sysutils/cdrtools: Update to 3.02a10nb4

Changelog from AN-2023-09-28:

NEW FEATURES:
- autoconf: Fix machine recognition on POWER9 (ppc64le) systems.
  When buidling schilytools on ppc64le systems, config.sub was
  unable to determine the machine type on some systems.  This also
  broke the version announcement on some of the commands.  Fix this
  error by teaching autoconf about ppc64le.
  Submitted by: Nico Sonack.

- mkisofs: adjust reference of ISO-9660:1999 to ISO-9660/Amd 1:2013
  It is an official ISO standard (albeit not an official level 4)
  since 2013. Amend the reference accordingly.
  Submitted by: Wang Mingye.

- libschily: obey HAVE_LONGDOUBLE, HAVE_FACCESSAT, and
  HAVE_GETDOMAINNAME in libschily-mapvers, fixing the build with
  lld 17 on recent FreeBSD.
  Submitted by: Dimitry Andric.

Changelog from  AN-2023-04-19:

NEW FEATURES:
- RULES/os-sunos5.def: the manstyle detection code for sunos5 and
  newer was broken for GNU make.  Fix the code by moving the
  detection to a configure test setting the new make macro
  SOLARIS_MANSTYLE.  Users building with other make implementations
  or those using the bootstrap smake were not affected.
  Reported by: Michael B舫erle.  Submitted by: Nico Sonack.

- libschily: no longer provide the symbols fgetline, getline.
  libschily used to provide these symbols as alternative names for
  js_getline and js_fgetline for compatibility with UNOS.  As
  their POSIX-incompatible signature causes problems when linking
  against musl statically, we now no longer provide these symbols
  by default.  Users wishing to restore the old behaviour should
  remove -DNO_GETLINE_COMPAT from CPPOPTS when compiling libschily.

- libschily: accordingly, the man pages getline(3) and fgetline(3)
  have been renamed to js_getline(3) and js_fgetline(3).

- RULES: fix HCC_COM expansion when CCOM=clang.  This fixes builds
  with GNU make when CCOM=clang.
  Submitted by: Nico Sonack.

(micha)

doc: Updated devel/smake to 1.7nb3

(micha)

devel/smake: Update to 1.7nb3

New features with AN-2023-09-28:
- autoconf: Fix machine recognition on POWER9 (ppc64le) systems.
  When buidling schilytools on ppc64le systems, config.sub was
  unable to determine the machine type on some systems.  This also
  broke the version announcement on some of the commands.  Fix this
  error by teaching autoconf about ppc64le.
  Submitted by: Nico Sonack.

- libschily: obey HAVE_LONGDOUBLE, HAVE_FACCESSAT, and
  HAVE_GETDOMAINNAME in libschily-mapvers, fixing the build with
  lld 17 on recent FreeBSD.
  Submitted by: Dimitry Andric.

(micha)

Added devel/junit version 4.13.2
Added x11/swt version 4.21
Added math/wxmathplot version 0.2.0

(bouyer)

Add wxmathplot

(bouyer)

import wxmathplot version 0.2.0

wxMathPlot is an add-on library for wxWidgets which provides a framework for
easy plotting of mathematical functions, sampled data and generic 2D plots.
Features:
    Re implementation of scrollers (by ngpaton)
    Multi-platform (runs static or dynamic on Windows, Linux, MacOSX)
    Full control on axis formatting and positioning
    Colour themes (eg. white on black)
    Movable legend and mouse coordinate display in overlay
    Functions for printing and taking screenshots
    Completely mouse-driven view control: pan, zoom, scroll, box positioning.

(bouyer)

Add swt

(bouyer)

Add swt version 4.21

SWT is the software component that delivers native widget functionality
for the Eclipse platform in an operating system independent manner.

This package provides SWT without requiring a full download and build of
Eclipse.

(bouyer)

Rename eclipse-v2.0-license to epl-v2.0; it seems that eclipse public license
is called epl in pkgsrc

(bouyer)

Add junit

(bouyer)

Import junit 4.13.2

This is a port of JUnit, a simple testing framework for Java developed
by Erich Gamma and Kent Beck.  Using JUnit you can build a test suite
that will help you measure your progress, spot unintended side
effects, and focus your development efforts.

(bouyer)

Add "Eclipse Public License - v 2.0" as found in
https://github.com/junit-team/junit5/blob/main/LICENSE.md

(bouyer)

doc: Updated sysutils/dua-cli to 2.20.1nb1

(pin)

sysutils/dua-cli: enable move to trash

(pin)

doc: Updated shells/nushell to 0.85.0nb1

(pin)

shells/nushell: enable trash feature

(pin)

doc: Updated graphics/simp to 3.4.1nb1

(pin)

graphics/simp: enable move to trash

(pin)

doc: pkg-vulnerabilities: + curl

(wiz)

Updated textproc/py-xlsxwriter, fonts/py-fonttools

(adam)

py-fonttools: updated to 4.43.1

4.43.1 (released 2023-10-06)
----------------------------

- [EBDT] Fixed TypeError exception in `_reverseBytes` method triggered when dumping
  some bitmap fonts with `ttx -z bitwise` option
- [v/hhea] Fixed UnboundLocalError exception in ``recalc`` method when no vmtx or hmtx
  tables are present
- [bezierTools] Fixed incorrectly typed cython local variable leading to TypeError when
  calling ``calcQuadraticArcLength``
- [feaLib/otlLib] Better error message when building Coverage table with missing glyph

4.43.0 (released 2023-09-29)
----------------------------

- [subset] Set up lxml ``XMLParser(resolve_entities=False)`` when parsing OT-SVG documents
  to prevent XML External Entity (XXE) attacks (9f61271dc):
  https://codeql.github.com/codeql-query-help/python/py-xxe/
- [varLib.iup] Added workaround for a Cython bug in ``iup_delta_optimize`` that was
  leading to IUP tolerance being incorrectly initialised, resulting in sub-optimal deltas
- [varLib] Added new command-line entry point ``fonttools varLib.avar`` to add an
  ``avar`` table to an existing VF from axes mappings in a .designspace file (0a3360e52).
- [instancer] Fixed bug whereby no longer used variation regions were not correctly pruned
  after VarData optimization
- Added support for Python 3.12

(adam)

py-xlsxwriter: updated to 3.1.7

Release 3.1.7 - October 9 2023
------------------------------

* Add the :func:`very_hidden()` method to hide a worksheet. This is similar to
  the :func:`hide()` method except that the worksheet cannot be unhidden in the
  the Excel user interface. The Excel worksheet "xlSheetVeryHidden" option can
  only be unset programmatically via VBA.

* Added fixes for column formulas in tables that were overridden by table data
  and which also didn't take future functions into account.

(adam)

Updated databases/py-apsw, net/py-unearth

(adam)

py-unearth: updated to 0.11.1

0.11.1

Bug Fixes

Also fallback on "token" username for KeyringCliProvider
Revert the handling of 403 and 404

(adam)

py-apsw: updated to 3.43.1.1

3.43.1.1

Exception handling has been updated, with multiple exceptions in the same SQLite control flow being chained together. Previously more would have used the unraisable mechanism. (APSW issue 489)

Only use alloca with msvc because it doesn't support VLA. The arrays are used for fastcall. (APSW issue 487)

(adam)

Updated sysutils/ansible-core, net/py-zmq

(adam)

py-zmq: updated to 25.1.1

25.1.1 is the first stable release with Python 3.12 wheels.

Changes:

- Allow Cython 0.29.35 to build Python 3.12 wheels (no longer require Cython 3)

Bugs fixed:

- Fix builds on Solaris by including generated platform.hpp
- Cleanup futures in `Socket.poll()`  that are cancelled and never return
- Fix builds with `-j` when numpy is present in the build env

25.1.0

pyzmq 25.1 mostly changes some packaging details of pyzmq, including support for installation from source on Python 3.12 beta 1.

Enhancements:

- Include address in error message when bind/connect fail.

Packaging changes:

- Fix inclusion of some test files in source distributions.
- Add Cython as a build-time dependency in `build-system.requires` metadata, following current [recommendations][cython-build-requires] of the Cython maintainers.
  We still ship generated Cython sources in source distributions, so it is not a _strict_ dependency for packagers using `--no-build-isolation`, but pip will install Cython as part of building pyzmq from source.
  This makes it more likely that past pyzmq releases will install on future Python releases, which often require an update to Cython but not pyzmq itself.
  For Python 3.12, Cython >=3.0.0b3 is required.

25.0.2

- Fix handling of shadow sockets in ZMQStream when the original sockets have been closed. A regression in 25.0.0, seen with jupyter-client 7.

25.0.1

Tiny bugfix release that should only affect users of {class}`~.PUBHandler` or pyzmq repackagers.

- Fix handling of custom Message types in {class}`~.PUBHandler`
- Small lint fixes to satisfy changes in mypy
- License files have been renamed to more standard LICENSE.BSD, LICENSE.LESSER to appease some license auto-detect tools.

25.0.0

New:

- Added `socket_class` argument to {func}`zmq.Context.socket`
- Support shadowing sockets with socket objects,
  not just via address, e.g. `zmq.asyncio.Socket(other_socket)`.
  Shadowing an object preserves a reference to the original,
  unlike shadowing via address.
- in {mod}`zmq.auth`, CredentialsProvider callbacks may now be async.
- {class}`~.zmq.eventloop.zmqstream.ZMQStream` callbacks may now be async.
- Add {class}`zmq.ReconnectStop` draft constants.
- Add manylinux_2_28 wheels for x86_64 CPython 3.10, 3.11, and PyPy 3.9 (these are _in addition to_ not _instead of_ the manylinux_2014 wheels).

Fixed:

- When {class}`~.zmq.eventloop.zmqstream.ZMQStream` is given an async socket,
  it now warns and hooks up events correctly with the underlying socket, so the callback gets the received message,
  instead of sending the callback the incorrect arguments.
- Fixed toml parse error in `pyproject.toml`,
  when installing from source with very old pip.
- Removed expressed dependency on `py` when running with pypy,
  which hasn't been used in some time.

Deprecated:

- {class}`zmq.auth.ioloop.IOLoopAuthenticator` is deprecated in favor of {class}`zmq.auth.asyncio.AsyncioAuthenticator`
- As part of migrating toward modern pytest, {class}`zmq.tests.BaseZMQTestCase` is deprecated and should not be used outside pyzmq.
- `python setup.py test` is deprecated as a way to launch the tests.
  Just use `pytest`.

Removed:

- Bundled subset of tornado's IOLoop (deprecated since pyzmq 17) is removed,
  so ZMQStream cannot be used without an actual install of tornado.
- Remove support for tornado 4,
  meaning tornado is always assumed to run on asyncio.

(adam)

ansible-core: updated to 2.15.5

v2.15.5
=======

Minor Changes
-------------

- ansible-galaxy dependency resolution messages have changed the unexplained 'virtual' collection for the specific type ('scm', 'dir', etc) that is more user friendly

Security Fixes
--------------

- ansible-galaxy - Prevent roles from using symlinks to overwrite files outside of the installation directory (CVE-2023-5115)

Bugfixes
--------

- Allow for searching handler subdir for included task via include_role (https://github.com/ansible/ansible/issues/81722)
- PluginLoader - fix Jinja plugin performance issues (https://github.com/ansible/ansible/issues/79652)
- ``ansible.module_utils.service`` - ensure binary data transmission in ``daemonize()``
- ``ansible.module_utils.service`` - fix inter-process communication in ``daemonize()``
- ansible-galaxy - started allowing the use of pre-releases for collections that do not have any stable versions published. (https://github.com/ansible/ansible/pull/81606)
- ansible-galaxy - started allowing the use of pre-releases for dependencies on any level of the dependency tree that specifically demand exact pre-release versions of collections and not version ranges. (https://github.com/ansible/ansible/pull/81606)
- ansible-galaxy error on dependency resolution will not error itself due to 'virtual' collections not having a name/namespace.
- ansible-galaxy info - fix reporting no role found when lookup_role_by_name returns None.
- role deduplication - don't deduplicate before a role has had a task run for that particular host (https://github.com/ansible/ansible/issues/81486).
- uri/urls - Add compat function to handle the ability to parse the filename from a Content-Disposition header (https://github.com/ansible/ansible/issues/81806)
- winrm - Better handle send input failures when communicating with hosts under load

(adam)

Updated www/curl, www/libcurl-gnutls

(adam)

curl libcurl-gnutls: updated to 8.4.0

Fixed in 8.4.0 - October 11 2023

Changes:

curl: add support for the IPFS protocols via HTTP gateway
curl_multi_get_handles: get easy handles from a multi handle
mingw: delete support for legacy mingw.org toolchain

Bugfixes:

acinclude.m4: Document proper system truststore on FreeBSD
appveyor: fix yamlint issues, indent
appveyor: rewrite batch in PowerShell + CI improvements
autotools: adjust `CURL_CA_PATH` value to CMake
autotools: restore `HAVE_IOCTL_*` detections
base64: also build for curl
bufq: remove Curl_bufq_skip_and_shift (unused)
build: delete checks for C89 standard headers
build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros
cf-socket: simulate slow/blocked receives in debug
cmake, configure: also link with CoreServices
cmake: add check for suseconds_t
cmake: add feature checks for `memrchr` and `getifaddrs`
cmake: add missing checks
cmake: delete old `HAVE_LDAP_URL_PARSE` logic
cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW`
cmake: detect `HAVE_GETADDRINFO_THREADSAFE`
cmake: detect `sys/wait.h` and `netinet/udp.h`
cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS
cmake: disable unity mode with Windows Unicode + TrackMemory
cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows
cmake: fix `HAVE_WRITABLE_ARGV` detection
cmake: fix duplicate symbols when linking tests
cmake: fix missing `zlib.h` when compiling `libcurltool`
cmake: fix stderr initialization in unity builds
cmake: fix the help text to the static build option in CMakeLists.txt
cmake: fix unity builds for more build combinations
cmake: fix unity symbol collisions in h2 builds
cmake: fix unity with Windows Unicode + TrackMemory
cmake: improve OpenLDAP builds
cmake: lib `CURL_STATICLIB` fixes (Windows)
cmake: move global headers to specific checks
cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC
cmake: pre-cache `HAVE_POLL_FINE` on Windows
cmake: tidy-up `NOT_NEED_LBER_H` detection
cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value
configure: check for the capath by default
configure: remove unused checks
configure: replace adhoc domain with `localhost` in tests
configure: sort AC_CHECK_FUNCS
connect: expire the timeout when trying next
connect: only start the happy eyeballs timer when needed
cookie: do not store the expire or max-age strings
cookie: remove unnecessary struct fields
cookie: set ->running in cookie_init even if data is NULL
create-dirs.d: clarify it also uses --output-dirs
curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0
curl_easy_pause.3: mention h2/h3 buffering
curl_easy_pause.3: mention it works within callbacks
curl_easy_pause: set "in callback" true on exit if true
CURLOPT_DEBUGFUNCTION.3: warn about internal handles
docs/libcurl/opts/Makefile.inc: add missing manpage files
docs: adapt SEE ALSO sections to new requirements
docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER
docs: replace made up domains with example.com
docs: update curl man page references
docs: use CURLSSLBACKEND_NONE
doh: inherit DEBUGFUNCTION/DATA
escape: replace Curl_isunreserved with ISUNRESERVED
FAQ: How do I upgrade curl.exe in Windows?
GHA/linux: run singleuse to detect single-use global functions
GHA: add workflow to compare configure vs cmake outputs
h2-proxy: remove left-over mistake in drain_tunnel()
h2: testcase and fix for pausing h2 streams
h3: add support for ngtcp2 with AWS-LC builds
http2: refused stream handling for retry
http: fix CURL_DISABLE_BEARER_AUTH breakage
http: h1/h2 proxy unification
http: remove wrong comment for http_should_fail
http: use per-request counter to check too large headers
http_aws_sigv4: fix sorting with empty parts
idn: fix WinIDN null ptr deref on bad host
idn: if idn2_check_version returns NULL, return error
inet_ntop: add typecast to silence Coverity
lib: disambiguate Curl_client_write flag semantics
lib: enable hmac for digest as well
lib: failf/infof compiler warnings
lib: let the max filesize option stop too big transfers too
lib: move handling of `data->req.writer_stack` into Curl_client_write()
lib: provide and use Curl_hexencode
lib: remove TIME_WITH_SYS_TIME
lib: use wrapper for curl_mime_data fseek callback
libssh2: fix error message on failed pubkey-from-file
libssh: cap SFTP packet size sent
Makefile.mk: always set `CURL_STATICLIB` for lib (Windows)
MANUAL.md: change domain to example.com
misc: better random strings
MQTT: improve receive of ACKs
multi: do CURLM_CALL_MULTI_PERFORM at two more places
multi: fix small timeouts
multi: remove Curl_multi_dump
multi: round the timeout up to prevent early wakeups
multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE
openssl: improve ssl shutdown handling
openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
pytest: exclude test_03_goaway in CI runs due to timing dependency
quic: set ciphers/curves the same way regular TLS does
quiche: fix build error with --with-ca-fallback
RELEASE-PROCEDURE.md: updated coming release dates
runtests: display the test status if tests appear hung
runtests: eliminate a warning on old perl versions
socks: return error if hostname too long for remote resolve
src/mkhelp: make generated code pass `checksrc`
test1056: disable on Windows
test1474: disable test on NetBSD, OpenBSD and Solaris 10
test1592: greatly increase the maximum test timeout
test1903: actually verify the cookies after the test
test1906: set a lower timeout since it's hit on Windows
test2600: remove special case handling for USE_ALARM_TIMEOUT
test650: fix an end tag typo
test661: return from test early in case of curl error
test: add missing <feature>s
tests: close the shell used to start sshd
tests: fix a race condition in ftp server disconnect
tests: fix compiler warnings
tests: Fix zombie processes left behind by FTP tests.
tests: improve SLOWDOWN test reliability by reducing sent data
tests: increase lib571 timeout from 3s to 30s
tests: log the test result code after each libtest
tests: propagate errors in libtests
tests: set --expect100-timeout to improve test reliability
tests: show which curl tool `runtests.pl` is using
tests: stop overriding the lock timeout
tftpd: always use curl's own tftp.h
tool: use our own stderr variable
tool_cb_wrt: fix debug assertion
tool_getparam: accept variable expansion on file names too
tool_setopt: remove unused function tool_setopt_flags
upload-file.d: describe the file name slash/backslash handling
url: fall back to http/https proxy env-variable if ws/wss not set
url: fix netrc info message
warnless: remove unused functions
wolfssh: do cleanup in Curl_ssh_cleanup
wolfssl: allow capath with CURLOPT_CAINFO_BLOB
wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files
wolfssl: ignore errors in CA path

(adam)

zeromq: cleanup

(adam)

wasi-compiler-rt: fix build with llvm 16

* Fix build. Build specific static library only.
* TODO: Do not repeat CMake targets in Makefile.

(ryoon)

doc: Updated lang/wasi-libc to 0.0.0pre20231007

(ryoon)

wasi-libc: Update to 0.0.0pre20231007

CHangelog:
Bugfixes

(ryoon)

lang/ghc94: Fix broken "make bootstrap"

Bootstrapping the compiler without "cabal-install" is something GHC devs
rarely do, and it keeps bitrotting. This time I could make it work again,
but at some point we might end up having to distribute binaries of
cabal-install for each platform.

(pho)

doc: Updated lang/rust-bin to 1.71.1

(pin)

lang/rust-bin: update to 1.71.1

Sync with lang/rust, see the later for the ChangeLog.

mipsel-unknown-netbsd has been disabled, as there is currently no source at
https://cdn.NetBSD.org/pub/pkgsrc/distfiles/LOCAL_PORTS/rust/ for 1.71.1

(pin)

doc: pkg-vulnerabilities +KeePass, +atasm, +h2o, +kilo, +libdwarf

(tm)

doc: pkg-vulnerabilities +binutils

(tm)

doc: pkg-vulnerabilities +frr, +mupdf

(tm)

doc: pkg-vulnerabilities: add CVE-2023-44487 and eol for old tomcats

(wiz)

doc: eol-packages: add tomcat < 8.5

(wiz)

doc: pkg-vulnerabilities +libsass, +nuclei, +powerdns-recursor, +quickjs, +tcpdump, +xpdf

(tm)

doc: pkg-vulnerabilities +routinator, +sniproxy, +sofia-sip, +spice-server, +terraform

(tm)

doc: pkg-vulnerabilities +bitcoin, +consul, +faad2, +gnuplot, +screen, +tiff

(tm)

doc: pkg-vulnerabilities +gawk, +mp4v2, +nats-server, +njs, +qpdf

(tm)

doc: pkg-vulnerabilities +grub2, +opendkim

(tm)

doc: pkg-vulnerabilities +advancecomp, +poppler, +protobuf-c

(tm)

doc: pkg-vulnerabilities +vault, +vim, +webkit-gtk, +wordpress

(tm)

doc: pkg-vulnerabilities +haproxy, +p7zip, +py-MechanicalSoup, +tightvnc, +unrar, +vim

(tm)

doc: pkg-vulnerabilities +asn1c, +xterm, +yajl, +zziplib

(tm)

doc: Updated www/py-scrapy to 2.11.0

(triaxx)

py-scrapy: Update to 2.11.0

upstream changes:
-----------------
  * 2.11.0: https://docs.scrapy.org/en/latest/news.html#scrapy-2-11-0-2023-09-18
  * 2.10.0: https://docs.scrapy.org/en/2.10/news.html#scrapy-2-10-0-2023-08-04

(triaxx)

doc: Updated www/py-selenium to 4.14.0

(triaxx)

py-selenium: Update to 4.14.0

(triaxx)

Updated www/py-djangocms-link, www/py-djangocms-picture, www/py-djangocms-text-ckeditor, www/py-django-reversion

(adam)

py-django-reversion: updated to 5.0.6

5.0.6 - 2023-09-29

- Fix handling case of missing object in admin revert (@julianklotz)

5.0.5 - 2023-09-19

- Handling case of missing object in admin revert (@etianen, @PavelPancocha)
- CI improvements (@etianen, @browniebroke)

5.0.4 - 2022-11-12

- Fix warning log formatting for failed reverts (@tony).

5.0.3 - 2022-10-02

- A revision will no longer be created if a transaction is marked as rollback, as this would otherwise cause an
  additional database error (@proofit404).
- A warning log is now emitted if a revert fails due to database integrity errors, making debugging the final
  ``RevertError`` easier.

5.0.2 - 2022-08-06

- Fixed doc builds on readthedocs (@etianen).

5.0.1 - 2022-06-18

- Fix admin detail view in multi-database configuration (@atten).

5.0.0 - 2022-02-20

- Added support for using django-reversion contexts in ``asyncio`` tasks (@bellini666).
- **Breaking:** Dropped support for Python 3.6.

(adam)

py-djangocms-text-ckeditor: updated to 5.1.4

5.1.4 (2023-10-03)

fix: Issue 641 which lead to disappearing content after adding child plugins and cancelling the edit
Feature/issue 648 unable to unlink
fix: Remove legacy code from Django pre 1.4
fix: test suite for Django 2.2

5.1.3 (2022-06-21)

Upgrade Ckeditor to 4.21.0 via `640 https://github.com/django-cms/djangocms-text-ckeditor/pull/640`_

5.1.2 (2022-12-27)

Add suport for django CMS 4.1
Fix 468 via 637: Delay importing models.CMSPlugin in utils to allow adding an HTMLField to a custom user model.

5.1.1 (2022-06-22)

Removed inline editing toggle button from touch devices (where it is inactive anyways) and collapsed menus
Add workaround for toolbar bug in django CMS < 3.10: Reload page after change in inline editor
Fix 578: If parent plugins to not set body css class the default from CKEDITOR_SETTINGS is used

5.1.0 (2022-03-24)

Added inline editing
fix: Update skin patch to avoid @media query

5.0.1 (2022-03-24)

Generated new static bundle.

5.0.0 (2022-03-24)

Drop support for Python 3.5 and 3.6
Drop support for django 3.0
Added support for Python 3.9 and 3.10
Added support for django 3.2
Added support for django-cms 3.9 and 3.10

(adam)

py-djangocms-picture: updated to 4.0.0

4.0.0 (2022-03-25)

Apply {% localize off %} on <img> element
Dropped support for django 3.0
Dropped support for python 3.5 and 3.6
Added support for django 3.2
Added support for python 3.9 and 3.10

(adam)

py-djangocms-link: updated to 3.1.1

3.1.1

Added support for python 3.9 and 3.10
Dropped support for django < 3.2
Dropped support for python < 3.8
fix: Remove deprecated test suite assertEquals
fix: Remove outdated treebeard dependency

3.1.0 (2022-08-19)

Added support for Django 4.0
Display page title instead of menu title

(adam)

Updated www/py-djangocms-audio, www/py-djangocms-column, www/py-djangocms-file, www/py-djangocms-googlemap

(adam)

py-djangocms-googlemap: updated to 2.1.1

2.1.1 (2023-09-07)

Remove tight django-treebeard restriction added when 4.5.0 contained breaking changes. The core CMS and django-treebeard have since been patched to resolve the issue.
Add metadata about supported Python/Django/DjangoCMS version
Add Python 3.10 and 3.11 to testing

2.1.0 (2022-05-24)

Added support for Cloud-based maps styling via Map ID
Fixed Console warning Google Maps JavaScript API has been loaded directly without a callback.
Added map loading in language equal to current page's language
Updated README with up-to date links to Google Maps JavaScript API documentation

(adam)

py-djangocms-file: updated to 3.0.1

3.0.1 (2023-07-03)

Added support for Django 4.2
Fixed search_field to point to file_name

(adam)

py-djangocms-column: updated to 2.0.0

2.0.0 (2022-04-11)

Drop support for django 3.0, 3.1 and python 3.6
Add support for python 3.10 and allow django-cms to dictate the upper django version.

(adam)

py-djangocms-audio: updated to 2.1.1

2.1.1 (2023-07-04)

Remove requirement on django-treebeard.

2.1.0 (2023-06-29)

Added support for Django 4.2

(adam)

Updated www/py-django-filer, www/py-djangocms-admin-style, www/py-django-cms, www/py-djangocms-attributes-field

(adam)

py-djangocms-attributes-field: updated to 3.0.0

3.0.0 (2023-05-24)

Added tests for Django 4.0, 4.1, 4.2
Added tests for Python 3.10, 3.11
Remove pinning of django-treebeard

(adam)

py-django-cms: updated to 3.11.4

3.11.4 (2023-09-06)

Features:

Update dark mode switch to be compatible with Django 4.2 admin dark mode

Bug Fixes:

Toolbar action button becomes hard to read in dark mode
Backport v4.1.0rc4 fixes - Admin language and styling
diff-dom freezing on content refresh
Fixed RecursionError when extending templates
JS issues with running CMS under cypress
Mitigate performance hit due to deprecation warnings for v4.1
create page wizard fails with Asian page titles/unicode slugs
require Django >= 3.2
respect pre-set (48353c2d6) -- Fabian Braun
lint menus app
remove curly bracket left behind

3.11.3 (2023-04-25)

Bug Fixes:

Remove superfluous curly bracket left behind
Fix admin tests

(adam)

py-djangocms-admin-style: updated to 3.2.6

3.2.6 (2023-09-18)

Fix bug which adds 'data-theme="undefined"' to admin html tag
Fix broken styling with .flex-container
Fix broken color input
Add Django as requirement in setup.py

3.2.5 (2023-08-22)

Add support for Django 4.2+ dark mode switch buttons
Add support for Django 4 view related admin buttons
Improve styling compatibility with Django 4.2
Add support for search field in admin nav (new in Django 4.2)

3.2.4 (2023-04-25)

Fix page tree dropdown cross styling
Fix misaligned apphooks in changelist views.

3.2.3 (2023-01-13)

Fix paginator element overflowing its container.

3.2.2 (2023-01-06)

Fix support of django-shortcuts with original icons from django-shortcuts

3.2.1 (2022-12-15)

Check updates based on pypi releases
Fix too large margin for change list in modal window
Removed unused css generating conflicts for icons fonts of djangocms-admin-style and django-cms core.

3.2.0 (2022-06-13)

Added configurable dark mode (color scheme)

3.1.1 (2022-04-13)

Fix: Missing drop shadows and unreadable button coloring on hover

3.1.0 (2022-03-27)

Add dark mode depending on system settings

3.0.0 (2022-01-22)

Drop support for python 3.5, 3.6 and django 3.0
Increase calendar box width to show Sundays
Fix datetime fields layout
Fix modal layout issue
Improve readability in form

(adam)

py-django-filer: updated to 3.1.0

3.1.0 (2023-10-01)

feat: limit uploaded image area (width x height) to prevent decompression bombs
feat: Canonical URL action button now copies canonical URL to the user's clipboard
fix: Run validators on updated files in file change view
fix: Update mime type if uploading file in file change view
fix: Do not allow to remove the file field from an uplaoded file in the admin interface
fix: refactor upload checks into running validators in the admin and adding clean methods for file and (abstract) image models.
Fixed two more instances of javascript int overflow issue
fix: ensure uniqueness of icon admin url names
fix: Crash with django-storage if filer file does not have a storage file attached

3.0.6 (2023-09-08)

Re-add alphabetical sorting as default
fix: django-storage 1.14 complains about files being opened twice when copying

3.0.5 (2023-08-22)

Fix bug that ignored thumbnail storage custom settings in directory view
remove Django 2.2, 3.0, and 3.1 classifiers in setup.py
remove tests for Django < 3.2 since those versions are not supported anymore

3.0.4 (2023-08-04)

Fix bug when submitting permission admin form
Fix folder select field css of permission admin form
Fix requirements (Django>=3.2) in setup.py and docs
Update Dutch, Spanish and French locale

3.0.3 (2023-07-21)

Fix copy folder being broken after django-mptt removal
fix: crash in the file detail view
Fix: actions.js error thrown in js console

3.0.2 (2023-07-17)

Fix another bug when the the thumbnailer in admin tags crashes because of invalid or missing file
Ensure action buttons in directory listing do not get disabled after using cancel or back button if files or folders are selected.

3.0.1 (2023-07-13)

Fix a bug that creates a server error when requesting a thumbnail from an invalid or missing file
Fix a bug that on some systems webp images were not recognized
Add missing css map files

3.0.0 (2023-07-05)

Add validation framework to prevent XSS attacks using HTML or SVG files (see docs)
Only show uncategorized files to the owner or superuser if permissions are active
Add an edit button to the file widget which opens edit file pop-up
Refactored directory list view for significant performance increases
Remove thumbnail generation from the directory list view request response cycle
Support for upload of webp images
Optional support for upload of heif images
Add Django 4.2 support
Add thumbnail view for faster visual management of image libraries
Fix File.objects.only() query required for deleting user who own files.
Fix several CSS quirks
Fix folder widget
Remove unused css from delete confirmation view and move file view
Add Pillow 10 compatibility
Update translations (de/fr/nl)
Drop Django 2.2, 3.0, and 3.1 support

(adam)

Updated www/py-django-mptt, www/py-easy-thumbnails

(adam)

py-easy-thumbnails: updated to 2.8.5

2.8.5 (2023-01-09)
------------------
* Fix regression introduced in version 2.8.4. Argument ``quality`` is not removed for images
  of type ``.webp``.

2.8.4 (2022-12-19)
------------------
* Fix problem when thumbnailing images of type TIFF. PIL's ``TiffImagePlugin`` doesn't
  like argument ``quality``.
* Replace deprecated Pillow constants against newer counterparts. Check
  https://pillow.readthedocs.io/en/stable/releasenotes/9.1.0.html#deprecations for details.

2.8.3 (2022-08-02)
------------------
* Fix regression in library detection introduced  in version 2.8.2.

2.8.2 (2022-07-31)
------------------
* Installation of easy-thumbnails now optionally depends on the reportlab library.

2.8.1 (2022-01-20)
------------------

* Add support for Django 4.
* New ``THUMBNAIL_IMAGE_SAVE_OPTIONS`` setting.
* Fix: Uploading SVG Images to S3 storage.

2.8.0 (2021-11-03)
------------------

* Add support for thumbnailing SVG images. This is done by adding an emulation layer named VIL,
  which aims to be compatible with PIL. All thumbnailing operations, such as scaling and cropping
  behave like pixel images.
* Remove configuration directives ``THUMBNAIL_HIGH_RESOLUTION`` and ``THUMBNAIL_HIGHRES_INFIX``
  from easy-thumbnails setting directives.

2.7.2 (2021-10-17)
------------------

* Add support for Django 3.2 and Python-3.10.
* Fix: Do not close image after loading content.
* In management command ``thumbnail_cleanup``, replace ``print``-statements
  against ``stdout.write``.
* Use Python format strings whereever possible.

(adam)

py-django-mptt: updated to 0.15.0

0.15

Since I unfortunately still depend on django-mptt in prehistoric projects I took it upon me to make it runnable again. This doesn't mean I want to maintain the package.
Added Django 4.2.
Dropped Python < 3.9, Django < 3.2.
Started using ruff and more rules.
Dropped the index_together check on Django 5 and better. Django 5 only supports Meta.indexes.
Optimized tree rebuilding.
Added support for the Django admin theme switcher.
Switched to hatchling.

(adam)

doc: Updated wm/marswm to 0.5.1

(pin)

wm/marswm: update to 0.5.1

- Fixing windows getting lost when switching off their monitor
- Fixing windows staying hidden on monitor disconnect
- Bump dependencies
- Improving language quality
- Adding keybinding to increase/decrease gap size
- Fixing overflow issues with unreasonably huge gaps in layouts.rs
- Fixing Level3 modifier being wrongfully bound
- Fixing client decoration on workspace switching
- Warping pointer on window activation
- Fixing restacking on floating layout
- Allow dialogs to be resized by their programs
- Allow moving fullscreen windows with the mouse
- Fixing crash on move_main
- Fixing moving of fullscreen windows between monitors
- Fixing bug with previous fix regarding move_main
- Prefer fullscreen windows when focusing after switching workspace

(pin)

lang/rust: restore USE_CXX_FEATURES

lost during the last update.

(pin)

Updated www/py-django-classy-tags, www/py-django-sekizai

(adam)

py-django-sekizai: updated to 4.1.0

4.1.0 2023-05-02

Added django 4.2 and main to the test suite
Fix bug which let checks fail on templates using the with_data template tag.

4.0.0 2022-07-26

Django 4 support added
Dropped python 3.7, django 2.2 and 3.1

3.0.1 2022-02-01

Fix for tests in sdist tarball

3.0.0 2022-01-22

Added support for Django 3.2
Drop support for python 3.5 and 3.6

(adam)

py-django-classy-tags: updated to 4.1.0

4.1.0 2023-07-29

Django 4.2 support

4.0.0 2022-12-01

Dropped support for Python 3.7
Added support for Python 3.11
Dropped support for Django < 3.2
Added support for Django 4.1
Start testing against Django's main branch

3.0.1 2022-02-01

Update manifest to include all the tests dir

3.0.0 2022-01-22

Added support for Django 3.2 and 4.0
Drop support for python 3.5 and 3.6

(adam)

Updated databases/sqlite3*, devel/lemon

(adam)

sqlite3: updated to 3.43.2

Changes in this specific patch release, version 3.43.2 (2023-10-10):

Fix a couple of obscure UAF errors and an obscure memory leak.
Omit the use of the sprintf() function from the standard library in the CLI, as this now generates warnings on some platforms.
Avoid conversion of a double into unsigned long long integer, as some platforms do not do such conversions correctly.

(adam)

Updated textproc/py-fastjsonschema, devel/py-test-timeout, devel/py-cwcwidth, textproc/py-markdown

(adam)

py-markdown: updated to 3.5

3.5

Added

Add permalink_leading configuration option to the toc extension

A new boolean option permalink_leading controls the position of the permanent link anchors generated with permalink. Setting permalink_leading to True will cause the links to be inserted at the start of the header, before any other header content. The default behavior for permalink is to append permanent links to the header, placing them after all other header content.

Changed

Add support for cPython version 3.12 (and PyPy 3.10) and drop support for Python version 3.7
Refactor changelog to use the format defined at https://keepachangelog.com/.
Update the list of empty HTML tags
Add customizable TOC title class to TOC extension
Add API documentation of the code base which is generated by mkdocstrings

(adam)

doc: Updated net/samba4 to 4.18.8

(taca)

net/samba4: update to 4.18.8

                  ==============================
                  Release Notes for Samba 4.18.8
                          October 10, 2023
                  ==============================

This is a security release in order to address the following defects:

o CVE-2023-3961:  Unsanitized pipe names allow SMB clients to connect as root to
                  existing unix domain sockets on the file system.
                  https://www.samba.org/samba/security/CVE-2023-3961.html

o CVE-2023-4091:  SMB client can truncate files to 0 bytes by opening files with
                  OVERWRITE disposition when using the acl_xattr Samba VFS
                  module with the smb.conf setting
                  "acl_xattr:ignore system acls = yes"
                  https://www.samba.org/samba/security/CVE-2023-4091.html

o CVE-2023-4154:  An RODC and a user with the GET_CHANGES right can view all
                  attributes, including secrets and passwords.  Additionally,
                  the access check fails open on error conditions.
                  https://www.samba.org/samba/security/CVE-2023-4154.html

o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
                  server block for a user-defined amount of time, denying
                  service.
                  https://www.samba.org/samba/security/CVE-2023-42669.html

o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
                  listeners, disrupting service on the AD DC.
                  https://www.samba.org/samba/security/CVE-2023-42670.html

(taca)

py-cwcwidth: updated to 0.1.9

0.1.9

* Drop support for Python 3.7.
* Add support for Python 3.12.
* Avoid redefinition of `_XOPEN_SOURCE`.

(adam)

py-test-timeout: updated to 2.2.0

2.2.0
Add --timeout-disable-debugger-detection flag

(adam)

py-fastjsonschema: updated to 2.18.1

2.18.1 (2023-10-01)

* Lazy import of urllib to improve import performance

(adam)

Updated net/zeromq, www/nghttp2, www/nghttp2-tools

(adam)

nghttp2 nghttp2-tools: updated to 1.57.0

Nghttp2 v1.57.0

Security Advisory

CVE-2023-44487: HTTP/2 Rapid Reset

For more information, read the security advisory.

lib

This release has a fix to mitigate CVE-2023-44487: HTTP/2 Rapid Reset. It has reasonable amount of default budgets for incoming RST_STREAM frames. Application can tune the rate limit by using nghttp2_option_set_stream_reset_rate_limit. It can also implement its own rate limit by implementing nghttp2_on_frame_recv_callback and check RST_STREAM frame.

nghttpx

This release fixes the bug that --single-process does not work. It also fixes the bug that TLS connection is not rate limited.

(adam)

zeromq: updated to 4.3.5

libzmq 4.3.5

Relicensing from LGPL-3.0+ (with custom exceptions) to MPL-2.0 is now complete.
libzmq is now distributed under the Mozilla Public License 2.0. Relicensing
grants have been collected from all relevant authors, and some functionality
has been clean-room reimplemented where that was not possible. In layman terms,
the new license provides the same rights and obligations as before. Source
files are now tagged using the SPDX license identifier format.
Details of the relicensing process can be seen at:
Relicensing grants have been archived at:
https://github.com/rlenferink/libzmq-relicense
A special thanks to everybody who helped with this long and difficult task,
with the process, the reimplementations, the collections and everything else.

New DRAFT (see NEWS for 4.2.0) socket options:

ZMQ_BUSY_POLL will set the SO_BUSY_POLL socket option on the underlying
sockets, if it is supported.
ZMQ_HICCUP_MSG will send a message when the peer has been disconnected.
ZMQ_XSUB_VERBOSE_UNSUBSCRIBE will configure a socket to pass all
unsubscription messages, including duplicated ones.
ZMQ_TOPICS_COUNT will return the number of subscribed topics on a
PUB/SUB socket.
ZMQ_NORM_MODE, ZMQ_NORM_UNICAST_NACK, ZMQ_NORM_BUFFER_SIZE,
ZMQ_NORM_SEGMENT_SIZE, ZMQ_NORM_BLOCK_SIZE, ZMQ_NORM_NUM_PARITY,
ZMQ_NORM_NUM_AUTOPARITY and ZMQ_NORM_PUSH to control various aspect of
NORM sockets.
See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details.
New DRAFT (see NEWS for 4.2.0) zmq_ppoll APIs was added that differs from
zmq_poll in the same way that ppoll differs from poll.
See doc/zmq_ppoll.txt for details.

Various bug fixes and performance improvements.

(adam)

lang/ghc94: Fix build of hadrian/bootstrap with cabal-install-parsers >= 0.6

(pho)

doc: pkg-vulnerabilities +go120, +gradle, +php-concrete5, +php-piwigo, +py-octoprint, +py-urllib3, +tiff, +tnftpd, +vim

(tm)

doc: Updated graphics/raleigh-reloaded to 1.6

(tsutsui)

raleigh-reloaded: update to 1.6.

No upstream changelog.

(tsutsui)

doc: Updated net/sayaka to 3.7.1

(tsutsui)

sayaka: update to 3.7.1.

pkgsrc changes:
- workaround build errors of gcc7 on netbsd-9
- fix a problem that webp images with alpha channel are not shown properly

Upstream changes:

* 3.7.1 (2023/10/09)
- fix failures on drawing WebP images in some cases
- fix infinite loop on emoji notification messages

* 3.7.0 (2023/10/09)
- start support of Misskey
- drop functions to connect to Twitter
- drop --filter, --home, --no-rest, --post, and --token options
- add --twitter, --misskey, and --local options
- temporarily drop --ngword-* and --show-ng options
- rename --black/--white options to --dark/--light

(tsutsui)