scmcvs

(maya)

scmcvs: try to find __fpending in stdio.h, too
fixes dragonflybsd build.

bump pkgrevision in case it makes a difference to other users.

(maya)

xf86-input-joystick: workaround dflybsd placing usbhid headers
in a different location.

(maya)

mcookie: override configure script accidentally finding
dragonflybsd cpu_set_t (it's pretty much made for linux,
the upstream name is 'util-linux'...)

indent to appease pkglint

(maya)

Need new ati on dragonfly too.
old doesn't build and isn't interesting to fix

(maya)

Latest round of pullup tickets.

(bsiegert)

Pullup ticket #5415 - requested by wen
www/mediawiki: security fix

Revisions pulled up:
- www/mediawiki/Makefile                                        1.66
- www/mediawiki/PLIST                                          1.32
- www/mediawiki/distinfo                                        1.50

---
  Module Name:    pkgsrc
  Committed By:  wen
  Date:          Thu May 11 14:13:41 UTC 2017

  Modified Files:
          pkgsrc/www/mediawiki: Makefile PLIST distinfo

  Log Message:
  Update to 1.28.2(security update)

  Upstream changes:
  MediaWiki 1.28.2

  This is a security release of the MediaWiki 1.28 branch.

  Due to a mistake in packaging, the releases 1.27.2 and 1.28.1 did not
  contain the fix for SyntaxHighlight_GeSHi. This new release does
  contain that fix.

(bsiegert)

Pullup ticket #5407 - requested by sevan
devel/rt4: build fix

Revisions pulled up:
- devel/rt4/Makefile                                            1.24

---
  Module Name:    pkgsrc
  Committed By:  manu
  Date:          Mon May  8 09:07:40 UTC 2017

  Modified Files:
          pkgsrc/devel/rt4: Makefile

  Log Message:
  Build fix: missing dependency on graphics/p5-GraphViz

(bsiegert)

Pullup ticket #5411 - requested by sevan
www/ap22-dnssd: build fix for SunOS

Revisions pulled up:
- www/ap22-dnssd/Makefile                                      1.39

---
  Module Name:    pkgsrc
  Committed By:  jperkin
  Date:          Wed May 10 13:02:59 UTC 2017

  Modified Files:
          pkgsrc/www/ap22-dnssd: Makefile

  Log Message:
  Fix C99 flags on SunOS.

(bsiegert)

Pullup ticket #5410 - requested by sevan
mail/mutt: build fix for SunOS

Revisions pulled up:
- mail/mutt/distinfo                                            1.58
- mail/mutt/patches/patch-al                                    1.11

---
  Module Name:    pkgsrc
  Committed By:  jperkin
  Date:          Wed May 10 12:29:13 UTC 2017

  Modified Files:
          pkgsrc/mail/mutt: distinfo
          pkgsrc/mail/mutt/patches: patch-al

  Log Message:
  Treat native Solaris Kerberos as Heimdal.  It isn't, but it fixes the build.

(bsiegert)

Pullup ticket #5409 - requested by sevan
lang/openjdk7: build fix

Revisions pulled up:
- lang/openjdk7/Makefile                                        1.115

---
  Module Name:    pkgsrc
  Committed By:  jperkin
  Date:          Tue May  9 14:26:06 UTC 2017

  Modified Files:
          pkgsrc/lang/openjdk7: Makefile

  Log Message:
  Ensure we use the correct rpath to zlib.

(bsiegert)

Pullup ticket #5408 - requested by sevan
www/py-django-cms: security fix

Revisions pulled up:
- www/py-django-cms/Makefile                                    1.44
- www/py-django-cms/PLIST                                      1.30
- www/py-django-cms/distinfo                                    1.35

---
  Module Name:    pkgsrc
  Committed By:  adam
  Date:          Tue May  9 08:13:50 UTC 2017

  Modified Files:
          pkgsrc/www/py-django-cms: Makefile PLIST distinfo

  Log Message:
  Changes 3.4.3:
  * Fixed a security vulnerability in the page redirect field which
  allowed users
    to insert JavaScript code.
  * Fixed a security vulnerability where the ``next`` parameter for the
  toolbar login
    was not sanitised and could point to another domain.

(bsiegert)

Pullup ticket #5406 - requested by sevan
graphics/tiff: security fix

Revisions pulled up:
- graphics/tiff/Makefile                                        1.130-1.135
- graphics/tiff/distinfo                                        1.76-1.81
- graphics/tiff/patches/patch-libtiff_tif__luv.c                1.1
- graphics/tiff/patches/patch-libtiff_tif__pixarlog.c          1.1
- graphics/tiff/patches/patch-libtiff_tif__strip.c              1.1
- graphics/tiff/patches/patch-libtiff_tif_dirread.c            1.3
- graphics/tiff/patches/patch-libtiff_tif_ojpeg.c              1.2
- graphics/tiff/patches/patch-libtiff_tif_read.c                1.2
- graphics/tiff/patches/patch-libtiff_tiffiop.h                1.3
- graphics/tiff/patches/patch-tools_tiff2pdf.c                  1.3
- graphics/tiff/patches/patch-tools_tiffcp.c                    1.3

---
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Sat May  6 20:34:40 UTC 2017

  Modified Files:
          pkgsrc/graphics/tiff: Makefile distinfo
  Added Files:
          pkgsrc/graphics/tiff/patches: patch-tools_tiff2pdf.c

  Log Message:
  Fix CVE-2016-10094, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2640
  and https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76
  Bump PKGREVISION.

---
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Sat May  6 21:02:00 UTC 2017

  Modified Files:
          pkgsrc/graphics/tiff: Makefile distinfo
  Added Files:
          pkgsrc/graphics/tiff/patches: patch-libtiff_tif__luv.c
              patch-libtiff_tif__pixarlog.c

  Log Message:
  Fix CVE-2016-10269, ref. http://bugzilla.maptools.org/show_bug.cgi?id=2604
  and
  https://github.com/vadz/libtiff/commit/1044b43637fa7f70fb19b93593777b78bd20da86
  Bump PKGREVISION.

---
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Sat May  6 21:29:17 UTC 2017

  Modified Files:
          pkgsrc/graphics/tiff: Makefile distinfo
          pkgsrc/graphics/tiff/patches: patch-libtiff_tif_dirread.c
  Added Files:
          pkgsrc/graphics/tiff/patches: patch-libtiff_tif__strip.c

  Log Message:
  Fix CVE-2016-10270, ref.
  http://bugzilla.maptools.org/show_bug.cgi?id=2608
  https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018
  Bump PKGREVISION.

---
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Sat May  6 21:37:16 UTC 2017

  Modified Files:
          pkgsrc/graphics/tiff: Makefile distinfo
          pkgsrc/graphics/tiff/patches: patch-tools_tiffcp.c

  Log Message:
  Fix CVE-2016-10268, ref.
  http://bugzilla.maptools.org/show_bug.cgi?id=2598
  https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df
  Bump PKGREVISION.

---
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Sun May  7 21:32:30 UTC 2017

  Modified Files:
          pkgsrc/graphics/tiff: Makefile distinfo
          pkgsrc/graphics/tiff/patches: patch-libtiff_tif_read.c
  Added Files:
          pkgsrc/graphics/tiff/patches: patch-libtiff_tiffiop.h

  Log Message:
  Fix CVE-2016-10266 ref.
  http://bugzilla.maptools.org/show_bug.cgi?id=2596
  https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1
  Bump PKGREVISION.

---
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Sun May  7 21:52:16 UTC 2017

  Modified Files:
          pkgsrc/graphics/tiff: Makefile distinfo
          pkgsrc/graphics/tiff/patches: patch-libtiff_tif_ojpeg.c

  Log Message:
  Fix CVE-2016-10267 ref.
  http://bugzilla.maptools.org/show_bug.cgi?id=2611
  https://github.com/vadz/libtiff/commit/43bc256d8ae44b92d2734a3c5bc73957a4d7c1ec
  Bump PKGREVISION.

(bsiegert)

Pullup ticket #5405 - requested by sevan
mk/tools/tools.Darwin.mk: build fix for Python eggs

Revisions pulled up:
- mk/tools/tools.Darwin.mk                                      1.57

---
  Module Name:    pkgsrc
  Committed By:  sevan
  Date:          Sat May  6 16:33:55 UTC 2017

  Modified Files:
          pkgsrc/mk/tools: tools.Darwin.mk

  Log Message:
  The version of find(1) included in Darwin did not support {} + being
  passed to
  the exec option up until version 9 (Leopard). sysutils/findutils should
  be used on
  prior releases.
  This resolves packaging Python modules which utilise lang/python/egg.mk.
  find(1)
  is called here with '{}' +; passed to exec option.

(bsiegert)

Updated time/py-icalendar to 3.11.4

(wiz)

Updated py-icalendar to 3.11.4.

3.11.4 (2017-05-10)
-------------------

Bug fixes:

- Don't break on parameter values which contain equal signs, e.g. base64 encoded
  binary data [geier]

- Fix handling of VTIMEZONEs with subcomponents with the same DTSTARTs.
  [geier]

3.11.3 (2017-02-15)
-------------------

Bug fixes:

- Removed ``setuptools`` as a dependency as it was only required by setup.py
  and not by the package.

- Don't split content lines on the unicode ``LINE SEPARATOR`` character
  ``\u2028`` but only on ``CRLF`` or ``LF``.

3.11.2 (2017-01-12)
-------------------

Bug fixes:

- Run tests with python 3.5 and 3.6.
  [geier]

- Allow tests failing with pypy3 on travis.ci.
  [geier]

3.11.1 (2016-12-19)
-------------------

Bug fixes:

- Encode error message before adding it to the stack of collected error messages.

3.11 (2016-11-18)
-----------------

Fixes:

- Successfully test with pypy and pypy3.  [gforcada]

- Minor documentation update.  [tpltnt]

(wiz)

Add zsh to default_acceptable_licenses.

(jperkin)

Use PKGLOCALEDIR.  Fix build on SunOS.

(jperkin)

Updated devel/xulrunner45 to 45.9.0

(ryoon)

Update to 45.9.0

* Sync with www/firefox45-45.9.0

(ryoon)

Requires libiconv.

(jperkin)

Requires msgfmt.

(jperkin)

Updated www/mediawiki to 1.28.2

(wen)

Update to 1.28.2(security update)

Upstream changes:
MediaWiki 1.28.2

This is a security release of the MediaWiki 1.28 branch.

Due to a mistake in packaging, the releases 1.27.2 and 1.28.1 did not contain the fix for SyntaxHighlight_GeSHi. This new release does contain that fix.

(wen)

Forgot to add options.mk to previous commit.

(jperkin)

Completely overhaul the zsh package.

- Get rid of useless Makefile.common and pointless variables since there is
  no longer a zsh-current package.

- Remove non-standard per-OS non-checksummed patch file in FILESDIR.
  Integrate it correctly in the normal way.

- Ensure our patched configure.ac is actually regenerated.

- Use REPLACE_INTERPRETER instead of homegrown subst replacements.

- Remove esoteric and fragile configuration variables, a bunch of legacy OS
  based options, and simply depend correctly on terminfo and curses.

- Remove custom test targets and requirements for root access, the test suite
  works fine as a non-root user and can be done in the normal way.

- Use options.mk

- Set maintainer to pkgsrc-users, uebayasi resigned.

Fixes build on at least SunOS.  Tested on SunOS, Darwin, NetBSD (with and
without the "static" option), and Linux.

(jperkin)

Updated devel/py-msgpack to 0.4.8

(adam)

Updated comms/gammu to 1.38.2

(leot)

Update comms/gammu to 1.38.2

Changes:
20170328 - 1.38.2
[-] * Improved support for Huawei K3765, E150 and E372.
[-] * Fixed decoding of unicode surrogates at message boundary.
[+] * Environment variable PHONE_ID for external program.
[-] * SMS compatibility with devices following old version of GSM 03.38.
[-] * Unicode is now preferred when handling USSD.
[+] * Improved decoding of MMS indication SMS.

20170105 - 1.38.1
[-] * Fixed sending SMS to numbers starting with 000.
[-] * Fixed parsing of vcalendar files with VALUE=DATE-TIME.
[-] * Fixed compatibility with D-Link dwm-157.
[-] * Updated list of GSM countries and networks.

20161212 - 1.38.0
[-] * MySQL script for SMSD is compatible with strict mode.
[-] * Fixed USSD responses for some AT modems.
[-] * Fixed parsing network status for some modems (eg. Quectel UC15).
[-] * Fixed handling of emojis and other Unicode chars from supplementary plan.
[-] * Fixed compilation with C90 compiler.

(leot)

Add the zsh license and add it to the default acceptable list (MIT-like).

(jperkin)

regen

(christos)

fix cats kernel:
TODO: see cpu_arm_instr_dpi; non-zero steps but still under 256 is not implemented yet
to_be_translated(): TODO: unimplemented instruction:
ebf61a60:  e28fc600    add    ip,pc,#0

(christos)

Changes 0.4.8:
Bug fixes.

(adam)

Updated security/py-oauth2client to 4.1.0

(adam)

v4.1.0

Note: oauth2client is now deprecated. No more features will be added to the
libraries and the core team is turning down support. We recommend you use
google-auth and oauthlib.

New features:
* Allow customizing the GCE metadata service address via an env var.
* Store original encoded and signed identity JWT in OAuth2Credentials.
* Use jsonpickle in django contrib, if available.

Bug fixes:
* Typo fixes.
* Remove b64 padding from PKCE values, per RFC7636.
* Include LICENSE in Manifest.in.
* Fix tests and CI.
* Escape callback error code in flask_util.

(adam)

Requires iconv.  Try to reduce the include craziness a little bit.

(jperkin)

Remove patch backup

(wiz)

Fix path to includes.

(jperkin)

Updated sysutils/beats to 5.4.0

(fhajny)

Update sysutils/beats to 5.4.0.

==== Bugfixes

Affecting all Beats

- Improve error message when downloading the dashboards fails.
- Fix potential Elasticsearch output URL parsing error if protocol
  scheme is missing.
- Downgrade Elasticsearch per batch item failure log to debug level.
- Make `@timestamp` accessible from format strings.

Filebeat

- Allow log lines without a program name in the Syslog fileset.
- Don't stop Filebeat when modules are used with the Logstash output.

Metricbeat

- Fixing panic on the Prometheus collector when label has a comma.
- Make system process metricset honor the `cpu_ticks` config option.

Winlogbeat

- Fix null terminators include in raw XML string when include_xml is
  enabled.

==== Added

Affecting all Beats

- Update index mappings to support future Elasticsearch 6.X.

Filebeat

- Add auditd module for reading audit logs on Linux.
- Add fileset for the Linux authorization logs.

Heartbeat

- Add default ports in HTTP monitor.

Metricbeat

- Add beta Jolokia module.
- Add dashboard for the MySQL module.
- Module configuration reloading is now beta instead of experimental.
- Marked http fields from the HAProxy module optional to improve
  compatibility with 1.5.
- Add support for custom HTTP headers and TLS for the Metricbeat
  modules.

Packetbeat

- Add DNS dashboard for an overview the DNS traffic.
- Add DNS Tunneling dashboard to highlight domains with large numbers
  of subdomains or high data volume.

(fhajny)

Updated databases/elasticsearch to 5.4.0

(fhajny)

Update databases/elasticsearch to 5.4.0.

=== Breaking changes

Settings::
- Remove support for default settings

=== Breaking Java changes

Aggregations::
- Move getProperty method out of MultiBucketsAggregation.Bucket
  interface
- Remove getProperty method from Aggregations interface and impl
- Move getProperty method out of Aggregation interface

Java API::
- Fold InternalSearchHits and friends into their interfaces

=== Deprecations

Aggregations::
- Deprecate Stats#getCountAsString

Java API::
- Add BulkProcessor methods with XContentType parameter

Network::
- Deprecate Netty 3

Packaging::
- Add deprecation warnings for $ES_USER and $ES_GROUP

Plugin Delete By Query::
- Deprecate delete_by_query requests without an explicit query

Plugin Repository Azure::
- Deprecate global `repositories.azure` settings

Plugin Repository S3::
- Deprecate repositories.s3 settings

REST::
- Deprecate ldjson support and document ndjson for bulk/msearch

Stats::
- Deprecate `_field_stats` endpoint

=== New features

Analysis::
- Adds pattern keyword marker filter support
- Expose WordDelimiterGraphTokenFilter

Index APIs::
- Add FieldCapabilities (`_field_caps`) API

Search::
- Introduce incremental reduction of TopDocs

Similarities::
- Adds boolean similarity to Elasticsearch

=== Enhancements

Aggregations::
- Add BucketMetricValue interface
- Move aggs CommonFields and TYPED_KEYS_DELIMITER from
  InternalAggregation to Aggregation
- Use ParseField for aggs CommonFields rather than String
- Share XContent rendering code in terms aggs
- Add unit tests for ParentToChildAggregator
- First step towards incremental reduction of query responses

Allocation::
- Trigger replica recovery restarts by master when primary relocation
  completes
- Makes the same_shard host dynamically updatable

Analysis::
- Support Keyword type in Analyze API

Cluster::
- Prevent nodes from joining if newer indices exist in the cluster

Core::
- Detect remnants of path.data/default.path.data bug
- Await termination after shutting down executors
- Add early-access check
- Adapter action future should restore interrupts
- Disable bootstrap checks for single-node discovery
- Enable explicitly enforcing bootstrap checks
- Add equals/hashcode method to ReplicationResponse

Dates::
- Improve error handling for epoch format parser with time zone
  (#22621)

Discovery::
- Introduce single-node discovery
- UnicastZenPing shouldn't ping the address of the local node
- MasterFaultDetection can start after the initial cluster state has
  been processed

Highlighting::
- Add support for fragment_length in the unified highlighter
- Add BreakIteratorBoundaryScanner support

Index APIs::
- Wildcard cluster names for cross cluster search

Ingest::
- Lazy load the geoip databases

Internal::
- Add a dedicated TransportRemoteInfoAction for consistency
- Simplify sorted top docs merging in SearchPhaseController
- Synchronized CollapseTopFieldDocs with lucenes relatives
- Cleanup SearchPhaseController interface
- Do not create String instances in 'Strings' methods accepting
  StringBuilder

Java API::
- Added types options to DeleteByQueryRequest

Java High Level REST Client::
- Convert suggestion response parsing to use NamedXContentRegistry
- UpdateRequest implements ToXContent
- Add javadoc for DocWriteResponse.Builders
- Expose WriteRequest.RefreshPolicy string representation
- Use `typed_keys` parameter to prefix suggester names by type in
  search responses
- Add parsing methods to BulkItemResponse

Logging::
- Warn on not enough masters during election

Mapping::
- Improve error message for ipv6 on legacy ip fields

Nested Docs::
- Avoid adding unnecessary nested filters when ranges are used.

Network::
- Adjust default Netty receive predictor size to 64k
- Keep the pipeline handler queue small initially
- Set network receive predictor size to 32kb
- TransportService.connectToNode should validate remote node ID

Packaging::
- Introduce Java version check
- Cleanup some things after removal of joda-time hack

Percolator::
- Allowing range queries with now ranges inside percolator queries
- Add term extraction support for MultiPhraseQuery

Plugin Discovery EC2::
- Settings: Migrate ec2 discovery sensitive settings to elasticsearch
  keystore

Plugin Lang Painless::
- Allow painless to load stored fields
- Start on custom whitelists for Painless
- Fix Painless's implementation of interfaces returning primitives
- Allow painless to implement more interfaces

Plugin Repository Azure::
- Add Backoff policy to azure repository

Plugin Repository S3::
- Removes the retry mechanism from the S3 blob store
- S3 Repository: Eagerly load static settings

Plugins::
- Modify permissions dialog for plugins
- Plugins: Add plugin cli specific exit codes
- Plugins: Output better error message when existing plugin is
  incompatible

Query DSL::
- Make it possible to validate a query on all shards instead of a
  single random shard

REST::
- Validate top-level keys when parsing mget requests
- Cluster stats should not render empty http/transport types
- Add parameter to prefix aggs name with type in search responses

Search::
- Set shard count limit to unlimited
- Streamline shard index availability in all SearchPhaseResults
- Search took time should use a relative clock
- Prevent negative `from` parameter in SearchSourceBuilder
- Remove unnecessary result sorting in SearchPhaseController
- Expose `batched_reduce_size` via `_search`
- Adding fromXContent to Suggest and Suggestion class
- Adding fromXContent to Suggestion.Entry and subclasses
- Add CollapseSearchPhase as a successor for the FetchSearchPhase
- Integrate IndexOrDocValuesQuery.
- Detach SearchPhases from AbstractSearchAsyncAction
- Fix GraphQuery expectation after Lucene upgrade to 6.5
- Nested queries should avoid adding unnecessary filters when
  possible.
- Add xcontent parsing to completion suggestion option
- Add xcontent parsing to suggestion options
- Separate reduce (aggs, suggest and profile) from merging fetched
  hits

Settings::
- Add secure file setting to keystore
- Add a setting which specifies a list of setting
- Add a property to mark setting as final
- Remove obsolete index setting `index.version.minimum_compatible`.
- Provide a method to retrieve a closeable char[] from a SecureString
- Update indices settings api to support CBOR and SMILE format
- Improve setting deprecation message

Snapshot/Restore::
- Change snapshot status error to use generic SnapshotException

Stats::
- Add cross-cluster search remote cluster info API

Task Manager::
- Allow task to be unregistered by ClusterStateApplier
- Limit IndexRequest toString() length

=== Bug fixes

Aggregations::
- Align behavior HDR percentiles iterator with percentile() method
- The `filter` and `significant_terms` aggregations should parse the
  `filter` as a filter, not a query.
- Completion suggestion should also consider text if prefix/regex is
  missing
- Fixes the per term error in the terms aggregation
- Fixes terms error count for multiple reduce phases
- Restore support for the `include/pattern` syntax.

Bulk::
- Reject empty IDs

CRUD::
- Fix backport executing ops as single item bulk

Cluster::
- Don't set local node on cluster state used for node join validation
- Allow a cluster state applier to create an observer and wait for a
  better state
- Cluster allocation explain to never return empty response body

Core::
- Check for default.path.data included in path.data
- Improve performance of extracting warning value
- Reject duplicate settings on the command line
- Restrict build info loading to ES jar, not any jar

Discovery::
- ZenDiscovery - only validate min_master_nodes values if local node
  is master

Index APIs::
- Fixes restore of a shrunken index when initial recovery node is gone
- Honor update request timeout

Ingest::
- Improve missing ingest processor error
- update _ingest.timestamp to use new ZonedDateTime

Inner Hits::
- Replace NestedChildrenQuery with ParentChildrenBlockJoinQuery
- Changed DisMaxQueryBuilder to extract inner hits from leaf queries

Internal::
- Add infrastructure to mark contexts as system contexts
- Always restore the ThreadContext for operations delayed due to a
  block

Java High Level REST Client::
- Correctly parse BulkItemResponse.Failure's status

Java REST Client::
- Make buffer limit configurable in HeapBufferedConsumerFactory
- RestClient asynchronous execution should not throw exceptions

Mapping::
- Preserve response headers when creating an index
- Improves disabled fielddata error message
- Switch include_in_all in multifield to warning
- Fix MapperService StackOverflowError
- Fix NPE with scaled floats stats when field is not indexed

Network::
- Fix possible hang in local transport when nodes get concurrently
  disconnected
- Respect promises on pipelined responses
- Ensure that releasing listener is called

Packaging::
- Fall back to non-atomic move when removing plugins

Percolator::
- Fix memory leak when percolator uses bitset or field data cache

Plugin Ingest Attachment::
- Remove support for Visio and potm files

Plugin Lang Painless::
- Fix painless's regex lexer and error messages
- Replace Painless's Cast with casting strategies
- Fix Bad Casts In Painless

Plugin Repository Azure::
- Azure blob store's readBlob() method first checks if the blob exists

Plugin Repository S3::
- Handle BlobPath's trailing separator case. Add test cases to
  BlobPathTests.java

Plugins::
- Fix delete of plugin directory on remove plugin
- Use a marker file when removing a plugin

Query DSL::
- FuzzyQueryBuilder should error when parsing array of values

REST::
- [API] change wait_for_completion default according to docs
- Deprecate request_cache for clear-cache
- HTTP transport stashes the ThreadContext instead of the
  RestController
- Ensure we try to autodetect content type for handlers that support
  plain text
- Fix date format in warning headers
- Align REST specs for HEAD requests
- Correct warning header to be compliant
- Fix get HEAD requests
- Fix search scroll request with a plain text body
- Handle bad HTTP requests
- Fix get source HEAD requests
- Properly encode location header
- Fix template HEAD requests
- Fix index HEAD requests
- Fix alias HEAD requests

Recovery::
- Provide target allocation id as part of start recovery request

Reindex API::
- Fix throttled reindex_from_remote
- Fix reindex with a remote source on a version before 2.0.0
- Make reindex wait for cleanup before responding

Scripting::
- Remove unnecessary Groovy deprecation logging
- Convert script/template objects to json format internally
- Script: Fix value of `ctx._now` to be current epoch time in
  milliseconds

Search::
- Cross Cluster Search: propagate original indices per cluster
- Query string default field
- Speed up parsing of large `terms` queries.
- IndicesQueryCache should delegate the scorerSupplier method.
- Fork LRUQueryCache from Lucene to work around LUCENE-7749
- Disable graph analysis at query time for shingle and cjk filters
  producing tokens of different size
- Fix cross-cluster remote node gateway attributes
- Use a fixed seed for computing term hashCode in TermsSliceQuery
- Honor max concurrent searches in multi-search
- Avoid stack overflow in multi-search
- Fix query_string_query to transform "foo:*" in an exists query on
  the field name
- Factor out filling of TopDocs in SearchPhaseController
- Replace blocking calls in ExpandCollapseSearchResponseListener by
  asynchronous requests

Search Templates::
- No longer add illegal content type option to stored search templates

Settings::
- Do not set path.data in environment if not set
- Correct handling of default and array settings
- Fix merge scheduler config settings
- Settings: Fix keystore cli prompting for yes/no to handle console
  returning null

Similarities::
- Fix similarity upgrade when "default" similarity is overridden

Snapshot/Restore::
- Fixes maintaining the shards a snapshot is waiting on
- Fixes snapshot status on failed snapshots
- Fixes snapshot deletion handling on in-progress snapshot failure
- Prioritize listing index-N blobs over index.latest in reading
  snapshots

Stats::
- Avoid overflow when computing total FS stats
- Handle existence of cgroup version 2 hierarchy
- Handle long overflow when adding paths' totals
- Fix control group pattern
- Fix total disk bytes returning negative value

=== Regressions

Bulk::
- Fix _bulk response when it can't create an index

=== Upgrades

Aggregations::
- Upgrade HDRHistogram to 2.1.9

Core::
- Upgrade to Lucene 6.5.0
- Upgrade from JNA 4.2.2 to JNA 4.4.0
- Upgrade to lucene-6.5.0-snapshot-d00c5ca
- Upgrade to lucene-6.5.0-snapshot-f919485.

Logging::
- Upgrade to Log4j 2.8.2

Network::
- Upgrade to Netty 4.1.9
- Upgrade to Netty 4.1.8

Plugin Repository Azure::
- Update to Azure Storage 5.0.0

(fhajny)

Updated security/py-certbot to 0.14.0

(fhajny)

Update py-certbot and py-acme to 0.14.0.
Use ALTERNATIVES to handle different Python versions better.

0.14.0 - 2017-05-04

Added

- Python 3.3+ support for all Certbot packages. certbot-auto still
  currently only supports Python 2, but the acme, certbot,
  certbot-apache, and certbot-nginx packages on PyPI now fully support
  Python 2.6, 2.7, and 3.3+.
- Certbot's Apache plugin now handles multiple virtual hosts per file.
- Lockfiles to prevent multiple versions of Certbot running
  simultaneously.

Changed

- When converting an HTTP virtual host to HTTPS in Apache, Certbot
  only copies the virtual host rather than the entire contents of the
  file it's contained in.
- The Nginx plugin now includes SSL/TLS directives in a separate file
  located in Certbot's configuration directory rather than copying the
  contents of the file into every modified server block.

Fixed

- Ensure logging is configured before parts of Certbot attempt to log
  any messages.
- Support for the --quiet flag in certbot-auto.
- Reverted a change made in a previous release to make the acme and
  certbot packages always depend on argparse. This dependency is
  conditional again on the user's Python version.
- Small bugs in the Nginx plugin such as properly handling empty
  server blocks and setting server_names_hash_bucket_size during
  challenges.

(fhajny)

Updated databases/py-peewee to 2.10.0

(fhajny)

Update databases/py-peewee to 2.10.0.

- Remove the playhouse.fields.AESEncryptedField over security concerns
  described in ticket #1264.
- Correctly resolve explicit table dependencies when creating tables, refs
- Implement not equals comparison for CompositeKey.

(fhajny)

Updated security/vault to 0.7.2

(fhajny)

Update security/vault to 0.7.2.

0.7.2 (May 8th, 2017)

BUG FIXES:

- audit: Fix auditing entries containing certain kinds of time values

0.7.1 (May 5th, 2017)

DEPRECATIONS/CHANGES:

- LDAP Auth Backend: Group membership queries will now run as the
  binddn user when binddn/bindpass are configured, rather than as the
  authenticating user as was the case previously.

FEATURES:

- AWS IAM Authentication
- MSSQL Physical Backend
- Lease Listing and Lookup
- TOTP Secret Backend
- Database Secret Backend & Secure Plugins (Beta)

IMPROVEMENTS:

- auth/cert: Support for constraints on subject Common Name and
  DNS/email Subject Alternate Names in certificates
- auth/ldap: Use the binding credentials to search group membership
  rather than the user credentials
- cli/revoke: Add -self option to allow revoking the currently active
  token
- core: Randomize x coordinate in Shamir shares
- tidy: Improvements to auth/token/tidy and sys/leases/tidy to handle
  more cleanup cases
- secret/pki: Add no_store option that allows certificates to be
  issued without being stored. This removes the ability to look up
  and/or add to a CRL but helps with scaling to very large numbers of
  certificates.
- secret/pki: If used with a role parameter, the sign-verbatim/<role>
  endpoint honors the values of generate_lease, no_store, ttl and
  max_ttl from the given role
- secret/pki: Add role parameter allow_glob_domains that enables
  defining names in allowed_domains containing * glob patterns
- secret/pki: Update certificate storage to not use characters that
  are not supported on some filesystems
- storage/etcd3: Add discovery_srv option to query for SRV records to
  find servers
- storage/s3: Support max_parallel option to limit concurrent
  outstanding requests
- storage/s3: Use pooled transport for http client
- storage/swift: Allow domain values for V3 authentication

BUG FIXES:

- api: Respect a configured path in Vault's address
- auth/aws-ec2: New bounds added as criteria to allow role creation
- auth/ldap: Don't lowercase groups attached to users
- cli: Don't panic if vault write is used with the force flag but no
  path
- core: Help operations should request forward since standbys may not
  have appropriate info
- replication: Fix enabling secondaries when certain mounts already
  existed on the primary
- secret/mssql: Update mssql driver to support queries with colons
- secret/pki: Don't lowercase O/OU values in certs
- secret/pki: Don't attempt to validate IP SANs if none are provided

(fhajny)

Updated devel/kafka to 0.10.2.1

(fhajny)

Update devel/kafka to 0.10.2.1

Improvement

- SCRAM secret's should be better protected with Zookeeper ACLs

Bug

- Refresh consumer metadata more frequently for unknown subscribed
  topics
- OffsetValidationTest fails validation with "Current position greater
  than the total number of consumed records"
- Failure in
  kafka/tests/kafkatest/tests/core/security_rolling_upgrade_test.py
- Broker level configuration 'log.segment.bytes' not used when
  'segment.bytes' not configured per topic.
- Kafka Streams - unable to add state stores when using wildcard
  topics on the source
- Streams State transition ASCII diagrams need fixing and polishing
- KafkaConsumer: ConsumerConfig gets logged twice.
- docker/run_tests.sh should set up /opt/kafka-dev to be the source
  directory
- Config validation in Connector plugins need to compare against both
  canonical and simple class names
- Stream thread getting into deadlock state while trying to get
  rocksdb lock in retryWithBackoff
- SessionStore.fetch(key) is a performance bottleneck
- log.message.timestamp.type=LogAppendTime breaks Kafka based
  consumers
- Querying window store may return unwanted keys
- Kafka Secure Migrator tool doesn't secure all the nodes
- Kafka Connect does not log connector configuration errors
- Make ProduceRequest thread-safe
- Add streams tests with brokers failing
- Document that stores must not be closed when Processors are closed
- remove controller concurrent access to non-threadsafe NetworkClient,
  Selector, and SSLEngine
- testReprocessingFromScratch unit test failure
- StreamThread should catch InvalidTopicException
- running multiple kafka streams instances causes one or more instance
  to get into file contention
- Increase number of Streams producer retries from the default of 0
- Defer exception to the next pollOnce() if consumer's fetch position
  has already increased
- ThreadCacheTest.cacheOverheadsSmallValues fails intermittently
- KafkaConsumer.poll throws IllegalStateException

(fhajny)

Updated devel/git to 2.13.0

(adam)

Git 2.13 Release Notes
======================
Backward compatibility notes.

* Use of an empty string as a pathspec element that is used for
  'everything matches' is still warned and Git asks users to use a
  more explicit '.' for that instead.  The hope is that existing
  users will not mind this change, and eventually the warning can be
  turned into a hard error, upgrading the deprecation into removal of
  this (mis)feature.  That is not scheduled to happen in the upcoming
  release (yet).

* The historical argument order "git merge <msg> HEAD <commit>..."
  has been deprecated for quite some time, and is now removed.

* The default location "~/.git-credential-cache/socket" for the
  socket used to communicate with the credential-cache daemon has
  been moved to "~/.cache/git/credential/socket".

* Git now avoids blindly falling back to ".git" when the setup
  sequence said we are _not_ in Git repository.  A corner case that
  happens to work right now may be broken by a call to die("BUG").
  We've tried hard to locate such cases and fixed them, but there
  might still be cases that need to be addressed--bug reports are
  greatly appreciated.

Updates since v2.12
-------------------
UI, Workflows & Features

* "git describe" and "git name-rev" have been taught to take more
  than one refname patterns to restrict the set of refs to base their
  naming output on, and also learned to take negative patterns to
  name refs not to be used for naming via their "--exclude" option.

* Deletion of a branch "foo/bar" could remove .git/refs/heads/foo
  once there no longer is any other branch whose name begins with
  "foo/", but we didn't do so so far.  Now we do.

* When "git merge" detects a path that is renamed in one history
  while the other history deleted (or modified) it, it now reports
  both paths to help the user understand what is going on in the two
  histories being merged.

* The <url> part in "http.<url>.<variable>" configuration variable
  can now be spelled with '*' that serves as wildcard.
  E.g. "http.https://*.example.com.proxy" can be used to specify the
  proxy used for https://a.example.com, https://b.example.com, etc.,
  i.e. any host in the example.com domain.

* "git tag" did not leave useful message when adding a new entry to
  reflog; this was left unnoticed for a long time because refs/tags/*
  doesn't keep reflog by default.

* The "negative" pathspec feature was somewhat more cumbersome to use
  than necessary in that its short-hand used "!" which needed to be
  escaped from shells, and it required "exclude from what?" specified.

* The command line options for ssh invocation needs to be tweaked for
  some implementations of SSH (e.g. PuTTY plink wants "-P <port>"
  while OpenSSH wants "-p <port>" to specify port to connect to), and
  the variant was guessed when GIT_SSH environment variable is used
  to specify it.  The logic to guess now applies to the command
  specified by the newer GIT_SSH_COMMAND and also core.sshcommand
  configuration variable, and comes with an escape hatch for users to
  deal with misdetected cases.

More...

(adam)

Updated devel/py-requests to 2.14.2; net/py-apache-libcloud to 2.0.0. Added devel/py-requests-mock version 1.3.0.

(adam)

Changes in Apache Libcloud 2.0.0
--------------------------------
Common
~~~~~~
- Fix OpenStack drivers not correctly setting URLs when used with identity API, would default to 127.0.0.1 and service
  catalog URLs were not adhered to.

- Fix Aliyun ECS, Load balancer and storage adapters when using unicode UTF-8 characters in the names of resources
  in 2.0.0rc2 < it would fail as a MalformedResponseError, Python 2.7 element tree was raising a unicode error

- Refactor the test classes to use the full libcloud.http and libcloud.common.base modules, with Connection,
  Response all used with requests_mock. This increases our test coverages and catches bugs in drivers' custom
  parse_body and auth modules

- Rename libcloud.httplib_ssl to libcloud.http now that we don't use httplib

(adam)

requests-mock provides a building block to stub out the HTTP requests portions
of your testing code. You should checkout the docs for more information.

(adam)

Changes 2.14.2:
**Bugfixes**
- Changed a less-than to an equal-to and an or in the dependency markers to
  widen compatibility with older setuptools releases.

(adam)

Updated sysutils/consul to 0.8.2

(fhajny)

Update sysutils/consul to 0.8.2

BREAKING CHANGES:

- api: HttpClient now defaults to nil in the client config and will be
  generated if left blank. A NewHttpClient function has been added for
  creating an HttpClient with a custom Transport or TLS config.

IMPROVEMENTS:

- agent: Added an error at agent startup time if both -ui and -ui-dir
  are configured together.
- agent: Added the datacenter of a node to the catalog, health, and
  query API endpoints which contain a Node structure.
- agent: Added the ca_path, tls_cipher_suites, and
  tls_prefer_server_cipher_suites options to give more flexibility
  around configuring TLS.
- agent: Reduced the timeouts for the -dev server mode so that the
  development server starts up almost instantly.
- agent: Added verify_incoming_rpc and verify_incoming_https options
  for more granular control over incoming TLS enforcement.
- agent: Use bind address as source for outgoing connections.
- api: Added the ACL replication status endpoint to the Go API client
  library.
- cli: Added Raft protocol version to output of operator raft
  list-peers command.
- ui: Added optional JSON validation when editing KV entries in the
  web UI.
- ui: Updated ACL guide links and made guides open in a new tab.

BUG FIXES:

- server: Fixed a panic when the tombstone garbage collector was
  stopped.
- server: Fixed a panic in Autopilot that could occur when a node is
  elected but cannot complete leader establishment and steps back
  down.
- server: Added a new peers.json format that allows outage recovery
  when using Raft protocol version 3 and higher. Previously, you'd
  have to set the Raft protocol version back to 2 in order to manually
  recover a cluster.
- ui: Add and update favicons

(fhajny)

Updated devel/py-typing to 3.6.1; security/py-m2crypto to 0.26.0; www/py-urllib3 to 1.21.1

(adam)

Changes 1.21.1:
Fixed SecureTransport issue that would cause long delays in response body delivery.
Fixed regression in 1.21 that threw exceptions when users passed the socket_options flag to the PoolManager.
Fixed regression in 1.21 that threw exceptions when users passed the assert_hostname or assert_fingerprint flag to the PoolManager.

(adam)

Changes 0.26.0:
Unknown

(adam)

Changes: sync with Python 3.6.1

(adam)

Deleting p5-BioPerl. Duplicate with bioperl. Sorry.

(mef)

Updated lang/gcc7 to 7.1.0nb2

(jperkin)

Remove leftovers from the gcc-java option which were bringing in more
dependencies than required and causing the build to fail due to being
unable to find zlib.

Bump PKGREVISION.

(jperkin)

Ensure we can find std::aligned_alloc if using it.

(jperkin)

Updated www/firefox45-l10n to 45.9.0

(ryoon)

Update to 45.9.0

* Sync with firefox45-45.9.0

(ryoon)

Updated www/firefox45 to 45.9.0

(ryoon)

Update to 45.9.0

Changelog:
Security fixes:
#CVE-2017-5433: Use-after-free in SMIL animation functions
#CVE-2017-5435: Use-after-free during transaction processing in the editor
#CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
#CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
#CVE-2017-5459: Buffer overflow in WebGL
#CVE-2017-5434: Use-after-free during focus handling
#CVE-2017-5432: Use-after-free in text input selection
#CVE-2017-5460: Use-after-free in frame selection
#CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
#CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
#CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
#CVE-2017-5441: Use-after-free with selection during scroll events
#CVE-2017-5442: Use-after-free during style changes
#CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
#CVE-2017-5443: Out-of-bounds write during BinHex decoding
#CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
#CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
#CVE-2017-5447: Out-of-bounds read during glyph processing
#CVE-2017-5465: Out-of-bounds read in ConvolvePixel
#CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
#CVE-2016-10196: Vulnerabilities in Libevent library
#CVE-2017-5469: Potential Buffer overflow in flex-generated code
#CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content
#CVE-2017-5462: DRBG flaw in NSS
#CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1

(ryoon)

lang/openjdk8 works under FreeBSD/amd64 10.3

(ryoon)

Fix build with converters/libiconv and update distinfo for previous

(ryoon)

Ignore alsa on FreeBSD too

(ryoon)

Fix C99 flags on SunOS.

(jperkin)

Avoiding conflicting -std switches.

(jperkin)

Improve DESCR to identify font name

(ryoon)

Treat native Solaris Kerberos as Heimdal.  It isn't, but it fixes the build.

(jperkin)

Updated net/dhcpcd to 7.0.0rc1

(roy)

Import dhcpcd-7.0.0-rc1 with the following changes:
  *  Default to use VLANID>0 for IAID instead of MAC address
  *  BSD: Add support for RTA_LABEL
  *  Stop sharing the DHCPv6 port in master mode with other processes
  *  Fix some prefix delegation issues when the carrier drops or
    addresses become stale
  *  Fix a crash when starting dhcpcd with -n
  *  Fix test for preferring a fake lease over a real one
  *  Show to real address lifetimes being added when adding IPv6
    addresses
  *  Install dhcpcd-definitions.conf to the correct directory
  *  Restore the -G, --nogateway option

(roy)

Requires termcap.

(jperkin)

Disable libyuv's SSE code on 32-bit SunOS, it doesn't compile at present.

(jperkin)

Requires termcap.

(jperkin)

+ p5-HTTP-Server-Simple-0.52, p5-Specio-0.37.

(wiz)

Updated devel/py-requests to 2.14.1; devel/py-hypothesis to 3.8.3

(adam)

Changes 3.8.3:
Remove pytest version check

(adam)

Changes 2.14.1:
**Bugfixes**
- Changed the dependency markers to widen compatibility with older pip
releases.

(adam)

Updated www/py-beautifulsoup4 to 4.6.0; time/py-tzlocal to 1.4. Added www/py-django-contrib-comments version 1.8.0

(adam)

Django used to include a comments framework; since Django 1.6 it's been
separated to a separate project. This is that project.

This framework can be used to attach comments to any model, so you can use it
for comments on blog entries, photos, book chapters, or anything else.

(adam)

Changes 1.4:
I use MIT on my other projects, so relicensing.
Dropping support for Python versions nobody uses (2.5, 3.1, 3.2), adding 3.6 Python 3.1 and 3.2 still works, 2.5 has been broken for some time.
Ayalash窶冱 OS X fix didn窶冲 work on Python 2.7, fixed that.

(adam)