doc/TODO: + librsvg-2.56.3.

(wiz)

Added security/py-truststore; Updated devel/py-pdm

(adam)

py-pdm: updated to 2.9.1

Release v2.9.1 (2023-09-03)
---------------------------

Features & Improvements

- Support convert setup.cfg without existing setup.py.

Bug Fixes

- `pdm run` should only find local file if the command starts with `./`.

Release v2.9.0 (2023-08-31)
---------------------------

Features & Improvements

- Add an `--overwrite` option to `pdm init` to overwrite existing files(default False).
- Support passing filter patterns as positional arguments to `pdm list` command.
Add `--tree` as an alias and preferred name of `--graph` option.
- Switch to truststore by default.
- Consider packages as installed if the venv includes them from the system-site-packages.
- Allow `pdm run` to run a script with the relative or absolute path.

Bug Fixes

- Fix a bug that removing dev dependency uninstalls the project as well.
- Fix a bug that `@ file://` dependencies can not be updated.
- Fix a bug that dependencies requested out of the range of `requires-python` cause PDM to crash.
- Fix the compatibility issue with copier 8.0+.
- Makes `comarable_version("1.2.3+local1") == Version("1.2.3")`.
- Default behavior for pdm venv activate when shell detection fails.
- Handle parsing errors when converting from poetry-style metadata.
- Don't copy .pyc files from the template directory.

Removals and Deprecations

- Remove the legacy build backend `pdm-pep517`.

(adam)

py-truststore: added version 0.8.0

Truststore is a library which exposes native system certificate stores (ie
"trust stores") through an ssl.SSLContext-like API. This means that Python
applications no longer need to rely on certifi as a root certificate store.
Native system certificate stores have many helpful features compared to a
static certificate bundle like certifi:

* Automatically update certificates as new CAs are created and removed
* Fetch missing intermediate certificates
* Check certificates against certificate revocation lists (CRLs) to avoid
  monster-in-the-middle (MITM) attacks
* Managed per-system rather than per-application by a operations/IT team
* PyPI is no longer a CA distribution channel

(adam)

doc: Updated graphics/wallust to 2.6.2

(pin)

graphics/wallust: update to 2.6.2

- improve performance on `colorspaces` (8dc5731843)
- update dependencies

(pin)

doc: Updated sysutils/ripdrag to 0.4.4

(pin)

py-build: reflect @wiz's changes in files/setup.py

(adam)

sysutils/ripdrag: update to 0.4.4

- Fix #32

(pin)

doc: Updated textproc/lok to 0.2.4

(pin)

textproc/lok: update to 0.2.4

- Add Clojure/C/Dart/Script and EDN to the languages list
- cargo fmt

(pin)

py-build: remove unneeded dependency

Fixes dependency cycle.

(wiz)

doc: Updated editors/tp-note to 1.21.15

(pin)

editors/tp-note: update to 1.21.15

Fix filename related edge cases

This release fixes some filename related edge cases:

* Prepend `filename.sort_tag_extra_separator` in case the note's title
  field is empty.
* Append `filename.copy_counter_extra_separator` in case the file stem
  resembles a copy counter.

(pin)

doc: Updated editors/feathernotes to 1.1.1

(pin)

editors/feathernotes: update to 1.1.1

● Fixed the initial font of the node font dialog.
● Start searching in node names when Slash is pressed inside the side-pane.
● Enable/disable the Paste actions appropriately.
● Don't insert garbage when an image can't be loaded.

(pin)

doc: Updated fonts/font-util to 1.4.1

(wiz)

font-util: update to 1.4.1.

Alan Coopersmith (1):
      Remove "All rights reserved" from Oracle copyright notices

Peter Hutterer (2):
      Replace unicode files with ones that provide better terms of use
      font-util 1.4.1

(wiz)

doc: Updated filesystems/libntfs to 2022.10.3

(vins)

filesystems/libntfs filesystems/libntfs sysutils/ntfsprogs: update to 2022.10.3

# CHANGES (since release 2017.3.23)

## Security release 2022.10.3 (Oct 31, 2022)
* Rejected zero-sized runs
* Avoided merging runlists with no runs

## Security version 2022.5.17 (May 26, 2022)
* Improved defence against maliciously tampered NTFS partitions
* Improved defence against improper use of options
* Updated the documentation

## Stable Version 2021.8.22 (August 30, 2021)
* Fixed compile error when building with libfuse < 2.8.0
* Fixed obsolete macros in configure.ac
* Signalled support of UTIME_OMIT to external libfuse2
* Fixed an improper macro usage in ntfscp.c
* Updated the repository change in the README
* Fixed vulnerability threats caused by maliciously tampered NTFS partitions

## Stable Version 2017.3.23AR.6 (February 1, 2021)
* Used kernel cacheing on read-only mounts or with lowntfs-3g
* Avoided information leak when processing garbled compressed data
* Defined option posix_nlink to compute a Posix compliant st_nlink
* Recovered space when an index root is shortened
* Replaced ENODATA with ENOATTR in xattrs functions for macOS
* Added support for 'position' argument in macOS xattr functions
* Changed default xattr access method to 'openxattr' for macOS builds
* Allowed redefining the target location of the ntfsprogs tools
* Fixed updating the allocated size when attribute lies in an extent
* Enabled actions on directories in reparse plugins
* Inserted the reparse tag in the bad reparse symlink
* Supported use of WSL special files
* Dropped rejecting having both EA and reparse data
* Enabled Creating special files the same way as WSL
* Checked the locations of MFT and MFTMirr at startup

## Stable Version 2017.3.23AR.5 (April 1, 2020)
* Processed the request argument of ioctl() as unsigned
* Accepted alternative recording of cluster size
* Fixed a poorly sized string in ntfsinfo
* Fixed ntfsfallocate on a void file
* Decoded execlink reparse points
* Fixed object type returned in readdir() for reparse points
* Exported the translations of Windows paths to current ones

## Stable Version 2017.3.23AR.4 (March 1, 2019)
* Fixed reporting an error when failed to build the mountpoint
* Reverted accessing reparse directory through internal plugins
* Cleaned object ids beyond the updated part
* Fixed reacting to missing plugin
* Returned a low level error when an ioctl fails
* Truncated SSD trimming zones to granularity supported by the device

## Stable Version 2017.3.23AR.3 (September 1, 2018)
* Made sure log file buffers are properly aligned
* Made reparse directories visible through internal plugins
* Added an option to ntfscp to copy the modification time
* Renamed undeleted files to avoid overwriting existing ones
* Extended the allowed cluster size to 2MB
* Allocated full clusters for reading and rescuing in ntfsclone
* Prevented locally defined headers from interfering with ntfs-3g ones
* Attempted mounting read-only after failed permission to read-write
* Fixed collecting the label argument in mkntfs

## Stable Version 2017.3.23AR.2 (March 1, 2018)
* Made sure log file buffers are properly aligned
* Checked log file blocks more recent than temporary ones
* Processed redo log actions associated to undoing a CompensationlogRecord
* Allowed setting a file object id without defining its birth ids
* Documented read-only mount when Windows is hibernated
* Stopped checking matches of MFTMirr against MFT at record 16
* Filtered out reparse flags for selecting plugins
* Delayed updating the MFT runlist when resizing in read-only mode
* Double-checked whether record 15 is an extent of MFT
* Checked whether the device to mount was forced read-only

## Stable Version 2017.3.23AR.1 (October 1, 2017)
* Bypassed cluster allocation errors using --ignore-fs-check in ntfsclone
* Upgraded ntfsrecover to support log files for Windows 10
* Fixed the computation of highest_vcn when applying a runlist fixup
* Fixed updating the vcn of subtree in ntfsrecover
* Relaxed checks on security descriptors
* Enabled directory operations in plugins
* Decoded more reparse tags in ntfsinfo
* Logged falling back to mounting read-only
* Fixed compiling on MacOSX (Erik Larsson)

(vins)

doc: Updated games/openrct2 to 0.4.6

(triaxx)

openrct2: Update to 0.4.6

upstream changes:
-----------------
0.4.6 (2023-09-03)
------------------------------------------------------------------------
- Feature: [#15660] Ability to show window buttons on the left.
- Feature: [#20680] New title sequences (https://github.com/OpenRCT2/title-sequences/releases/tag/v0.4.6).
- Feature: [OpenMusic#41] Official Title Theme by Allister Brimble.
- Improved: [#20119, #20243] Add new colour presets to several roller coasters (using the new colours).
- Improved: [#20393, #20410] Add Cyrillic characters Ґґ, Ѕѕ, Єє, Іі, Її, and Јј to the sprite font.
- Change: [#19785] OpenMusic is now selected by default when opening SC4/SC6 - or creating new - scenarios.
- Change: [#20110] Fix a few RCT1 build height parity discrepancies.
- Change: [#20550] Change SEK conversion rate from 1 GBP to 0.1 GBP.
- Fix: [#6152] Camera and UI are no longer locked at 40 Hz, providing a smoother experience.
- Fix: [#9534] Screams no longer cut-off on steep diagonal drops.
- Fix: [#17666] Using the mountain tool near the edge of the map with clearance checks disabled causes visual glitches.
- Fix: [#19450] The correct element is now auto-suggested when building a Medium Half Loop backwards.
- Fix: [#19735] Server unable to advertise to master server after a connection loss.
- Fix: [#19822] Tile inspector does not deep copy banners.
- Fix: [#19823] Parkobj: disallow overriding objects of different object types.
- Fix: [#19878] Unresearched scenery can be placed via prebuilt rides.
- Fix: [#20083] Cannot use terrain surfaces with ID > 32 and terrain edges with ID > 16.
- Fix: [#20089] Potential crash when a window is closed from another window.
- Fix: [#20103] [Plugin] Crash when custom plugin actions fail due to immutable state.
- Fix: [#20111] All coaster types can access the new diagonal slope pieces.
- Fix: [#20155] Fairground organ style 2 shows up as regular music, rather than for the merry-go-round.
- Fix: [#20260] Ride locks up when inspecting/fixing staff member is fired.
- Fix: [#20262] Title screen music missing when “random” title music is selected and RCT1 is no longer linked.
- Fix: [#20310] Map animations are not created on the title screen.
- Fix: [#20342] Large Half Loop (left) now only appears once in the special elements dropdown.
- Fix: [#20361] Crash when using random map generation.
- Fix: [#20364] Adding too much money with cheats causes an overflow.
- Fix: [#20365] Money cheat input does not support negative values.
- Fix: [#20389] Reversed vehicles are now correctly banked on diagonal slopes.
- Fix: [#20413] Crash when attempting to navigate an empty console history.
- Fix: [#20417] Plugin/custom windows are missing the left border in the title bar.
- Fix: [#20429] Error window tooltip not closing after 8 seconds.
- Fix: [#20456] Downward large half loops on flying coasters (fly-to-lie) are now correctly named.
- Fix: [#20484] Console caret not properly updated when using command history.
- Fix: [#20496] Ride rating requirements for compact inverted coasters is no longer relaxed.
- Fix: [#20543] Crash using show segments height from debug paint options.
- Fix: [#20607] Infinite loop when renaming rides with default names longer than 32 bytes.
- Fix: [#20642] Track list is sometimes empty due to uninitialized data for the filter string.
- Fix: [#20659] Phantom rides remain when closing construction window while paused.
- Fix: [#20672] Maze ghost elements incorrectly displayed.
- Fix: [#20684] Footpath additions getting removed by Miniature railway ghost elements.
- Fix: [#20693] Incorrect information shown when hovering over station when another station before it was removed.
- Fix: [#20739] Build version info on title screen leaving stray pixels when the camera is moved.

(triaxx)

Updated devel/py-test, devel/py-faker

(adam)

py-faker: updated to 19.4.0

19.4.0
Unknown changes

(adam)

py-test: updated to 7.4.2

pytest 7.4.2 (2023-09-07)
=========================

Bug Fixes
---------
- Fix doctest collection of `functools.cached_property` objects.
- Fixed bug using ``--importmode=importlib`` which would cause package ``__init__.py`` files to be imported more than once in some cases.
- Fixed bug where `user_properties` where not being saved in the JUnit XML file if a fixture failed during teardown.
- Fixed crash when parsing long command line arguments that might be interpreted as files.

Improved Documentation
----------------------
- Improved disclaimer on pytest plugin reference page to better indicate this is an automated, non-curated listing.

(adam)

filesystems/fuse: fix compile warning and bump revision.

(vins)

filesystems/fuse: bring Linux build in par with current version.

(vins)

doc: Updated filesystems/fuse to 2.9.9

(vins)

*: revbump after filesystems/fuse update.

(vins)

filesystems/fuse: update to fuse-2.9.9.

This is the last and most recent maintainance release for the 2.x
branch.

# Changes (since version 2.9.3)

FUSE 2.9.9 (2019-01-04)
=======================

* Added OpenAFS to whitelist (so users can now mount FUSE filesystems
  on mountpoints within OpenAFS filesystems).
* Added a test of `seekdir` to test_syscalls.
* Fixed `readdir` bug when non-zero offsets are given to filler and the
  filesystem client, after reading a whole directory, re-reads it from a
  non-zero offset e. g. by calling `seekdir` followed by `readdir`.

FUSE 2.9.8 (2018-07-24)
=======================

* SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the `allow_other` option even when
  this was forbidden in `/etc/fuse.conf`.  The vulnerability is
  present only on systems where SELinux is active (including in
  permissive mode).
* libfuse no longer segfaults when fuse_interrupted() is called outside
  the event loop.
* The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
* Fixed rename deadlock on FreeBSD.

FUSE 2.9.7 (2016-06-20)
=======================

* Added SELinux support.
* Fixed race-condition when session is terminated right after starting
  a FUSE file system.

FUSE 2.9.6 (2016-04-23)
=======================

* Tarball now includes documentation.
* Shared-object version has now been bumped correctly.

FUSE 2.9.5 (2016-01-14)
=======================

* New maintainer: Nikolaus Rath <Nikolaus@rath.org>. Many thanks to
  Miklos Szeredi <miklos@szeredi.hu> for bringing FUSE to where it is
  now!

* fix warning in mount.c:receive_fd().  Reported by Albert Berger

* fix possible memory leak.  Reported by Jose R. Guzman

FUSE 2.9.4 (2015-05-22)
=======================

* fix exec environment for mount and umount.  Found by Tavis Ormandy
  (CVE-2015-3202).

* fix fuse_remove_signal_handlers() to properly restore the default
  signal handler.  Reported by: Chris Johnson

* highlevel API: fix directory file handle passed to ioctl() method.
  Reported by Eric Biggers

* libfuse: document deadlock avoidance for fuse_notify_inval_entry()
  and fuse_notify_delete()

* fusermount, libfuse: send value as unsigned in "user_id=" and
  "group_id=" options.  Uids/gids larger than 2147483647 would result
  in EINVAL when mounting the filesystem.  This also needs a fix in
  the kernel.

* Initilaize stat buffer passed to ->getattr() and ->fgetattr() to
  zero in all cases.  Reported by Daniel Iwan

* libfuse: Add missing includes.  This allows compiling fuse with
  musl.  Patch by Daniel Thau

(vins)

print/mupdf: update buildlink file.

(vins)

doc: Updated pkgtools/pkglint to 23.2.3

(rillig)

pkgtools/pkglint: update to 23.2.3

Changes since 23.2.2:

Warn about platform-specific variables in parameterized variables,
except for OPSYS-specific variables in conditions for that particular
operating system.

Allow the tilde character in lists of Go modules.

Use correct plural form in messages about invalid characters.

(rillig)

Updated devel/py-meson_python, databases/py-sqlparse

(adam)

py-sqlparse: updated to 0.4.4

Release 0.4.4 (Apr 18, 2023)
----------------------------

Notable Changes

* IMPORTANT: This release fixes a security vulnerability in the
  parser where a regular expression vulnerable to ReDOS (Regular
  Expression Denial of Service) was used. See the security advisory
  for details: https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
  The vulnerability was discovered by @erik-krogh from GitHub
  Security Lab (GHSL). Thanks for reporting!

Bug Fixes

* Revert a change from 0.4.0 that changed IN to be a comparison (issue694).
  The primary expectation is that IN is treated as a keyword and not as a
  comparison operator. That also follows the definition of reserved keywords
  for the major SQL syntax definitions.
* Fix regular expressions for string parsing.

Other

* sqlparse now uses pyproject.toml instead of setup.cfg (issue685).

Release 0.4.3 (Sep 23, 2022)
----------------------------

Enhancements

* Add support for DIV operator (pr664, by chezou).
* Add support for additional SPARK keywords (pr643, by mrmasterplan).
* Avoid tokens copy (pr622, by living180).
* Add REGEXP as a comparision (pr647, by PeterSandwich).
* Add DISTINCTROW keyword for MS Access (issue677).
* Improve parsing of CREATE TABLE AS SELECT (pr662, by chezou).

Bug Fixes

* Fix spelling of INDICATOR keyword (pr653, by ptld).
* Fix formatting error in EXTRACT function (issue562, issue670, pr676, by ecederstrand).
* Fix bad parsing of create table statements that use lower case (issue217, pr642, by mrmasterplan).
* Handle backtick as valid quote char (issue628, pr629, by codenamelxl).
* Allow any unicode character as valid identifier name (issue641).

Other

* Update github actions to test on Python 3.10 as well (pr661, by cclaus).

Release 0.4.2 (Sep 10, 2021)
----------------------------

Notable Changes

* IMPORTANT: This release fixes a security vulnerability in the
  strip comments filter. In this filter a regular expression that was
  vulnerable to ReDOS (Regular Expression Denial of Service) was
  used. See the security advisory for details: https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-p5w8-wqhj-9hhf
  The vulnerability was discovered by @erik-krogh and @yoff from
  GitHub Security Lab (GHSL). Thanks for reporting!

Enhancements

* Add ELSIF as keyword (issue584).
* Add CONFLICT and ON_ERROR_STOP keywords (pr595, by j-martin).

Bug Fixes

* Fix parsing of backticks (issue588).
* Fix parsing of scientific number (issue399).

Release 0.4.1 (Oct 08, 2020)
----------------------------

Bug Fixes

* Just removed a debug print statement, sorry...

Release 0.4.0 (Oct 07, 2020)
----------------------------

Notable Changes

* Remove support for end-of-life Python 2.7 and 3.4. Python 3.5+ is now
  required.
* Remaining strings that only consist of whitespaces are not treated as
  statements anymore. Code that ignored the last element from
  sqlparse.split() should be updated accordingly since that function
  now doesn't return an empty string as the last element in some
  cases (issue496).

Enhancements

* Add WINDOW keyword (pr579 by ali-tny).
* Add RLIKE keyword (pr582 by wjones1).

Bug Fixes

* Improved parsing of IN(...) statements (issue566, pr567 by hurcy).
* Preserve line breaks when removing comments (issue484).
* Fix parsing error when using square bracket notation (issue583).
* Fix splitting when using DECLARE ... HANDLER (issue581).
* Fix splitting of statements using CASE ... WHEN (issue580).
* Improve formatting of type casts in parentheses.
* Stabilize formatting of invalid SQL statements.

(adam)

py-meson_python: updated to 0.14.0

0.14.0
======

- Do not run ``meson install`` to build a wheel. This was unnecessary
  as files are added to the wheel from the build and source
  directories. This does not affect the handling of ``meson install``
  options, which are interpreted by ``meson-python`` itself.
- Obey the ``--skip-subprojects`` when specified for the ``meson
  install`` command.
- Implement support for the ``exclude_directories`` and
  ``exclude_files`` arguments to Meson ``install_subdir()`` function
  and similar installation functions. This requires Meson version
  1.1.0 or later.
- Implement support for building wheels targeting the Python limited
  API. Extension modules targeting the Python limited API can be
  easily built starting with the upcoming Meson 1.3.0 release.
- when ``pyproject.toml`` does not contain a ``version`` field and
  ``version`` is not declared dynamic, raise an error instead of
  silently using the version declared in ``meson.build``.
- Fix the mtime of source files in the sdist tarball.
- Add ``objc`` and ``objcpp`` compilers to the cross file generated
  when the ``$ARCHFLAGS`` is set.
- Extensive documentation improvements.

(adam)

zathura-pdf-mupdf: bump revision after mupdf update.

(vins)

print/mupdf: better sort Makefile.

(vins)

grafana: Fix build on illumos.

(jperkin)

mupdf: fix small typo in patch description.

(vins)

inputmethod/anthy: restore checksums for optional dictionaries

(taca)

doc: Updated print/mupdf to 1.23.3

(vins)

print/mupdf: update to MuPDF 1.23.3

# Changes (local)

  * Import patch from OpenBSD ports, adding support for fine-grained zoom.
  * Fix scrolling with vi-like bindings (from FreeBSD ports).
  * Use REPLACE_INTERPRETER instead of an ad-hoc patch.
  * Don't install html documentation (turn it into an option in future?)
  * Provide .desktop application file and pixmap for mupdf.
  * Avoid executable bit being set on static libs.
  * Other minor fixes.
  * Package linted.

# Changes (upstream)

## 1.23.3 (2023-09-05)

  * Fix bug where an inconsistent xref caused problems when saving PDF.

## 1.23.2 (2023-08-31)

  * Fixes needed to allow tesseract builds in C++/Python bindings.

## 1.23.1 (2023-08-29)

  * Fix bug where implicit operations where not ended when creating
    signature widget annotations.
  * Fix bug where saving an encrypted PDF requiring encryption could
    cause an invalid saved file.
  * Fix bug where ink annotation line caps adhered to rendering in older
    Adobe Acrobat Reader.
  * Fix compilation issue of shared library used in pythong bindings.

## 1.23.0 (2023-08-22)

New features:

  * New WASM library with same API as mutool run and Java, for both
    browser and Node environments.
  * Support CropBox, TrimBox, BleedBox, and ArtBox in PDF tools and
    viewers.
  * PhotoShop PSD image support.
  * mupdf-gl: Custom ICC display profile support.
  * mutool poster: Option to split in RTL direction.

Miscellaneous improvements and notable bug fixes:

  * EPUB: Fix table cell height calculations.
  * EPUB: Inherit table cell background color from table row.
  * EPUB: Support files with partial encryption (only read unencrypted
    parts).
  * EPUB: Support files with incorrect directory prefixes.
  * TIFF: Stability improvements.
  * MOBI: Stability improvements.
  * PDF: Support old style border dash patterns.
  * PDF: Support GoToR links to remote PDF documents.
  * PDF: Improve link parsing and creation.
  * ZIP: Improve unicode file name handling.
  * Fall back to unhinted fonts if hints are broken.
  * Recognize document types by sniffing contents (don't need to rely on
    mimetype or file extension).

New APIs:

  * More PDF document permission flags.
  * Tweaked exception error logging.
  * pdf_minimize_document to squeeze amount of memory used by an open
    document.

Incompatible API changes:

  * pdf_field_name renamed to pdf_load_field_name.
  * mutool run: Changed many methods to match Java and new WASM library.

New and improved documentation.

(vins)

doc: Updated devel/py-empty-files to 0.0.9

(schmonz)

Update to 0.0.9. From the changelog:

- Empty files will now just create a blank file if you have not setup
  openssl correctly for the version of urllib3. This mainly happens in
  python 3.7.

(schmonz)

doc: Updated print/lilypond to 2.24.2

(schmonz)

Update to 2.24.2. From the changelog:

- Update the library for garbage collection, addressing crashes when
  compiling very large scores (several hundreds of pages) on Windows

(schmonz)

Updated devel/py-build, textproc/py-pdf

(adam)

py-pdf: updated to 3.15.5

Version 3.15.5, 2023-09-03

Bug Fixes (BUG)
-  Cope with missing /I in articles
-  Fix image look-up table in EncodedStreamObject
-  remove_images not operating in sub level forms

Robustness (ROB)
-  Cope with damaged PDF

Version 3.15.4, 2023-08-27

Performance Improvements (PI)
-  Making pypdf as fast as pdfrw

Maintenance (MAINT)
-  Relax typing_extensions version

(adam)

py-build: updated to 1.0.3

1.0.3 (2023-09-06)
==================

- Avoid CPython 3.8.17, 3.9.17, 3.10.12, and 3.11.4 tarfile symlink bug
  triggered by adding ``data_filter`` in 1.0.0.

1.0.0 (2023-09-01)
==================

- Removed the ``toml`` library fallback; ``toml`` can no longer be used
  as a substitute for ``tomli``
- Added ``runner`` parameter to ``util.project_wheel_metadata``
- Modified ``ProjectBuilder`` constructor signature, added alternative
  ``ProjectBuilder.from_env`` constructor, redefined ``env.IsolatedEnv``
  interface, and exposed ``env.DefaultIsolatedEnv``, replacing
  ``env.IsolatedEnvBuilder``.  The aim has been to shift responsibility for
  modifying the environment from the project builder to the ``IsolatedEnv``
  entirely and to ensure that the builder will be initialised from an
  ``IsolatedEnv`` in a consistent manner.  Mutating the project builder is no
  longer supported.
- ``virtualenv`` is no longer imported when using ``-n``, for faster builds
- The SDist now contains the repository contents, including tests. Flit-core
  3.8+ required.
- The minimum version of ``importlib-metadata`` has been increased to 4.6 and
  Python 3.10 due to a bug in the standard library version with URL
  requirements in extras. This is still not required for 3.8 when bootstrapping
  (as long as you don't have URL requirements in extras).
- Docs now built with Sphinx 7
- Tests now contain a ``network`` marker
- Config-settings are now passed to ``get_requires*`` hooks, fixing a long
  standing bug. If this affects your setuptools build, you can use
  ``-C--build-option=<cmd> -C--build-option=<option>`` to workaround an issue
  with Setuptools not allowing unrecognised build options when running this
  hook.
- Test on Python 3.12 betas/RCs
- Filter out malicious files when extracting tar archives when Python supports it
- Specify encoding, fixing issues when ``PYTHONWARNDEFAULTENCODING`` is set.
- Ruff is now used for linting.

(adam)

openrct2: remove patch that is not in distinfo

(wiz)

sort

(jnemeth)

doc: Updated wm/obconf-qt to 0.16.3

(gutteridge)

obconf-qt: update to 0.16.3

obconf-qt-0.16.3 / 2023-08-16
=============================
  * Added missing copyright info.
  * Bumped the minimum required version of cmake to 3.5.0 (to silence a compilation warning).
  * Translation updates.

(gutteridge)

TODO: accountsservice now at 23.13.9

(gutteridge)

doc: Updated www/gitea to 1.18.5

(khorben)

gitea: update to 1.18.5

There have been a few security-related fixes between 1.18.0 and this
version. (XXX pull-up to pkgsrc-2023Q2)

This also includes a trivial fix in a comment for the default app.ini
configuration file.

Changes in 1.18.5:

* ENHANCEMENTS
  * Hide 2FA status from other members in organization members list
* BUGFIXES
  * Add force_merge to merge request and fix checking mergable
  * Use --message=%s for git commit message
  * Render access log template as text instead of HTML
  * Fix the Manually Merged form
  * Use beforeCommit instead of baseCommit
  * Display attachments of review comment when comment content is blank
  * Return empty url for submodule tree entries

Changes in 1.18.4:

* SECURITY
  * Provide the ability to set password hash algorithm parameters
  * Add command to bulk set must-change-password
* ENHANCEMENTS
  * Use import of OCI structs
  * Fix color of tertiary button on dark theme
  * Link issue and pull requests status change in UI notifications
    directly to their event in the timelined view.
* BUGFIXES
  * Notify on container image create
  * Fix blame view missing lines
  * Fix incorrect role labels for migrated issues and comments
  * Fix PR file tree folders no longer collapsing
  * Escape filename when assemble URL
  * Fix isAllowed of escapeStreamer
  * Load issue before accessing index in merge message
  * Improve trace logging for pulls and processes
  * Fix restore repo bug, clarify the problem of ForeignIndex
  * Add default user visibility to cli command "admin user create"
  * Escape path for the file list
  * Fix bugs with WebAuthn preventing sign in and registration.
  * Add missing close bracket in imagediff
  * Move code comments to a standalone file and fix the bug when adding
    a reply to an outdated review appears to not post(#20821)
  * Fix line spacing for plaintext previews
  * Fix wrong hint when deleting a branch successfully from pull request
    UI
  * Fix README TOC links
  * Fix missing message in git hook when pull requests disabled on fork
  * Improve checkIfPRContentChanged
  * Prevent duplicate labels when importing more than 99
  * Don't return duplicated users who can create org repo
* BUILD
  * Upgrade golangcilint to v1.51.0
* MISC
  * Use proxy for pull mirror
  * Use --index-url in PyPi description

Changes in 1.18.3:

* SECURITY
  * Prevent multiple To recipients
* BUGFIXES
  * Truncate commit summary on repo files table.
  * Mute all links in issue timeline

Changes in 1.18.2:

* BUGFIXES
  * When updating by rebase we need to set the environment for head repo
  * Fix issue not auto-closing when it includes a reference to a branch
  * Fix invalid issue branch reference if not specified in template
  * Fix 500 error viewing pull request when fork has pull requests
    disabled
  * Reliable selection of admin user
  * Set disable_gravatar/enable_federated_avatar when offline mode is
    true
* BUILD
  * cgo cross-compile for freebsd

Changes in 1.18.1:

* API
  * Add sync_on_commit option for push mirrors api
* BUGFIXES
  * Update github.com/zeripath/zapx/v15
  * Fix pull request API field closed_at always being null
  * Fix container blob mount
  * Fix error when calculating repository size
  * Fix Operator does not exist bug on explore page with
    ONLY_SHOW_RELEVANT_REPOS
  * Fix environments for KaTeX and error reporting
  * Remove the netgo tag for Windows build
  * Fix migration from GitBucket
  * Prevent panic on looking at api "git" endpoints for empty repos
  * Fix PR status layout on mobile
  * Fix wechatwork webhook sends empty content in PR review
  * Remove duplicate "Actions" label in mobile view
  * Fix leaving organization bug on user settings -> orgs
  * Fixed colour transparency regex matching in project board sorting
  * Correctly handle select on multiple channels in Queues
  * Prepend refs/heads/ to issue template refs
  * Restore function to "Show more" buttons
  * Continue GCing other repos on error in one repo
  * Allow HOST has no port
  * Fix omit avatar_url in discord payload when empty
  * Don't display stop watch top bar icon when disabled and hidden when
    click other place
  * Don't lookup mail server when using sendmail
  * Fix gravatar disable bug
  * Fix update settings table on install
  * Fix sitemap
  * Fix code search title translation
  * Fix due date rendering the wrong date in issue
  * Fix get system setting bug when enabled redis cache
  * Fix bug of DisableGravatar default value
  * Fix key signature error page
* TESTING
  * Remove test session cache to reduce possible concurrent problem
* MISC
  * Restore previous official review when an official review is deleted
  * Log STDERR of external renderer when it fails

(khorben)

darktable: Be less fussy about zlib versions.

Hopefully accept the NetBSD 9 zlib.

(nia)

Updated security/easy-rsa, www/py-test-django

(adam)

py-test-django: updated to 4.5.2

v4.5.2 (2021-12-07)
-------------------

Bugfixes

* Fix regression in v4.5.0 - ``pytest.mark.django_db(reset_sequence=True)`` now
  implies ``transaction=True`` again.

v4.5.1 (2021-12-02)
-------------------

Bugfixes

* Fix regression in v4.5.0 - database tests inside (non-unittest) classes were
  not ordered correctly to run before non-database tests, same for transactional
  tests before non-transactional tests.

v4.5.0 (2021-12-01)
-------------------

Improvements

* Add support for :ref:`rollback emulation/serialized rollback
  <test-case-serialized-rollback>`. The :func:`pytest.mark.django_db` marker
  has a new ``serialized_rollback`` option, and a
  :fixture:`django_db_serialized_rollback` fixture is added.

* Official Python 3.10 support.

* Official Django 4.0 support (tested against 4.0rc1 at the time of release).

* Drop official Django 3.0 support. Django 2.2 is still supported, and 3.0
  will likely keep working until 2.2 is dropped, but it's not tested.

* Added pyproject.toml file.

* Skip Django's `setUpTestData` mechanism in pytest-django tests. It is not
  used for those, and interferes with some planned features. Note that this
  does not affect ``setUpTestData`` in unittest tests (test classes which
  inherit from Django's `TestCase`).

Bugfixes

* Fix :fixture:`live_server` when using an in-memory SQLite database.

* Fix typing of ``assertTemplateUsed`` and ``assertTemplateNotUsed``.

v4.4.0 (2021-06-06)
-------------------

Improvements

* Add a fixture :fixture:`django_capture_on_commit_callbacks` to capture
  :func:`transaction.on_commit() <django.db.transaction.on_commit>` callbacks
  in tests.

v4.3.0 (2021-05-15)
-------------------

Improvements

* Add experimental :ref:`multiple databases <multi-db>` (multi db) support.

* Add type annotations. If you previously excluded ``pytest_django`` from
  your type-checker, you can remove the exclusion.

* Documentation improvements.

v4.2.0 (2021-04-10)
-------------------

Improvements

* Official Django 3.2 support.

* Documentation improvements.

Bugfixes

* Disable atomic durability check on non-transactional tests

v4.1.0 (2020-10-22)
-------------------

Improvements

* Add the :fixture:`async_client` and :fixture:`async_rf` fixtures

* Add :ref:`django_debug_mode <usage>` to configure how ``DEBUG`` is set in tests

* Documentation improvements.

Bugfixes

* Make :fixture:`admin_user` work for custom user models without an ``email`` field.

v4.0.0 (2020-10-16)
-------------------

Compatibility

This release contains no breaking changes, except dropping compatibility
with some older/unsupported versions.

* Drop support for Python versions before 3.5

  Previously 2.7 and 3.4 were supported. Running ``pip install pytest-django``
  on Python 2.7 or 3.4 would continue to install the compatible 3.x series.

* Drop support for Django versions before 2.2

  Previously Django>=1.8 was supported.

* Drop support for pytest versions before 5.4

  Previously pytest>=3.6 was supported.

Improvements

* Officially support Python 3.9.

* Add ``pytest_django.__version__``

* Minor documentation improvements

Bugfixes

* Make the ``admin_user`` and ``admin_client`` fixtures compatible with custom
  user models which don't have a ``username`` field

* Change the ``admin_user`` fixture to use ``get_by_natural_key()`` to get the
  user instead of directly using ``USERNAME_FIELD``, in case it is overridden,
  and to match Django

Misc

* Fix pytest-django's own tests failing due to some deprecation warnings

(adam)

easy-rsa: updated to 3.1.6

3.1.6 (2023-07-18)
* New commands: 'inline' and 'x509-eku'
  inline: Build an inline file for a commonName
  x509-eku: Extract X509v3 extended key usage from a certificate
* Expose serial-check, display-dn, display-san and default-san to
  command line.
* Expand default status to include vars-file and CA status
* sign-req: Allow the CSR DN-field order to be preserved

(adam)

Updated www/py-test-httpx, biology/py-pydicom

(adam)

py-pydicom: updated to 2.4.3

Version 2.4.3

Fixes
-----

* Fixed pydicom codify error when relative path did not exist

Version 2.4.0

Changes
-------
* Removed support for Python 3.6 (EOL since December 2021)

Enhancements
------------
* Added attribute :attr:`~pydicom.valuerep.PersonName.alphabetic` (:pr:`1634`)
* Added attribute :attr:`~pydicom.tag.BaseTag.json_key` (:pr:`1648`)
* Added value validation for numerical VRs, add type validation for all
  validated VRs (:issue:`1414`)
* CLI commands now accept *pydicom* charset test files and CLI help shows
  Python Version (:pr:`1674`)
* Added support for Python 3.11 (:issue:`1658`)
* Added :class:`~pydicom.valuerep.ISfloat` to allow non-strict reading of
  existing files with float IS values (:issue:`1661`)
* Improved speed of creating and accessing highly nested structures
  (:issue:`1728`, :pr:`1734`)
* Switched to a pyproject.toml build process (:pr:`1792`)
* Updated DICOM and UID dicts to DICOM 2023b (:pr:`1803`)

Fixes
-----
* Fixed length validation of DS values with maximum length without a leading
  zero (:issue:`1632`)
* Increased download speed with progress bar for test data (:issue:`1611`)
* Fixed crash due to invalid private creator (:issue:`1638`)
* Fixed extremely long BytesLengthException error messages (:pr:`1683`)
* In codify, ensure unique variable names for DICOM keywords repeated
  in sequences, and handle unicode characters correctly (:issue:`1670`)
* Fixed handling of some invalid values in
  :meth:`~pydicom.dataset.Dataset.to_json_dict` if `suppress_invalid_tags` is
  set to `True` (:issue:`1693`)
* Fixed reading of data with 8 bits allocated, encoded in Big Endian transfer
  syntax using VR ``OW`` (:issue:`1680`)
* Fixed crash if reading regular dataset that has the SOP Class of a DICOMDIR
  (:issue:`1702`)
* Fixed wrong waveform data calculation when as_raw=False and baseline!=0 (:issue:`1667`)
* Fixed reading LUTData to expected size (:pr:`1747`)
* Fixed handling of AT VRs when codifying data elements (:issue:`1738`)

Pydicom Internals
-----------------
* In test suites, renamed 'setup' and 'teardown' methods, deprecated starting
  in pytest 7.2
* Use own fork of `CharPyLS` to handle builds with Python 3.11 (:issue:`1788`)

(adam)

py-test-httpx: updated to 0.24.0

0.24.0

Added
- Added `match_json` parameter which allows matching on JSON decoded body (matching against python representation instead of bytes).

Changed
- Even if it was never documented as a feature, the `match_headers` parameter was not considering header names case when matching.
  - As this might have been considered a feature by some users, the fact that `match_headers` will now respect casing is documented as a breaking change.

Fixed
- Matching on headers does not ignore name case anymore, the name must now be cased as sent (as some servers might expect a specific case).
- Error message in case a request does not match will now include request headers with mismatching name case as well.
- Error message in case a request does not match will now include request headers when not provided as lower-cased to `match_headers`.
- Add `:Any` type hint to `**matchers` function arguments to satisfy strict type checking mode in [`pyright`](https://microsoft.github.io/pyright/#/).

(adam)

Updated lang/nodejs, databases/mongo-c-driver

(adam)

mongo-c-driver: updated to 1.24.4

libmongoc 1.24.4

Fixes:
  * Fix build failure caused by missing `bson-dsl.h` install in libbson.

(adam)

nodejs: updated to 20.6.0

Version 20.6.0 (Current)

Notable changes

built-in .env file support

Starting from Node.js v20.6.0, Node.js supports .env files for configuring environment variables.

Your configuration file should follow the INI file format, with each line containing a key-value pair for an environment variable. To initialize your Node.js application with predefined configurations, use the following CLI command: node --env-file=config.env index.js.

For example, you can access the following environment variable using process.env.PASSWORD when your application is initialized:

PASSWORD=nodejs
In addition to environment variables, this change allows you to define your NODE_OPTIONS directly in the .env file, eliminating the need to include it in your package.json.

import.meta.resolve unflagged

In ES modules, import.meta.resolve(specifier) can be used to get an absolute URL string to which specifier resolves, similar to require.resolve in CommonJS. This aligns Node.js with browsers and other server-side runtimes.

New node:module API register for module customization hooks; new initialize hook

There is a new API register available on node:module to specify a file that exports module customization hooks, and pass data to the hooks, and establish communication channels with them. The ���define the file with the hooks��� part was previously handled by a flag --experimental-loader, but when the hooks moved into a dedicated thread in 20.0.0 there was a need to provide a way to communicate between the main (application) thread and the hooks thread. This can now be done by calling register from the main thread and passing data, including MessageChannel instances.

We encourage users to migrate to an approach that uses --import with register, such as:

node --import ./file-that-calls-register.js ./app.js
Using --import ensures that the customization hooks are registered before any application code runs, even the entry point.

Module customization load hook can now support CommonJS

(adam)

doc: Updated sysutils/xe to 1.0

(schmonz)

Update to 1.0. From the changelog:

* Slightly incompatible change: properly forward errors on exec,
  return 123 on any exit status 1-254 (like GNU xargs).
* Small bugfixes.

(schmonz)

doc: Updated devel/p5-Test-BDD-Cucumber to 0.86

(schmonz)

Update to 0.86. From the changelog:

[Breaking]
- Parser returns tags prefixed with '@' now, because that's what the
  Cucumber ecosystem does and what Cucumber::TagExpressions wants as
  input for its tag names
- Tag filters now use the Cucumber Tag Expressions format (see
  https://cucumber.io/docs/cucumber/api/?lang=java#tag-expressions)
- Minimum Perl version is now 5.14
- Scenario's `data` attribute removed (deprecated since 4 years)

[Fixed]
- Filtering scenarios by tags regressed in 0.85

[Added]
- Tests for tag-filtered scenarios

(schmonz)

doc: Added devel/p5-Cucumber-TagExpressions version 5.0.6

(schmonz)

Add and enable p5-Cucumber-TagExpressions.

(schmonz)

Add p5-Cucumber-TagExpressions: Cucumber tag expression parser

Cucumber tag expressions allow users to define the subset of Gherkin
scenarios they want to run. This library parses the expression and
returns an evaluator object which can be used to test the tags specified
on a scenario against the filter expression.

(schmonz)

Updated sysutils/rtty to 3.2nb4

(bouyer)

Fix a bug that showed up on netbsd-10:
serv_input: read@3 need 468 got 396
read(2) isn't garanteed to be atomic on unix sockets. Loop on poll()/read()
until we read the expected len or get an error.

(bouyer)

Updated www/nghttp2, www/nghttp2-tools, www/nghttp3, net/ngtcp2

(adam)

ngtcp2: updated to 0.19.1

0.19.1
Unknown changes

(adam)

nghttp3: updated to 0.15.0

0.15.0
Unknown changes

(adam)

doc: Updated textproc/libhighlight to 4.8

(schmonz)

Update to 4.8. From the changelog:

- updated astyle lib to version 3.4.6
- moved old yaml.lang to yaml-ansible.lang and added a new yaml
  definition (#235)
- omit size property in BBCode output if `--fragment` is set (#234)
- allowed font size unit with `--font-size` for HTML and ODT
  output (#145)
- GUI: updated JP translation (#144)

(schmonz)

nghttp2 nghttp2-tools: updated to 1.56.0

Nghttp2 v1.56.0

third-party

llhttp has been updated.

nghttpx

Rework is done in functions that send ECN bits.

--frontend-quic-congestion-controller=bbr2 has been renamed to --frontend-quic-congestion-controller=bbrv2.

nghttpx, h2load

Fix issue that CMSG_DATA does not necessarily return an aligned pointer.

(adam)

doc: Updated devel/cxxopts to 3.1.1

(bsiegert)

cxxopts: update to 3.1.1

3.1.1

Fix version number in header.

3.1.0

- Support for multiple long names for the same option (= multiple long aliases)
- Add a program() function to retrieve the program name.
- Added a .clang-format file.
- Added iterator and printing for a ParseResult.
- Cleanup exception code, add cxxopts::exceptions namespace.
- Fix arguments() having no key for options that only have a short name.

(bsiegert)

options.description: document `pdcurses' option.

(vins)

doc: Updated misc/screen to 4.9.1

(vins)

misc/screen: update to 4.9.1.

# Changes
Version 4.9.1 (20/08/2023):
  * Support stop/parity bits on serial port (#23952)
  * Add needed system headers in checks and return values
    for implicit function declarations
  * Fixes:
- Avoid zombies after shell exit (#25089)
- Missed signal sending permission check on failed
  query messages (CVE-2023-24626)
- manpage fixes
- source code fixes during cleanup
- UTF-8 encoding can emit invalid UTF-8 sequences
  for out of range unicode values (#62097)

(vins)

doc: Updated devel/SDL2 to 2.28.3

(ryoon)

SDL2: Update to 2.28.3

Changelog:
This is a stable bugfix release, with the following changes:

* Added a gamepad mapping for the G-Shark GS-GP702
* Fixed touchpad events for the Razer Wolverine V2 Pro in PS5 mode
* Fixed getting key events from TV remotes on Android
* Updated to Android minSdkVersion 19 and targetSdkVersion 34 to meet
  Google Play Store requirements

(ryoon)