qore: fix linking of modules on Illumos

(nros)

Note update of net/routinator to 0.13.0.

(he)

Upgrade routinator to version 0.13.0.

Pkgsrc changes:
* Update cargo-depends.mk, update checksums.

Upstream changes:

Release v0.13.0 -- 'Should Have Started This in a Screen'

New

* Added support for ASPA. Processing needs to be enabled via the
  new option `enable-aspa` which is only available if the `aspa`
  feature is explicitly selected during compilation. This is due to
  the specification still changing. The implementation currently
  conforms with [draft-ietf-sidrops-aspa-profile-15].  ([#847],
  [#873], [#874], [#878])
* Added support for version 2 of the RTR protocol. This primarly
  means support for the ASPA payload type. ([#847])
* Sending SIGUSR2 to Routinator will re-open a log file if logging
  to a file is enabled. ([#859])
* The HTTP server provides a new endpoint `/json-delta/notify` that
  can be used to wait for updated data similar to the RTR Notify PDU.
  ([#863])
* Added support for filtering and adding router keys via local
  exception files. ([#865])
* The `vrps` command and the HTTP payload output endpoints now
  allow excluding specific payload types for output. ([#866])
* Added a new member `payload` to the output of the `/api/v1/status`
  endpoint that gives an overall summary of the produced payload.
  ([#867])
* Added new members `generated` and `generatedTime` to the JSON
  object produced by the `/json-delta` endpoint. ([#868])

Breaking Changes

* A new field `aspa` was added to the jsonext format. See the manual
  page for more information. ([#847])
* A number of ASPA-related fields have been added to all metrics
  and status formats. ([#847])
* Renamed functions and attributes that refer to standalone end
  entity certificates to refer to router certificates so they don't
  get confused with the end entity certificates included with signed
  objects. ([#854])
* Renamed the JSON member in the HTTP status API from `validEECerts`
  to `validRouterCerts`. The old name is still available but may be
  removed in the future. ([#854])
* The regular `json` output format now includes router key and ASPA
  output. Since both are disabled by default, the format will still
  be compatible by default. ([#866])
* The minimal required Rust version has been increased to 1.70.
  ([#847], [#853], [#869], [#879])

Bug Fixes

* Fixed a bug in the RTR server where it would include router key
  PDUs even if the negotiated protocol version was 0. (via [rpki-rs
  #250])
* Restored the ability to parse ASNs in JSON input to the `validity`
  command as string or number. ([#861])
* Update bcder to at least 0.7.3 to fix various decoding issues
  that could lead to a panic when processing invalid RPKI objects.
* Check the request URI when generating a path for storing a copy
  of a RRDP response with the `rrdp-keep-responses` option to avoid
  path traversal. ([#894]. Found by Haya Shulman, Donika Mirdita and
  Niklas Vogel. Assigned CVE-2023-39916.)

Other Changes

* The log message for missing manifest now include the URI of the
  CA certificate for which the manifest is missing. ([#864])
* Binary packages are now also built for Debian _bookworm._ ([#881])

[#847]: https://github.com/NLnetLabs/routinator/pull/847
[#853]: https://github.com/NLnetLabs/routinator/pull/853
[#854]: https://github.com/NLnetLabs/routinator/pull/854
[#859]: https://github.com/NLnetLabs/routinator/pull/859
[#861]: https://github.com/NLnetLabs/routinator/pull/861
[#863]: https://github.com/NLnetLabs/routinator/pull/863
[#864]: https://github.com/NLnetLabs/routinator/pull/864
[#865]: https://github.com/NLnetLabs/routinator/pull/865
[#866]: https://github.com/NLnetLabs/routinator/pull/866
[#867]: https://github.com/NLnetLabs/routinator/pull/867
[#868]: https://github.com/NLnetLabs/routinator/pull/868
[#869]: https://github.com/NLnetLabs/routinator/pull/869
[#873]: https://github.com/NLnetLabs/routinator/pull/873
[#874]: https://github.com/NLnetLabs/routinator/pull/874
[#878]: https://github.com/NLnetLabs/routinator/pull/878
[#879]: https://github.com/NLnetLabs/routinator/pull/879
[#881]: https://github.com/NLnetLabs/routinator/pull/881
[#894]: https://github.com/NLnetLabs/routinator/pull/894
[rpki-rs #250]: https://github.com/NLnetLabs/rpki-rs/pull/250
[draft-ietf-sidrops-aspa-profile-15]: https://datatracker.ietf.org/doc/draft-ietf-sidrops-aspa-profile/15/

(he)

comms/openobex: fix PLIST

(vins)

print/pdflib: fix unfetchable distfile

(vins)

textproc/cabocha: distfile tarball no more locally cached (fix)

(vins)

doc: Updated devel/cmake-mode to 3.27.6

(gdt)

doc: Updated devel/cmake-gui to 3.27.6

(gdt)

doc: Updated devel/cmake to 3.27.6

(gdt)

devel/cmake: Update to 3.27.6

Upstream changes from https://discourse.cmake.org/t/cmake-3-27-6-available-for-download/9024

  - add_custom_target: Fix regression with Fortran sources
  - Tests/FortranModules: move issue 25112 fix from FortranOnly
  - Tests/FortranModules: add a test case for #25223
  - Tests/FortranModules: also test INTERFACE targets with Fortran sources
  - Tests/FortranModules: add a test for iface Fortran sources

commited during freeze because it fixes a regression that breaks at
least math/blas.

(gdt)

mail/opensmtpd: fix bug in Makefile.

SMTPD_HOME was undefined in Makefile.
Also, since libretls has been patches for OpenSSL 3.x, deprecate README.
Bump revision.

(vins)

opensmtpd-filter-dkimsign: fix key directory path for _dkimsign user

(vins)

opensmtpd-filter-dkimsign: fix compiler warnings and bump revision.

(vins)

libcutl: build on compilers that default to c++17

(nros)

doc: Updated graphics/oculante to 0.7.6

(pin)

graphics/oculante: update to 0.7.6

0.7.6 (2023-09-20)
- Update smithay-client-toolkit
- Update JXL
- Remove LTO from pkgbuild
- Add file deletion option, moved to trash - Not available on NetBSD

(pin)

doc: Updated math/four-bar-rs to 5.1.0

(pin)

math/four-bar-rs: update to 5.1.0

v5.1.0
- No ChangeLog provided.

v5.0.0
- No ChangeLog provided.

(pin)

devel/libopensmtpd: fix build on SunOS and bump revision.

(vins)

Updated sysutils/xenkernel415 to 4.15.5nb1

(bouyer)

Apply upstream patch for security issue XSA438
Bump PKGREVISION

(bouyer)

lang/racket-textual: regenerate checksums for shared patch files.

Required after recent lang/racket revision.
Revbump package accordingly.

(vins)

sysutils/xosview2: force C++17 standard.

(vins)

databases/libpqxx: force C++17 standard to fix build.

(vins)

CHANGES for pysolfc

(dholland)

pysolfc: fix for recent py-Pillow

Update names for constants that were apparently deprecated and have
now been removed. In true pythonic form it only failed at runtime.

Also, depend on py-Pillow directly instead of relying on inheriting it
from py-kivy.

PKGREVISION -> 4

(dholland)

devel/Makefile: sort

(wiz)

meson: note packaging bug causing bulk build failures

A fix is being tested that works for py-pandas multi-version builds in
pbulk, but it needs refinement, as does patching for py-scipy. (And
patching each package doesn't scale as a practice, but that's probably
more a concern for post-branch.) Add this note for now as a stop-gap,
should someone else be looking into this.

(gutteridge)

Start 2023Q3 freeze

(gdt)

lang/racket: fix build on NetBSD.

* Package uses terminfo, so include "mk/terminfo.buildlink3.mk".
* Patch to not require ncurses on NetBSD. Builds fine with netbsd-curses
  and apparently doesn't require extra features.
* Replace all instances of `-lncurses` with `-lcurses -lterminfo` in
  patch files.
* Replace "devel/ncurses/buildlink3.mk" with "mk/curses.buildlink3.mk"
  in Makefile to reflect above change.
* Bump revision.

Tested on NetBSD-10.0_BETA/amd64.

(vins)

doc: Updated devel/got-portable to 0.93

(vins)

devel/got-portable: update to 0.93

* got 0.93; 2023-09-18
  see git repository history for per-change authorship information
  - show out-of-memory errors from zlib inflate() and deflate() calls
  - make 'got fetch' and 'got send' release the work tree lock earlier
  - tog: add basic regress for log limit and log search
  - fix "no git repository found" on locked work trees; regression from
  0.91
  - gotwebd: CSS improvements, looks much better in text-based browsers
  - gotwebd: don't lose track of the current file during commit log
  pagination
  - gotwebd: move buffering from the fastcgi layer to the template layer
  - got diff: fix "No newline at end of file" showing up where not
  expected
  - make 'got send' detect connections unexpectedly closed by server
  - fix detection of modified files in fresh work trees created with
  checkout -E
  - gotd: fix bogus "gotsh: operation timed out" errors; regression from
  0.92

(vins)

doc: Updated archivers/rar to 6.23

(vins)

archivers/rar: update to 6.23

# changes (since release 6.20)

  Version 6.23

  1. Bugs fixed:

      a) a security issue involving out of bounds write is fixed
        in RAR4 recovery volumes processing code.

        We are thankful to goodbyeselene working with Trend Micro Zero Day
        Initiative for letting us know about this bug.

  Version 6.22

  1. Bugs fixed:

      a) extracting individual files from solid archives created by
        RAR versions older than 2.0, could fail in RAR 6.20 and 6.21.
        It didn't affect extracting the entire archive, which was performed
        correctly.

  Version 6.21

  1. Bugs fixed:

      a) if unencrypted file was stored after encrypted in the same
        RAR archive and both files had been unpacked in the same extraction
        command, RAR 6.20 failed to unpack the unencrypted file.

(vins)

doc: Updated mail/dovecot2-pigeonhole to 0.5.21

(otis)

mail/dovecot2-pigeonhole: Update to 0.5.21

Changelog:
- sieve: Using the deleteheader action on a message with a broken/invalid
  header can cause the Sieve interpreter to crash with an assert panic.
  This can happen e.g. when the message is missing the empty EOH line
  between the headers and the body of the message. Fixes:
  Panic: file edit-mail.c: line 820 (edit_mail_headers_parse):
  assertion failed: (body_offset > 0).
- sieve: Pigeonhole added an extra Message-ID header during mail
  forwarding when the existing one was invalid. Now it adds the
  Message-ID only if it is entirely missing. Existing Message-ID(s) are
  left unchanged.

(otis)

doc: Updated mail/dovecot2 to 2.3.21

(otis)

mail/dovecot2: Update to 2.3.21

Changelog:
* lib-oauth2: Allow JWT tokens to be validated with missing typ field.
  The typ field is left out by some key issuers to conserve space,
  notably kubernetes. Now missing typ is tolerated, but if present, it
  still must be "jwt".
+ auth: Auth passdb and userdb reply can contain "event_<name>=value"
  which will be added to login event and mail user event respectively.
+ lib-master: Set process title during various initialization stages to
  clearly describe what the process is waiting on.
+ lib-storage: The mail_temp_scan_interval is now fuzzed incrementing it
  by 0..30% based on username's hash to reduce the chance of load spikes.
+ lib-storage: The temp file scan has been moved from the open of the
  mailbox to the close, to reduce the latency perceived by users.
+ stats: If metric has fields specified, all these fields are
  exported as counters to prometheus exposition.
  See https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
- *-login: Processes might have crashed when a SSL connection disconnects
  uncleanly.
- acl: When plugin was loaded \HasChildren and \HasNoChildren flags
  were calculated incorrectly for mailboxes containing '*' and '%'
  in their names.
- auth: Crash occured if a connection to PostgreSQL database server
  failed during startup.
- auth: Logins with invalid passwords (e.g. unknown scheme) in passdb
  were failing with "password mismatch" instead of "internal error".
- auth: XOAUTH2 and OAUTHBEARER mechanisms were not giving out protocol
  specific error message on all errors. This especially broke OIDC
  discovery.
- dbox: When last_temp_file_scan header wasn't set (especially after
  dsync migration), the next mailbox open always triggers the temp file
  scan. This could have caused a load spike after migrations. Fixed by
  using the mailbox directory's atime when the header isn't set, which
  usually moves the scan time into the future.
- dict-redis: A crash would occur on transaction rollback.
- dsync: Infinite loop causing out of memory would occur when handling
  mailbox deletion from remote end and hierarchy separators would differ.
- dsync: Incremental dsync failed for folder names ending with '%',
  unless BROKENCHAR was set. Also folder names with '%' elsewhere in
  them caused each incremental dsync to unnecessarily rename the folder
  to a temporary name and back. v2.3.19 regression.
- imap-hibernate: If an IMAP client unhibernation timed out with
  "(version received)", the unhibernation could still have successfully
  finished later on and continued working normally. This was rather
  confusing, because imap-hibernate already logged that the client got
  disconnected. Avoid this by forcing the connection to shutdown on
  unhibernation timeout.
- imapc: Crashed when a folder mapped through the virtual plugin
  disappears from the storage.
- imapc: EXPUNGE, EXISTS or FETCH replies from a server for a previously
  selected mailbox could have been processed as if they belonged to the
  new mailbox currently being selected. This could have caused warnings.
- lib-http: Dovecot HTTP server (doveadm, stats/openmetrics) may have
  disconnected HTTP clients before the response is fully sent. This
  happened only on busy servers where kernel's socket buffers were
  rather full.
- lib-http: Fixed a potential crash on http-server if a client
  disconnected early. v2.3.18 regression.
- lib-index: Index file corruption could have caused a crash. Fixes:
  Panic: file mail-transaction-log-view.c: line 165 (mail_transaction_log_view_set):
  assertion failed: (min_file_seq <= max_file_seq).
- lib-index: Purging an existing >1GB cache file can crash. Now cache
  files still above 1GB after purging are removed. Fixes:
  Panic: file mail-index-util.c: line 10 (mail_index_uint32_to_offset):
  assertion failed: (offset < 0x40000000)
- lib-lua: A HTTP client could not resolve DNS names in mail processes,
  because it expected "the dns-client" socket to exist in the current
  directory.
- lib-oauth2: Dovecot would send client_id and client_secret as POST
  parameters to the introspection server. These need to be optionally in
  Basic auth instead.
- lib-oauth2: JWT aud validation was not performed if aud was missing
  from a token, but was configured on Dovecot.
- lib-oauth2: JWT key type check was too strict.
- lib-oauth2: JWT token audience was not validated against client_id as
  required by the specification.
- lib-ssl-iostream: Using the ssl_require_crl=yes setting may have caused
  CRL check failures for outgoing SSL/TLS connections, although it was
  supposed to affect checking CRLs only for client-side SSL
  certificates. v2.3.17 regression.
- lib-sql: MySQL driver leaked memory when connection failed.
- lib-storage: Various fixes when running into out of disk space.
- master: Service idle_kill setting didn't work properly on busy
  servers. It was very unlikely that any process was idling long enough
  to become killed. Also the idle_kill handling code was using quite a
  lot of CPU on the master process when there were a lot of processes
  (e.g. imap). The new behavior is to track the lowest number of idling
  processes every idle_kill time interval and then kill that many idling
  processes.
- mdbox: Temp file scan was done for always empty directories.
- mdbox: The fdatasync() call was done in wrong parent directory when
  writing mails. Also on a failure it crashed instead of logging an error.
- notify_status: The plugin crashes if any user initialization fails.
- pop3: Sending command with the ':' character caused an assert-crash.
  v2.3.18 regression. Fixes: Panic: event_reason_code_prefix(): name has ':'
- stats: Fix panic when a nonexistent event exporter was referenced while
  adding a new metric dynamically via doveadm stats add. This produces
  a proper error now.
- stats: If process exported a lot of events and then exited, some of
  the last events may have become lost.
- stats: Invalid Prometheus label names were created with specific
  histogram group_by configurations. Prometheus rejected these labels.
- welcome: The plugin didn't execute in some situations that created
  INBOX but didn't open it, e.g. if GETMETADATA was used before the
  INBOX was opened.

(otis)

doc: Updated geography/qgis to 3.28.11

(gdt)

geography/qgis: Update to 3.28.11

upstream changes: micro release (maintenance only)

(gdt)

Updated net/iperf3, archivers/unrar

(adam)

unrar: updated to 6.2.11

(adam)

iperf3: updated to 3.15

iperf-3.15 2023-09-14
---------------------

* Notable user-visible changes

  * Several bugs that could allow the iperf3 server to hang waiting
    for input on the control connection has been fixed. ESnet thanks
    Jorge Sancho Larraz from Canonical for reporting this issue. For
    more information, see:
    https://downloads.es.net/pub/iperf/esnet-secadv-2023-0002.txt.asc

  * A bug that caused garbled output with UDP tests on 32-bit hosts
    has been fixed.

  * A bug in counting UDP messages has been fixed

(adam)

Updated www/py-urllib3, textproc/py-jsonschema

(adam)

py-jsonschema: updated to 4.19.1

v4.19.1

* Single label hostnames are now properly considered valid according to the ``hostname`` format.
  This is the behavior specified by the relevant RFC (1123).
  IDN hostname behavior was already correct.

(adam)

py-urllib3: updated to 2.0.5

2.0.5 (2023-09-20)

- Allowed pyOpenSSL third-party module without any deprecation warning.
- Fixed default ``blocksize`` of ``HTTPConnection`` classes to match high-level classes. Previously was 8KiB, now 16KiB.

(adam)

racket: skip portability check for rpm Makefile

(wiz)

mk: Add a few more common _DEBUG_SKIP_PATTERNS.

(jperkin)

doc: Updated security/ruby-metasploit-payloads to 2.0.150

(taca)

security/ruby-metasploit-payloads: update to 2.0.150

2.0.150 (2023-09-20)

* Land #674, Fix python unittest deprecation warning

(taca)

doc: Updated textproc/ruby-tilt to 2.3.0

(taca)

textproc/ruby-tilt: update to 2.3.0

2.3.0 (2023-09-14)

* Remove deprecated support for non-string template code in PrawnTemplate
  (jeremyevans)
* Remove deprecated support for
  {ERB,Erubis}Template#default_output_variable{,=} (jeremyevans)
* Remove deprecated support for CoffeeScriptTemplate.default_no_wrap{,=}
  (jeremyevans)
* Remove deprecated support for RedCarpet 1.x (jeremyevans)
* Remove deprecated support for Tilt.current_template (jeremyevans)
* Make Template#freeze_string_literals? work correctly with
  Template#compiled_path (jeremyevans)
* Support :freeze option for StringTemplate to support frozen string
  literals (jeremyevans)
* Make Tilt.finalize! a no-op if it has already been called (jeremyevans)

(taca)

doc: Updated net/bind918 to 9.18.19

(taca)

net/bind918: update to 9.18.19

9.18.19 (2023-09-20)

6246. [security] Fix use-after-free error in TLS DNS code when sending
data. (CVE-2023-4236) [GL #4242]

6245. [security] Limit the amount of recursion that can be performed
by isccc_cc_fromwire. (CVE-2023-3341) [GL #4152]

6244. [bug] Adjust log levels on malformed messages to NOTICE when
transferring in a zone. [GL #4290]

6241. [bug] Take into account the possibility of partial TLS writes
in TLS DNS code. That helps to prevent DNS messages
corruption on long DNS over TLS streams. [GL #4255]

6240. [bug] Use dedicated per-worker thread jemalloc memory
arenas for send buffers allocation to reduce memory
consumption and avoid lock contention. [GL #4038]

6239. [func] Deprecate the 'dnssec-must-be-secure' option.
[GL #3700]

6237. [bug] Address memory leaks due to not clearing OpenSSL error
stack. [GL #4159]

6235. [doc] Clarify BIND 9 time formats. [GL #4266]

6234. [bug] Restore stale-refresh-time value after flushing the
cache. [GL #4278]

6232. [bug] Following the introduction of krb5-subdomain-self-rhs
and ms-subdomain-self-rhs update rules, removal of
nonexistent PTR and SRV records via UPDATE could fail.
[GL #4280]

6231. [func] Make nsupdate honor -v for SOA requests if the server
is specified. [GL #1181]

6230. [bug] Prevent an unnecessary query restart if a synthesized
CNAME target points to the CNAME owner. [GL #3835]

6227. [bug] Check the statistics-channel HTTP Content-length
to prevent negative or overflowing values from
causing a crash. [GL #4125]

6224. [bug] Check the If-Modified-Since value length to prevent
out-of-bounds write. [GL #4124]

(taca)

doc: Updated ham/chirp to 20230917

(gdt)

ham/chirp: Update to 20230917

Upstream changes are minor/bugfixes

(gdt)

doc: Updated net/bind916 to 9.16.44

(taca)

net/bind916: update to 9.16.44

9.16.44 (2023-09-20)

6245. [security] Limit the amount of recursion that can be performed
by isccc_cc_fromwire. (CVE-2023-3341) [GL #4152]

6235. [doc] Clarify BIND 9 time formats. [GL #4266]

6230. [bug] Prevent an unnecessary query restart if a synthesized
CNAME target points to the CNAME owner. [GL #3835]

(taca)

doc: Updated sysutils/broot to 1.25.2

(pin)

sysutils/broot: update to 1.25.2

- optional BROOT_CONFIG_DIR env var - the site now shows all env variables:
  https://dystroy.org/broot/launch/#environment-variables
- --only-folders now longer allows symlinks to non directories - Fix #742

(pin)

doc: Updated games/tetris-tui to 0.1.6

(pin)

games/tetris-tui: update to 0.1.6

- limit player name length
- disable raw mode before quitting
- make the game continue after unpausing

(pin)

postgresql16: require ICU

(adam)

Updated lang/nodejs, lang/nodejs18

(adam)

nodejs18: updated to 18.18.0

Version 18.18.0 'Hydrogen' (LTS)

Notable Changes

- **build**: sync libuv header change (Jiawen Geng)
- **crypto**: update root certificates to NSS 3.93 (Node.js GitHub Bot)
- **crypto**: update root certificates to NSS 3.90 (Node.js GitHub Bot)
- **deps**: add missing thread-common.c in uv.gyp (Santiago Gimeno)
- **deps**: upgrade to libuv 1.46.0 (Santiago Gimeno)
- **deps**: upgrade to libuv 1.45.0 (Santiago Gimeno)
- **doc**: add atlowChemi to collaborators (atlowChemi)
- **doc**: add vmoroz to collaborators (Vladimir Morozov)
- **doc**: add kvakil to collaborators (Keyhan Vakil)
- **(SEMVER-MINOR)** **esm**: add `--import` flag (Moshe Atlow)
- **(SEMVER-MINOR)** **events**: allow safely adding listener to abortSignal (Chemi Atlow)
- **fs, stream**: initial `Symbol.dispose` and `Symbol.asyncDispose` support (Moshe Atlow)
- **net**: add autoSelectFamily global getter and setter (Paolo Insogna)
- **(SEMVER-MINOR)** **url**: add value argument to has and delete methods (Sankalp Shubham)

(adam)

nodejs: updated to 20.7.0

Version 20.7.0 (Current)

Notable Changes

- src: support multiple --env-file declarations (Yagiz Nizipli)
- crypto: update root certificates to NSS 3.93 (Node.js GitHub Bot)
- deps: upgrade npm to 10.1.0 (npm team)
- (SEMVER-MINOR) deps: upgrade npm to 10.0.0 (npm team)
- doc: move and rename loaders section (Geoffrey Booth)
- doc: add release key for Ulises Gascon (Ulises Gascón)
- (SEMVER-MINOR) lib: add api to detect whether source-maps are enabled (翠 / green)
- src,permission: add multiple allow-fs-* flags (Carlos Espa)
- (SEMVER-MINOR) test_runner: expose location of tests (Colin Ihrig)

(adam)

doc: Updated shells/nushell to 0.85.0

(pin)

shells/nushell: update to 0.85.0

Themes of this release/New features
Nushell + Uutils = ��わ��
he Nushell team is thrilled to announce ��コ that we've begun working with the
uutils/coreutils team on integrating some of their foundational core utilies
into nushell. With this release, we've started with the coreutils cp command,
which we've temporarily named ucp. We're starting with ucp to allow broad
testing while the current nushell cp command remains the default.
We've already found one bug in the coreutils cp command and you might find
others. Once it stabelizes, probably with the 0.86.0 release, we'll remove the
nushell cp command and rename ucp to cp. In keeping with the nushell style,
we've only added a handful of parameters. We can, and probably will, add more
if the community determines we need them. We're so very excited and would like
to thank terts, from the coreutils team, for his excellent help and special
appreciation to dmatos2012 for the, very iterative, first uutils/coreutils
integration PR #10097 for the cp command. To read more about how this came to
be, checkout our blog post.

Read about the full list of changes at:
https://www.nushell.sh/blog/2023-09-19-nushell_0_85_0.html

(pin)

Updated security/py-cryptography, security/py-cryptography_vectors

(adam)

py-cryptography py-cryptography_vectors: updated to 41.0.4

41.0.4 - 2023-09-19

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3.

(adam)

Updated net/py-netaddr, net/py-tldextract

(adam)

py-tldextract: updated to 3.6.0

3.6.0 (2023-09-19)

* **Breaking** bugfixes
    * Always include suffix if private suffix enabled and private suffix exists
        * Add a 4th field `is_private: bool`, to the `ExtractResult`
          `namedtuple`, indicating whether the extraction came from the PSL's
          private domains or not.
        * **This could cause issues when iterating over the tuple and assuming
          only 3 fields.**
        * Previously, the docs promoted iteration to rejoin parts of the tuple.
          This is better achieved by individual access of fields of interest
          (e.g. `ExtractResult.subdomain`) or convenience properties (e.g.
          `ExtractResult.{fqdn,registered_domain}`).

(adam)

py-netaddr: updated to 0.9.0

Release: 0.9.0

Added:

* Add hash capabilities to OUI

Fixed:

* **Backwards incompatible:** Handle RFC 6164 IPv6 addresses (don't reserve first IP
  address in point-to-point subnets) ($267, Damien Claisse)
* **Technically backwards incompatible:** Fix for is_loopback behaviour – consider
  ``IPNetwork('::1/128')`` to be loopback
* Include tutorials in source distributions
* Fix a documentation typo
* Fix print syntax in the documentation to be Python 3 compatible
* Fix the Sphinx syntax in the documentation

(adam)

fix build with GCC 12.

from upstream's upstream:
  https://chromium.googlesource.com/skia/+/cd397f3c4738beb6%5E%21/

(mrg)

doc: Updated cad/klayout to 0.28.12

(mef)

(cad/klayout) Updated 0.28.10 to 0.28.12

0.28.12          (2023-09-12):
* Bugfix: %GITHUB%/issues/1477 Macro IDE: changing the colors does not have an effect
* Bugfix: %GITHUB%/issues/1474 Throw a FATAL ERROR when multiple cellname have the same refnum
* Bugfix: %GITHUB%/issues/1473 Ignore 'Summarize missing layers' when sending XOR result to other layout)
* Bugfix: %GITHUB%/issues/1472 DEF path with first/last segment length < halfwidth are read wrong
* Bugfix: %GITHUB%/issues/1471 Make warning about 'FOREIGN differs from MACRO name' more informative
* Bugfix: %GITHUB%/issues/1470 DEF pinname VDD.extra1 should be written as VDD TEXT in gds/oasis
* Bugfix: %GITHUB%/issues/1465 (maybe fixed) DRC crash at end of script
* Bugfix: %GITHUB%/issues/1464 Layout#get_info and Layout#set_info not longer segfault on wrong layer index
* Bugfix: %GITHUB%/issues/1460 CellRename dialog is larger now initially
* Enhancement: %GITHUB%/issues/1307 (partial) Produce UNPLACED macros if location is provided
* Enhancement: New aliases for inline operators (e.g. "+=") in RBA::Region and similar classes
  Reasoning is that "+=" in Ruby is resolved into "+" and "=" which does not make
  use of the inline optimization. Using "join_with" instead will avoid this. Other alias:
  "join" for "+", "and" for "&", "and_with" for "&=", "not" for "-", "not_with" for "-=",
  "or" for "|", "or_with" for "|=", "xor" for "^" and "xor_with" for "^=".
* Bugfix: deep region 'transform' with plain shift was not working properly with scaled instances
* Bugfix: re-run of include-expanded DRC/LVS wasn't working
* Bugfix: Proper Python stack trace in debugger for Python 3.10
* Enhancement: Allowing to select cells by error markers too (so that PCells with errors can be selected)
* Bugfix: avoid a segfault in the properties dialog
* Enhancement: crash log now is shown in a more reliable way - but less fancy.
  In addition, a crash log is written 'klayout_crash.log' in the home path
  and the crash message is printed to error.
* Bugfix: Don't clear search when switching macro editor pages
* Enhancement: Macro editor file change notification now also is no longer a modal window
* Enhancement: Macro editor does not list __pycache__ directories
* Enhancement: Pick a tab in Macro editor from the context menu of tab bar
* Bugfix: moving a text with a non-centered vertical alignment now uses the right location
* Enhancement: 'copy interactive' will maintain selection
* Enhancement Better integration of partial mode - for example 'interactive move' now also acts on partial selection
* Bugfix: cleanup after deleting cells in partial mode - no new top cells appear
* Enhancement: package manager
  * So not update macros while installing: avoids transient error messages
  * Offer to autorun macros also after package update (so far only on package new installation
* Bugfix: Fixed a issue with the search box on the macro editor
  when switching to the replace text box, focus was passed to the text editor instead
* Enhancement: CIF reader progress now functional
* Enhancement: some speedup while sorting instances
* Bugfix: LayoutView does not longer need processEvents when saving an image to PNG

0.28.11          (2023-08-09):
* Bugfix: %GITHUB%/issues/1307 (partial) LEF/DEF PIN labels are taken from NET, not PIN name
* Bugfix: %GITHUB%/issues/1415 GDS2 files with meta info are not read by old versions of KLayout
* Bugfix: %GITHUB%/issues/1422 DXF file parsing error, about spline curve
* Bugfix: %GITHUB%/issues/1425 Python Binding / Layout / find_layer broken for layer "name"
* Bugfix: %GITHUB%/issues/1428 Feature request: "%include" in macros should allow including XML files too
* Bugfix: %GITHUB%/issues/1430 Add option to filter out geometric primitives from Marker Database Browser Info widget
* Bugfix: %GITHUB%/issues/1432 strm2oas def ignores path segment after + VIRTUAL + RECT
* Bugfix: %GITHUB%/issues/1433 Fix def syntax error in testdata/lefdef/viasize2/test.def
* Bugfix: %GITHUB%/issues/1453 Zoom (in) function with selected layers significantly slower in newer releases
* Enhancement: %GITHUB%/issues/1438 Provide a configuration option to switch back to old-style text selection (at origin only)
* Enhancement: %GITHUB%/issues/1440 Relative margin for Marker Database Browser
* Enhancement: %GITHUB%/issues/1441 Support for label position in Marker Database Browser
* Enhancements:
  - Add a default extension to file names unless one is given
  - Selection on partial mode enhanced: allow selection of edge
    ends if edges overlap, graphical indicator for selected partial
  - Wheel events do no longer change Combo Box selections
  - DRC/LVS: log output overhead reduced for faster execution in
    small layout cases
  - Added RBA::Image/pya.Image constructor taking QImage and PixelBuffer
  - Point objects are native citizens now of the database and act as
    representatives for handles, better editing and visualization of
    the latter
  - Macro editor has "find previous" button now
  - Mitigate the effect of overriding a globally-defined technology
    with -nn on the command line by creating tech variants
  - LEF/DEF map files now allow LEFPINNAME and PINNAME purpose to
    map pin labels in a more consistent way
* Bugfix:
  - Tilde expansion wasn't working for layout write
  - Python specific API documentation did not mention disambiguation
    for property/method ambiguity
  - Python error messages are more readable and contain the exception
    class
  - PCell layer-type parameters did not work without a default value
  - Point-like PCell handles now cannot be spoiled any longer in partial
    mode
  - "Duplicate" was also duplicating cells or layers depending on the
    scope which was irritating. Now it's confined to geometry
  - DRC/LVS logs list the correct line also with include files
  - "report" wasn't working in DRC/LVS scripts for scripts only using
    external sources
  - Fixed a potential segfault on application exit
  - Enhancements to the macro editor's search & replace function -
    "replace and search next" wasn't working properly and other flaws

(mef)

(vins)

doc: Updated devel/regal to 0.9.0

(leot)

regal: Update to 0.9.0

Changes:
0.9.0
-----
This release brings three new rules to Regal, a new Rego-based build
system, and improvements to the Go API. Plus a number of improvements,
features and bugfixes.

The v0.9.0 release also coincides with some exciting news from our
community — users of the Rego Playground now experience Regal
integrated in the tool, and have linter violations reported directly in
the UI!

## New rule: `dubious-print-sprintf` (Category: `testing`)

This new rule will flag the use of `print` together with `sprintf` in
it's argument list. The `print` function takes any number of arguments
as it is, and using `sprintf` negates the benefits of the `print`
functions special handling of undefined values.

## New rule: `forbidden-function-call` (Category: `custom`)

In the custom category, the new `forbidden-function-call` rule will
allow you to configure a list of built-in functions that should be
flagged by Regal if encountered. This could for example be `http.send`
calls, or JWT decoding using HMAC rather than assymetric crypto.

## New rule: `chained-rule-body` (Category: `style`)

The new chained-rule-body rule will have Regal flag rules where the
body is "chained", as this style isn't recommended any more.

## Go API (experimental)

While integrations using the Go API is still not recommended, several
steps were taken in this release in order to move it closer to a stable
state. This work was done in order to get Regal integrated into the
Rego Playground.

## Other improvements and fixes

- Custom configuration for a rule is no longer required to provide a
  `level` attribute. If not provided, the level will be inherited from
  the default configuration for that rule.
- The `walk` built-in function is now by default excepted by the
  `function-arg-return` rule.
- The `regal lint` command now accepts a `--metrics` flag, which will
  provide helpful information on where Regal spends most of the time
  evaluating a project.

(leot)

net/bind918: update HOMEPAGE to the place the previous version redirects to.

(he)

net/bind*: Fix DESCR

Drop NEWS-type content from bind916.

all: Add final paragraph describing which version this is, and
upstream support status.

(gdt)

net/bind918: amend link in DESCR...

so that the most recent release notes can be more easily found.
OK'ed by sekiya@.

(he)

doc: Updated meta-pkgs/xfce4-extras to 4.18.1nb1

(gutteridge)

xfce4-extras: reflect xfce4-notifyd 0.9.0

(gutteridge)

doc: Added sysutils/yazi version 0.1.4

(pin)

Add yazi

(pin)

sysutils/yazi: import package

Blazing Fast Terminal File Manager.

Yazi (duck in Chinese) is a terminal file manager written in Rust, based on
non-blocking async I/O.
It aims to provide an efficient, user-friendly, and customizable file
management experience.

(pin)

xfce4-notifyd: commit patch revision missed in previous

(gutteridge)

doc: Updated x11/xfce4-notifyd to 0.9.0

(gutteridge)

xfce4-notifyd: update to 0.9.0

Change log:

0.9.0 (2023-09-18)
=====
- Add missing sanity check
- I18n: Update po/LINGUAS list
- I18n: Update po/LINGUAS list
- I18n: Update po/LINGUAS list
- wayland: put windows on overlay layer, not top
- Set window theme before placing window
- Set initial window position before realizing windows
- Avoid storing NULL app IDs in the app ID count hashtable
- Simplify dbus/systemd service dir logic in configure.ac
- Fix typos in README
- Instal D-Bus and systemd files under $prefix by default
- Fix distcheck when run as non-root
- Use pkg-config to find default systemd user unit directory
- Change default systemd user path from /lib/... to /usr/lib/...
- Change options for installing startup files
- Add positioning options top-center and bottom-center
- Simplify notification placement code
- Stop using GtkCornerType; migrate setting to enum nick
- Move log level settings from int to enum nick string
- Move datetime format setting from int to enum nick string
- Have a single entry point for setting migrations
- Fix incorrect enum value for apps log level
- Use registered enum types for config->enum mapping
- Move enums to common, use glib-mkenums
- Use new XDT feature macros
- Don't log duplicate entries when updating an existing notification
- Clean up logic in notify_notify()
- Correctly update critical notifications while in DnD mode
- Fix incorrect casts in GTree foreach functions
- Remove expire/fade timeout source removal hacks
- Missed a spot to reset fade/slide
- Allow slideout when no fadeout
- Only start fade timeout if no existing handle
- Only start expiration timeout if no existing handle
- Ensure timeout sources are removed in _window_dispose()
- Move log dbus signal emissions to XfceNotifyDaemonLog
- Remove expire and fade sources before emitting closed signal
- Emit NotificationClosed when not showing notification
- Consolidate the window movement code
- Add option to show notifications on all monitors
- Migrate the primary-monitor setting to a string-based enum
- Translation Updates:
  Albanian, Armenian (Armenia), Basque, Belarusian, Bulgarian, Catalan,
  Chinese (China), Chinese (Taiwan), Croatian, Czech, Danish, Dutch,
  Eastern Armenian, English (Australia), English (United Kingdom),
  Estonian, Finnish, French, Galician, Georgian, German, Greek, Hebrew,
  Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese,
  Kazakh, Korean, Lithuanian, Malay, Norwegian Bokm奪l, Polish,
  Portuguese, Portuguese (Brazil), Russian, Serbian, Slovak, Slovenian,
  Spanish, Swedish, Thai, Turkish, Ukrainian

(gutteridge)

doc: Updated net/libsoup3 to 3.4.3

(gutteridge)

libsoup3: update to 3.4.3

Changes in libsoup from 3.4.2 to 3.4.3:

* Fix incorrect UTF-8 encoding for params in headers [Leo Zi-You Assini]
* Numerous HTTP/2 fixes and improvements [Carlos Garcia Campos]
* Fix possible crashes in connection management [Michael Catanzaro]
* Fix small leak in SoupServer [Emil Ljungdahl]
* Fix the possibility of empty HTTP/2 frames being sent [Pawel Lampe]

(gutteridge)

doc: Updated net/mosquitto to 2.0.18

(gdt)

net/mosquitto: Update to 2.0.18

2.0.18 - 2023-09-18
===================

Broker:
- Fix crash on subscribe under certain unlikely conditions. Closes #2885.
  Closes #2881.

Clients:
- Fix mosquitto_rr not honouring `-R`. Closes #2893.

(gdt)

Updated devel/libnjs to 0.8.1
Updated lang/njs to 0.8.1
Updated www/nginx to 1.24.0nb11
Updated www/nginx-devel to 1.25.2nb1
Updated www/unit to 1.31.0nb1

(osa)

*/*: update NGINX JavaScript 0.8.0 -> 0.8.1

Bump PKGREVISION for www/nginx, www/nginx-devel, and www/unit.

<ChangeLog>

    nginx modules:

    *) Feature: introduced js_periodic directive.
        The directive specifies a JS handler to run at regular intervals.

    *) Feature: implemented items() method for a shared dictionary.
      The method returns all the non-expired key-value pairs.

    *) Bugfix: fixed size() and keys() methods of a shared dictionary.

    *) Bugfix: fixed erroneous exception in r.internalRedirect()
      introduced in 0.8.0.

    Core:

    *) Bugfix: fixed incorrect order of keys in
      Object.getOwnPropertyNames().

</ChangeLog>

(osa)

doc: Updated www/ruby-faraday to 2.7.11

(taca)

www/ruby-faraday: update to 2.7.11

2.7.11 (2023-09-13)

What's Changed

* Refer to correct branch [ci skip] by @olleolleolle in #1516
* �沒� New docs �沁� by @iMacTia in #1517
* Fix capitalization for Elasticsearch by @picandocodigo in #1520
* Fix 404 link in UPGRADING documentation by @shanempope in #1521
* Fix included middleware links by @edwardloveall in #1522
* Fix a test failure using Ruby 3.3.0dev by @koic in #1523
* Format code with less indent by @olleolleolle in #1524
* Add base64 to runtime dependency by @koic in #1525
* Add option for omitting request data from Faraday exceptions by
  @ClaytonPassmore in #1526

New Contributors

* @picandocodigo made their first contribution in #1520
* @shanempope made their first contribution in #1521
* @edwardloveall made their first contribution in #1522
* @koic made their first contribution in #1523
* @ClaytonPassmore made their first contribution in #1526

(taca)

doc: Updated www/ruby-excon to 0.103.0

(taca)

www/ruby-excon: update to 0.103.0

0.103.0 (2023-09-13)

* fix cert related warnings
* update checkout github action
* add option to specify dns_timeout
* update bundled default certs

(taca)

doc: Updated www/ruby-aws-sdk-core to 3.181.1

(taca)

www/ruby-aws-sdk-core: update to 3.181.1

3.181.1 (2023-09-14)

* Issue - Fix host label validation in endpoint matchers.

(taca)

doc: Updated www/ruby-aws-partitions to 1.824.0

(taca)

www/ruby-aws-partitions: update to 1.824.0

1.824.0 (2023-09-15)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

1.823.0 (2023-09-14)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

1.822.0 (2023-09-13)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

1.821.0 (2023-09-12)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

1.820.0 (2023-09-08)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

1.819.0 (2023-09-07)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

1.818.0 (2023-09-06)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

1.817.0 (2023-09-05)

* Feature - Updated the partitions source data the determines the AWS
  service regions and endpoints.

(taca)