py-cython: needs c99

(wiz)

py-lxml: uses 'for (int i=...)' so needs c99

(wiz)

libva: uses for (int i=..., so needs c99

(wiz)

exiv2: resurrect patch to fix build on SunOS

(nros)

revbump due to ptex dependency for openimageio

(nros)

openimageio: enable ptex reading, bump pkgrevision
ptex has been in pkgsrc for a while so lets use it.

(nros)

Updated net/py-lexicon, security/py-acme, security/py-certbot*

(adam)

py-acme py-certbot*: updated to 2.7.4

Certbot 2.7.4

Fixed a bug introduced in version 2.7.0 that caused interactively entered
webroot plugin values to not be saved for renewal.
Fixed a bug introduced in version 2.7.0 of our Lexicon based DNS plugins that
caused them to fail to find the DNS zone that needs to be modified in some
cases.

(adam)

py-lexicon: updated to 3.17.0

3.17.0

Added

New method to determine the actual zone name for a given FQDN. Historically it was an extraction of the second-level domain given well-known TLDs (eg., domain.net for www.domain.net) using tldextract, and usage of --delegated option to enforce a specific zone name that is useful for third-level domains hosted on a specific zone (eg., sub-zone sub.domain.net delegated from zone domain.net). It is now possible to use the --resolve-zone-name flag on Lexicon client to trigger an actual resolution of the zone name from a given FQDN using live DNS servers by leveraging dnspython utilities. Most of the time this makes --delegated useless, since Lexicon will be able to guess the correct zone name.

(adam)

audio/din: Unbreak build on Darwin

Also add option for Apple's coreaudio
No changes affecting other platforms

(bacon)

doc: Updated biology/bedtools to 2.31.1

(bacon)

biology/bedtools: Update to 2.31.1

Code updates for modern compilers

Changes: https://github.com/arq5x/bedtools2/releases

(bacon)

profanity: make sure TIOCGWINZ is declared on Illumos

(nros)

www/ufdbguard: add reload command to rc.d script

Bump PKGREVISION

(sborrill)

mk/defaults/options.description:

Indicate that Core Audio is an Apple product

(bacon)

doc: Added x11/herbe version 1.0.0

(pin)

Add herbe

(pin)

x11/herbe: import package

Packaged in wip by Kevin Bloom with minor modifications from gdt@
and myself.

herbe is a daemon-less notification program that doesn't require
D-Bus. herbe can fire simple text desktop notifications
from anywhere for anything. It can be killed simply by sending the
SIGKILL signal or by waiting 5 seconds.

(pin)

Updated devel/py-cbor2, devel/py-lru-dict

(adam)

py-lru-dict: updated to 1.3.0

1.3.0
ARM64 Support and Python stubs

(adam)

doc: Updated editors/tp-note to 1.22.13

(pin)

editors/tp-note: update to 1.22.13

Viewer bugfix: store the path to non-base-documents

This fixes a regression introduced with

    d1c0ed4 2023-10-31
    Error when `fm_sort_tag` is sequential and duplicate

in Tp-Note version v1.22.11

(pin)

doc: Updated security/libretls to 3.8.1

(schmonz)

libretls: update to 3.8.1. LibreSSL changes:

3.8.1:

* Portable changes
  - Applications bundled as part of the LibreSSL package internally,
    nc(1) and openssl(1), now are linked statically if static libraries
    are built.
  - Internal compatibility function symbols are no longer exported from
    libcrypto. Instead, the libcompat library is linked to libcrypto,
    libssl, and libtls separately. This increases size a little, but
    ensures that the libraries are not exporting symbols to programs
    unintentionally.
  - Selective removal of CET implementation on platforms where it is
    not supported (macOS).
  - Integrated four more tests.
  - Added Windows ARM64 architecture to tested platforms.
  - Removed Solaris 10 support, fixed Solaris 11.
  - libtls no longer links statically to libcrypto / libssl unless
    '--enable-libtls-only' is specified at configure time.
  - Improved Windows compatibility library, namely handling of files vs
    sockets, correcting an exception when operating on a closed socket.
  - CMake builds no longer hardcode '-O2' into the compiler flags, instead
    using flags from the CMake build type instead.
  - Set the CMake default build type to 'Release'. This can be overridden
    during configuration.
  - Fixed broken ASM support with MinGW builds.
* Internal improvements
  - Fixed alignment handling in SHA-512.
  - Moved the verified_chain to the correct internal struct.
  - Improved checks for commonName in libtls.
  - Fixed error check for X509_get_ext_d2i() failure in libtls.
  - Improved BIGNUM internals and performance.
  - Significantly improved Montgomery multiplication performance.
  - Initial cleanup passes for SHA-256 internals.
  - Converted more libcrypto internals API using CBB and CBS.
  - Removed code guarded by #ifdef ZLIB.
  - Changed ASN1_item_sign_ctx() and ASN1_item_verify() to work with
    Ed25519 and fixed a few bugs in there.
  - Fixed various issues with EVP_PKEY_CTX_{new,dup}().
  - Improved X.509 certificate version checks.
  - Cleaned up handling of elliptic curve cofactors.
  - Made BN_num_bits() independent of bn->top.
  - Rewrote and simplified bn_sqr().
  - Removed EC_GROUP precomp machinery.
  - Ensure no X.509v3 extensions appear more than once in certificates.
  - Cleaned up various ECDH, ECDSA and EC internals.
  - Replaced ASN1_bn_print with a cleaner internal implementation.
  - Simplified ASN1_item_sign_ctx().
  - Rewrote OBJ_find_sigid_algs() and OBJ_find_sigid_by_algs().
  - Various improvements in the 'simple' EC code.
  - Fix OPENSSL_cpuid_setup() invocations on arm/aarch64.
  - Reduced the dependency of hash implementations on many layers of
    macros. This results in significant speedups since modern compilers
    are now less confused.
  - Significantly simplified the BN_BLINDING internals used in RSA.
* New features
* Compatibility changes
  - X509_NAME_get_text_by_{NID,OBJ}() now only succeed if they contain
    valid UTF-8 without embedded NUL.
  - Moved libtls from ECDSA_METHOD to EC_KEY_METHOD.
  - Removed support for ECDH_METHOD and ECDSA_METHOD.
  - BN_is_prime{,_fasttest}_ex() refuse to check numbers larger than
    32 kbits for primality. This mitigates various DoS vectors.
  - Comp was removed.
  - Dynamic loading of conf modules is no longer supported.
  - DSO was removed and OPENSSL_NO_DSO is defined.
  - ENGINE support was removed and OPENSSL_NO_ENGINE is set. In spite
    of this, some stub functions are provided to avoid patching some
    applications that do not honor OPENSSL_NO_ENGINE.
  - It is no longer possible to make the library use your own error
    stack or ex_data implementation.
* Bug fixes
  - Fixed aliasing issue in BN_mod_inverse().
  - Made CRYPTO_get_ex_new_index() not return 0 to allow applications
    to use *_{get,set}_app_data() and *_{get,set}_ex_data() alongside
    each other.
  - Made EVP_PKEY_set1_hkdf_key() fail on a NULL key.
  - Plugged leaks in BIO_chain_dup().
  - Fixed numerous leaks and other minor bugs in RSA, DH, DSA and EC
    ASN.1 methods. Unified the coding style.
  - On socket errors in the poll loop, netcat could issue system calls
    on invalidated file descriptors.
* Documentation improvements
  - Made it very explicit that the verify callback should not be used.
  - Called out that the CRL lastUpdate is standardized as thisUpdate.
* Testing and Proactive Security
  - As always, new test coverage is added as bugs are fixed and subsystems
    are cleaned up.
* Security fixes
  - Disabled TLSv1.0 and TLSv1.1 in libssl so that they may no longer
    be selected for use.

3.8.0:

* Portable changes
  - Extended the endian.h compat header with hto* and *toh macros.
  - Adapted more tests to the portable framework.
* Internal improvements
  - Improved sieve of Eratosthenes script used for generating a table
    of small primes.
  - Started cleaning up and rewriting SHA internals.
  - Replace internal use of BN_copy() with bn_copy() for consistency.
  - Rewrote and improved BN_exp() and BN_copy().
  - Add branch target information (BTI) support to arm64 assembly.
  - Replaced BN_mod_sqrt() with a new implementation.
  - Removed incomplete and dangerous BN_RECURSION code.
  - Added endbr64 instructions to amd64 assembly.
  - Imported RFC 5280 policy checking code from BoringSSL and used it
    to replace the old exponential time code.
  - Converted more of libcrypto to use CBB/CBS.
  - Cleaned up and simplified the code dealing with builtin curves.
* New features
  - Added support for truncated SHA-2 and for SHA-3.
  - The BPSW primality test performs additional Miller-Rabin rounds
    with random bases to reduce the likelihood of composites passing.
  - Allow testing of ciphers and digests using badly aligned buffers
    in openssl speed.
  - Added a workaround for a poorly thought-out change in OpenSSL 3 that
    broke privilege separation support in libtls.
* Compatibility changes
  - Support for GF2m was removed: BIGNUM no longer supports binary extension
    field arithmetic and all binary elliptic builtin curves were removed.
  - Removed dangerous, "fast" NIST prime and elliptic curve implementations.
    In particular, EC_GFp_nist_method() is no longer available.
  - Removed most public symbols that were deprecated in OpenSSL 0.9.8.
  - Removed the public X9.31 API (RSA_X931_PADDING is still available).
  - Removed Cipher Text Stealing mode.
  - Removed SXNET and NETSCAPE_CERT_SEQUENCE support including the
    openssl(1) nseq command.
  - Dropped proxy certificate (RFC 3820) support.
  - The POLICY_TREE and its related structures and API were removed.
  - The explicitText user notice uses UTF8String instead of VisibleString
    to reduce the risk of emitting certificates with invalid DER-encoding.
  - Initial fixes for RSA-PSS support to make the TLSv1.3 stack more
    compliant with RFC 8446.
* Bug fixes
  - Correctly handle negative input to various BIGNUM functions.
  - Ensure ERR_load_ERR_strings() does not set errno unexpectedly.
  - Fix error checking of i2d_ECDSA_SIG() in ossl_ecdsa_sign().
  - Fixed detection of extended operations (XOP) on AMD hardware.
  - Ensure Montgomery exponentiation is used for the initial RSA blinding.
  - Policy is always checked in X509 validation. Critical policy extensions
    are no longer silently ignored.
  - Fixed error handling in tls_check_common_name().
  - Add missing pointer invalidation in SSL_free().
  - Fixed X509err() and X509V3err() and their internal versions.
  - Ensure that OBJ_obj2txt() always returns a C string again.
  - In X509_VERIFY_PARAM_inherit() copy hostflags independently of the
    host list.
* Documentation improvements
  - Improved documentation of BIO_ctrl(3), BIO_set_info_callback(3),
    BIO_get_info_callback(3), BIO_method_type(3), and BIO_method_name(3).
  - Marked BIO_CB_return(), BIO_cb_pre(), and BIO_cb_post() as intentionally
    undocumented.
* Testing and Proactive Security
  - Significantly improved test coverage of BN_mod_sqrt() and GCD.
  - As always, new test coverage is added as bugs are fixed and subsystems
    are cleaned up.

3.7.3:

* Bug fix
  - Hostflags in the verify parameters would not propagate from an
    SSL_CTX to newly created SSL.
* Reliability fix
  - A double free or use after free could occur after SSL_clear(3).

3.7.2:

* Portable changes
  - Moved official Github project to https://github.com/libressl/.
  - Build support for Apple Silicon.
  - Installed opensslconf.h is now architecture-specific.
  - Removed internal defines from opensslconf.h.
  - Support reproducible builds on tagged commits in main branch.
* Internal improvements
  - Initial overhaul of the BIGNUM code:
    - Added a new framework that allows architecture-dependent
      replacement implementations for bignum primitives.
    - Imported various s2n-bignum's constant time assembly primitives
      and switched amd64 to them.
    - Lots of cleanup, simplification and bug fixes.
  - Changed Perl assembly generators to move constants into .rodata,
    allowing code to run with execute-only permissions.
  - Capped the number of iterations in DSA and ECDSA signing (avoiding
    infinite loops), added additional sanity checks to DSA.
  - ASN.1 parsing improvements.
  - Made UI_destroy_method() NULL safe.
  - Various improvements to nc(1).
  - Always clear EC groups and points on free.
  - Cleanup and improvements in EC code.
  - Various openssl(1) improvements.
  - Remove dependency on system timegm() and gmtime() by replacing
    traditional Julian date conversion with POSIX epoch-seconds date
    conversion from BoringSSL.
  - Clean old and unused BN code dealing with primes.
  - Start rewriting name constraints code using CBS.
  - Remove support for the HMAC PRIVATE KEY.
  - Rework DSA signing and verifying internals.
  - Internal headers coming from OpenSSL are all called *_local.h now.
  - Rewrite TLSv1.2 key exporter.
  - Cleaned up and refactored various aspects of the legacy TLS stack.
* Bug fixes
  - Fixed a memory leak, a double free and various other issues in
    BIO_new_NDEF().
  - Fixed various crashes in the openssl(1) testing utility.
  - Do not check policies by default in the new X.509 verifier.
  - Added missing error checking in PKCS7.
  - Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
  - Add EVP_chacha20_poly1305() to the list of all ciphers.
  - Fix potential leaks of EVP_PKEY in various printing functions
  - Fix potential leak in OBJ_NAME_add().
  - Avoid signed overflow in i2c_ASN1_BIT_STRING().
  - Clean up EVP_PKEY_ASN1_METHOD related tables and code.
  - Fix long standing bugs BN_GF2m_poly2arr() and BN_GF2m_mod().
  - Fix segfaults in BN_{dec,hex}2bn().
  - Fix NULL dereference in x509_constraints_uri_host() reachable only
    in the process of generating certificates.
  - Fixed a variety of memory corruption issues in BIO chains coming
    from poor old and new API: BIO_push(), BIO_pop(), BIO_set_next().
  - Avoid potential divide by zero in BIO_dump_indent_cb()
* New features
  - Added UI_null()
  - Added X509_STORE_*check_issued()
  - Added X509_CRL_get0_tbs_sigalg() and X509_get0_uids() accessors.
  - Added EVP_CIPHER_meth_*() setter API.
  - BIO_read() and BIO_write() now behave more closely to OpenSSL 3 in
    various corner cases. More work is needed here.
  - Added Ed25519 support both as a primitive and via OpenSSL's EVP
    interfaces.
  - X25519 is now also supported via EVP.
  - The OpenSSL 1.1 raw public and private key API is available with
    support for EVP_PKEY_ED25519, EVP_PKEY_HMAC and EVP_PKEY_X25519.
    Poly1305 is not currently supported via this interface.
* Documentation improvements
  - Marked BIO_s_log(3) BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), BIO_nwrite(3),
    BIO_dump_cb(3) and BIO_dump_indent_cb(3) as intentionally undocumented.
  - Document BIO_number_read(3), BIO_number_written(3),
    BIO_set_retry_read(3), BIO_set_retry_write(3),
    BIO_set_retry_special(3), BIO_clear_retry_flags(3),
    BIO_get_retry_flags(3), BIO_dup_chain(3), BIO_set_flags(3),
    BIO_clear_flags(3), BIO_test_flags(3), BIO_get_flags(3).
    BIO_callback_fn_ex(3), BIO_set_callback_ex(3), BIO_get_callback_ex(3),
    BIO_callback_fn(3), and the BIO_FLAGS_* constants
  - Correct the prototypes of BIO_get_conn_ip(3) and BIO_get_conn_int_port(3).
  - Document ED25519_keypair(3), ED25519_sign(3), and ED25519_verify(3).
  - Document EVP_PKEY_new_raw_private_key(3),
    EVP_PKEY_new_raw_public_key(3), EVP_PKEY_get_raw_private_key(3), and
    EVP_PKEY_get_raw_public_key(3).
  - Document ASN1_buf_print(3).
  - Document DH_get0_*, DSA_get0_*, ECDSA_SIG_get0_{r,s}() and RSA_get0_*.
  - Merged documentation of UI_null() from OpenSSL 1.1
  - Various spelling and other documentation improvements.
  - Numerous improvements and additions for ASN.1, BIO, BN, and X.509.
  - The BN documentation is now considered to be complete.
* Testing and Proactive Security
  - As always, new test coverage is added as bugs are fixed and subsystems
    are cleaned up.
  - New Wycheproof tests added.
  - OpenSSL 3.0 Interop tests added.
  - Many old tests rewritten, cleaned up and extended.
* Security fixes
  - A malicious certificate revocation list or timestamp response token
    would allow an attacker to read arbitrary memory.

3.7.1:

* Internal improvements
  - Initial overhaul of the BIGNUM code:
    - Added a new framework that allows architecture-dependent
      replacement implementations for bignum primitives.
    - Imported various s2n-bignum's constant time assembly primitives
      and switched amd64 to them.
    - Lots of cleanup, simplification and bug fixes.
  - Changed Perl assembly generators to move constants into .rodata,
    allowing code to run with execute-only permissions.
  - Capped the number of iterations in DSA and ECDSA signing (avoiding
    infinite loops), added additional sanity checks to DSA.
  - ASN.1 parsing improvements.
  - Made UI_destroy_method() NULL safe.
  - Various improvements to nc(1).
  - Always clear EC groups and points on free.
  - Cleanup and improvements in EC code.
  - Various openssl(1) improvements.
* Bug fixes
  - Fixed a memory leak, a double free and various other issues in
    BIO_new_NDEF().
  - Fixed various crashes in the openssl(1) testing utility.
  - Do not check policies by default in the new X.509 verifier.
  - Avoid crash with ASN.1 BOOLEANS in openssl(1) asn1parse.
  - Added missing error checking in PKCS7.
  - Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
* Compatibility changes
  - Correct the prototypes of BIO_get_conn_ip(3) and
    BIO_get_conn_int_port(3).
* New features
  - Added UI_null()
  - Added X509_STORE_*check_issued()
  - Added X509_CRL_get0_sigalg() and X509_get0_uids() accessors.
  - Added EVP_CIPHER_meth_*() setter API.
* Documentation improvements
  - Marked BIO_s_log(3) BIO_nread0(3), BIO_nread(3), BIO_nwrite0(3), BIO_nwrite(3),
    BIO_dump_cb(3) and BIO_dump_indent_cb(3) as intentionally undocumented.
  - Merged documentation of UI_null() from OpenSSL 1.1
  - Document BIO_number_read(3), BIO_number_written(3),
    BIO_set_retry_read(3), BIO_set_retry_write(3),
    BIO_set_retry_special(3), BIO_clear_retry_flags(3),
    BIO_get_retry_flags(3), BIO_dup_chain(3), BIO_set_flags(3),
    BIO_clear_flags(3), BIO_test_flags(3), BIO_get_flags(3).
    BIO_callback_fn_ex(3), BIO_set_callback_ex(3), BIO_get_callback_ex(3),
    BIO_callback_fn(3), and the BIO_FLAGS_* constants
  - Document ED25519_keypair(3), ED25519_sign(3), and ED25519_verify(3).
  - Document EVP_PKEY_new_raw_private_key(3),
    EVP_PKEY_new_raw_public_key(3), EVP_PKEY_get_raw_private_key(3), and
    EVP_PKEY_get_raw_public_key(3).
  - Document ASN1_buf_print(3).
  - Document ECDSA_SIG_get0_{r,s}().
  - Document DH_get0_* for individual DH members.
  - Document DSA_get0_* for individual DSA members
  - Document RSA_get0_* for individual RSA members.
  - Various spelling and other documentation improvements.
* Testing and Proactive Security
  - As always, new test coverage is added as bugs are fixed and subsystems
    are cleaned up.
  - New Wycheproof tests added.
  - OpenSSL 3.0 Interop tests added.
  - Many old tests rewritten, cleaned up and extended.
* Security fixes
  - A malicious certificate revocation list or timestamp response token
    would allow an attacker to read arbitrary memory.

(schmonz)

py-cbor2: updated to 5.5.1

5.5.1
- Fixed ``CBORSimpleValue`` allowing the use of reserved values (24 to 31) which resulted in
  invalid byte sequences
- Fixed encoding of simple values from 20 to 23 producing the wrong byte sequences

(adam)

grpc: fix comment in patch

(nros)

doc: de-update ldb

(wiz)

ldb: downgrade, for samba4 (4.18.8)

(wiz)

gtksourceviewmm: remove

dead upstream, no users in pkgsrc

(wiz)

doc: Updated devel/jj to 0.11.0

(wiz)

jj: update to 0.11.0.

Breaking changes

    Conflicts are now stored in a different way. Commits written by a new jj
    binary will not be read correctly by older jj binaries. The new model
    solves some performance problems with the old model. For example, jj log
    should be noticeably faster on large repos. You may need to create a new
    clone to see the full speedup.

    The remote_branches() revset now includes branches exported to the Git
    repository (so called Git-tracking branches.) Use
    remote_branches(remote=exact:"origin") to query branches of certain remote.

    Status messages are now printed to stderr.

    jj config set now interprets the value as TOML also if it's a valid TOML
    array or table. For example, jj config set --user 'aliases.n' '["new"]'

    Remote branches now have tracking or non-tracking flags. The
    git.auto-local-branch setting is applied only to newly fetched remote
    branches. Existing remote branches are migrated as follows:
        If local branch exists, the corresponding remote branches are considered
        tracking branches.
        Otherwise, the remote branches are non-tracking branches.

    If the deduced tracking flags are wrong, use jj branch track/untrack
    commands to fix them up.

    See automatic local branch creation
    for details.

    Non-tracking remote branches aren't listed by default. Use jj branch list --all to show all local and remote branches.

    It's not allowed to push branches if non-tracking remote branches of the same
    name exist.

    Pushing deleted/moved branches no longer abandons the local commits referenced
    by the remote branches.

    jj git fetch --branch now requires glob: prefix to expand * in branch
    name.

New features

    jj's stable release can now be installed with cargo binstall jj-cli.

    jj workspace add now takes a --revision argument.

    jj workspace forget can now forget multiple workspaces at once.

    branches()/remote_branches()/author()/committer()/description()
    revsets now support glob matching.

    jj branch delete/forget/list, and jj git push --branch now support
    string pattern syntax. The --glob option
    is deprecated in favor of glob: pattern.

    The branches/tags/git_refs/git_head template keywords now return a
    list of RefNames. They were previously pre-formatted strings.

    The new template keywords local_branches/remote_branches are added to show
    only local/remote branches.

    jj workspace add now preserves all parents of the old working-copy commit
    instead of just the first one.

    jj rebase -r gained the ability to rebase a revision A onto a descendant
    of A.

Fixed bugs

    Updating the working copy to a commit where a file that's currently ignored
    in the working copy no longer leads to a crash
    (#976).

    Conflicts in executable files can now be resolved just like conflicts in
    non-executable files (#1279).

    jj new --insert-before and --insert-after now respect immutable revisions
    (#2468).

(wiz)

doc: Updated databases/ldb to 2.8.0

(wiz)

ldb: update to 2.8.0.

Changes not found.

(wiz)

*: recursive bump for icu 74.1

(wiz)

py-httpx-socks: updated to 0.8.0

0.8.0
Unknown changes

(adam)

py-faker: updated to 19.13.0

v19.13.0

* Add more entries in `cs_CZ`'s geo. Thanks @george0st.

v19.12.1

* Fix latest days of the month as birth day in italian SSN. Thanks @@TommasoLencioni

v19.12.0

* Add `geo` provider for `cs_CZ`. Thanks @george0st.

v19.11.1

* Fix handling for finnish ssn where `min_age` and `max_age` are the same. Thanks @Pakkanen1.

v19.11.0

* Add a few street names to `cs_CZ`. Thanks @george0st.
* Add words to lorem for `cs_CZ`. Thanks @george0st.
* Add color for `cs_CZ`. Thanks @george0st.

(adam)

www/ufdbguard: requires bash

Add bash to USE_TOOLS

(sborrill)

doc: Updated textproc/icu to 74.1

(wiz)

icu: update to 74.1.

ICU 74 is now available. It updates to Unicode 15.1, including new
characters, emoji, security mechanisms, and corresponding APIs and
implementations. It also updates to CLDR 44 (blog) locale data with
new locales and various additions and corrections.

(wiz)

doc: Updated mail/rspamd to 3.7.3

(wiz)

rspamd: update to 3.7.3.

3.7.3: 27 Oct 2023
  * [Fix] Emergency fix for the hyperscan path error

3.7.2: 26 Oct 2023
  * [Feature] rbl: support checking returncodes by CIDR
  * [Feature] rbl: support checking returncodes by regex
  * [Feature] rbl: support globbed return codes
  * [Fix] DMARC reporting: fix reporting for subdomains
  * [Fix] Deal with fmtlib exceptions properly
  * [Fix] backport fix for dlfcn.h from backward-cpp
  * [Rules] Blank spam detection

(wiz)

doc: Updated devel/tevent to 0.16.0

(wiz)

tevent: update to 0.16.0.

Changes not found.

(wiz)

grpc: Make sure FIONREAD is declared on Solaris/Ilumos

(nros)

Previous, but done correctly.

(nia)

lua-posix: -dynamiclib cannot be combined with -bundle with old versions
of the Darwin linker, and older Darwin linkers don't understand -shared
anyway

(nia)

highlight: reset PKGREVISION after libhighlight update.

(schmonz)

doc: Updated textproc/libhighlight to 4.10

(schmonz)

highlight: update to 4.10. Changes:

- updated astyle lib to version 3.4.10

(schmonz)

mpg123: Resolve a PLIST conflict on Darwin/powerpc.

(nia)

openssh: Be a bit less optimistic about fidoo2 support in legacy Darwin.

(nia)

Updated net/gupnp, textproc/py-black

(adam)

py-black: updated to 23.11.0

23.11.0

Highlights

- Support formatting ranges of lines with the new `--line-ranges` command-line option

Stable style

- Fix crash on formatting bytes strings that look like docstrings
- Fix crash when whitespace followed a backslash before newline in a docstring
- Fix standalone comments inside complex blocks crashing Black
- Fix crash on formatting code like `await (a ** b)`
- No longer treat leading f-strings as docstrings. This matches Python's behaviour and
fixes a crash

Preview style

- Multiline dicts and lists that are the sole argument to a function are now indented
less
- Multiline unpacked dicts and lists as the sole argument to a function are now also
indented less
- In f-string debug expressions, quote types that are visible in the final string are
now preserved
- Fix a bug where long `case` blocks were not split into multiple lines. Also enable
general trailing comma rules on `case` blocks
- Keep requiring two empty lines between module-level docstring and first function or
class definition
- Add support for single-line format skip with other comments on the same line

Configuration

- Consistently apply force exclusion logic before resolving symlinks
- Fix a bug in the matching of absolute path names in `--include`

Performance

- Fix mypyc builds on arm64 on macOS

Integrations

- Black's pre-commit integration will now run only on git hooks appropriate for a code
formatter

(adam)

gupnp: updated to 1.6.6

1.6.6 (stable)

- NetworkManager: Drop manual creation of lo contexts
- ServiceProxy: Add new API for creating actions
- Introspection: Be more resilient against weird formatting
- Acl: Improve introspectability
- ServiceProxy: Add result iterator for Action
- Plug various smaller leaks

(adam)

spirv-llvm-translator: fix PLIST

(adam)

texlive-collection-fontsextra: some additional fonts

(markd)

blender: turn on c++ extensions using cmake, instead of USE_LANGUAGES

(nros)

qt6: get extra configure arguments from cmake/configure-settings.mk
This makes fixes in the cmake settings for different platforms
to be added to the qt6 build automatically and be in one place
instead of having to replicated in the qt6 packages.
CMAKE_INSTALL_PREFIX had to be set when configuring qt6 modules
or they would be installed under ${PREFIX} instead of ${PREFIX}/qt6.

(nros)

tex-texlive.infra: install empty texlive.tlpdb to make texdoc happy.

(markd)

Updated www/squid6 to 6.5

(sborrill)

misc/tailspin

Adopt maintainer.

(pin)

doc: Updated textproc/sd to 1.0.0

(pin)

textproc/sd: update to 1.0.0

[1.0.0] - 2023-11-07

A quick note to any packages. The generated shell completions and man page are
now in the gen directory of the repo. They're also included in the pre-built
release artifacts on the releases page.

Improvements
#115 Do not replace symlink with output file (@SimplyDanny)
      Fixes an issue where a symlink would be replaced with a regular file
#124 Fix tests (@Linus789)
      Removed displaying the file path when passing the --preview flag and fixed how text coloring was handled in tests

Breaking
#192 Rename --string-mode to --fixed-strings (@CosmicHorrorDev)
      Renamed -s --string-mode to -f --fixed-strings to better match similar
      tools
      -s and --string-mode will still continue to work for backwards
      compatibility, but are no longer documented
#258 Error on $<num><non_num> capture replacement names (@CosmicHorrorDev)
      Previously when you tried to use a numbered capture group right before
      some letters in the replacement text (e.g. $1foo) then it would be
      considered the impossible-to-use 1foo capture. The correct way to pass
      the numbered capture group in this case would be to surround the number
      with curly braces like so ${1}foo. The error just detects this case and
      informs the user of the issue

Docs
#93 Add note about in-place file modification to --help output (@jchook)
#148 Doc: nitpick -- has no special meaning to shells (@hexagonrecursion)
#181 Fix man page -f flag help text (@ulope)
      Fixed copy-pasted text in the man page's -f flag's help text
#186 Improve error message for failed replacements (@CosmicHorrorDev)
#187 Freshen up README (@CosmicHorrorDev)
      Added a repology badge to document different installation methods
      Improved the formatting of the benchmarks
#207 Documenting $ escape (@yahkbar)
      Adds a section in the README that covers that $$ is a literal $ in the
      replacement text
#227 Improve README readability (@vassudanagunta)
      Various formatting improvements
#231 Use clap_mangen and roff to generate manpage (@nc7s)
      This change ensures the man page contents stay in sync with the CLI
      automatically, and fixes some broken rendering of the existing manpage
#243 Exclude unsupported packages from the repology badge (@CosmicHorrorDev)

Pre-built Releases
(11295fb) Add ARM target (@chmln)
          Added the arm-unknown-linux-gnueabihf target to CI and releases
#114 Adding aarch64-apple-darwin target (@yahkbar)
#143 Fix paths to release binary in "publish" action (@skrattaren)
#179 Build Adjustments (@yahkbar)
      striped release binaries and added the aarch64-ubuntu-linux-musl target
#204 Adding armv7-unknown-linux-gnueabihf target (@yahkbar)
      Added the armv7-unknown-linux-gnueabihf target to the list of targets to
      build in CI and for each release
#205 Resolving broken aarch64-apple-darwin tests (@yahkbar)
      Switched aarch64-apple-darwin to only try building the executable without
      running the tests since there seems to be no easy way to test for ARM
      Apple targets
#206 Adding Windows builds back (@yahkbar)
      Added the x86_64-pc-windows-gnu and x86_64-windows-musl targets back to
      the list of targets to build in CI and for each release

Internal
#118 Fix master (@SimplyDanny)
      Fixes several cross-compilation issues that effected different targets
      in CI
#182 cargo update (@CosmicHorrorDev)
      Bumps dependencies to their latest compatible versions
#183 Switch memmap -> memmap2 (@CosmicHorrorDev)
      Switches away from an unmaintained crate
#184 Add editor config file matching rustfmt config (@CosmicHorrorDev)
      Adds an .editorconfig file matching the settings listed in the
      .rustfmt.toml file
#185 Fix warnings and clippy lints (@CosmicHorrorDev)
#188 Switch atty for is-terminal (@CosmicHorrorDev)
      Switches away from an unmaintained crate
#189 Replace structopt with clap v4 (@CosmicHorrorDev)
      Switches away from a defacto deprecated crate
#190 Change how all shell variants are expressed (@CosmicHorrorDev)
      Tiny tidying up PR
#196 Move generating static assets to a cargo-xtask task (@CosmicHorrorDev)
      Moves the generation of the man page and shell completions from a build
      script to a cargo-xtask task
#197 Add a release checklist (@CosmicHorrorDev)
#209 Dependency updates (@yahkbar)
#235 Update generated assets (@CosmicHorrorDev)
#236 Tone down dependabot (@CosmicHorrorDev)
#245 Update sd to 2021 edition (@CosmicHorrorDev)
      Updates sd to the Rust 2021 edition
#248 Misc Cargo.toml tweaks (@CosmicHorrorDev)
      Switches to use workspace edition and dependencies where appropriate
#249 Resolve CI warnings (@CosmicHorrorDev)
      Switched from actions-rs actions to dtolnay@rust-toolchain
      Switched from using ::set-output to $GITHUB_ENV
#251 Update dependencies (@CosmicHorrorDev)
A lot of sad CI tweaking:
      #252 Fix build target usage in CI (@CosmicHorrorDev)
      #253 Improve publishing CI job (@CosmicHorrorDev)
      #256 More CI tweaks (@CosmicHorrorDev)
      #257 Fix publish action (@CosmicHorrorDev)
#267 Rework the replacements flag (@CosmicHorrorDev)
#269 Make modified text blue instead of green (@CosmicHorrorDev)
#271 Fix release checklist indentation (@CosmicHorrorDev)
#272 Remove outdated release checklist step (@CosmicHorrorDev)
#274 Prepare 1.0.0-beta.0 release (@CosmicHorrorDev)
#275 Update sd version in lockfile (@CosmicHorrorDev)

(pin)

doc: Updated editors/tp-note to 1.22.12

(pin)

editors/tp-note: update to 1.22.12

New feat.: localize new note's front matter / theme selection

* Localize new note's front matter

* Theme selection:
  A theme is an interchangeable set of configuration file variables. Tp-Note is shipped
  with two scheme: `default`, `zettel` (for Zettelkasten, experimental).

  The user can select a scheme with:
  * the command line option `--scheme SCHEME_NAME`,
  * environment variable `TPNOTE_SCHEME` or
  * the configuration file variable `arg_default.scheme`.

* The command line option:
  `--force-lang='-'` is replaced with `--force-lang=''`

(pin)

Fix PR pkg/55401 from Sevan Janiyan, and after some testing and
encouragement from David Holland, and also the younger generation -
apply the fix from the PR.

Thanks for the PR, the fix, and the nudges, folks, and sorry it took so long!

(agc)

doc: Updated editors/PageEdit to 2.0.2

(wiz)

PageEdit: update to 2.0.2.

PageEdit-2.02
  Bug Fixes
    - workaround QtWebEngine load Finished signal not indicating when javascript is ready
    - remove previous hack for missing loadFinished after loadStarted during internal links
    - update Qt with patches to fix numerous Accessibility bugs in Qt6.5.2 that caused crashing
    - workaround MacOS QMessageBox loss of focus Qt 6.5.X bug without hurting other platforms
    - give user the chance to cancel leaving a page if modified
    - update macOS Info.plist for macOS min of macOS 11.0
    - add workaround Edit->Paste of html from clipboard without full context on Windows

PageEdit-2.00
  New Features
    - updated official releases to use Qt 6.5.2
    - added ability to create and apply Clips
    - updated to jquery 3.6.4 for security fixes
    - added ability to control print output quality (dpi)
    - added ability to show embedded pdfs in an epub (ala ADE)

  Bug Fixes:
    - updated to the latest sigil-gumbo for bug fixes and to add new tags
    - fixed all/most compiler warnings depending on platfrom/compiler
    - added WebProfileMgr to fix crashes and better manage QWebEngineProfile and local storage

(wiz)

doc: Updated editors/Sigil to 2.0.2

(wiz)

Sigil: update to 2.0.2.

Sigil-2.0.2
    Bug Fixes
      - fix incorrect clip tool button insertion point due to null activeWindow value
      - fix Windows multiple screen issues when not properly identified (Qt6.5.2 patch fix)
      - fix Mac Accessibility related crashes when using non-native QFileDialog (Qt 6.5.2 patch fix)
      - workaround MacOS QMessageBox loss of focus Qt 6.5.X bug without hurting other platforms
      - fix pretty print mend not formatting mathml
      - fix Accessibility related crashes in QFontComboBox (Qt 6.5.2 patch fix)
      - prevent crashing if user mistakenly tries to delete entire ncx in CodeView
      - harden delete unused styles to trailing whitespace in class names
      - fix unrecognized media-types application/xml and text/xml
      - fix cursor just before end tag bug in align justiry, centre, right
      - fix crash when all metadata removed by user in MetaEditor
      - fix macOS min in Info.plist to be the actual 11.0
      - update build docs to Qt 6.5.3

Sigil-2.0.1
    Bug Fixes
      - fix crash when right click on Misc folder in BookBrowser
      - Allow user to revert CodeView drag_and_drop change via environment variable: SIGIL_ALLOW_CODEVIEW_DROP=1
        Note: Using DragnDrop in CodeView is still NOT officially supported.
      - add inadvertantly missed updated serbian translation (ts) file

Sigil-2.0.0
    Bug Fixes
      - fix incorrect assert in sigil-gumbo
      - recognize application/pdf mediatype on epub import
      - remove compiler build warnings to clean up the build output
      - recognize source tag attribute srcset for xhtml source updates
      - fix Preview disconnect bug after split at cursor
      - fixed sigil-gumbo interface for plugins
      - added workaround for ADE epub3 bug with scaled cover images
      - fix encoding for named entities in opf metadata
      - fix drag/drop crash by disabling drop inside CodeViewEditor
      - fix CodeView to Preview syncing on text after an inline xhtml comment

    New Features
      - updated to Qt 6.5.2 which is now used for official releases
      - updated to Python 3.11.3 and uses the latest EmbededPython interface
      - updated to the latest jquery version 3.6.4
      - supports use of embedded pdfs ala ADE
      - added dark window titlebars for Windows platforms
      - add support for a user's cover-template2.xhtml and cover-template3.xhtml
      - add user preference to control printing dpi and add busy indicator icon

(wiz)

doc: Updated devel/py-setuptools_scm to 8.0.4

(wiz)

py-setuptools_scm: update to 8.0.4.

# v8.0.4

## Changed

- introduce scriv for changelog management
- reconfigure local build backend to use an attribute instead of star imports from setuptools
- introduce ruff as a linter
- ensure the setuptools version keyword correctly load pyproject.toml configuration
- add build and wheel to the test requirements for regression testing
- move internal toml handling to own module

## Fixed

- fix #925: allow `write_to` to be an absolute path when it's a subdirectory of the root
- fix #932: ensure type annotations in version file don't cause linter issues
- fix #930: temporary restore `DEFAULT_VERSION_SCHEME` and `DEFAULT_LOCAL_SCHEME` on the `setuptools_scm` package

# v8.0.3

## bugfix

- fix #918 for good - remove external importlib-metadata to avoid source only loop
- fix #926: ensure mypy on python3.8 works with the version file

# v8.0.2

## bugfix

- fix #919: restore legacy version-file behaviour for external callers + add Deprecation warning
- fix #918: use packaging from setuptools for self-build
- fix #914: ignore the deprecated git archival plugin as its integrated now
- fix #912: ensure mypy safety of the version template + regression test
- fix #913: use 240s timeout instead of 20 for `git unshallow`
  to account for large repos or slow connections

# v8.0.1

## bugfix

- update version file template to work on older python versions by using type comments
- ensure tag regex from setup.py is parsed into regex

# v8.0.0

## breaking

- remove legacy version parser api - config arg always required
- turn Configuration into a dataclass
- require configuration to always pass into helpers
- hide file-finders implementation in private module
- renamed setuptools_scm.hacks to setuptools_scm.fallbacks and drop support for pip-egg-info
- remove trace function and use logging instead
- unify `distance=None` and `distance=0` they should mean the same andwhere hiding dirty states that are now explicitly dirty
- depend on later importlib for the full selectable api
- move setuptools integration code to private sub-package
- use normalized dist names for the `SETUPTOOLS_SCM_PRETEND_VERSION_FOR_${DIST_NAME}` env var
- drop support for python 3.7
- introduce `version_file` as replacement for `write_to`

## features

- created a directory for the vcs-versioning package and added it to pypi
- git: expect main as possible default branch
- drop version_from_scm helper
- trim down exposed public api
- no longer self-call twice in setuptools
- add support for version schemes by import
- chores

    - migrate own metadata to pyproject.toml
    - consolidate version schemes
    - stricter tag typing
    - pre-compiled regex
    - move helpers to private modules

- support passing log levels to SETUPTOOLS_SCM_DEBUG
- support using rich.logging as console log handler if installed
- fix #527: type annotation in default version template
- fix #549: use fallbacks when scm search raises CommandNotFoundError

## bugfixes

- fix #883: use HeadersParser to ensure only mime metadata in headers is used
- fix #884: parse calver dates from versions with the v prefix
- don't use a C locale without UTF-8 support, when running commands.

(wiz)

py-cyclonedx-python-lib: annotate workaround

(wiz)

doc: Updated security/py-cyclonedx-python-lib to 5.1.1

(wiz)

py-cyclonedx-python-lib: update to 5.1.1.

5.1.1

Bugfix release

5.1.0

Documentation

    docs: advance license docs (f61a730)

Feature

    feat: guarantee unique BomRefs in serialization result (#479) (a648775)
    Incorporate output.BomRefDiscriminator on serialization

5.0.1

What's Changed

    docs: fix RTFD build by @jkowalleck in #476
    docs: revisit project meta by @jkowalleck in #475
    chore: make pyproject parsable by dependabot by @jkowalleck in #477
    chore(deps): bump python-semantic-release/python-semantic-release from 8.0.8 to 8.3.0 by @dependabot in #474

5.0.0

BREAKING CHANGES

    Dropped support for python<3.8 (#436 via #441; enable #433)
    Reworked license related models, collections, and factories (#365 via #466)
    Behavior
        Method model.bom.Bom.validate() will throw exception.LicenseExpressionAlongWithOthersException, if detecting invalid license constellation (#453 via #452)
        Fixed tuple comparison when unequal lengths (via #461)
    API
        Enum schema.SchemaVersion is no longer string-like (#442 via #447)
        Enum schema.OutputVersion is no longer string-like (#442 via #447)
        Abstract class output.BaseOutput requires implementation of new method output_format (#446 via #447)
        Abstract method output.BaseOutput.output_as_string() got new optional parameter indent (#437 via #458)
        Abstract method output.BaseOutput.output_as_string() accepts arbitrary kwargs (via #458, #462)
        Removed class factory.license.LicenseChoiceFactory (via #466)
        The old functionality was integrated into factory.license.LicenseFactory.
        Method factory.license.LicenseFactory.make_from_string()'s parameter name_or_spdx was renamed to value (via #466)
        Method factory.license.LicenseFactory.make_from_string()'s return value can also be a LicenseExpression (#365 via #466)
        The behavior imitates the old factory.license.LicenseChoiceFactory.make_from_string()
        Renamed class module.License to module.license.DisjunctliveLicense (#365 via #466)
        Removed class module.LicenseChoice (#365 via #466)
        Use dedicated classes module.license.DisjunctliveLicense and module.license.LicenseExpression instead
        All occurrences of models.LicenseChoice were replaced by models.licenses.License (#365 via #466)
        All occurrences of SortedSet[LicenseChoice] were specialized to models.license.LicenseRepository (#365 via #466)

Fixed

    Serialization of multy-licenses (#365 via #466)
    Detect unused "dependent" components in model.bom.validate() (via #464)

Changed

    Updated latest supported list of supported SPDX license identifiers (via #433)
    Shipped schema files are moved to a protected space (via #433)
    These files were never intended for public use.
    XML output uses a default namespace, which makes results smaller. (#438 via #458)

Added

    Support for Python 3.12 (via #460)
    JSON- & XML-Validators (#432, #446 via #433, #448)
    The functionality might require additional dependencies, that can be installed with the extra "validation".
    See the docs in section "Installation" for details.
    JSON & XML can be generated in a more human-friendly form (#437, #438 via #458)
    Type hints, typings & overloads for better integration downstream (via #463)
    API
        New function output.make_outputter() (via #469)
        This replaces the deprecated function output.get_instance().
        New sub-package validation (#432, #446 via #433, #448, #469, #468, #469)
        New class exception.MissingOptionalDependencyException (#432 via #433)
        New class exception.LicenseExpressionAlongWithOthersException (#453 via #452)
        New dictionaries output.{json,xml}.BY_SCHEMA_VERSION (#446 via #447)
        Existing implementations of class output.BaseOutput now have a new method output_format (#446 via #447)
        Existing implementations of method output.BaseOutput.output_as_string() got new optional parameter indent (#437 via #458)
        Existing implementations of method output.BaseOutput.output_to_file() got new optional parameter indent (#437 via #458)
        New method factory.license.LicenseFactory.make_with_expression() (via #466)
        New class model.license.DisjunctiveLicense (#365 via #466)
        New class model.license.LicenseExpression (#365 via #466)
        New class model.license.LicenseRepository (#365 via #466)
        New class serialization.LicenseRepositoryHelper (#365 via #466)

Deprecated

    Function output.get_instance() might be removed, use output.make_outputter() instead (via #469)

Tests

    Added validation tests with official CycloneDX schema test data (#432 via #433)
    Use proper snapshots, instead of pseudo comparison (#437 via #464)
    Added regression test for bug #365 (via #466, #467)

Misc

    Dependencies: bumped py-serializable@^0.15.0, was @^0.11.1 (via #458, #463, #464, #466)
    Style: streamlined quotes and strings (via #472)
    Chore: bumped internal dev- and QA-tools (#436 via #441, #472)
    Chore: added more QA tools to prevent common security issues (via #473)

(wiz)

doc: Updated devel/py-ddt to 1.6.0

(wiz)

py-ddt: update to 1.6.0.

What's Changed

    Moved @named_data into main ddt.py module so it can be imported. by @orgadish in #109
    Enable usage of Sequence in named_data.py by @orgadish in #108

(wiz)

doc: Updated pkgtools/python-versions-check to 1.6

(wiz)

python-versions-check: fix output bug

Bump version.

(wiz)

*: latest py-sphinx only support Python 3.9+

(wiz)

doc: Updated textproc/xapian-omega to 1.4.24

(schmonz)

xapian-omega: update to 1.4.24. Changes:

documentation:

* Document $filesize error handling.

indexers:

* omindex:

  + Implement piped input to filters for __WIN32__.  Previously it looks like
    the filter was run but the input wasn't connected to its stdin so it would
    probably block indefinitely.

  + Fix corner case in shell emulation - we no longer set environment variables
    which start with a digit.

    This issue was spotted from reading the code - in practice this isn't a
    case that's likely to be encountered, and the previous behaviour doesn't
    appear to have any security consequences even if a user was somehow tricked
    into specifying an extraction command did this.

* scriptindex:

  + Check if we can actually support %z in parsedate action.  Previously we
    assumed we could if struct tm had a tm_gmtoff member, but that's only a
    necessary condition and not sufficient, e.g. on Cygwin we have tm_gmtoff
    but strptime() doesn't currently understand %z.

  + If we were expecting an action but didn't get an identifier this triggered
    an infinitely repeating error:

    Unknown index action ''

    Now we instead give a single error:

    Expected index action, found '...'

    where '...' shows the sequence of non-whitespace characters encountered.

testsuite:

* Run tests under eatmydata if available.

* Turn off MSYS2 argument conversion for tests as it breaks omegatest, and we
  shouldn't need this conversion there.

* omegatest: Rewrite in Perl as we were hitting non-portable quoting issues
  with the shell implementation, and really it had grown too large to make
  sense as a shell script anyway.

build system:

* Add --enable-werror configure option.

* configure: Only auto-enable -D_FORTIFY_SOURCE=2 if it works without
  additional libraries and remove the hard-coded block against using it
  on mingw.  Mingw-w64 v11.0.0 eliminated the requirement to link with -lssp
  so we now auto-enable -D_FORTIFY_SOURCE=2 there.

portability:

* Fix to build on Cygwin.

* Rename our bswap32 helper function to avoid clash with system-provided
  function on FreeBSD and NetBSD.

(schmonz)

libcbor: update DESCR

>From Alex Crooks in PR 57686

(wiz)

tcl-xapian: fix build, missed in recent xapian update.

(schmonz)

doc: Updated textproc/xapian to 1.4.24

(schmonz)

xapian: update to 1.4.24. Changes:

testsuite:

* apitest: Add coverage that docids generated by replace_document() don't wrap
  to nomoredocids1 testcase.

* unittest: Improve block file functions unit test which were (unintentionally)
  trying to test with a 4TB sparse file, which not all platforms support.  A
  file just over 4GB is enough to test what we want, and if we trying to create
  one fails with errno EFBIG, indicating the file size is too large, we now
  skip the rest of the testcase.

* unittest: Catch Xapian::Error exceptions and rethrow the std::string returned
  by get_description() as the utestsuite harness doesn't know about
  Xapian::Error so was confusingly reporting it as "UNKNOWN EXCEPTION".

* The testsuite no longer reports NULL as the address associated with a
  signal when running on a platform without both sigaction() and SA_SIGINFO.

matcher:

* Reorder fields in each MSet entry to avoid structure padding on x86-64
  probably other 64-bit platforms.  This reduces the memory needed to hold an
  MSet by 8 bytes per entry on such platforms.

glass backend:

* Eliminate unnecessary memory allocations.  When committing changes, we were
  allocating blocks for all possible levels of the built-in cursor in each
  writable table, even those levels that weren't in use.

  The worst case is a really small database with all optional tables existing
  which would have 54 unused allocations of blocksize + 8 bytes, which with the
  default 8K block size is ~432KB per WritableDatabase; if you explicitly ask
  for 64K block size it'll be ~3.4MB.

  For a more typical WritableDatabase it's probably going to be more like half
  these numbers.

build system:

* Add --enable-werror configure option.

* configure: Only auto-enable -D_FORTIFY_SOURCE=2 if it works without
  additional libraries and remove the hard-coded block against using it
  on mingw.  Mingw-w64 v11.0.0 eliminated the requirement to link with -lssp
  and with this change we now auto-enable -D_FORTIFY_SOURCE=2 for it.

portability:

* swig-depcomp: Strip CR from generated files which fixes an issue in some
  cases when building from git on Microsoft Windows.

* We now avoid triggering SIGPIPE in library code on most platforms.

  On Unix-like platforms we want to avoid generating SIGPIPE when writing to a
  socket when the other end has been closed since signals break the
  encapsulation of what we're doing inside the library - either user code would
  need to handle the SIGPIPE, or we set a signal handler for SIGPIPE but that
  would handle *any* SIGPIPE in the process, not just those we might trigger,
  and that could break user code which expects to trigger and handle SIGPIPE.

  We don't need SIGPIPE since we can check errno==EPIPE instead (which is
  actually simpler to do).

  It seems all current Unix-like platforms now support SO_NOSIGPIPE or
  MSG_NOSIGNAL, so currently we just fall back to setting SIGPIPE to SIG_IGN.
  If there are actually current platforms which have SIGPIPE without
  SO_NOSIGPIPE or MSG_NOSIGNAL then we can look at other ways to avoid
  generating the signal.

* Avoid MSVC warning C4312 which is a reasonable warning in general, but in
  this case we checked that the value wasn't truncated when cast to an int.

* Use TEST_EQUAL_DOUBLE in netstats1 testcase which fixes testcase failure on
  FreeBSD.

* Address GCC13 -Wredundant-move warnings.  In 1.4.10 we added std::move()
  here to address clang warnings from -Wreturn-std-move (enabled by -Wall).
  Just removing the std::move() reintroduces those warning with clang 8 and
  clang 11 (but not clang 13 or later) but changing to apply a static_cast
  to the returned type seems to make all versions of both compilers happy.

* Fix build with UCRT64 variant of mingw-w64 by stopping defining
  __MSVCRT_VERSION__ by default.  It looks like doing so hasn't been needed
  since 2015.

* Add workaround for testsuite failures under Wine where attempting to unlink a
  stub file sometimes fails with errno == EACCES and _doserrno ==
  ERROR_SHARING_VIOLATION.  This is what you'd get if the file was still open,
  but we've already closed it.  Sleeping for a second and retrying makes it
  work, so we now do that.  It'd be better to get to the bottom of what's going
  on, but I've run out of ideas and this workaround is only in the testharness
  at least.

debug code:

* xapian-inspect:

  + `goto` and `until` now go to the entry *after* the specified key if there's
    no exact match, which seems more natural.

  + New `count" command.  This is actually just the same as `until` which
    already reports a count of the number of entries advanced by, except that
    `count` suppresses printing each entry.

Lua:

* Use pkg-config for Lua flags instead of some rather ad-hoc configure probes.
  This improves portability to platforms which require linking to a Lua
  library, or which install the Lua headers directly without a versioned
  containing directory.

PHP8:

* Update configure probe PHP_LIBS on cygwin.  Based on patch found in cygwin
  packaging, authored by Yaakov Selkowitz.

Tcl:

* Fix to handle the case of tcl_pkgPath not existing, which happens on
  Microsoft Windows builds of Tcl.

* run-tcl-test: Fix not to hardcode smoketest.tcl and instead run the program
  specified on the command line.

* Use TCL_SHLIB_EXT for the installed extension which is what Tcl expects.
  Previously the installed Tcl extension used the filename extension that
  libtool thinks is right for modules on the current platform.  We're not
  currently aware of platform where these actually differ, so this may be just
  a latent bug.

* Improve configure probe for stub library to work if the tclConfig.sh we find
  forwards to a different script, as is the case with /usr/lib/tclConfig.sh on
  current Debian.  On Debian at least our method for finding the tclConfig.sh
  to use doesn't find such a forwarding script, but it seems better to be
  robust to this.

* Eliminate special cygwin handling which is no longer needed.

(schmonz)