Now
MAIN commitmail json YAML
doc: Updated security/vault to 0.11.2
MAIN commitmail json YAML
## 0.11.2 (October 2nd, 2018)
CHANGES:
- `sys/seal-status` now includes an `initialized` boolean in the
output. If Vault is not initialized, it will return a `200` with
this value set `false` instead of a `400`.
- `passthrough_request_headers` will now deny certain headers from
being provided to backends based on a global denylist.
FEATURES:
- AWS Secret Engine Root Credential Rotation: The credential used by
the AWS secret engine can now be rotated, to ensure that only Vault
knows the credentials it is using.
- Storage Backend Migrator: A new `operator migrate` command allows
offline migration of data between two storage backends.
- AliCloud KMS Auto Unseal and Seal Wrap Support (Enterprise):
AliCloud KMS can now be used a support seal for Auto Unseal and
Seal Wrapping.
BUG FIXES:
- auth/okta: Fix reading deprecated `token` parameter if a token was
previously set in the configuration
- core: Re-add deprecated capabilities information for now
- core: Fix handling of cyclic token relationships
- storage/mysql: Fix locking on MariaDB
- replication: Fix DR API when using a token
- identity: Ensure old group alias is removed when a new one is
written
- storage/alicloud: Don't call uname on package init
- secrets/jwt: Fix issue where request context would be canceled too
early
- ui: fix need to have update for aws iam creds generation
- ui: fix calculation of token expiry
IMPROVEMENTS:
- auth/aws: The identity alias name can now configured to be either
IAM unique ID of the IAM Principal, or ARN of the caller identity
- auth/cert: Add allowed_organizational_units support
- cli: Format TTLs for non-secret responses
- identity: Support operating on entities and groups by their names
- plugins: Add `env` parameter when registering plugins to the catalog
to allow operators to include environment variables during plugin
execution.
- secrets/aws: WAL Rollback improvements
- secrets/aws: Allow specifying STS role-default TTLs
- secrets/pki: Add configuration support for setting NotBefore
- core: Support for passing the Vault token via an Authorization
Bearer header
- replication: Reindex process now runs in the background and does not
block other vault operations
- storage/zookeeper: Enable TLS based communication with Zookeeper
- ui: you can now init a cluster with a seal config
- ui: added the option to force promote replication clusters
- replication: Allow promotion of a secondary when data is syncing
with a "force" flag
CHANGES:
- `sys/seal-status` now includes an `initialized` boolean in the
output. If Vault is not initialized, it will return a `200` with
this value set `false` instead of a `400`.
- `passthrough_request_headers` will now deny certain headers from
being provided to backends based on a global denylist.
FEATURES:
- AWS Secret Engine Root Credential Rotation: The credential used by
the AWS secret engine can now be rotated, to ensure that only Vault
knows the credentials it is using.
- Storage Backend Migrator: A new `operator migrate` command allows
offline migration of data between two storage backends.
- AliCloud KMS Auto Unseal and Seal Wrap Support (Enterprise):
AliCloud KMS can now be used a support seal for Auto Unseal and
Seal Wrapping.
BUG FIXES:
- auth/okta: Fix reading deprecated `token` parameter if a token was
previously set in the configuration
- core: Re-add deprecated capabilities information for now
- core: Fix handling of cyclic token relationships
- storage/mysql: Fix locking on MariaDB
- replication: Fix DR API when using a token
- identity: Ensure old group alias is removed when a new one is
written
- storage/alicloud: Don't call uname on package init
- secrets/jwt: Fix issue where request context would be canceled too
early
- ui: fix need to have update for aws iam creds generation
- ui: fix calculation of token expiry
IMPROVEMENTS:
- auth/aws: The identity alias name can now configured to be either
IAM unique ID of the IAM Principal, or ARN of the caller identity
- auth/cert: Add allowed_organizational_units support
- cli: Format TTLs for non-secret responses
- identity: Support operating on entities and groups by their names
- plugins: Add `env` parameter when registering plugins to the catalog
to allow operators to include environment variables during plugin
execution.
- secrets/aws: WAL Rollback improvements
- secrets/aws: Allow specifying STS role-default TTLs
- secrets/pki: Add configuration support for setting NotBefore
- core: Support for passing the Vault token via an Authorization
Bearer header
- replication: Reindex process now runs in the background and does not
block other vault operations
- storage/zookeeper: Enable TLS based communication with Zookeeper
- ui: you can now init a cluster with a seal config
- ui: added the option to force promote replication clusters
- replication: Allow promotion of a secondary when data is syncing
with a "force" flag
MAIN commitmail json YAML
doc: Updated mail/rspamd to 1.8.0
MAIN commitmail json YAML
pkgsrc/mail/rspamd/Makefile@1.48
/
diff
pkgsrc/mail/rspamd/PLIST@1.15 / diff
pkgsrc/mail/rspamd/cfgfiles.mk@1.2 / diff
pkgsrc/mail/rspamd/distinfo@1.27 / diff
pkgsrc/mail/rspamd/patches/patch-src_lua_lua__task.c deleted
pkgsrc/mail/rspamd/patches/patch-test_rspamd__lua__pcall__vs__resume__test.c@1.1 / diff
pkgsrc/mail/rspamd/PLIST@1.15 / diff
pkgsrc/mail/rspamd/cfgfiles.mk@1.2 / diff
pkgsrc/mail/rspamd/distinfo@1.27 / diff
pkgsrc/mail/rspamd/patches/patch-src_lua_lua__task.c deleted
pkgsrc/mail/rspamd/patches/patch-test_rspamd__lua__pcall__vs__resume__test.c@1.1 / diff
mail/rspamd: Update to 1.8.0.
- [Feature] Add arguments schemas to processors and extractors
- [Feature] Add functional selectors library
- [Feature] Add generic selector to reputation module
- [Feature] Add more ratelimits: by digest, by attachments data, by
filenames
- [Feature] Add preliminary stop words detection support
- [Feature] Add pure Lua debugm function
- [Feature] Add schema validation for Redis settings
- [Feature] Add selectors combine function
- [Feature] Add some recursion protection to lua logger
- [Feature] Add support for Lua API tracing
- [Feature] Allow to apply schema to arguments
- [Feature] Allow to get dkim signing data directly from HTTP headers
- [Feature] Allow to reuse existing authentication results
- [Feature] Cache selectors results in re runtime
- [Feature] Implement new text tokenizer based on libicu
- [Feature] Integrate selectors framework to multimap
- [Feature] Relax FORGED_RECIPIENTS
- [Feature] Support (almost) all html entities
- [Feature] Support adding and deletion of recipients in the milter
block
- [Feature] Support gathering HTTP body from fragments in lua_http
- [Feature] Support multi flag in regexp and glob maps
- [Feature] Support selectors in ratelimit module
- [Feature] Support selectors in settings
- [Feature] Use khash in HTML parser
- [Feature] Use pure Lua debugm function
- [Fix] Add fail-safety for destroying sessions
- [Fix] Allow to add result-less fake DNS records
- [Fix] Another try to fix race conditions on config unload
- [Fix] Call Lua callback on DNS timeouts
- [Fix] Deprecate task:inc_dns_req as it is redundant
- [Fix] Do not allow events deletions on cleanup
- [Fix] Do not try to process skipped messages
- [Fix] Fix HTTP requests with no body
- [Fix] Fix another cleanup race condition
- [Fix] Fix bug in processing of pcre regexps
- [Fix] Fix byte array allocation in the pool
- [Fix] Fix crashes on task cleanup
- [Fix] Fix dynamic buckets in ratelimits
- [Fix] Fix endless loop when waiting for Rspamd to stop
- [Fix] Fix lua_util.str_split in case of delimiters set
- [Fix] Fix more issues with watching of async events
- [Fix] Fix stop words detection and loading logic
- [Fix] Fix various corner cases for language detection
- [Fix] Fix watchers in lua_tcp
- [Fix] Fix words decay algorithm
- [Fix] Implement watchers replacement to handle nested calls
- [Fix] Save faked code into fake dns record
- [Fix] Show the proper frame when using lua_util.debugm
- [Fix] Use fake dns records in tests
- [Fix] Use unicode replacements for HTML entities
- [Fix] fixed "cannot find dependency on symbol 1" issue when using
replaced symbols in spamassassin rules
- [Fix] partition_id is not available in old versions of CH
- [Project] Add implicit conversion logic to selectors
- [Project] Add initial support for selectors in regexps
- [Project] Add method concept
- [Project] Further changes in unicode operations
- [Project] Implement Clickhouse migrations
- [Project] Implement implicit conversions to userdata
- [Project] Implement insert method
- [Project] Implement selectors registration for regular expressions
- [Project] Implement selectors support in re_cache
- [Project] Improve language detector: cleanup unused files,
categorize
- [Project] Migrate CH data to a fat table
- [Project] Rework selectors logic
- [Project] Start Clickhouse utilities library
- [Project] Start unicode rework
- [Project] coroutine threaded model for API calls: thread pool
- [Rework] Move phishtank to a DNS based service
- [Rework] Rework Clickhouse plugin to use the new API
- [Rework] Rework language detector
- [Rework] Rework utf content processing in text parts
- [WebUI] Add progress bar for AJAX requests
- [WebUI] Avoid errors table reinitialization
- [WebUI] Avoid history table reinitialization
- [WebUI] Avoid throughput summary table reinitialization
- [WebUI] Destroy summary table on disconnect
- [WebUI] Fix "auth" request URL
- [WebUI] Fix disabling and hiding controls on page reload
- [WebUI] Fix maps loading from neighbours
- [WebUI] Fix symbols sorting by score
- [WebUI] Fix tables destroying
- [WebUI] Fix throughput data consolidation
- [WebUI] Fix upload buttons disabling
- [Feature] Add arguments schemas to processors and extractors
- [Feature] Add functional selectors library
- [Feature] Add generic selector to reputation module
- [Feature] Add more ratelimits: by digest, by attachments data, by
filenames
- [Feature] Add preliminary stop words detection support
- [Feature] Add pure Lua debugm function
- [Feature] Add schema validation for Redis settings
- [Feature] Add selectors combine function
- [Feature] Add some recursion protection to lua logger
- [Feature] Add support for Lua API tracing
- [Feature] Allow to apply schema to arguments
- [Feature] Allow to get dkim signing data directly from HTTP headers
- [Feature] Allow to reuse existing authentication results
- [Feature] Cache selectors results in re runtime
- [Feature] Implement new text tokenizer based on libicu
- [Feature] Integrate selectors framework to multimap
- [Feature] Relax FORGED_RECIPIENTS
- [Feature] Support (almost) all html entities
- [Feature] Support adding and deletion of recipients in the milter
block
- [Feature] Support gathering HTTP body from fragments in lua_http
- [Feature] Support multi flag in regexp and glob maps
- [Feature] Support selectors in ratelimit module
- [Feature] Support selectors in settings
- [Feature] Use khash in HTML parser
- [Feature] Use pure Lua debugm function
- [Fix] Add fail-safety for destroying sessions
- [Fix] Allow to add result-less fake DNS records
- [Fix] Another try to fix race conditions on config unload
- [Fix] Call Lua callback on DNS timeouts
- [Fix] Deprecate task:inc_dns_req as it is redundant
- [Fix] Do not allow events deletions on cleanup
- [Fix] Do not try to process skipped messages
- [Fix] Fix HTTP requests with no body
- [Fix] Fix another cleanup race condition
- [Fix] Fix bug in processing of pcre regexps
- [Fix] Fix byte array allocation in the pool
- [Fix] Fix crashes on task cleanup
- [Fix] Fix dynamic buckets in ratelimits
- [Fix] Fix endless loop when waiting for Rspamd to stop
- [Fix] Fix lua_util.str_split in case of delimiters set
- [Fix] Fix more issues with watching of async events
- [Fix] Fix stop words detection and loading logic
- [Fix] Fix various corner cases for language detection
- [Fix] Fix watchers in lua_tcp
- [Fix] Fix words decay algorithm
- [Fix] Implement watchers replacement to handle nested calls
- [Fix] Save faked code into fake dns record
- [Fix] Show the proper frame when using lua_util.debugm
- [Fix] Use fake dns records in tests
- [Fix] Use unicode replacements for HTML entities
- [Fix] fixed "cannot find dependency on symbol 1" issue when using
replaced symbols in spamassassin rules
- [Fix] partition_id is not available in old versions of CH
- [Project] Add implicit conversion logic to selectors
- [Project] Add initial support for selectors in regexps
- [Project] Add method concept
- [Project] Further changes in unicode operations
- [Project] Implement Clickhouse migrations
- [Project] Implement implicit conversions to userdata
- [Project] Implement insert method
- [Project] Implement selectors registration for regular expressions
- [Project] Implement selectors support in re_cache
- [Project] Improve language detector: cleanup unused files,
categorize
- [Project] Migrate CH data to a fat table
- [Project] Rework selectors logic
- [Project] Start Clickhouse utilities library
- [Project] Start unicode rework
- [Project] coroutine threaded model for API calls: thread pool
- [Rework] Move phishtank to a DNS based service
- [Rework] Rework Clickhouse plugin to use the new API
- [Rework] Rework language detector
- [Rework] Rework utf content processing in text parts
- [WebUI] Add progress bar for AJAX requests
- [WebUI] Avoid errors table reinitialization
- [WebUI] Avoid history table reinitialization
- [WebUI] Avoid throughput summary table reinitialization
- [WebUI] Destroy summary table on disconnect
- [WebUI] Fix "auth" request URL
- [WebUI] Fix disabling and hiding controls on page reload
- [WebUI] Fix maps loading from neighbours
- [WebUI] Fix symbols sorting by score
- [WebUI] Fix tables destroying
- [WebUI] Fix throughput data consolidation
- [WebUI] Fix upload buttons disabling
MAIN commitmail json YAML
doc: Updated net/py-lexicon to 2.7.9
MAIN commitmail json YAML
pkgsrc/net/py-lexicon/Makefile@1.32
/
diff
pkgsrc/net/py-lexicon/PLIST@1.22 / diff
pkgsrc/net/py-lexicon/distinfo@1.32 / diff
pkgsrc/net/py-lexicon/PLIST@1.22 / diff
pkgsrc/net/py-lexicon/distinfo@1.32 / diff
net/py-lexicon: Update to 2.7.9.
2.7.9
- Minor fixes
2.7.8
- Adding henet to supported providers
2.7.7
- Fix for cloudns
2.7.6
- Tests fixes
2.7.5
- Add support for inwx provider
2.7.4
- Add support for Plesk API
2.7.9
- Minor fixes
2.7.8
- Adding henet to supported providers
2.7.7
- Fix for cloudns
2.7.6
- Tests fixes
2.7.5
- Add support for inwx provider
2.7.4
- Add support for Plesk API
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.11.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.11.0.
- fs
- Fixed fsPromises.readdir `withFileTypes`.
- http2
- Added `http2stream.endAfterHeaders` property.
- util
- Added `util.types.isBoxedPrimitive(value)`.
- fs
- Fixed fsPromises.readdir `withFileTypes`.
- http2
- Added `http2stream.endAfterHeaders` property.
- util
- Added `util.types.isBoxedPrimitive(value)`.
MAIN commitmail json YAML
doc: Updated sysutils/rsyslog to 8.38.0
MAIN commitmail json YAML
pkgsrc/sysutils/rsyslog-dbi/Makefile@1.5
/
diff
pkgsrc/sysutils/rsyslog-elasticsearch/Makefile@1.17 / diff
pkgsrc/sysutils/rsyslog-gnutls/Makefile@1.10 / diff
pkgsrc/sysutils/rsyslog-gssapi/Makefile@1.6 / diff
pkgsrc/sysutils/rsyslog-kafka/Makefile@1.5 / diff
pkgsrc/sysutils/rsyslog-libgcrypt/Makefile@1.6 / diff
pkgsrc/sysutils/rsyslog-mysql/Makefile@1.5 / diff
pkgsrc/sysutils/rsyslog-omprog/Makefile@1.5 / diff
pkgsrc/sysutils/rsyslog-pgsql/Makefile@1.7 / diff
pkgsrc/sysutils/rsyslog-rabbitmq/Makefile@1.8 / diff
pkgsrc/sysutils/rsyslog-relp/Makefile@1.6 / diff
pkgsrc/sysutils/rsyslog-snmp/Makefile@1.7 / diff
pkgsrc/sysutils/rsyslog/Makefile@1.15 / diff
pkgsrc/sysutils/rsyslog/Makefile.common@1.40 / diff
pkgsrc/sysutils/rsyslog/distinfo@1.37 / diff
pkgsrc/sysutils/rsyslog/patches/patch-configure@1.4 / diff
pkgsrc/sysutils/rsyslog-elasticsearch/Makefile@1.17 / diff
pkgsrc/sysutils/rsyslog-gnutls/Makefile@1.10 / diff
pkgsrc/sysutils/rsyslog-gssapi/Makefile@1.6 / diff
pkgsrc/sysutils/rsyslog-kafka/Makefile@1.5 / diff
pkgsrc/sysutils/rsyslog-libgcrypt/Makefile@1.6 / diff
pkgsrc/sysutils/rsyslog-mysql/Makefile@1.5 / diff
pkgsrc/sysutils/rsyslog-omprog/Makefile@1.5 / diff
pkgsrc/sysutils/rsyslog-pgsql/Makefile@1.7 / diff
pkgsrc/sysutils/rsyslog-rabbitmq/Makefile@1.8 / diff
pkgsrc/sysutils/rsyslog-relp/Makefile@1.6 / diff
pkgsrc/sysutils/rsyslog-snmp/Makefile@1.7 / diff
pkgsrc/sysutils/rsyslog/Makefile@1.15 / diff
pkgsrc/sysutils/rsyslog/Makefile.common@1.40 / diff
pkgsrc/sysutils/rsyslog/distinfo@1.37 / diff
pkgsrc/sysutils/rsyslog/patches/patch-configure@1.4 / diff
sysutils/rsyslog*: Update to 8.38.0.
Version 8.38.0 [v8-stable] 2018-09-18
- AIX: make basic modules work again
- make rsyslog build on AIX again
- imfile: support for endmsg.regex
- imkafka: add parameter "parseHostName"
- im[p]tcp: improve error message on connect failure
- imkafka: implement multithreading support for kafka consumers.
- omelasticsearch: write all header metadata to $.omes for retries
- core: improve error message on module load fail
- core/queue: add error message if queue file cannot be accessed
- imtcp/imudp: new option preservecase for managing the case of
FROMHOST value
- omprog: add feedback timeout and keep-alive feature
- omprog: fix forceSingleInstance configuration option
- imfile: implement file-id, used in state file
- imfile: experimental input throtteling feature
- core: emit TZ warning on startup not on Linux non-container
- omkafka:
- better debug information
- Fixed minor issue in omkafka producing wrong kafka timestamps when
msgTimestamp was NULL.
- Setting RD_KAFKA_V_KEY(NULL, 0) in rd_kafka_producev now when KEY
is not configured.
- Fixed minor issue when rsyslog is compiled with --enable-debug and
librdkafka is too old.
- omfile bugfix: errant error message when dynafile param needed
- omhttp: new contribued module
- mmkubertnetes: action fails preparation cycle if kubernetes API
destroys resource during bootup sequence
- bugfix pmnormalize/core: several memory leaks, invld property
handling
- bugfix imptcp: fixed pointers for session counting
- bugfix omprog: invalid memory access on partial writes to pipe
- bugfix omprog: rsyslog's environment was not passed to script
- bugfix omprog: severity of some log messages in waitForChild
corrected
- bugfix imfile: files which were loaded via symlink were not always
followed
- bugfix imfile: potential misadressing when processing symlinks
- bugfix ommongodb: build issue if mongo-c-driver is not compiled with
TLS
Version 8.38.0 [v8-stable] 2018-09-18
- AIX: make basic modules work again
- make rsyslog build on AIX again
- imfile: support for endmsg.regex
- imkafka: add parameter "parseHostName"
- im[p]tcp: improve error message on connect failure
- imkafka: implement multithreading support for kafka consumers.
- omelasticsearch: write all header metadata to $.omes for retries
- core: improve error message on module load fail
- core/queue: add error message if queue file cannot be accessed
- imtcp/imudp: new option preservecase for managing the case of
FROMHOST value
- omprog: add feedback timeout and keep-alive feature
- omprog: fix forceSingleInstance configuration option
- imfile: implement file-id, used in state file
- imfile: experimental input throtteling feature
- core: emit TZ warning on startup not on Linux non-container
- omkafka:
- better debug information
- Fixed minor issue in omkafka producing wrong kafka timestamps when
msgTimestamp was NULL.
- Setting RD_KAFKA_V_KEY(NULL, 0) in rd_kafka_producev now when KEY
is not configured.
- Fixed minor issue when rsyslog is compiled with --enable-debug and
librdkafka is too old.
- omfile bugfix: errant error message when dynafile param needed
- omhttp: new contribued module
- mmkubertnetes: action fails preparation cycle if kubernetes API
destroys resource during bootup sequence
- bugfix pmnormalize/core: several memory leaks, invld property
handling
- bugfix imptcp: fixed pointers for session counting
- bugfix omprog: invalid memory access on partial writes to pipe
- bugfix omprog: rsyslog's environment was not passed to script
- bugfix omprog: severity of some log messages in waitForChild
corrected
- bugfix imfile: files which were loaded via symlink were not always
followed
- bugfix imfile: potential misadressing when processing symlinks
- bugfix ommongodb: build issue if mongo-c-driver is not compiled with
TLS
MAIN commitmail json YAML
doc: Updated misc/mbuffer to 20180625
MAIN commitmail json YAML
pkgsrc/misc/mbuffer/Makefile@1.5
/
diff
pkgsrc/misc/mbuffer/PLIST@1.2 / diff
pkgsrc/misc/mbuffer/distinfo@1.5 / diff
pkgsrc/misc/mbuffer/patches/patch-Makefile.in@1.2 / diff
pkgsrc/misc/mbuffer/patches/patch-mbuffer.c@1.1 / diff
pkgsrc/misc/mbuffer/patches/patch-mbuffer.rc@1.1 / diff
pkgsrc/misc/mbuffer/patches/patch-network.c@1.2 / diff
pkgsrc/misc/mbuffer/PLIST@1.2 / diff
pkgsrc/misc/mbuffer/distinfo@1.5 / diff
pkgsrc/misc/mbuffer/patches/patch-Makefile.in@1.2 / diff
pkgsrc/misc/mbuffer/patches/patch-mbuffer.c@1.1 / diff
pkgsrc/misc/mbuffer/patches/patch-mbuffer.rc@1.1 / diff
pkgsrc/misc/mbuffer/patches/patch-network.c@1.2 / diff
misc/mbuffer: Update to 20180625.
20180625:
- linking of available hash libraries during runtime
20180505:
- fix typo in summary
- fix potential hang with small input size
- testing fix for BSD
- configure enhancement: objdump may be named gobjdump
- fix tape end of file marker may be ignored
- removed obsolete alpha code
20180410:
- build fix for hashing library variants
- support tapetest on systems with name variants of open and write
- run only network tests for supported address families
(patch supplied by Peter Pentchev)
- code update for hashing infrastructure
- make idev tests usable on more platforms
- determine amount of available memory via procfs
- option -d unintentionally consumes an argument
- idev.c should use libc's names
- support use of autoreconf
20180318:
- performance optimized defaults
- stricter arguments checking of mbuffer.rc
- handle FreeBSD's maximum semaphore value transparently
- print base 2 dimensions correctly (ki,Mi,Gi,Ti)
- FreeBSD patches by Eric Borisch
20171011:
- use $(etcdir) consistently for installation
- use AC_COMPILE_IF instead of AC_RUN_IF to support cross-compiling
- remove forward typedef for dest_t to support older compilers
- build fix for Solaris
- updated test infrastructure
- print pid on every message with --pid
- fix: potential hang, when one output fails to open
20170921:
- added jumpbuffer reading mode for inconsistent block sizes
- code separation into more files for enhanced readability
- some cleanup work for global variables
- fixed regression in sanity checks
- fix: option -f should truncate output file
- fix: failed opening of network output should not redirect to stdout
- fix: summary printout should respect quiet options
20170806:
- add support for libgcrypt
- add support for tape aware out-of-space handling
- support setting verbosity in config file
- suppress gcc's unused result warnings - all have been manually
checked
- updated install-sh, config.sub, and config.guess
- exit cleanly if all outputs failed to open but hashers are left
- minor fixes and enhancements
- minor code refactoring for clearer structure
- some code hardening
- build fix for OpenBSD
- work around mhash_get_hash_name_static crashing
20170515:
- fix false warning on comments in config files
- code update for config parsing
- makefile compatibility update
20170514:
- update: configure update for latest cygwin
- fix: detect missing md5.h in configure
- enhancement: adjust some messages to avoid line-wrapping
- enhancement: print status message to log if suppressed on console
- enhancement: also read config files in /etc and ${prefix}/etc
- enhancement: simplified memory conifguration detection scheme
- added an example config file, with documentation of all options
- added parameter StatusInterval
- fix for handling empty lines in config files
- fix: --append rejects existing files
- fix warnings related to thread status return code
20161115:
- enhancement: report percent done, when input size is known (is a
file)
- enhancement: watchdog raises SIGKILL if SIGINT had no effect
- change: start watchdog when parsing option -W or after parsing all
options when activated via defaults file
- fix: use thread-safe mt_usleep instead of sleep(3) for watchdog
timing
- change: adjusted interface of mt_usleep to accept 64bit arguments
20160613:
- fix: fix potential assertion triggered by interrupted system call
- enhancement: ignore EINTR for I/O syscalls
20160228:
- fix: fix listen's backlog argument, which can cause issues on Linux
4.4
20180625:
- linking of available hash libraries during runtime
20180505:
- fix typo in summary
- fix potential hang with small input size
- testing fix for BSD
- configure enhancement: objdump may be named gobjdump
- fix tape end of file marker may be ignored
- removed obsolete alpha code
20180410:
- build fix for hashing library variants
- support tapetest on systems with name variants of open and write
- run only network tests for supported address families
(patch supplied by Peter Pentchev)
- code update for hashing infrastructure
- make idev tests usable on more platforms
- determine amount of available memory via procfs
- option -d unintentionally consumes an argument
- idev.c should use libc's names
- support use of autoreconf
20180318:
- performance optimized defaults
- stricter arguments checking of mbuffer.rc
- handle FreeBSD's maximum semaphore value transparently
- print base 2 dimensions correctly (ki,Mi,Gi,Ti)
- FreeBSD patches by Eric Borisch
20171011:
- use $(etcdir) consistently for installation
- use AC_COMPILE_IF instead of AC_RUN_IF to support cross-compiling
- remove forward typedef for dest_t to support older compilers
- build fix for Solaris
- updated test infrastructure
- print pid on every message with --pid
- fix: potential hang, when one output fails to open
20170921:
- added jumpbuffer reading mode for inconsistent block sizes
- code separation into more files for enhanced readability
- some cleanup work for global variables
- fixed regression in sanity checks
- fix: option -f should truncate output file
- fix: failed opening of network output should not redirect to stdout
- fix: summary printout should respect quiet options
20170806:
- add support for libgcrypt
- add support for tape aware out-of-space handling
- support setting verbosity in config file
- suppress gcc's unused result warnings - all have been manually
checked
- updated install-sh, config.sub, and config.guess
- exit cleanly if all outputs failed to open but hashers are left
- minor fixes and enhancements
- minor code refactoring for clearer structure
- some code hardening
- build fix for OpenBSD
- work around mhash_get_hash_name_static crashing
20170515:
- fix false warning on comments in config files
- code update for config parsing
- makefile compatibility update
20170514:
- update: configure update for latest cygwin
- fix: detect missing md5.h in configure
- enhancement: adjust some messages to avoid line-wrapping
- enhancement: print status message to log if suppressed on console
- enhancement: also read config files in /etc and ${prefix}/etc
- enhancement: simplified memory conifguration detection scheme
- added an example config file, with documentation of all options
- added parameter StatusInterval
- fix for handling empty lines in config files
- fix: --append rejects existing files
- fix warnings related to thread status return code
20161115:
- enhancement: report percent done, when input size is known (is a
file)
- enhancement: watchdog raises SIGKILL if SIGINT had no effect
- change: start watchdog when parsing option -W or after parsing all
options when activated via defaults file
- fix: use thread-safe mt_usleep instead of sleep(3) for watchdog
timing
- change: adjusted interface of mt_usleep to accept 64bit arguments
20160613:
- fix: fix potential assertion triggered by interrupted system call
- enhancement: ignore EINTR for I/O syscalls
20160228:
- fix: fix listen's backlog argument, which can cause issues on Linux
4.4
MAIN commitmail json YAML
doc: Updated databases/mariadb-connector-c to 3.0.6
MAIN commitmail json YAML
pkgsrc/databases/mariadb-connector-c/Makefile@1.4
/
diff
pkgsrc/databases/mariadb-connector-c/PLIST@1.2 / diff
pkgsrc/databases/mariadb-connector-c/distinfo@1.2 / diff
pkgsrc/databases/mariadb-connector-c/patches/patch-CMakeLists.txt@1.2 / diff
pkgsrc/databases/mariadb-connector-c/patches/patch-cmake_plugins.cmake deleted
pkgsrc/databases/mariadb-connector-c/patches/patch-plugins_auth_CMakeLists.txt@1.1 / diff
pkgsrc/databases/mariadb-connector-c/PLIST@1.2 / diff
pkgsrc/databases/mariadb-connector-c/distinfo@1.2 / diff
pkgsrc/databases/mariadb-connector-c/patches/patch-CMakeLists.txt@1.2 / diff
pkgsrc/databases/mariadb-connector-c/patches/patch-cmake_plugins.cmake deleted
pkgsrc/databases/mariadb-connector-c/patches/patch-plugins_auth_CMakeLists.txt@1.1 / diff
databases/mariadb-connector-c: Update to 3.0.6.
3.0.6
- Revert "Bumped version number to 3.0.7"
3.0.5
- Windows build fix
3.0.4
- MDEV-15655: abstract socket support - limit length
3.0.6
- Revert "Bumped version number to 3.0.7"
3.0.5
- Windows build fix
3.0.4
- MDEV-15655: abstract socket support - limit length
MAIN commitmail json YAML
doc: Updated net/rabbitmq to 3.7.7
MAIN commitmail json YAML
pkgsrc/net/rabbitmq/Makefile@1.39
/
diff
pkgsrc/net/rabbitmq/PLIST@1.32 / diff
pkgsrc/net/rabbitmq/distinfo@1.42 / diff
pkgsrc/net/rabbitmq/patches/patch-deps_rabbitmq__cli_lib_rabbitmq_cli_core_parser.ex@1.1 / diff
pkgsrc/net/rabbitmq/patches/patch-deps_rabbitmq__cli_mix.exs@1.1 / diff
pkgsrc/net/rabbitmq/PLIST@1.32 / diff
pkgsrc/net/rabbitmq/distinfo@1.42 / diff
pkgsrc/net/rabbitmq/patches/patch-deps_rabbitmq__cli_lib_rabbitmq_cli_core_parser.ex@1.1 / diff
pkgsrc/net/rabbitmq/patches/patch-deps_rabbitmq__cli_mix.exs@1.1 / diff
net/rabbitmq: Update to 3.7.7.
3.7.7
- Erlang 21 compatibility
- Bug fixes
- Usability improvements
3.7.6
- Bug fixes
- Usability improvements
3.7.7
- Erlang 21 compatibility
- Bug fixes
- Usability improvements
3.7.6
- Bug fixes
- Usability improvements
MAIN commitmail json YAML
doc: Updated databases/percona-toolkit to 3.0.12
MAIN commitmail json YAML
pkgsrc/databases/percona-toolkit/Makefile@1.23
/
diff
pkgsrc/databases/percona-toolkit/distinfo@1.13 / diff
pkgsrc/databases/percona-toolkit/distinfo@1.13 / diff
databases/percona-toolkit: Update to 3.0.12.
v3.0.12 released 2018-09-13
- Fixed bug PT-1611: pt-archiver fails with UTF-8 chars
- Fixed bug PT-1574: pt-online-schema-change fails on UK and NULLs
- Fixed bug PT-1572: Better usage of ENUM fields in keys in
NibbleIterator
- Fixed bug PT-1422: pt-mysql-summary may get stuck when Time: NULL
in processlist
- Improvement PT-1321: Add required MySQL privileges to
pt-online-schema-change documentation
v3.0.11 released 2018-07-06
- Improvement PT-1571 : Improved hostname recognition in
pt-secure-collect
- Fixed bug PT-1570 : pt-archiver fails to detect columns with the
word GENERATED as part of the comment
- Improvement PT-1569 : Disabled --alter-foreign-keys-method=drop_swap
in pt-osc
- Fixed bug PT-1563 : Fixed pt-show-grants for MySQL 5.6
- Improvement PT-1562 : pt-mysql-summary: Fix mysqld command for
Travis
- Fixed bug PT-1551 : pt-table-checksum fails on MySQL 8.0.11
- Improvement PT-242 : (pt-stalk) Include SHOW SLAVE STATUS on 5.7
- Fixed bug PT-241 : (pt-stalk) Slave queries doesn't run on 5.7
v3.0.10 released 2018-05-21
- Fixed bug PT-1556 : pt-table-checksum 3.0.9 doesn't change
binlog_format to statement anymore
- Improvement PT-1546 : Improved support of MySQL 8 roles
- Improvement PT-1543 : Encrypted table status query causes high load
over multiple minutes
- Improvement PT-1536 : Add info about encrypted tablespaces in
pt-mysql-summary
- Feature PT-131 : Make pt-table checksum to disable QRT plugin
- Feature PT-118 : pt-table-checksum report the number of rows of
difference between master and slave
v3.0.9 released 2018-04-17
- Feature PT-1530 : Add support for encryption status to
mysql-summary
- Feature PT-1526 : Add ndb status to pt-mysql-summary
- Feature PT-1525 : Added support for MySQL 8 roles into
pt-mysql-summary
- Feature PT-1509 : Only set binlog_format when necessary
- Feature PT-1508 : Adding --read-only-interval flag, and
read-only check on wake-up
- Improvement PT-1507 : pt-summary does not reliably read in the
transparent huge pages setting
- New tool PT-1501 : pt-secure-collect - New tool to collect and
sanitize pt-tools outputs
- Feature PT-243 : Adding --max-hostname-length and
--max-line-length to pt-query-digest
v3.0.8 released 2018-03-13
- Feature PT-1500 : add --secure-slowlog option to pt-query digest
v3.0.7 released 2018-03-01
- Fixed Bug PT-244 : pt-online-schema-change --data-dir option
broken for partitioned table
- Feature PT-633 : Added --mysql-only option to pt-stalk for RDS
- Fixed bug PT-1256: pt-table-sync does not use the character set
for the table it is synchronizing
- Fixed bug PT-1455: pt-osc is stuck when the table that is being
altered is filtered out in the slave
- Fixed bug PT-1485: pt-mysql-summary has broken Security section
in versions bigger then 5.6
- Fixed bug PMM-1905: Explain fails if encounters negative
"ntoreturn"
v3.0.12 released 2018-09-13
- Fixed bug PT-1611: pt-archiver fails with UTF-8 chars
- Fixed bug PT-1574: pt-online-schema-change fails on UK and NULLs
- Fixed bug PT-1572: Better usage of ENUM fields in keys in
NibbleIterator
- Fixed bug PT-1422: pt-mysql-summary may get stuck when Time: NULL
in processlist
- Improvement PT-1321: Add required MySQL privileges to
pt-online-schema-change documentation
v3.0.11 released 2018-07-06
- Improvement PT-1571 : Improved hostname recognition in
pt-secure-collect
- Fixed bug PT-1570 : pt-archiver fails to detect columns with the
word GENERATED as part of the comment
- Improvement PT-1569 : Disabled --alter-foreign-keys-method=drop_swap
in pt-osc
- Fixed bug PT-1563 : Fixed pt-show-grants for MySQL 5.6
- Improvement PT-1562 : pt-mysql-summary: Fix mysqld command for
Travis
- Fixed bug PT-1551 : pt-table-checksum fails on MySQL 8.0.11
- Improvement PT-242 : (pt-stalk) Include SHOW SLAVE STATUS on 5.7
- Fixed bug PT-241 : (pt-stalk) Slave queries doesn't run on 5.7
v3.0.10 released 2018-05-21
- Fixed bug PT-1556 : pt-table-checksum 3.0.9 doesn't change
binlog_format to statement anymore
- Improvement PT-1546 : Improved support of MySQL 8 roles
- Improvement PT-1543 : Encrypted table status query causes high load
over multiple minutes
- Improvement PT-1536 : Add info about encrypted tablespaces in
pt-mysql-summary
- Feature PT-131 : Make pt-table checksum to disable QRT plugin
- Feature PT-118 : pt-table-checksum report the number of rows of
difference between master and slave
v3.0.9 released 2018-04-17
- Feature PT-1530 : Add support for encryption status to
mysql-summary
- Feature PT-1526 : Add ndb status to pt-mysql-summary
- Feature PT-1525 : Added support for MySQL 8 roles into
pt-mysql-summary
- Feature PT-1509 : Only set binlog_format when necessary
- Feature PT-1508 : Adding --read-only-interval flag, and
read-only check on wake-up
- Improvement PT-1507 : pt-summary does not reliably read in the
transparent huge pages setting
- New tool PT-1501 : pt-secure-collect - New tool to collect and
sanitize pt-tools outputs
- Feature PT-243 : Adding --max-hostname-length and
--max-line-length to pt-query-digest
v3.0.8 released 2018-03-13
- Feature PT-1500 : add --secure-slowlog option to pt-query digest
v3.0.7 released 2018-03-01
- Fixed Bug PT-244 : pt-online-schema-change --data-dir option
broken for partitioned table
- Feature PT-633 : Added --mysql-only option to pt-stalk for RDS
- Fixed bug PT-1256: pt-table-sync does not use the character set
for the table it is synchronizing
- Fixed bug PT-1455: pt-osc is stuck when the table that is being
altered is filtered out in the slave
- Fixed bug PT-1485: pt-mysql-summary has broken Security section
in versions bigger then 5.6
- Fixed bug PMM-1905: Explain fails if encounters negative
"ntoreturn"
MAIN commitmail json YAML
doc: Updated net/py-lexicon to 2.7.3
MAIN commitmail json YAML
net/py-lexicon: Update to 2.7.3.
- Correct mocking in ovh test units during authentication phase.
- Re-add requirements.txt.
- Correct mocking in ovh test units during authentication phase.
- Re-add requirements.txt.
MAIN commitmail json YAML
doc: Updated sysutils/consul to 1.2.3
MAIN commitmail json YAML
sysutils/consul: Update to 1.2.3.
FEATURES:
- agent: New Cloud Auto-join provider: Kubernetes (K8S)
- http: Added support for "Authorization: Bearer" head in addition to
the X-Consul-Token header.
- dns: Added a way to specify SRV weights for each service instance to
allow weighted DNS load-balancing.
- dns: Include EDNS-ECS options in EDNS responses where appropriate:
see RFC 7871
- ui: Add markers/icons for external sources
IMPROVEMENTS:
- ui: Switch to fullscreen layout for lists and detail, left aligned
forms
- connect: TLS certificate readiness now performs x509 certificate
verification to determine whether the cert is usable.
- ui: The syntax highlighting/code editor is now on by default
- ui: Fallback to showing `Node.Address` if `Service.Address` is not
set
- gossip: Improvements to Serf and memberlist improving gossip
stability on very large clusters (over 35k tested)
BUG FIXES:
- agent: Avoid returning empty data on startup of a non-leader server
- agent: Fixed a panic when serf_wan port was -1 but a
reconnect_timeout_wan value was set.
- agent: Fixed a problem where errors regarding DNS server creation
where never shown.
- agent: Start with invalid http configuration again, even though the
build-in proxy for connect won't start in that case.
- catalog: Allow renaming nodes with IDs.
- dns: Fixes a bug with the DNS recursor, where we would not move onto
the next provided recursor if we encounter a SERVFAIL or REFUSED
status.
- server: Fixed a memory leak in blocking queries against /event/list.
- snapshot: Fixed a bug where node metadata wasn't being included in
or restored from the snapshots.
- connect: Fixed a bug where managed proxy instances registered for
instances with different name and ID and with restrictive ACL would
not be allowed.
- connect: Fixed a bug where built-in CA state was not correctly
restored from a snapshot
- connect: Fixed a bug where Checks with
`deregister_critical_service_after` would deregister the service but
not remove the managed proxy
- connect: Fixed a bug that would output an error about pruning CAs
every hour on the leader and might cause some CA configurations not
to be pruned correctly
- raft: Update raft vendoring to pull in a fix for a potential memory
leak.
- license: (Consul Enterprise) Fix an issue with the license not being
reloaded from snapshots.
- license: (Consul Enterprise) Fix an issue with encoding/decoding of
the license package type from the /v1/operator/license endpoint.
- cli: Correctly exit with error code 1 when failing to list DCs with
the catalog command
- ui: Improve layout on screens of a large portrait orientation
- ui: Various browser layout bugs for various vendors/setups
FEATURES:
- agent: New Cloud Auto-join provider: Kubernetes (K8S)
- http: Added support for "Authorization: Bearer" head in addition to
the X-Consul-Token header.
- dns: Added a way to specify SRV weights for each service instance to
allow weighted DNS load-balancing.
- dns: Include EDNS-ECS options in EDNS responses where appropriate:
see RFC 7871
- ui: Add markers/icons for external sources
IMPROVEMENTS:
- ui: Switch to fullscreen layout for lists and detail, left aligned
forms
- connect: TLS certificate readiness now performs x509 certificate
verification to determine whether the cert is usable.
- ui: The syntax highlighting/code editor is now on by default
- ui: Fallback to showing `Node.Address` if `Service.Address` is not
set
- gossip: Improvements to Serf and memberlist improving gossip
stability on very large clusters (over 35k tested)
BUG FIXES:
- agent: Avoid returning empty data on startup of a non-leader server
- agent: Fixed a panic when serf_wan port was -1 but a
reconnect_timeout_wan value was set.
- agent: Fixed a problem where errors regarding DNS server creation
where never shown.
- agent: Start with invalid http configuration again, even though the
build-in proxy for connect won't start in that case.
- catalog: Allow renaming nodes with IDs.
- dns: Fixes a bug with the DNS recursor, where we would not move onto
the next provided recursor if we encounter a SERVFAIL or REFUSED
status.
- server: Fixed a memory leak in blocking queries against /event/list.
- snapshot: Fixed a bug where node metadata wasn't being included in
or restored from the snapshots.
- connect: Fixed a bug where managed proxy instances registered for
instances with different name and ID and with restrictive ACL would
not be allowed.
- connect: Fixed a bug where built-in CA state was not correctly
restored from a snapshot
- connect: Fixed a bug where Checks with
`deregister_critical_service_after` would deregister the service but
not remove the managed proxy
- connect: Fixed a bug that would output an error about pruning CAs
every hour on the leader and might cause some CA configurations not
to be pruned correctly
- raft: Update raft vendoring to pull in a fix for a potential memory
leak.
- license: (Consul Enterprise) Fix an issue with the license not being
reloaded from snapshots.
- license: (Consul Enterprise) Fix an issue with encoding/decoding of
the license package type from the /v1/operator/license endpoint.
- cli: Correctly exit with error code 1 when failing to list DCs with
the catalog command
- ui: Improve layout on screens of a large portrait orientation
- ui: Various browser layout bugs for various vendors/setups
MAIN commitmail json YAML
doc: Updated archivers/lz4 to 1.8.3
MAIN commitmail json YAML
pkgsrc/archivers/lz4/Makefile@1.14
/
diff
pkgsrc/archivers/lz4/distinfo@1.16 / diff
pkgsrc/archivers/lz4/patches/patch-Makefile@1.8 / diff
pkgsrc/archivers/lz4/patches/patch-lib_Makefile@1.9 / diff
pkgsrc/archivers/lz4/patches/patch-programs_Makefile@1.11 / diff
pkgsrc/archivers/lz4/distinfo@1.16 / diff
pkgsrc/archivers/lz4/patches/patch-Makefile@1.8 / diff
pkgsrc/archivers/lz4/patches/patch-lib_Makefile@1.9 / diff
pkgsrc/archivers/lz4/patches/patch-programs_Makefile@1.11 / diff
archivers/lz4: Update to 1.8.3.
- perf: minor decompression speed improvement (~+2%) with gcc
- fix : corruption in v1.8.2 at level 9 for files > 64KB under rare
conditions (#560)
- cli : new command --fast, by @jennifermliu
- api : LZ4_decompress_safe_partial() now decodes exactly the nb of
bytes requested (feature request #566)
- build : added Haiku target, by @fbrosson, and MidnightBSD, by @laffer1
- doc : updated documentation regarding dictionary compression
- perf: minor decompression speed improvement (~+2%) with gcc
- fix : corruption in v1.8.2 at level 9 for files > 64KB under rare
conditions (#560)
- cli : new command --fast, by @jennifermliu
- api : LZ4_decompress_safe_partial() now decodes exactly the nb of
bytes requested (feature request #566)
- build : added Haiku target, by @fbrosson, and MidnightBSD, by @laffer1
- doc : updated documentation regarding dictionary compression
MAIN commitmail json YAML
pkgsrc/devel/git-lfs/distinfo@1.2
/
diff
pkgsrc/devel/git-lfs/patches/patch-lfsapi_certs__solaris.go@1.1 / diff
pkgsrc/devel/git-lfs/patches/patch-lfsapi_certs__solaris.go@1.1 / diff
devel/git-lfs: Add support for SunOS.
MAIN commitmail json YAML
pkgsrc/lang/go/Makefile@1.67
/
diff
pkgsrc/lang/go/distinfo@1.63 / diff
pkgsrc/lang/go/patches/patch-src_syscall_zsysnum__solaris__amd64.go@1.1 / diff
pkgsrc/lang/go/distinfo@1.63 / diff
pkgsrc/lang/go/patches/patch-src_syscall_zsysnum__solaris__amd64.go@1.1 / diff
lang/go: Add SYS_IOCTL on SunOS. Bump PKGREVISION.
MAIN commitmail json YAML
textproc/link-grammar: Force disable the optional Java bindings. Needs c99.
MAIN commitmail json YAML
doc: Added devel/rebar3 version 3.6.1
MAIN commitmail json YAML
pkgsrc/devel/Makefile@1.2734
/
diff
pkgsrc/devel/rebar3/DESCR@1.1 / diff
pkgsrc/devel/rebar3/Makefile@1.1 / diff
pkgsrc/devel/rebar3/PLIST@1.1 / diff
pkgsrc/devel/rebar3/distinfo@1.1 / diff
pkgsrc/devel/rebar3/DESCR@1.1 / diff
pkgsrc/devel/rebar3/Makefile@1.1 / diff
pkgsrc/devel/rebar3/PLIST@1.1 / diff
pkgsrc/devel/rebar3/distinfo@1.1 / diff
devel/rebar3: Import rebar 3.6.1 as devel/rebar3.
Rebar3 is an Erlang tool that makes it easy to create, develop,
and release Erlang libraries, applications, and systems in
a repeatable manner.
Rebar3 is an Erlang tool that makes it easy to create, develop,
and release Erlang libraries, applications, and systems in
a repeatable manner.
MAIN commitmail json YAML
pkgsrc/lang/erlang/distinfo@1.62
/
diff
pkgsrc/lang/erlang/patches/patch-erts_lib__src_common_erl__printf.c@1.3 / diff
pkgsrc/lang/erlang/patches/patch-erts_lib__src_common_erl__printf.c@1.3 / diff
lang/erlang: Fix patch file, __STDC_VERSION__ might not be defined.
MAIN commitmail json YAML
doc: Updated devel/gradle to 4.10.1
MAIN commitmail json YAML
pkgsrc/devel/gradle/Makefile@1.18
/
diff
pkgsrc/devel/gradle/PLIST@1.13 / diff
pkgsrc/devel/gradle/distinfo@1.14 / diff
pkgsrc/devel/gradle/PLIST@1.13 / diff
pkgsrc/devel/gradle/distinfo@1.14 / diff
devel/gradle: Update to 4.10.1.
This bug-fix release addresses 6 regressions in Gradle 4.10:
- FileTreeElement.getPath() returns absolute system dependent
filepath.
- Up-to-date checks for missing files can be incorrect
- Gradle fails when no incremental compile snapshot data
available.
- Gradle 4.10 incorrect ordering between dependencies of
dependent tasks.
- tasks.withType(ScalaCompile::class.java).configureEach fails
on multi-project builds.
- Double deprecation message when using publishing plugin.
This bug-fix release addresses 6 regressions in Gradle 4.10:
- FileTreeElement.getPath() returns absolute system dependent
filepath.
- Up-to-date checks for missing files can be incorrect
- Gradle fails when no incremental compile snapshot data
available.
- Gradle 4.10 incorrect ordering between dependencies of
dependent tasks.
- tasks.withType(ScalaCompile::class.java).configureEach fails
on multi-project builds.
- Double deprecation message when using publishing plugin.
MAIN commitmail json YAML
doc: Updated security/openssl to 1.0.2p
MAIN commitmail json YAML
pkgsrc/security/openssl/Makefile@1.240
/
diff
pkgsrc/security/openssl/PLIST.common@1.33 / diff
pkgsrc/security/openssl/distinfo@1.133 / diff
pkgsrc/security/openssl/PLIST.common@1.33 / diff
pkgsrc/security/openssl/distinfo@1.133 / diff
security/openssl: Update to 1.0.2p.
- Client DoS due to large DH parameter
During key agreement in a TLS handshake using a DH(E) based ciphersuite a
malicious server can send a very large prime value to the client. This will
cause the client to spend an unreasonably long period of time generating a
key for this prime resulting in a hang until the client has finished. This
could be exploited in a Denial Of Service attack.
This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken
(CVE-2018-0732)
[Guido Vranken]
- Cache timing vulnerability in RSA Key Generation
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to
a cache timing side channel attack. An attacker with sufficient access to
mount cache timing attacks during the RSA key generation process could
recover the private key.
This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
(CVE-2018-0737)
[Billy Brumley]
- Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str
parameter is no longer accepted, as it leads to a corrupt table. NULL
pem_str is reserved for alias entries only.
[Richard Levitte]
- Revert blinding in ECDSA sign and instead make problematic addition
length-invariant. Switch even to fixed-length Montgomery multiplication.
[Andy Polyakov]
- Change generating and checking of primes so that the error rate of not
being prime depends on the intended use based on the size of the input.
For larger primes this will result in more rounds of Miller-Rabin.
The maximal error rate for primes with more than 1080 bits is lowered
to 2^-128.
[Kurt Roeckx, Annie Yousar]
- Increase the number of Miller-Rabin rounds for DSA key generating to 64.
[Kurt Roeckx]
- Add blinding to ECDSA and DSA signatures to protect against side channel
attacks discovered by Keegan Ryan (NCC Group).
[Matt Caswell]
- When unlocking a pass phrase protected PEM file or PKCS#8 container, we
now allow empty (zero character) pass phrases.
[Richard Levitte]
- Certificate time validation (X509_cmp_time) enforces stricter
compliance with RFC 5280. Fractional seconds and timezone offsets
are no longer allowed.
[Emilia Kè¾°sper]
- Client DoS due to large DH parameter
During key agreement in a TLS handshake using a DH(E) based ciphersuite a
malicious server can send a very large prime value to the client. This will
cause the client to spend an unreasonably long period of time generating a
key for this prime resulting in a hang until the client has finished. This
could be exploited in a Denial Of Service attack.
This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken
(CVE-2018-0732)
[Guido Vranken]
- Cache timing vulnerability in RSA Key Generation
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to
a cache timing side channel attack. An attacker with sufficient access to
mount cache timing attacks during the RSA key generation process could
recover the private key.
This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
(CVE-2018-0737)
[Billy Brumley]
- Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str
parameter is no longer accepted, as it leads to a corrupt table. NULL
pem_str is reserved for alias entries only.
[Richard Levitte]
- Revert blinding in ECDSA sign and instead make problematic addition
length-invariant. Switch even to fixed-length Montgomery multiplication.
[Andy Polyakov]
- Change generating and checking of primes so that the error rate of not
being prime depends on the intended use based on the size of the input.
For larger primes this will result in more rounds of Miller-Rabin.
The maximal error rate for primes with more than 1080 bits is lowered
to 2^-128.
[Kurt Roeckx, Annie Yousar]
- Increase the number of Miller-Rabin rounds for DSA key generating to 64.
[Kurt Roeckx]
- Add blinding to ECDSA and DSA signatures to protect against side channel
attacks discovered by Keegan Ryan (NCC Group).
[Matt Caswell]
- When unlocking a pass phrase protected PEM file or PKCS#8 container, we
now allow empty (zero character) pass phrases.
[Richard Levitte]
- Certificate time validation (X509_cmp_time) enforces stricter
compliance with RFC 5280. Fractional seconds and timezone offsets
are no longer allowed.
[Emilia Kè¾°sper]
MAIN commitmail json YAML
doc: Updated lang/nodejs8 to 8.12.0
MAIN commitmail json YAML
pkgsrc/lang/nodejs8/Makefile@1.17
/
diff
pkgsrc/lang/nodejs8/distinfo@1.14 / diff
pkgsrc/lang/nodejs8/patches/patch-src_inspector__io.cc deleted
pkgsrc/lang/nodejs8/patches/patch-src_node__crypto.cc deleted
pkgsrc/lang/nodejs8/patches/patch-src_node__i18n.cc deleted
pkgsrc/lang/nodejs8/distinfo@1.14 / diff
pkgsrc/lang/nodejs8/patches/patch-src_inspector__io.cc deleted
pkgsrc/lang/nodejs8/patches/patch-src_node__crypto.cc deleted
pkgsrc/lang/nodejs8/patches/patch-src_node__i18n.cc deleted
lang/nodejs8: Update to 8.12.0.
- async_hooks:
- rename PromiseWrap.parentId
- remove runtime deprecation
- deprecate unsafe emit{Before,After}
- cluster:
- add cwd to cluster.settings
- support windowsHide option for workers
- crypto:
- allow passing null as IV unless required
- deps:
- upgrade npm to 6.4.1
- upgrade libuv to 1.19.2
- Upgrade node-inspect to 1.11.5
- fs,net:
- support as and as+ flags in stringToFlags()
- emit 'ready' for fs streams and sockets
- http, http2:
- add options to http.createServer()
- add 103 Early Hints status code
- add http fallback options to .createServer
- n-api:
- take n-api out of experimental
- perf_hooks:
- add warning when too many entries in the timeline
- src:
- add public API for managing NodePlatform
- allow --perf-(basic-)?prof in NODE\_OPTIONS
- node internals' postmortem metadata
- tls:
- expose Finished messages in TLSSocket
- trace_events:
- add file pattern cli option
- util:
- implement util.getSystemErrorName()
- async_hooks:
- rename PromiseWrap.parentId
- remove runtime deprecation
- deprecate unsafe emit{Before,After}
- cluster:
- add cwd to cluster.settings
- support windowsHide option for workers
- crypto:
- allow passing null as IV unless required
- deps:
- upgrade npm to 6.4.1
- upgrade libuv to 1.19.2
- Upgrade node-inspect to 1.11.5
- fs,net:
- support as and as+ flags in stringToFlags()
- emit 'ready' for fs streams and sockets
- http, http2:
- add options to http.createServer()
- add 103 Early Hints status code
- add http fallback options to .createServer
- n-api:
- take n-api out of experimental
- perf_hooks:
- add warning when too many entries in the timeline
- src:
- add public API for managing NodePlatform
- allow --perf-(basic-)?prof in NODE\_OPTIONS
- node internals' postmortem metadata
- tls:
- expose Finished messages in TLSSocket
- trace_events:
- add file pattern cli option
- util:
- implement util.getSystemErrorName()
MAIN commitmail json YAML
geography/libmaxminddb: Add buildlink3.mk
MAIN commitmail json YAML
doc: Added geography/libmaxminddb version 1.3.2
MAIN commitmail json YAML
pkgsrc/geography/Makefile@1.68
/
diff
pkgsrc/geography/libmaxminddb/DESCR@1.1 / diff
pkgsrc/geography/libmaxminddb/Makefile@1.1 / diff
pkgsrc/geography/libmaxminddb/PLIST@1.1 / diff
pkgsrc/geography/libmaxminddb/distinfo@1.1 / diff
pkgsrc/geography/libmaxminddb/DESCR@1.1 / diff
pkgsrc/geography/libmaxminddb/Makefile@1.1 / diff
pkgsrc/geography/libmaxminddb/PLIST@1.1 / diff
pkgsrc/geography/libmaxminddb/distinfo@1.1 / diff
geography/libmaxminddb: Import libmaxminddb 1.3.2.
The libmaxminddb library provides a C library for reading MaxMind
DB files, including the GeoIP2 databases from MaxMind.
The libmaxminddb library provides a C library for reading MaxMind
DB files, including the GeoIP2 databases from MaxMind.
MAIN commitmail json YAML
doc: Updated fonts/fntsample to 5.2
MAIN commitmail json YAML
fonts/fntsample: Update to 5.2.
Changes in version 5.2
- Fix handling of non-ASCII characters in pdfoutline
Changes in version 5.1
- Make writing outlines with Cairo actually work
- Fix typos
Changes in version 5.0
- Add command line flag that allows to use pango for text layout
- Add possiblility to create PDF outline directly using cairo
- Switch to CMake as build system
- Add command line flag for loading Unicode blocks file during runtime.
Changes in version 5.2
- Fix handling of non-ASCII characters in pdfoutline
Changes in version 5.1
- Make writing outlines with Cairo actually work
- Fix typos
Changes in version 5.0
- Add command line flag that allows to use pango for text layout
- Add possiblility to create PDF outline directly using cairo
- Switch to CMake as build system
- Add command line flag for loading Unicode blocks file during runtime.
MAIN commitmail json YAML
doc: Added devel/xxhash version 0.6.5
MAIN commitmail json YAML
pkgsrc/devel/Makefile@1.2728
/
diff
pkgsrc/devel/xxhash/DESCR@1.1 / diff
pkgsrc/devel/xxhash/Makefile@1.1 / diff
pkgsrc/devel/xxhash/PLIST@1.1 / diff
pkgsrc/devel/xxhash/buildlink3.mk@1.1 / diff
pkgsrc/devel/xxhash/distinfo@1.1 / diff
pkgsrc/devel/xxhash/DESCR@1.1 / diff
pkgsrc/devel/xxhash/Makefile@1.1 / diff
pkgsrc/devel/xxhash/PLIST@1.1 / diff
pkgsrc/devel/xxhash/buildlink3.mk@1.1 / diff
pkgsrc/devel/xxhash/distinfo@1.1 / diff
devel/xxhash: Import xxhash 0.6.5.
xxHash is an Extremely fast Hash algorithm, running at RAM speed
limits. It successfully completes the SMHasher test suite which
evaluates collision, dispersion and randomness qualities of hash
functions.
xxHash is an Extremely fast Hash algorithm, running at RAM speed
limits. It successfully completes the SMHasher test suite which
evaluates collision, dispersion and randomness qualities of hash
functions.
MAIN commitmail json YAML
doc: Updated databases/py-cassandra-driver to 3.15.1
MAIN commitmail json YAML
pkgsrc/databases/py-cassandra-driver/Makefile@1.26
/
diff
pkgsrc/databases/py-cassandra-driver/distinfo@1.26 / diff
pkgsrc/databases/py-cassandra-driver/distinfo@1.26 / diff
databases/py-cassandra-driver: Update to 3.15.1.
- C* 4.0 schema-parsing logic breaks running against DSE 6.0.X
- C* 4.0 schema-parsing logic breaks running against DSE 6.0.X
MAIN commitmail json YAML
doc: Updated net/py-lexicon to 2.7.2
MAIN commitmail json YAML
net/py-lexicon: Update to 2.7.2.
2.7.2
- Update online cassette
- online api change: domain_id became simply domain name
2.7.1
- Remove route53 tests, boto recordings no longer work.
- Create a library unit test suite
- [Gehirn Web Service] fix 400 response on GET request
- Update setup.py adding cryptography to the setup.py file
- Use ImportError instead of subclass ModuleNotFoundError, which is
supported only by python 3.6
2.7.2
- Update online cassette
- online api change: domain_id became simply domain name
2.7.1
- Remove route53 tests, boto recordings no longer work.
- Create a library unit test suite
- [Gehirn Web Service] fix 400 response on GET request
- Update setup.py adding cryptography to the setup.py file
- Use ImportError instead of subclass ModuleNotFoundError, which is
supported only by python 3.6
MAIN commitmail json YAML
doc: Updated security/hitch to 1.4.8
MAIN commitmail json YAML
pkgsrc/security/hitch/Makefile@1.7
/
diff
pkgsrc/security/hitch/distinfo@1.8 / diff
pkgsrc/security/hitch/patches/patch-hitch.conf.example@1.3 / diff
pkgsrc/security/hitch/distinfo@1.8 / diff
pkgsrc/security/hitch/patches/patch-hitch.conf.example@1.3 / diff
security/hitch: Update to 1.4.8.
hitch-1.4.8 (2018-04-19)
------------------------
- Reworked the dynamic backend bits.
- Update docs to recommend running Hitch as a separate non-privileged
user.
hitch-1.4.7 (2018-01-11)
------------------------
- Massive test suite refactor and update.
- Fix OpenBSD/FreeBSD/POSIX portability issues: restrict fstat(1) to
OpenBSD, bring sockstat(1) support back, drop pathchk(1) usage in
the test suite, switch from sockstat(1) to fstat(1)
- Add an OCSP refresh timeout parameter
- Autotools polish
- Random usage of config section if reduntant
- Support for separate key files
- Fix logging to syslog even when set to syslog = off
- Making log-filename, recv-bufsize and send-bufsize parameters
available though command line and config file.
- Fix: global backaddr is assumed to be static
- Add support for session-cache in config file and as cmdline option
- Plug file descriptor leak: killing worker processes would leave the
pipe's write end open, leaking one file descriptor per worker upon
reload
hitch-1.4.8 (2018-04-19)
------------------------
- Reworked the dynamic backend bits.
- Update docs to recommend running Hitch as a separate non-privileged
user.
hitch-1.4.7 (2018-01-11)
------------------------
- Massive test suite refactor and update.
- Fix OpenBSD/FreeBSD/POSIX portability issues: restrict fstat(1) to
OpenBSD, bring sockstat(1) support back, drop pathchk(1) usage in
the test suite, switch from sockstat(1) to fstat(1)
- Add an OCSP refresh timeout parameter
- Autotools polish
- Random usage of config section if reduntant
- Support for separate key files
- Fix logging to syslog even when set to syslog = off
- Making log-filename, recv-bufsize and send-bufsize parameters
available though command line and config file.
- Fix: global backaddr is assumed to be static
- Add support for session-cache in config file and as cmdline option
- Plug file descriptor leak: killing worker processes would leave the
pipe's write end open, leaking one file descriptor per worker upon
reload
MAIN commitmail json YAML
mail/rspamd: Clean up temp testing flags
MAIN commitmail json YAML
doc: Updated lang/npm to 6.4.1
MAIN commitmail json YAML
pkgsrc/lang/npm/Makefile@1.13
/
diff
pkgsrc/lang/npm/PLIST@1.6 / diff
pkgsrc/lang/npm/distinfo@1.9 / diff
pkgsrc/lang/npm/PLIST@1.6 / diff
pkgsrc/lang/npm/distinfo@1.9 / diff
lang/npm: Update to 6.4.1.
6.4.1
BUGFIXES
- Prevent blowing up on malformed responses from the npm audit
endpoint, such as with third-party registries.
- Fix NO_PROXY support by renaming npm-side config to --noproxy. The
environment variable should still work.
- Disable update-notifier checks when a CI environment is detected.
- Fix issue where postpack scripts would break if pack was used with
--dry-run.
DEPENDENCY BUMPS
- figgy-pudding@3.4.1
- cacache@11.2.0
- npm-packlist@1.1.11
- libcipm@2.0.2
- JSONStream@1.3.4
- npm-lifecycle@2.1.0
- npm-registry-client@8.6.0
- opener@1.5.0
- request@2.88.0
- tacks@1.2.7
- ci-info@1.4.0
- marked@0.5.0
DOCUMENTATION
- Mention registry terms of use in manpage and registry docs and
update language in README for it.
- Add documentation for --dry-run in install and pack docs.
- Update republish time and lightly reorganize republish info.
- Correct npm@6.4.0 release date in changelog.
- Align command descriptions in help text.
6.4.0
NEW FEATURES
- Search for authentication token defined by environment variables by
preventing the translation layer from env variable to npm option
from breaking :_authToken.
- Stop filtering out non-IPv4 addresses from local-addrs, making npm
actually use IPv6 addresses when it must.
- Configurable audit level for non-zero exit npm audit currently exits
with exit code 1 if any vulnerabilities are found of any level. Add
a flag of --audit-level to npm audit to allow it to pass if only
vulnerabilities below a certain level are found. Example: npm audit
--audit-level=high will exit with 0 if only low or moderate level
vulns are detected.
BUGFIXES
- Don't check for updates to npm when we are updating npm itself.
6.4.1
BUGFIXES
- Prevent blowing up on malformed responses from the npm audit
endpoint, such as with third-party registries.
- Fix NO_PROXY support by renaming npm-side config to --noproxy. The
environment variable should still work.
- Disable update-notifier checks when a CI environment is detected.
- Fix issue where postpack scripts would break if pack was used with
--dry-run.
DEPENDENCY BUMPS
- figgy-pudding@3.4.1
- cacache@11.2.0
- npm-packlist@1.1.11
- libcipm@2.0.2
- JSONStream@1.3.4
- npm-lifecycle@2.1.0
- npm-registry-client@8.6.0
- opener@1.5.0
- request@2.88.0
- tacks@1.2.7
- ci-info@1.4.0
- marked@0.5.0
DOCUMENTATION
- Mention registry terms of use in manpage and registry docs and
update language in README for it.
- Add documentation for --dry-run in install and pack docs.
- Update republish time and lightly reorganize republish info.
- Correct npm@6.4.0 release date in changelog.
- Align command descriptions in help text.
6.4.0
NEW FEATURES
- Search for authentication token defined by environment variables by
preventing the translation layer from env variable to npm option
from breaking :_authToken.
- Stop filtering out non-IPv4 addresses from local-addrs, making npm
actually use IPv6 addresses when it must.
- Configurable audit level for non-zero exit npm audit currently exits
with exit code 1 if any vulnerabilities are found of any level. Add
a flag of --audit-level to npm audit to allow it to pass if only
vulnerabilities below a certain level are found. Example: npm audit
--audit-level=high will exit with 0 if only low or moderate level
vulns are detected.
BUGFIXES
- Don't check for updates to npm when we are updating npm itself.
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.10.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.10.0.
- child_process:
- `TypedArray` and `DataView` values are now accepted as input by
`execFileSync` and `spawnSync`.
- coverage:
- Native V8 code coverage information can now be output to disk by
setting the environment variable `NODE_V8_COVERAGE` to a directory.
- fs:
- The methods `fs.read`, `fs.readSync`, `fs.write`, `fs.writeSync`,
`fs.writeFile` and `fs.writeFileSync` now all accept `TypedArray`
and `DataView` objects.
- A new boolean option, `withFileTypes`, can be passed to to
`fs.readdir` and `fs.readdirSync`. If set to true, the methods
return an array of directory entries. These are objects that can
be used to determine the type of each entry and filter them based
on that without calling `fs.stat`.
- http2:
- The `http2` module is no longer experimental.
- os:
- Added two new methods: `os.getPriority` and `os.setPriority`,
allowing to manipulate the scheduling priority of processes.
- process:
- Added `process.allowedNodeEnvironmentFlags`. This object can be
used to programmatically validate and list flags that are allowed
in the `NODE_OPTIONS` environment variable.
- src:
- Deprecated option variables in public C++ API.
- Refactored options parsing.
- vm:
- Added `vm.compileFunction`, a method to create new JavaScript
functions from a source body, with options similar to those of
the other `vm` methods.
- child_process:
- `TypedArray` and `DataView` values are now accepted as input by
`execFileSync` and `spawnSync`.
- coverage:
- Native V8 code coverage information can now be output to disk by
setting the environment variable `NODE_V8_COVERAGE` to a directory.
- fs:
- The methods `fs.read`, `fs.readSync`, `fs.write`, `fs.writeSync`,
`fs.writeFile` and `fs.writeFileSync` now all accept `TypedArray`
and `DataView` objects.
- A new boolean option, `withFileTypes`, can be passed to to
`fs.readdir` and `fs.readdirSync`. If set to true, the methods
return an array of directory entries. These are objects that can
be used to determine the type of each entry and filter them based
on that without calling `fs.stat`.
- http2:
- The `http2` module is no longer experimental.
- os:
- Added two new methods: `os.getPriority` and `os.setPriority`,
allowing to manipulate the scheduling priority of processes.
- process:
- Added `process.allowedNodeEnvironmentFlags`. This object can be
used to programmatically validate and list flags that are allowed
in the `NODE_OPTIONS` environment variable.
- src:
- Deprecated option variables in public C++ API.
- Refactored options parsing.
- vm:
- Added `vm.compileFunction`, a method to create new JavaScript
functions from a source body, with options similar to those of
the other `vm` methods.
MAIN commitmail json YAML
doc: Updated mail/rspamd to 1.7.9
MAIN commitmail json YAML
pkgsrc/mail/rspamd/Makefile@1.46
/
diff
pkgsrc/mail/rspamd/PLIST@1.14 / diff
pkgsrc/mail/rspamd/cfgfiles.mk@1.1 / diff
pkgsrc/mail/rspamd/distinfo@1.26 / diff
pkgsrc/mail/rspamd/patches/patch-src_lua_lua__task.c@1.3 / diff
pkgsrc/mail/rspamd/patches/patch-test_CMakeLists.txt@1.1 / diff
pkgsrc/mail/rspamd/PLIST@1.14 / diff
pkgsrc/mail/rspamd/cfgfiles.mk@1.1 / diff
pkgsrc/mail/rspamd/distinfo@1.26 / diff
pkgsrc/mail/rspamd/patches/patch-src_lua_lua__task.c@1.3 / diff
pkgsrc/mail/rspamd/patches/patch-test_CMakeLists.txt@1.1 / diff
mail/rspamd: Update to 1.7.9.
- Fix missing config files (pkg/53577).
The most important features and fixes
- Ratelimits are reworked and now work as intended (and documented)
- Clickhouse module supports data retention policies
- Reworked C modules to avoid global contexts (simplifies leaks
detection on reload)
- Reputation plugin now supports SPF records reputation
- WebUI code is now even more conformant to the modern JS standards
- Maps are now distributed remotely with local file safety fallback to
allow faster maps update without waiting for a new release
- Antivirus module checks attachments only (as decoded content) in
attachments_only mode to improve AV performance by hiding the mime
content from them
Full list of the meaningful changes
- [CritFix] Fix caseless comparison of equal length strings
- [Feature] Add HTTP basic auth support to elastic and clickhouse
plugins
- [Feature] Add SPF selector to reputation
- [Feature] Add support of the fallback backends for HTTP maps
- [Feature] Allow to print full mime structure when extracting mime
data
- [Feature] Allow to split symbols in reputation plugin
- [Feature] Check attachments only on AV scanners in attachments_only
mode
- [Feature] Disable all SSL checks if ssl_no_verify flag is set
- [Feature] Implement parsing of scoped IPv6 addresses
- [Feature] Improve rspamc counters output
- [Fix] Add sanity checks when expanding SPF macros
- [Fix] Allow to parse SA rules with no spaces around =~ (dirty hack)
- [Fix] Avoid one extra byte writing
- [Fix] Deal with direct hash table
- [Fix] Detect empty text part as text, not HTML
- [Fix] Do not reduce map watch timeout for mixed http/file maps
- [Fix] Fix HTML part detection heuristic
- [Fix] Fix double free in redirectors cleanup
- [Fix] Fix legacy history handling in the controller
- [Fix] Fix messages insertion
- [Fix] Fix sending string method
- [Fix] Fix statconver command line arguments
- [Fix] Fixed argument checking for being null
- [Fix] Fixed issues reported by luacheck
- [Fix] Freeze updates queue when do actual storage update
- [Fix] HTTP map hash is per-backend and not per-map
- [Fix] Plug memory leak in fuzzy updates
- [Fix] Prefer 'MTA-Name' when producing authentication results
- [Fix] Replace bad unicode sequences instead of stopping on them
- [Fix] Set classifier version on learning
- [Project] Reworked ratelimits
- [Project] Apply topological sorting for symbols in Rspamd
- [Project] Remove global contexts from C modules
- [Project] Move performance critical hash tables to khash
- [WebUI] Avoid unused indexes
- [WebUI] Do not execute on_success callback
- [WebUI] Fix history reset for "All SERVERS" (#2346)
- [WebUI] Fix query URL for selected server
- [WebUI] Fix symbols display in legacy history,
- [WebUI] Hide symbols order selector for legacy history
- [WebUI] Refactor query functions into one
- [WebUI] Remove previously-attached event handlers
- [WebUI] Save symbols to the selected server
- [WebUI] Unify arguments of query functions
- [WebUI] Use common query functions to get graph data
- [WebUI] Use common query functions to save symbols
- Fix missing config files (pkg/53577).
The most important features and fixes
- Ratelimits are reworked and now work as intended (and documented)
- Clickhouse module supports data retention policies
- Reworked C modules to avoid global contexts (simplifies leaks
detection on reload)
- Reputation plugin now supports SPF records reputation
- WebUI code is now even more conformant to the modern JS standards
- Maps are now distributed remotely with local file safety fallback to
allow faster maps update without waiting for a new release
- Antivirus module checks attachments only (as decoded content) in
attachments_only mode to improve AV performance by hiding the mime
content from them
Full list of the meaningful changes
- [CritFix] Fix caseless comparison of equal length strings
- [Feature] Add HTTP basic auth support to elastic and clickhouse
plugins
- [Feature] Add SPF selector to reputation
- [Feature] Add support of the fallback backends for HTTP maps
- [Feature] Allow to print full mime structure when extracting mime
data
- [Feature] Allow to split symbols in reputation plugin
- [Feature] Check attachments only on AV scanners in attachments_only
mode
- [Feature] Disable all SSL checks if ssl_no_verify flag is set
- [Feature] Implement parsing of scoped IPv6 addresses
- [Feature] Improve rspamc counters output
- [Fix] Add sanity checks when expanding SPF macros
- [Fix] Allow to parse SA rules with no spaces around =~ (dirty hack)
- [Fix] Avoid one extra byte writing
- [Fix] Deal with direct hash table
- [Fix] Detect empty text part as text, not HTML
- [Fix] Do not reduce map watch timeout for mixed http/file maps
- [Fix] Fix HTML part detection heuristic
- [Fix] Fix double free in redirectors cleanup
- [Fix] Fix legacy history handling in the controller
- [Fix] Fix messages insertion
- [Fix] Fix sending string method
- [Fix] Fix statconver command line arguments
- [Fix] Fixed argument checking for being null
- [Fix] Fixed issues reported by luacheck
- [Fix] Freeze updates queue when do actual storage update
- [Fix] HTTP map hash is per-backend and not per-map
- [Fix] Plug memory leak in fuzzy updates
- [Fix] Prefer 'MTA-Name' when producing authentication results
- [Fix] Replace bad unicode sequences instead of stopping on them
- [Fix] Set classifier version on learning
- [Project] Reworked ratelimits
- [Project] Apply topological sorting for symbols in Rspamd
- [Project] Remove global contexts from C modules
- [Project] Move performance critical hash tables to khash
- [WebUI] Avoid unused indexes
- [WebUI] Do not execute on_success callback
- [WebUI] Fix history reset for "All SERVERS" (#2346)
- [WebUI] Fix query URL for selected server
- [WebUI] Fix symbols display in legacy history,
- [WebUI] Hide symbols order selector for legacy history
- [WebUI] Refactor query functions into one
- [WebUI] Remove previously-attached event handlers
- [WebUI] Save symbols to the selected server
- [WebUI] Unify arguments of query functions
- [WebUI] Use common query functions to get graph data
- [WebUI] Use common query functions to save symbols
MAIN commitmail json YAML
doc: Updated security/vault to 0.11.1
MAIN commitmail json YAML
security/vault: Update to 0.11.1.
SECURITY:
- Random Byte Reading in Barrier: Prior to this release, Vault was not
properly checking the error code when reading random bytes for the IV for
AES operations in its cryptographic barrier. Specifically, this means that
such an IV could potentially be zero multiple times, causing nonce re-use
and weakening the security of the key. On most platforms this should never
happen because reading from kernel random sources is non-blocking and always
successful, but there may be platform-specific behavior that has not been
accounted for. (Vault has tests to check exactly this, and the tests have
never seen nonce re-use.)
FEATURES:
- AliCloud Agent Support: Vault Agent can now authenticate against the
AliCloud auth method.
- UI: Enable AliCloud auth method and Azure secrets engine via the UI.
IMPROVEMENTS:
- core: Logging level for most logs (not including secrets/auth plugins) can
now be changed on-the-fly via `SIGHUP`, reading the desired value from
Vault's config file
BUG FIXES:
- core: Ensure we use a background context when stepping down
- core: Properly check error return from random byte reading
- core: Re-add `sys/` top-route injection for now
- core: Properly store the replication checkpoint file if it's larger than the
storage engine's per-item limit
- identity: Update MemDB with identity group alias while loading groups
- secrets/database: Fix nil pointer when revoking some leases
- secrets/pki: Fix sign-verbatim losing extra Subject attributes
- secrets/pki: Remove certificates from store when tidying revoked
certificates and simplify API
- ui: JSON editor will not coerce input to an object, and will now show an
error about Vault expecting an object
- ui: authentication form will now default to any methods that have been tuned
to show up for unauthenticated users
SECURITY:
- Random Byte Reading in Barrier: Prior to this release, Vault was not
properly checking the error code when reading random bytes for the IV for
AES operations in its cryptographic barrier. Specifically, this means that
such an IV could potentially be zero multiple times, causing nonce re-use
and weakening the security of the key. On most platforms this should never
happen because reading from kernel random sources is non-blocking and always
successful, but there may be platform-specific behavior that has not been
accounted for. (Vault has tests to check exactly this, and the tests have
never seen nonce re-use.)
FEATURES:
- AliCloud Agent Support: Vault Agent can now authenticate against the
AliCloud auth method.
- UI: Enable AliCloud auth method and Azure secrets engine via the UI.
IMPROVEMENTS:
- core: Logging level for most logs (not including secrets/auth plugins) can
now be changed on-the-fly via `SIGHUP`, reading the desired value from
Vault's config file
BUG FIXES:
- core: Ensure we use a background context when stepping down
- core: Properly check error return from random byte reading
- core: Re-add `sys/` top-route injection for now
- core: Properly store the replication checkpoint file if it's larger than the
storage engine's per-item limit
- identity: Update MemDB with identity group alias while loading groups
- secrets/database: Fix nil pointer when revoking some leases
- secrets/pki: Fix sign-verbatim losing extra Subject attributes
- secrets/pki: Remove certificates from store when tidying revoked
certificates and simplify API
- ui: JSON editor will not coerce input to an object, and will now show an
error about Vault expecting an object
- ui: authentication form will now default to any methods that have been tuned
to show up for unauthenticated users
MAIN commitmail json YAML
doc: Updated security/py-certbot to 0.27.0
MAIN commitmail json YAML
pkgsrc/security/py-certbot-dns-rfc2136/Makefile@1.2
/
diff
pkgsrc/security/py-certbot-dns-rfc2136/PLIST@1.2 / diff
pkgsrc/security/py-certbot-dns-rfc2136/PLIST@1.2 / diff
security/py-certbot-dns-rfc2136: Fix EGG_NAME.
MAIN commitmail json YAML
pkgsrc/security/py-acme/Makefile@1.12
/
diff
pkgsrc/security/py-certbot/Makefile.common@1.28 / diff
pkgsrc/security/py-certbot/distinfo@1.27 / diff
pkgsrc/security/py-certbot/Makefile.common@1.28 / diff
pkgsrc/security/py-certbot/distinfo@1.27 / diff
py-{acme,certbot}: Update to 0.27.0.
## 0.27.0 - 2018-09-05
### Added
- The Apache plugin now accepts the parameter --apache-ctl which can
be used to configure the path to the Apache control script.
### Changed
- When using `acme.client.ClientV2` (or
`acme.client.BackwardsCompatibleClientV2` with an ACME server that
supports a newer version of the ACME protocol), an
`acme.errors.ConflictError` will be raised if you try to create
an ACME account with a key that has already been used. Previously,
a JSON parsing error was raised in this scenario when using the
library with Let's Encrypt's ACMEv2 endpoint.
### Fixed
- When Apache is not installed, Certbot's Apache plugin no longer
prints messages about being unable to find apachectl to the
terminal when the plugin is not selected.
- If you're using the Apache plugin with the --apache-vhost-root flag
set to a directory containing a disabled virtual host for the
domain you're requesting a certificate for, the virtual host will
now be temporarily enabled if necessary to pass the HTTP challenge.
- The documentation for the Certbot package can now be built using
Sphinx 1.6+.
- You can now call `query_registration` without having to first call
`new_account` on `acme.client.ClientV2` objects.
- The requirement of `setuptools>=1.0` has been removed from
`certbot-dns-ovh`.
- Names in certbot-dns-sakuracloud's tests have been updated to refer
to Sakura Cloud rather than NS1 whose plugin certbot-dns-sakuracloud
was based on.
## 0.26.1 - 2018-07-17
### Fixed
- Fix a bug that was triggered when users who had previously manually
set `--server` to get ACMEv2 certs tried to renew ACMEv1 certs.
## 0.27.0 - 2018-09-05
### Added
- The Apache plugin now accepts the parameter --apache-ctl which can
be used to configure the path to the Apache control script.
### Changed
- When using `acme.client.ClientV2` (or
`acme.client.BackwardsCompatibleClientV2` with an ACME server that
supports a newer version of the ACME protocol), an
`acme.errors.ConflictError` will be raised if you try to create
an ACME account with a key that has already been used. Previously,
a JSON parsing error was raised in this scenario when using the
library with Let's Encrypt's ACMEv2 endpoint.
### Fixed
- When Apache is not installed, Certbot's Apache plugin no longer
prints messages about being unable to find apachectl to the
terminal when the plugin is not selected.
- If you're using the Apache plugin with the --apache-vhost-root flag
set to a directory containing a disabled virtual host for the
domain you're requesting a certificate for, the virtual host will
now be temporarily enabled if necessary to pass the HTTP challenge.
- The documentation for the Certbot package can now be built using
Sphinx 1.6+.
- You can now call `query_registration` without having to first call
`new_account` on `acme.client.ClientV2` objects.
- The requirement of `setuptools>=1.0` has been removed from
`certbot-dns-ovh`.
- Names in certbot-dns-sakuracloud's tests have been updated to refer
to Sakura Cloud rather than NS1 whose plugin certbot-dns-sakuracloud
was based on.
## 0.26.1 - 2018-07-17
### Fixed
- Fix a bug that was triggered when users who had previously manually
set `--server` to get ACMEv2 certs tried to renew ACMEv1 certs.
MAIN commitmail json YAML
doc: Updated databases/elasticsearch to 6.4.0
MAIN commitmail json YAML
pkgsrc/databases/elasticsearch/Makefile@1.47
/
diff
pkgsrc/databases/elasticsearch/PLIST@1.28 / diff
pkgsrc/databases/elasticsearch/PLIST.Darwin-x86_64@1.1 / diff
pkgsrc/databases/elasticsearch/PLIST.Linux-x86_64@1.1 / diff
pkgsrc/databases/elasticsearch/distinfo@1.48 / diff
pkgsrc/databases/elasticsearch/PLIST@1.28 / diff
pkgsrc/databases/elasticsearch/PLIST.Darwin-x86_64@1.1 / diff
pkgsrc/databases/elasticsearch/PLIST.Linux-x86_64@1.1 / diff
pkgsrc/databases/elasticsearch/distinfo@1.48 / diff
databases/elasticsearch: Update to 6.4.0.
6.4.0 release highlights
Analysis
- Option to index phrases on text fields
- Korean analysis tools
- Add multiplexing token filter
Machine learning
- Improve your machine learning results with custom rules
- The {ml} analytics can now detect specific change points in a time
series
Mappings
- alias field type
- _ignored meta field
Rank Eval API
- Expected Reciprocal Rank metric for Rank Eval API
Search
- Cross Cluster Search will no longer use dedicated master nodes as
gateway nodes
- Format option for doc_value fields
- Support second level of field collapse
Security
- Kerberos authentication support is now available
- {es} now offers a FIPS 140-2 compliant mode
6.3.0 release highlights
- SQL: This experimental feature enables users who are familiar with
SQL to use SQL statements to query {es} indices.
- Rollups: This experimental feature enables you to summarize and
store historical data so that is still available for analysis, but
consumes significantly less storage space.
- Java 10 Support
For full releases since 6.2.4 please see
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.3.1.html
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.3.2.html
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.3.0.html
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.4.0.html
6.4.0 release highlights
Analysis
- Option to index phrases on text fields
- Korean analysis tools
- Add multiplexing token filter
Machine learning
- Improve your machine learning results with custom rules
- The {ml} analytics can now detect specific change points in a time
series
Mappings
- alias field type
- _ignored meta field
Rank Eval API
- Expected Reciprocal Rank metric for Rank Eval API
Search
- Cross Cluster Search will no longer use dedicated master nodes as
gateway nodes
- Format option for doc_value fields
- Support second level of field collapse
Security
- Kerberos authentication support is now available
- {es} now offers a FIPS 140-2 compliant mode
6.3.0 release highlights
- SQL: This experimental feature enables users who are familiar with
SQL to use SQL statements to query {es} indices.
- Rollups: This experimental feature enables you to summarize and
store historical data so that is still available for analysis, but
consumes significantly less storage space.
- Java 10 Support
For full releases since 6.2.4 please see
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.3.1.html
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.3.2.html
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.3.0.html
https://www.elastic.co/guide/en/elasticsearch/reference/6.4/release-notes-6.4.0.html
MAIN commitmail json YAML
doc: Updated security/duo-unix to 1.10.4
MAIN commitmail json YAML
security/duo-unix: Update to 1.10.4.
duo_unix-1.10.4:
- Removed failmode decision from auth endpoint and moved it to only
preauth according to standards in our other integrations
- Updated Duo Unix to speak up to TLS 1.2
- Support for LibreSSL 2.7.0 and up
- Minor memory leak fixes
- Output message when user is locked out
duo_unix-1.10.3:
- Added support for http_proxy with SELinux enabled
duo_unix-1.10.2:
- Added default failmode values in config files
duo_unix-1.10.4:
- Removed failmode decision from auth endpoint and moved it to only
preauth according to standards in our other integrations
- Updated Duo Unix to speak up to TLS 1.2
- Support for LibreSSL 2.7.0 and up
- Minor memory leak fixes
- Output message when user is locked out
duo_unix-1.10.3:
- Added support for http_proxy with SELinux enabled
duo_unix-1.10.2:
- Added default failmode values in config files
MAIN commitmail json YAML
doc: Updated devel/gradle to 4.10
MAIN commitmail json YAML
pkgsrc/devel/gradle/Makefile@1.17
/
diff
pkgsrc/devel/gradle/PLIST@1.12 / diff
pkgsrc/devel/gradle/distinfo@1.13 / diff
pkgsrc/devel/gradle/PLIST@1.12 / diff
pkgsrc/devel/gradle/distinfo@1.13 / diff
devel/gradle: Update to 4.10.0.
- Improved incremental Java compiler.
- Periodically clean up unused /caches under GRADLE_USER_HOME and
project root directories.
- Kotlin DSL version 1.0 RC3.
- Configuration avoidance, buildSrc refactoring propagation to the
IDE, and lots of DSL polish.
- You can now use SNAPSHOT plugin versions with the plugins {} and
pluginManagement {} blocks.
- Included builds can now be nested.
- Improved incremental Java compiler.
- Periodically clean up unused /caches under GRADLE_USER_HOME and
project root directories.
- Kotlin DSL version 1.0 RC3.
- Configuration avoidance, buildSrc refactoring propagation to the
IDE, and lots of DSL polish.
- You can now use SNAPSHOT plugin versions with the plugins {} and
pluginManagement {} blocks.
- Included builds can now be nested.
MAIN commitmail json YAML
doc: Updated lang/elixir to 1.7.3
MAIN commitmail json YAML
pkgsrc/lang/elixir/Makefile@1.8
/
diff
pkgsrc/lang/elixir/PLIST@1.3 / diff
pkgsrc/lang/elixir/distinfo@1.8 / diff
pkgsrc/lang/elixir/PLIST@1.3 / diff
pkgsrc/lang/elixir/distinfo@1.8 / diff
lang/elixir: Update to 1.7.3.
v1.7.3
======
1. Bug fixes
ExUnit
- [ExUnit.Assertions] Do not attempt to expand `try/1` as it is a
special form
Mix
- [mix compile.app] Do not include applications with `runtime: false`
as a runtime dependency for applications coming from Hex
v1.7.2
======
1. Bug fixes
Elixir
- [DateTime] Take negative years into account in
`DateTime.from_iso8601/1`
- [Kernel] Do not emit warnings for repeated docs over different
clauses due to false positives
Mix
- [mix compile] Properly mark top-level dependencies as optional and
as runtime. This fixes a bug where Mix attempted to start optional
dependencies of a package when those optional dependencies were not
available
- [mix compile] Avoid deadlock when a config has a timestamp later
than current time
- [mix help] Show task and alias help when both are available
- [mix test] Do not fail suite if there are no test files
v1.7.1
======
1. Bug fixes
Elixir
- [Calendar] Work-around a Dialyzer bug that causes it to loop for a
long time, potentially indefinitely
v1.7.0
======
1. Enhancements
Elixir
- [Calendar.ISO] Support negative dates in `Calendar.ISO`
- [Calendar] Add `Calendar.months_in_year/1` callback
- [Code] Add `Code.compile_file/2` that compiles files without leaving
footprints on the system
- [Code] Add `Code.purge_compiler_modules/0` that purges any compiler
module left behind. This is useful for live systems dynamically
compiling code
- [Code] Add `Code.fetch_docs/1` that returns docs in the [EEP
48](http://erlang.org/eep/eeps/eep-0048.html) format
- [Date] Add `Date.months_in_year/1` function
- [DynamicSupervisor] Use the name of the `DynamicSupervisor` as the
ID whenever possible
- [Exception] Provide "did you mean" suggestions on KeyError
- [Exception] Provide more information on ArithmeticError on
Erlang/OTP 21+
- [Function] Add `Function` module with `capture/3`, `info/1` and
`info/2` functions
- [GenServer] Support the new `handle_continue/2` callback on
Erlang/OTP 21+
- [IO.ANSI] Add cursor movement to `IO.ANSI`
- [Kernel] Support adding arbitrary documentation metadata by passing
a keyword list to `@doc`, `@moduledoc` and `@typedoc`
- [Kernel] Introduce `__STACKTRACE__` to retrieve the current
stacktrace inside `catch`/`rescue` (this will be a requirement for
Erlang/OTP 21+)
- [Kernel] Raise on unsafe variables in order to allow us to better
track unused variables
- [Kernel] Warn when using `length` to check if a list is not empty on
guards
- [Kernel] Add hints on mismatched `do`/`end` and others pairs
- [Kernel] Warn when comparing structs using the `>`, `<`, `>=` and
`<=` operators
- [Kernel] Warn on unsupported nested comparisons such as `x < y < z`
- [Kernel] Warn if redefining documentation across clauses of the same
definition
- [Kernel] Warn on unnecessary quotes around atoms, keywords and calls
- [Macro] Add `Macro.special_form?/2` and `Macro.operator?/2` that
returns `true` if the given name/arity is a special form or operator
respectively
- [Macro.Env] Add `Macro.Env.vars/1` and `Macro.Env.has_var?/2` that
gives access to environment data without accessing private fields
- [Regex] Include endianness in the regex version. This allows regexes
to be recompiled when an archive is installed in a system with a
different endianness
- [Registry] Add `Registry.count/1` and `Registry.count_match/4`
- [String] Update to Unicode 11
- [StringIO] Add `StringIO.open/3`
- [System] Use ISO 8601 in `System.build_info/0`
ExUnit
- [ExUnit.Assertion] Print the arguments in error reports when
asserting on a function call. For example, if `assert is_list(arg)`
fails, the argument will be shown in the report
- [ExUnit.Diff] Improve diffing of lists when one list is a subset of
the other
- [ExUnit.DocTest] Show colored diffs on failed doctests
- [ExUnit.Formatter] Excluded tests, via the `--exclude` and `--only`
flags, are now shown as "Excluded" in reports. Tests skipped via
`@tag :skip` are now exclusively shown as "Skipped" and in yellow
IEx
- [IEx.Helpers] Add `use_if_available/2`
- [IEx.Helpers] Allow `force: true` option in `recompile/1`
- [IEx.Helpers] Add `:allocators` pane to `runtime_info/1`
- [IEx.Helpers] Show documentation metadata in `h/1` helpers
Logger
- [Logger] Ensure nil metadata is always pruned
- [Logger] Only evaluate Logger macro arguments when the message will
be logged
- [Logger] Add `:compile_time_purge_matching` to purge logger calls
that match certain compile time metadata, such as module names and
application names
- [Logger] Log to `:stderr` if a backend fails and there are no other
backends
- [Logger] Allow translators to return custom metadata
- [Logger] Return `:crash_reason`, `:initial_call` and
`:registered_name` as metadata in crash reports coming from
Erlang/OTP
Mix
- [mix archive.install] Add support for the Hex organization via
`--organization`
- [mix archive.uninstall] Support `--force` flag
- [mix compile] Improve support for external build tools such as
`rebar`
- [mix deps] Include `override: true` in rebar dependencies to make
the behaviour closer to how rebar3 works (although diverged deps are
still marked as diverged)
- [mix escript.install] Add support for the Hex organization via
`--organization`
- [mix escript.uninstall] Support `--force` flag
- [mix help] Also list aliases
- [mix local] Use ipv6 with auto fallback to ipv4 when downloading
data
- [mix profile] Allow all profiling tasks to run programatically
- [mix test] Add `--failed` option that only runs previously failed
tests
- [mix test] Print coverage summary by default when the `--cover` flag
is given
- [Mix.Project] Add `Mix.Project.clear_deps_cache/0`
- [Mix.Project] Add `Mix.Project.config_mtime/0` that caches the
config mtime values to avoid filesystem access
2. Bug fixes
Elixir
- [IO.ANSI.Docs] Fix table column alignment when converting docs to
ANSI escapes
- [Code] Ensure `string_to_quoted` returns error tuples instead of
raising in certain constructs
- [Code.Formatter] Consistently format keyword lists in function calls
with and without parens
- [Code.Formatter] Do not break after `->` when there are only
comments and one-line clauses
- [File] Allow the `:trim_bom` option to be used with `:encoding`
- [Kernel] Raise on unsafe variables as some of the code emitted with
unsafe variables would not correctly propagate variables or would
disable tail call optimization semantics
- [Kernel] Do not crash on dynamic sizes in binary generators with
collectable into in comprehensions
- [Kernel] Do not crash on literals with non-unary size in binary
generators with collectable into in comprehensions
- [Task] Improve error reports and exit reasons for failed tasks on
Erlang/OTP 20+
ExUnit
- [ExUnit.Case] Raise proper error if `@tag` and `@moduletag` are used
before `use ExUnit.Case`
- [ExUnit.Case] Raise proper error if `@describetag` is used outside
of `describe/2` blocks
- [ExUnit.DocTest] Emit proper assertion error on doctests with
invalid UTF-8
Mix
- [mix archive.install] Fetch optional dependencies when installing an
archive from Git/Hex
- [mix compile] Properly track config files in umbrella projects and
recompile when any relevant umbrella configuration changes
- [mix deps] Ensure the same dependency from different SCMs are tagged
as diverged when those SCMs are remote and non-remote
- [mix deps] Ensure we re-run dependency resolution when overriding a
skipped dep in umbrella
- [mix deps.compile] Perform clean builds for dependencies on outdated
locks to avoid old modules from affecting future compilation
- [mix escript.install] Fetch optional dependencies when installing an
escript from Git/Hex
3. Soft-deprecations (no warnings emitted)
Elixir
- [Code] Deprecate `Code.load_file/2` in favor of
`Code.compile_file/2`
- [Code] Deprecate `Code.loaded_files/0` in favor of
`Code.required_files/0`
- [Code] Deprecate `Code.unload_files/1` in favor of
`Code.unrequire_files/1`
Logger
- [Logger] `compile_time_purge_level` is deprecated in favor of
`compile_time_purge_matching`
4. Hard-deprecations
Elixir
- [Code] `Code.get_docs/2` is deprecated in favor of
`Code.fetch_docs/1`
- [Enum] `Enum.chunk/2/3/4` is deprecated in favor of
`Enum.chunk_every/2/3/4` - notice `chunk_every` does not discard
incomplete chunks by default
- [GenServer] Warn if `super` is used in any of the GenServer
callbacks
- [Kernel] `not left in right` is ambiguous and is deprecated in favor
of `left not in right`
- [Kernel] Warn on confusing operator sequences, such as `1+++1`
meaning `1 ++ +1` or `........` meaning `... .. ...`
- [OptionParser] Deprecate dynamic option parser mode that depended on
atoms to be previously loaded and therefore behaved inconsistently
- [Stream] `Stream.chunk/2/3/4` is deprecated in favor of
`Stream.chunk_every/2/3/4` - notice `chunk_every` does not discard
incomplete chunks by default
v1.7.3
======
1. Bug fixes
ExUnit
- [ExUnit.Assertions] Do not attempt to expand `try/1` as it is a
special form
Mix
- [mix compile.app] Do not include applications with `runtime: false`
as a runtime dependency for applications coming from Hex
v1.7.2
======
1. Bug fixes
Elixir
- [DateTime] Take negative years into account in
`DateTime.from_iso8601/1`
- [Kernel] Do not emit warnings for repeated docs over different
clauses due to false positives
Mix
- [mix compile] Properly mark top-level dependencies as optional and
as runtime. This fixes a bug where Mix attempted to start optional
dependencies of a package when those optional dependencies were not
available
- [mix compile] Avoid deadlock when a config has a timestamp later
than current time
- [mix help] Show task and alias help when both are available
- [mix test] Do not fail suite if there are no test files
v1.7.1
======
1. Bug fixes
Elixir
- [Calendar] Work-around a Dialyzer bug that causes it to loop for a
long time, potentially indefinitely
v1.7.0
======
1. Enhancements
Elixir
- [Calendar.ISO] Support negative dates in `Calendar.ISO`
- [Calendar] Add `Calendar.months_in_year/1` callback
- [Code] Add `Code.compile_file/2` that compiles files without leaving
footprints on the system
- [Code] Add `Code.purge_compiler_modules/0` that purges any compiler
module left behind. This is useful for live systems dynamically
compiling code
- [Code] Add `Code.fetch_docs/1` that returns docs in the [EEP
48](http://erlang.org/eep/eeps/eep-0048.html) format
- [Date] Add `Date.months_in_year/1` function
- [DynamicSupervisor] Use the name of the `DynamicSupervisor` as the
ID whenever possible
- [Exception] Provide "did you mean" suggestions on KeyError
- [Exception] Provide more information on ArithmeticError on
Erlang/OTP 21+
- [Function] Add `Function` module with `capture/3`, `info/1` and
`info/2` functions
- [GenServer] Support the new `handle_continue/2` callback on
Erlang/OTP 21+
- [IO.ANSI] Add cursor movement to `IO.ANSI`
- [Kernel] Support adding arbitrary documentation metadata by passing
a keyword list to `@doc`, `@moduledoc` and `@typedoc`
- [Kernel] Introduce `__STACKTRACE__` to retrieve the current
stacktrace inside `catch`/`rescue` (this will be a requirement for
Erlang/OTP 21+)
- [Kernel] Raise on unsafe variables in order to allow us to better
track unused variables
- [Kernel] Warn when using `length` to check if a list is not empty on
guards
- [Kernel] Add hints on mismatched `do`/`end` and others pairs
- [Kernel] Warn when comparing structs using the `>`, `<`, `>=` and
`<=` operators
- [Kernel] Warn on unsupported nested comparisons such as `x < y < z`
- [Kernel] Warn if redefining documentation across clauses of the same
definition
- [Kernel] Warn on unnecessary quotes around atoms, keywords and calls
- [Macro] Add `Macro.special_form?/2` and `Macro.operator?/2` that
returns `true` if the given name/arity is a special form or operator
respectively
- [Macro.Env] Add `Macro.Env.vars/1` and `Macro.Env.has_var?/2` that
gives access to environment data without accessing private fields
- [Regex] Include endianness in the regex version. This allows regexes
to be recompiled when an archive is installed in a system with a
different endianness
- [Registry] Add `Registry.count/1` and `Registry.count_match/4`
- [String] Update to Unicode 11
- [StringIO] Add `StringIO.open/3`
- [System] Use ISO 8601 in `System.build_info/0`
ExUnit
- [ExUnit.Assertion] Print the arguments in error reports when
asserting on a function call. For example, if `assert is_list(arg)`
fails, the argument will be shown in the report
- [ExUnit.Diff] Improve diffing of lists when one list is a subset of
the other
- [ExUnit.DocTest] Show colored diffs on failed doctests
- [ExUnit.Formatter] Excluded tests, via the `--exclude` and `--only`
flags, are now shown as "Excluded" in reports. Tests skipped via
`@tag :skip` are now exclusively shown as "Skipped" and in yellow
IEx
- [IEx.Helpers] Add `use_if_available/2`
- [IEx.Helpers] Allow `force: true` option in `recompile/1`
- [IEx.Helpers] Add `:allocators` pane to `runtime_info/1`
- [IEx.Helpers] Show documentation metadata in `h/1` helpers
Logger
- [Logger] Ensure nil metadata is always pruned
- [Logger] Only evaluate Logger macro arguments when the message will
be logged
- [Logger] Add `:compile_time_purge_matching` to purge logger calls
that match certain compile time metadata, such as module names and
application names
- [Logger] Log to `:stderr` if a backend fails and there are no other
backends
- [Logger] Allow translators to return custom metadata
- [Logger] Return `:crash_reason`, `:initial_call` and
`:registered_name` as metadata in crash reports coming from
Erlang/OTP
Mix
- [mix archive.install] Add support for the Hex organization via
`--organization`
- [mix archive.uninstall] Support `--force` flag
- [mix compile] Improve support for external build tools such as
`rebar`
- [mix deps] Include `override: true` in rebar dependencies to make
the behaviour closer to how rebar3 works (although diverged deps are
still marked as diverged)
- [mix escript.install] Add support for the Hex organization via
`--organization`
- [mix escript.uninstall] Support `--force` flag
- [mix help] Also list aliases
- [mix local] Use ipv6 with auto fallback to ipv4 when downloading
data
- [mix profile] Allow all profiling tasks to run programatically
- [mix test] Add `--failed` option that only runs previously failed
tests
- [mix test] Print coverage summary by default when the `--cover` flag
is given
- [Mix.Project] Add `Mix.Project.clear_deps_cache/0`
- [Mix.Project] Add `Mix.Project.config_mtime/0` that caches the
config mtime values to avoid filesystem access
2. Bug fixes
Elixir
- [IO.ANSI.Docs] Fix table column alignment when converting docs to
ANSI escapes
- [Code] Ensure `string_to_quoted` returns error tuples instead of
raising in certain constructs
- [Code.Formatter] Consistently format keyword lists in function calls
with and without parens
- [Code.Formatter] Do not break after `->` when there are only
comments and one-line clauses
- [File] Allow the `:trim_bom` option to be used with `:encoding`
- [Kernel] Raise on unsafe variables as some of the code emitted with
unsafe variables would not correctly propagate variables or would
disable tail call optimization semantics
- [Kernel] Do not crash on dynamic sizes in binary generators with
collectable into in comprehensions
- [Kernel] Do not crash on literals with non-unary size in binary
generators with collectable into in comprehensions
- [Task] Improve error reports and exit reasons for failed tasks on
Erlang/OTP 20+
ExUnit
- [ExUnit.Case] Raise proper error if `@tag` and `@moduletag` are used
before `use ExUnit.Case`
- [ExUnit.Case] Raise proper error if `@describetag` is used outside
of `describe/2` blocks
- [ExUnit.DocTest] Emit proper assertion error on doctests with
invalid UTF-8
Mix
- [mix archive.install] Fetch optional dependencies when installing an
archive from Git/Hex
- [mix compile] Properly track config files in umbrella projects and
recompile when any relevant umbrella configuration changes
- [mix deps] Ensure the same dependency from different SCMs are tagged
as diverged when those SCMs are remote and non-remote
- [mix deps] Ensure we re-run dependency resolution when overriding a
skipped dep in umbrella
- [mix deps.compile] Perform clean builds for dependencies on outdated
locks to avoid old modules from affecting future compilation
- [mix escript.install] Fetch optional dependencies when installing an
escript from Git/Hex
3. Soft-deprecations (no warnings emitted)
Elixir
- [Code] Deprecate `Code.load_file/2` in favor of
`Code.compile_file/2`
- [Code] Deprecate `Code.loaded_files/0` in favor of
`Code.required_files/0`
- [Code] Deprecate `Code.unload_files/1` in favor of
`Code.unrequire_files/1`
Logger
- [Logger] `compile_time_purge_level` is deprecated in favor of
`compile_time_purge_matching`
4. Hard-deprecations
Elixir
- [Code] `Code.get_docs/2` is deprecated in favor of
`Code.fetch_docs/1`
- [Enum] `Enum.chunk/2/3/4` is deprecated in favor of
`Enum.chunk_every/2/3/4` - notice `chunk_every` does not discard
incomplete chunks by default
- [GenServer] Warn if `super` is used in any of the GenServer
callbacks
- [Kernel] `not left in right` is ambiguous and is deprecated in favor
of `left not in right`
- [Kernel] Warn on confusing operator sequences, such as `1+++1`
meaning `1 ++ +1` or `........` meaning `... .. ...`
- [OptionParser] Deprecate dynamic option parser mode that depended on
atoms to be previously loaded and therefore behaved inconsistently
- [Stream] `Stream.chunk/2/3/4` is deprecated in favor of
`Stream.chunk_every/2/3/4` - notice `chunk_every` does not discard
incomplete chunks by default
MAIN commitmail json YAML
doc: Updated databases/py-cassandra-driver to 3.15.0
MAIN commitmail json YAML
pkgsrc/databases/py-cassandra-driver/Makefile@1.25
/
diff
pkgsrc/databases/py-cassandra-driver/distinfo@1.25 / diff
pkgsrc/databases/py-cassandra-driver/distinfo@1.25 / diff
databases/py-cassandra-driver: Update to 3.15.0
Features
--------
- Parse Virtual Keyspace Metadata
Bug Fixes
---------
- Tokenmap.get_replicas returns the wrong value if token coincides
with the end of the range
- Python Driver fails with "more than 255 arguments" python exception
when > 255 columns specified in query response
- Hang in
integration.standard.test_cluster.ClusterTests.test_set_keyspace_twice
- Asyncore reactors should use a global variable instead of a class
variable for the event loop
Other
-----
- Use global variable for libev loops so it can be subclassed
- Update SchemaParser for V4
- Bump Cython dependency version to 0.28
Features
--------
- Parse Virtual Keyspace Metadata
Bug Fixes
---------
- Tokenmap.get_replicas returns the wrong value if token coincides
with the end of the range
- Python Driver fails with "more than 255 arguments" python exception
when > 255 columns specified in query response
- Hang in
integration.standard.test_cluster.ClusterTests.test_set_keyspace_twice
- Asyncore reactors should use a global variable instead of a class
variable for the event loop
Other
-----
- Use global variable for libev loops so it can be subclassed
- Update SchemaParser for V4
- Bump Cython dependency version to 0.28
MAIN commitmail json YAML
doc: Updated net/powerdns-recursor to 4.1.4
MAIN commitmail json YAML
net/powerdns-recursor: Update to 4.1.4.
Improvements
- Split pdns_enable_unit_tests.
- Add a new max-udp-queries-per-round setting.
- Fix warnings reported by gcc 8.1.0.
- Tests: replace awk command by perl.
- Allow the snmp thread to retrieve statistics.
Bug Fixes
- Don窶冲 account chained queries more than once.
- Make rec_control respect include-dir.
- Load lua scripts only in worker threads.
- Purge all auth/forward zone data including subtree.
Improvements
- Split pdns_enable_unit_tests.
- Add a new max-udp-queries-per-round setting.
- Fix warnings reported by gcc 8.1.0.
- Tests: replace awk command by perl.
- Allow the snmp thread to retrieve statistics.
Bug Fixes
- Don窶冲 account chained queries more than once.
- Make rec_control respect include-dir.
- Load lua scripts only in worker threads.
- Purge all auth/forward zone data including subtree.
MAIN commitmail json YAML
doc: Updated net/powerdns to 4.1.4
MAIN commitmail json YAML
net/powerdns: Update to 4.1.4.
Improvements
- Fix warnings reported by gcc 8.1.0.
- Make the gmysql backend future-proof.
- Initialize some missed qtypes.
Bug Fixes
- Avoid concurrent records/comments iteration from running out of
sync.
- Fix a crash in the API when adding records.
- pdns_control notify: handle slave without renotify properly.
- Reset the TSIG state between queries.
- Remove SOA-check backoff on incoming notify and fix lock handling.
- Fix an issue where updating a record via DNS-UPDATE in a child zone
that also exists in the parent zone, we would incorrectly apply the
update to the parent zone.
- Geoipbackend: check geoip_id_by_addr_gl and geoip_id_by_addr_v6_gl
return value.
Improvements
- Fix warnings reported by gcc 8.1.0.
- Make the gmysql backend future-proof.
- Initialize some missed qtypes.
Bug Fixes
- Avoid concurrent records/comments iteration from running out of
sync.
- Fix a crash in the API when adding records.
- pdns_control notify: handle slave without renotify properly.
- Reset the TSIG state between queries.
- Remove SOA-check backoff on incoming notify and fix lock handling.
- Fix an issue where updating a record via DNS-UPDATE in a child zone
that also exists in the parent zone, we would incorrectly apply the
update to the parent zone.
- Geoipbackend: check geoip_id_by_addr_gl and geoip_id_by_addr_v6_gl
return value.
MAIN commitmail json YAML
doc: Updated security/vault to 0.11.0
MAIN commitmail json YAML
security/vault: Update to 0.11.0.
DEPRECATIONS/CHANGES:
- Request Timeouts: A default request timeout of 90s is now enforced. This
setting can be overwritten in the config file. If you anticipate requests
taking longer than 90s this setting should be updated before upgrading.
- (NOTE: will be re-added into 0.11.1 as it broke more than anticipated. There
will be some further guidelines around when this will be removed again.)
* `sys/` Top Level Injection: For the last two years for backwards
compatibility data for various `sys/` routes has been injected into both the
Secret's Data map and into the top level of the JSON response object.
However, this has some subtle issues that pop up from time to time and is
becoming increasingly complicated to maintain, so it's finally being
removed.
- Path Fallback for List Operations: For a very long time Vault has
automatically adjusted `list` operations to always end in a `/`, as list
operations operates on prefixes, so all list operations by definition end
with `/`. This was done server-side so affects all clients. However, this
has also led to a lot of confusion for users writing policies that assume
that the path that they use in the CLI is the path used internally. Starting
in 0.11, ACL policies gain a new fallback rule for listing: they will use a
matching path ending in `/` if available, but if not found, they will look
for the same path without a trailing `/`. This allows putting `list`
capabilities in the same path block as most other capabilities for that
path, while not providing any extra access if `list` wasn't actually
provided there.
- Performance Standbys On By Default: If you flavor/license of Vault
Enterprise supports Performance Standbys, they are on by default. You can
disable this behavior per-node with the `disable_performance_standby`
configuration flag.
- AWS Secret Engine Roles: The AWS Secret Engine roles are now explicit about
the type of AWS credential they are generating; this reduces reduce
ambiguity that existed previously as well as enables new features for
specific credential types. Writing role data and generating credentials
remain backwards compatible; however, the data returned when reading a
role's configuration has changed in backwards-incompatible ways. Anything
that depended on reading role data from the AWS secret engine will break
until it is updated to work with the new format.
FEATURES:
- Namespaces (Enterprise): A set of features within Vault Enterprise
that allows Vault environments to support *Secure Multi-tenancy* within a
single Vault Enterprise infrastructure. Through namespaces, Vault
administrators can support tenant isolation for teams and individuals as
well as empower those individuals to self-manage their own tenant
environment.
- Performance Standbys (Enterprise): Standby nodes can now service
requests that do not modify storage. This provides near-horizontal scaling
of a cluster in some workloads, and is the intra-cluster analogue of
the existing Performance Replication feature, which replicates to distinct
clusters in other datacenters, geos, etc.
- AliCloud OSS Storage: AliCloud OSS can now be used for Vault storage.
- AliCloud Auth Plugin: AliCloud's identity services can now be used to
grant access to Vault. See the plugin repository for more information.
- Azure Secrets Plugin: There is now a plugin (pulled in to Vault) that
allows generating credentials to allow access to Azure. See the plugin
repository for more information.
- HA Support for MySQL Storage: MySQL storage now supports HA.
- ACL Templating: ACL policies can now be templated using identity Entity,
Groups, and Metadata.
- UI Onboarding wizards: The Vault UI can provide contextual help and
guidance, linking out to relevant links or guides on vaultproject.io for
various workflows in Vault.
IMPROVEMENTS:
- agent: Add `exit_after_auth` to be able to use the Agent for a single
authentication
- auth/approle: Add ability to set token bound CIDRs on individual Secret IDs
- cli: Add support for passing parameters to `vault read` operations
- secrets/aws: Make credential types more explicit
- secrets/nomad: Support for longer token names
- secrets/pki: Allow disabling CRL generation
- storage/azure: Add support for different Azure environments
- storage/file: Sort keys in list responses
- storage/mysql: Support special characters in database and table names.
BUG FIXES:
- auth/jwt: Always validate `aud` claim even if `bound_audiences` isn't set
(IOW, error in this case)
- core: Prevent Go's HTTP library from interspersing logs in a different
format and/or interleaved
- identity: Properly populate `mount_path` and `mount_type` on group lookup
- identity: Fix persisting alias metadata
- identity: Fix carryover issue from previously fixed race condition that
could cause Vault not to start up due to two entities referencing the same
alias. These entities are now merged.
- replication: Fix issue causing some pages not to flush to storage
- secrets/database: Fix inability to update custom SQL statements on
database roles.
- secrets/pki: Disallow putting the CA's serial on its CRL. While technically
legal, doing so inherently means the CRL can't be trusted anyways, so it's
not useful and easy to footgun.
- storage/gcp,spanner: Fix data races
DEPRECATIONS/CHANGES:
- Request Timeouts: A default request timeout of 90s is now enforced. This
setting can be overwritten in the config file. If you anticipate requests
taking longer than 90s this setting should be updated before upgrading.
- (NOTE: will be re-added into 0.11.1 as it broke more than anticipated. There
will be some further guidelines around when this will be removed again.)
* `sys/` Top Level Injection: For the last two years for backwards
compatibility data for various `sys/` routes has been injected into both the
Secret's Data map and into the top level of the JSON response object.
However, this has some subtle issues that pop up from time to time and is
becoming increasingly complicated to maintain, so it's finally being
removed.
- Path Fallback for List Operations: For a very long time Vault has
automatically adjusted `list` operations to always end in a `/`, as list
operations operates on prefixes, so all list operations by definition end
with `/`. This was done server-side so affects all clients. However, this
has also led to a lot of confusion for users writing policies that assume
that the path that they use in the CLI is the path used internally. Starting
in 0.11, ACL policies gain a new fallback rule for listing: they will use a
matching path ending in `/` if available, but if not found, they will look
for the same path without a trailing `/`. This allows putting `list`
capabilities in the same path block as most other capabilities for that
path, while not providing any extra access if `list` wasn't actually
provided there.
- Performance Standbys On By Default: If you flavor/license of Vault
Enterprise supports Performance Standbys, they are on by default. You can
disable this behavior per-node with the `disable_performance_standby`
configuration flag.
- AWS Secret Engine Roles: The AWS Secret Engine roles are now explicit about
the type of AWS credential they are generating; this reduces reduce
ambiguity that existed previously as well as enables new features for
specific credential types. Writing role data and generating credentials
remain backwards compatible; however, the data returned when reading a
role's configuration has changed in backwards-incompatible ways. Anything
that depended on reading role data from the AWS secret engine will break
until it is updated to work with the new format.
FEATURES:
- Namespaces (Enterprise): A set of features within Vault Enterprise
that allows Vault environments to support *Secure Multi-tenancy* within a
single Vault Enterprise infrastructure. Through namespaces, Vault
administrators can support tenant isolation for teams and individuals as
well as empower those individuals to self-manage their own tenant
environment.
- Performance Standbys (Enterprise): Standby nodes can now service
requests that do not modify storage. This provides near-horizontal scaling
of a cluster in some workloads, and is the intra-cluster analogue of
the existing Performance Replication feature, which replicates to distinct
clusters in other datacenters, geos, etc.
- AliCloud OSS Storage: AliCloud OSS can now be used for Vault storage.
- AliCloud Auth Plugin: AliCloud's identity services can now be used to
grant access to Vault. See the plugin repository for more information.
- Azure Secrets Plugin: There is now a plugin (pulled in to Vault) that
allows generating credentials to allow access to Azure. See the plugin
repository for more information.
- HA Support for MySQL Storage: MySQL storage now supports HA.
- ACL Templating: ACL policies can now be templated using identity Entity,
Groups, and Metadata.
- UI Onboarding wizards: The Vault UI can provide contextual help and
guidance, linking out to relevant links or guides on vaultproject.io for
various workflows in Vault.
IMPROVEMENTS:
- agent: Add `exit_after_auth` to be able to use the Agent for a single
authentication
- auth/approle: Add ability to set token bound CIDRs on individual Secret IDs
- cli: Add support for passing parameters to `vault read` operations
- secrets/aws: Make credential types more explicit
- secrets/nomad: Support for longer token names
- secrets/pki: Allow disabling CRL generation
- storage/azure: Add support for different Azure environments
- storage/file: Sort keys in list responses
- storage/mysql: Support special characters in database and table names.
BUG FIXES:
- auth/jwt: Always validate `aud` claim even if `bound_audiences` isn't set
(IOW, error in this case)
- core: Prevent Go's HTTP library from interspersing logs in a different
format and/or interleaved
- identity: Properly populate `mount_path` and `mount_type` on group lookup
- identity: Fix persisting alias metadata
- identity: Fix carryover issue from previously fixed race condition that
could cause Vault not to start up due to two entities referencing the same
alias. These entities are now merged.
- replication: Fix issue causing some pages not to flush to storage
- secrets/database: Fix inability to update custom SQL statements on
database roles.
- secrets/pki: Disallow putting the CA's serial on its CRL. While technically
legal, doing so inherently means the CRL can't be trusted anyways, so it's
not useful and easy to footgun.
- storage/gcp,spanner: Fix data races
MAIN commitmail json YAML
doc: Updated textproc/py-xlsxwriter to 1.1.0
MAIN commitmail json YAML
doc: Updated www/nghttp2 to 1.33.0
MAIN commitmail json YAML
www/nghttp2: Update to 1.33.0.
- lib: Tweak nghttp2_session_set_stream_user_data
- lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS.
- lib: Implement ORIGIN frame
- asio: support definition of local endpoint for cleartext client
session
- integration: Remove remaining SPDY code from the integration tests.
- nghttpx: Fix worker process crash with neverbleed write error
- nghttpx: Support per-backend mruby script
- nghttpx: Fix stream reset if data from client is arrived before dconn
is attached
- lib: Tweak nghttp2_session_set_stream_user_data
- lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS.
- lib: Implement ORIGIN frame
- asio: support definition of local endpoint for cleartext client
session
- integration: Remove remaining SPDY code from the integration tests.
- nghttpx: Fix worker process crash with neverbleed write error
- nghttpx: Support per-backend mruby script
- nghttpx: Fix stream reset if data from client is arrived before dconn
is attached
MAIN commitmail json YAML
Remove duplicate SunOS-only items from PLIST. Fixes non-SunOS builds.
MAIN commitmail json YAML
doc: Updated devel/php-gearman to 2.0.5
MAIN commitmail json YAML
devel/php-gearman: Update to 2.0.5.
Based on a PR by @mmoll, see NetBSD/pkgsrc#30
Version 2.0.5
-------------
- fixing incorrect number of required parameters for
GearmanClient::addServer and GearmanClient::addServers, along with
proceduralequivalents
Version 2.0.4
-------------
- fix "Param to skip exception handling setup in addServer/addServers
in GearmanClient class"
Based on a PR by @mmoll, see NetBSD/pkgsrc#30
Version 2.0.5
-------------
- fixing incorrect number of required parameters for
GearmanClient::addServer and GearmanClient::addServers, along with
proceduralequivalents
Version 2.0.4
-------------
- fix "Param to skip exception handling setup in addServer/addServers
in GearmanClient class"
MAIN commitmail json YAML
doc: Updated devel/gearmand to 1.1.18
MAIN commitmail json YAML
pkgsrc/devel/gearmand/Makefile@1.33
/
diff
pkgsrc/devel/gearmand/PLIST@1.2 / diff
pkgsrc/devel/gearmand/buildlink3.mk@1.6 / diff
pkgsrc/devel/gearmand/distinfo@1.4 / diff
pkgsrc/devel/gearmand/patches/patch-Makefile.in deleted
pkgsrc/devel/gearmand/patches/patch-libgearman-1.0_gearman.h deleted
pkgsrc/devel/gearmand/PLIST@1.2 / diff
pkgsrc/devel/gearmand/buildlink3.mk@1.6 / diff
pkgsrc/devel/gearmand/distinfo@1.4 / diff
pkgsrc/devel/gearmand/patches/patch-Makefile.in deleted
pkgsrc/devel/gearmand/patches/patch-libgearman-1.0_gearman.h deleted
devel/gearmand: Update to 1.1.18.
Based on a PR by @mmoll, see NetBSD/pkgsrc#31
Upstream changelog
==================
1.1.18
- HTTP protocol bug fix
- configure.sh accepts -o flag
- Build and test cleanly on OS X with latest xcode
1.1.17
- Redis fixed for items larger than 64 bytes
- Various memcached plugin bugfixes
- Shellcheck passes for bootstrap.sh
1.1.16
- Fixes to HTTP protocol plugin and background jobs
- Redis queue plugin refactored
- TCP Keepalive settings are properly respected
- Various fixes for stricter C++11 compilation
- Changed from CYaSSL to WolfSSL
- Various fixes to memcached queue plugin
1.1.15
- Added "prioritystatus" command to display queued jobs broken down by
priority.
- Turn on artifact storage
- Use _exit() in fork test to fix race
- add "redis-password" option to redis
1.1.14
- This includes significant fixes for the redis queue backend, and
various minor bug fixes.
1.1.12 Sun Feb 9 04:27:38 PST 2014
- GEARMAN_SERVERS environmental variable for libgearman to pick up
servers to communicate with. This means that any driver now linked
with libgearman will be able to handle multiple servers.
- Add INFO level messages for queue creation.
1.1.11 Thu Oct 3 04:38:47 EDT 2013
- Workers which return a bad gearman_return_t will be counted as an
error by the server and not a final (i.e. they will be retried).
- Fixed possible bug where the server would over count the number of
NOOP sent if NOOP messages did not get sent.
1.1.10 Mon Sep 16 04:20:13 CDT 2013
- Added gearman_job_use_client()
- Improve compile time.
- Fix for NOOP failure (bad worker causes early exit of loop).
- Fix for postgres (use INFORMATION_SCHEMA).
- Added gearman_client_has_active_tasks() so that you can see if a
client has active tasks that it is working on.
1.1.9 Fri Aug 2 02:39:25 EDT 2013
- Added gearman_task_is_finished()
- Improved SSL support.
- Exceptions are now supported.
- gearmand excepts its root CA via the environmental variable
GEARMAND_PORT.
- libgearman will now except GEARMAND_CA_CERTIFICATE,
GEARMAN_CLIENT_PEM, and GEARMAN_CLIENT_KEY
1.1.8 Thu Jun 6 18:47:01 EDT 2013
- Postgres test case now passes.
- SSL support added.
- OSX fixes.
1.1.7 Mon May 6 06:46:20 EDT 2013
- Cleanup of error codes returned by gearmand.
- gearmand will now set its port from the env variable GEARMAND_PORT.
- Fix issue where identifier might not be set correctly on reconnect.
1.1.6 Tue Apr 16 03:29:57 EDT 2013
- Merge of 1.0.4 tree
- Added support for gearadmin to "cancel" a job.
- Keep-alive support for gearmand has been extended (more options to
control behavior).
- Fixed issues related to clients who didn't really support exceptions
being passed exceptions.
1.1.5 Mon Feb 4 00:59:19 EST 2013
- Rollup of bug fixes for 1.0.3
- --threads=0 for gearmand will now result in gearmand using all
available cores.
1.1.4 Mon Dec 17 21:24:16 EST 2012
- Add GEARMAN_CLIENT_GENERATE_UNIQUE, with default set to not
generate.
- Experimental addition to queue service which will allow a queue to
be stored on shutdown (--libsqlite3-store-on-shutdown).
- Rollup of all changes in 1.0.2
1.1.3 Wed Nov 7 22:48:21 EST 2012
- Merge with 1.0.1
1.1.2 Fri Oct 12 05:34:29 EDT 2012
- Merge with 0.41
1.1.1 Wed Sep 19 22:04:56 EDT 2012
- Merge with 0.39
1.1.0 Wed Sep 5 08:33:37 PDT 2012
- Fix for ABI compatibility issues.
Based on a PR by @mmoll, see NetBSD/pkgsrc#31
Upstream changelog
==================
1.1.18
- HTTP protocol bug fix
- configure.sh accepts -o flag
- Build and test cleanly on OS X with latest xcode
1.1.17
- Redis fixed for items larger than 64 bytes
- Various memcached plugin bugfixes
- Shellcheck passes for bootstrap.sh
1.1.16
- Fixes to HTTP protocol plugin and background jobs
- Redis queue plugin refactored
- TCP Keepalive settings are properly respected
- Various fixes for stricter C++11 compilation
- Changed from CYaSSL to WolfSSL
- Various fixes to memcached queue plugin
1.1.15
- Added "prioritystatus" command to display queued jobs broken down by
priority.
- Turn on artifact storage
- Use _exit() in fork test to fix race
- add "redis-password" option to redis
1.1.14
- This includes significant fixes for the redis queue backend, and
various minor bug fixes.
1.1.12 Sun Feb 9 04:27:38 PST 2014
- GEARMAN_SERVERS environmental variable for libgearman to pick up
servers to communicate with. This means that any driver now linked
with libgearman will be able to handle multiple servers.
- Add INFO level messages for queue creation.
1.1.11 Thu Oct 3 04:38:47 EDT 2013
- Workers which return a bad gearman_return_t will be counted as an
error by the server and not a final (i.e. they will be retried).
- Fixed possible bug where the server would over count the number of
NOOP sent if NOOP messages did not get sent.
1.1.10 Mon Sep 16 04:20:13 CDT 2013
- Added gearman_job_use_client()
- Improve compile time.
- Fix for NOOP failure (bad worker causes early exit of loop).
- Fix for postgres (use INFORMATION_SCHEMA).
- Added gearman_client_has_active_tasks() so that you can see if a
client has active tasks that it is working on.
1.1.9 Fri Aug 2 02:39:25 EDT 2013
- Added gearman_task_is_finished()
- Improved SSL support.
- Exceptions are now supported.
- gearmand excepts its root CA via the environmental variable
GEARMAND_PORT.
- libgearman will now except GEARMAND_CA_CERTIFICATE,
GEARMAN_CLIENT_PEM, and GEARMAN_CLIENT_KEY
1.1.8 Thu Jun 6 18:47:01 EDT 2013
- Postgres test case now passes.
- SSL support added.
- OSX fixes.
1.1.7 Mon May 6 06:46:20 EDT 2013
- Cleanup of error codes returned by gearmand.
- gearmand will now set its port from the env variable GEARMAND_PORT.
- Fix issue where identifier might not be set correctly on reconnect.
1.1.6 Tue Apr 16 03:29:57 EDT 2013
- Merge of 1.0.4 tree
- Added support for gearadmin to "cancel" a job.
- Keep-alive support for gearmand has been extended (more options to
control behavior).
- Fixed issues related to clients who didn't really support exceptions
being passed exceptions.
1.1.5 Mon Feb 4 00:59:19 EST 2013
- Rollup of bug fixes for 1.0.3
- --threads=0 for gearmand will now result in gearmand using all
available cores.
1.1.4 Mon Dec 17 21:24:16 EST 2012
- Add GEARMAN_CLIENT_GENERATE_UNIQUE, with default set to not
generate.
- Experimental addition to queue service which will allow a queue to
be stored on shutdown (--libsqlite3-store-on-shutdown).
- Rollup of all changes in 1.0.2
1.1.3 Wed Nov 7 22:48:21 EST 2012
- Merge with 1.0.1
1.1.2 Fri Oct 12 05:34:29 EDT 2012
- Merge with 0.41
1.1.1 Wed Sep 19 22:04:56 EDT 2012
- Merge with 0.39
1.1.0 Wed Sep 5 08:33:37 PDT 2012
- Fix for ABI compatibility issues.
MAIN commitmail json YAML
Revert duplicate entry
MAIN commitmail json YAML
doc: Updated textproc/py-xlsxwriter to 1.0.7
MAIN commitmail json YAML
doc: Updated lang/nodejs6 to 6.14.4
MAIN commitmail json YAML
lang/nodejs6: Update to 6.14.4.
- buffer: Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2
encoding (CVE-2018-12115)
- buffer: Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2
encoding (CVE-2018-12115)
MAIN commitmail json YAML
doc: Updated lang/nodejs8 to 8.11.4
MAIN commitmail json YAML
lang/nodejs8: Update 8.11.4.
- buffer: Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2
encoding (CVE-2018-12115)
- buffer: Fix out-of-bounds (OOB) write in Buffer.write() for UCS-2
encoding (CVE-2018-12115)
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.9.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.9.0.
- buffer:
- Fix out-of-bounds (OOB) write in `Buffer.write()` for UCS-2
encoding (CVE-2018-12115)
- Fix unintentional exposure of uninitialized memory in
`Buffer.alloc()` (CVE-2018-7166)
- deps:
- Upgrade to OpenSSL 1.1.0i, fixing:
- Client DoS due to large DH parameter (CVE-2018-0732)
- ECDSA key extraction via local side-channel (CVE not assigned)
- Upgrade V8 from 6.7 to 6.8
- Memory reduction and performance improvements
- http: `http.get()` and `http.request()` (and `https` variants) can
now accept three arguments to allow for a `URL` _and_ an `options`
object
- buffer:
- Fix out-of-bounds (OOB) write in `Buffer.write()` for UCS-2
encoding (CVE-2018-12115)
- Fix unintentional exposure of uninitialized memory in
`Buffer.alloc()` (CVE-2018-7166)
- deps:
- Upgrade to OpenSSL 1.1.0i, fixing:
- Client DoS due to large DH parameter (CVE-2018-0732)
- ECDSA key extraction via local side-channel (CVE not assigned)
- Upgrade V8 from 6.7 to 6.8
- Memory reduction and performance improvements
- http: `http.get()` and `http.request()` (and `https` variants) can
now accept three arguments to allow for a `URL` _and_ an `options`
object
MAIN commitmail json YAML
doc: Updated sysutils/syslog-ng to 3.17.2
MAIN commitmail json YAML
pkgsrc/sysutils/syslog-ng/Makefile.common@1.13
/
diff
pkgsrc/sysutils/syslog-ng/PLIST@1.17 / diff
pkgsrc/sysutils/syslog-ng/distinfo@1.15 / diff
pkgsrc/sysutils/syslog-ng/patches/patch-modules_system-source_system-source.c@1.2 / diff
pkgsrc/sysutils/syslog-ng/PLIST@1.17 / diff
pkgsrc/sysutils/syslog-ng/distinfo@1.15 / diff
pkgsrc/sysutils/syslog-ng/patches/patch-modules_system-source_system-source.c@1.2 / diff
sysutils/syslog-ng: Update to 3.17.2.
3.17.2
======
## Bugfixes
- Fix a bug in flow-control
- Fix template function evaluation in debugger
3.17.1
======
## Features
- Client side failback mode
- New linux-audit() source as SCL
- Decorating generated configuration
- Introduce ewmm() source
- Add parsing of Cisco unified call manager
- Mandatory parameters for cfg-block (SCL)
## Bugfixes
- dqtool cat print backlog items
- Rewind backlog in case of stateless LogProtoClient
- Filter out incorrectly parsed sudo logs
- Minor fixes related to client-lib-dir, loggen and eventlog
- Minor stats-query fixes and refactor
- Reliable disk buffer non-empty backlog
- Fix pip package versions on older distro releases (dbld)
- Fix a groupset/groupunset and map-value-pairs() crash
- Make g_atomic_counter_set() atomic and update minimum glib version
to 2.26
- Aligning java related SCLs with mandatory parameters
- Loggen minor fixes
- grab-logging should be installed as a header
- Fix possible underflow of memory_usage (afsql, logqueue-fifo)
- Fix SELinux module version inconsistency
- Fix CMake unit test compilation (no-pie)
- Fix possible crash in syslog-parser()
- Disable ack for mark mode
- Fixing a Telegram destination bug with bot id
- All drivers should support inner destination or source plugins
- Fix default file and directory creation ownership
- Fix global "center;;received" counter when systemd-journal() is used
- Link everything to libsecret-storage
- Inform about the right dns-cache() configuration (warning message
typo)
- Adjusting window size for internal mark mode
- Fix memory leaks in disk-buffer()
- Fix undefined behavior in log multiplexer
- Fix static linking mode (autotools)
- Fix internal mark mode infinite loop with old ivykis
- Fix missing normalize flags
- Keep JVM running on reload if once configured
- Fix a race condition (suspend) in LogSource
- Add `@requires json-plugin` to the cim() parser
- Added exclude_kmsg option to system source
- Fix padding template function
- Leak & invalid memory access
- FreeBSD 11.2 builderror SOCK_STREAM
- Add ref-counted TLSVerifier struct (use after free fix)
## Other changes
- Improve loggen's file message parser
- syslog-ng-debun improvements
- Goodbye "goto relex" (refactor)
- Refactor the callback registration mechanism of WildcardFileReader
- Extended Linux capabilities detection (pkg-config)
- Add atomic gssize
- Lower the message level of `@requires` to debug
- macOS warning elimination
- Remove a misleading rewrite-related debug message
- Minor updates to SELinux policy installer script
- More robust GLib detection (CMake)
- Logthreaded nonfunctional changes
- Confgen and pragma improvements
- Flush before stopping syslog-ng (functional tests)
- Port unit tests into criterion (test_filters_netmask6, test_findeom,
csv_parser, patternDB)
- Libtest refactors
- Add missing files to the source tarball
- Better python binary detection
3.17.2
======
## Bugfixes
- Fix a bug in flow-control
- Fix template function evaluation in debugger
3.17.1
======
## Features
- Client side failback mode
- New linux-audit() source as SCL
- Decorating generated configuration
- Introduce ewmm() source
- Add parsing of Cisco unified call manager
- Mandatory parameters for cfg-block (SCL)
## Bugfixes
- dqtool cat print backlog items
- Rewind backlog in case of stateless LogProtoClient
- Filter out incorrectly parsed sudo logs
- Minor fixes related to client-lib-dir, loggen and eventlog
- Minor stats-query fixes and refactor
- Reliable disk buffer non-empty backlog
- Fix pip package versions on older distro releases (dbld)
- Fix a groupset/groupunset and map-value-pairs() crash
- Make g_atomic_counter_set() atomic and update minimum glib version
to 2.26
- Aligning java related SCLs with mandatory parameters
- Loggen minor fixes
- grab-logging should be installed as a header
- Fix possible underflow of memory_usage (afsql, logqueue-fifo)
- Fix SELinux module version inconsistency
- Fix CMake unit test compilation (no-pie)
- Fix possible crash in syslog-parser()
- Disable ack for mark mode
- Fixing a Telegram destination bug with bot id
- All drivers should support inner destination or source plugins
- Fix default file and directory creation ownership
- Fix global "center;;received" counter when systemd-journal() is used
- Link everything to libsecret-storage
- Inform about the right dns-cache() configuration (warning message
typo)
- Adjusting window size for internal mark mode
- Fix memory leaks in disk-buffer()
- Fix undefined behavior in log multiplexer
- Fix static linking mode (autotools)
- Fix internal mark mode infinite loop with old ivykis
- Fix missing normalize flags
- Keep JVM running on reload if once configured
- Fix a race condition (suspend) in LogSource
- Add `@requires json-plugin` to the cim() parser
- Added exclude_kmsg option to system source
- Fix padding template function
- Leak & invalid memory access
- FreeBSD 11.2 builderror SOCK_STREAM
- Add ref-counted TLSVerifier struct (use after free fix)
## Other changes
- Improve loggen's file message parser
- syslog-ng-debun improvements
- Goodbye "goto relex" (refactor)
- Refactor the callback registration mechanism of WildcardFileReader
- Extended Linux capabilities detection (pkg-config)
- Add atomic gssize
- Lower the message level of `@requires` to debug
- macOS warning elimination
- Remove a misleading rewrite-related debug message
- Minor updates to SELinux policy installer script
- More robust GLib detection (CMake)
- Logthreaded nonfunctional changes
- Confgen and pragma improvements
- Flush before stopping syslog-ng (functional tests)
- Port unit tests into criterion (test_filters_netmask6, test_findeom,
csv_parser, patternDB)
- Libtest refactors
- Add missing files to the source tarball
- Better python binary detection
MAIN commitmail json YAML
doc: Updated databases/pgbouncer to 1.9.0
MAIN commitmail json YAML
databases/pgbouncer: Update to 1.9.0.
Features
- RECONNECT command
- WAIT_CLOSE command
- Fast close - Disconnect a server in session pool mode immediately
if it is in "close_needed" (reconnect) mode.
- Add close_needed column to SHOW SERVERS
Fixes
- Avoid double-free in parse_filename
- Avoid NULL pointer deref in parse_line
Cleanups
- Port mkauth.py to Python 3
- Improve signals documentation
- Improve quick start documentation
- Document SET command
- Correct list of required software
- Fix -Wimplicit-fallthrough warnings
- Add missing documentation for various SHOW fields
- Document reconnect behavior on reload and DNS change
- Document that KILL requires RESUME afterwards
- Clarify documentation of server_lifetime
- Typos and capitalization fixes in messages and docs
- Fix psql invocation in tests
- Various other test setup improvements
Features
- RECONNECT command
- WAIT_CLOSE command
- Fast close - Disconnect a server in session pool mode immediately
if it is in "close_needed" (reconnect) mode.
- Add close_needed column to SHOW SERVERS
Fixes
- Avoid double-free in parse_filename
- Avoid NULL pointer deref in parse_line
Cleanups
- Port mkauth.py to Python 3
- Improve signals documentation
- Improve quick start documentation
- Document SET command
- Correct list of required software
- Fix -Wimplicit-fallthrough warnings
- Add missing documentation for various SHOW fields
- Document reconnect behavior on reload and DNS change
- Document that KILL requires RESUME afterwards
- Clarify documentation of server_lifetime
- Typos and capitalization fixes in messages and docs
- Fix psql invocation in tests
- Various other test setup improvements
MAIN commitmail json YAML
pkgsrc/net/dnsdist/Makefile@1.8
/
diff
pkgsrc/net/dnsdist/distinfo@1.6 / diff
pkgsrc/net/dnsdist/patches/patch-devpollmplexer.cc@1.1 / diff
pkgsrc/net/dnsdist/patches/patch-dnsdist.cc@1.3 / diff
pkgsrc/net/dnsdist/patches/patch-iputils.hh@1.3 / diff
pkgsrc/net/dnsdist/patches/patch-portsmplexer.cc@1.1 / diff
pkgsrc/net/dnsdist/distinfo@1.6 / diff
pkgsrc/net/dnsdist/patches/patch-devpollmplexer.cc@1.1 / diff
pkgsrc/net/dnsdist/patches/patch-dnsdist.cc@1.3 / diff
pkgsrc/net/dnsdist/patches/patch-iputils.hh@1.3 / diff
pkgsrc/net/dnsdist/patches/patch-portsmplexer.cc@1.1 / diff
net/dnsdist: Fix build on SunOS, clean up args, disable optional SNMP.
MAIN commitmail json YAML
doc: Updated lang/npm to 6.3.0
MAIN commitmail json YAML
pkgsrc/lang/npm/Makefile@1.10
/
diff
pkgsrc/lang/npm/PLIST@1.5 / diff
pkgsrc/lang/npm/distinfo@1.8 / diff
pkgsrc/lang/npm/PLIST@1.5 / diff
pkgsrc/lang/npm/distinfo@1.8 / diff
lang/npm: Update tp 6.3.0.
## v6.3.0 (2018-08-01):
- `figgy-pudding@3.2.0`
- `cacache@11.1.0`
## v6.3.0-next.0 (2018-07-25):
### NEW FEATURES
- `npm version` now supports a `--preid` option to specify the preid
for prereleases. For example, `npm version premajor --preid rc` will tag
a version like `2.0.0-rc.0`.
### MESSAGING IMPROVEMENTS
- Make `npm audit fix` message provide better instructions for
vulnerabilities that require manual review.
- Fix missing colon next to tarball url in new `npm view` output.
- Use the defaut OTP explanation everywhere except when the context is
"OTP-aware" (like when setting double-authentication). This improves
the overall CLI messaging when prompting for an OTP code.
### MISC
- Use the extracted `stringify-package` package.
- `wrappy` was previously added to dependencies in order to flatten
it, but we no longer do legacy-style for npm itself, so it has been
removed from `package.json`.
## v6.2.0 (2018-07-13):
### FEATURES
- Add support for tab-separated output for `npm audit` data with the
`--parseable` flag.
- Add new `sign-git-commit` config to control whether the git commit
itself gets signed, or just the tag (which is the default).
### FIXES
- Do not use `SET` to fetch the env in git-bash or Cygwin.
### DEPENDENCY BUMPS
- `request@2.81.0`: Downgraded to allow better deduplication. This
does introduce a bunch of `hoek`-related audit reports, but they don't
affect npm itself so we consider it safe. We'll upgrade `request` again
once `node-gyp` unpins it.
- `node-gyp@3.7.0`
_ `cli-table3@0.5.0`: `cli-table2` is unmaintained and required
`lodash`. With this dependency bump, we've removed `lodash` from our tree,
which cut back tarball size by another 300kb.
- `npm-audit-report@1.3.1`
- Add `cli-table3` to bundleDeps.
- Make `standard` happy.
## v6.2.0-next.1 (2018-07-05):
- Remove postinstall script that depended on source files, thus
preventing `npm@next` from being installable from the registry.
## v6.2.0-next.0 (2018-06-28):
### NEW FEATURES
- You can now disable the update notifier entirely by using
`--no-update-notifier` or setting it in your config with `npm config
set update-notifier false`.
- When `npm run-script <script>` fails due to a typo or missing
script, npm will now do a "did you mean?..." for scripts that do exist.
### BUGFIXES
- Fix the regular expression matching in `xcode_emulation` in
`node-gyp` to also handle version numbers with multiple-digit major
versions which would otherwise break under use of XCode 10.
- Stop trying to hoist/dedupe bundles dependencies.
- Add synopsis to brief help for `npm audit` and suppress trailing
newline.
- Exclude /.github directory from npm tarball.
- Add suggestion to use a temporary cache instead of `npm cache clear
--force`.
### DEPENDENCY SHUFFLE!
We did some reshuffling and moving around of npm's own dependencies.
This significantly reduces the total bundle size of the npm pack,
from 8MB to 4.8MB for the distributed tarball! We also moved around
what we actually commit to the repo as far as devDeps go.
- Flatten and dedupe our dependencies!
- Remove unused direct dependency `ansi-regex`.
- Reshuffle ansi-regex for better deduping.
- Reshuffle strip-ansi for better deduping.
- Reshuffle is-fullwidth-code-point for better deduping.
- Add fake-registry, npm-registry-mock replacement.
### DEPENDENCIES
- `tar@4.4.3`
- `pacote@8.1.6`
- `libcipm@2.0.0`
- `request@2.87.0`
- `which@1.3.1`
- `tar@4.4.4`
- `JSONStream@1.3.3`
- `is-cidr@2.0.6`
- `marked@0.4.0`
- `tap@12.0.1`
- `npm-profile@3.0.2`
- `uuid@3.3.2`
## v6.3.0 (2018-08-01):
- `figgy-pudding@3.2.0`
- `cacache@11.1.0`
## v6.3.0-next.0 (2018-07-25):
### NEW FEATURES
- `npm version` now supports a `--preid` option to specify the preid
for prereleases. For example, `npm version premajor --preid rc` will tag
a version like `2.0.0-rc.0`.
### MESSAGING IMPROVEMENTS
- Make `npm audit fix` message provide better instructions for
vulnerabilities that require manual review.
- Fix missing colon next to tarball url in new `npm view` output.
- Use the defaut OTP explanation everywhere except when the context is
"OTP-aware" (like when setting double-authentication). This improves
the overall CLI messaging when prompting for an OTP code.
### MISC
- Use the extracted `stringify-package` package.
- `wrappy` was previously added to dependencies in order to flatten
it, but we no longer do legacy-style for npm itself, so it has been
removed from `package.json`.
## v6.2.0 (2018-07-13):
### FEATURES
- Add support for tab-separated output for `npm audit` data with the
`--parseable` flag.
- Add new `sign-git-commit` config to control whether the git commit
itself gets signed, or just the tag (which is the default).
### FIXES
- Do not use `SET` to fetch the env in git-bash or Cygwin.
### DEPENDENCY BUMPS
- `request@2.81.0`: Downgraded to allow better deduplication. This
does introduce a bunch of `hoek`-related audit reports, but they don't
affect npm itself so we consider it safe. We'll upgrade `request` again
once `node-gyp` unpins it.
- `node-gyp@3.7.0`
_ `cli-table3@0.5.0`: `cli-table2` is unmaintained and required
`lodash`. With this dependency bump, we've removed `lodash` from our tree,
which cut back tarball size by another 300kb.
- `npm-audit-report@1.3.1`
- Add `cli-table3` to bundleDeps.
- Make `standard` happy.
## v6.2.0-next.1 (2018-07-05):
- Remove postinstall script that depended on source files, thus
preventing `npm@next` from being installable from the registry.
## v6.2.0-next.0 (2018-06-28):
### NEW FEATURES
- You can now disable the update notifier entirely by using
`--no-update-notifier` or setting it in your config with `npm config
set update-notifier false`.
- When `npm run-script <script>` fails due to a typo or missing
script, npm will now do a "did you mean?..." for scripts that do exist.
### BUGFIXES
- Fix the regular expression matching in `xcode_emulation` in
`node-gyp` to also handle version numbers with multiple-digit major
versions which would otherwise break under use of XCode 10.
- Stop trying to hoist/dedupe bundles dependencies.
- Add synopsis to brief help for `npm audit` and suppress trailing
newline.
- Exclude /.github directory from npm tarball.
- Add suggestion to use a temporary cache instead of `npm cache clear
--force`.
### DEPENDENCY SHUFFLE!
We did some reshuffling and moving around of npm's own dependencies.
This significantly reduces the total bundle size of the npm pack,
from 8MB to 4.8MB for the distributed tarball! We also moved around
what we actually commit to the repo as far as devDeps go.
- Flatten and dedupe our dependencies!
- Remove unused direct dependency `ansi-regex`.
- Reshuffle ansi-regex for better deduping.
- Reshuffle strip-ansi for better deduping.
- Reshuffle is-fullwidth-code-point for better deduping.
- Add fake-registry, npm-registry-mock replacement.
### DEPENDENCIES
- `tar@4.4.3`
- `pacote@8.1.6`
- `libcipm@2.0.0`
- `request@2.87.0`
- `which@1.3.1`
- `tar@4.4.4`
- `JSONStream@1.3.3`
- `is-cidr@2.0.6`
- `marked@0.4.0`
- `tap@12.0.1`
- `npm-profile@3.0.2`
- `uuid@3.3.2`
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.8.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.8.0.
No notable changes besides update to npm 6.2.0, which we do not
bundle.
No notable changes besides update to npm 6.2.0, which we do not
bundle.
MAIN commitmail json YAML
doc: Updated sysutils/consul to 1.2.2
MAIN commitmail json YAML
sysutils/consul: Update to 1.2.2
## 1.2.2 (July 30, 2018)
SECURITY:
- acl: Fixed an issue where writes operations on the Keyring and
Operator were being allowed with a default allow policy even when
explicitly denied in the policy.
FEATURES:
- **Alias Checks:** Alias checks allow a service or node to alias the
health status of another service or node in the cluster.
- agent: New Cloud Auto-join providers: vSphere and Packet.net.
- cli: Added `-serf-wan-port`, `-serf-lan-port`, and `-server-port`
flags to CLI for cases where these can't be specified in config
files and `-hcl` is too cumbersome.
- connect: The TTL of leaf (service) certificates in Connect is now
configurable.
IMPROVEMENTS:
- proxy: With `-register` flag, heartbeat failures will only log once
service registration succeeds.
- http: 1.0.3 introduced rejection of non-printable chars in HTTP URLs
due to a security vulnerability. Some users who had keys written
with an older version which are now dissallowed were unable to delete
them. A new config option disable_http_unprintable_char_filter is
added to allow those users to remove the offending keys. Leaving this
new option set long term is strongly discouraged as it bypasses
filtering necessary to prevent some known vulnerabilities.
- agent: Allow for advanced configuration of some gossip related
parameters.
- agent: Make some Gossip tuneables configurable via the config file
- ui: Included searching on `.Tags` when using the freetext search
field.
- ui: Service.ID's are now shown in the Service detail page and (only
if it is different from the service name) the Node Detail >
[Services] tab.
BUG FIXES:
- acl/connect: Fix an issue that was causing managed proxies not to
work when ACLs were enabled.
- connect: Fix issue with managed proxies and watches attempting to
use a client addr that is 0.0.0.0 or ::
- connect: Allow Native and Unmanaged proxy configurations via config
file
- connect: Fix bug causing 100% CPU on agent when Connect is disabled
but a proxy is still running
- proxy: Don't restart proxies setup in a config file when Consul
restarts
- ui: Display the Service.IP address instead of the Node.IP address in
the Service detail view.
- ui: Watch for trailing slash stripping 301 redirects and forward the
user to the correct location.
- connect: Fixed an issue in the connect native HTTP client where it
failed to resolve service names.
## 1.2.1 (July 12, 2018)
IMPROVEMENTS:
- acl: Prevented multiple ACL token refresh operations from occurring
simultaneously.
- acl: Add async-cache down policy mode to always do ACL token
refreshes in the background to reduce latency.
- proxy: Pass through HTTP client env vars to managed proxies so that
they can connect back to Consul over HTTPs when not serving HTTP.
- connect: Persist intermediate CAs on leader change.
BUG FIXES:
- api: Intention APIs parse error response body for error message.
- agent: Intention read endpoint returns a 400 on invalid UUID
- agent: Service registration with "services" does not error on
Connect upstream configuration.
- dns: Ensure that TXT RRs dont get put in the Answer section for
A/AAAA queries.
- dns: Ensure that only 1 CNAME is returned when querying for services
that have non-IP service addresses.
- api: Fixed issue where `Lock` and `Semaphore` would return earlier
than their requested timeout when unable to acquire the lock.
- watch: Fix issue with HTTPs only agents not executing watches
properly
- agent: Managed proxies that bind to 0.0.0.0 now get a health check
on a sane IP
- server: (Consul Enterprise) Fixed an issue causing Consul to panic
when network areas were used
- license: (Consul Enterprise) Fixed an issue causing the snapshot
agent to log erroneous licensing errors
## 1.2.2 (July 30, 2018)
SECURITY:
- acl: Fixed an issue where writes operations on the Keyring and
Operator were being allowed with a default allow policy even when
explicitly denied in the policy.
FEATURES:
- **Alias Checks:** Alias checks allow a service or node to alias the
health status of another service or node in the cluster.
- agent: New Cloud Auto-join providers: vSphere and Packet.net.
- cli: Added `-serf-wan-port`, `-serf-lan-port`, and `-server-port`
flags to CLI for cases where these can't be specified in config
files and `-hcl` is too cumbersome.
- connect: The TTL of leaf (service) certificates in Connect is now
configurable.
IMPROVEMENTS:
- proxy: With `-register` flag, heartbeat failures will only log once
service registration succeeds.
- http: 1.0.3 introduced rejection of non-printable chars in HTTP URLs
due to a security vulnerability. Some users who had keys written
with an older version which are now dissallowed were unable to delete
them. A new config option disable_http_unprintable_char_filter is
added to allow those users to remove the offending keys. Leaving this
new option set long term is strongly discouraged as it bypasses
filtering necessary to prevent some known vulnerabilities.
- agent: Allow for advanced configuration of some gossip related
parameters.
- agent: Make some Gossip tuneables configurable via the config file
- ui: Included searching on `.Tags` when using the freetext search
field.
- ui: Service.ID's are now shown in the Service detail page and (only
if it is different from the service name) the Node Detail >
[Services] tab.
BUG FIXES:
- acl/connect: Fix an issue that was causing managed proxies not to
work when ACLs were enabled.
- connect: Fix issue with managed proxies and watches attempting to
use a client addr that is 0.0.0.0 or ::
- connect: Allow Native and Unmanaged proxy configurations via config
file
- connect: Fix bug causing 100% CPU on agent when Connect is disabled
but a proxy is still running
- proxy: Don't restart proxies setup in a config file when Consul
restarts
- ui: Display the Service.IP address instead of the Node.IP address in
the Service detail view.
- ui: Watch for trailing slash stripping 301 redirects and forward the
user to the correct location.
- connect: Fixed an issue in the connect native HTTP client where it
failed to resolve service names.
## 1.2.1 (July 12, 2018)
IMPROVEMENTS:
- acl: Prevented multiple ACL token refresh operations from occurring
simultaneously.
- acl: Add async-cache down policy mode to always do ACL token
refreshes in the background to reduce latency.
- proxy: Pass through HTTP client env vars to managed proxies so that
they can connect back to Consul over HTTPs when not serving HTTP.
- connect: Persist intermediate CAs on leader change.
BUG FIXES:
- api: Intention APIs parse error response body for error message.
- agent: Intention read endpoint returns a 400 on invalid UUID
- agent: Service registration with "services" does not error on
Connect upstream configuration.
- dns: Ensure that TXT RRs dont get put in the Answer section for
A/AAAA queries.
- dns: Ensure that only 1 CNAME is returned when querying for services
that have non-IP service addresses.
- api: Fixed issue where `Lock` and `Semaphore` would return earlier
than their requested timeout when unable to acquire the lock.
- watch: Fix issue with HTTPs only agents not executing watches
properly
- agent: Managed proxies that bind to 0.0.0.0 now get a health check
on a sane IP
- server: (Consul Enterprise) Fixed an issue causing Consul to panic
when network areas were used
- license: (Consul Enterprise) Fixed an issue causing the snapshot
agent to log erroneous licensing errors
MAIN commitmail json YAML
doc: Updated mail/rspamd to 1.7.8
MAIN commitmail json YAML
pkgsrc/mail/rspamd/Makefile@1.44
/
diff
pkgsrc/mail/rspamd/PLIST@1.13 / diff
pkgsrc/mail/rspamd/distinfo@1.25 / diff
pkgsrc/mail/rspamd/patches/patch-contrib_t1ha_t1ha__bits.h deleted
pkgsrc/mail/rspamd/PLIST@1.13 / diff
pkgsrc/mail/rspamd/distinfo@1.25 / diff
pkgsrc/mail/rspamd/patches/patch-contrib_t1ha_t1ha__bits.h deleted
mail/rspamd: Update to 1.7.8
1.7.8: 12 Jul 2018
- [Feature] Add more extended statistics about fuzzy updates
- [Feature] Add more non-conformant Received headers support
- [Feature] Add preliminary function to get fuzzy hashes from text in
Lua
- [Feature] Allow to configure AV module rejection message
- [Feature] Implement fuzzy hashes extraction in mime tool
- [Feature] Improve WHITE_ON_WHITE rule
- [Feature] Improve integer -> string conversion
- [Feature] Reuse maps in multimap module more aggressively
- [Fix] Avoid race condition in skip map as pool lifetime is not
enough
- [Fix] Eliminate all specific C plugins pools
- [Fix] Fix DKIM check rule if DNS is unavailable
- [Fix] Fix build where ucontext is defined in ucontext.h
- [Fix] Fix crash in base url handling
- [Fix] Fix descriptors leak in sqlite3 locking code
- [Fix] Fix messages quarantine
- [Fix] Fix padded numbers printing
- [Fix] Fix race condition on maps reinit
- [Fix] Fix regexp functions when no data is passed
- [Fix] Fix specific urls extraction
- [Fix] Fix styles propagation
- [Fix] Improve resetting of the limit buckets
- [Fix] Initialize sqlite3 properly
- [Fix] Work with broken resolvers in resolv.conf
- [Project] Implement HTTP maps caching
- [Project] Refresh fuzzy hashes when matched
- [Project] Add logic to deduplicate fuzzy updates queue
- [WebUI] Add missed declarations
- [WebUI] Avoid using "undefined" property
- [WebUI] Do not accept passwords containing control characters
- [WebUI] Do not redeclare variables
- [WebUI] Enable strict mode,
- [WebUI] Fix variable assignment
- [WebUI] Initialize variables at declaration
- [WebUI] Remove duplicated path from RequireJS config
- [WebUI] Remove unused block
- [WebUI] Remove unused variable
- [WebUI] Remove unused variables
- [WebUI] Use self-explanatory notation
- [WebUI] Use type-safe equality operators
1.7.7: 02 Jul 2018
- [CritFix] Check NM part of pubkey to match it with rotating keypairs
- [CritFix] Do not overwrite PID of the main process
- [CritFix] Fix maps after reload
- [CritFix] Fix maps race conditions on reload
- [CritFix] Fix shmem leak in encrypting proxy mode
- [Feature] Add a concept of ignored symbols to avoid race conditions
- [Feature] Add ability to print bayes tokens in rspamadm mime
- [Feature] Add method to get statistical tokens in Lua API
- [Feature] Add preliminary mime stat command
- [Feature] Add rspamadm mime tool
- [Feature] Add urls extraction tool
- [Feature] Address ZeroFont exploit
- [Feature] Allow rspamadm mime to process multiple files
- [Feature] Allow to extract words in `rspamadm mime`
- [Feature] Allow to print mime part data
- [Feature] Allow to show HTML structure on extraction
- [Feature] Distinguish IP failures from connection failures
- [Feature] Improve output for mime command
- [Feature] Improve styles propagation
- [Feature] Main process crash will now cleanup all children
- [Feature] Preload file and static maps in main process
- [Feature] Print stack trace on crash
- [Feature] Process font size in HTML parser
- [Feature] Propagate content length of invisible tags
- [Feature] Read ordinary file maps in chunks to be more safe on
rewrites
- [Feature] Support base tag in HTML
- [Feature] Support more size suffixes when parsing HTML styles
- [Feature] Support opacity style
- [Fix] Another fix for nested composites
- [Fix] Fill nm id in keypairs cache code
- [Fix] Fix colors alpha channel handling
- [Fix] Fix destruction logic
- [Fix] Fix double free
- [Fix] Fix maps preload logic
- [Fix] Fix nested composites process
- [Fix] Fix proxying of Exim connections
- [Fix] Fix reload crash
- [Fix] Fix rspamadm -l command
- [Fix] Update ed25519 signing schema
- [WebUI] Stop using "const" declaration
- [WebUI] Update RequireJS to 2.3.5
1.7.6: 15 Jun 2018
- [CritFix] Fix multiple neural networks support
- [Feature] Add decryption function to keypair command
- [Feature] Add gzip compression for HTTP requests in elastic module
- [Feature] Add gzip methods to lua util
- [Feature] Add maps based on Top Level Domains
- [Feature] Add pubkey checks for dkim_signing
- [Feature] Add support of fake DNS records
- [Feature] Add tool to encrypt files
- [Feature] Allow to add symbols using settings directly
- [Feature] Allow to match private and public keys for DKIM signatures
- [Feature] Allow to set task flags via settings
- [Feature] Allow to specify fake DNS address from the config
- [Feature] Implement signatures verification using rspamadm keypair
- [Feature] Implement signing using `rspamadm keypair`
- [Feature] Improve error reporting for DKIM key access issues
- [Feature] Provide $HOSTNAME variable in UCL
- [Feature] Rework levenshtein distance computation
- [Feature] Split message parsing and processing
- [Feature] Support ED25519 DKIM signatures
- [Feature] Support encrypted configs in UCL
- [Feature] Suppress duplicate warning on very large radix tries
- [Feature] Use OSB to combine header names
- [Fix] Cleanup maps data on shutdown
- [Fix] Fix '~' behaviour in composites
- [Fix] Fix HTTP maps updates
- [Fix] Fix NIST signatures
- [Fix] Fix RFC822 comments when processing a mime address
- [Fix] Fix double free
- [Fix] Fix dynamic settings application
- [Fix] Fix for CommuniGate Pro maillist
- [Fix] Fix keypair creation method to actually create keypair...
- [Fix] Fix matching patterns with no paths
- [Fix] Fix memory leak in parsing comments
- [Fix] Fix parsing of urls with numeric password
- [Fix] Fix plugins intialisation in configwizard
- [Fix] Fix potential crash on reload
- [Fix] Fix potential race condition for a finished HTTP connections
- [Fix] Fix race-condition leak on processes reload
- [Fix] Fix signing in openssl mode
- [Fix] Free language detector structures
- [Fix] Relax alignment requirements
- [Fix] Send DMARC reports compressed
- [Fix] Try to fix leak in dmarc module
- [Fix] Try to plug memory leak in metric exporter
- [Project] Convert rspamadm subcommands to Lua
- [WebUI] Display smtp sender/recipient in history
- [WebUI] Fix elements disabling in "Symbols" tab
- [WebUI] Limit recipients list in history column to 3
- [WebUI] Match envelope and mime addresses following in arbitrary
order
- [WebUI] Update column header
- [WebUI] Wrap addresses in history
1.7.5: 18 May 2018
- [Conf] Add MSBL proposed return codes
- [Conf] Add additional groups for policies
- [CritFix] Do not use volatile Lua strings as UCL keys
- [Feature] Add ability to add fuzzy hashes to headers
- [Feature] Add function to extract most meaningful urls
- [Feature] Add rule to block mixed text and encrypted parts
- [Feature] Allow multiple groups for symbols
- [Feature] Allow to disable lua squeezing logic
- [Feature] Allow to get multipart children in Lua
- [Feature] Allow to insert multiple headers from milter headers
- [Feature] Allow to print scores in subject and further extensions
- [Feature] Be more error-prone in squeezed rules
- [Feature] Support multiple return codes in emails module
- [Feature] Use EMA for calculating averages
- [Feature] Use common jit cache for all regexps
- [Feature] support for CommuniGate Pro self-generated messages
- [Fix] Allow to have multiple values for headers as arrays
- [Fix] Do not open sockets for disabled workers
- [Fix] Fix AuthservId
- [Fix] Fix base64 folding in Lua API
- [Fix] Fix build on non-x86 platforms
- [Fix] Fix cached maps logic
- [Fix] Fix compatibility with old maps query logic
- [Fix] Fix crash if skip_map is used
- [Fix] Fix importing static maps from UCL
- [Fix] Fix parsing of unix sockets
- [Fix] Fix raw_mime regexp on HTML part with no text content
- [Fix] Fix tables logging
- [Fix] Fix vertical tab handling in libucl
- [Fix] Try to fix frequency counters
- [Fix] Use better sharding for ip_score
- [Fix] Use multiple results from SURBL DNS reply
- [Fix] When doing AV scan select a different server for retransmit
1.7.8: 12 Jul 2018
- [Feature] Add more extended statistics about fuzzy updates
- [Feature] Add more non-conformant Received headers support
- [Feature] Add preliminary function to get fuzzy hashes from text in
Lua
- [Feature] Allow to configure AV module rejection message
- [Feature] Implement fuzzy hashes extraction in mime tool
- [Feature] Improve WHITE_ON_WHITE rule
- [Feature] Improve integer -> string conversion
- [Feature] Reuse maps in multimap module more aggressively
- [Fix] Avoid race condition in skip map as pool lifetime is not
enough
- [Fix] Eliminate all specific C plugins pools
- [Fix] Fix DKIM check rule if DNS is unavailable
- [Fix] Fix build where ucontext is defined in ucontext.h
- [Fix] Fix crash in base url handling
- [Fix] Fix descriptors leak in sqlite3 locking code
- [Fix] Fix messages quarantine
- [Fix] Fix padded numbers printing
- [Fix] Fix race condition on maps reinit
- [Fix] Fix regexp functions when no data is passed
- [Fix] Fix specific urls extraction
- [Fix] Fix styles propagation
- [Fix] Improve resetting of the limit buckets
- [Fix] Initialize sqlite3 properly
- [Fix] Work with broken resolvers in resolv.conf
- [Project] Implement HTTP maps caching
- [Project] Refresh fuzzy hashes when matched
- [Project] Add logic to deduplicate fuzzy updates queue
- [WebUI] Add missed declarations
- [WebUI] Avoid using "undefined" property
- [WebUI] Do not accept passwords containing control characters
- [WebUI] Do not redeclare variables
- [WebUI] Enable strict mode,
- [WebUI] Fix variable assignment
- [WebUI] Initialize variables at declaration
- [WebUI] Remove duplicated path from RequireJS config
- [WebUI] Remove unused block
- [WebUI] Remove unused variable
- [WebUI] Remove unused variables
- [WebUI] Use self-explanatory notation
- [WebUI] Use type-safe equality operators
1.7.7: 02 Jul 2018
- [CritFix] Check NM part of pubkey to match it with rotating keypairs
- [CritFix] Do not overwrite PID of the main process
- [CritFix] Fix maps after reload
- [CritFix] Fix maps race conditions on reload
- [CritFix] Fix shmem leak in encrypting proxy mode
- [Feature] Add a concept of ignored symbols to avoid race conditions
- [Feature] Add ability to print bayes tokens in rspamadm mime
- [Feature] Add method to get statistical tokens in Lua API
- [Feature] Add preliminary mime stat command
- [Feature] Add rspamadm mime tool
- [Feature] Add urls extraction tool
- [Feature] Address ZeroFont exploit
- [Feature] Allow rspamadm mime to process multiple files
- [Feature] Allow to extract words in `rspamadm mime`
- [Feature] Allow to print mime part data
- [Feature] Allow to show HTML structure on extraction
- [Feature] Distinguish IP failures from connection failures
- [Feature] Improve output for mime command
- [Feature] Improve styles propagation
- [Feature] Main process crash will now cleanup all children
- [Feature] Preload file and static maps in main process
- [Feature] Print stack trace on crash
- [Feature] Process font size in HTML parser
- [Feature] Propagate content length of invisible tags
- [Feature] Read ordinary file maps in chunks to be more safe on
rewrites
- [Feature] Support base tag in HTML
- [Feature] Support more size suffixes when parsing HTML styles
- [Feature] Support opacity style
- [Fix] Another fix for nested composites
- [Fix] Fill nm id in keypairs cache code
- [Fix] Fix colors alpha channel handling
- [Fix] Fix destruction logic
- [Fix] Fix double free
- [Fix] Fix maps preload logic
- [Fix] Fix nested composites process
- [Fix] Fix proxying of Exim connections
- [Fix] Fix reload crash
- [Fix] Fix rspamadm -l command
- [Fix] Update ed25519 signing schema
- [WebUI] Stop using "const" declaration
- [WebUI] Update RequireJS to 2.3.5
1.7.6: 15 Jun 2018
- [CritFix] Fix multiple neural networks support
- [Feature] Add decryption function to keypair command
- [Feature] Add gzip compression for HTTP requests in elastic module
- [Feature] Add gzip methods to lua util
- [Feature] Add maps based on Top Level Domains
- [Feature] Add pubkey checks for dkim_signing
- [Feature] Add support of fake DNS records
- [Feature] Add tool to encrypt files
- [Feature] Allow to add symbols using settings directly
- [Feature] Allow to match private and public keys for DKIM signatures
- [Feature] Allow to set task flags via settings
- [Feature] Allow to specify fake DNS address from the config
- [Feature] Implement signatures verification using rspamadm keypair
- [Feature] Implement signing using `rspamadm keypair`
- [Feature] Improve error reporting for DKIM key access issues
- [Feature] Provide $HOSTNAME variable in UCL
- [Feature] Rework levenshtein distance computation
- [Feature] Split message parsing and processing
- [Feature] Support ED25519 DKIM signatures
- [Feature] Support encrypted configs in UCL
- [Feature] Suppress duplicate warning on very large radix tries
- [Feature] Use OSB to combine header names
- [Fix] Cleanup maps data on shutdown
- [Fix] Fix '~' behaviour in composites
- [Fix] Fix HTTP maps updates
- [Fix] Fix NIST signatures
- [Fix] Fix RFC822 comments when processing a mime address
- [Fix] Fix double free
- [Fix] Fix dynamic settings application
- [Fix] Fix for CommuniGate Pro maillist
- [Fix] Fix keypair creation method to actually create keypair...
- [Fix] Fix matching patterns with no paths
- [Fix] Fix memory leak in parsing comments
- [Fix] Fix parsing of urls with numeric password
- [Fix] Fix plugins intialisation in configwizard
- [Fix] Fix potential crash on reload
- [Fix] Fix potential race condition for a finished HTTP connections
- [Fix] Fix race-condition leak on processes reload
- [Fix] Fix signing in openssl mode
- [Fix] Free language detector structures
- [Fix] Relax alignment requirements
- [Fix] Send DMARC reports compressed
- [Fix] Try to fix leak in dmarc module
- [Fix] Try to plug memory leak in metric exporter
- [Project] Convert rspamadm subcommands to Lua
- [WebUI] Display smtp sender/recipient in history
- [WebUI] Fix elements disabling in "Symbols" tab
- [WebUI] Limit recipients list in history column to 3
- [WebUI] Match envelope and mime addresses following in arbitrary
order
- [WebUI] Update column header
- [WebUI] Wrap addresses in history
1.7.5: 18 May 2018
- [Conf] Add MSBL proposed return codes
- [Conf] Add additional groups for policies
- [CritFix] Do not use volatile Lua strings as UCL keys
- [Feature] Add ability to add fuzzy hashes to headers
- [Feature] Add function to extract most meaningful urls
- [Feature] Add rule to block mixed text and encrypted parts
- [Feature] Allow multiple groups for symbols
- [Feature] Allow to disable lua squeezing logic
- [Feature] Allow to get multipart children in Lua
- [Feature] Allow to insert multiple headers from milter headers
- [Feature] Allow to print scores in subject and further extensions
- [Feature] Be more error-prone in squeezed rules
- [Feature] Support multiple return codes in emails module
- [Feature] Use EMA for calculating averages
- [Feature] Use common jit cache for all regexps
- [Feature] support for CommuniGate Pro self-generated messages
- [Fix] Allow to have multiple values for headers as arrays
- [Fix] Do not open sockets for disabled workers
- [Fix] Fix AuthservId
- [Fix] Fix base64 folding in Lua API
- [Fix] Fix build on non-x86 platforms
- [Fix] Fix cached maps logic
- [Fix] Fix compatibility with old maps query logic
- [Fix] Fix crash if skip_map is used
- [Fix] Fix importing static maps from UCL
- [Fix] Fix parsing of unix sockets
- [Fix] Fix raw_mime regexp on HTML part with no text content
- [Fix] Fix tables logging
- [Fix] Fix vertical tab handling in libucl
- [Fix] Try to fix frequency counters
- [Fix] Use better sharding for ip_score
- [Fix] Use multiple results from SURBL DNS reply
- [Fix] When doing AV scan select a different server for retransmit
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.7.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.7.0.
- console:
- The `console.timeLog()` method has been implemented.
- deps:
- Upgrade to libuv 1.22.0.
- Upgrade to ICU 62.1 (Unicode 11, CLDR 33.1).
- http:
- Added support for passing both `timeout` and `agent` options to
`http.request`.
- inspector:
- Expose the original console API in `require('inspector').console`.
- napi:
- Added experimental support for functions dealing with bigint
numbers.
- process:
- The `process.hrtime.bigint()` method has been implemented.
- Added the `--title` command line argument to set the process title
on startup.
- trace_events:
- Added process\_name metadata.
- console:
- The `console.timeLog()` method has been implemented.
- deps:
- Upgrade to libuv 1.22.0.
- Upgrade to ICU 62.1 (Unicode 11, CLDR 33.1).
- http:
- Added support for passing both `timeout` and `agent` options to
`http.request`.
- inspector:
- Expose the original console API in `require('inspector').console`.
- napi:
- Added experimental support for functions dealing with bigint
numbers.
- process:
- The `process.hrtime.bigint()` method has been implemented.
- Added the `--title` command line argument to set the process title
on startup.
- trace_events:
- Added process\_name metadata.
MAIN commitmail json YAML
doc: Updated chat/ejabberd to 18.06
MAIN commitmail json YAML
pkgsrc/chat/ejabberd/Makefile@1.85
/
diff
pkgsrc/chat/ejabberd/PLIST@1.54 / diff
pkgsrc/chat/ejabberd/distinfo@1.58 / diff
pkgsrc/chat/ejabberd/PLIST@1.54 / diff
pkgsrc/chat/ejabberd/distinfo@1.58 / diff
chat/ejabberd: Update to 18.06.
Admin
- Stop ejabberd initialization on invalid/unknown options
- Add new options for OOM watchdog: oom_watermark and oom_queue
- Add ability to modify version string
- Add option ext_api_headers to define REST API custom headers
- Fix Erlang limits in ejabberdctl.cfg.example to reflect current
situation
- Make trusted_proxied ejabberd_http option accept ip masks
- Teach acl ip matching about ipv4 mapped ipv6 addresses
- Removed watchdog_admins option from config, as has no effect anymore
- Improve logging of external authentication failures
- ejabberd_auth: Don't use cache if the option is disabled
- Make connected_users_info and user_sessions_info DB-agnostic
Core
- Support SASL PLAIN by xmpp_stream_out
- Add Resource Binding support to xmpp_stream_out
- Improve robustness of external authentication backends
- Don't use 'unsupported-version' inside SM element
- Generate SASL failures on unencrypted connections only for s2s
- Fix reset_stream in websocket using pre-rfc protocol
- Don't crash in bosh when we receive request with RID < prev_rid
- Get rid of all calls to jlib.erl module
- Support IPv6 connections for PostgreSQL, MySQL and LDAP
- Fix authentication for usernames containing uppercase characters
- Optimize HTTP requests memory usage
- PKIX: Just warn instead of ignore a certificate containing no domain
names
- PKIX: Don't replace valid certificates with invalid ones
Modules
- Log modules startup
- mod_disco: Advertise disco#info and disco#items features
- mod_irc: is moved away from ejabberd repo to ejabberd-contrib
- mod_mam: Don't replace existing stanza ID
- HTTP upload: Generate HTTP Upload form using xdata codec
- HTTP upload: Improve error formatting
- HTTP upload: Return detailed error if HTTP upload is too large
MUC
- Always display room's xdata in disco#info
- Display muc#roomconfig_changesubject in room's disco#info
- Render roomname, allowinvites and allowpm in room disco#info
- Support for roomconfig_lang/roominfo_lang
- mod_muc_sql: Fix export to SQL
Push
- Omit summary for outgoing messages
- Further improve handling of carbons
- Also include sender/body for carbons
- Include a static body text by default
- keepalive: Increase default timeout to 3 days
- SQL: Check 'max_user_sessions' limit
Admin
- Stop ejabberd initialization on invalid/unknown options
- Add new options for OOM watchdog: oom_watermark and oom_queue
- Add ability to modify version string
- Add option ext_api_headers to define REST API custom headers
- Fix Erlang limits in ejabberdctl.cfg.example to reflect current
situation
- Make trusted_proxied ejabberd_http option accept ip masks
- Teach acl ip matching about ipv4 mapped ipv6 addresses
- Removed watchdog_admins option from config, as has no effect anymore
- Improve logging of external authentication failures
- ejabberd_auth: Don't use cache if the option is disabled
- Make connected_users_info and user_sessions_info DB-agnostic
Core
- Support SASL PLAIN by xmpp_stream_out
- Add Resource Binding support to xmpp_stream_out
- Improve robustness of external authentication backends
- Don't use 'unsupported-version' inside SM element
- Generate SASL failures on unencrypted connections only for s2s
- Fix reset_stream in websocket using pre-rfc protocol
- Don't crash in bosh when we receive request with RID < prev_rid
- Get rid of all calls to jlib.erl module
- Support IPv6 connections for PostgreSQL, MySQL and LDAP
- Fix authentication for usernames containing uppercase characters
- Optimize HTTP requests memory usage
- PKIX: Just warn instead of ignore a certificate containing no domain
names
- PKIX: Don't replace valid certificates with invalid ones
Modules
- Log modules startup
- mod_disco: Advertise disco#info and disco#items features
- mod_irc: is moved away from ejabberd repo to ejabberd-contrib
- mod_mam: Don't replace existing stanza ID
- HTTP upload: Generate HTTP Upload form using xdata codec
- HTTP upload: Improve error formatting
- HTTP upload: Return detailed error if HTTP upload is too large
MUC
- Always display room's xdata in disco#info
- Display muc#roomconfig_changesubject in room's disco#info
- Render roomname, allowinvites and allowpm in room disco#info
- Support for roomconfig_lang/roominfo_lang
- mod_muc_sql: Fix export to SQL
Push
- Omit summary for outgoing messages
- Further improve handling of carbons
- Also include sender/body for carbons
- Include a static body text by default
- keepalive: Increase default timeout to 3 days
- SQL: Check 'max_user_sessions' limit
MAIN commitmail json YAML
pkgsrc/security/erlang-jose/distinfo@1.2
/
diff
pkgsrc/security/erlang-jose/patches/patch-src_jose__public__key.erl@1.1 / diff
pkgsrc/security/erlang-jose/patches/patch-src_jose__public__key.erl@1.1 / diff
security/erlang-jose: Provide workaround to build on erlang>=21.
MAIN commitmail json YAML
doc: Updated graphics/erlang-eimp to 1.0.6
MAIN commitmail json YAML
graphics/erlang-eimp: Update to 1.0.6.
- Updating p1_utils to version 1.0.12.
- Updating p1_utils to version 1.0.12.
MAIN commitmail json YAML
doc: Updated net/erlang-esip to 1.0.24
MAIN commitmail json YAML
net/erlang-esip: Update to 1.0.24.
- Updating fast_tls to version 1.0.23.
- Updating stun to version 1.0.23.
- Updating p1_utils to version 1.0.12.
- Updating fast_tls to version 1.0.23.
- Updating stun to version 1.0.23.
- Updating p1_utils to version 1.0.12.
MAIN commitmail json YAML
doc: Updated net/erlang-xmpp to 1.2.2
MAIN commitmail json YAML
pkgsrc/net/erlang-xmpp/Makefile@1.15
/
diff
pkgsrc/net/erlang-xmpp/PLIST@1.9 / diff
pkgsrc/net/erlang-xmpp/distinfo@1.12 / diff
pkgsrc/net/erlang-xmpp/PLIST@1.9 / diff
pkgsrc/net/erlang-xmpp/distinfo@1.12 / diff
net/erlang-xmpp: Update to 1.2.2.
Version 1.2.2
- Updating fast_xml to version 1.1.32.
- Fix crash when trying to encode xmlcdata
- Add missing files to hex package
Version 1.2.1
- Updating p1_utils to version 1.0.12.
- Updating fast_xml to version 1.1.31.
- Updating stringprep to version 1.0.12.
Version 1.2.0
- Support XEP-0377: Spam Reporting
- New xmpp_lang module to validate language tags
- Improve muc#roominfo and muc#roomconfig data forms
- XEP-0363: support and tags
- XEP-0363: data form support
- Add more functions to format errors
- Change arity of err_gone(), err_redirect() and serr_see_other_host()
THIS CHANGE INTRODUCES API INCOMPATIBILITY: use xref to check the code
- Support multiple namespaces for the same data form
Version 1.2.2
- Updating fast_xml to version 1.1.32.
- Fix crash when trying to encode xmlcdata
- Add missing files to hex package
Version 1.2.1
- Updating p1_utils to version 1.0.12.
- Updating fast_xml to version 1.1.31.
- Updating stringprep to version 1.0.12.
Version 1.2.0
- Support XEP-0377: Spam Reporting
- New xmpp_lang module to validate language tags
- Improve muc#roominfo and muc#roomconfig data forms
- XEP-0363: support and tags
- XEP-0363: data form support
- Add more functions to format errors
- Change arity of err_gone(), err_redirect() and serr_see_other_host()
THIS CHANGE INTRODUCES API INCOMPATIBILITY: use xref to check the code
- Support multiple namespaces for the same data form
MAIN commitmail json YAML
doc: Updated net/erlang-stun to 1.0.23
MAIN commitmail json YAML
net/erlang-stun: Update to 1.0.23.
- Updating fast_tls to version 1.0.23.
- Updating p1_utils to version 1.0.12.
- Use p1_fsm instead of gen_fsm
- Remove unused dependency on port compiler
- Updating fast_tls to version 1.0.23.
- Updating p1_utils to version 1.0.12.
- Use p1_fsm instead of gen_fsm
- Remove unused dependency on port compiler
MAIN commitmail json YAML
doc: Updated textproc/erlang-stringprep to 1.0.12
MAIN commitmail json YAML
pkgsrc/textproc/erlang-stringprep/Makefile@1.10
/
diff
pkgsrc/textproc/erlang-stringprep/distinfo@1.9 / diff
pkgsrc/textproc/erlang-stringprep/distinfo@1.9 / diff
textproc/erlang-stringprep: Update to 1.0.12.
- Updating p1_utils to version 1.0.12.
- Updating p1_utils to version 1.0.12.
MAIN commitmail json YAML
doc: Updated databases/erlang-p1_pgsql to 1.1.6
MAIN commitmail json YAML
pkgsrc/databases/erlang-p1_pgsql/Makefile@1.11
/
diff
pkgsrc/databases/erlang-p1_pgsql/distinfo@1.9 / diff
pkgsrc/databases/erlang-p1_pgsql/distinfo@1.9 / diff
databases/erlang-p1_pgsql: Update to 1.1.6.
- Add support for ipv6 connections
- Add support for ipv6 connections
MAIN commitmail json YAML
doc: Updated databases/erlang-p1_mysql to 1.0.6
MAIN commitmail json YAML
pkgsrc/databases/erlang-p1_mysql/Makefile@1.10
/
diff
pkgsrc/databases/erlang-p1_mysql/distinfo@1.8 / diff
pkgsrc/databases/erlang-p1_mysql/distinfo@1.8 / diff
databases/erlang-p1_mysql: Update to 1.0.6.
- Add support for ipv6 connections
- Add support for ipv6 connections
MAIN commitmail json YAML
doc: Updated converters/erlang-iconv to 1.0.8
MAIN commitmail json YAML
pkgsrc/converters/erlang-iconv/Makefile@1.9
/
diff
pkgsrc/converters/erlang-iconv/distinfo@1.8 / diff
pkgsrc/converters/erlang-iconv/distinfo@1.8 / diff
converters/erlang-iconv: Update to 1.0.8.
- Updating p1_utils to version 1.0.12.
- Updating p1_utils to version 1.0.12.
MAIN commitmail json YAML
doc: Updated textproc/erlang-fast_yaml to 1.0.15
MAIN commitmail json YAML
pkgsrc/textproc/erlang-fast_yaml/Makefile@1.12
/
diff
pkgsrc/textproc/erlang-fast_yaml/distinfo@1.11 / diff
pkgsrc/textproc/erlang-fast_yaml/distinfo@1.11 / diff
textproc/erlang-fast_yaml: Update to 1.0.15.
- Updating p1_utils to version 1.0.12.
- Updating p1_utils to version 1.0.12.
MAIN commitmail json YAML
doc: Updated textproc/erlang-fast_xml to 1.1.32
MAIN commitmail json YAML
pkgsrc/textproc/erlang-fast_xml/Makefile@1.15
/
diff
pkgsrc/textproc/erlang-fast_xml/distinfo@1.13 / diff
pkgsrc/textproc/erlang-fast_xml/distinfo@1.13 / diff
textproc/erlang-fast_xml: Update to 1.1.32.
Version 1.1.32
- Don't crash when trying to encode xmlcdata
Version 1.1.31
- Updating p1_utils to version 1.0.12.
Version 1.1.32
- Don't crash when trying to encode xmlcdata
Version 1.1.31
- Updating p1_utils to version 1.0.12.
MAIN commitmail json YAML
doc: Updated security/erlang-fast_tls to 1.0.23
MAIN commitmail json YAML
pkgsrc/security/erlang-fast_tls/Makefile@1.16
/
diff
pkgsrc/security/erlang-fast_tls/distinfo@1.15 / diff
pkgsrc/security/erlang-fast_tls/distinfo@1.15 / diff
security/erlang-fast_tls: Update to 1.0.23.
- Updating p1_utils to version 1.0.12.
- Add ability to get cipher user by connection
- Updating p1_utils to version 1.0.12.
- Add ability to get cipher user by connection
MAIN commitmail json YAML
doc: Updated devel/erlang-cache_tab to 1.0.14
MAIN commitmail json YAML
pkgsrc/devel/erlang-cache_tab/Makefile@1.12
/
diff
pkgsrc/devel/erlang-cache_tab/distinfo@1.11 / diff
pkgsrc/devel/erlang-cache_tab/distinfo@1.11 / diff
devel/erlang-cache_tab: Update 1.0.14.
- Updating p1_utils to version 1.0.12.
- Updating p1_utils to version 1.0.12.
MAIN commitmail json YAML
doc: Updated misc/erlang-p1_utils to 1.0.12
MAIN commitmail json YAML
misc/erlang-p1_utils: Update to 1.0.12.
- Don't fetch generic_debug option from init.
- Don't fetch generic_debug option from init.
MAIN commitmail json YAML
doc: Updated devel/gradle to 4.9
MAIN commitmail json YAML
pkgsrc/devel/gradle/Makefile@1.16
/
diff
pkgsrc/devel/gradle/PLIST@1.11 / diff
pkgsrc/devel/gradle/distinfo@1.12 / diff
pkgsrc/devel/gradle/PLIST@1.11 / diff
pkgsrc/devel/gradle/distinfo@1.12 / diff
devel/gradle: Update to 4.9.
- Projects that publish auxiliary publications through maven-publish
and ivy-publish can now be depended upon by other projects in the
same build.
- In addition to lazy tasks use, Kotlin DSL build scripts are
evaluated faster with version 0.18.4.
- You can now pass arguments to JavaExec tasks directly from the
command-line using --args.
- Improved dependency insight report.
- Projects that publish auxiliary publications through maven-publish
and ivy-publish can now be depended upon by other projects in the
same build.
- In addition to lazy tasks use, Kotlin DSL build scripts are
evaluated faster with version 0.18.4.
- You can now pass arguments to JavaExec tasks directly from the
command-line using --args.
- Improved dependency insight report.
MAIN commitmail json YAML
doc: Updated www/yaws to 2.0.6
MAIN commitmail json YAML
www/yaws: Update to 2.0.6.
- Add support for Erlang/OTP 21.0
- Fix missing space in yaws_server:handle_out_reply/5
- recognize '?' in conf strings
- Add support for Erlang/OTP 21.0
- Fix missing space in yaws_server:handle_out_reply/5
- recognize '?' in conf strings
MAIN commitmail json YAML
doc: Updated security/py-certbot to 0.26.0
MAIN commitmail json YAML
pkgsrc/security/py-acme/PLIST@1.10
/
diff
pkgsrc/security/py-certbot/Makefile.common@1.26 / diff
pkgsrc/security/py-certbot/PLIST@1.13 / diff
pkgsrc/security/py-certbot/distinfo@1.26 / diff
pkgsrc/security/py-certbot/Makefile.common@1.26 / diff
pkgsrc/security/py-certbot/PLIST@1.13 / diff
pkgsrc/security/py-certbot/distinfo@1.26 / diff
net/py-{acme,certbot}: Update to 0.26.0.
### Added
- A new security enhancement which we're calling AutoHSTS has been
added to Certbot's Apache plugin. This enhancement configures your
webserver to send a HTTP Strict Transport Security header with a low
max-age value that is slowly increased over time. The max-age value is
not increased to a large value until you've successfully managed to
renew your certificate. This enhancement can be requested with the
--auto-hsts flag.
- New official DNS plugins have been created for Gehirn Infrastracture
Service, Linode, OVH, and Sakura Cloud. These plugins can be found
on our Docker Hub page at https://hub.docker.com/u/certbot and on
PyPI.
- The ability to reuse ACME accounts from Let's Encrypt's ACMEv1
endpoint on Let's Encrypt's ACMEv2 endpoint has been added.
- Certbot and its components now support Python 3.7.
- Certbot's install subcommand now allows you to interactively choose
which certificate to install from the list of certificates managed
by Certbot.
- Certbot now accepts the flag `--no-autorenew` which causes any
obtained certificates to not be automatically renewed when it
approaches expiration.
- Support for parsing the TLS-ALPN-01 challenge has been added back to
the acme library.
### Changed
- Certbot's default ACME server has been changed to Let's Encrypt's
ACMEv2 endpoint. By default, this server will now be used for both
new certificate lineages and renewals.
- The Nginx plugin is no longer marked labeled as an "Alpha" version.
- The `prepare` method of Certbot's plugins is no longer called before
running "Updater" enhancements that are run on every invocation of
`certbot renew`.
### Added
- A new security enhancement which we're calling AutoHSTS has been
added to Certbot's Apache plugin. This enhancement configures your
webserver to send a HTTP Strict Transport Security header with a low
max-age value that is slowly increased over time. The max-age value is
not increased to a large value until you've successfully managed to
renew your certificate. This enhancement can be requested with the
--auto-hsts flag.
- New official DNS plugins have been created for Gehirn Infrastracture
Service, Linode, OVH, and Sakura Cloud. These plugins can be found
on our Docker Hub page at https://hub.docker.com/u/certbot and on
PyPI.
- The ability to reuse ACME accounts from Let's Encrypt's ACMEv1
endpoint on Let's Encrypt's ACMEv2 endpoint has been added.
- Certbot and its components now support Python 3.7.
- Certbot's install subcommand now allows you to interactively choose
which certificate to install from the list of certificates managed
by Certbot.
- Certbot now accepts the flag `--no-autorenew` which causes any
obtained certificates to not be automatically renewed when it
approaches expiration.
- Support for parsing the TLS-ALPN-01 challenge has been added back to
the acme library.
### Changed
- Certbot's default ACME server has been changed to Let's Encrypt's
ACMEv2 endpoint. By default, this server will now be used for both
new certificate lineages and renewals.
- The Nginx plugin is no longer marked labeled as an "Alpha" version.
- The `prepare` method of Certbot's plugins is no longer called before
running "Updater" enhancements that are run on every invocation of
`certbot renew`.
MAIN commitmail json YAML
doc: Updated net/py-lexicon to 2.7.0
MAIN commitmail json YAML
pkgsrc/net/py-lexicon/Makefile@1.29
/
diff
pkgsrc/net/py-lexicon/PLIST@1.21 / diff
pkgsrc/net/py-lexicon/distinfo@1.29 / diff
pkgsrc/net/py-lexicon/PLIST@1.21 / diff
pkgsrc/net/py-lexicon/distinfo@1.29 / diff
net/py-lexicon: Update to 2.7.0.
2.7.0.
- Subreg.cz: Use Zeep instead of PySimpleSOAP library
2.6.0
- Improvements to argument handling
2.5.0
- Add Google Cloud DNS provider
2.4.7
- Add Zeit provider
2.4.6
- Fixes to dnsimple
2.4.5
- Add support for Exoscale
2.4.4
- Add support for online.net
2.4.3
- Test fixes
2.4.2
- Minor fixes to OVH provider
2.4.1
- add support for Gandi LiveDNS API
2.7.0.
- Subreg.cz: Use Zeep instead of PySimpleSOAP library
2.6.0
- Improvements to argument handling
2.5.0
- Add Google Cloud DNS provider
2.4.7
- Add Zeit provider
2.4.6
- Fixes to dnsimple
2.4.5
- Add support for Exoscale
2.4.4
- Add support for online.net
2.4.3
- Test fixes
2.4.2
- Minor fixes to OVH provider
2.4.1
- add support for Gandi LiveDNS API
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.6.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.6.0.
- dns: An experimental promisified version of the dns module is now
available. Give it a try with `require('dns').promises`.
- fs: `fs.lchown` has been undeprecated now that libuv supports it.
- lib: `Atomics.wake` is being renamed to `Atomics.notify` in the
ECMAScript specification. Since Node.js now has experimental support
for worker threads, we are being proactive and added a `notify` alias,
while emitting a warning if `wake` is used.
- n-api: Add API for asynchronous functions.
- util: `util.inspect` is now able to return a result instead of
throwing when the maximum call stack size is exceeded during
inspection.
- vm: Add `script.createCachedData()`. This API replaces the
`produceCachedData` option of the `Script` constructor that is now
deprecated.
- worker: Support for relative paths has been added to the `Worker`
constructor. Paths are interpreted relative to the current working
directory.
- dns: An experimental promisified version of the dns module is now
available. Give it a try with `require('dns').promises`.
- fs: `fs.lchown` has been undeprecated now that libuv supports it.
- lib: `Atomics.wake` is being renamed to `Atomics.notify` in the
ECMAScript specification. Since Node.js now has experimental support
for worker threads, we are being proactive and added a `notify` alias,
while emitting a warning if `wake` is used.
- n-api: Add API for asynchronous functions.
- util: `util.inspect` is now able to return a result instead of
throwing when the maximum call stack size is exceeded during
inspection.
- vm: Add `script.createCachedData()`. This API replaces the
`produceCachedData` option of the `Script` constructor that is now
deprecated.
- worker: Support for relative paths has been added to the `Worker`
constructor. Paths are interpreted relative to the current working
directory.
MAIN commitmail json YAML
doc: Updated sysutils/rsyslog to 8.36.0
MAIN commitmail json YAML
pkgsrc/sysutils/rsyslog/Makefile@1.13
/
diff
pkgsrc/sysutils/rsyslog/Makefile.common@1.39 / diff
pkgsrc/sysutils/rsyslog/distinfo@1.36 / diff
pkgsrc/sysutils/rsyslog/Makefile.common@1.39 / diff
pkgsrc/sysutils/rsyslog/distinfo@1.36 / diff
sysutils/rsyslog*: Update to 8.36.0.
- This version disables liblogging-stdlog by default. We now also
emit a warning message ("liblogging-stdlog will go away") so that
users know what is going on and my react.
- add openssl driver alongside GnuTLS one for TLS (experimental)
- GnuTLS TLS driver: support intermediate certificates
- omelasticsearch: write op types; bulk rejection retries
- lookup tables: reload message now with "info" severity (was "error")
- imptcp: add support for regex-based framing
- imjournal: add statistics counter
- config: permit 4-digit file creation modes
- ommongodb: add possibility to ignore some insertion error code
- omprog: simplify 'plugin-with-feedback.py' example
- core: misadressing when writing disk queue files
- core: fix message loss on target unavailibility during shutdown
- imrelp bugfix: error message "librelp too old" is always emitted ...
- imrelp: segfault on startup when cert without priv key is configured
- omrelp bugfix: segfault on first message sent when authmode was
wrong
- imfile bugfix: double-free on module shutdown
- imfile/core bugfix: potential misadressing in string copy routine
- imfile bugfix: if freshStartTail is set some initial file lines
missing
- core: fix undefined behaviour (unsigned computation may lead to
value < 0)
- This version disables liblogging-stdlog by default. We now also
emit a warning message ("liblogging-stdlog will go away") so that
users know what is going on and my react.
- add openssl driver alongside GnuTLS one for TLS (experimental)
- GnuTLS TLS driver: support intermediate certificates
- omelasticsearch: write op types; bulk rejection retries
- lookup tables: reload message now with "info" severity (was "error")
- imptcp: add support for regex-based framing
- imjournal: add statistics counter
- config: permit 4-digit file creation modes
- ommongodb: add possibility to ignore some insertion error code
- omprog: simplify 'plugin-with-feedback.py' example
- core: misadressing when writing disk queue files
- core: fix message loss on target unavailibility during shutdown
- imrelp bugfix: error message "librelp too old" is always emitted ...
- imrelp: segfault on startup when cert without priv key is configured
- omrelp bugfix: segfault on first message sent when authmode was
wrong
- imfile bugfix: double-free on module shutdown
- imfile/core bugfix: potential misadressing in string copy routine
- imfile bugfix: if freshStartTail is set some initial file lines
missing
- core: fix undefined behaviour (unsigned computation may lead to
value < 0)
MAIN commitmail json YAML
doc: Updated www/passenger to 5.3.3
MAIN commitmail json YAML
www/*passenger: Update to 5.3.3.
- [Apache, Nginx] Fixes the passenger-install-*-module scripts.
- [Nginx] Fixed nginx module building on CentOS 6.
- [Apache, Nginx] Fixes the passenger-install-*-module scripts.
- [Nginx] Fixed nginx module building on CentOS 6.
MAIN commitmail json YAML
Updated sysutils/consul
MAIN commitmail json YAML
sysutils/consul: Update to 1.2.0.
FEATURES:
- Connect Feature Beta: This version includes a major new feature for
Consul named Connect. Connect enables secure service-to-service
communication with automatic TLS encryption and identity-based
authorization.
- Connect must be enabled explicitly in configuration so upgrading a
cluster will not affect any existing functionality until it's
enabled.
- This is a Beta feature, we don't recommend enabling this in
production yet. Please see the documentation for more information.
- dns: Enable PTR record lookups for services with IPs that have no
registered node
- ui: Default to serving the new UI. Setting the `CONSUL_UI_LEGACY`
environment variable to `1` or `true` will revert to serving the old
UI
IMPROVEMENTS:
- agent: A Consul user-agent string is now sent to providers when
making retry-join requests
- client: Add metrics for failed RPCs
- agent: Add configuration entry to control including TXT records for
node meta in DNS responses
- client: Make RPC rate limit configuration reloadable
BUG FIXES:
- agent: Fixed an issue where watches were being duplicated on reload.
- agent: Fixed an issue with Agent watches on a HTTPS only agent would
fail to use TLS.
- agent: Fixed bug that would cause unnecessary and frequent logging
yamux keepalives
- dns: Re-enable full DNS compression
FEATURES:
- Connect Feature Beta: This version includes a major new feature for
Consul named Connect. Connect enables secure service-to-service
communication with automatic TLS encryption and identity-based
authorization.
- Connect must be enabled explicitly in configuration so upgrading a
cluster will not affect any existing functionality until it's
enabled.
- This is a Beta feature, we don't recommend enabling this in
production yet. Please see the documentation for more information.
- dns: Enable PTR record lookups for services with IPs that have no
registered node
- ui: Default to serving the new UI. Setting the `CONSUL_UI_LEGACY`
environment variable to `1` or `true` will revert to serving the old
UI
IMPROVEMENTS:
- agent: A Consul user-agent string is now sent to providers when
making retry-join requests
- client: Add metrics for failed RPCs
- agent: Add configuration entry to control including TXT records for
node meta in DNS responses
- client: Make RPC rate limit configuration reloadable
BUG FIXES:
- agent: Fixed an issue where watches were being duplicated on reload.
- agent: Fixed an issue with Agent watches on a HTTPS only agent would
fail to use TLS.
- agent: Fixed bug that would cause unnecessary and frequent logging
yamux keepalives
- dns: Re-enable full DNS compression
MAIN commitmail json YAML
doc: Updated lang/erlang to 21.0
MAIN commitmail json YAML
pkgsrc/lang/erlang-doc/PLIST@1.29
/
diff
pkgsrc/lang/erlang-doc/distinfo@1.28 / diff
pkgsrc/lang/erlang/Makefile@1.85 / diff
pkgsrc/lang/erlang/Makefile.versions@1.32 / diff
pkgsrc/lang/erlang/PLIST@1.31 / diff
pkgsrc/lang/erlang/PLIST.hipe@1.6 / diff
pkgsrc/lang/erlang/PLIST.java@1.12 / diff
pkgsrc/lang/erlang/distinfo@1.58 / diff
pkgsrc/lang/erlang/patches/patch-erts_emulator_sys_common_erl__poll.c deleted
pkgsrc/lang/erlang/patches/patch-erts_emulator_sys_unix_sys__uds.c@1.1 / diff
pkgsrc/lang/erlang/patches/patch-erts_emulator_sys_unix_sys__uds.h deleted
pkgsrc/lang/erlang/patches/patch-erts_lib__src_common_erl__printf.c@1.1 / diff
pkgsrc/lang/erlang/versions.mk@1.1 / diff
pkgsrc/lang/erlang-doc/distinfo@1.28 / diff
pkgsrc/lang/erlang/Makefile@1.85 / diff
pkgsrc/lang/erlang/Makefile.versions@1.32 / diff
pkgsrc/lang/erlang/PLIST@1.31 / diff
pkgsrc/lang/erlang/PLIST.hipe@1.6 / diff
pkgsrc/lang/erlang/PLIST.java@1.12 / diff
pkgsrc/lang/erlang/distinfo@1.58 / diff
pkgsrc/lang/erlang/patches/patch-erts_emulator_sys_common_erl__poll.c deleted
pkgsrc/lang/erlang/patches/patch-erts_emulator_sys_unix_sys__uds.c@1.1 / diff
pkgsrc/lang/erlang/patches/patch-erts_emulator_sys_unix_sys__uds.h deleted
pkgsrc/lang/erlang/patches/patch-erts_lib__src_common_erl__printf.c@1.1 / diff
pkgsrc/lang/erlang/versions.mk@1.1 / diff
lang/erlang*: Update to 21.0
Potential Incompatibilities
- All Corba applications are now moved from the OTP repository
- A new Corba repository will be created https://github.com/erlang
- New applications ftp and tftp, moved from inets
- ssl no longer supports 3_DES cipher suites or RSA-key exchange
cipher suites by default
- Erlang:monitor on a primitive node (erl_interface, jinterface, etc)
will no longer fail with badarg exception. Instead a monitor will be
created, but it will only supervise the connection to the node.
Erts:
- Enhanced IO scalability
- Support for usage of distribution controller processes for
alternative transports, routing etc
- compact instructions on 64bit systems for code below 4GB 20% less
memory for loaded code
- Rewrite of the efile-driver with NIFs and "Dirty schedulers"
resulting in faster file operations
- non-smp VM removed
- link and monitor optimized for scalability
- os:getenv/putenv now work on thread-safe emulation. No longer in
sync with libc getenv(3). Manual synchronization will be needed.
Compiler:
- Misc compiler optimizations including contributions from the Elixir
team resulting in 10% improvements in benchmarks
- "Tuple calls" have been removed from the run-time system.
- Code such as f({ok, Val}) -> {ok, Val} is now automatically
rewritten to f({ok, Val} = Tuple) -> Tuple. this reduces code size,
execution time, and removed GC pressure.
- More information in stacktrace from a number of operators
- erlang:get_stacktrace/0 deprecated to be replaced with try ... catch
C:R:Stacktrace -> ...
- Creation of small maps with literal keys optimized.
- A new predefined macro OTP_RELEASE and preprocessor directives -if
and -elif
Security:
- DTLS is now supported in the SSL application
- Enhanced support for distribution over TLS
- "unsecure" ciphers removed from defaults in SSL and SSH.
- A new option value defined to facilitate implementing exec servers.
Old option kept for compatibility, but now gives errors on stderror.
Standard libraries:
- New API for logging, logger
- New uri_string module for parsing URIs according to "The standard"
- New function lists:search(list,fun/1) -> {ok, Value} | false
- Changed default behaviour of .erlang loading. escript, erlc,
dialyzer and typer no longer load an .erlang at all.
Potential Incompatibilities
- All Corba applications are now moved from the OTP repository
- A new Corba repository will be created https://github.com/erlang
- New applications ftp and tftp, moved from inets
- ssl no longer supports 3_DES cipher suites or RSA-key exchange
cipher suites by default
- Erlang:monitor on a primitive node (erl_interface, jinterface, etc)
will no longer fail with badarg exception. Instead a monitor will be
created, but it will only supervise the connection to the node.
Erts:
- Enhanced IO scalability
- Support for usage of distribution controller processes for
alternative transports, routing etc
- compact instructions on 64bit systems for code below 4GB 20% less
memory for loaded code
- Rewrite of the efile-driver with NIFs and "Dirty schedulers"
resulting in faster file operations
- non-smp VM removed
- link and monitor optimized for scalability
- os:getenv/putenv now work on thread-safe emulation. No longer in
sync with libc getenv(3). Manual synchronization will be needed.
Compiler:
- Misc compiler optimizations including contributions from the Elixir
team resulting in 10% improvements in benchmarks
- "Tuple calls" have been removed from the run-time system.
- Code such as f({ok, Val}) -> {ok, Val} is now automatically
rewritten to f({ok, Val} = Tuple) -> Tuple. this reduces code size,
execution time, and removed GC pressure.
- More information in stacktrace from a number of operators
- erlang:get_stacktrace/0 deprecated to be replaced with try ... catch
C:R:Stacktrace -> ...
- Creation of small maps with literal keys optimized.
- A new predefined macro OTP_RELEASE and preprocessor directives -if
and -elif
Security:
- DTLS is now supported in the SSL application
- Enhanced support for distribution over TLS
- "unsecure" ciphers removed from defaults in SSL and SSH.
- A new option value defined to facilitate implementing exec servers.
Old option kept for compatibility, but now gives errors on stderror.
Standard libraries:
- New API for logging, logger
- New uri_string module for parsing URIs according to "The standard"
- New function lists:search(list,fun/1) -> {ok, Value} | false
- Changed default behaviour of .erlang loading. escript, erlc,
dialyzer and typer no longer load an .erlang at all.
MAIN commitmail json YAML
pkgsrc/devel/py-hash/Makefile@1.6
/
diff
pkgsrc/devel/py-hash/distinfo@1.3 / diff
pkgsrc/devel/py-hash/patches/patch-setup.py@1.3 / diff
pkgsrc/devel/py-hash/distinfo@1.3 / diff
pkgsrc/devel/py-hash/patches/patch-setup.py@1.3 / diff
devel/py-hash: Fix build with versioned boost_python lib.
MAIN commitmail json YAML
pkgsrc/lang/npm/Makefile@1.7
/
diff
pkgsrc/lang/npm/PLIST@1.4 / diff
pkgsrc/lang/npm/distinfo@1.7 / diff
pkgsrc/lang/npm/patches/patch-lib_config_defaults.js@1.1 / diff
pkgsrc/lang/npm/PLIST@1.4 / diff
pkgsrc/lang/npm/distinfo@1.7 / diff
pkgsrc/lang/npm/patches/patch-lib_config_defaults.js@1.1 / diff
lang/npm: Set proper env for build/install, ensure FAKEHOME is used.
MAIN commitmail json YAML
doc: Updated sysutils/syslog-ng to 3.16.1
MAIN commitmail json YAML
pkgsrc/sysutils/syslog-ng/Makefile.common@1.12
/
diff
pkgsrc/sysutils/syslog-ng/PLIST@1.16 / diff
pkgsrc/sysutils/syslog-ng/distinfo@1.14 / diff
pkgsrc/sysutils/syslog-ng/PLIST@1.16 / diff
pkgsrc/sysutils/syslog-ng/distinfo@1.14 / diff
sysutils/syslog-ng*: Update to 3.16.1.
Features
- Telegram destination and $(urlencode) template function
- Error reporting on misspelled block args
- New ignore_tns_config Oracle SQL destination config option
- Per-source "src.host" and "src.sender" counters
Bugfixes
- Fix possible loss of log messages in the systemd-journal() source
- Fix file source location information in internal logs
- Fix SDATA deserialization (disk-buffer crash)
- Fix unaccepted embedded 'file' keyword (file source and destination)
- Fix memory leaks in appmodel and varargs
- Fix a bug in the old LogMessage deserialization
- Fix reading the output of the confgen program
- Add safer mem_zero() to secret-storage
- Fix undefined behavior in syslog-ng-ctl query
- Fix lloc tracking for multi line blockrefs
- Added missing 'else {};' to default-network-drivers() to forward
unparsable messages
- Fix mixed linking
- Fix compilation of evtlog on FreeBSD
- Fix thread_id allocation for more than 32 CPUs (crash)
- Add safe logging of errno
- Fix warnings related to floating point operations
- Partial revert of plugin discovery to bring back valgrind
- Fix connection close in network sources
- Fix file deletion in the wildcard-file() source
- Disable the DNS cache if use-dns(no) is used
- Fix compiler error for gcc 4.4
- Fix emitted warnings due to -no-pie detection for gcc 4.4
- Fix date format in functional tests
- Dbld fixes
- Rename PAGESIZE variables to pagesize in secret-storage (compilation
fix)
- Fix the lifetime of TLSContext to prevent crash on reload
- Fix reaping program() source and destination when a Java-based
destination is used
Other changes
- Add debug message to program source/destination about successful
start
- Report memory exhaustion errors during config parsing
- Improved debug logs
- Dbld coverage
- LogTransportMock enhancement
- Modify the license of loggen from GPL to LGPL
- Loggen refactor
- Update RPM generation
- Support ENABLE_EXTRA_WARNINGS with CMake
- Rewrite unit tests based on Criterion
- Lexer test coverage improvements
- preparation for 3.16 OSE rhel/packaging
Features
- Telegram destination and $(urlencode) template function
- Error reporting on misspelled block args
- New ignore_tns_config Oracle SQL destination config option
- Per-source "src.host" and "src.sender" counters
Bugfixes
- Fix possible loss of log messages in the systemd-journal() source
- Fix file source location information in internal logs
- Fix SDATA deserialization (disk-buffer crash)
- Fix unaccepted embedded 'file' keyword (file source and destination)
- Fix memory leaks in appmodel and varargs
- Fix a bug in the old LogMessage deserialization
- Fix reading the output of the confgen program
- Add safer mem_zero() to secret-storage
- Fix undefined behavior in syslog-ng-ctl query
- Fix lloc tracking for multi line blockrefs
- Added missing 'else {};' to default-network-drivers() to forward
unparsable messages
- Fix mixed linking
- Fix compilation of evtlog on FreeBSD
- Fix thread_id allocation for more than 32 CPUs (crash)
- Add safe logging of errno
- Fix warnings related to floating point operations
- Partial revert of plugin discovery to bring back valgrind
- Fix connection close in network sources
- Fix file deletion in the wildcard-file() source
- Disable the DNS cache if use-dns(no) is used
- Fix compiler error for gcc 4.4
- Fix emitted warnings due to -no-pie detection for gcc 4.4
- Fix date format in functional tests
- Dbld fixes
- Rename PAGESIZE variables to pagesize in secret-storage (compilation
fix)
- Fix the lifetime of TLSContext to prevent crash on reload
- Fix reaping program() source and destination when a Java-based
destination is used
Other changes
- Add debug message to program source/destination about successful
start
- Report memory exhaustion errors during config parsing
- Improved debug logs
- Dbld coverage
- LogTransportMock enhancement
- Modify the license of loggen from GPL to LGPL
- Loggen refactor
- Update RPM generation
- Support ENABLE_EXTRA_WARNINGS with CMake
- Rewrite unit tests based on Criterion
- Lexer test coverage improvements
- preparation for 3.16 OSE rhel/packaging
MAIN commitmail json YAML
Enable pngquant
MAIN commitmail json YAML
doc: Added graphics/pngquant version 2.12.0
MAIN commitmail json YAML
pkgsrc/graphics/pngquant/DESCR@1.1
/
diff
pkgsrc/graphics/pngquant/Makefile@1.1 / diff
pkgsrc/graphics/pngquant/PLIST@1.1 / diff
pkgsrc/graphics/pngquant/distinfo@1.1 / diff
pkgsrc/graphics/pngquant/patches/patch-configure@1.1 / diff
pkgsrc/graphics/pngquant/Makefile@1.1 / diff
pkgsrc/graphics/pngquant/PLIST@1.1 / diff
pkgsrc/graphics/pngquant/distinfo@1.1 / diff
pkgsrc/graphics/pngquant/patches/patch-configure@1.1 / diff
graphics/pngquant: Import pngquant 2.12.0.
pngquant is a command-line utility for lossy compression of PNG images.
pngquant is a command-line utility for lossy compression of PNG images.
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.5.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.5.0.
crypto:
- Support for crypto.scrypt() has been added.
fs:
- BigInt support has been added to fs.stat and fs.watchFile.
- APIs that take mode as arguments no longer throw on values larger
than 0o777.
- Fix crashes in closed event watchers.
Worker Threads:
- Support for multi-threading has been added behind the
--experimental-worker flag in the worker_threads module. This
feature is experimental and may receive breaking changes at any time.
crypto:
- Support for crypto.scrypt() has been added.
fs:
- BigInt support has been added to fs.stat and fs.watchFile.
- APIs that take mode as arguments no longer throw on values larger
than 0o777.
- Fix crashes in closed event watchers.
Worker Threads:
- Support for multi-threading has been added behind the
--experimental-worker flag in the worker_threads module. This
feature is experimental and may receive breaking changes at any time.
MAIN commitmail json YAML
pkgsrc/lang/guile/Makefile@1.110
/
diff
pkgsrc/lang/guile/distinfo@1.51 / diff
pkgsrc/lang/guile/patches/patch-libguile_Makefile.in@1.1 / diff
pkgsrc/lang/guile/patches/patch-libguile_dynl.c@1.1 / diff
pkgsrc/lang/guile/distinfo@1.51 / diff
pkgsrc/lang/guile/patches/patch-libguile_Makefile.in@1.1 / diff
pkgsrc/lang/guile/patches/patch-libguile_dynl.c@1.1 / diff
lang/guile: Add search path to default extensions for lt_dlopenext.
Fixes usage with packages like print/lilypond on at least Darwin and SunOS, where dynamically loaded guile extensions cannot be found without resorting to LTDL_LIBRARY_PATH quirks.
Fixes usage with packages like print/lilypond on at least Darwin and SunOS, where dynamically loaded guile extensions cannot be found without resorting to LTDL_LIBRARY_PATH quirks.
MAIN commitmail json YAML
print/lilypond: Fix patch by removing an empty if/fi block.
MAIN commitmail json YAML
doc: Updated devel/zookeeper to 3.4.12
MAIN commitmail json YAML
pkgsrc/devel/zookeeper/Makefile.common@1.4
/
diff
pkgsrc/devel/zookeeper/PLIST@1.4 / diff
pkgsrc/devel/zookeeper/distinfo@1.6 / diff
pkgsrc/devel/zookeeper/patches/patch-build.xml@1.3 / diff
pkgsrc/devel/zookeeper/PLIST@1.4 / diff
pkgsrc/devel/zookeeper/distinfo@1.6 / diff
pkgsrc/devel/zookeeper/patches/patch-build.xml@1.3 / diff
devel/zookeeper: Update to 3.4.12.
Version 3.4.12
Bug
- CRC check failed when preAllocSize smaller than node data
- Update documentation source for ZOOKEEPER-2574
- Flaky test:
org.apache.zookeeper.server.quorum.FLEBackwardElectionRoundTest.testBackwardElectionRound
- Data inconsistency issue due to retain database in leader election
- very poor choice of logging if client fails to connect to server
- The comment of the variable matchSyncs in class CommitProcessor has
a mistake.
- Flaky Test:
org.apache.zookeeper.test.LoadFromLogTest.testRestoreWithTransactionErrors
- WriteLock recipe: incorrect znode ordering when the sessionId is
part of the znode name
- Duplicate Keys in log4j.properties config files
- Specify correct overflow value
- Failing c unit tests on apache jenkins
- zkServer.cmd does not start when JAVA_HOME ends with a \
- Flaky Test: testNoLogBeforeLeaderEstablishment
- The dataDir and dataLogDir are used opposingly
- Fix testElectionFraud Flakyness
- fix potential null pointer exception when deleting node
- The eclipse build target fails due to protocol redirection:
http->https
Improvement
- Add keys for the Zxid from the stat command to check_zookeeper.py
- Upgrade third party libraries to address vulnerabilities
- The function queueEmpty() in FastLeaderElection.Messenger is not
used, should be removed.
- Add check to validate dataDir and dataLogDir parameters at startup
Wish
- Change log level for "ZKShutdownHandler is not registered" error
message
Version 3.4.11
Sub-task
- Fix "Unexpected bean exists!" issue in WatcherTests
- Cleanup findbug warnings in branch-3.4: Correctness Warnings
- Cleanup findbug warnings in branch-3.4: Disable Internationalization
Warnings
- Cleanup findbug warnings in branch-3.4: Malicious code vulnerability
Warnings
- Cleanup findbug warnings in branch-3.4: Performance Warnings
- Cleanup findbug warnings in branch-3.4: Dodgy code Warnings
- Cleanup findbug warnings in branch-3.4: Experimental Warnings
- Set up Apache Jenkins job that runs the flaky test analyzer script.
- Multithreaded correctness Warnings
- ZOOKEEPER-2355 fix for branch-3.4
Bug
- Windows: fetch_and_add not 64bit-compatible, may not be correct
- Update documentation for snapCount
- Ephemeral node is never deleted if follower fails while reading the
proposal packet
- Port ZOOKEEPER-1576 to branch3.4
- recreateSocketAddresses may recreate the unreachable IP address
- Flaky Test:
org.apache.zookeeper.test.ReadOnlyModeTest.testSessionEstablishment
- Clean up findbug warnings in branch-3.4
- Port ZOOKEEPER-2737 to branch-3.4
- Netty connection leaks JMX connection bean upon connection close in
certain race conditions.
- Typo: transasction --> transaction
- Flaky test:
org.apache.zookeeper.server.quorum.QuorumCnxManagerTest.testNoAuthLearnerConnectToAuthRequiredServerWithHigherSid
- Ephemeral znode will not be removed when sesstion timeout, if the
system time of ZooKeeper node changes unexpectedly.
- ZK Client not able to connect with Xid out of order error
- There is a typo in zk.py which prevents from using/compiling it.
- follower disconnects and cannot reconnect
- Server inappropriately throttles connections under load before SASL
completes
- Flaky test:
org.apache.zookeeper.test.ClientTest.testNonExistingOpCode
- Fix flaky test:
org.apache.zookeeper.test.ReadOnlyModeTest.testConnectionEvents
- Unnecessary stack-trace in server when the client disconnect
unexpectedly
- PurgeTxnLog#validateAndGetFile: return tag has no arguments.
- Improve the ZooKeeper#setACL java doc
- ZooKeeper public include files leak porting changes
- CMake build doesn't support OS X
- Main-Class JAR manifest attribute is incorrect
- Windows Debug builds don't link with `/MTd`
- Local automatic variable is left uninitialized and then freed.
- Don't include `config.h` in `zookeeper.h`
- The OWASP dependency check jar should not be included in the default
classpath
- quorum.auth.MiniKdcTest.testKerberosLogin failing with NPE on java 9
- Create ant task to generate ivy dependency reports
- compiler warning using java 9
Improvement
- Operations to server will be timed-out while thousands of sessions
expired same time
- TCP keepalive for leader election connections
- The define of MAX_CONNECTION_ATTEMPTS in QuorumCnxManager.java seems
useless, should it be removed?
- ZooKeeperSaslClient#respondToServer should log exception message of
SaslException
- Add script to run a java api compatibility tool
- Improve the efficiency of AtomicFileOutputStream
- Rename README.txt to README.md
- define dependency versions in build.xml to be easily overridden in
build.properties
New Feature
- Please add instructions for running the tutorial
- Add ant task for running OWASP dependency report
Test
- Flaky Test: org.apache.zookeeper.test.WatcherTest.
Version 3.4.12
Bug
- CRC check failed when preAllocSize smaller than node data
- Update documentation source for ZOOKEEPER-2574
- Flaky test:
org.apache.zookeeper.server.quorum.FLEBackwardElectionRoundTest.testBackwardElectionRound
- Data inconsistency issue due to retain database in leader election
- very poor choice of logging if client fails to connect to server
- The comment of the variable matchSyncs in class CommitProcessor has
a mistake.
- Flaky Test:
org.apache.zookeeper.test.LoadFromLogTest.testRestoreWithTransactionErrors
- WriteLock recipe: incorrect znode ordering when the sessionId is
part of the znode name
- Duplicate Keys in log4j.properties config files
- Specify correct overflow value
- Failing c unit tests on apache jenkins
- zkServer.cmd does not start when JAVA_HOME ends with a \
- Flaky Test: testNoLogBeforeLeaderEstablishment
- The dataDir and dataLogDir are used opposingly
- Fix testElectionFraud Flakyness
- fix potential null pointer exception when deleting node
- The eclipse build target fails due to protocol redirection:
http->https
Improvement
- Add keys for the Zxid from the stat command to check_zookeeper.py
- Upgrade third party libraries to address vulnerabilities
- The function queueEmpty() in FastLeaderElection.Messenger is not
used, should be removed.
- Add check to validate dataDir and dataLogDir parameters at startup
Wish
- Change log level for "ZKShutdownHandler is not registered" error
message
Version 3.4.11
Sub-task
- Fix "Unexpected bean exists!" issue in WatcherTests
- Cleanup findbug warnings in branch-3.4: Correctness Warnings
- Cleanup findbug warnings in branch-3.4: Disable Internationalization
Warnings
- Cleanup findbug warnings in branch-3.4: Malicious code vulnerability
Warnings
- Cleanup findbug warnings in branch-3.4: Performance Warnings
- Cleanup findbug warnings in branch-3.4: Dodgy code Warnings
- Cleanup findbug warnings in branch-3.4: Experimental Warnings
- Set up Apache Jenkins job that runs the flaky test analyzer script.
- Multithreaded correctness Warnings
- ZOOKEEPER-2355 fix for branch-3.4
Bug
- Windows: fetch_and_add not 64bit-compatible, may not be correct
- Update documentation for snapCount
- Ephemeral node is never deleted if follower fails while reading the
proposal packet
- Port ZOOKEEPER-1576 to branch3.4
- recreateSocketAddresses may recreate the unreachable IP address
- Flaky Test:
org.apache.zookeeper.test.ReadOnlyModeTest.testSessionEstablishment
- Clean up findbug warnings in branch-3.4
- Port ZOOKEEPER-2737 to branch-3.4
- Netty connection leaks JMX connection bean upon connection close in
certain race conditions.
- Typo: transasction --> transaction
- Flaky test:
org.apache.zookeeper.server.quorum.QuorumCnxManagerTest.testNoAuthLearnerConnectToAuthRequiredServerWithHigherSid
- Ephemeral znode will not be removed when sesstion timeout, if the
system time of ZooKeeper node changes unexpectedly.
- ZK Client not able to connect with Xid out of order error
- There is a typo in zk.py which prevents from using/compiling it.
- follower disconnects and cannot reconnect
- Server inappropriately throttles connections under load before SASL
completes
- Flaky test:
org.apache.zookeeper.test.ClientTest.testNonExistingOpCode
- Fix flaky test:
org.apache.zookeeper.test.ReadOnlyModeTest.testConnectionEvents
- Unnecessary stack-trace in server when the client disconnect
unexpectedly
- PurgeTxnLog#validateAndGetFile: return tag has no arguments.
- Improve the ZooKeeper#setACL java doc
- ZooKeeper public include files leak porting changes
- CMake build doesn't support OS X
- Main-Class JAR manifest attribute is incorrect
- Windows Debug builds don't link with `/MTd`
- Local automatic variable is left uninitialized and then freed.
- Don't include `config.h` in `zookeeper.h`
- The OWASP dependency check jar should not be included in the default
classpath
- quorum.auth.MiniKdcTest.testKerberosLogin failing with NPE on java 9
- Create ant task to generate ivy dependency reports
- compiler warning using java 9
Improvement
- Operations to server will be timed-out while thousands of sessions
expired same time
- TCP keepalive for leader election connections
- The define of MAX_CONNECTION_ATTEMPTS in QuorumCnxManager.java seems
useless, should it be removed?
- ZooKeeperSaslClient#respondToServer should log exception message of
SaslException
- Add script to run a java api compatibility tool
- Improve the efficiency of AtomicFileOutputStream
- Rename README.txt to README.md
- define dependency versions in build.xml to be easily overridden in
build.properties
New Feature
- Please add instructions for running the tutorial
- Add ant task for running OWASP dependency report
Test
- Flaky Test: org.apache.zookeeper.test.WatcherTest.
MAIN commitmail json YAML
doc: Updated devel/apache-ivy to 2.4.0
MAIN commitmail json YAML
pkgsrc/devel/apache-ivy/Makefile@1.3
/
diff
pkgsrc/devel/apache-ivy/PLIST@1.2 / diff
pkgsrc/devel/apache-ivy/distinfo@1.3 / diff
pkgsrc/devel/apache-ivy/PLIST@1.2 / diff
pkgsrc/devel/apache-ivy/distinfo@1.3 / diff
devel/apache-ivy: Update to 2.4.0.
2.4.0
- some new Ant tasks
- improved OSGI support
- a Bintray resolver
- numerous bug fixes as documented in Jira and in the release notes
2.3.0
- improved Ant support with some new Ant tasks and enhancements to
existing tasks
- improved Maven2 compatibility
- some new resolvers
- numerous bug fixes as documented in Jira and in the release notes
2.4.0
- some new Ant tasks
- improved OSGI support
- a Bintray resolver
- numerous bug fixes as documented in Jira and in the release notes
2.3.0
- improved Ant support with some new Ant tasks and enhancements to
existing tasks
- improved Maven2 compatibility
- some new resolvers
- numerous bug fixes as documented in Jira and in the release notes
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.4.1
MAIN commitmail json YAML
lang/nodejs: Update to 10.4.1.
- Fixes memory exhaustion DoS (CVE-2018-7164): Fixes a bug introduced
in 9.7.0 that increases the memory consumed when reading from the
network into JavaScript using the net.Socket object directly as a
stream.
- http2
- (CVE-2018-7161): Fixes Denial of Service vulnerability by updating
the http2 implementation to not crash under certain circumstances
during cleanup
- (CVE-2018-1000168): Fixes Denial of Service vulnerability by
upgrading nghttp2 to 1.32.0
- tls (CVE-2018-7162): Fixes Denial of Service vulnerability by
updating the TLS implementation to not crash upon receiving
- n-api: Prevent use-after-free in napi_delete_async_work
- Fixes memory exhaustion DoS (CVE-2018-7164): Fixes a bug introduced
in 9.7.0 that increases the memory consumed when reading from the
network into JavaScript using the net.Socket object directly as a
stream.
- http2
- (CVE-2018-7161): Fixes Denial of Service vulnerability by updating
the http2 implementation to not crash under certain circumstances
during cleanup
- (CVE-2018-1000168): Fixes Denial of Service vulnerability by
upgrading nghttp2 to 1.32.0
- tls (CVE-2018-7162): Fixes Denial of Service vulnerability by
updating the TLS implementation to not crash upon receiving
- n-api: Prevent use-after-free in napi_delete_async_work
MAIN commitmail json YAML
doc: Updated lang/nodejs8 to 8.11.3
MAIN commitmail json YAML
lang/nodejs8: Update to 8.11.3.
- buffer (CVE-2018-7167): Fixes Denial of Service vulnerability where
calling Buffer.fill() could hang
- http2:
- (CVE-2018-7161): Fixes Denial of Service vulnerability by updating
the http2 implementation to not crash under certain circumstances
during cleanup
- (CVE-2018-1000168): Fixes Denial of Service vulnerability by
upgrading nghttp2 to 1.32.0
- buffer (CVE-2018-7167): Fixes Denial of Service vulnerability where
calling Buffer.fill() could hang
- http2:
- (CVE-2018-7161): Fixes Denial of Service vulnerability by updating
the http2 implementation to not crash under certain circumstances
during cleanup
- (CVE-2018-1000168): Fixes Denial of Service vulnerability by
upgrading nghttp2 to 1.32.0
MAIN commitmail json YAML
doc: Updated lang/nodejs6 to 6.14.3
MAIN commitmail json YAML
lang/nodejs6: Update to 6.14.3.
- buffer (CVE-2018-7167): Fixes Denial of Service vulnerability where
calling Buffer.fill() could hang
- buffer (CVE-2018-7167): Fixes Denial of Service vulnerability where
calling Buffer.fill() could hang
MAIN commitmail json YAML
doc: Updated www/nghttp2 to 1.32.0
MAIN commitmail json YAML
www/nghttp2: Update to 1.32.0.
- lib: Ignore all input after calling session_terminate_session
- lib: Fix treatment of padding
- lib: Don't allow 101 HTTP status code because HTTP/2 removes
HTTP Upgrade
- build: add ENABLE_STATIC_LIB option to build static lib
- third-party: Upgrade neverbleed to the latest master
- asio: Support client side SNI
- src: Compile with libressl 2.7.2
- src: Allow building without NPN
- h2load: -r and --duration are mutually exclusive
- lib: Ignore all input after calling session_terminate_session
- lib: Fix treatment of padding
- lib: Don't allow 101 HTTP status code because HTTP/2 removes
HTTP Upgrade
- build: add ENABLE_STATIC_LIB option to build static lib
- third-party: Upgrade neverbleed to the latest master
- asio: Support client side SNI
- src: Compile with libressl 2.7.2
- src: Allow building without NPN
- h2load: -r and --duration are mutually exclusive
MAIN commitmail json YAML
doc: Updated sysutils/beats to 6.3.0
MAIN commitmail json YAML
doc: Updated www/passenger to 5.3.2
MAIN commitmail json YAML
pkgsrc/www/passenger/Makefile@1.3
/
diff
pkgsrc/www/passenger/Makefile.common@1.7 / diff
pkgsrc/www/passenger/PLIST@1.3 / diff
pkgsrc/www/passenger/distinfo@1.8 / diff
pkgsrc/www/passenger/Makefile.common@1.7 / diff
pkgsrc/www/passenger/PLIST@1.3 / diff
pkgsrc/www/passenger/distinfo@1.8 / diff
www/passenger: Update to 5.3.2.
- [Nginx] Fixes CVE-2018-12029, a local privilege escalation
vulnerability in the Nginx module that occurs when
`passenger_instance_registry_dir` is configured to a directory
with insufficiently strict permissions.
- Fixes CVE-2018-12026, 12027, and 12028. These are local denial of
service, local information disclosure and local privilege escalation
vulnerabilities that could be exploited by malicious applications or
malicious users on the system.
- Fixes Meteor support in non-bundled mode (regression from 5.3.0).
- Fixes the fact that the error page (which is shown when an app fails
to spawn) sometimes contains unsufficient analysis details about the
app.
- [Apache] Fixes PassengerMaxInstancesPerApp not being respected
(regression from config refactor in 5.2.0).
- [Enterprise, Apache] Fixes PassengerMaxInstances not being respected
(regression from config refactor in 5.2.0).
- [Enterprise] Fixes passenger-irb being unable to connect to an app
process (regression from 5.3.0).
- [Nginx] Fixes CVE-2018-12029, a local privilege escalation
vulnerability in the Nginx module that occurs when
`passenger_instance_registry_dir` is configured to a directory
with insufficiently strict permissions.
- Fixes CVE-2018-12026, 12027, and 12028. These are local denial of
service, local information disclosure and local privilege escalation
vulnerabilities that could be exploited by malicious applications or
malicious users on the system.
- Fixes Meteor support in non-bundled mode (regression from 5.3.0).
- Fixes the fact that the error page (which is shown when an app fails
to spawn) sometimes contains unsufficient analysis details about the
app.
- [Apache] Fixes PassengerMaxInstancesPerApp not being respected
(regression from config refactor in 5.2.0).
- [Enterprise, Apache] Fixes PassengerMaxInstances not being respected
(regression from config refactor in 5.2.0).
- [Enterprise] Fixes passenger-irb being unable to connect to an app
process (regression from 5.3.0).
MAIN commitmail json YAML
doc: Updated security/py-certbot to 0.25.0
MAIN commitmail json YAML
pkgsrc/security/py-acme/PLIST@1.9
/
diff
pkgsrc/security/py-certbot/Makefile.common@1.25 / diff
pkgsrc/security/py-certbot/PLIST@1.12 / diff
pkgsrc/security/py-certbot/distinfo@1.25 / diff
pkgsrc/security/py-certbot/Makefile.common@1.25 / diff
pkgsrc/security/py-certbot/PLIST@1.12 / diff
pkgsrc/security/py-certbot/distinfo@1.25 / diff
security/py-{acme,certbot}: Update to 0.25.0.
### Added
- Support for the ready status type was added to acme. Without this change,
Certbot and acme users will begin encountering errors when using Let's
Encrypt's ACMEv2 API starting on June 19th for the staging environment and
July 5th for production. See
https://community.letsencrypt.org/t/acmev2-order-ready-status/62866 for more
information.
- Certbot now accepts the flag --reuse-key which will cause the same key to be
used in the certificate when the lineage is renewed rather than generating a
new key.
- You can now add multiple email addresses to your ACME account with Certbot by
providing a comma separated list of emails to the --email flag.
- Support for Let's Encrypt's upcoming TLS-ALPN-01 challenge was added to acme.
For more information, see
https://community.letsencrypt.org/t/tls-alpn-validation-method/63814/1.
- acme now supports specifying the source address to bind to when sending
outgoing connections. You still cannot specify this address using Certbot.
- If you run Certbot against Let's Encrypt's ACMEv2 staging server but don't
already have an account registered at that server URL, Certbot will
automatically reuse your staging account from Let's Encrypt's ACMEv1 endpoint
if it exists.
- Interfaces were added to Certbot allowing plugins to be called at additional
points. The `GenericUpdater` interface allows plugins to perform actions
every time `certbot renew` is run, regardless of whether any certificates are
due for renewal, and the `RenewDeployer` interface allows plugins to perform
actions when a certificate is renewed. See `certbot.interfaces` for more
information.
### Changed
- When running Certbot with --dry-run and you don't already have a staging
account, the created account does not contain an email address even if one
was provided to avoid expiration emails from Let's Encrypt's staging server.
- certbot-nginx does a better job of automatically detecting the location of
Nginx's configuration files when run on BSD based systems.
- acme now requires and uses pytest when running tests with setuptools with
`python setup.py test`.
- `certbot config_changes` no longer waits for user input before exiting.
### Fixed
- Misleading log output that caused users to think that Certbot's standalone
plugin failed to bind to a port when performing a challenge has been
corrected.
- An issue where certbot-nginx would fail to enable HSTS if the server block
already had an `add_header` directive has been resolved.
- certbot-nginx now does a better job detecting the server block to base the
configuration for TLS-SNI challenges on.
### Added
- Support for the ready status type was added to acme. Without this change,
Certbot and acme users will begin encountering errors when using Let's
Encrypt's ACMEv2 API starting on June 19th for the staging environment and
July 5th for production. See
https://community.letsencrypt.org/t/acmev2-order-ready-status/62866 for more
information.
- Certbot now accepts the flag --reuse-key which will cause the same key to be
used in the certificate when the lineage is renewed rather than generating a
new key.
- You can now add multiple email addresses to your ACME account with Certbot by
providing a comma separated list of emails to the --email flag.
- Support for Let's Encrypt's upcoming TLS-ALPN-01 challenge was added to acme.
For more information, see
https://community.letsencrypt.org/t/tls-alpn-validation-method/63814/1.
- acme now supports specifying the source address to bind to when sending
outgoing connections. You still cannot specify this address using Certbot.
- If you run Certbot against Let's Encrypt's ACMEv2 staging server but don't
already have an account registered at that server URL, Certbot will
automatically reuse your staging account from Let's Encrypt's ACMEv1 endpoint
if it exists.
- Interfaces were added to Certbot allowing plugins to be called at additional
points. The `GenericUpdater` interface allows plugins to perform actions
every time `certbot renew` is run, regardless of whether any certificates are
due for renewal, and the `RenewDeployer` interface allows plugins to perform
actions when a certificate is renewed. See `certbot.interfaces` for more
information.
### Changed
- When running Certbot with --dry-run and you don't already have a staging
account, the created account does not contain an email address even if one
was provided to avoid expiration emails from Let's Encrypt's staging server.
- certbot-nginx does a better job of automatically detecting the location of
Nginx's configuration files when run on BSD based systems.
- acme now requires and uses pytest when running tests with setuptools with
`python setup.py test`.
- `certbot config_changes` no longer waits for user input before exiting.
### Fixed
- Misleading log output that caused users to think that Certbot's standalone
plugin failed to bind to a port when performing a challenge has been
corrected.
- An issue where certbot-nginx would fail to enable HSTS if the server block
already had an `add_header` directive has been resolved.
- certbot-nginx now does a better job detecting the server block to base the
configuration for TLS-SNI challenges on.
MAIN commitmail json YAML
doc: Updated lang/nodejs to 10.4.0
MAIN commitmail json YAML
lang/nodejs: Update to 10.4.0.
- deps: update V8 to 6.7.288.43
- stream: ensure Stream.pipeline re-throws errors without callback
- deps: update V8 to 6.7.288.43
- stream: ensure Stream.pipeline re-throws errors without callback
MAIN commitmail json YAML
doc: Updated net/py-lexicon to 2.4.0
MAIN commitmail json YAML
net/py-lexicon: Upddate to 2.4.0.
- Handle namespace variations of DnsEntry in transip provider
- Allow to toggle live tests using LEXICON_LIVE_TESTS env variable.
Tests are offline by default.
- GoDaddy provider improvements
- Handle namespace variations of DnsEntry in transip provider
- Allow to toggle live tests using LEXICON_LIVE_TESTS env variable.
Tests are offline by default.
- GoDaddy provider improvements
MAIN commitmail json YAML
graphics/tesseract: Revert update to data version 4.00. Using version 4 data with version 3 program is not supported. Fixes https://github.com/joyent/pkgsrc/issues/113.
MAIN commitmail json YAML
devel/intellij-idea-ce: Fix snappy-java10 dependency after changes to said.
MAIN commitmail json YAML
databases/apache-cassandra2: Modify to work with the latest devel/snappy-java10. PKGREVISION++
MAIN commitmail json YAML
doc: Updated devel/snappy-java10 to 1.0.5.4
MAIN commitmail json YAML
pkgsrc/devel/snappy-java10/Makefile@1.8
/
diff
pkgsrc/devel/snappy-java10/PLIST@1.2 / diff
pkgsrc/devel/snappy-java10/distinfo@1.8 / diff
pkgsrc/devel/snappy-java10/patches/patch-pom.xml@1.1 / diff
pkgsrc/devel/snappy-java10/PLIST@1.2 / diff
pkgsrc/devel/snappy-java10/distinfo@1.8 / diff
pkgsrc/devel/snappy-java10/patches/patch-pom.xml@1.1 / diff
devel/snappy-java10: Update to the latest 1.0.5.4 (no code changes). Change PKGBASE to just snappy-java. Remove precompiled binaries. Fix fetching, simplifiy installation.
MAIN commitmail json YAML
doc: Updated databases/apache-cassandra to 3.11.2
MAIN commitmail json YAML
pkgsrc/databases/apache-cassandra/Makefile@1.21
/
diff
pkgsrc/databases/apache-cassandra/Makefile.common@1.3 / diff
pkgsrc/databases/apache-cassandra/PLIST@1.12 / diff
pkgsrc/databases/apache-cassandra/distinfo@1.13 / diff
pkgsrc/databases/apache-cassandra/files/smf/manifest.xml@1.5 / diff
pkgsrc/databases/apache-cassandra/patches/patch-bin_cassandra@1.1 / diff
pkgsrc/databases/apache-cassandra/patches/patch-bin_cassandra.in.sh@1.1 / diff
pkgsrc/databases/apache-cassandra/patches/patch-conf_cassandra-env.sh@1.1 / diff
pkgsrc/databases/apache-cassandra/Makefile.common@1.3 / diff
pkgsrc/databases/apache-cassandra/PLIST@1.12 / diff
pkgsrc/databases/apache-cassandra/distinfo@1.13 / diff
pkgsrc/databases/apache-cassandra/files/smf/manifest.xml@1.5 / diff
pkgsrc/databases/apache-cassandra/patches/patch-bin_cassandra@1.1 / diff
pkgsrc/databases/apache-cassandra/patches/patch-bin_cassandra.in.sh@1.1 / diff
pkgsrc/databases/apache-cassandra/patches/patch-conf_cassandra-env.sh@1.1 / diff
databases/apache-cassandra: Replace the EOL'd version 1.x.x with
the latest version 3.11.x one.
Way too many changes, see the changelog for more:
https://git1-us-west.apache.org/repos/asf?p=cassandra.git;a=blob_plain;f=NEWS.txt;hb=refs/heads/cassandra-3.0
the latest version 3.11.x one.
Way too many changes, see the changelog for more:
https://git1-us-west.apache.org/repos/asf?p=cassandra.git;a=blob_plain;f=NEWS.txt;hb=refs/heads/cassandra-3.0
MAIN commitmail json YAML
doc: Updated databases/apache-cassandra2 to 2.2.12
MAIN commitmail json YAML
pkgsrc/databases/apache-cassandra2/Makefile@1.3
/
diff
pkgsrc/databases/apache-cassandra2/PLIST@1.3 / diff
pkgsrc/databases/apache-cassandra2/distinfo@1.4 / diff
pkgsrc/databases/apache-cassandra2/PLIST@1.3 / diff
pkgsrc/databases/apache-cassandra2/distinfo@1.4 / diff
databases/apache-cassandra2: Update to 2.2.12.
2.2.12
======
Upgrading
---------
- See MAXIMUM TTL EXPIRATION DATE NOTICE above.
- Cassandra is now relying on the JVM options to properly shutdown on OutOfMemoryError. By default it will
rely on the OnOutOfMemoryError option as the ExitOnOutOfMemoryError and CrashOnOutOfMemoryError options
are not supported by the older 1.7 and 1.8 JVMs. A warning will be logged at startup if none of those JVM
options are used. See CASSANDRA-13006 for more details.
- Cassandra is not logging anymore by default an Heap histogram on OutOfMemoryError. To enable that behavior
set the 'cassandra.printHeapHistogramOnOutOfMemoryError' System property to 'true'. See CASSANDRA-13006
for more details.
2.2.11
======
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.10
======
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.9
=====
Upgrading
---------
- Compaction now correctly drops sstables out of CompactionTask when there
isn't enough disk space to perform the full compaction. This should reduce
pending compaction tasks on systems with little remaining disk space.
Deprecation
-----------
Since the security manager added in 3.0 only allows Java and JavaScript
UDFs to be run, UDFs for other languages are deprecated and support for
non-Java and non-JavaScript UDFs is deprecated in 2.2 and has been removed
in version 3.0.11.
2.2.8
=====
Upgrading
---------
- The ReversedType behaviour has been corrected for clustering columns of
BYTES type containing empty value. Scrub should be run on the existing
SSTables containing a descending clustering column of BYTES type to correct
their ordering. See CASSANDRA-12127 for more details.
2.2.7
=====
New features
------------
- JSON timestamps are now in UTC and contain the timezone information, see
CASSANDRA-11137 for more details.
Upgrading
---------
- Ec2MultiRegionSnitch will no longer automatically set broadcast_rpc_address
to the public instance IP if this property is defined on cassandra.yaml.
2.2.6
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.5
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.4
=====
Deprecation
-----------
- Pig support has been deprecated, and will be removed in 3.0.
Please see CASSANDRA-10542 for more details.
- Configuration parameter memory_allocator in cassandra.yaml has been deprecated
and will be removed in 3.0.0. As mentioned below for 2.2.0, jemalloc is
automatically preloaded on Unix platforms.
Operations
----------
- Switching data center or racks is no longer an allowed operation on a node
which has data. Instead, the node will need to be decommissioned and
rebootstrapped. If moving from the SimpleSnitch, make sure that the data
center and rack containing all current nodes is named "datacenter1" and
"rack1". To override this behaviour use -Dcassandra.ignore_rack=true and/or
-Dcassandra.ignore_dc=true.
- Reloading the configuration file of GossipingPropertyFileSnitch has been disabled.
- GC logging is now enabled by default (but you can disable it if you want by
commenting the relevant lines of the cassandra-env file).
Upgrading
---------
- The default for the inter-DC stream throughput setting
(inter_dc_stream_throughput_outbound_megabits_per_sec in cassandra.yaml) is
the same than the one for intra-DC one (200Mbps) instead of being unlimited.
Having it unlimited was never intended and was a bug.
New features
------------
- Time windows in DTCS are now limited to 1 day by default to be able to
handle bootstrap and repair in a better way. To get the old behaviour,
increase max_window_size_seconds.
- DTCS option max_sstable_age_days is now deprecated and defaults to 1000 days.
- Native protocol server now allows both SSL and non-SSL connections on
the same port.
2.2.3
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.2
=====
Upgrading
---------
- Version 1 and 2 of the native protocol are now deprecated and support
will be removed in Cassandra 3.0. You are encouraged to upgrade to a
client driver using version 3 of the native protocol.
Changed Defaults
----------------
- commitlog_total_space_in_mb will use the smaller of 8192, and 1/4
of the total space of the commitlog volume. (Before: always used
8192)
- Incremental repair is on by default since 2.2.0, run full repairs by
providing the '-full' parameter to nodetool repair.
- Parallel repairs are the default since 2.2.0, run sequential repairs
by providing the '-seq' parameter to nodetool repair.
- The following INFO logs were reduced to DEBUG level and will now show
on debug.log instead of system.log:
- Memtable flushing actions
- Commit log replayed files
- Compacted sstables
- SStable opening (SSTableReader)
New features
------------
- Custom QueryHandlers can retrieve the column specifications for the bound
variables from QueryOptions by using the hasColumnSpecifications()
and getColumnSpecifications() methods.
- A new default assynchronous log appender debug.log was created in addition
to the system.log appender in order to provide more detailed log debugging.
In order to disable debug logging, you must comment-out the ASYNCDEBUGLOG
appender on conf/logback.xml. See CASSANDRA-10241 for more information.
2.2.1
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
New features
------------
- COUNT(*) and COUNT(1) can be selected with other columns or functions
2.2
===
Upgrading
---------
- The authentication & authorization subsystems have been redesigned to
support role based access control (RBAC), resulting in a change to the
schema of the system_auth keyspace. See below for more detail.
For systems already using the internal auth implementations, the process
for converting existing data during a rolling upgrade is straightforward.
As each node is restarted, it will attempt to convert any data in the
legacy tables into the new schema. Until enough nodes to satisfy the
replication strategy for the system_auth keyspace are upgraded and so have
the new schema, this conversion will fail with the failure being reported
in the system log.
During the upgrade, Cassandra's internal auth classes will continue to use
the legacy tables, so clients experience no disruption. Issuing DCL
statements during an upgrade is not supported.
Once all nodes are upgraded, an operator with superuser privileges should
drop the legacy tables, system_auth.users, system_auth.credentials and
system_auth.permissions. Doing so will prompt Cassandra to switch over to
the new tables without requiring any further intervention.
While the legacy tables are present a restarted node will re-run the data
conversion and report the outcome so that operators can verify that it is
safe to drop them.
New features
------------
- The LIMIT clause applies now only to the number of rows returned to the user,
not to the number of row queried. By consequence, queries using aggregates will not
be impacted by the LIMIT clause anymore.
- Very large batches will now be rejected (defaults to 50kb). This
can be customized by modifying batch_size_fail_threshold_in_kb.
- Selecting columns,scalar functions, UDT fields, writetime or ttl together
with aggregated is now possible. The value returned for the columns,
scalar functions, UDT fields, writetime and ttl will be the ones for
the first row matching the query.
- Windows is now a supported platform. Powershell execution for startup scripts
is highly recommended and can be enabled via an administrator command-prompt
with: 'powershell set-executionpolicy unrestricted'
- It is now possible to do major compactions when using leveled compaction.
Doing that will take all sstables and compact them out in levels. The
levels will be non overlapping so doing this will still not be something
you want to do very often since it might cause more compactions for a while.
It is also possible to split output when doing a major compaction with
STCS - files will be split in sizes 50%, 25%, 12.5% etc of the total size.
This might be a bit better than old major compactions which created one big
file on disk.
- A new tool has been added bin/sstableverify that checks for errors/bitrot
in all sstables. Unlike scrub, this is a non-invasive tool.
- Authentication & Authorization APIs have been updated to introduce
roles. Roles and Permissions granted to them are inherited, supporting
role based access control. The role concept supercedes that of users
and CQL constructs such as CREATE USER are deprecated but retained for
compatibility. The requirement to explicitly create Roles in Cassandra
even when auth is handled by an external system has been removed, so
authentication & authorization can be delegated to such systems in their
entirety.
- In addition to the above, Roles are also first class resources and can be the
subject of permissions. Users (roles) can now be granted permissions on other
roles, including CREATE, ALTER, DROP & AUTHORIZE, which removesthe need for
superuser privileges in order to perform user/role management operations.
- Creators of database resources (Keyspaces, Tables, Roles) are now automatically
granted all permissions on them (if the IAuthorizer implementation supports
this).
- SSTable file name is changed. Now you don't have Keyspace/CF name
in file name. Also, secondary index has its own directory under parent's
directory.
- Support for user-defined functions and user-defined aggregates have
been added to CQL.
************************************************************************
IMPORTANT NOTE: user-defined functions can be used to execute
arbitrary and possibly evil code in Cassandra 2.2, and are
therefore disabled by default. To enable UDFs edit
cassandra.yaml and set enable_user_defined_functions to true.
CASSANDRA-9402 will add a security manager for UDFs in Cassandra
3.0. This will inherently be backwards-incompatible with any 2.2
UDF that perform insecure operations such as opening a socket or
writing to the filesystem.
Per the previous note about adding a security manager in 3.0, this security manager
means that non JavaScipt UDF's won't run, there for their use is deprecated.
************************************************************************
- Row-cache is now fully off-heap.
- jemalloc is now automatically preloaded and used on Linux and OS-X if
installed.
- Please ensure on Unix platforms that there is no libjnadispath.so
installed which is accessible by Cassandra. Old versions of
libjna packages (< 4.0.0) will cause problems - e.g. Debian Wheezy
contains libjna versin 3.2.x.
- The node now keeps up when streaming is failed during bootstrapping. You can
use new `nodetool bootstrap resume` command to continue streaming after resolving
an issue.
- Protocol version 4 specifies that bind variables do not require having a
value when executing a statement. Bind variables without a value are
called 'unset'. The 'unset' bind variable is serialized as the int
value '-2' without following bytes.
In an EXECUTE or BATCH request an unset bind value does not modify the value and
does not create a tombstone, an unset bind ttl is treated as 'unlimited',
an unset bind timestamp is treated as 'now', an unset bind counter operation
does not change the counter value.
Unset tuple field, UDT field and map key are not allowed.
In a QUERY request an unset limit is treated as 'unlimited'.
Unset WHERE clauses with unset partition column, clustering column
or index column are not allowed.
- New `ByteType` (cql tinyint). 1-byte signed integer
- New `ShortType` (cql smallint). 2-byte signed integer
- New `SimpleDateType` (cql date). 4-byte unsigned integer
- New `TimeType` (cql time). 8-byte long
- The toDate(timeuuid), toTimestamp(timeuuid) and toUnixTimestamp(timeuuid) functions have been added to allow
to convert from timeuuid into date type, timestamp type and bigint raw value.
The functions unixTimestampOf(timeuuid) and dateOf(timeuuid) have been deprecated.
- The toDate(timestamp) and toUnixTimestamp(timestamp) functions have been added to allow
to convert from timestamp into date type and bigint raw value.
- The toTimestamp(date) and toUnixTimestamp(date) functions have been added to allow
to convert from date into timestamp type and bigint raw value.
- SizeTieredCompactionStrategy parameter cold_reads_to_omit has been removed.
- The default JVM flag -XX:+PerfDisableSharedMem will cause the following tools JVM
to stop working: jps, jstack, jinfo, jmc, jcmd as well as 3rd party tools like Jolokia.
If you wish to use these tools you can comment this flag out in cassandra-env.{sh,ps1}
Upgrading
---------
- Thrift rpc is no longer being started by default.
Set `start_rpc` parameter to `true` to enable it.
- Pig's CqlStorage has been removed, use CqlNativeStorage instead
- Pig's CassandraStorage has been deprecated. CassandraStorage
should only be used against tables created via thrift.
Use CqlNativeStorage for all other tables.
- IAuthenticator been updated to remove responsibility for user/role
maintenance and is now solely responsible for validating credentials,
This is primarily done via SASL, though an optional method exists for
systems which need support for the Thrift login() method.
- IRoleManager interface has been added which takes over the maintenance
functions from IAuthenticator. IAuthorizer is mainly unchanged. Auth data
in systems using the stock internal implementations PasswordAuthenticator
& CassandraAuthorizer will be automatically converted during upgrade,
with minimal operator intervention required. Custom implementations will
require modification, though these can be used in conjunction with the
stock CassandraRoleManager so providing an IRoleManager implementation
should not usually be necessary.
- Fat client support has been removed since we have push notifications to clients
- cassandra-cli has been removed. Please use cqlsh instead.
- YamlFileNetworkTopologySnitch has been removed; switch to
GossipingPropertyFileSnitch instead.
- CQL2 has been removed entirely in this release (previously deprecated
in 2.0.0). Please switch to CQL3 if you haven't already done so.
- The results of CQL3 queries containing an IN restriction will be ordered
2.2.12
======
Upgrading
---------
- See MAXIMUM TTL EXPIRATION DATE NOTICE above.
- Cassandra is now relying on the JVM options to properly shutdown on OutOfMemoryError. By default it will
rely on the OnOutOfMemoryError option as the ExitOnOutOfMemoryError and CrashOnOutOfMemoryError options
are not supported by the older 1.7 and 1.8 JVMs. A warning will be logged at startup if none of those JVM
options are used. See CASSANDRA-13006 for more details.
- Cassandra is not logging anymore by default an Heap histogram on OutOfMemoryError. To enable that behavior
set the 'cassandra.printHeapHistogramOnOutOfMemoryError' System property to 'true'. See CASSANDRA-13006
for more details.
2.2.11
======
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.10
======
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.9
=====
Upgrading
---------
- Compaction now correctly drops sstables out of CompactionTask when there
isn't enough disk space to perform the full compaction. This should reduce
pending compaction tasks on systems with little remaining disk space.
Deprecation
-----------
Since the security manager added in 3.0 only allows Java and JavaScript
UDFs to be run, UDFs for other languages are deprecated and support for
non-Java and non-JavaScript UDFs is deprecated in 2.2 and has been removed
in version 3.0.11.
2.2.8
=====
Upgrading
---------
- The ReversedType behaviour has been corrected for clustering columns of
BYTES type containing empty value. Scrub should be run on the existing
SSTables containing a descending clustering column of BYTES type to correct
their ordering. See CASSANDRA-12127 for more details.
2.2.7
=====
New features
------------
- JSON timestamps are now in UTC and contain the timezone information, see
CASSANDRA-11137 for more details.
Upgrading
---------
- Ec2MultiRegionSnitch will no longer automatically set broadcast_rpc_address
to the public instance IP if this property is defined on cassandra.yaml.
2.2.6
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.5
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.4
=====
Deprecation
-----------
- Pig support has been deprecated, and will be removed in 3.0.
Please see CASSANDRA-10542 for more details.
- Configuration parameter memory_allocator in cassandra.yaml has been deprecated
and will be removed in 3.0.0. As mentioned below for 2.2.0, jemalloc is
automatically preloaded on Unix platforms.
Operations
----------
- Switching data center or racks is no longer an allowed operation on a node
which has data. Instead, the node will need to be decommissioned and
rebootstrapped. If moving from the SimpleSnitch, make sure that the data
center and rack containing all current nodes is named "datacenter1" and
"rack1". To override this behaviour use -Dcassandra.ignore_rack=true and/or
-Dcassandra.ignore_dc=true.
- Reloading the configuration file of GossipingPropertyFileSnitch has been disabled.
- GC logging is now enabled by default (but you can disable it if you want by
commenting the relevant lines of the cassandra-env file).
Upgrading
---------
- The default for the inter-DC stream throughput setting
(inter_dc_stream_throughput_outbound_megabits_per_sec in cassandra.yaml) is
the same than the one for intra-DC one (200Mbps) instead of being unlimited.
Having it unlimited was never intended and was a bug.
New features
------------
- Time windows in DTCS are now limited to 1 day by default to be able to
handle bootstrap and repair in a better way. To get the old behaviour,
increase max_window_size_seconds.
- DTCS option max_sstable_age_days is now deprecated and defaults to 1000 days.
- Native protocol server now allows both SSL and non-SSL connections on
the same port.
2.2.3
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
2.2.2
=====
Upgrading
---------
- Version 1 and 2 of the native protocol are now deprecated and support
will be removed in Cassandra 3.0. You are encouraged to upgrade to a
client driver using version 3 of the native protocol.
Changed Defaults
----------------
- commitlog_total_space_in_mb will use the smaller of 8192, and 1/4
of the total space of the commitlog volume. (Before: always used
8192)
- Incremental repair is on by default since 2.2.0, run full repairs by
providing the '-full' parameter to nodetool repair.
- Parallel repairs are the default since 2.2.0, run sequential repairs
by providing the '-seq' parameter to nodetool repair.
- The following INFO logs were reduced to DEBUG level and will now show
on debug.log instead of system.log:
- Memtable flushing actions
- Commit log replayed files
- Compacted sstables
- SStable opening (SSTableReader)
New features
------------
- Custom QueryHandlers can retrieve the column specifications for the bound
variables from QueryOptions by using the hasColumnSpecifications()
and getColumnSpecifications() methods.
- A new default assynchronous log appender debug.log was created in addition
to the system.log appender in order to provide more detailed log debugging.
In order to disable debug logging, you must comment-out the ASYNCDEBUGLOG
appender on conf/logback.xml. See CASSANDRA-10241 for more information.
2.2.1
=====
Upgrading
---------
- Nothing specific to this release, but please see 2.2 if you are upgrading
from a previous version.
New features
------------
- COUNT(*) and COUNT(1) can be selected with other columns or functions
2.2
===
Upgrading
---------
- The authentication & authorization subsystems have been redesigned to
support role based access control (RBAC), resulting in a change to the
schema of the system_auth keyspace. See below for more detail.
For systems already using the internal auth implementations, the process
for converting existing data during a rolling upgrade is straightforward.
As each node is restarted, it will attempt to convert any data in the
legacy tables into the new schema. Until enough nodes to satisfy the
replication strategy for the system_auth keyspace are upgraded and so have
the new schema, this conversion will fail with the failure being reported
in the system log.
During the upgrade, Cassandra's internal auth classes will continue to use
the legacy tables, so clients experience no disruption. Issuing DCL
statements during an upgrade is not supported.
Once all nodes are upgraded, an operator with superuser privileges should
drop the legacy tables, system_auth.users, system_auth.credentials and
system_auth.permissions. Doing so will prompt Cassandra to switch over to
the new tables without requiring any further intervention.
While the legacy tables are present a restarted node will re-run the data
conversion and report the outcome so that operators can verify that it is
safe to drop them.
New features
------------
- The LIMIT clause applies now only to the number of rows returned to the user,
not to the number of row queried. By consequence, queries using aggregates will not
be impacted by the LIMIT clause anymore.
- Very large batches will now be rejected (defaults to 50kb). This
can be customized by modifying batch_size_fail_threshold_in_kb.
- Selecting columns,scalar functions, UDT fields, writetime or ttl together
with aggregated is now possible. The value returned for the columns,
scalar functions, UDT fields, writetime and ttl will be the ones for
the first row matching the query.
- Windows is now a supported platform. Powershell execution for startup scripts
is highly recommended and can be enabled via an administrator command-prompt
with: 'powershell set-executionpolicy unrestricted'
- It is now possible to do major compactions when using leveled compaction.
Doing that will take all sstables and compact them out in levels. The
levels will be non overlapping so doing this will still not be something
you want to do very often since it might cause more compactions for a while.
It is also possible to split output when doing a major compaction with
STCS - files will be split in sizes 50%, 25%, 12.5% etc of the total size.
This might be a bit better than old major compactions which created one big
file on disk.
- A new tool has been added bin/sstableverify that checks for errors/bitrot
in all sstables. Unlike scrub, this is a non-invasive tool.
- Authentication & Authorization APIs have been updated to introduce
roles. Roles and Permissions granted to them are inherited, supporting
role based access control. The role concept supercedes that of users
and CQL constructs such as CREATE USER are deprecated but retained for
compatibility. The requirement to explicitly create Roles in Cassandra
even when auth is handled by an external system has been removed, so
authentication & authorization can be delegated to such systems in their
entirety.
- In addition to the above, Roles are also first class resources and can be the
subject of permissions. Users (roles) can now be granted permissions on other
roles, including CREATE, ALTER, DROP & AUTHORIZE, which removesthe need for
superuser privileges in order to perform user/role management operations.
- Creators of database resources (Keyspaces, Tables, Roles) are now automatically
granted all permissions on them (if the IAuthorizer implementation supports
this).
- SSTable file name is changed. Now you don't have Keyspace/CF name
in file name. Also, secondary index has its own directory under parent's
directory.
- Support for user-defined functions and user-defined aggregates have
been added to CQL.
************************************************************************
IMPORTANT NOTE: user-defined functions can be used to execute
arbitrary and possibly evil code in Cassandra 2.2, and are
therefore disabled by default. To enable UDFs edit
cassandra.yaml and set enable_user_defined_functions to true.
CASSANDRA-9402 will add a security manager for UDFs in Cassandra
3.0. This will inherently be backwards-incompatible with any 2.2
UDF that perform insecure operations such as opening a socket or
writing to the filesystem.
Per the previous note about adding a security manager in 3.0, this security manager
means that non JavaScipt UDF's won't run, there for their use is deprecated.
************************************************************************
- Row-cache is now fully off-heap.
- jemalloc is now automatically preloaded and used on Linux and OS-X if
installed.
- Please ensure on Unix platforms that there is no libjnadispath.so
installed which is accessible by Cassandra. Old versions of
libjna packages (< 4.0.0) will cause problems - e.g. Debian Wheezy
contains libjna versin 3.2.x.
- The node now keeps up when streaming is failed during bootstrapping. You can
use new `nodetool bootstrap resume` command to continue streaming after resolving
an issue.
- Protocol version 4 specifies that bind variables do not require having a
value when executing a statement. Bind variables without a value are
called 'unset'. The 'unset' bind variable is serialized as the int
value '-2' without following bytes.
In an EXECUTE or BATCH request an unset bind value does not modify the value and
does not create a tombstone, an unset bind ttl is treated as 'unlimited',
an unset bind timestamp is treated as 'now', an unset bind counter operation
does not change the counter value.
Unset tuple field, UDT field and map key are not allowed.
In a QUERY request an unset limit is treated as 'unlimited'.
Unset WHERE clauses with unset partition column, clustering column
or index column are not allowed.
- New `ByteType` (cql tinyint). 1-byte signed integer
- New `ShortType` (cql smallint). 2-byte signed integer
- New `SimpleDateType` (cql date). 4-byte unsigned integer
- New `TimeType` (cql time). 8-byte long
- The toDate(timeuuid), toTimestamp(timeuuid) and toUnixTimestamp(timeuuid) functions have been added to allow
to convert from timeuuid into date type, timestamp type and bigint raw value.
The functions unixTimestampOf(timeuuid) and dateOf(timeuuid) have been deprecated.
- The toDate(timestamp) and toUnixTimestamp(timestamp) functions have been added to allow
to convert from timestamp into date type and bigint raw value.
- The toTimestamp(date) and toUnixTimestamp(date) functions have been added to allow
to convert from date into timestamp type and bigint raw value.
- SizeTieredCompactionStrategy parameter cold_reads_to_omit has been removed.
- The default JVM flag -XX:+PerfDisableSharedMem will cause the following tools JVM
to stop working: jps, jstack, jinfo, jmc, jcmd as well as 3rd party tools like Jolokia.
If you wish to use these tools you can comment this flag out in cassandra-env.{sh,ps1}
Upgrading
---------
- Thrift rpc is no longer being started by default.
Set `start_rpc` parameter to `true` to enable it.
- Pig's CqlStorage has been removed, use CqlNativeStorage instead
- Pig's CassandraStorage has been deprecated. CassandraStorage
should only be used against tables created via thrift.
Use CqlNativeStorage for all other tables.
- IAuthenticator been updated to remove responsibility for user/role
maintenance and is now solely responsible for validating credentials,
This is primarily done via SASL, though an optional method exists for
systems which need support for the Thrift login() method.
- IRoleManager interface has been added which takes over the maintenance
functions from IAuthenticator. IAuthorizer is mainly unchanged. Auth data
in systems using the stock internal implementations PasswordAuthenticator
& CassandraAuthorizer will be automatically converted during upgrade,
with minimal operator intervention required. Custom implementations will
require modification, though these can be used in conjunction with the
stock CassandraRoleManager so providing an IRoleManager implementation
should not usually be necessary.
- Fat client support has been removed since we have push notifications to clients
- cassandra-cli has been removed. Please use cqlsh instead.
- YamlFileNetworkTopologySnitch has been removed; switch to
GossipingPropertyFileSnitch instead.
- CQL2 has been removed entirely in this release (previously deprecated
in 2.0.0). Please switch to CQL3 if you haven't already done so.
- The results of CQL3 queries containing an IN restriction will be ordered
MAIN commitmail json YAML
devel/snappy-java10: Fix deps tarball to build with newer Maven.
MAIN commitmail json YAML
doc: Updated devel/gradle to 4.8
MAIN commitmail json YAML
pkgsrc/devel/gradle/Makefile@1.15
/
diff
pkgsrc/devel/gradle/PLIST@1.10 / diff
pkgsrc/devel/gradle/distinfo@1.11 / diff
pkgsrc/devel/gradle/PLIST@1.10 / diff
pkgsrc/devel/gradle/distinfo@1.11 / diff
devel/gradle: Update to 4.8.0.
- Dependency locking
- Improvements to publishing plugins:
- Signing Plugin now supports signing all artifacts of a publication
- Maven Publish Plugin now provides a dedicated, type-safe DSL to
customize the POM generated as part of a Maven publication
- Ivy Publish Plugin now provides a dedicated, type-safe DSL to
customize the Ivy module descriptor generated as part of an Ivy
publication
- Configuration-wide dependency excludes are now published
- The maven-publish and ivy-publish plugins are now considered stable
and use of the maven plugin is discouraged as it will eventually be
deprecated
- User experience for incremental annotation processing is improved.
- Compilation will no longer fail when a processor does something that
Gradle detects will not work incrementally
- Unused non-incremental processors no longer prevent incremental
compilation
- Annotation processors are now able to decide dynamically if they are
incremental or not
- Kotlin DSL 0.17.5
- Dependency locking
- Improvements to publishing plugins:
- Signing Plugin now supports signing all artifacts of a publication
- Maven Publish Plugin now provides a dedicated, type-safe DSL to
customize the POM generated as part of a Maven publication
- Ivy Publish Plugin now provides a dedicated, type-safe DSL to
customize the Ivy module descriptor generated as part of an Ivy
publication
- Configuration-wide dependency excludes are now published
- The maven-publish and ivy-publish plugins are now considered stable
and use of the maven plugin is discouraged as it will eventually be
deprecated
- User experience for incremental annotation processing is improved.
- Compilation will no longer fail when a processor does something that
Gradle detects will not work incrementally
- Unused non-incremental processors no longer prevent incremental
compilation
- Annotation processors are now able to decide dynamically if they are
incremental or not
- Kotlin DSL 0.17.5
MAIN commitmail json YAML
doc: Updated databases/py-peewee to 3.5.0