Updated www/nghttp2, www/nghttp2-tools

(adam)

nghttp2 nghttp2-tools: updated to 1.62.0

nghttp2 v1.62.0

nghttpx: Fix QUIC stateless reset stack buffer overflow
Require c-ares >= 1.16.0 for ares_getaddrinfo
Require C++20 compiler
ci: Bump macos to 13
Adopt std::to_array and remove make_array
nghttpx: Define APIEndpoints separately
build(deps): bump golang.org/x/net from 0.22.0 to 0.24.0
nghttpx: Do not send error/status body when method is HEAD
nghttpx: Fix alignment issues in BlockAllocator
nghttpx: Simplify parameter declaration for ipc_fd functions
CMakListsts: Add Build Test info on summary
nghttpx: Add extent to ipc_fd explicitly
src: Add util::format_hex overload functions taking std::span
Make make_byte_ref return std::span
Make util::decode_hex return std::span
Rewrite util::parse_uint
Let base64::decode return std::span
Refactor StringRef
Stringref refactor c str and str
Add StringRef literal operator and remove StringRef::from_lit
Make StringRef(const std::string&) implicit
Add http2::make_field family functions
Bump munit
Remove std::string conversion operator from StringRef
Optimize StringRef comparisons against c-string
Pack more quic pkt
nghttpx: Dynamic GSO failover
Refactor ImmutableString
nghttpx: Refactor QUIC data path
nghttpx: Fix inherited TCP port comparison
make_websocket_accept_token: Lesser conversions
Add http3::make_field family functions
Remove unnecessary namespace qualifications
Refactor http utils
Refactor streq
Remove util::streq and let StringRef operator== deal with it
Update the link for the Prefix.pdf document.
Rewrite util:shuffle
build(deps): bump github.com/quic-go/quic-go from 0.42.0 to 0.43.0
nghttpd: Use nghttp2_ssize
build(deps): bump github.com/quic-go/quic-go from 0.43.0 to 0.43.1
Bump ngtcp2
Bump llhttp to v9.2.1
Introduce typed nghttp2_min and nghttp2_max
Add macos 14
Add dedicated distcheck buildtool parameter

(adam)

Updated multimedia/assimp, textproc/cJSON

(adam)

cJSON: updated to 1.7.18

1.7.18 (May 13, 2024)

Fixes:

* Add NULL check to cJSON_SetValuestring()(CVE-2024-31755)
* Remove non-functional list handling of compiler flags
* Fix heap buffer overflow
* remove misused optimization flag -01
* Set free'd pointers to NULL whenever they are not reassigned immediately after

(adam)

assimp: updated to 5.4.1

The Assimp 5.4.1 Bugfix Release

CMake: Allow linking draco statically if ASSIMP_BUILD_DRACO_STATIC is set.
Deps: updated minizip to last version
Deps: updated STBIMAGElib
Fix issue 5461 (segfault after removing redundant materials)
Update ComputeUVMappingProcess.cpp
Add some ASSIMP_INSTALL checks
Fix SplitByBoneCount typo that prevented node updates
Q3DLoader: Fix possible material string overflow
Reverts the changes introduced by commit ad766cb in February 2022.
Fix a collada import bug
Mention IQM loader in Fileformats.md
Kimkulling/fix pyassimp compatibility
Fix ASE loader crash when *MATERIAL_COUNT or *NUMSUBMTLS is not specified or is 0
Add checks for invalid buffer and size
Make sure for releases revision will be zero
glTF2Importer: Support .vrm extension
Prepare v5.4.1

(adam)

Updated security/py-cyclonedx-bom, www/py-drf-nested-routers

(adam)

py-drf-nested-routers: updated to 0.94.1

0.94.1
Unknown changes

(adam)

py-cyclonedx-bom: updated to 4.4.3

v4.4.3 (2024-04-26)

Fix

fix: do not use cyclonedx-lib==7.3.1

v4.4.2 (2024-04-21)

Fix

fix: release lates container image

v4.4.1 (2024-04-21)

Fix

fix: release lates container image

(adam)

Updated textproc/py-lxml, www/py-django-import-export

(adam)

py-django-import-export: updated to 4.0.1

4.0.1 (2024-05-08)

- fix crash on export when model has no ``id``
- fix Widget crash when django Field subclass is used
- fix regression: allow imports when default ``import_id_field`` is not present

(adam)

py-lxml: updated to 5.2.2

5.2.2 (2024-05-12)

Bugs fixed

* The ``test_feed_parser`` test could fail if ``lxml_html_clean`` was not installed.
  It is now skipped in that case.

* The minimum CPU architecture for the Linux x86 binary wheels was set back to
  "core2", without SSE 4.2.

* If libxml2 uses iconv, the compile time version is available as `etree.ICONV_COMPILED_VERSION`.

(adam)

Removed multimedia/gst-plugins1-transcoder; Updated multimedia/gstreamer1

(adam)

gstreamer1: updated to 1.24.3

1.24.3

This release only contains bugfixes and it should be safe to update from 1.24.x.

Highlighted bugfixes in 1.24.3

EXIF image tag parsing security fixes
Subtitle handling improvements in parsebin
Fix issues with HLS streams that contain VTT subtitles
Qt6 QML sink re-render and re-sizing fixes
unixfd ipc plugin timestamp and segment handling fixes
vah264enc, vah265enc: Do not touch the PTS of the output frame
vah264dec and vapostproc fixes and improvements
v4l2: multiple fixes and improvements, incl. for mediatek JPEG decoder and v4l2 loopback
v4l2: fix hang after seek with some v4l2 decoders
Wayland sink fixes
ximagesink: fix regression on RPi/aarch64
fmp4mux, mp4mux gained FLAC audio support
D3D11, D3D12: reliablity improvements and memory leak fixes
Media Foundation device provider fixes
GTK4 paintable sink improvements including support for directly importing dmabufs with GTK 4.14
WebRTC sink/source fixes and improvements
AWS s3sink, s3src, s3hlssink now support path-style addressing
MPEG-TS demuxer fixes
Python bindings fixes
various bug fixes, memory leak fixes, and other stability and reliability improvements

1.24.2

This release only contains bugfixes and it should be safe to update from 1.24.x.

Highlighted bugfixes in 1.24.2

H.264 parsing regression fixes
WavPack typefinding improvements
Video4linux fixes and improvements
Android build and runtime fixes
macOS OpenGL memory leak and robustness fixes
Qt/QML video sink fixes
Package new analytics and mse libraries in binary packages
Windows MSVC binary packages: fix libvpx avx/avx2/avx512 instruction set detection
various bug fixes, memory leak fixes, and other stability and reliability improvements

(adam)

alsa-lib: HOMEPAGE is https

(adam)

gst-plugins1-transcoder: removed; DEPRECATED merged into gst-plugins-bad

(adam)

py-qwt-qt5: fix builds against qwt-qt5 6.1.6 and newer

(adam)

Updated devel/py-joblib, textproc/py-pallets-sphinx-themes

(adam)

py-pallets-sphinx-themes: updated to 2.1.3

Version 2.1.3
- Allow Sphinx's parallel build feature. :issue:`88`

Version 2.1.2
- Use modern packaging metadata with ``pyproject.toml`` instead of ``setup.cfg``.
- Use ``flit_core`` instead of ``setuptools`` as build backend.
- Compatibility with changes in Sphinx 7.3. :pr:`100`

(adam)

py-joblib: updated to 1.4.2

Release 1.4.2 -- 2024/05/02

Due to maintenance issues, 1.4.1 was not valid and we bumped the version to 1.4.2

- Fix a backward incompatible change in ``MemorizedFunc.call`` which needs to
  return the metadata. Also make sure that ``NotMemorizedFunc.call`` return
  an empty dict for metadata for consistency.
  https://github.com/joblib/joblib/pull/1576

(adam)

Updated devel/ninja-build, textproc/gtk-doc, devel/py-freezegun, www/py-djangocms-column

(adam)

py-djangocms-column: updated to 2.1.0

2.1.0

[pre-commit.ci] pre-commit autoupdate
fix: add missing migration
Update cms_plugins.py - isort/flake8 check
chore: Prepare release 2.1.0

(adam)

py-freezegun: updated to 1.5.1

1.5.1

* Fix the typing of the `tick()` method, and improve it's behaviour.

(adam)

gtk-doc: updated to 1.34.0

GTK-Doc 1.34.0 (Mar 5 2024)

Maintenance, some bug fixes
Meson: fix some warnings, simplifications
Translation updates

(adam)

ninja-build: updated to 1.12.1

v1.12.1

Bugfixes:

Screen updates extremely slow on Windows
Dry run error if the build directory does not exist
New critical path scheduler performance improvements

(adam)

Updated net/iperf3, databases/postgresql-timescaledb

(adam)

postgresql-timescaledb: updated to 2.15.0

2.15.0

This release contains the performance improvements and bug fixes introduced since
TimescaleDB v2.14.2. Best practice is to upgrade at the next available opportunity.

Highlighted features in this release

Continuous Aggregate now supports time_bucket with origin and/or offset.
The following improvements have been introduced for hypertable compression:
Added planner support to check more kinds of WHERE conditions before decompression.
This reduces the number of rows that have to be decompressed.
You can now use minmax sparse indexes when you compress columns with btree indexes.
Make compression uses the defaults functions.
Vectorize filters in the WHERE clause contain text equality operators and LIKE expressions.

(adam)

iperf3: updated to 3.17

iperf 3.17 contains a fix for a minor security vulnerability related to iperf3窶冱 authentication feature and its use of RSA-encrypted credentials. The release notes contain more details on this breaking change, and how to revert to older, less secure behavior if needed for backward compatibility with older versions of iperf3.

This version also contains a new streaming JSON output format (enabled with the 窶屠son-stream) option, and a number of other bug fixes.

(adam)

Updated databases/py-peewee, devel/py-bitstring, textproc/py-numpydoc, textproc/py-patiencediff

(adam)

py-patiencediff: updated to 0.2.15

v0.2.15

Update README.rst
Add dependabot config
Bump actions/setup-python from 2 to 5
Bump docker/setup-qemu-action from 1 to 3
Bump actions/checkout from 2 to 4
Publish wheels from github
Drop python 3.7 support

(adam)

py-numpydoc: updated to 1.7.0

1.7.0

Enhancements

- PERF: wrap inspect.getsourcelines with cache

Bug Fixes

- during tokenize, use UTF8 encoding on all platforms
- fix 'Alias for field number X' problem with NamedTuples

Documentation

- DOC: Fix typos found by codespell
- DOC: Update link to mailing list
- Add Python 3.12 to classifiers
- Update release process
- Update release process

Maintenance

- [pre-commit.ci] pre-commit autoupdate
- [pre-commit.ci] pre-commit autoupdate
- MAINT: apply refurb suggestion
- [pre-commit.ci] pre-commit autoupdate
- Bump actions/setup-python from 4 to 5
- [pre-commit.ci] pre-commit autoupdate
- Filter ``DeprecationWarning`` in failing test for python 3.12
- MAINT: Replace NameConstant with Constant
- [pre-commit.ci] pre-commit autoupdate
- Update precommit repos
- Require sphinx 6
- Use trusted publisher

(adam)

py-bitstring: updated to 4.2.2

4.2.2

A couple more minor bug fixes.

* Sometimes a ValueError was being raised instead of a ReadError.
* Initialising a bitstring from None now raises a TypeError rather than generating
  an empty bitstring.
* Fixed performance regression for find/findall in some situations.
* Fix for AttributeError bug when combining Bits with BitStream.

(adam)

py-peewee: updated to 3.17.5

3.17.5

This release fixes a build system problem in Python 3.12.

3.17.4

Fix bug that could occur when using CASE inside a function, and one or more of the CASE clauses consisted of a subquery.
Fix bug in the conversion of TIMESTAMP type in Sqlite on Python 3.12+.
Fix for hybrid properties on subclasses when aliased.
Many fixes for SqliteQueueDatabase

(adam)

Updated devel/cargo-bloat, graphics/py-tifffile

(adam)

py-tifffile: updated to 2024.5.10

2024.5.10

- Pass 5082 tests.
- Support reading JPEGXL compression in DNG 1.7.
- Read invalid TIFF created by IDEAS software.

(adam)

cargo-bloat: updated to 0.12.1

0.12.1

Added

Improve strip = false handling. Strip is always disabled for cargo bloat builds now.

(adam)

llvm: enable all targets

(adam)

Updated devel/py-ruff, www/py-flask-caching

(adam)

py-flask-caching: updated to 2.3.0

2.3.0
Unknown changes

(adam)

py-ruff: updated to 0.4.4

v0.4.4

Preview features

[pycodestyle] Ignore end-of-line comments when determining blank line rules
[pylint] Detect pathlib.Path.open calls in unspecified-encoding (PLW1514)
[flake8-pyi] Implement PYI059 (generic-not-last-base-class)
[flake8-pyi] Implement PYI062 (duplicate-literal-member)

Rule changes

[flake8-boolean-trap] Allow passing booleans as positional-only arguments in code such as set(True)
[flake8-bugbear] Ignore enum classes in cached-instance-method (B019)

Server

Expand tildes when resolving Ruff server configuration file
Fix ruff server hanging after Neovim closes
Editor settings are used by default if no file-based configuration exists

Bug fixes

[pylint] Consider with statements for too-many-branches (PLR0912)
[flake8-blind-except, tryceratops] Respect logged and re-raised expressions in nested statements (BLE001, TRY201)
Recognise assignments such as __all__ = builtins.list(["foo", "bar"]) as valid __all__ definitions

(adam)

versioned_dependencies.mk: devel/py-setuptools_scm5 and devel/py-test4 are no longer around

(adam)

Updated devel/py-py, devel/py-wcwidth; Removed devel/py-backports.functools_lru_cache, devel/py-configparser, devel/py-func_timeout

(adam)

py-backports.functools_lru_cache, py-configparser, py-func_timeout: removed; on the way to get rid of Python 2.7

(adam)

py-wcwidth: switch to wheel.mk

(adam)

py-py: switch to wheel.mk

(adam)

Updated textproc/py-toml; Removed devel/py-test4, devel/py-packaging2, devel/py-importlib-metadata2, devel/py27-pluggy, devel/py-setuptools_scm5, devel/py-prompt_toolkit1, archivers/py-zipp1

(adam)

py-zipp1, py-test4, py-packaging2, py-importlib-metadata2, py27-pluggy, py-setuptools_scm5, py-prompt_toolkit1: removed

(adam)

py-toml: swith to wheel.mk

(adam)

Updated devel/cmake, textproc/ugrep

(adam)

ugrep: updated to 6.0.0

ugrep v6.0

quicker! much faster search speeds on ARM CPUs and also faster overall on other CPUs using essentially the same SIMD algorithms but better optimized #385 see latest ugrep benchmarks for results
more good stuff! includes ugrep-indexer, which is installed together with ugrep, see ugrep-indexer release notes v1.0.0

(adam)

cmake: updated to 3.29.3

CMake 3.29.3
* Tests/CXXModules: test exporting modules which include headers
* cmGeneratorTarget: add the original target as a COMPILE_ONLY link
* cmGeneratorTarget: add method to get a filesystem-safe export name
* cxxmodules: use filesystem-safe export names in filenames
* cmGeneratorTarget: add a target-level query for "needs dyndep"
* VS: set ScanSourceForModuleDependencies at vcxproj level
* cmDyndepCollation: look at all `export(TARGETS)` calls
* Tests/RunCMake/CMakePackage: Define variable closer to where it is used
* FindBoost: Add support for Boost 1.85
* cxxmodules: Do not scan sources while testing the compiler
* Help: Fix CMakePackageConfigHelpers typos, grammar and formatting
* Help: Add missing section heading for apple architecture selection
* generate_apple_architecture_selection_file: Avoid early returns
* generate_apple_*_selection_file: Save/restore PACKAGE_PREFIX_DIR
* Help/OBJC_STANDARD: Document Objective C17 and C23 support
* FindHDF5: Fix detection of versions with more than three components

(adam)

Updated devel/py-atomicwrites; Removed devel/py-docstyle3

(adam)

py-docstyle3: removed; use py-docstyle instead

(adam)

py-atomicwrites: switch to wheel.mk

(adam)

Updated databases/postgresql1[2-6]

(adam)

postgresql: updated to 16.3, 15.7, 14.12, 13.15, 12.19

PostgreSQL 16.3, 15.7, 14.12, 13.15, and 12.19

The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 16.3, 15.7, 14.12, 13.15, and 12.19. This release fixes one security vulnerability and over 55 bugs reported over the last several months.

A security vulnerability was found in the system views pg_stats_ext and pg_stats_ext_exprs, potentially allowing authenticated database users to see data they don't have sufficient privileges to view. The fix for this vulnerability only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after this fix is applied. If you have a current PostgreSQL installation and are concerned about this issue, please follow the instructions in the "Updating" section for remediation steps.

For the full list of changes, please review the release notes.

(adam)

url2pkg: for Python 3.x only

(adam)

Updated textproc/py-babelfish, graphics/py-pygraphviz, www/py-publicsuffixlist, textproc/py-phonenumbers

(adam)

py-phonenumbers: updated to 8.13.36

8.13.36
Unknown changes

(adam)

py-publicsuffixlist: updated to 0.10.0.20240508

0.10.0.20240508
Unknown changes

(adam)

py-pygraphviz: updated to 1.13

pygraphviz 1.13
===============

We're happy to announce the release of pygraphviz 1.13!

Bug Fixes
---------

- Remove outdated pystrings.swg
- Fix segfault from repr attempting to access attrs on uninitialized instance

Maintenance
-----------

- Remove outdated pystrings.swg
- Update CI tests
- Update pre-commit repos
- Bump webfactory/ssh-agent from 0.8.0 to 0.9.0
- Update tests for macOS Sonoma v14
- Update doc requirements
- Update pre-commit repos
- Remove unnecessary pip flags
- Test on fedora 40

(adam)

py-babelfish: updated to 0.6.1

0.6.1

Bump dependencies
Replace pkg_resources with importlib

(adam)

Updated textproc/py-regex, finance/py-stripe

(adam)

py-stripe: updated to 9.6.0

9.6.0 - 2024-05-09
* Update generated code
* Add support for `allow_redisplay` on resource class `stripe.ConfirmationToken.PaymentMethodPreview` and resource `stripe.PaymentMethod`
* Add support for `preview_mode` on parameter classes `stripe.Invoice.CreatePreviewParams`, `stripe.Invoice.UpcomingLinesParams`, and `stripe.Invoice.UpcomingParams`
* Add support for `_cls_update` on resources `stripe.treasury.OutboundPayment` and `stripe.treasury.OutboundTransfer`
* Add support for `tracking_details` on resources `stripe.treasury.OutboundPayment` and `stripe.treasury.OutboundTransfer`
* Add support for `update` on resources `stripe.treasury.OutboundPayment` and `stripe.treasury.OutboundTransfer`
* Add support for `treasury.outbound_payment.tracking_details_updated` on enums `stripe.Event.type`, `stripe.WebhookEndpoint.CreateParams.enabled_events`, and `stripe.WebhookEndpoint.ModifyParams.enabled_events`
* Add support for `treasury.outbound_transfer.tracking_details_updated` on enums `stripe.Event.type`, `stripe.WebhookEndpoint.CreateParams.enabled_events`, and `stripe.WebhookEndpoint.ModifyParams.enabled_events`

9.5.0 - 2024-05-02
* Update generated code
* Add support for `paypal` on resource class `stripe.Dispute.PaymentMethodDetails`
* Add support for `payment_method_types` on parameter class `stripe.PaymentIntent.ConfirmParams`
* Add support for `ship_from_details` on parameter class `stripe.tax.Calculation.CreateParams` and resources `stripe.tax.Calculation` and `stripe.tax.Transaction`
* Add support for `bh`, `eg`, `ge`, `ke`, `kz`, `ng`, `om` on resource class `stripe.tax.Registration.CountryOptions` and parameter class `stripe.tax.Registration.CreateParamsCountryOptions`
* Add support for `paypal` on enum `stripe.Dispute.PaymentMethodDetails.type`
* Add support for `shipping_address_invalid` on enums `stripe.Invoice.LastFinalizationError.code`, `stripe.PaymentIntent.LastPaymentError.code`, `stripe.SetupAttempt.SetupError.code`, and `stripe.SetupIntent.LastSetupError.code`
* Change type of `metadata` on  `stripe.entitlements.Feature.ModifyParams` from `Dict[str, str]` to `Literal['']|Dict[str, str]`
* Fix type change entries in Python Changelog

9.4.0 - 2024-04-25
* Update generated code
* Add support for `amazon_pay` on resource classes `stripe.Mandate.PaymentMethodDetails` and `stripe.SetupAttempt.PaymentMethodDetails`
* Add support for `revolut_pay` on resource classes `stripe.Mandate.PaymentMethodDetails` and `stripe.SetupAttempt.PaymentMethodDetails`
* Add support for `setup_future_usage` on resource classes `stripe.PaymentIntent.PaymentMethodOptions.AmazonPay`, `stripe.PaymentIntent.PaymentMethodOptions.RevolutPay`, `stripe.checkout.Session.PaymentMethodOptions.AmazonPay`, and `stripe.checkout.Session.PaymentMethodOptions.RevolutPay`
* Add support for `mobilepay` on parameter classes `stripe.PaymentMethodConfiguration.CreateParams` and `stripe.PaymentMethodConfiguration.ModifyParams` and resource `stripe.PaymentMethodConfiguration`
* Add support for `ending_before` on parameter class `stripe.PaymentMethodConfiguration.ListParams`
* Add support for `limit` on parameter class `stripe.PaymentMethodConfiguration.ListParams`
* Add support for `starting_after` on parameter class `stripe.PaymentMethodConfiguration.ListParams`
* Change type of `feature` on  `stripe.entitlements.ActiveEntitlement` from `str` to `ExpandableField[Feature]`
* Add support for `amazon_pay` on enums `stripe.Invoice.PaymentSettings.payment_method_types`, `stripe.Invoice.CreateParamsPaymentSettings.payment_method_types`, `stripe.Invoice.ModifyParamsPaymentSettings.payment_method_types`, `stripe.Subscription.PaymentSettings.payment_method_types`, `stripe.Subscription.CreateParamsPaymentSettings.payment_method_types`, and `stripe.Subscription.ModifyParamsPaymentSettings.payment_method_types`
* Add support for `revolut_pay` on enums `stripe.Invoice.PaymentSettings.payment_method_types`, `stripe.Invoice.CreateParamsPaymentSettings.payment_method_types`, `stripe.Invoice.ModifyParamsPaymentSettings.payment_method_types`, `stripe.Subscription.PaymentSettings.payment_method_types`, `stripe.Subscription.CreateParamsPaymentSettings.payment_method_types`, and `stripe.Subscription.ModifyParamsPaymentSettings.payment_method_types`
* Remove support for inadvertently released identity verification features `email` and `phone` on parameter classes `stripe.identity.VerificationSession.CreateParamsOptions` and `stripe.identity.VerificationSession.ModifyParamsOptions`
* Bump aiohttp from 3.9.2 to 3.9.4

(adam)

py-regex: updated to 2024.5.10

2024.5.10
Unknown changes

(adam)

Updated devel/glib2, devel/glib2-tools, devel/gdbus-codegen

(adam)

glib2 glib2-tools gdbus-codegen: updated to 2.80.2

Overview of changes in GLib 2.80.2, 2024-05-08
==============================================

* Fix a regression with IBus caused by the fix for CVE-2024-34397

* Fix installation directory of the GVariant specification

* Bugs fixed:
  - GVariant specification installed in wrong directory (Michael
    Catanzaro)
  - Fixing CVE-2024-34397 caused regressions for ibus (Simon McVittie)
  - Backport "gdbusconnection: Fix test signal subscription ordering" to
    glib-2-80
  - Backport !4049 ���Correct installation directory of GVariant
    specification��� to glib-2-80
  - Backport !4053 ���gdbusconnection: Allow name owners to have the syntax
    of a well-known name��� to glib-2-80

(adam)

Updated graphics/libjpeg-turbo, www/tinyproxy, www/nghttp3, net/ngtcp2

(adam)

ngtcp2: updated to 1.5.0

ngtcp2 v1.5.0

Fix release script
autotools: Switch to tar-pax
Pack more QUIC packets on large PMTUD probes
Drop UDP datagram if it comes from a well-known port
Rework transmitting empty STREAM frame
Take into account SCID length when computing minimum packet size
More prohibited ports
client: Handle error from feed_data
server: Send stateless reset
crypto: Adjust token stack buffer sizes
crypto: Reduce NGTCP2_CRYPTO_TOKEN_RAND_DATALEN to 16
Bump wolfssl to v5.7.0-stable
Group up integration test output
QUIC min Short packet is 22
cmake: add BUILD_TESTING, fix MSVC with static + shared
adding "git submodule" and libev stuff
Bump munit
ci: Add macos-14
server: Fix stateless reset buffer stack buffer overflow
Adopt std::to_array
Fix interop
server: Use std::span for sized binary data
client: Use std::span for sized binary data
examples: More std::span
std::unordered_map lookup by std::string_view
Refactor Buffer
interop: Support linux/arm64
chore: Build multi-platform Docker image during CI
interop: Build images on multiple runners
interop: Push multi platform images
Fix interop image tag
interop: Add missing h09 client/server
Refactor format_hex
CMakeLists(.txt): Add Build Test info on summary
Bump munit
server: Refactor packet write
Remove unused streq_l
Bump aws-lc to v1.26.0
Fix nullptr dereference
Bump boringssl
Bump picotls

(adam)

nghttp3: updated to 1.3.0

nghttp3 v1.3.0

Refactor stream data acknowledgement
Do not call acked_data with 0 length data
Qpack tweak
Avoid assigning zero after memset
Lower decoder stream limit
Workaround llvm issue on github ubuntu runner
apt-get update
Automate release process
autotools: Switch to tar-pax
Add actions/stale
cmake: add BUILD_TESTING, fix MSVC with static + shared
Bump munit
CMakeLists(.txt): Add Build Test info on summary
Bump munit
Update the link for the Prefix.pdf document
More words for errors when reading from or writing to a stream
Clarify the use of nghttp3_conn_close_stream

(adam)

tinyproxy: updated to 1.11.2

1.11.2

Fixes issues detected in 1.11.1, including a nasty UAF bug.

(adam)

libjpeg-turbo: updated to 3.0.3

3.0.3

Significant changes relative to 3.0.2:

1. Fixed an issue in the build system, introduced in 3.0.2, that caused all
libjpeg-turbo components to depend on the Visual C++ run-time DLL when built
with Visual C++ and CMake 3.15 or later, regardless of value of the
`WITH_CRT_DLL` CMake variable.

2. The x86-64 SIMD extensions now include support for Intel Control-flow
Enforcement Technology (CET), which is enabled automatically if CET is enabled
in the C compiler.

3. Fixed a regression introduced by 3.0 beta2[6] that made it impossible for
calling applications to supply custom Huffman tables when generating
12-bit-per-component lossy JPEG images using the libjpeg API.

4. Fixed a segfault that occurred when attempting to use the jpegtran `-drop`
option with a specially-crafted malformed input image or drop image
(specifically an image in which all of the scans contain fewer components than
the number of components specified in the Start Of Frame segment.)

(adam)

Updated x11/gtk4, security/pcsc-lite

(adam)

pcsc-lite: updated to 2.2.1

2.2.1: Ludovic Rousseau

- fix meson related issues
- Some code cleanup

2.2.0: Ludovic Rousseau

- provide files for meson build tool (replaces autoconf/auoomake)
- fix a missing symbol in libpcscspy (bug introduced by the previous version)
- fix shutdown issues with hotplug_libusb
- update pcsc-spy manpage
- update copyright date
- Some other minor improvements

(adam)

gtk4: updated to 4.14.4

Overview of Changes in 4.14.4, 02-05-2024
=========================================

* GtkGraphicsOffload:
- Don't crash without a child

* Icontheme:
- Make symbolic svg loading more efficient
- Handle color-free symbolics more efficiently

* Accessibility:
- Make the gtk-demo sidebar search more accessible
- Stop emitting focus events

* GDK:
- Support XDG_ACTIVATION_TOKEN
- dmabuf: Be more defensive when importing unknown formats to G
- dmabuf: Use narrow range for YUV

* GSK:
- gpu: Handle  tiny offscreens correctl

* Build:
- Fix many ubsan warning

* macOS
- Fix problems with events handed back to the OS
- Respect GDK_DEBUG=default-settings

* Translation updates:
German
Indonesian
Kabyle
Korean
Lithuanian
Russian

(adam)

Updated devel/glib2, devel/glib2-tools, devel/gdbus-codegen, net/samba4

(adam)

samba4: updated to 4.20.1

Changes since 4.20.0

* BUG 15630: dns update debug message is too noisy.
* BUG 15635: Do not fail PAC validation for RFC8009 checksums types.
* BUG 15605: Improve performance of lookup_groupmem() in idmap_ad.
* BUG 15636: Smbcacls incorrectly propagates inheritance with Inherit-Only
  flag.
* BUG 15611: http library doesn't support 'chunked transfer encoding'.
* BUG 15600: Provide a systemd service file for the background queue daemon.

(adam)

glib2 glib2-tools gdbus-codegen: updated to 2.80.1

Overview of changes in GLib 2.80.1, 2024-05-07
==============================================

* Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are
  vulnerable to unicast spoofing

* Bugs fixed:
  - GNOME/tracker-miners-315 3.7.0 - GLib-GIO-WARNING **: 09:27:12.186: Error
    creating IO channel for /proc/self/mountinfo: Invalid argument (g-io-error-
    quark, 13) (Ondrej Holy)
  - CVE-2024-34397: GDBus signal subscriptions for well-known names are
    vulnerable to unicast spoofing (Simon McVittie)
  - Devhelp does not show indexes for GLib, GIO, or GObject (Philip
    Withnall)
  - readlink -f fails in CI on macOS (Simon McVittie)
  - Crash in gdbus schedule_callbacks() due to missing NULL check before
    g_str_equal() (Philip Withnall)
  - [th/performance] add script for combining performance results
  - [th/gobject-toggle-refs-check] Fix critical warning for toggle
    notifications in g_object_ref()/g_object_unref()
  - meson: Fix a needless recompilation of some gdbus tests
  - girparser: Don't assume sizeof(size_t) == sizeof(void *)
  - girparser: Allow time_t, off_t, etc. to appear in GIR XML
  - Ported the first few documentation comments in `gio/gaction.c` to gi-
    docgen
  - girparser: Make sizes in integer_aliases more obviously correct
  - girparser: Adjust signedness() macro
  - glib/gvariant: fix compile error with GCC 14.0.1
  - tests: Mark several additional tests as can_fail on GNU Hurd
  - Backport !3979 "Use CPU_COUNT to get the number of set CPUs" to
    glib-2-80
  - Backport !3989 “completion: make gsettings work in nounset mode” to
    glib-2-80
  - Backport "Remove unused cmph files" for glib-2-80
  - Backport !4019 “gunixmounts: Use fallback if libmount monitoring
    fails” to glib-2-80
  - Backport !4005 “Fix various bugs found by scan-build“ to glib-2-80
  - Backport !4028 “gdbusconnection: Fix a crash on arg0 matching” to
    glib-2-80
  - Backport !4031 “gdocumentportal: Handle EROFS and similar errors more
    gracefully” to glib-2-80
  - Backport !4038 “gdbusconnection: Don't deliver signals if the sender
    doesn't match” to glib-2-80

* Translation updates:
  - Czech (Daniel Rusek)
  - Danish (Ask Hjorth Larsen)
  - French (Vincent Chatelain)
  - Galician (Fran Dieguez)
  - Georgian (Ekaterine Papava)
  - German (Christian Kirbach)
  - Indonesian (Andika Triwidada)
  - Italian (Milo Casagrande)
  - Kabyle (Athmane MOKRAOUI, Rachida SACI)
  - Korean (Changwoo Ryu)
  - Latvian (Rūdolfs Mazurs)
  - Persian (Danial Behzadi)
  - Polish (Piotr Drąg)
  - Portuguese (Hugo Carvalho)
  - Portuguese (Brazil) (Leônidas Araújo, Juliano de Souza Camargo)

(adam)

Updated devel/py-test-doctestplus, devel/py-poetry, textproc/py-tomlkit, databases/py-sqlalchemy

(adam)

py-sqlalchemy: updated to 2.0.30

2.0.30

orm

[orm] [bug]

Added new attribute ORMExecuteState.is_from_statement to detect statements created using Select.from_statement(), and enhanced FromStatement to set ORMExecuteState.is_select, ORMExecuteState.is_insert, ORMExecuteState.is_update, and ORMExecuteState.is_delete according to the element that is sent to the Select.from_statement() method itself.

[orm] [bug]

Fixed issue in selectin_polymorphic() loader option where attributes defined with composite() on a superclass would cause an internal exception on load.

[orm] [bug] [regression]

Fixed regression from 1.4 where using defaultload() in conjunction with a non-propagating loader like contains_eager() would nonetheless propagate the contains_eager() to a lazy load operation, causing incorrect queries as this option is only intended to come from an original load.

[orm] [bug]

Fixed issue in ORM Annotated Declarative where typing issue where literals defined using PEP 695 type aliases would not work with inference of Enum datatypes. Pull request courtesy of Alc-Alc.

[orm] [bug]

Fixed issue in selectin_polymorphic() loader option where the SELECT emitted would only accommodate for the child-most class among the result rows that were returned, leading intermediary-class attributes to be unloaded if there were no concrete instances of that intermediary-class present in the result. This issue only presented itself for multi-level inheritance hierarchies.

[orm] [bug]

Fixed issue in Session.bulk_save_objects() where the form of the identity key produced when using return_defaults=True would be incorrect. This could lead to an errors during pickling as well as identity map mismatches.

[orm] [bug]

Fixed issue where attribute key names in Bundle would not be correct when using ORM enabled select vs. Query, when the statement contained duplicate column names.

engine

[engine] [bug]

Fixed issue in the Connection.execution_options.logging_token option, where changing the value of logging_token on a connection that has already logged messages would not be updated to reflect the new logging token. This in particular prevented the use of Session.connection() to change the option on the connection, since the BEGIN logging message would already have been emitted.

[engine] [bug]

Fixed issue in cursor handling which affected handling of duplicate Column or similar objcts in the columns clause of select(), both in combination with arbitary text() clauses in the SELECT list, as well as when attempting to retrieve Result.mappings() for the object, which would lead to an internal error.

typing

[typing] [bug] [regression]

Fixed typing regression caused by 11055 in version 2.0.29 that added ParamSpec to the asyncio run_sync() methods, where using AsyncConnection.run_sync() with MetaData.reflect() would fail on mypy due to a mypy issue. Pull request courtesy of Francisco R. Del Roio.

[typing] [bug]

Fixed issue in typing for Bundle where creating a nested Bundle structure were not allowed.

misc

[bug] [test]

Ensure the PYTHONPATH variable is properly initialized when using subprocess.run in the tests.

[bug] [installation]

Fixed an internal class that was testing for unexpected attributes to work correctly under upcoming Python 3.13. Pull request courtesy Edgar Ram鱈rez-Mondrag坦n.

(adam)

py-tomlkit: updated to 0.12.5

0.12.5

[pre-commit.ci] pre-commit autoupdate
chore(deps-dev): bump idna from 3.4 to 3.7
fix: CI workflow for macos
chore(deps-dev): bump jinja2 from 3.1.3 to 3.1.4
fix: don't add sign if the float is negative
fix: Construction of OutOfOrderTableProxy can cause newlines to be inserted

(adam)

py-poetry: updated to 1.8.3

1.8.3
Unknown changes

(adam)

py-test-doctestplus: updated to 1.2.1

1.2.1 (2024-03-09)
- Compatibility with pytest 8.1.1

1.2.0 (2024-03-04)
- Compatibility with pytest 8.1

(adam)

Updated math/erfa, math/py-pyerfa

(adam)

py-pyerfa: updated to 2.0.1.4

2.0.1.4 (2024-04-12)

Reintroduces a work-around such that pyerfa can also be built
on older numpy.

2.0.1.3 (2024-04-05)

No new features, but wheels that are compatible with numpy 2.0
as well as older supported versions of numpy 1.x.

2.0.1.2 (2024-04-04)

Failed attempt to create wheels compatible with numpy 2.0.
Yanked from pypi.

(adam)

erfa: updated to 2.0.1

ERFA 2.0.1 and SOFA "20231011"
Only small bug fixes in the SOFA release. The only differences between ERFA 2.0.1 and SOFA "20231011" remain the added eraVersion, eraSofaVersion, and leap second functions noted above.

(adam)

Updated sysutils/py-kubernetes, textproc/yq, devel/py-bitstring, devel/py-astroid

(adam)

py-astroid: updated to 3.2.0

v3.2.0

.pyi stub files are now preferred over .py files when resolving imports, (except for numpy).

igetattr() returns the last same-named function in a class (instead of
the first). This avoids false positives in pylint with @overload.

Adds module_denylist to AstroidManager for modules to be skipped during AST
generation. Modules in this list will cause an AstroidImportError to be raised
when an AST for them is requested.

Make astroid.interpreter._import.util.is_namespace only consider modules
using a loader set to NamespaceLoader or None as namespaces.
This fixes a problem that six.moves brain was not effective if six.moves
was already imported.

(adam)

py-bitstring: updated to 4.2.1

April 2024: version 4.2.1
-------------------------
Fixing a few regressions introduced in 4.2.0.

* Module crashes on import with 32-bit Python.
* Lists of integers not converted to bytes when using the bytes constructor.
* Empty comma separated tokens not handled correctly.
* Crash on import when docstrings not present due to optimize flag.

April 2024: version 4.2.0
-------------------------

This release contains a fairly large refactor of how different types are managed. This
shouldn't affect the end user, and the main noticeable change should be the new Dtype
class, which is optional to use.

Support for 8-bit and smaller floats has been reworked and expanded. These are still
a 'beta' feature.

Backwardly incompatible changes:

* Dropped support for Python 3.7. Minimum version is now 3.8.
* For tokens that use a non-numeric length, a ':' is now compulsory rather than
  recommended. For example use 'uint:foo' instead of 'uintfoo'.
* The previous e4m3float and e5m2float formats have become the slightly modified
  p4binary8 and p3binary8 formats.
* Some parameters are now enforced as positional only, such as `auto` in constructors.

Other changes:

* The Array class is no longer 'beta'.

* A new Dtype class can be optionally used to specify types.

* The bitstring.options object is now the preferred method for changing module options.
  The `bitstring.lsb0` and `bitstring.bytealigned` variables are now deprecated, use
  `bitstring.options.lsb0` and `bitstring.options.bytealigned` instead.

* New fromstring method as another way to create bitstrings from formatted strings.
  Instead of relying on the `auto` parameter you can now optionally use `fromstring`.
  >>> s1 = BitArray('u24=1000')  # This is still fine
  >>> s2 = BitArray.fromstring('u24=1000')  # This may be clearer and more efficient.

* More types can now be pretty printed. For example integer and float formats can be used.
  >>> s.pp('u15, bin')

* Pretty printing is now prettier - optional terminal colours added.

* A range of 8-bit, 6-bit and even 4-bit float formats added (beta):
  p3binary8: IEEE 8-bit floating point with 3 bit precision.
  p4binary8: IEEE 8-bit floating point with 4 bit precision.
  e5m2mxfp: OCP 8-bit floating point with 3 bit precision.
  e4m3mxfp: OCP 8-bit floating point with 4 bit precision.
  e2m3mxfp: OCP 6-bit floating point with 4 bit precision.
  e3m2mxfp: OCP 6-bit floating point with 3 bit precision.
  e2m1mxfp: OCP 4-bit floating point with 2 bit precision.
  e8m0mxfp: OCP 8-bit unsigned floating point designed to scale the other formats.
  mxint: OCP 8-bit floating point that is a scaled integer representation.

* Performance improvements.

(adam)

yq: updated to 3.4.3

Changes for v3.4.3 (2024-04-27)

Finish migration to setuptools_scm

Changes for v3.4.2 (2024-04-26)

Constrain setuptools_scm version

(adam)

py-kubernetes: updated to 29.0.0

v29.0.0

Kubernetes API Version: v1.29.0

Bug or Regression
- Fix UTF-8 failures in Watch
- Fix upper version boundary of urllib3, since other dependencies don't support urllib3 in version 2

v29.0.0b1

Kubernetes API Version: v1.29.0

Bug or Regression
- Fix UTF-8 failures in Watch
- Fix upper version boundary of urllib3, since other dependencies don't support urllib3 in version 2

v29.0.0a1

Kubernetes API Version: v1.29.0

API Change
- '`kube-apiserver`: adds `--authentication-config` flag for reading `AuthenticationConfiguration`
files. `--authentication-config` flag is mutually exclusive with the existing `--oidc-*`
flags.'
- '`kube-scheduler` component config (`KubeSchedulerConfiguration`) `kubescheduler.config.k8s.io/v1beta3`
is removed in `v1.29`. Migrated `kube-scheduler` configuration files to `kubescheduler.config.k8s.io/v1`.'
- A new sleep action for the `PreStop` lifecycle hook was added, allowing containers to pause for a specified duration before termination.
- Added CEL expressions to `v1alpha1 AuthenticationConfiguration`.
- Added Windows support for InPlace Pod Vertical Scaling feature.
- Added `ImageMaximumGCAge` field to Kubelet configuration, which allows a user to set the maximum age an image is unused before it's garbage collected.
- Added `UserNamespacesPodSecurityStandards` feature gate to enable user namespace support for Pod Security Standards.
Enabling this feature will modify all Pod Security Standard rules to allow setting: `spec[.*].securityContext.[runAsNonRoot,runAsUser]`.
This feature gate should only be enabled if all nodes in the cluster support the user namespace feature and have it enabled.
The feature gate will not graduate or be enabled by default in future Kubernetes releases.
- Added `optionalOldSelf` to `x-kubernetes-validations` to support ratcheting CRD schema constraints.
- Added a new `ServiceCIDR` type that allows to dynamically configure the cluster range used to allocate `Service ClusterIPs` addresses.
- Added a new `ipMode` field to the `.status` of Services where `type` is set to `LoadBalancer`.
The new field is behind the `LoadBalancerIPMode` feature gate.
- Added options for configuring `nf_conntrack_udp_timeout`, and `nf_conntrack_udp_timeout_stream` variables of netfilter conntrack subsystem.
- Added support for CEL expressions to `v1alpha1 AuthorizationConfiguration` webhook `matchConditions`.
- Added support for projecting `certificates.k8s.io/v1alpha1` ClusterTrustBundle objects into pods.
- Added the `DisableNodeKubeProxyVersion` feature gate. If `DisableNodeKubeProxyVersion` is enabled, the `kubeProxyVersion` field is not set.
- Fixed a bug where CEL expressions in CRD validation rules would incorrectly compute a high estimated cost for functions that return strings, lists or maps.
The incorrect cost was evident when the result of a function was used in subsequent operations.
- Fixed the API comments for the Job `Ready` field in status.
- Fixed the API comments for the `FailIndex` Job pod failure policy action.
- Go API: the `ResourceRequirements` struct was replaced with `VolumeResourceRequirements` for use with volumes.
- Graduated `Job BackoffLimitPerIndex` feature to `beta`.
- Marked the `onPodConditions` field as optional in `Job`'s pod failure policy.
- Promoted `PodReadyToStartContainers` condition to `beta`.
- The `flowcontrol.apiserver.k8s.io/v1beta3` `FlowSchema` and `PriorityLevelConfiguration` APIs has been promoted to `flowcontrol.apiserver.k8s.io/v1`, with the following changes:
- `PriorityLevelConfiguration`: the `.spec.limited.nominalConcurrencyShares` field defaults to `30` only if the field is omitted (v1beta3 also defaulted an explicit `0` value to `30`). Specifying an explicit `0` value is not allowed in the `v1` version in v1.29 to ensure compatibility with `v1.28` API servers. In `v1.30`, explicit `0` values will be allowed in this field in the `v1` API.
The `flowcontrol.apiserver.k8s.io/v1beta3` APIs are deprecated and will no longer be served in v1.32. All existing objects are available via the `v1` APIs. Transition clients and manifests to use the `v1` APIs before upgrading to `v1.32`.
- The `kube-proxy` command-line documentation was updated to clarify that
`--bind-address` does not actually have anything to do with binding to an
address, and you probably don't actually want to be using it.
- The `kube-scheduler` `selectorSpread` plugin has been removed, please use the `podTopologySpread` plugin instead.
- The `matchLabelKeys/mismatchLabelKeys` feature is introduced to the hard/soft `PodAffinity/PodAntiAffinity`.
- When updating a CRD, per-expression cost limit check are now skipped for `x-kubernetes-validations` rules of versions that are not mutated.
- `CSINodeExpandSecret` feature has been promoted to `GA` in this release and is enabled
by default. The CSI drivers can make use of the `secretRef` values passed in `NodeExpansion`
request optionally sent by the CSI Client from this release onwards.
- `NodeStageVolume` calls will now be retried if the CSI node driver is not running.
- `PersistentVolumeLastPhaseTransitionTime` is now beta and enabled by default.
- `ValidatingAdmissionPolicy` type checking now supports CRDs and API extensions types.
- `kube-apiserver`: added `--authorization-config` flag for reading a configuration file containing an `apiserver.config.k8s.io/v1alpha1 AuthorizationConfiguration` object. The `--authorization-config` flag is mutually exclusive with `--authorization-modes` and `--authorization-webhook-*` flags. The `alpha` `StructuredAuthorizationConfiguration` feature flag must be enabled for `--authorization-config` to be specified.
- `kube-proxy` now has a new nftables-based mode, available by running

    `kube-proxy --feature-gates NFTablesProxyMode=true --proxy-mode nftables`

This is currently an alpha-level feature and while it probably will not
eat your data, it may nibble at it a bit. (It passes e2e testing but has
not yet seen real-world use.)

At this point it should be functionally mostly identical to the iptables
mode, except that it does not (and will not) support Service NodePorts on
127.0.0.1. (Also note that there are currently no command-line arguments
for the nftables-specific config; you will need to use a config file if
you want to set the equivalent of any of the `--iptables-xxx` options.)

As this code is still very new, it has not been heavily optimized yet;
while it is expected to _eventually_ have better performance than the
iptables backend, very little performance testing has been done so far.
- `kube-proxy`: Added an option/flag for configuring the `nf_conntrack_tcp_be_liberal` sysctl (in the kernel's netfilter conntrack subsystem).  When enabled, `kube-proxy` will not install the `DROP` rule for invalid conntrack states, which currently breaks users of asymmetric routing.
- Added support for projecting certificates.k8s.io/v1alpha1 ClusterTrustBundle objects into pods.
- Adds `optionalOldSelf` to `x-kubernetes-validations` to support ratcheting CRD schema constraints
- Fix API comment for the Job Ready field in status
- Fix API comments for the FailIndex Job pod failure policy action.
- A new sleep action for the PreStop lifecycle hook is added, allowing containers to pause for a specified duration before termination.
- Add ImageMaximumGCAge field to Kubelet configuration, which allows a user to set the maximum age an image is unused before it's garbage collected.
- Add a new ServiceCIDR type that allows to dynamically configure the cluster range used to allocate Service ClusterIPs addresses
- Add the DisableNodeKubeProxyVersion feature gate. If DisableNodeKubeProxyVersion is enabled, the kubeProxyVersion field is not set.
- Added Windows support for InPlace Pod Vertical Scaling feature.
- Added `UserNamespacesPodSecurityStandards` feature gate to enable user namespace support for Pod Security Standards.
Enabling this feature will modify all Pod Security Standard rules to allow setting: `spec[.*].securityContext.[runAsNonRoot,runAsUser]`.
This feature gate should only be enabled if all nodes in the cluster support the user namespace feature and have it enabled.
The feature gate will not graduate or be enabled by default in future Kubernetes releases.
- Added options for configuring nf_conntrack_udp_timeout, and nf_conntrack_udp_timeout_stream variables of netfilter conntrack subsystem.
- Adds CEL expressions to v1alpha1 AuthenticationConfiguration.
- Adds support for CEL expressions to v1alpha1 AuthorizationConfiguration webhook matchConditions.
- CSINodeExpandSecret feature has been promoted to GA in this release and enabled by default. The CSI drivers can make use of the `secretRef` values passed in NodeExpansion request optionally sent by the CSI Client from this release onwards.
- Graduate Job BackoffLimitPerIndex feature to Beta
- Kube-apiserver: adds --authorization-config flag for reading a configuration file containing an apiserver.config.k8s.io/v1alpha1 AuthorizationConfiguration object. --authorization-config flag is mutually exclusive with --authorization-modes and --authorization-webhook-* flags. The alpha StructuredAuthorizationConfiguration feature flag must be enabled for --authorization-config to be specified.
- Kube-proxy now has a new nftables-based mode, available by running

    kube-proxy --feature-gates NFTablesProxyMode=true --proxy-mode nftables

This is currently an alpha-level feature and while it probably will not
eat your data, it may nibble at it a bit. (It passes e2e testing but has
not yet seen real-world use.)

At this point it should be functionally mostly identical to the iptables
mode, except that it does not (and will not) support Service NodePorts on
127.0.0.1. (Also note that there are currently no command-line arguments
for the nftables-specific config; you will need to use a config file if
you want to set the equivalent of any of the `--iptables-xxx` options.)

As this code is still very new, it has not been heavily optimized yet;
while it is expected to _eventually_ have better performance than the
iptables backend, very little performance testing has been done so far.
- Kube-proxy: Added an option/flag for configuring the `nf_conntrack_tcp_be_liberal` sysctl (in the kernel's netfilter conntrack subsystem).  When enabled, kube-proxy will not install the DROP rule for invalid conntrack states, which currently breaks users of asymmetric routing.
- PersistentVolumeLastPhaseTransitionTime is now beta, enabled by default.
- Promote PodReadyToStartContainers condition to beta.
- The flowcontrol.apiserver.k8s.io/v1beta3 FlowSchema and PriorityLevelConfiguration APIs has been promoted to flowcontrol.apiserver.k8s.io/v1, with the following changes:
- PriorityLevelConfiguration: the `.spec.limited.nominalConcurrencyShares` field defaults to `30` only if the field is omitted (v1beta3 also defaulted an explicit `0` value to `30`). Specifying an explicit `0` value is not allowed in the `v1` version in v1.29 to ensure compatibility with 1.28 API servers. In v1.30, explicit `0` values will be allowed in this field in the `v1` API.
The flowcontrol.apiserver.k8s.io/v1beta3 APIs are deprecated and will no longer be served in v1.32. All existing objects are available via the `v1` APIs. Transition clients and manifests to use the `v1` APIs before upgrading to v1.32.
- The kube-proxy command-line documentation was updated to clarify that
`--bind-address` does not actually have anything to do with binding to an
address, and you probably don't actually want to be using it.
- The matchLabelKeys/mismatchLabelKeys feature is introduced to the hard/soft PodAffinity/PodAntiAffinity.
- ValidatingAdmissionPolicy Type Checking now supports CRDs and API extensions types.
- When updating a CRD, per-expression cost limit check is skipped for x-kubernetes-validations rules of versions that are not mutated.
- Added a new `ipMode` field to the `.status` of Services where `type` is set to `LoadBalancer`.
The new field is behind the `LoadBalancerIPMode` feature gate.
- Fixed a bug where CEL expressions in CRD validation rules would incorrectly compute a high estimated cost for functions that return strings, lists or maps.
The incorrect cost was evident when the result of a function was used in subsequent operations.
- Go API: the ResourceRequirements struct needs to be replaced with VolumeResourceRequirements for use with volumes.
- Kube-apiserver: adds --authentication-config flag for reading AuthenticationConfiguration files. --authentication-config flag is mutually exclusive with the existing --oidc-* flags.
- Kube-scheduler component config (KubeSchedulerConfiguration) kubescheduler.config.k8s.io/v1beta3 is removed in v1.29. Migrate kube-scheduler configuration files to kubescheduler.config.k8s.io/v1.
- Mark the onPodConditions field as optional in Job's pod failure policy.
- Retry NodeStageVolume calls if CSI node driver is not running
- The kube-scheduler `selectorSpread` plugin has been removed, please use the `podTopologySpread` plugin instead.

(adam)

p5-Crypt-X509: comment out... the comment :)

(adam)

Updated textproc/py-json5, net/py-kombu

(adam)

py-kombu: updated to 5.3.7

5.3.7
The release of v5.3.6 was missing the bumbversion commit so v5.3.7 is only released to sync it back.

5.3.6
boto3>=1.26.143
Always convert azureservicebus namespace to fully qualified
Pin pytest-sugar to latest version 1.0.0
Upgrade to pytest v8 that removed nose compatibility
fix warning for usage of utcfromtimestamp
Update pytest to 8.0.2
Hotfix: Fix CI failures (limit redis to <5.0.2 instead of <6.0.0)
Expose cancel callback from py-amqp channel.basic_consume
Update mypy to 1.9.0
Update pytest to 8.1.1
Pin hypothesis to hypothesis<7
redis>=4.5.2,<5.0.2,!=4.5.5 -> redis>=4.5.2,!=5.0.2,!=4.5.5
add escape hatch for custom JSON serialization
Pin pytest-cov to latest version 5.0.0

(adam)

py-json5: updated to 0.9.25

v0.9.25 (2024-04-12)

GitHub issue 81 Explicitly specify the directory to use for the package in pyproject.toml.

v0.9.24 (2024-03-16)

Update GitHub workflow config to remove unnecessary steps and run on pull requests as well as commits.
Added note about removing hypothesize in v0.9.23.
No code changes.

v0.9.23 (2024-03-16)

Lots of cleanup:
Removed old code needed for Python2 compatibility.
Removed tests using hypothesize. This ran model-based checks and didn't really add anything useful in terms of coverage to the test suite, and it introduced dependencies and slowed down the tests significantly. It was a good experiment but I think we're better off without it.
Got everything linting cleanly with pylint 3.1 and ruff check using ruff 0.3.3 (Note that commit message in 00d73a3 says pylint 3.11, which is a typo).
Code reformatted with ruff format
Added missing tests to bring coverage up to 100%.
Lots of minor code changes as the result of linting and coverage testing, but no intentional functional differences.

v0.9.22 (2024-03-06)

Attempt to fix the GitHub CI configuration now that setup.py is gone. Also, test on 3.12 instead of 3.11.
No code changes.

v0.9.21 (2024-03-06)

Moved the benchmarks/*.json data files' license information to //LICENSE to (hopefully) make the Google linter happy.

v0.9.20 (2024-03-03)

Added json5.__version__ in addition to json5.VERSION.
More packaging modernization (no more setup.{cfg,py} files).
Mark Python3.12 as supported in project.classifiers.
Updated the //run script to use python3.

v0.9.19 (2024-03-03)

Replaced the benchmarking data files that came from chromium.org with three files obtained from other datasets on GitHub. Since this repo is vendored into the chromium/src repo it was occasionally confusing people who thought the data was actually used for non-benchmarking purposes and thus updating it for whatever reason.
No code changes.

v0.9.18 (2024-02-29)

Add typing information to the module. This is kind of a big change, but there should be no functional differences.

(adam)

py-coveralls: add ALTERNATIVES

(adam)

Updated converters/py-fastbencode, devel/py-coveralls

(adam)

py-coveralls: updated to 4.0.0

4.0.0

BREAKING CHANGES

When config.ignore_errors is Falsey, failures to parse Pyhton files or look up file sources will now interrupt and early exit collection, which matches default coverage behaviour. Previously, we had manually muted these errors and/or only errored after collecting multiple failures.

Features

support pyproject.toml packages by default (via coverage[toml]) (962e2242)
add python-coveralls entrypoint (3d8d56e4)

Bug Fixes

fixup default support for Github Actions
fail and report on all errors, not just those derived from CoverallsException (be446287)

Internal

support coverage v7.0 - v7.4 (8fb36645)
support Python 3.11 and 3.12 (8dbce919)
fixup docs for tox v3 and v4 support
drop support for Python3.7 and below
drop support for coverage v4.x (752f52a0)
auto-build and publish docker images
refactor: more closely match coverage public interface

(adam)

py-fastbencode: updated to 0.3.1

0.3.1

Bump actions/setup-python from 2 to 5
Fix wheel build

0.3.0

Use disperse action
Migrate to pyproject.toml
Set dependencies field
Enable ruff, pyupgrade
Fix compatibility with Python 3.12
Add python3.12 to the list of supported Python versions
Don't try to test with python version that is not yet released
Migrate to ruff
Add bencode_utf8/bdecode_utf8 functions
Configure dependabot, drop python 3.7, build wheels from github action
Bump actions/checkout from 2 to 4

(adam)

Updated textproc/py-jsonschema, www/py-flask-cors

(adam)

py-flask-cors: updated to 4.0.1

4.0.1

Fix Read the Docs builds
Update extension.py to clean request.path before logging it
Update CI to include Python 3.12 and flask 3.0.3
Release 4.0.1

(adam)

py-jsonschema: updated to 4.22.0

v4.22.0

* Improve ``best_match`` (and thereby error messages from ``jsonschema.validate``) in cases where there are multiple *sibling* errors from applying ``anyOf`` / ``allOf`` -- i.e. when multiple elements of a JSON array have errors, we now do prefer showing errors from earlier elements rather than simply showing an error for the full array.
* (Micro-)optimize equality checks when comparing for JSON Schema equality by first checking for object identity, as ``==`` would.

(adam)

Updated textproc/py-validate-pyproject, devel/py-tenacity

(adam)

py-tenacity: updated to 8.3.0

8.3.0

New Features

Added a new stop function: stop_before_delay, which will stop execution if the next sleep time would cause overall delay to exceed the specified delay. Useful for use cases where you have some upper bound on retry times that you must not exceed, so returning before that timeout is preferable than returning after that timeout.

Bug Fixes

Preserve defaults and kwdefaults through retry decorator

Other Notes

Add a "test" extra

(adam)

py-validate-pyproject: updated to 0.17

v0.17

Update version regex according to latest packaging version
Remove duplicate # ruff: noqa
Remove invalid top-of-the-file # type: ignore statement
Align tool.setuptools.dynamic.optional-dependencies with `project.optional-dependencies
Bump min Python version to 3.8

(adam)

Updated www/py-werkzeug, www/py-twill

(adam)

py-twill: updated to 3.2.4

3.2.4 (released 2024-04-27)

* Support latest version of httpx.

(adam)

py-werkzeug: updated to 3.0.3

Version 3.0.3

- Only allow ``localhost``, ``.localhost``, ``127.0.0.1``, or the specified
  hostname when running the dev server, to make debugger requests. Additional
  hosts can be added by using the debugger middleware directly. The debugger
  UI makes requests using the full URL rather than only the path.
  :ghsa:`2g68-c3qc-8985`
- Make reloader more robust when ``""`` is in ``sys.path``. :pr:`2823`
- Better TLS cert format with ``adhoc`` dev certs. :pr:`2891`
- Inform Python < 3.12 how to handle ``itms-services`` URIs correctly, rather
  than using an overly-broad workaround in Werkzeug that caused some redirect
  URIs to be passed on without encoding. :issue:`2828`
- Type annotation for ``Rule.endpoint`` and other uses of ``endpoint`` is
  ``Any``. :issue:`2836`

(adam)

Updated www/py-django, www/py-django4

(adam)

py-django4: updated to 4.2.13

Django 4.2.13 fixes a packaging error in 4.2.12.

(adam)

py-django: updated to 5.0.6

Django 5.0.6 fixes a packaging error in 5.0.5.

(adam)

Updated lang/nodejs, lang/nodejs20

(adam)

nodejs20: updated to 20.13.0

Node.js v20.13.0

buffer: improve base64 and base64url performance
crypto: deprecate implicitly shortened GCM tags
events,doc: mark CustomEvent as stable
fs: add stacktrace to fs/promises
report: add --report-exclude-network option
src: add uv_get_available_memory to report and process
stream: support typed arrays
util: support array of formats in util.styleText
v8: implement v8.queryObjects() for memory leak regression testing
watch: mark as stable

(adam)

nodejs: updated to 22.1.0

Node.js v22.1.0

module: implement NODE_COMPILE_CACHE for automatic on-disk code caching
buffer: improve base64 and base64url performance
(SEMVER-MINOR) dns: add order option and support ipv6first
events,doc: mark CustomEvent as stable
(SEMVER-MINOR) lib, url: add a windows option to path parsing
(SEMVER-MINOR) net: add CLI option for autoSelectFamilyAttemptTimeout
(SEMVER-MINOR) src: add string_view overload to snapshot FromBlob
src,permission: throw async errors on async APIs
(SEMVER-MINOR) test_runner: add --test-skip-pattern cli option
(SEMVER-MINOR) url: implement parse method for safer URL parsing

(adam)

Updated security/qca2-qt5*

(adam)

qca2-qt5*: updated to 2.3.8

2.3.8
Bug fixes

(adam)

Updated www/py-django, www/py-django4, www/py-django-sql-explorer, www/py-gunicorn

(adam)

py-gunicorn: updated to 22.0.0

22.0.0 - 2024-04-17
===================

- use `utime` to notify workers liveness
- migrate setup to pyproject.toml
- fix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)
- parsing additional requests is no longer attempted past unsupported request framing
- on HTTP versions < 1.1 support for chunked transfer is refused (only used in exploits)
- requests conflicting configured or passed SCRIPT_NAME now produce a verbose error
- Trailer fields are no longer inspected for headers indicating secure scheme
- support Python 3.12

** Breaking changes **

- minimum version is Python 3.7
- the limitations on valid characters in the HTTP method have been bounded to Internet Standards
- requests specifying unsupported transfer coding (order) are refused by default (rare)
- HTTP methods are no longer casefolded by default (IANA method registry contains none affected)
- HTTP methods containing the number sign (#) are no longer accepted by default (rare)
- HTTP versions < 1.0 or >= 2.0 are no longer accepted by default (rare, only HTTP/1.1 is supported)
- HTTP versions consisting of multiple digits or containing a prefix/suffix are no longer accepted
- HTTP header field names Gunicorn cannot safely map to variables are silently dropped, as in other software
- HTTP headers with empty field name are refused by default (no legitimate use cases, used in exploits)
- requests with both Transfer-Encoding and Content-Length are refused by default (such a message might indicate an attempt to perform request smuggling)
- empty transfer codings are no longer permitted (reportedly seen with really old & broken proxies)

** SECURITY **

- fix CVE-2024-1135

(adam)

py-django-sql-explorer: updated to 4.2

4.2

Tracking should be opt-in and not use the SECRET_KEY
Import error (sql_metadata) with 4.1 version
Accessing the database during app initialization
Regex-injection vulnerability
Improved assistant UI

(adam)

py-django4: updated to 4.2.12

Django 4.2.12 fixes a compatibility issue with Python 3.11.9+ and 3.12.3+.

Fixed a crash in Django 4.2 when validating email max line lengths with content decoded using the surrogateescape error handling scheme

(adam)

py-django: updated to 5.0.5

Django 5.0.5 fixes several bugs in 5.0.4.

Fixed a bug in Django 5.0 that caused a crash of Model.save() when creating an instance of a model with a GeneratedField and providing a primary key
Fixed a compatibility issue encountered in Python 3.11.9+ and 3.12.3+ when validating email max line lengths with content decoded using the surrogateescape error handling scheme
Fixed a bug in Django 5.0 that caused a crash when applying migrations including alterations to GeneratedField such as setting db_index=True on SQLite
Allowed importing aprefetch_related_objects from django.db.models
Fixed a bug in Django 5.0 that caused a migration crash when a GeneratedField was added before any of the referenced fields from its expression definition
Fixed a bug in Django 5.0 that caused a migration crash when altering a GeneratedField referencing a renamed field
Fixed a bug in Django 5.0 where the querysets argument of GenericPrefetch was not required

(adam)

Updated security/py-cryptography, security/py-cryptography_vectors, security/py-truststore, devel/py-frozendict

(adam)

py-frozendict: updated to 2.4.4

frozendict v2.4.4

Added typing for deepfreeze, register and unregister

(adam)

py-truststore: updated to 0.9.1

0.9.1

Fixed an issue for CPython 3.13 where ssl.SSLSocket and ssl.SSLObject certificate chain APIs would return different types.

(adam)

py-cryptography py-cryptography_vectors: updated to 42.0.7

42.0.7 - 2024-05-06

* Restored Windows 7 compatibility for our pre-built wheels. Note that we do
  not test on Windows 7 and wheels for our next release will not support it.
  Microsoft no longer provides support for Windows 7 and users are encouraged
  to upgrade.

(adam)

Updated net/rabbitmq, textproc/py-cssutils

(adam)

py-cssutils: updated to 2.10.2

v2.10.2

Bugfixes

- Remove optional dependency only required on unsupported Python versions.

v2.10.1

Bugfixes

- Replace xunit-style setup with pytest fixtures.

v2.10.0

Features

- getPropertyValue now allows specifying a default value.

(adam)

rabbitmq: updated to 3.13.2

RabbitMQ 3.13.2

Core Broker

Bug Fixes

Several Quorum queues WAL and segment file operations are now more resilient to certain filesystem operation failures.

Classic queues v2 could run into an exception after a node restart.

Peer discovery failed in some IPv6-only environments. This behavior was new in 3.13.x.

rabbitmqctl stop_app is now faster, in particular for nodes that are not under significant load.

x-death counter was not incremented for messages that expired due to message TTL.
This behavior was new in 3.13.x.

Quorum queue replica removal now more resilient in clusters under close to peak load,
a condition that can trigger timeouts for certain operations involving multiple nodes.

rabbitmq-server (the shell script) now propagetes the exit code from the runtime process.

Enhancements

Definition import did not handle a scenario where some virtual hosts did not have
the default queue type metadata key set.

When a virtual host is deleted, several more internal events are emitted: for example,
the events related to removal of user permissions and runtime parameters associated
with the virtual host.

CLI Tools

Bug Fixes

rabbitmqctl list_unresponsive_queues now supports the (queue) type column.

MQTT Plugin

Bug Fixes

MQTT clients that did not configure a will (message) delay interval could run into
an exception due to an unnecessary permission check on the will target.

Messages published by MQTT clients were missing the timestamp_in_ms (the more precise header).
This behavior was new in 3.13.x.

Messages published using QoS 0 were unintentionally marked as durable internally.

Management Plugin

Bug Fixes

GET /api/queues/{vhost}/{name} could return duplicate keys for quorum queues.

Several endpoints responded with a 500 instead of a 404 when target virtual host
was non-existent.

OAuth 2 AuthN/AuthZ Plugin

Enhancements

The OpenID Connect RP-Initiated Logout feature is now only used if the identity provider service
lists it as supported.

Kubernetes Peer Discovery Plugin

Enhancements

More TLS client settings now can be configured:

cluster_formation.k8s.tls.cacertfile = /path/to/kubernetes/api/ca/certificate.pem
cluster_formation.k8s.tls.certfile = /path/to/client/tls/certificate.pem
cluster_formation.k8s.tls.keyfile = /path/to/client/tls/private_key.pem

cluster_formation.k8s.tls.verify = verify_peer
cluster_formation.k8s.tls.fail_if_no_peer_cert = true

JMS Topic Exchange Plugin

Enhancements

The plugin now stores its state on multiple nodes.

Shovel Plugin

Bug Fixes

Shovel metrics and internal state are now deleted when their shovel is, regardless of what node
it was hosted on and what node was targeted by the deleting (CLI or HTTP API) operation.

rabbitmqctl list_shovels CLI command now will list shovels running on all cluster nodes
and not just the target node.

Dependency Changes

ra was updated to 2.10.0

(adam)

Updated textproc/freexl, geography/libspatialite

(adam)

qgis: fix build with recent changes to libspatialite/buildlink3.mk

(adam)

libspatialite: updated to 5.1.0

5.1.0
Unknown changes

(adam)

freexl: updated to 2.0.0

The following document formats are supported starting since version 2.0:

MS Excel legacy BIFF binary format (.xls)
MS Excel new XML-based format (.xlsx)
Free/OpenOffice Calc XML-based format (.ods)

(adam)

Updated www/py-django-allauth, www/py-django-import-export

(adam)

py-django-import-export: updated to 4.0.0

4.0.0 (2024-04-27)

Version 4 introduces breaking changes.  Please refer to :doc:`release notes<release_notes>`.

Deprecations

- Removed v3 deprecations
- Deprecation of ``ExportViewFormMixin``

Enhancements

- Refactor ordering logic

  - Refactor 'diff' logic to avoid calling dehydrate methods

  - Refactor declarations of ``fields``, ``import_order`` and ``export_order`` to fix ordering issues

- refactor to export HTML / formulae escaping updates
- removed unused variable ``Result.new_record``
- Refactor ``resources.py`` to standardise method args
- added specific check for missing ``import_id_fields``
- Enable optional tablib dependencies
- added :meth:`~import_export.widgets.ForeignKeyWidget.get_lookup_kwargs` to make it easier to override object lookup
- Standardised interface of :meth:`~import_export.widgets.Widget.render`
- Fix declaring existing model field(s) in ModelResource altering export order
- Added :meth:`~import_export.resources.Resource.do_instance_save` helper method
- Enable defining Resource model as a string
- Support multiple Resources for export
- Support export from model change form
- Import form defaults to read-only field if only one format defined
- Updated Admin UI to track deleted and skipped Imports
- Added customizable ``MediaStorage``
- Added customization of Admin UI import error messages
- Improve output of error messages
- Added feature: selectable fields for admin export view
- Added specific check for declared :attr:`~import_export.options.ResourceOptions.import_id_fields` not in dataset
- added try / catch to :meth:`~import_export.results.RowResult.add_instance_info` to handle unserializable instances
- Add form error if source file contains invalid header
- Remove unneeded format method overrides
- Support dynamic selection of Resource class based on request property

Fixes

- dynamic widget parameters for CharField fixes 'NOT NULL constraint' error in xlsx
- fix cooperation with adminsortable2
- Removed unused method ``utils.original()``
- Fix deprecated ``log_action`` method
- fix multiple inheritance not setting options
- Fix issue where declared Resource fields not defined in ``fields`` are still imported
- Fixed handling of :attr:`~import_export.exceptions.FieldError` during Admin import
- Fixed handling of django ``FieldError`` during Admin export
- Add check for type to :meth:`~import_export.widgets.Widget.render`
- fix: YAML export does not work with SafeString
- fix: :meth:`~import_export.widgets.SimpleArrayWidget.render` crashes if value is ``None``
- fix form not being passed to ``get_import_resource_kwargs()``
- Fix: Missing default widget for ``PositiveBigIntegerField``

Development

- Refactor build process
- Refactored ``test_admin_integration()``: split into smaller test modules
- Refactored ``test_resources()``: split into smaller test modules
- Updated ``docker-compose`` command with latest version syntax in ``runtests.sh``
- Refactored :mod:`~import_export.resources` into separate modules for ``declarative`` and ``options``
- Refactored tests to remove dependencies between tests
- Handle python3.12 datetime deprecations
- Refactor ``test_resources.py`` into smaller modules
- Updated test coverage to include error row when ``collect_failed_rows`` is ``True``
- Removed support for django 3.2
- Added test for widgets generating by model fields

Documentation

- Clarified ``skip_diff`` documentation
- Improved documentation relating to validation on import
- Added FAQ entry for exporting large datasets
- Relocated admin integration section from advanced_usage.rst into new file
- Updated Admin integration documentation to clarify how to save custom form values

Performance

- Fix slow export with ForeignKey id

i18n

- updated translations for release-4

(adam)

py-django-allauth: updated to 0.62.1

0.62.1 (2024-04-24)
*******************

- The ``tests`` package was accidentally packaged, fixed.

0.62.0 (2024-04-22)
*******************

Note worthy changes
-------------------

- Added a dummy provider, useful for testing purposes: ``allauth.socialaccount.providers.dummy``.

- Added a new provider, Atlassian

- Next URL handling been streamlined to be consistently applied. Previously, the
  password reset, change and email confirmation views only supported the
  ``success_url`` class-level property.

- Added support for logging in by email using a special code, also known as
  "Magic Code Login"

- Email addresses are now always stored as lower case. For rationale, see the
  note about email case sensitivity in the documentation.

- You can now alter the ``state`` parameter that is typically passed to the
  provider by overriding the new ``generate_state_param()`` adapter method.

- The URLs were not "hackable". For example, while ``/accounts/login/`` is valid
  ``/accounts/`` was not. Similarly, ``/accounts/social/connections/`` was
  valid, but ``/accounts/social/`` resulted in a 404. This has been
  addressed. Now, ``/accounts/`` redirects to the login or email management
  page, depending on whether or not the user is authenticated.  All
  ``/accounts/social/*`` URLs are now below ``/accounts/3rdparty/*``, where
  ``/accounts/social/connections`` is moved to the top-level
  ``/accounts/3rdparty/``.  The old endpoints still work as redirects are in
  place.

- Added a new setting, ``SOCIALACCOUNT_ONLY``, which when set to ``True``,
  disables all functionality with respect to local accounts.

- The OAuth2 handshake was not working properly in case of
  ``SESSION_COOKIE_SAMESITE = "Strict"``, fixed.

- Facebook: the default Graph API version is now v19.0.

(adam)

Updated devel/py-dogpile-cache, devel/py-frozendict, textproc/py-jinja2, devel/py-babel

(adam)

py-babel: updated to 2.15.0

Version 2.15.0

Python version support

* Babel 2.15.0 will require Python 3.8 or newer.

Features

* CLDR: Upgrade to CLDR 44
* Dates: Support for the "fall back to short format" logic for time delta formatting
* Message: More versatile .po IO functions
* Numbers: Improved support for alternate spaces when parsing numbers

Infrastructure

* Upgrade GitHub Actions
* The Unicode license is now included in `locale-data` and in the documentation

(adam)

py-jinja2: updated to 3.1.4

Version 3.1.4

The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

(adam)

py-frozendict: updated to 2.4.3

frozendict v2.4.3

Now enums are not modified by deepfreeze
Added typing for deepfreeze, register and unregister

(adam)

py-dogpile-cache: updated to 1.3.3

1.3.3

usecase

[usecase] [memcached]
Added support for an additional pymemcached client parameter PyMemcacheBackend.memcached_expire_time. Pull request courtesy Takashi Kajinami.

bug

[bug] [typing]
Fixed the return type for CacheRegion.get(), which was inadvertently hardcoded to use CacheReturnType that only resolved to CachedValue or NoValue. Fixed to return ValuePayload which resolves to Any, as well as a new literal indicating an enum constant for api.NO_VALUE. The api.NO_VALUE constant remains available as the single element of this enum.

(adam)

py-test-xdist: use correct path to py-setuptools

(adam)

Updated graphics/pcl, geography/pdal-lib

(adam)

pdal-lib: updated to 2.7.1

2.7.1

Bug Fixes

Add more logging to readers.stac
Don't break strict aliasing rules
Don't do readers.las ready() processing if there are no points
readers.arrow and writers.arrow do not require GDAL CMake dependency
Add writers.tiledb duplicate points config
use CONFIG CMake find_package for filters.arrow and readers.draco/writers.draco
Don't attempt tree isolation for isolated point in filters.litree

2.7.0

New Stages

Add filters.sparsesurface sparse surface filter
Add filters.h3 to add H3 index values to points
Add filters.griddecimation grid decimation filter

Enhancements

implement filters.hexbin.density
add ogr block to filters.geomdistance
Threaded readers.las
Add math unary functions to AssignmentStatement in filters.expression and filters.assign
filters.assign can now create dimensions
Add readers.las.ignore_missing_vlrs
Add extra dim support to writers.copc
Added threading functionality to filters.overlay
filters.expression multiple expressions evaluation
Add random filename support to Writers
update embedded Eigen to 3.4.0

(adam)

pcl: updated to 1.14.1

PCL 1.14.1

One big change in this release is that the dependency boost-filesystem is now optional if you compile PCL and your own project that uses PCL as C++17 (e.g. by adding -DCMAKE_CXX_STANDARD=17 -DCMAKE_CUDA_STANDARD=17 to the cmake call). The default C++ standard for PCL is currently still C++14, where boost-filesystem is a hard requirement. Some modules will not be built if boost-filesystem is not available (currently recognition, outofcore, some apps). Big thanks to @cybaol for implementing this, and of course also thanks to everyone else who contributed to this release!

PCL 1.14.0

This release brings for example:

a faster and more robust GeneralizedIterativeClosestPoint (GICP) registration
better compatibility with the latest compilers and 3rd party libraries (Eigen, Boost, etc.)
and many more bug fixes and performance enhancements

(adam)

Updated devel/py-zconfig, graphics/py-tifffile, misc/py-tqdm

(adam)

py-tqdm: updated to 4.66.4

v4.66.4
rich: fix completion
minor framework updates & code tidy

v4.66.3
cli: eval safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)

(adam)

py-tifffile: updated to 2024.5.3

2024.5.3

- Pass 5080 tests.
- Fix reading incompletely written LSM.
- Fix reading Philips DP with extra rows of tiles

(adam)

py-zconfig: updated to 4.1

4.1 (2024-05-03)

- Add support for Python 3.12.

(adam)

Updated devel/py-coverage, converters/py-emoji, devel/py-queuelib, www/py-cheroot

(adam)

py-cheroot: updated to 10.0.1

v10.0.1

Bug fixes

Fixed a flaw where internally unhandled exceptions could crash the worker threads and eventually starve the server of its processing resources. It is no longer and issue and the unhandled errors are now logged and suppressed except for a few expected exceptions that are used for normal interruption requests.

Fixed compatibility with Python 3.8 in the built-in TLS adapter that relies on ssl.
Modern Python versions communicate specialized exceptions ssl.SSLEOFError and ssl.SSLZeroReturnError where the older versions errored out in a very generic way.

(adam)

py-queuelib: updated to 1.7.0

Version 1.7.0

No functionality changes with respect to 1.6.2

* Added support for Python 3.10-3.12 and PyPy 3.10
* Removed support for Python 3.5-3.7
* Improved type annotations and added the ``py.typed`` file
* Added ``pre-commit`` configuration
* Improved linting and CI configuration

(adam)

py-emoji: updated to 2.11.1

v2.11.1 (2024-04-21)

* Add missing stubs for purely_emoji

(adam)

py-coverage: updated to 7.5.1

Version 7.5.1 — 2024-05-04
--------------------------

- Fix: a pragma comment on the continuation lines of a multi-line statement
  now excludes the statement and its body, the same as if the pragma is
  on the first line. This closes `issue 754`_. The fix was contributed by
  `Daniel Diniz <pull 1773_>`_.

- Fix: very complex source files like `this one <resolvent_lookup_>`_ could
  cause a maximum recursion error when creating an HTML report.  This is now
  fixed, closing `issue 1774`_.

- HTML report improvements:

  - Support files (JavaScript and CSS) referenced by the HTML report now have
    hashes added to their names to ensure updated files are used instead of
    stale cached copies.

  - Missing branch coverage explanations that said "the condition was never
    false" now read "the condition was always true" because it's easier to
    understand.

  - Column sort order is remembered better as you move between the index pages,
    fixing `issue 1766`_.  Thanks, `Daniel Diniz <pull 1768_>`_.

(adam)

Updated security/py-cryptography_vectors, textproc/py-referencing

(adam)

py-referencing: updated to 0.35.1

v0.35.1

* Make ``Resource.pointer`` also properly handle empty pointers (which refer to the root document).
  This fix likely only affects you if you were using that function directly, as ``Resource.lookup`` already handles empty fragments.

(adam)

py-cryptography_vectors: updated to 42.0.6

Sync with py-cryptography

(adam)

qgis: revert last changes

(adam)

Updated devel/SDL2, net/py-zmq, www/py-django-cms, finance/py-eth-typing

(adam)

py-eth-typing: updated to 4.2.2

eth-typing v4.2.2 (2024-04-29)

Bugfixes

Fixes types that were incorrectly defined for ABI utils.

Features

Update network type mappings.

(adam)

py-django-cms: updated to 4.1.1

4.1.1

docs: Incomplete command to create a virtual env in docs
chore: Merge back release/4.1.x into develop-4
fix: permission handling when deleting page
docs: Update how-to use placeholder in custom models
fix: change_form template uses the wrong id
docs: Incorrect commands to migrate database in docs
docs: Replace the VCS pip installs with release names in docs
build(deps): bump actions/setup-python from 2 to 5
build(deps): bump jinja2 from 3.1.2 to 3.1.3 in /docs
build(deps): bump github/codeql-action from 2 to 3
build(deps): bump actions/checkout from 3 to 4
build(deps): bump amannn/action-semantic-pull-request from 4 to 5
build(deps): bump actions/github-script from 5 to 7
fix: make messages readable in dark mode, let user close long messages
build(deps): bump actions/setup-node from 3 to 4
fix: editing of apphooked CMS pages without apphook landing page
chore: Update github issue and PR templates
feat: redirect to PageContent's changelist when the root page is not public
build(deps): bump actions/cache from 3 to 4
build(deps): bump django from 3.2.16 to 3.2.23 in /docs
fix: Redirect user to edit url after a successful page creation
fix: return _handle_no_page when page is None
chore: Update PR lint action
ci: Adjust CI triggers to mostly PR runs
ci: Added pre-commit including ruff linting & formatting
docs: Update dev policies
fix: Incorrect DjangoCMS-Versioning links
feat: Added new contributor message based on django's own version
feat: Update new_contributor_pr.yml
ci: Added ruff format rules
fix: Port forward - faster DOM update after editing
feat: add versioned deprecation warnings
ci: Fix discord notification action version
build(deps): bump django from 3.2.23 to 3.2.24 in /docs
build(deps-dev): bump ip from 1.1.5 to 1.1.9
ci: Fix discord notification action inputs
docs: Update to reflect new, simplified contributing process
docs: remove git switch for quickstart
fix: ./manage.py cms check showed wrong error message
fix: render content in place redirect_on_fallback is False
fix: Delete orphaned plugin management command for django CMS 4
fix: Efficient build menu for versioned and unversioned pages
fix: 7828, try using uv as pip replacement
fix: Add RTL support to pagetree
fix: Render structure view in toolbar object's language
fix: views.details revealed existence of unpublished language
fix: Documentation typo
fix: Redirects to newly created object
build(deps): bump black from 22.12.0 to 24.3.0 in /docs
build(deps): bump django from 3.2.24 to 3.2.25 in /docs
build(deps-dev): bump follow-redirects from 1.15.2 to 1.15.6
build(deps): bump axios and browser-sync
feat: Create FUNDING.yml
build(deps): bump urllib3 from 1.26.12 to 1.26.18 in /docs
feat: Add RTL support to toolbar
build(deps): bump sqlparse from 0.4.3 to 0.5.0 in /docs
build(deps): bump idna from 3.4 to 3.7 in /docs
docs: Add documentation for some cms.utils.plugins functions
docs: Replace Slack with Discord
fix: some Django antipatterns
feat: Add RTL support to modal header and related components
fix: CMS widgets need not load if they are read only
chore: merge develop-4 into release/4.1.x
ci: Hopefully a fix for discord message
feat: send post request if toolbar button has cms-form-post-method class
fix: Undo RTL bug and moved the structure board back to the right for LTR
fix: Placeholders must not disallow deletion of their source objects
chore: Merge back 4.1.1 build

(adam)

py-zmq: updated to 26.0.3

26.0.3

- Add Cython as build dependency for non-pypy, non-cpython implementations (fixes install on pyston)

(adam)

SDL2: updated to 2.30.3

2.30.3

This is a stable bugfix release, with the following changes:

Fixed Win+V handling (pasting from clipboard history) on Windows
Fixed Caps Lock and Backspace key mapping for the Colemak keyboard layout on Windows
Fixed mouse warp on XWayland
Reduced startup time when scanning for game controllers on Linux
Fixed building with C89 compilers
Fixed building with the GDK SDK on Windows

(adam)

Updated x11/qwt6-qt5, sysutils/ansible-lint

(adam)

ansible-lint: updated to 24.2.3

v24.2.3

Bugfixes

Make ignore_unreachable accept jinja templates
Make fix more resilient to syntax-check errors
Don't inject CWD parent into PATH
Do not assume working_directory is github.workspace
Fix yaml rules being included regardless of tags
Allow jinja2 expression for choices field
Update order schema to work with jinja template
Fix KeyError on key-order rule with blocks
Avoid running get_app more than once
Avoid NameError if there is no notify keyword to update
Add AstraLinux platform identification

(adam)

qgis: fix build on Darwin, update HOMEPAGE, switch to cmake/build.mk

(adam)

qwt6-qt5: updated to 6.2.0

Qwt 6.2.0
=========

0) Requirement for Qt >= 4.8

1) Class Includes added

Include files, that match the class names are available now. So
it is possible to write "#include <QwtPlot>" now instead of "include qwt_plot.h"

2) BSD License for examples

Where possible the code of the examples is available under the 3-clause BSD License

3) MathML text renderer removed

The code can be found at https://github.com/uwerat/qwt-mml-dev now and is intended
to become a standalone lib. Anyone who is interested to workon it, please let me know.

4) Spline interpolation

The broken implementation of QwtSpline has been replaced by a bunch of classes
offering all sort of functionalities around splines.

The most popular spline approximation/interpolation algos have been implemented:

        - Basis
        - Cardinal
        - ParabolicBlending
        - Akima
        - The one used in MS Excel
        - Cubic

An implementation of the de Casteljau窶冱 algorithm has been added

        - QwtBezier

5) New plot items

        - QwtPlotVectorField
      A new type of plot item for vector fields

    - QwtPlotGraphicItem
      An item displaying a QwtGraphic image ( f.e used by QwtPlotSvgItem )

6) Plot Canvas

        - QwtAbstractPlotCanvas introduced
        - QwtPlotOpenGLCanvas added to support QOpenGLWidget

7) QwtPlotCurve

        - QwtPlotCurve::FilterPointsAggressive mode added - a fast weeding algo
      for huge datasets with increasing x or y values

        - QwtPlotCurve::closestPoint is virtual now
        - QwtPlotCurve: polygon clipping includes the painter clip
        - QwtPlotCurve::setLegendAttributes added
        - QwtValuePointData added for curves, where the x values are the index
        - a couple of new QwtPlotCurve::setSamples alternatives

8) QwtPlotSpectrogram

        - QwtPlotSpectrogram::setColorTableSize added
        - QwtRasterData::setInterval/interval changed into a pure virtual getter
        - QwtMatrixRasterData::BicubicInterpolation added
        - QwtMatrixRasterData::interval: API cleanup
        - QwtHueColorMap, QwtSaturationValueColorMap added

9) QwtPlotRenderer

        - using QPdfWriter where possible

10)
        - LOG_MIN/LOG_MAX removed, use QwtTransform::LogMin/LogMax instead ( values differ ! )
        - qwt_compat.h removed
        - qwtFuzzyGreaterOrEqual/qwtFuzzyLessOrEqual removed
        - qwtGetMin/qwtGetMax removed

11)
    - Not aligning unknown paint engines ( f.e EMF )
    - QwtNullPaintDevice is using a different type than QPaintEngine::User now

12) Many other changes ...

(adam)

Downgraded devel/py-pyproject_hooks; Updated net/py-minio

(adam)

py-minio: updated to 7.2.7

7.2.7
remove EOLed 3.7
fix range calculation in compose_object API

(adam)

py-pyproject_hooks: revert to 1.0.0

(adam)

Updated devel/py-filelock, www/py-flask-caching

(adam)

py-flask-caching: updated to 2.2.0

Version 2.2.0

Drop python 3.7 support
python 3.11 officially supported
Fix issue causing args_to_ignore to not work with flask_caching.Cache.memoize decorator when keyword arguments were used in the decorated function call

(adam)

py-filelock: updated to 3.14.0

3.14.0
feat: blocking parameter on lock constructor with tests and docs

(adam)

Updated devel/spdlog, textproc/py-regex

(adam)

py-regex: updated to 2024.4.28

2024.4.28
Unknown changes

(adam)

spdlog: updated to 1.14.1

Version 1.14.1

Fixed compatibility issue between c++17 and c++11
Fixed creating folders under windows when full path with drive letter is given
Added mdc sample. Note: mdc is not supported in async loggers.

(adam)

Updated security/py-truststore, www/py-nbconvert

(adam)

py-nbconvert: updated to 7.16.4

7.16.4

Bugs fixed

- rst exporter: Re-enable coalescing streams

Maintenance and upkeep improvements

- Revert "Set all min deps"
- Set all min deps
- chore: update pre-commit hooks

(adam)

py-truststore: updated to 0.9.0

0.9.0

Added support for Python 3.13.
Fixed loading additional certificates on macOS.
Changed error message for Windows when peer offers no certificates and verification is enabled. Previously was IndexError, now is SSLCertVerificationError.

(adam)

Updated security/py-keyrings.alt, textproc/py-tinycss2

(adam)

py-tinycss2: updated to 1.3.0

Version 1.3.0

* Support CSS nesting
* Deprecate parse_declaration_list, use parse_blocks_contents instead

(adam)

py-keyrings.alt: updated to 5.0.1

v5.0.1

Bugfixes

- Fix encoding warnings.

(adam)

Updated devel/py-dulwich, net/py-xandikos

(adam)

py-xandikos: updated to 0.2.11

0.2.11  2024-03-29

* Various build cleanups/fixes. (Jelmer Vernoo蝶)
* Add multi-arch docker builds. (Maya)
* do not listen on default address if systemd sockets (schnusch)
* Use correct port in kubernetes to not conflict with the metrics port

0.2.10  2023-09-04

* Add support for systemd socket activation.
* Add basic documentation.
* Use entry points to install xandikos script.
* ``sync-collection``: handle invalid tokens.

(adam)

py-dulwich: updated to 0.22.1

0.22.1  2024-04-23
* Handle alternate case for worktreeconfig setting
* Ship rust files.

0.22.0  2024-04-22
* Stop installing docs/ as part of package code.
* Move tests to root.
* Convert the optional C implementations to Rust.

(adam)

Updated textproc/py-myst-parser, lang/py-mypy

(adam)

py-mypy: updated to 1.10.0

1.10.0
Support TypeIs (PEP 742)
Support TypeVar Defaults (PEP 696)
Support TypeAliasType (PEP 695)
Detect Additional Unsafe Uses of super()
Stubgen Improvements
Mypyc Improvements
Documentation Improvements
Error Reporting Improvements

(adam)

py-myst-parser: updated to 3.0.1

3.0.1 - 2024-04-28

�汾� Bug Fixes

- Account for the final directive option having an empty value,
- Re-allow indented directive option blocks,

3.0.0 - 2024-04-23

Upgraded dependencies

- 筮��ｸ� Add support for Python 3.12
- 筮��ｸ� Update docutils requirement from >=0.16,<0.21 to >=0.18,<0.22

New features

- 笨ｨ Allow for use of the `line-block` directive
- 笨ｨ Emits sphinx include-read event

Improvements

- �汨� Nested parse attribution in `attr_block`
- �汨� Directive option parsing
- �汨� Improve directive parsing warnings
- �汨� Allow for opening external links in new tabs

Internal

- �沐ｧ Replace black, isort, pyupgrade with ruff formatter
- �沐ｧ remove redundant mypy config
- �沐ｧ Add additional Ruff lints (and fix issues)
- �沐ｧ mypy- disallow 'any generics'
- �沐ｧ Fix docutils deprecation in option parsing

Documentation

- �沒� Fix a broken link in configuration.md
- �沒� Add linkify dependency to contributing docs.
- �沒� Fix the double `used` in docs/syntax/math.md
- �沒� Also add linkify to pip install command in README
- �沒� Fix the code section title in live preview
- �沒� Fix admonition example
- �沒� Fix url for jupyter book gallery
- �沒� Update theme version
- �沒� Fix typo
- �沒� Fix architecture typo

(adam)

Updated lang/vala, multimedia/mkvtoolnix

(adam)

mkvtoolnix: updated to 84.0

Version 84.0 "Sleeper" 2024-04-28

New features and enhancements

* mkvmerge: added a new file-specific option `--regenerate-track-uids`. When
  used for Matroska files, `mkvmerge` will generate new random track UIDs
  instead of keeping existing track UIDs. This is done automatically when a
  Matroska file was created by MakeMKV.
* mkvmerge: MP4 reader: added support for FLAC in MP4.
* MKVToolNix GUI: multiplexer: the "Attachments" tab's title will now include
  the total number of attachments (both from source files & to newly
  attach).
* translations: added a Norwegian Bokm奪l translation of the programs by Roger
  Knutsen (see `AUTHORS`).

Bug fixes

* configure: when called with `--disable-gui` the build system still ran the
  check for the GUI libraries & failed if they weren't found. This check is
  now skipped when the option is given.
* mkvmerge: several color-related track header properties were parsed into &
  stored as a wrong integer type internally. This could result in wrong values
  being copied when very large values were present in source files, or in
  error messages when very large values were used as command-line parameters.
* MKVToolNix GUI: multiplexer: the keyboard shortcuts from the "modify
  selected tracks" sub-menu didn't work right after opening a file. They only
  started working after opening the "multiplexer" menu.

Build system changes

* Release v8.0.0 of the `fmt` library is now required. If not found, the
  bundled copy will be used.
* A C++20 compatible compiler is now required for several but certainly not
  all C++20 features. g++ v10 & clang++ v10 should suffice.

(adam)