/libebpfflow
* Active monitoring of hosts ICMP/ICMPv6/HTTP/HTTPS Round Trip Times (RTT)

New features
* X.509 client certificate authentication
* ERSPAN transparent ethernet bridging
* Webhook export module for exporting alarms
* Identifications of the hosts in broadcast domain
* Category Lists editor to manage ip/domain lists
* Handling of PEN fields from nProbe
* Added anomalous flows to the looking glass
* Visibility of ICMP port-unreachable flows IPv4
* TCP states filtering (est., connecting, closed and rst)
* Ability to serialize local hosts in the broadcast domain via MAC address
* Japanese, portugese/brazilian localization
* Added process memory, cpu load, InfluxDB, Redis status pages and charts
* Implement ntopng Plugins, self contained modules to extend the ntopng functionalities
* Implement ZMQ/Suricata companion interface
* SSL traffic analysis and alerts via JA3 fingerprint, unsafe ciphers detection
* SSH traffic analysis and alerts via HASSH fingerprint
* Host traffic profile generation via the (MUD) Manufacturer Usage Descriptor
* Experimental Prometheus timeseries export
* Introduce the System interface to manage system wide settings and status
* Read events from Suricata and generate alerts
* SNMP network topology visualization
* Automatic ntopng update check and upgrade
* Calculate host anomaly score and trigger alerts when it exceeds a threshold
* Add ability to extract timeseries data with a click
* Initial Marketplace droplet using Fabric
* Alerts on duplex status change on SNMP interface

Improvements
* View interfaces are now optimized for big networks and use less memory
* Systemd macros are now used to start/restart the ntopng services
* Handles n2disk traffic extractions from recording processes non managed by ntopng
* Interface in/out now available also for non PF_RING interfaces (read from /proc)
* Automatic InfluxDB rollup support
* MDNS discovery improvements
* Rework of the alerts engine and api for efficient engaged alerts triggering
* Faster ZMQ communication to nProbe thanks to the implementation of a binary TLV format
* Stats update for ZMQ interfaces is now based on the idle/active flows timeout
* Timeseries export improvements via queues, detect if InfluxDB is down and stop the export
* Implemented reusable Lua engine to reduce the overhead of periodic scripts
* Improve Lua error handling
* Exclude certain categories from Elephant/Long lived flows alerts

nEdge
* Ability to set up port forwarding
* Support for Ubuntu 18.04
* Fix users and other prefs deleted during nEdge data reset
* Japanese localization
* Block unsupported L3 protocols (currently only ARP and IPv4 are supported)
* DNS mapping port to avoid conflicts with system programs

Fixes
* Fixed export to mysql on shutdown in case of Pcap file in community mode
* Fixed failing SYN-scan detection
* Fixed ZMQ decompression errors with large templates
* Fixed possible XSS in login.lua referer param and `runtime.lua`
* Update geolocation due to changes in the library usage policy
* Fixes to support browsers dark mode
* Option `--zmq-encryption-key <pub key>` can be used with `-I <endpoint>` to encrypt data hi hierarchical mode
* Fixed nIndex missing data while performing some queries and throughput calculation

(adam)

ndpi: updated to 3.2

nDPI 3.2:

New Features
* New API calls
  * Protocol detection: ndpi_is_protocol_detected
  * Categories: ndpi_load_categories_file / ndpi_load_category
  * JSON/TLV serialization: ndpi_serialize_string_boolean / ndpi_serialize_uint32_boolean
  * Patricia tree: ndpi_load_ipv4_ptree
  * Module initialization: ndpi_init_detection_module / ndpi_finalize_initalization
  * Base64 encoding: ndpi_base64_encode
  * JSON exprot: ndpi_flow2json
  * Print protocol: ndpi_get_l4_proto_name / ndpi_get_l4_proto_info
* Libfuzz integration
* Implemented Community ID hash (API call ndpi_flowv6_flow_hash and ndpi_flowv4_flow_hash)
* Detection of RCE in HTTP GET requests via PCRE
* Integration of the libinjection library to detect SQL injections and XSS type attacks in HTTP requests

New Supported Protocols and Services
* TLS
  * Added ALPN support
  * Added export of supported version in TLS header
* Added Telnet dissector with metadata extraction
* Added Zabbix dissector
* Added POP3/IMAP metadata extraction
* Added FTP user/password extraction
* Added NetBIOS metadata extraction
* Added Kerberos metadata extraction
* Implemented SQL Injection and XSS attack detection
* Host-based detection improvements and changes
  * Added Microsoft range
  * Added twitch.tv website
  * Added brasilbandalarga.com.br and .eaqbr.com.br as EAQ
  * Added 20.180.0.0/14, 20.184.0.0/13 range as Skype
  * Added 52.84.0.0/14 range as Amazon
  * Added ^pastebin.com
  * Changed 13.64.0.0/11 range from Skype to Microsoft
  * Refreshed Whatsapp server list, added *whatsapp-*.fbcdn.net IPs
* Added public DNSoverHTTPS servers

Improvements
* Reworked and improved the TLS dissector
* Reworked Kerberos dissector
* Improved DNS response decoding
* Support for DNS continuous flow dissection
* Improved Python bindings
* Improved Ethereum support
* Improved categories detection with streaming and HTTP
* Support for IP-based detection to compute the application protocol
* Renamed protocol 104 to IEC60870 (more meaningful)
* Added failed authentication support with FTP
* Renamed DNSoverHTTPS to handle bot DoH and DoT
* Implemented stacked DPI decoding
* Improvements for CapWAP and Bloomberg
* Improved SMB dissection
* Improved SSH dissection
* Added capwap support
* Modified API signatures for ndpi_ssl_version2str / ndpi_detection_giveup
* Removed ndpi_pref_http_dont_dissect_response / ndpi_pref_dns_dont_dissect_response (replaced by ndpi_extra_dissection_possible)

Fixes
* Fixed memory invalid access in SMTP and leaks in TLS
* Fixed a few memory leaks
* Fixrd invalid memory access in a few protocol dissectors (HTTP, memcached, Citrix, STUN, DNS, Amazon Video, TLS, Viber)
* Fixed IPv6 address format across the various platforms/distributions
* Fixed infinite loop in ndpi_workflow_process_packet
* Fixed SHA1 certificate detection
* Fixed custom protocol detection
* Fixed SMTP dissection (including email)
* Fixed Telnet dissection and invalid password report
* Fixed invalid category matching in HTTP
* Fixed Skype and STUN false positives
* Fixed SQL Injection detection
* Fixed invalid SMBv1 detection
* Fixed SSH dissection
* Fixed ndpi_ssl_version2str
* Fixed ndpi_extra_dissection_possible
* Fixed out of bounds read in ndpi_match_custom_category

Misc
* ndpiReader
  * CSV output enhancements
  * Added tunnelling decapsulation
  * Improved HTTP reporting

nDPI 3.0:

New Features
* nDPI now reports the protocol ASAP even when specific fields have not yet been dissected because such packets have not yet been observed. This is important for inline applications that can immediately act on traffic. Applications that need full dissection need to call the new API function ndpi_extra_dissection_possible() to check if metadata dissection has been completely performed or if there is more to read before declaring it completed.
* TLS (formerly identified as SSL in nDPI v2.x) is now dissected more deeply, certificate validity is extracted as well certificate SHA-1.
* nDPIreader can now export data in CSV format with option `-C`
* Implemented Sequence of Packet Length and Time (SPLT) and Byte Distribution (BD) as specified by Cisco Joy (https://github.com/cisco/joy). This allows malware activities on encrypted TLS streams. Read more at https://blogs.cisco.com/security/detecting-encrypted-malware-traffic-without-decryption
  * Available as library and in `ndpiReader` with option `-J`
* Promoted usage of protocol categories rather than protocol identifiers in order to classify protocols. This allows application protocols to be clustered in families and thus better managed by users/developers rather than using hundred of protocols unknown to most of the people.
* Added Inter-Arrival Time (IAT) calculation used to detect protocol misbehaviour (e.g. slow-DoS detection)
* Added data analysis features for computign metrics such as entropy, average, stddev, variance on a single and consistent place that will prevent when possible. This should ease traffic analysis on monitoring/security applications. New API calls have been implemented such as ndpi_data_XXX() to handle these calculations.
* Initial release of Python bindings available under nDPI/python.
* Implemented search of human readable strings for promoting data exfiltration detection
  * Available as library and in `ndpiReader` with option `-e`
* Fingerprints
  * JA3 (https://github.com/salesforce/ja3)
  * HASSH (https://github.com/salesforce/hassh)
  * DHCP
* Implemented a library to serialize/deserialize data in both Type-Length-Value (TLV) and JSON format
  * Used by nProbe/ntopng to exchange data via ZMQ

New Supported Protocols and Services

* DTLS (i.e. TLS over UDP)
* Hulu
* TikTok/Musical.ly
* WhatsApp Video
* DNSoverHTTPS
* Datasaver
* Line protocol
* Google Duo and Hangout merged
* WireGuard VPN
* IMO
* Zoom.us

Improvements

* TLS
  * Organizations
  * Ciphers
  * Certificate analysis
* Added PUBLISH/SUBSCRIBE methods to SIP
* Implemented STUN cache to enhance matching of STUN-based protocols
* Dissection improvements
  * Viber
  * WhatsApp
  * AmazonVideo
  * SnapChat
  * FTP
  * QUIC
  * OpenVPN support for UDP-based VPNs
  * Facebook Messenger mobile
  * Various improvements for STUN, Hangout and Duo
* Added new categories: CUSTOM_CATEGORY_ANTIMALWARE, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_CATEGORY_VIDEO, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_CATEGORY_PRODUCTIVITY and NDPI_PROTOCOL_CATEGORY_FILE_SHARING
* Added NDPI_PROTOCOL_DANGEROUS classification

Fixes

* Fixed the dissection of certain invalid DNS responses
* Fixed Spotify dissection
* Fixed false positives with FTP and FTP_DATA
* Fix to discard STUN over TCP flows
* Fixed MySQL dissector
* Fix category detection due to missing initialization
* Fix DNS rsp_addr missing in some tiny responses
* Various hardening fixes

(adam)

py-onionbalance: python/application.mk not longer needed

(adam)

wine: make it build on Darwin

(adam)

Added databases/py-pypika

(adam)

Re-depend on py-pypika as it has been imported

(adam)

py-pypika: added version 0.37.6

PyPika is a Python API for building SQL queries. The motivation behind PyPika
is to provide a simple interface for building SQL queries without limiting the
flexibility of handwritten SQL. Designed with data analysis in mind, PyPika
leverages the builder design pattern to construct queries to avoid messy string
formatting and concatenation. It is also easily extended to take full advantage
of specific features of SQL database vendors.

(adam)

py-pyobjc: some frameworks require newer Darwin

(adam)

py-pyobjc-framework-QTKit: fix PLIST

(adam)

py-pyobjc-framework-Security: fix PLIST

(adam)

py-pyobjc-framework-CoreServices: fix PLIST

(adam)

py-pyobjc-framework-FSEvents: fix PLIST

(adam)

py-pyobjc-framework-Contacts: fix PLIST

(adam)

py-pyobjc-framework-CoreLocation: fix PLIST

(adam)

py-pyobjc-framework-CoreData]: PLIST fix

(adam)

Updated devel/libuv

(adam)

libuv: updated to 1.38.0

Version 1.38.0
* test: skip poll_duplex and poll_unidirectional on PASE
* linux: make cpu_times consistently be milliseconds
* win: DRY uv_poll_start() and uv_poll_stop()
* win: DRY uv_poll_close()
* unix,win: add uv_library_shutdown()
* unix: yield cpu when spinlocking on async handle
* win: remove dep on GetQueuedCompletionStatusEx
* doc: correct source lines
* build,android: fix typo
* doc: uv_cancel() handles uv_random_t requests
* doc: fix unescaped character
* build,cmake: fix compilation on old MinGW
* build: remove unnessesary MSVC warnings
* win: make uv_udp_init_ex() accept UV_UDP_RECVMMSG
* unix: simplify uv__udp_init_ex()
* win: remove MAX_PATH limitations
* build, win: add long path aware manifest
* doc: check/idle/prepare functions always succeed
* darwin: fix build with non-apple compilers
* win: support environment variables > 32767 chars
* unix: fully initialize struct msghdr
* doc: add uv_replace_allocator thread safety warning
* unix: fix int overflow when copying large files
* fs: report original error
* win, fs: add IO_REPARSE_TAG_APPEXECLINK support
* doc: fix formatting
* unix: fix memory leak when uv_loop_init() fails
* unix: shrink uv_udp_set_source_membership() stack
* unix,win: fix wrong sizeof argument to memcpy()
* build: check for libraries not provided by libc
* doc: fix the order of arguments to calloc()
* unix: don't abort when getrlimit() fails
* test: support common user profile on IBMi
* build: test on more platforms via QEMU in CI

(adam)

Updated emulators/fs-uae, emulators/fs-uae-arcade, emulators/fs-uae-launcher

(adam)

fs-uae*: updated to 3.0.5

3.0.5:
Unknown changes

3.0.3:
Fixed crash when starting the Launcher in a KDE environment.

(adam)

Removed security/py-SSLCrypto, sysutils/py-attic

(adam)

py-attic: removed, does not build any longer

(adam)

py-SSLCrypto: removed, does not build any longer

(adam)

Updated devel/py-xdis, lang/py-uncompyle6

(adam)

py-uncompyle6: updated to 3.7.0

3.7.0:
The main impetus for this release is to pull in the recent changes from xdis.
We simplify imports using xdis 4.6.0.

(adam)

py-xdis: updated to 4.6.0

4.6.0:
3.8.3 added as a valid 3.8 release
command program pydisasm disassembles more Python source files now
Add better argument formatting on CALL_FUNCTION and MAKE_FUNCTION
bytecode.py now has distb
opcode modules now have variable python_implementation which is either "CPython" or "PyPY"
Reformat a number of files using blacken, and lint using flymake
Update __init__.py exports based on what is used in projects uncompyle6, decompyle3, trepan3k,
xasm and x-python
Remove duplicate findlinestarts() code. Remove testing on the Python version and simplify
this where possible.
get_opcode_module allows either a float and string datatype for the version, and coverts
the bytecode datatype when needed
Fix a bugs in marshal and unmarshal

(adam)

Added devel/py-aiounittest, databases/py-aiosqlite, time/py-ciso8601, databases/py-tortoise-orm

(adam)

py-tortoise-orm: added version 0.16.12

Tortoise ORM is an easy-to-use asyncio ORM (Object Relational Mapper) inspired
by Django.

Tortoise ORM was build with relations in mind and admiration for the excellent
and popular Django ORM. It's engraved in it's design that you are working not
with just tables, you work with relational data.

(adam)

py-ciso8601: added version 2.1.3

ciso8601 converts ISO 8601 or RFC 3339 date time strings into Python datetime
objects. Since it's written as a C module, it is much faster than other Python
libraries.

(adam)

py-aiosqlite: added version 0.13.0

AsyncIO bridge to the standard sqlite3 module for Python 3.5+.

(adam)

py-aiounittest: added version 1.3.1

The aiounittest is a helper library to ease of your pain (and boilerplate),
when writing a test of the asynchronous code (asyncio). You can test:
* synchronous code (same as the unittest.TestCase)
* asynchronous code, it supports syntax with async/await (Python 3.5+) and
  asyncio.coroutine/yield from (Python 3.4)

(adam)

py-ecdsa: python/application.mk is not needed

(adam)

py-netaddr: update HOMEPAGE

(adam)

Updated textproc/py-elementpath, devel/py-flake8, textproc/py-lxml, net/py-zeroconf

(adam)

py-zeroconf: updated to 0.26.2

0.26.2:
Unknown changes

(adam)

py-lxml: updated to 4.5.1

4.5.1:
Bugs fixed
* Fix failures when serialising documents larger than 2GB in some cases.
* ``QName`` values were not accepted by the ``el.iter()`` method.
* The build failed to detect libraries on Linux that are only
  configured via pkg-config.

(adam)

py-flake8: updated to 3.8.2

3.8.2:

Bugs Fixed
- Improve performance by eliminating unncessary sort
- Improve messaging of ``--jobs`` argument by utilizing ``argparse``
- Fix file configuration options to be relative to the config passed on the
  command line
- Fix incorrect handling of ``--extend-exclude`` by treating its values as
  files

(adam)

py-elementpath: updated to 1.4.5

v1.4.5:
* Fix tokenizer and parsers for ambiguities between symbols and names

(adam)

Updated databases/sqlite3, databases/sqlite3-docs, databases/sqlite3-tcl, devel/lemon

(adam)

sqlite3: updated to 3.32.0

SQLite Release 3.32.0:

Added support for approximate ANALYZE using the PRAGMA analysis_limit command.
Added the bytecode virtual table.
Add the checksum VFS shim to the set of run-time loadable extensions included in the source tree.
Added the iif() SQL function.
INSERT and UPDATE statements now always apply column affinity before computing CHECK constraints. This bug fix could, in theory, cause problems for legacy databases with unorthodox CHECK constraints the require the input type for an INSERT is different from the declared column type. See ticket 86ba67afafded936 for more information.
Added the sqlite3_create_filename(), sqlite3_free_filename(), and sqlite3_database_file_object() interfaces to better support of VFS shim implementations.
Increase the default upper bound on the number of parameters from 999 to 32766.
Added code for the UINT collating sequence as an optional loadable extension.
Enhancements to the CLI:
Add options to the .import command: --csv, --ascii, --skip
The .dump command now accepts multiple LIKE-pattern arguments and outputs the union of all matching tables.
Add the .oom command in debugging builds
Add the --bom option to the .excel, .output, and .once commands.
Enhance the .filectrl command to support the --schema option.
The UINT collating sequence extension is automatically loaded
The ESCAPE clause of a LIKE operator now overrides wildcard characters, so that the behavior now matches what PostgreSQL does.

(adam)

MySQL 5.5 and PostgreSQL 9.4 are no longer with us

(adam)

Removed databases/mysql55* and databases/postgresql94*

(adam)

Retired mysql55 and postgresql94 packages

(adam)

Updated devel/py-pyobjc

(adam)

py-pyobjc: updated to 6.2

Version 6.2

The project has moved from Bitbucket to Github

Remove most remnants of Python 2 support

Clean up code quality issues found using flake8

Add pre-commit hook to run black on all Python code.

Fix protocol conformance testing when explicitly implementing a protocol

Before this bugfix a class explicitly conforming to a protocol could not implement any method that wasn窶冲 declared in the protocol, the bridge would erroneously raise an exception when checking the additional method.

Issue reported by Georg Seifert.

Fix Python 3 issues in PyObjCTools.Conversion

Reported by vinolin asokan.

PyObjCTools.Conversio.propertyListFromPythonCollection didn窶冲
recursively convert members of lists and tuples.

PyObjCTools.Conversio.propertyListFromPythonCollection and PyObjCTools.Conversio.pythonCollectionFromPropertyList now support sets.

Update metadata for Xcode 11.4 (beta 2)

Added bindings for framework AutomaticAssessmentConfiguration.framework introduced in macOS 10.15.4

In some cases the compiler uses the type encoding 窶弯{NSObject=#}窶� instead of 窶廖窶�.

Reported by Georg Seifert.

Added bindings for the Metal framework (new in macOS 10.11)

Most framework bindings now use the limited ABI for the included C extensions, reducing the number of wheels that are needed. The exception are the bindings for Cocoa, Quartz and libdispatch, those use functionality not available in the limited ABI.

The bridge itself (pyobjc-core) still uses the full CPython API.

The CoreAudio bindings also don窶冲 use the limited ABI for now, those need more work to work with that ABI.

(adam)

SDL2: use platform-dependend shared library suffix in cmake config files (fixes builds on Darwin)

(adam)

Updated games/wesnoth, net/terraform-provider-aws

(adam)

terraform-provider-aws: updated to 2.63.0

v2.63.0

FEATURES:
New Data Source: aws_efs_access_point
New Data Source: aws_wafv2_ip_set
New Data Source: aws_wafv2_regex_pattern_set
New Resource: aws_efs_access_point
New Resource: aws_efs_file_system_policy
New Resource: aws_wafv2_ip_set
New Resource: aws_wafv2_regex_pattern_set

ENHANCEMENTS:
resource/aws_ssm_document: Add document_version attribute
data-source/aws_ram_resource_share: Add owning_account_id attribute
data-source/aws_lb: Add ip_address_type attribute
data-source/aws_lb_target_group: Add load_balancing_algorithm_type attribute
data-source/aws_rds_cluster: backtrack_window attribute now available
resource/aws_codebuild_webhook: Support COMMIT_MESSAGE value in filter types
resource/aws_cognito_identity_pool_roles_attachment: Add import support
resource/aws_ecs_service: Add force_new_deployment argument
resource/aws_ecs_service: Support in-place updates for ordered_placement_strategy and placement_constraints
resource/aws_eks_node_group: Add force_update_version argument
resource/aws_glue_connection: Add arn argument
resource/aws_iot_topic_rule: Add tags argument

BUG FIXES:
resource/aws_ssm_activation: expired now properly set
resource/aws_redshift_security_group: The resource is now importable
resource/cloudwatch_log_metric_filter: metric_transformation default_value now properly set
data-source/aws_db_instance: auto_minor_version_upgrade attribute now properly set
resource/aws_autoscaling_group: tags propagate_at_launch attribute now properly set
resource/aws_eks_node_group: Only pass release_version value during UpdateNodegroupVersion if changed
resource/aws_network_acl: Fix issue with updating subnet associations returning InvalidAssociationID.NotFound

(adam)

wesnoth: updated to 1.14.12

Version 1.14.12

Add-ons client
* Ensure the client doesn't re-download dependencies that have just been updated during an Update All
  run by re-reading add-on versions after each update batch.
Add-ons server
* Don't send restricted attributes at all, rather than sending them as an empty string.
Campaigns
* General:
  * Fixed instances of multiple [avoid] tags being used.
  * Used more appropriate castle/encampment terrains.
* Descent into Darkness:
  * S7: Correctly call Taylor a general.
  * S9: Spelling fix.
  * S11: Reduced boss difficulty and fixed ghost units not being correctly recalled.
* Heir to the Throne:
  * S23: Clarify Bayar's dialogue.
* Northern Rebirth:
  * Fixed enemy naga's triggering an event they shouldn't be triggering.
* Son of the Black Eye:
  * S15: Fix the scenario not ending despite objectives being met in some circumstances.
* Under the Burning Suns:
  * Fixed Sun Shydes dehydrating themselves at night.
  * Dehydration only affects the player's side.
Language and i18n
* Updated translations: British English, Czech, Chinese (Traditional), Dutch, Esperanto,
  Finnish, French, Hungarian, Italian, Japanese, Polish, Portuguese, Portuguese (Brazil),
  Spanish, Swedish.
* Use <game dir>/translations instead of <process working dir>/translations to find core
  translation catalogues on Windows.
Packaging
* Fixed an issue when building using scons and --config=force.
* Fixed creating the lockfile in scons when using python 3.
* Significantly improved the macOS packaging instructions.
Units
* Fixed the team color of the berserker idle animation.
* Fixed typo in Troll race description.
* Fixed the Red Mage using the Mage's idle animation.
User interface
* Fixed a crash on certain screen resolutions due to UI element padding not being able to fit.
* Fixed a crash when trying to preview an unplayable map.
Miscellaneous and bug fixes
* Fixed building with the 64-bit Visual Studio projectfiles.
* Added missing side controllers to two Micro AI scenarios
* Experimental AI retreat CA: bug fix for cure-only abilities
* Forest Animals Micro AI: excluded rabbit holes on map border

(adam)

python/application.mk is not needed any more

(adam)

py-proteus: python/application.mk is not needed any more

(adam)

py-nevow: python/application.mk is not needed any more

(adam)

revbump for multimedia/libdvdread; requested by leot@

(adam)

revbump after updating security/nettle

(adam)

Updated security/nettle, net/py-aio-pika

(adam)

py-aio-pika: updated to 6.6.1

6.6.1
Add generics to Pool and PoolItemContextManager
Fix Docs for DeliveryError

(adam)

nettle: updated to 3.6

Nettle 3.6:

This release adds a couple of new features, most notable being
support for ED448 signatures.

It is not binary compatible with earlier releases. The shared
library names are libnettle.so.8.0 and libhogweed.so.6.0, with
sonames nibnettle.so.8 and libhogweed.so.6. The changed
sonames are mainly to avoid upgrade problems with recent
GnuTLS versions, that depend on Nettle internals outside of
the advertised ABI. But also because of the removal of
internal poly1305 functions which were undocumented but
declared in an installed header file, see Interface changes
below.

New features:

* Support for Curve448 and ED448 signatures. Contributed by
  Daiki Ueno.

* Support for SHAKE256 (SHA3 variant with arbitrary output
  size). Contributed by Daiki Ueno.

* Support for SIV-CMAC (Synthetic Initialization Vector) mode,
  contributed by Nikos Mavrogiannopoulos.

* Support for CMAC64, contributed by Dmitry Baryshkov.

* Support for the "CryptoPro" variant of the GOST hash
  function, as gosthash94cp. Contributed by Dmitry Baryshkov.

* Support for GOST DSA signatures, including GOST curves
  gc256b and gc512a. Contributed by Dmitry Baryshkov.

* Support for Intel CET in x86 and x86_64 assembly files, if
  enabled via CFLAGS (gcc --fcf-protection=full). Contributed
  by H.J. Lu and Simo Sorce.

* A few new functions to improve support for the Chacha
  variant with 96-bit nonce and 32-bit block counter (the
  existing functions use nonce and counter of 64-bit each),
  and functions to set the counter. Contributed by Daiki Ueno.

* New interface, struct nettle_mac, for MAC (message
  authentication code) algorithms. This abstraction is only
  for MACs that don't require a per-message nonce. For HMAC,
  the key size is fixed, and equal the digest size of the
  underlying hash function.

Bug fixes:

* Fix bug in cfb8_decrypt. Previously, the IV was not updated
  correctly in the case of input data shorter than the block
  size. Reported by Stephan Mueller, fixed by Daiki Ueno.

* Fix configure check for __builtin_bswap64, the incorrect
  check would result in link errors on platforms missing this
  function. Patch contributed by George Koehler.

* All use of old-fashioned suffix rules in the Makefiles have
  been replaced with %-pattern rules. Nettle's use of suffix
  rules in earlier versions depended on undocumented GNU make
  behavior, which is being deprecated in GNU make 4.3.

  Building with other make programs than GNU make is untested
  and unsupported. (Building with BSD make or Solaris make
  used to work years ago, but has not been tested recently).

Interface changes:

* Declarations of internal poly1305.h functions have been
  removed from the header file poly1305.h, to make it clear
  that they are not part of the advertised API or ABI.

Miscellaneous:

* Building the public key support of nettle now requires GMP
  version 6.1.0 or later (unless --enable-mini-gmp is used).

* A fair amount of changes to ECC internals, with a few
  deleted and a few new fields in the internal struct
  ecc_curve. Files and functions have been renamed to more
  consistently match the curve name, e.g., ecc-256.c has been
  renamed to ecc-secp256r1.c.

* Documentation for chacha-poly1305 updated. It is no longer
  experimental. The implementation was updated to follow RFC
  8439 in Nettle-3.1, but that was not documented or announced
  at the time.

(adam)

Updated multimedia/ffmpeg4, multimedia/ffplay4

(adam)

ffmpeg4/ffplay4: updated to 4.2.3

version 4.2.3
- avcodec/pnmdec: Use unsigned for maxval rescaling
- avcodec/ivi: Clear got_p_frame before decoding a new frame using it
- avcodec/dsddec: Check channels
- avcodec/xvididct: Fix integer overflow in idct_row()
- avcodec/wmalosslessdec: Fix integer overflows in revert_inter_ch_decorr()
- avcodec/cbs_jpeg: Fix infinite loop in cbs_jpeg_split_fragment()
- avformat/mpegenc: Fix integer overflow with AV_NOPTS_VALUE
- avformat/swfenc: Fix integer overflow in frame rate handling
- avformat/aadec: Check toc_size to contain the minimum to demuxer uses
- avcodec/cbs_h265_syntax_template: Limit num_long_term_pics more strictly
- ffplay: set stream_index to -1 earlier to prevent segfault
- avformat/mov: Free temp buffer upon negative sample_size error.
- avformat/matroskadec: Improve forward compability
- avformat/matroskadec: Don't discard valid packets
- avformat/matroskaenc: Don't segfault when seekability changes
- avformat/utils: Fix memleaks
- avformat/utils: Fix memleaks in avformat_open_input()
- avfilter/vf_dedot: Fix leak of AVFrame if making it writable fails
- avfilter/vf_paletteuse: Fix potential double-free of AVFrame
- avformat/mov: Don't leak MOVFragmentStreamInfo on error
- avformat/mov: Free encryption data on error
- fftools/ffmpeg: Free swresample dictionary during cleanup
- avcodec/mediacodec_wrapper: fix {input,output}_buffers global reference leak
- avformat/webm_chunk: Close IO if writing header fails
- avcodec/cavsdsp: Fix undefined left shifts of negative numbers
- avcodec/ra144enc: Fix invalid left shift of negative number
- avcodec/adxenc: Avoid undefined left shift of negative numbers
- avcodec/adpcm: Fix undefined left shifts of negative numbers
- avcodec/proresenc_anatoliy: Fix invalid left shift of negative number
- avformat/aviobuf: Honor avio_open[2] documentation
- avcodec/cinepakenc: Fix invalid shifts
- avfilter/vf_xbr: Fix left shift of negative number
- avfilter/vf_hqx: Fix undefined left shifts of negative numbers
- avcodec/jpeg2000dwt: Fix undefined shifts of negative numbers
- avcodec/ituh263dec: Fix undefined left shift of negative number
- avcodec/dnxhdenc: Fix undefined left shifts of negative numbers
- swscale/utils: Fix invalid left shifts of negative numbers
- swscale/x86/swscale: Fix undefined left shifts of negative numbers
- fftools/ffmpeg_opt: Fix signed integer overflow
- avcodec/exr: Fix undefined left shifts of negative numbers
- avformat/movenc: Fix undefined shift
- avcodec/pcm: Fix undefined shifts
- avcodec/wavpackenc: Fix undefined shifts
- avutil/encryption_info: Don't pass NULL to memcpy
- avcodec/ac3enc: Fix memleak
- avcodec/ac3enc: Fix invalid shift
- avcodec/g723_1dec: Fix invalid shift
- avcodec/tdsc: Fix undefined shifts
- avcodec/ttaenc: Fix undefined shift
- avformat/avidec: Fix memleak with embedded GAB2 subtitles
- avformat/matroskadec: Don't discard the upper 32bits of TrackNumber
- dump_extradata: Insert extradata even for small packets
- avformat/segafilmenc: Fix undefined left shift of 1 by 31 places
- avformat/wtvdec: Fix memleak when reading header fails
- avformat/dashenc: Fix leak of AVFormatContext on error
- avformat/fitsdec: Fix potential leak of string in AVBPrint
- avformat/matroskadec: Sanitize SeekHead entries
- avformat/matroskaenc: Fix memleak upon encountering bogus chapter
- avformat/matroskaenc: Make ebml_num_size() more robust
- avformat/oggenc: Don't free AVStream's priv_data, fix memleak
- avformat/utils: Fix memleak when decoding subtitle in find_stream_info
- fftools/ffmpeg_opt: Check attachment filesize
- avformat/mpeg: Don't use unintialized value
- avformat/webmdashenc: Check codec types
- avformat/webmdashenc: Fix memleak upon realloc failure
- avformat/subtitles: Don't increment packet counter prematurely
- avformat/bethsoftvid: Fix potential memleak upon reallocation failure
- avformat/smoothstreaming: Fix memleaks on errors
- avformat/matroskaenc: Check BlockAdditional size before use
- avformat/matroskaenc: Check functions that can fail
- avformat/matroskaenc: Check for reformatting errors
- avformat/matroskadec: Check before allocations
- avfilter/vf_unsharp: Don't dereference NULL
- avcodec/zmbvenc: Correct offset in buffer
- avcodec/cbs_h2645: Fix potential out-of-bounds array access
- avformat/mov: Don't allow negative sample sizes.
- mpeg4videoenc: Don't crash with -fsanitize=bounds
- avformat/mpegts: Shuffle avio_seek
- avcodec/binkaudio: Fix 2Ghz sample_rate
- avcodec/adpcm: Fix integer overflow in ADPCM THP
- avcodec/ralf: Check num_blocks before use
- avcodec/iff: Test video_size being non zero
- avcodec/utvideodec: Fix integer overflow in decode_plane()
- avcodec/ttadsp: Fix several integer overflows in tta_filter_process_c()
- avcodec/ralf: Fix integer overflow in decode_block()
- avcodec/nuv: widen buf_size type
- avcodec/iff: Fix several integer overflows
- avcodec/g729postfilter: Clip gain before scaling with AGC_FAC1
- avcodec/alac: Fix integer overflow with 24/20bps samples
- avcodec/dstdec: Check sample rate
- avformat/thp: Require a video stream
- avformat/mpeg: Decrease score by 1 for files with very little valid data
- avcodec/pngdec: Check length in fdAT
- avcodec/g2meet: Check tile_width in epic_jb_decode_tile()
- avcodec/hapdec: Check tex_size more strictly and before using it
- avcodec/vp9dsp_template: Fix integer overflows in idct32_1d()
- avcodec/alacdsp: Fix invalid shift in append_extra_bits()
- libavcodec/wmalosslessdec: prevent sum of positive numbers from becoming negative
- avcodec/dstdec: Fix integer overflow in read_table()
- avcodec/txd: Check for input size against the header size.
- avcodec/svq1dec: Check that there is data left after the header
- avcodec/cbs_h265_syntax_template: Check num_negative/positive_pics when inter_ref_pic_set_prediction_flag is set
- avcodec/intrax8: Check for end of bitstream in ff_intrax8_decode_picture()
- avcodec/hevc_mp4toannexb_bsf: Check nalu_size
- avcodec/iff: Check length before memcpy() in decode_deep_rle32()
- avcodec/iff: Fix invalid pointer intermediates in decode_deep_rle32()
- avcodec/pngdec: Pass ret from decode_iccp_chunk()
- avcodec/rv40dsp: Fix integer overflows in rv40_weight_func_*()
- avcodec/ac3dec_fixed: Fix several invalid left shifts in scale_coefs()
- avcodec/flac_parser: Do not lose header count in find_headers_search()
- avcodec/audiodsp: Fix integer overflow in scalarproduct_int16_c()
- avcodec/cbs_jpeg_syntax_template: Check array index in huffman_table()
- avcodec/cbs_jpeg_syntax_template: Check table index before use in dht()
- avformat/oggdec: Check for EOF after page header
- swscale/yuv2rgb: Fix vertical dither offset with slices
- avcodec/dpcm: clip exponent into supported range in XAN DPCM
- avcodec/flacdsp_template: Fix invalid shifts in decorrelate
- avcodec/xvididct: Fix integer overflow in MULT()
- avcodec/ffwavesynth: Correct undefined overflow of PINK_UNIT
- avcodec/cbs_h264_syntax_template: fix off by 1 error with slice_group_change_cycle
- swscale/output: Fix integer overflow in yuv2rgb_write_full() with out of range input
- swscale/output: Fix integer overflow in alpha computation in yuv2gbrp16_full_X_c()
- libavformat/amr.c: Check return value from avio_read()
- libavformat/mov.c: Free aes_decrypt to avoid leaking memory
- libavformat/oggdec.c: Check return value from avio_read()
- avformat/asfdec_f: Fix overflow check in get_tag()
- avformat/nsvdec: Fix memleaks on errors while reading the header
- avcodec/ffwavesynth: Fix integer overflow in computation of ddphi
- avcodec/cbs_jpeg: Check length for SOS
- avcodec/adpcm: Fix invalid shift in AV_CODEC_ID_ADPCM_PSX
- avcodec/mpeg12dec: Fix invalid shift in mpeg2_fast_decode_block_intra()
- avcodec/cbs_h2645: Treat slices without data as invalid
- avcodec/cbs_h2645: Remove dead code to delete trailing zeroes
- avcodec/cbs_av1_syntax_template: Set seen_frame_header only after successfull uncompressed_header()
- avcodec/mpegaudioenc_template: fix invalid shift of sample
- avcodec/motion_est_template: Fix invalid shifts in no_sub_motion_search()
- libavformat/avienc: Check bits per sample for PAL8
- avformat/mpegts: Improve the position determination for avpriv_mpegts_parse_packet()
- avcodec/magicyuv: Check that there are enough lines for interlacing to be possible
- avformat/mvdec: Check stream numbers
- avcodec/pcm: Fix invalid shift in AV_CODEC_ID_PCM_LXF
- avcodec/qdm2: Check fft_coefs_index
- avformat/utils: Fix integer overflow with complex time bases in avformat_find_stream_info()
- avformat/avidec: Avoid integer overflow in NI switch check
- fftools/ffmpeg: Fix integer overflow in duration computation in seek_to_start()
- avfilter/vf_aspect: Fix integer overflow in compute_dar()
- avcodec/apedec: Fix invalid shift with 24 bps
- avformat/utils: Fix undefined behavior in ff_configure_buffers_for_index()
- avcodec/dpcm: Fix integer overflow in AV_CODEC_ID_GREMLIN_DPCM
- avcodec/wmalosslessdec: Fix integer overflow with sliding in padding bits
- avcodec/wmalosslessdec: Fix loop in revert_acfilter()
- avcodec/agm: YUV420 without DCT needs even dimensions
- avcodec/agm: Test remaining data in decode_raw_intra_rgb()
- avcodec/lagarith: Sanity check scale
- avcodec/apedec: Fix integer overflows in predictor_decode_mono_3950()
- avcodec/ralf: Fix integer overflow in apply_lpc()
- avcodec/dca_lbr: Fix some error codes and error passing
- avcodec/wmavoice: Fix rounding and integer anomalies in calc_input_response()
- avcodec/wmavoice: sanity check block_align
- avcodec/pcm: Fix invalid shift in pcm_decode_frame for LXF
- avcodec/snappy: Sanity check bytestream2_get_levarint()
- avcodec/mlpdsp: Fix a invalid shift in ff_mlp_rematrix_channel()
- avcodec/avdct: Clear IDCTDSPContext context
- avcodec/x86/diracdsp: Fix high bits on Windows x86_64
- tests/fate/lavf-video.mak: fix fate-lavf-gif dependencies
- avformat/mov: Check STCO location
- avcodec/wmalosslessdec: Fix multiple integer overflows
- avcodec/apedec: Fix undefined integer overflow in decode_array_0000()
- avcodec/smacker: Check space before decoding type
- avcodec/rawdec: Use linesize in b64a
- avcodec/iff: Over-allocate ham_palbuf for HAM6 IFF-PBM
- avcodec/x86/diracdsp: Fix incorrect src addressing in dequant_subband_32()
- avfilter/vf_find_rect: Remove assert
- avfilter/vf_find_rect: Increase worst case score
- swscale/input: Fix several invalid shifts related to rgb2yuv constants
- swscale/output: Fix several invalid shifts in yuv2rgb_full_1_c_template()
- swscale/swscale: Fix several invalid shifts related to vChrDrop
- avcodec/hevc_mp4toannexb_bsf: check that nalu size doesnt overflow
- avcodec/hevc_mp4toannexb_bsf: Avoid NULL memcpy()
- avcodec/cbs_av1: Check leb128 values read
- avcodec/wmalosslessdec: move channel check up
- avcodec/cbs_h2645: Skip all 0 NAL units
- avcodec/adpcm: Fix overflow in FFABS() IMA_EA_EACS
- avcodec/alac: Fix integer overflow in LPC coefficient adaption
- avcodec/g729postfilter: Optimize out overflowing multiplication from apply_tilt_comp()
- avcodec/vc1dec: Check field_mode for sprites
- avcodec/vc1dec: Limit bits by the actual bitstream size
- avcodec/vmdaudio: Check block_align more
- configure: bump year
- avcodec/pgssubdec: Free subtitle on error
- avcodec/nvenc: use framerate if available
- avcodec/cbs_h265: fix writing extension_data bits
- avcodec/nvenc: offset dts to account for b-frame reordering
- Revert "avformat/rtp: Pass sources and block filter addresses via sdp file for rtp"
- avformat/matroskadec: Fix default value of BlockAddID
- avformat/dashdec: Don't allocate and leak strings that are never used
- avformat/matroskaenc: Write level 1 elements in one go
- avformat/rtp: Pass sources and block filter addresses via sdp file for rtp
- avformat/bintext: avoid division by zero

(adam)

Updated devel/protobuf, devel/py-protobuf

(adam)

py-protobuf: updated to 3.12.1

Protocol Buffers v3.12.0

Python
[experimental] Added proto3 presence support.
[experimental] fast import protobuf module, only works with cpp generated code linked in.
Truncate 'float' fields to 4 bytes of precision in setters for pure-Python
implementation (C++ extension was already doing this).
Fixed a memory leak in C++ bindings.
Added a deprecation warning when code tries to create Descriptor objects
directly.
Fix unintended comparison between bytes and string in descriptor.py.
Avoid printing excess digits for float fields in TextFormat.
Remove Python 2.5 syntax compatibility from the proto compiler generated _pb2.py module code.
Drop 3.3, 3.4 and use single version docker images for all python tests

(adam)

protobuf: updated to 3.12.1

Protocol Buffers v3.12.1

Ruby
Re-add binary gems for Ruby 2.3 and 2.4. These are EOL upstream, however
many people still use them and dropping support will require more
coordination.

Protocol Buffers v3.12.0

Protocol Compiler
[experimental] Singular, non-message typed fields in proto3 now support
presence tracking. This is enabled by adding the "optional" field label and
passing the --experimental_allow_proto3_optional flag to protoc.
For usage info, see docs/field_presence.md.
During this experimental phase, code generators should update to support
proto3 presence, see docs/implementing_proto3_presence.md for instructions.
Allow duplicate symbol names when multiple descriptor sets are passed on
the command-line, to match the behavior when multiple .proto files are passed.
Deterministic protoc --descriptor_set_out

C++
[experimental] Added proto3 presence support.
New descriptor APIs to support proto3 presence.
Fix for 7463 in -rc1 (core dump mixing optional and singular fields in proto3)
Enable Arenas by default on all .proto files.
Documented that users are not allowed to subclass Message or MessageLite.
Mark generated classes as final; inheriting from protos is strongly discouraged.
Add stack overflow protection for text format with unknown fields.
Add accessors for map key and value FieldDescriptors.
Add FieldMaskUtil::FromFieldNumbers().
MessageDifferencer: use ParsePartial() on Any fields so the diff does not
fail when there are missing required fields.
ReflectionOps::Merge(): lookup messages in the right factory, if it can.
Added Descriptor::WellKnownTypes enum and Descriptor::well_known_type()
accessor as an easier way of determining if a message is a Well-Known Type.
Optimized RepeatedField::Add() when it is used in a loop.
Made proto move/swap more efficient.
De-virtualize the GetArena() method in MessageLite.
Improves performance of json_stream_parser.cc by factor 1000
bug: 7076 undefine Windows OUT and OPTIONAL macros
Fixed a bug in FieldDescriptor::DebugString() that would erroneously print
an "optional" label for a field in a oneof.
Fix bug in parsing bool extensions that assumed they are always 1 byte.
Fix off-by-one error in FieldOptions::ByteSize() when extensions are present.
Clarified the comments to show an example of the difference between
Descriptor::extension and DescriptorPool::FindAllExtensions.
Add a compiler option 'code_size' to force optimize_for=code_size on all
protos where this is possible.

(adam)

py-jedi: add TEST_DEPENDS

(adam)

Updated devel/py-cython, www/py-httplib2

(adam)

py-httplib2: updated to 0.18.1

0.18.1
explicit build-backend workaround for pip build isolation bug
"AttributeError: 'module' object has no attribute '__legacy__'" on pip install

(adam)

py-cython: updated to 0.29.19

0.29.19:
Bugs fixed
* A typo in Windows specific code in 0.29.18 was fixed that broke "libc.math".
* A platform specific test failure in 0.29.18 was fixed.

(adam)

Updated www/py-httplib2, net/py-smbc

(adam)

py-smbc: updated to 1.0.22

New in 1.0.22:
* Add File_seekable
* Rework some routines to fix holes in error checking and potential mem…
* Fix File_read when the current location is not zero
* Add File_flush
* Add File_tell

(adam)

py-httplib2: updated to 0.18.0

0.18.0
IMPORTANT security vulnerability CWE-93 CRLF injection
Force %xx quote of space, CR, LF characters in uri.
Special thanks to Recar https://github.com/Ciyfly for discrete notification.
https://cwe.mitre.org/data/definitions/93.html

0.17.4
Ship test suite in source dist
https://github.com/httplib2/httplib2/pull/168

(adam)

Updated net/wireshark, lang/nodejs

(adam)

nodejs: updated to 14.3.0

Version 14.3.0 (Current)

Notable Changes
REPL previews improvements with autocompletion

The output preview is changed to generate previews for autocompleted input instead of the actual input.

Pressing <enter> during a preview is now going to evaluate the whole string including the autocompleted part. Pressing <escape> cancels that behavior.

Support for Top-Level Await

It's now possible to use the await keyword outside of async functions.

(adam)

wireshark: updated to 3.2.4

Wireshark 3.2.4 Release Notes

What���s New

  The Windows installers now ship with Qt 5.12.8. They previously
  shipped with Qt 5.12.6.

  Bug Fixes

  The following vulnerabilities have been fixed:

    ��� wnpa-sec-2020-08[1] A dissector went awry.

  The following bugs have been fixed:

  New and Updated Features

  There are no new features in this release.

  New Protocol Support

  There are no new protocols in this release.

  Updated Protocol Support

  New and Updated Capture File Support

  There is no new or updated capture file support in this release.

(adam)

Updated devel/meson, x11/gtk3

(adam)

Reset revision

(adam)

gtk3: updated to 3.24.20

Overview of Changes in GTK+ 3.24.20
===================================

* GtkFileChooser:
- Prevent selection changes after overwrite confirmation
- Don't grab focus to the sidebar on click
- Avoid a use-after-free in GtkFileSystemModel

* GtkEmojiChooser:
- Remove blacklist

* GtkAboutDialog:
- Add more licenses

* Adwaita:
- Lower the contrast of checkboxes

* HighContrast:
- Export the same public colors as Adwaita

* OS X:
- Don't filter Escape in input methods

* Windows:
- Infer font settings from system settings

* Translation updates
Brazilian Portuguese
Chinese
Croatian
French
Japanese
Lithuanian
Polish
Spanish
Swedish
Turkish
Ukrainian

(adam)

meson: updated to 0.54.2

0.54.2:
Bug fixes

(adam)

Updated databases/ldb, net/samba4

(adam)

net/samba4 databases/ldb: updated to 4.12.3 2.1.3

Changes 4.12.3:
* BUG 14301: Fix smbd panic on force-close share during async io.
* BUG 14343: s3: vfs_full_audit: Add missing fcntl entry in vfs_op_names[]
  array.
* BUG 14361: vfs_io_uring: Fix data corruption with Windows clients.
* BUG 14372: Fix smbd crashes when MacOS Catalina connects if iconv
  initialization fails.
* BUG 14150: Exporting from macOS Adobe Illustrator creates multiple copies.
* BUG 14256: smbd does a chdir() twice per request.
* BUG 14320: smbd mistakenly updates a file's write-time on close.
* BUG 14350: vfs_shadow_copy2: implement case canonicalisation in
  shadow_copy2_get_real_filename().
* BUG 14375: Fix Windows 7 clients problem after upgrading samba file server.
* BUG 14359: s3: Pass DCE RPC handle type to create_policy_hnd.
* BUG 14155: Fix uxsuccess test with new MIT krb5 library 1.18.
* BUG 14342: mit-kdc: Explicitly reject S4U requests.
* BUG 14352: dbwrap_watch: Set rec->value_valid while returning nested
  share_mode_do_locked().
* BUG 14345: lib:util: Fix smbclient -l basename dir.
* BUG 14336: s3:libads: Fix ads_get_upn().
* BUG 14348: ctdb: Fix a memleak.
* BUG 14366: Malicous SMB1 server can crash libsmbclient.
* BUG 14330: ldb: Bump version to 2.1.3, LMDB databases can grow without
  bounds
* BUG 14361: vfs_io_uring: Fix data corruption with Windows clients.
* BUG 14344: s3/librpc/crypto: Fix double free with unresolved credential
  cache.
* BUG 14358: docs-xml: Fix usernames in pam_winbind manpages.

(adam)

Updated databases/repmgr, sysutils/ansible

(adam)

ansible: updated to 2.9.9

v2.9.9

Bugfixes
--------
- Fix an issue with the ``fileglob`` plugin where passing a subdirectory of non-existent directory would cause it to fail - https://github.com/ansible/ansible/issues/69450

v2.9.8
======

Minor Changes
-------------
- Add test for reboot & wait_for_connection on EOS & IOS (https://github.com/ansible/ansible/pull/63014)
- Fixed 'intersect' filter spelling in constructed inventory plugin example.
- Move cli prompt check logic from action to cliconf plugin (https://github.com/ansible/ansible/pull/63945)
- Point inventory script location to their respective version rather than devel version in documentation.
- ansible-test - Now includes testing support for RHEL 8.2
- ansible-test - Remove obsolete support for provisioning remote vCenter instances. The supporting services are no longer available.

Bugfixes
--------
- Collections - Allow a collection role to call a stand alone role, without needing to explicitly add ``ansible.legacy`` to the collection search order within the collection role. (https://github.com/ansible/ansible/issues/69101)
- Fix cli context check for network_cli connection (https://github.com/ansible/ansible/pull/64697)
- Revert 5f6427b1fc7449a5c42212013d3f628665701c3d as it breaks netconf connection
- Role Installation - Ensure that a role containing files with non-ascii characters can be installed (https://github.com/ansible/ansible/issues/69133)
- Update ActionBase._low_level_execute_command to honor executable (https://github.com/ansible/ansible/issues/68054)
- collections - Handle errors better for filters and tests in collections, where a non-existent collection is specified, or importing the plugin results in an exception (https://github.com/ansible/ansible/issues/66721)
- deal with cases in which just a file is pased and not a path with directories, now fileglob correctly searches in 'files/' subdirs.
- dnf - Unified error messages when trying to install a nonexistent package with newer dnf (4.2.18) vs older dnf (4.2.9)
- dnf - Unified error messages when trying to remove a wildcard name that is not currently installed, with newer dnf (4.2.18) vs older dnf (4.2.9)
- hostname - make module work on Manjaro Linux (https://github.com/ansible/ansible/issues/61382)
- mysql_user - fix the error No database selected (https://github.com/ansible/ansible/issues/68070).
- ovirt_disk: add warning when uploading wrong format
- ovirt_disk: upload image auto detect size
- ovirt_network: allow to remove vlan_tag
- pip - The virtualenv_command option can now include arguments without requiring the full path to the binary. (https://github.com/ansible/ansible/issues/52275)
- pip - check_mode with ``state: present`` now returns the correct state for pre-release versioned packages
- postgresql_set - fix converting value to uppercase (https://github.com/ansible/ansible/issues/67377).
- redfish_config - fix support for boolean bios attrs (https://github.com/ansible/ansible/pull/68251)
- service_facts - Now correctly parses systemd list-unit-files for systemd >=245
- sysvinit - Add missing parameter ``module`` in call to ``daemonize()``.
- the default parsing will now show existing JSON errors and not just YAML (last attempted), also we avoid YAML parsing when we know we only want JSON issue
- win_psmodule - Fix TLS 1.2 compatibility with PSGallery.
- win_psrepository - Fix TLS 1.2 compatibility with PSGallery.
- win_psrepository - Fix ``Ignore`` error when trying to retrieve the list of registered repositories
- zabbix_template - no longer fails with KeyError when there are no macros present in existing template (see https://github.com/ansible-collections/community.zabbix/issues/19)

(adam)

repmgr: updated to 5.1.0

5.1.0

repmgr: remove BDR 2.x support
repmgr: don't query upstream's data directory
repmgr: rename --recovery-conf-only to --replication-conf-only
repmgr: ensure postgresql.auto.conf is created with correct permissions
repmgr: minimize requirement to check upstream data directory location
  during "standby clone"
repmgr: warn about missing pg_rewind prerequisites when excuting
  "standby clone"
repmgr: add --upstream option to "node check"
repmgr: report error code on follow/rejoin failure due to non-available
  replication slot
repmgr: ensure "node rejoin" checks for available replication slots
repmgr: improve "standby switchover" completion checks
repmgr: add replication configuration file ownership check to
  "standby switchover"
repmgr: check the demotion candidate's registered repmgr.conf file can
  be found
repmgr: consolidate replication connection code
repmgr: check permissions for "pg_promote()" and fall back to pg_ctl
  if necessary
repmgr: in --dry-run mode, display promote command which will be used
repmgr: enable "service_promote_command" in PostgreSQL 12
repmgr: accept option -S/--superuser for "node check"

(adam)

Updated net/py-ldapdomaindump, textproc/py-regex

(adam)

py-regex: updated to 2020.5.14

2020.5.14:
Unknown changes

(adam)

py-ldapdomaindump: updated to 0.9.2

0.9.2:
Unknown changes

(adam)

Updated databases/redis, devel/py-cython

(adam)

py-cython: updated to 0.29.18

0.29.18

Bugs fixed
* Exception position reporting could run into race conditions on threaded code.
  It now uses function-local variables again.
* Error handling early in the module init code could lead to a crash.
* Error handling in ``cython.array`` creation was improved to avoid calling
  C-API functions with an error held.
* A memory corruption was fixed when garbage collection was triggered during calls
  to ``PyType_Ready()`` of extension type subclasses.
* Memory view slicing generated unused error handling code which could negatively
  impact the C compiler optimisations for parallel OpenMP code etc.  Also, it is
  now helped by static branch hints.
* Cython's built-in OpenMP functions were not translated inside of call arguments.
* Complex buffer item types of structs of arrays could fail to validate.
* Decorators were not allowed on nested `async def` functions.
* C-tuples could use invalid C struct casting.
* Optimised ``%d`` string formatting into f-strings failed on float values.
* Optimised aligned string formatting (``%05s``, ``%-5s``) failed.
* When importing the old Cython ``build_ext`` integration with distutils, the
  additional command line arguments leaked into the regular command.
* When using the ``CYTHON_NO_PYINIT_EXPORT`` option in C++, the module init function
  was not declared as ``extern "C"``.
* Three missing timedelta access macros were added in ``cpython.datetime``.

(adam)

redis: updated to 6.0.3

Redis 6.0.3:
Upgrade urgency CRITICAL: a crash introduced in 6.0.2 is now fixed.

Redis 6.0.2:
Upgrade urgency MODERATE: many not critical bugfixes in different areas.
                          Critical fix to client side caching when
                          keys are evicted from the tracking table but
                          no notifications are sent.

The following are the most serious fix:

* XPENDING should not update consumer's seen-time
* optimize memory usage of deferred replies - fixed
* Fix CRC64 initialization outside the Redis server itself.
* stringmatchlen() should not expect null terminated strings.
* Cluster nodes availability checks improved when there is
  high Pub/Sub load on the cluster bus.
* Redis Benchmark: Fix coredump because of double free
* Tracking: send eviction messages when evicting entries.
* rax.c updated from upstream antirez/rax.
* fix redis 6.0 not freeing closed connections during loading.

New features:
dd
* Support setcpuaffinity on linux/bsd
* Client Side Caching: Add Tracking Prefix Number Stats in Server Info
* Add --user argument to redis-benchmark.c (ACL)

(adam)

missing PLIST updates

(adam)

Updated time/py-ligotimegps, databases/py-sqlalchemy, databases/py-sqlalchemy-utils, misc/py-immutables

(adam)

py-immutables: updated to 0.14

v0.14:
Allow None to be used as key in pure-Python implementation.

(adam)

pytest from versioned depends

(adam)

py-sqlalchemy-utils: updated to 0.36.5

0.36.5:
- Added support for dictionary input in CompositeType
- Added new EnrichedDateTime and EnrichedDate types
- Using String instead of LargeBinary for impl of EncryptedType
- Added support for JSONType in EncryptedType

0.36.4:
- Added jsonb_sql function
- Drop py27 support

(adam)

py-sqlalchemy: updated to 1.3.17

1.3.17

orm

[orm] [usecase]
Added an accessor Comparator.expressions which provides access to the group of columns mapped under a multi-column ColumnProperty attribute.

[orm] [usecase]
Introduce relationship.sync_backref flag in a relationship to control if the synchronization events that mutate the in-Python attributes are added. This supersedes the previous change 5149, which warned that viewonly=True relationship target of a back_populates or backref configuration would be disallowed.

[orm] [bug]
Fixed bug where using with_polymorphic() as the target of a join via RelationshipComparator.of_type() on a mapper that already has a subquery-based with_polymorphic setting that窶冱 equivalent to the one requested would not correctly alias the ON clause in the join.

[orm] [bug]
Fixed issue in the area of where loader options such as selectinload() interact with the baked query system, such that the caching of a query is not supposed to occur if the loader options themselves have elements such as with_polymorphic() objects in them that currently are not cache-compatible. The baked loader could sometimes not fully invalidate itself in these some of these scenarios leading to missed eager loads.

[orm] [bug]
Modified the internal 窶彿dentity set窶� implementation, which is a set that hashes objects on their id() rather than their hash values, to not actually call the __hash__() method of the objects, which are typically user-mapped objects. Some methods were calling this method as a side effect of the implementation.

[orm] [bug]
An informative error message is raised when an ORM many-to-one comparison is attempted against an object that is not an actual mapped instance. Comparisons such as those to scalar subqueries aren窶冲 supported; generalized comparison with subqueries is better achieved using Comparator.has().

engine

[engine] [bug]
Fixed fairly critical issue where the DBAPI connection could be returned to the connection pool while still in an un-rolled-back state. The reset agent responsible for rolling back the connection could be corrupted in the case that the transaction was 窶彡losed窶� without being rolled back or committed, which can occur in some scenarios when using ORM sessions and emitting .close() in a certain pattern involving savepoints. The fix ensures that the reset agent is always active.

schema

[schema] [bug]
Fixed issue where an Index that is deferred in being associated with a table, such as as when it contains a Column that is not associated with any Table yet, would fail to attach correctly if it also contained a non table-oriented expession.

[schema] [bug]
A warning is emitted when making use of the MetaData.sorted_tables attribute as well as the sort_tables() function, and the given tables cannot be correctly sorted due to a cyclic dependency between foreign key constraints. In this case, the functions will no longer sort the involved tables by foreign key, and a warning will be emitted. Other tables that are not part of the cycle will still be returned in dependency order. Previously, the sorted_table routines would return a collection that would unconditionally omit all foreign keys when a cycle was detected, and no warning was emitted.

[schema]
Add comment attribute to Column __repr__ method.

postgresql

[postgresql] [usecase]
Added support for columns or type ARRAY of Enum, JSON or JSONB in PostgreSQL. Previously a workaround was required in these use cases.

[postgresql] [usecase]
Raise an explicit CompileError when adding a table with a column of type ARRAY of Enum configured with Enum.native_enum set to False when Enum.create_constraint is not set to False

mssql

[mssql] [bug] [reflection]
Fix a regression introduced by the reflection of computed column in MSSQL when using the legacy TDS version 4.2. The dialect will try to detect the protocol version of first connect and run in compatibility mode if it cannot detect it.

[mssql] [bug] [reflection]
Fix a regression introduced by the reflection of computed column in MSSQL when using SQL server versions before 2012, which does not support the concat function.

oracle

[oracle] [bug]
Some modifications to how the cx_oracle dialect sets up per-column outputtype handlers for LOB and numeric datatypes to adjust for potential changes coming in cx_Oracle 8.

[oracle] [bug] [performance]
Changed the implementation of fetching CLOB and BLOB objects to use cx_Oracle窶冱 native implementation which fetches CLOB/BLOB objects inline with other result columns, rather than performing a separate fetch. As always, this can be disabled by setting auto_convert_lobs to False.
As part of this change, the behavior of a CLOB that was given a blank string on INSERT now returns None on SELECT, which is now consistent with that of VARCHAR on Oracle.

firebird

[firebird] [change]
Adjusted dialect loading for firebird:// URIs so the external sqlalchemy-firebird dialect will be used if it has been installed, otherwise fall back to the (now deprecated) internal Firebird dialect.

(adam)

pytest from versioned depends

(adam)

py-ligotimegps: updated to 2.0.1

v2.0.1:
Bug-fixes (including package, unit test, and documentation updates):
- added readthedocs sphinx configuration

(adam)

pytest from versioned depends

(adam)

pytest from versioned depends

(adam)

Added net/terraform-provider-local, net/terraform-provider-random

(adam)

terraform-provider-random: added version 2.2.1

The "random" provider allows the use of randomness within Terraform
configurations. This is a logical provider, which means that it works entirely
within Terraform's logic, and doesn't interact with any other services.

(adam)

terraform-provider-local: added version 1.4.0

The Local provider is used to manage local resources, such as files.

(adam)

Updated net/terraform, net/terraform-provider-aws

(adam)

terraform-provider-aws: updated to 2.26.0

v2.62.0

FEATURES:
New Resource: aws_workspaces_workspace

ENHANCEMENTS:
resource/aws_appsync_resolver: Add cache_config configuration block
resource/aws_codebuild_project: Support git_submodules_config with GITHUB and GITHUB_ENTERPRISE source types
resource/aws_codebuild_project: Support SECRETS_MANAGER environment variable type
resource/aws_datasync_task: Support ONLY_FILES_TRANSFERRED value in verify_mode argument
resource/aws_iot_topic_rule: Add dynamodbv2 configuration block
resource/aws_iot_topic_rule: Add iot_analytics configuration block
resource/aws_iot_topic_rule: Add iot_events configuration block
resource/aws_iot_topic_rule: Add operation argument to dynamodb configuration block
resource/aws_iot_topic_rule: Add qos argument republish configuration block

BUG FIXES:
resource/aws_codebuild_project: Allow empty value ("") environment variables
resource/aws_security_group_rule: Prevent recreation when source_security_group_id refers to a security group across accounts

v2.61.0

FEATURES:
New Data Source: aws_ec2_coip_pool
New Data Source: aws_ec2_coip_pools
New Data Source: aws_ec2_local_gateway
New Data Source: aws_ec2_local_gateways
New Data Source: aws_ec2_local_gateway_route_table
New Data Source: aws_ec2_local_gateway_route_tables
New Resource: aws_ec2_transit_gateway_peering_attachment_accepter

ENHANCEMENTS:
data-source/aws_ebs_volume: Add multi_attach_enabled attribute
data-source/aws_efs_file_system: Add size_in_bytes attribute
data-source/aws_eip: Add customer_owned_ip and customer_owned_ipv4_pool attributes
data-source/aws_launch_template: add partition_number attribute
resource/aws_api_gateway_deployment: Add triggers argument
resource/aws_apigatewayv2_deployment: Add triggers argument
resource/aws_ebs_volume: Add multi_attach_enabled attribute
resource/aws_eip: Add customer_owned_ip attribute and customer_owned_ipv4_pool argument
resource/aws_glue_connection: Support KAFKA for connection_type argument
resource/aws_launch_template: add partition_number attribute
resource/aws_launch_template: add plan time validation to volume_type, spot_instance_type, ipv6_addresses, ipv4_addresses, private_ip_address`
resource/aws_workspaces_directory: Add output attributes for workspace_security_group_id, iam_role_id, registration_code, directory_name, directory_type, customer_user_name, alias, ip_group_ids and dns_ip_addresses

BUG FIXES:
resource/aws_workspaces_directory: Fixes error when removing tags

v2.60.0

NOTES:
provider: Region validation now automatically supports the new eu-south-1 (Europe (Milan)) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the AWS Documentation. When the region is not enabled, the Terraform AWS Provider will return errors during credential validation (e.g. error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid) or AWS operations will throw their own errors (e.g. data.aws_availability_zones.current: Error fetching Availability Zones: AuthFailure: AWS was not able to validate the provided access credentials).
provider: Ignore tags functionality across all data sources and resources (except aws_autoscaling_group) via the provider-level ignore_tags configuration block has been enabled and this functionality is no longer considered in preview.

FEATURES:
New Data Source: aws_backup_plan
New Data Source: aws_backup_selection
New Data Source: aws_backup_vault
New Data Source: aws_ec2_transit_gateway_peering_attachment
New Resource: aws_ec2_transit_gateway_peering_attachment
New Resource: aws_guardduty_organization_admin_account
New Resource: aws_guardduty_organization_configuration

ENHANCEMENTS:
data-source/aws_cloudtrail_service_account: Support eu-south-1 region
data-source/aws_ebs_volume: Add outpost_arn attribute
data-source/aws_elastic_beanstalk_hosted_zone: Support eu-south-1 region
data-source/aws_elb_hosted_zone_id: Add us-gov-east-1 and us-gov-west-1 region values
data-source/aws_elb_hosted_zone_id: Support eu-south-1 region
data-source/aws_elb_service_account: Support eu-south-1 region
data-source/aws_instance: Add outpost_arn attribute
data-source/aws_network_interface: Add outpost_arn attribute
data-source/aws_s3_bucket: Support eu-south-1 region for hosted_zone_id attribute
data-source/aws_subnet: Add outposts_arn attribute
provider: Support automatic region validation for eu-south-1
provider: Implement ignore tags functionality across all data sources and resources (except aws_autoscaling_group)
resource/aws_api_gateway_stage: Ignore NotFoundException error on destroy
resource/aws_db_snapshot: Support import
resource/aws_default_route_table: Add plan-time validation to cidr_block and ipv6_cidr_block arguments
resource/aws_default_route_table: Support import
resource/aws_dms_endpoint: Add kafka_settings configuration block and kafka to engine_name argument validation
resource/aws_ebs_volume: Add outpost_arn argument
resource/aws_elasticsearch_domain: Support customizable update timeout
resource/aws_glue_connection: Support MONGODB for connection_type argument
resource/aws_key_pair: Support tag-on-create
resource/aws_instance: Add outpost_arn attribute
resource/aws_mq_broker: Support import
resource/aws_network_interface: Add outpost_arn attribute
resource/aws_placement_group: Support tag-on-create
resource/aws_route_table: Add plan-time validation to cidr_block and ipv6_cidr_block arguments
resource/aws_route53_health_check: Support plan-time validation for reference_name argument
resource/aws_s3_bucket: Support eu-south-1 region for hosted_zone_id attribute
resource/aws_spot_fleet_request: Add launch_template_config configuration block (Support EC2 Launch Templates)
resource/aws_spot_fleet_request: Support import
resource/aws_storagegateway_gateway: Add gateway_vpc_endpoint argument
resource/aws_storagegateway_smb_file_share: Add path attribute
resource/aws_subnet: Add outposts_arn argument
resource/aws_wafregional_xss_match_set: Add plan-time validation for xss_match_tuple configuration block arguments

BUG FIXES:
data-source/aws_api_gateway_rest_api: Prevent error with VPC Endpoint configured APIs
resource/aws_appautoscaling_scheduled_action: Prevent error on refresh with multiple resources using the same scheduled action name
resource/aws_batch_job_queue: Prevent panic when ComputeEnvironmentOrder is updated outside Terraform
resource/aws_default_route_table: Proper tag on resource creation
resource/aws_efs_file_system: Prevent panic with empty lifecycle_policy configuration block
resource/aws_fsx_windows_file_system: Prevent panic when update includes self_managed_active_directory settings
resource/aws_glue_catalog_table: Prevent various panics with empty configuration blocks
resource/aws_kinesis_firehose_delivery_stream: Prevent panic with empty processing_configuration configuration block
resource/aws_kms_external_key: Prevent MalformedPolicyDocumentException errors on creation by retrying for up to 2 minutes to wait for IAM change propagation
resource/aws_kms_key: Prevent MalformedPolicyDocumentException errors on creation by retrying for up to 2 minutes to wait for IAM change propagation
resource/aws_lb_listener: Prevent panics on creation and refresh when API throttled
resource/aws_route53_zone: Prevent panic with APIs missing ChangeInfo during creation (best effort fix for LocalStack)
resource/aws_storagegateway_gateway: Perform multiple connectivity checks after activation to wait if the underlying server (e.g. EC2 Instance) is automatically rebooted
resource/aws_storagegateway_gateway: Retry 504 status code on activation
resource/aws_wafregional_xss_match_set: Prevent crash with xss_match_tuple configuration block since version 2.59.0

v2.59.0
@breathingdust breathingdust released this 24 days ago 揃 470 commits to master since this release

NOTES:

provider: Region validation now automatically supports the new af-south-1 (Africa (Cape Town)) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the AWS Documentation. When the region is not enabled, the Terraform AWS Provider will return errors during credential validation (e.g. error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid) or AWS operations will throw their own errors (e.g. data.aws_availability_zones.current: Error fetching Availability Zones: AuthFailure: AWS was not able to validate the provided access credentials). (#12715)
resource/aws_iam_user: The additional force_destroy behavior for handling signing certificates requires two additional IAM permissions (iam:ListSigningCertificates and iam:DeleteSigningCertificate). Restrictive IAM permissions for Terraform runs may require updates. (#10542)
resource/aws_rds_cluster: Due to recent API support for Aurora MySQL 5.7 and PostgreSQL Global Clusters which implemented the engine mode as provisioned instead of the previous global for Aurora MySQL 5.6, the resource now requires the DescribeGlobalClusters API call. Restrictive IAM permissions may require updates. (#12867)
FEATURES:

New Resource: aws_apigatewayv2_api_mapping (#9461)
New Resource: aws_apigatewayv2_vpc_link (#12577)
ENHANCEMENTS:

data_source/aws_acm_certificate: Add tags output (#11659)
data-source/aws_cloudtrail_service_account: Support af-south-1 region (#12967)
data-source/aws_elastic_beanstalk_hosted_zone: Support af-south-1 region (#12967)
data-source/aws_elb_hosted_zone_id: Support af-south-1 region (#12967)
data-source/aws_elb_service_account: Support af-south-1 region (#12967)
data-source/aws_s3_bucket: Support af-south-1 region for hosted_zone_id attribute (#12967)
provider: Support automatic region validation for af-south-1 (#12715)
resource/aws_apigatewayv2_api: Add cors_configuration, credentials_arn, route_key and target attributes (#12452)
resource/aws_appsync_graphql_api: Add log_config configuration block exclude_verbose_content argument (#12884)
resource/aws_config_configuration_recorder: Prevent error during deletion operation when resource is missing (#12734)
resource/aws_default_network_acl: Support import (#12924)
resource/aws_lambda_alias: Suppress differences for equivalent function_name argument values of name versus ARN (#12902)
resource/aws_network_acl_rule: Support import (#12921)
resource/aws_route: Add plan-time validation for destination_cidr_block and destination_ipv6_cidr_block arguments (#12890)
resource/aws_s3_bucket: Support af-south-1 region for hosted_zone_id attribute (#12967)
resource/aws_service_discovery_private_dns_namespace: Support import (#12929)
resource/aws_ssm_activation: Support import (#12933)
resource/aws_ssm_maintenance_window_target: Add plan-time validation to resource_type argument (#11783)
resource/aws_ssm_maintenance_window_target: Support import (#12935)
resource/aws_volume_attachment: Support import (#12948)
resource/aws_waf_ipset: Add plan-time validation for ip_set_descriptors configuration block arguments (#12775)
resource/aws_waf_sql_injection_match_set: Support import (#11657)
resource/aws_waf_xss_match_set: Add plan-time validation for xss_match_tuples configuration block arguments (#12777)
resource/aws_wafregional_web_acl: Add plan-time validation to various arguments (#12793)
BUG FIXES:

data-source/aws_launch_template: Prevent type error with network_interfaces associate_public_ip_address attribute (#12936)
resource/aws_glue_security_configuration: Prevent empty string KMS Key ARN in S3 Encryption settings (#12898)
resource/aws_iam_user: Ensure force_destroy argument removes signing certificates when enabled (#10542)
resource/aws_rds_cluster: Prevent unexpected global_cluster_identifier differences and deletion error with aurora-mysql and aurora-postgresql Global Cluster members (#12867)
resource/aws_route: Prevent not found after creation error with destination_ipv6_cidr_block set to ::0/0 (#12890)
Assets
2
v2.58.0
94d0642
Unverified
Compare
v2.58.0
@breathingdust breathingdust released this on 17 Apr 揃 589 commits to master since this release

FEATURES:

New Data Source: aws_regions (#12269)
New Resource: aws_apigatewayv2_deployment (#9245)
New Resource: aws_apigatewayv2_domain_name (#9391)
New Resource: aws_apigatewayv2_integration_response (#9365)
New Resource: aws_apigatewayv2_route (#8881)
New Resource: aws_apigatewayv2_route_response (#9373)
New Resource: aws_apigatewayv2_stage (#9232)
New Resource: aws_dms_event_subscription (#7170)
ENHANCEMENTS:

data-source/aws_dynamodb_table: Add replica attribute (initial support for Global Tables V2 (version 2019.11.21)) (#12342)
data-source/aws_instance: Exports volume_name for root_block_device (#12620)
resource/aws_backup_plan: Add rule configuration block copy_action configuration block (support cross region copy) (#11923)
resource/aws_cognito_identity_provider: Support plan-time validation for idp_identifiers, provider_name, and provider_type arguments (#10705)
resource/aws_dms_endpoint: Add elasticsearch_settings configuration block and elasticsearch to engine_name validation (support Elasticsearch endpoints) (#11792)
resource/aws_dms_endpoint: Add kinesis_settings configuration block and kinesis to engine_name validation (support Kinesis endpoints) (#8633)
resource/aws_dynamodb_table: Add replica configuration block (initial support for Global Tables V2 (version 2019.11.21)) (#12342)
resource/aws_ec2_client_vpn_endpoint: Allow two authentication_options configuration blocks (#12819)
resource/aws_instance: Allow changing root volume size without re-creating resource (#12620)
resource/aws_instance: Exports volume_name for root_block_device (#12620)
BUG FIXES:

resource/aws_dlm_lifecycle_policy: Ensure plan-time validation for times argument only allows 24 hour format (#12800)
Assets
2
v2.57.0
8c46f5f
Unverified
Compare
v2.57.0
@breathingdust breathingdust released this on 10 Apr 揃 712 commits to master since this release

BREAKING CHANGES:

provider: The configuration for the preview ignore tags functionality has been updated to include a wrapping configuration block. For example:
provider "aws" {
  ignore_tags {
    keys = ["TagKey1"]
  }
}
FEATURES:

New Data Source: aws_cloudfront_distribution (#6468)
New Resource: aws_apigatewayv2_authorizer (#9228)
New Resource: aws_apigatewayv2_integration (#8949)
New Resource: aws_apigatewayv2_model (#8912)
ENHANCEMENTS:

data-source/aws_lambda_layer_version: Support plan-time validation for compatible_runtime argument dotnetcore3.1 value (support .NET Core 3.1) (#12712)
resource/aws_cloudhsm_v2_cluster: Support tag-on-create (#11683)
resource/aws_docdb_cluster: Add deletion_protection argument (#12650)
resource/aws_egress_only_internet_gateway: Add tags argument (#11568)
resource/aws_lambda_function: Support plan-time validation for runtime argument dotnetcore3.1 value (support .NET Core 3.1) (#12712)
resource/aws_lambda_layer_version: Support plan-time validation for compatible_runtimes argument dotnetcore3.1 value (support .NET Core 3.1) (#12712)
resource/aws_rds_global_cluster: Add aurora-postgresql to engine argument plan-time validation (#12401)
resource/aws_redshift_snapshot_copy_grant: Support resource import (#10350)
resource/aws_spot_fleet_request: Add tags argument (support tagging of Spot Fleet Request itself) (#12295)
resource/aws_spot_fleet_request: Support plan-time validation for launch_specification configuration block ebs_block_device volume_type, iam_instance_profile_arn, placement_tenancy, and root_block_device volume_type arguments (#12295)
resource/aws_spot_fleet_request: Support plan-time validation for allocation_strategy, instance_interruption_behaviour, and target_group_arns arguments (#12295)
service/ec2: Prevent eventual consistency errors tagging resources on creation (#12735)
BUG FIXES:

resource/aws_appautoscaling_policy: Fix error when importing DynamoDB Table Index policy (#11232)
resource/aws_db_instance: Allow creating read replica into RAM shared Subnet with VPC Security Group (#12700)
resource/aws_kms_key: Prevent eventual consistency related errors on creation (#12738)
resource/aws_lb_target_group: Automatically propose resource recreation for TCP protocol Target Groups when health_check configuration block interval, protocol, or timeout argument values are updated (#4568)
Assets
2
v2.56.0
02afaa6
Unverified
Compare
v2.56.0
@bflad bflad released this on 3 Apr 揃 813 commits to master since this release

NOTES:

resource/aws_emr_cluster: The bug fix in this release will potentially re-create EMR Clusters with multiple bootstrap actions, since bootstrap actions cannot be modified in place. To avoid re-creation, temporarily add the ignore_changes lifecycle configuration argument and/or update the order in your Terraform configuration.
ENHANCEMENTS:

data-source/aws_launch_template: Add hibernation_options attribute (#12492)
resource/aws_codepipeline: Adds cross-region action support (#12549)
resource/aws_dx_connection: Support 2Gbps and 5Gbps values in plan-time validation for bandwidth argument (#12559)
resource/aws_dx_lag: Support 2Gbps and 5Gbps values in plan-time validation for bandwidth argument (#12559)
resource/aws_elastic_transcoder_preset: Support plan-time validation for role argument (#12575)
resource/aws_kms_grant: Support resource import (#11991)
resource/aws_launch_template: Add hibernation_options configuration block (#12492)
BUG FIXES:

resource/aws_codedeploy_deployment_group: Fix blue_green_deployment_config updates for ECS (#11885)
resource/aws_emr_cluster: Now properly sets the order when multiple bootstrap actions are defined
resource/aws_kms_grant: Remove resource from Terraform state instead of error if removed outside Terraform (#12560)
resource/aws_s3_bucket: Prevent various panics with empty configuration blocks (#12614)
resource/aws_volume_attachment: Ensure any error is shown while waiting for volume to detach (#12596)
Assets
2
v2.55.0
3bef4e2
Unverified
Compare
v2.55.0
@gdavison gdavison released this on 27 Mar 揃 899 commits to master since this release

FEATURES:

New Resource: aws_ec2_availability_zone_group (#12400)
ENHANCEMENTS:

data-source/aws_availability_zone: Add all_availability_zones and filter arguments (#12400)
data-source/aws_availability_zone: Add group_name, network_border_group, and opt_in_status attributes (#12400)
data-source/aws_availability_zones: Add all_availability_zones and filter arguments (#12400)
data-source/aws_availability_zones: Add group_names attribute (#12400)
data-source/aws_ec2_transit_gateway_dx_gateway_attachement: Add filter and tags arguments (#12516)
data-source/aws_ec2_transit_gateway_vpn_attachment: Add filter and tags arguments (#12415)
data-source/aws_instance: Add metadata_options attribute (#12491)
data-source/aws_launch_template: Add filter and tags arguments (#12403)
data-source/aws_launch_template: Add metadata_options attribute (#12491)
data-source/aws_prefix_list: Add filter argument (#12416)
data-source/aws_vpc_endpoint_service: Add filter and tags arguments (#12404)
resource/aws_athena_workgroup: Add force_destroy argument (#12254)
resource/aws_cloudwatch_log_metric_filter: Support resource import (#11992)
resource/aws_flow_log: Add max_aggregation_interval argument (#12483)
resource/aws_instance: Add metadata_options configuration block (support IMDSv2) (#12491)
resource/aws_launch_template: Add metadata_options configuration block (support IMDSv2) (#12491)
resource/aws_msk_cluster: Add logging_info configuration block (support CloudWatch, Firehose, and S3 logging) (#12215)
resource/aws_mq_configuration: Support plan-time validation for engine_type argument (#11843)
resource/aws_route53_health_check: A dd plan-time validation to insufficient_data_health_status (#12305)
resource/aws_storagegateway_nfs_file_share: Add path attribute (#12530)
BUG FIXES:

resource/aws_db_instance: Allow restoring from snapshot into RAM shared Subnet with VPC Security Group (#12447)
resource/aws_mq_configuration: Remove extraneous ListTags API call during refresh (#11843)
resource/aws_neptune_cluster_instance: Add missing configuring-log-exports as allowed pending state (#12079)
resource/aws_route53_health_check: Do not recreate health check when using compressed ipv6 address

(adam)

terraform: updated to 0.12.25

v0.12.25

NOTES:
backend/s3: Region validation now automatically supports the new af-south-1 (Africa (Cape Town)) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the AWS Documentation. When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid).

ENHANCEMENTS:
backend/s3: Support automatic region validation for af-south-1
backend/remote: Add support for force push to remote backend

BUG FIXES:
core: Destroy provisioners should not evaluate for_each expressions
core: Fix races in GetVariableValue

(adam)

pytest from versioned depends

(adam)

Updated www/py-django-import-export, www/py-django-admin-rangefilter

(adam)

py-django-import-export: better Django dep.

(adam)

py-django-admin-rangefilter: updated to 0.6.0

0.6.0:
- Added setter for initial field value

(adam)

py-django-import-export: updated to 2.1.0

2.1.0:
Fix DurationWidget handling of zero value
Make import diff view only show headers for user visible fields
Make confirm_form accessible in get_import_resource_kwargs and get_import_data_kwargs
Initialize Decimal with text value
Adds meta flag ���skip_diff��� to enable skipping of diff operations
Update docs

2.0.2:
Add support for tablib >= 1.0
Add ability to install a subset of tablib supported formats and save some automatic dependency installations (needs tablib >= 1.0)
Use column_name when checking row for fields

2.0.1:
Fix deprecated Django 3.0 function usage
Pin tablib version to not use new major version
Format field is always shown on Django 2.2

2.0:
[django2.2] Add real support of Django 2.2 before 3.0 is out
fix: DateTimeWidget not timezone sensitive
Move actions definition to ExportActionMixin
Add language support: Turkish
Fix exception import for Django 3
Fix potential header / row column mismatches for invalid rows in���
Assume user is importing new data if id fields not included
Fix bug with spaces in export filename, pass request and queryset
Simplify Django version in TravisCI
Align error in rtl mode
Add dutch translations
Add 3.8-dev to travis ci
Fix style in getting_started docs
Update documentation to show that mixins must be referenced before admin.ModelAdmin.
JSONWidget updated with null value fix
Import rows have background color
Use resource get_queryset in ModelInstanceLoader
Simplify coerce to text type
More flexibility in ConfirmImportForm, forms and resource kwargs
Add JSON B type field mapping
Scale back stale bot���s time-to-stale
test: explicitly order qs in ManyToManyWidget
Add mysql to travis
Expand doc strings to include Mixin superclasses
Remove python2 compatibility decorator
chore: fix Imports are incorrectly sorted.
Use global env vars for postgres
Used non-fixed id for test. Database is not torn down after each run, which means that the id is incrementing
Fix warning from assertEquals
Add psycopg2 as postgres driver to test requirements
Add django version to the matrix
Add matrix for sqlite and postgres testing
Correct mistaken assertTrue() -> assertEquals()
chore: add package long_description
chore: add python wheels to dev requirements
Add github directory with PR and issue templates
Isort all the things
Use coveralls master branch tag in the readme
Remove support for Django < 2.0 and Python < 3.5

(adam)

Updated textproc/py-dominate, textproc/py-rebulk, textproc/py-guessit, textproc/py-tablib

(adam)

py-tablib: updated to 2.0.0

2.0.0:

Breaking changes
The Row.lpush/rpush logic was reversed. lpush was appending while rpush and append were prepending. This was fixed (reversed behavior). If you counted on the broken behavior, please update your code.

Bugfixes
Fixed minimal openpyxl dependency version to 2.6.0.
Dates from xls files are now read as Python datetime objects.
Allow import of "ragged" xlsx files.

Improvements
When importing an xlsx file, Tablib will now read cell values instead of formulas.

1.1.0:

Deprecations
Upcoming breaking change in Tablib 2.0.0: the Row.lpush/rpush logic is reversed. lpush is appending while rpush and append are prepending. The broken behavior will remain in Tablib 1.x and will be fixed (reversed) in Tablib 2.0.0. If you count on the broken behavior, please update your code when you upgrade to Tablib 2.x.

Improvements
Tablib is now able to import CSV content where not all rows have the same length. Missing columns on any line receive the empty string.

1.0.0:

Breaking changes
Dropped Python 2 support
Dependencies are now all optional. To install tablib as before with all possible supported formats, run pip install tablib[all]

Improvements
Formats can now be dynamically registered through the tablib.formats.registry.refister API.
Tablib methods expecting data input (detect_format, import_set, Dataset.load, Databook.load) now accepts file-like objects in addition to raw strings and bytestrings.

Bugfixes
Fixed a crash when exporting an empty string with the ReST format
Error cells from imported .xls files contain now the error string

(adam)

py-guessit: updated to 3.1.1

3.1.1:
Drop python 3.4 support
Use SafeLoader with yaml.load()

3.1.0:
Add python 3.8 support
Use rebulk 2.*
Remove v from subtitle_language prefix in default configuration
Add Variable Frame Rate value to other property (VFR tag)
Use episode words defined in configuration in a rebulk rule
Avoid trigger of useless rules consequences
Fix possible crash in weak episode removal
Fix issue caused by streaming_service property conflicts
Fix source validation when more than one pattern match
Fix issue with some titles on multiple fileparts
Fix issue related to website exclusion inside title

(adam)

py-rebulk: updated to 2.0.1

2.0.1:
Unknown changes

(adam)

py-dominate: updated to 2.5.1

2.5.1:
fix quote character

2.5.0:
Update CI, versions

(adam)

Updated www/py-nbformat, www/py-parsel

(adam)

py-parsel: updated to 1.6.0

1.6.0:
* Python 3.4 is no longer supported
* New ``Selector.remove()`` and ``SelectorList.remove()`` methods to remove
  selected elements from the parsed document tree
* Improvements to error reporting, test coverage and documentation, and code
  cleanup

(adam)

py-nbformat: updated to 5.0.6

5.0.6
=====
- nbformat.read() function has a better duck-type interface and will raise more
  meaningful error messages if it can't parse a notebook document.

5.0.5
=====
- Allow notebook format 4.0 and 4.1 to have the arbitrary JSON mimebundles
  from format 4.2 for pragmatic purposes.
- Support reading/writing path-like objects has been added to read operations.

5.0.4
=====
- Fixed issue causing python 2 to pick up 5.0.x releases.

5.0.3
=====
- Removed debug print statements from project.

5.0.2
=====
- Added schema validation files for older versions. This was breaking notebook generation.

5.0
===
`5.0 on GitHub <https://github.com/jupyter/nbformat/milestone/5>`__

- Starting with 5.0, ``nbformat`` is now Python 3 only (>= 3.5)
- Add execution timings in code cell metadata for v4 spec.
  ``"metadata": { "execution": {...}}`` should be populated with kernel-specific
  timing information.
- Documentation for how markup is used in notebooks added
- Link to json schema docs from format page added
- Documented the editable metadata flag
- Update description for collapsed field
- Documented notebook format versions 4.0-4.3 with accurate json schema specification files
- Clarified info about :ref:`name`'s meaning for cells
- Added a default execution_count of None for new_output_cell('execute_result')
- Added support for handling nbjson kwargs
- Wheels now correctly have a LICENSE file
- Travis builds now have a few more execution environments

(adam)

pytest from versioned depends

(adam)

Updated net/py-celery, security/py-keyring

(adam)

py-keyright: updated to 21.2.1

v21.2.1
-------
* Restored lenience on startup when entry point
  metadata is missing.
* Avoid RecursionError when initializing backends
  when a limit is supplied.

v21.2.0
-------
* Chainer now deterministically resolves at a lower
  priority than the Fail keyring (when there are no backends
  to chain).
* Fail keyring now raises a ``NoKeyringError`` for
  easier selectability.
* Keyring now logs at DEBUG rather than INFO during
  backend startup.

v21.1.1
-------
* Refreshed package metadata.

v21.1.0
-------
* In SecretService backend, close connections after
  using them.

v21.0.0
-------
* Require Python 3.6 or later.

v20.0.1
-------
* Fix TypeError when backend fails to initialize.

v20.0.0
-------
* Extracted ``keyring.testing`` package to contain supporting
  functionality for plugin backends. ``keyring.tests`` has been
  removed from the package.

v19.3.0
-------
* Switch to `importlib.metadata
  <https://docs.python.org/3/library/importlib.metadata.html>`_
  for loading entry points. Removes one dependency on Python 3.8.
* Added new ``KeyringBackend.set_properties_from_env``.
* Add support for alternate persistence scopes for Windows
  backend. Set ``.persist`` to "local machine" or "session"
  to enable the alternate scopes or "enterprise" to use the
  default scope.
* Improve import times when a backend is specifically
  configured by lazily calling ``get_all_keyring``.

(adam)

py-celery: updated to 4.4.2

4.4.0
=======
- This version is officially supported on CPython 2.7,
  3.5, 3.6, 3.7 & 3.8 and is also supported on PyPy2 & PyPy3.
- Kombu 4.6.7
- Task class definitions can have retry attributes

4.4.0rc5
========
- Kombu 4.6.7
- Events bootstep disabled if no events
- SQS - Reject on failure
- Add a concurrency model with ThreadPoolExecutor
- Add auto expiry for DynamoDB backend
- Store extending result in all backends
- Fix a race condition when publishing a very large chord header
- Improve docs and test matrix

4.4.0rc4
========
- Kombu 4.6.6
- Py-AMQP 2.5.2
- Python 3.8
- Numerious bug fixes
- PyPy 7.2

4.4.0rc3
========
- Kombu 4.6.4
- Billiard 3.6.1
- Py-AMQP 2.5.1
- Avoid serializing datetime
- Fix: (group() | group()) not equals single group
- Revert "Broker connection uses the heartbeat setting from app config.
- Additional file descriptor safety checks.
- fixed call for null args
- Added generic path for cache backend.
- Fix Nested group(chain(group)) fails
- Use self.run() when overriding __call__
- Fix termination of asyncloop
- Fix migrate task to work with both v1 and v2 of the message protocol.
- Updating task_routes config during runtime now have effect.

4.4.0rc2
========
- Many bugs and regressions fixed.
- Kombu 4.6.3

4.4.0rc1
========
- Python 3.4 drop
- Kombu 4.6.1
- Replace deprecated PyMongo methods usage
- Pass task request when calling update_state
- Fix bug in remaining time calculation in case of DST time change
- Fix missing task name when requesting extended result
- Fix `collections` import issue on Python 2.7
- handle `AttributeError` in base backend exception deserializer
- Make `AsynPool`'s `proc_alive_timeout` configurable
- AMQP Support for extended result
- Fix SQL Alchemy results backend to work with extended result
- Fix restoring of exceptions with required param
- Django: Re-raise exception if `ImportError` not caused by missing tasks
  module
- Django: fixed a regression putting DB connections in invalid state when
  `CONN_MAX_AGE != 0`
- Fixed `OSError` leading to lost connection to broker
- Fixed an issue with inspect API unable get details of Request
- Fix mogodb backend authentication
- Change column type for Extended Task Meta args/kwargs to LargeBinary
- Handle http_auth in Elasticsearch backend results
- Fix task serializer being ignored with `task_always_eager=True`
- Fix `task.replace` to work in `.apply() as well as `.apply_async()`
- Fix sending of `worker_process_init` signal for solo worker
- Fix exception message upacking
- Add delay parameter function to beat_schedule
- Multiple documentation updates

(adam)

pytest from versioned depends

(adam)

pytest from versioned depends

(adam)

Updated net/py-apache-libcloud, parallel/py-billiard

(adam)

py-billiard: updated to 3.6.3.0

3.6.1:
- Logging max memory reached at INFO rather than WARNING
- Pass arguments when wrapping sys.exit
- Remove win32/py2k special
- Ensure READY messages sent out by exiting worker are consumed prior to it actually existing.
- Pass max_memory_per_child to child worker process
- Fix compatibility with Python 2.7 on Windows

(adam)

py-apache-libcloud: updated to 3.0.0

Changes in Apache Libcloud 3.0.0

Common
------
Make sure auth_user_info variable on the OpenStack identify connection class is populated when using auth version 3.x_password and 3.x_oidc_access_token.

[OpenStack] Update OpenStack identity driver so a custom project can be selected using domain_name keyword argument containing a project id.

Previously this argument value could only contain a project name, now the value will be checked against project name and id.

Compute
-------
[GCE] Update create_node() method so it throws an exception if node location can't be inferred and location is not specified by the user ( either by passing datacenter constructor argument or by passing location argument to the method).

[GCE] Update ex_get_disktype method so it works if zone argument is not set.

[GiG G8] Add new driver for GiG G8 provider (https://gig.tech/).

Add new at_exit_func argument to deploy_node() method. With this argument user can specify which function will be called before exiting with the created node in question if the deploy process has been canceled after the node has been created, but before the method has fully finished.

This comes handy since it simplifies various cleanup scenarios.

[OpenStack] Fix auto assignment of volume device when using device name auto in the attach_volume method.

[Kamatera] Add new driver for Kamatera provider (https://www.kamatera.com).

Storage
-------
Add new download_object_range and download_object_range_as_stream methods for downloading part of the object content (aka range downloads) to the base storage API.

Currently those methods are implemented for the local storage Azure Blobs, CloudFiles, S3 and any other provider driver which is based on the S3 one (such as Google Storage and DigitalOcean Spaces).

Add type annotations for the base storage API.

[Google Storage] Update the driver so it supports service account HMAC credentials.

There was a bug in the code where we used the user id length check to determine the account type and that code check didn't take service account HMAC credentials (which contain a longer string) into account.

DNS
---
Add type annotations for the base DNS API.

Container
---------
[Kubernetes] Add support for the client certificate and static token based authentication to the driver.
Add type annotations for the base container API.

(adam)