doc: Updated security/osv-scanner to 1.7.2

(khorben)

osv-scanner: update to 1.7.2

This package hasn't been updated in a long time. The following list of
changes was therefore curated to focus on features or recent bugfixes.

Changes in 1.7.2:

* Bug #899 Guided Remediation: Parse paths in npmrc auth fields correctly.
* Bug #908 Fix rust call analysis by explicitly disabling stripping of debug info.
* Bug #914 Fix regression for go call analysis introduced in 1.7.0.

Changes in 1.7.0:

* Feature #352 Guided Remediation
  Introducing our new experimental guided remediation feature on osv-scanner fix subcommand.
* Feature #805 Include CVSS MaxSevirity in JSON output.

Changes in 1.6.2:

* Feature #694 OSV-Scanner now has subcommands!
  The base command has been moved to scan (currently the only commands is scan). By default if you do not pass in a command, scan will be used, so CLI remains backwards compatible.
* Feature #776 Add pdm lockfile support.

Changes in 1.6.0 and 1.6.1:

* Feature #694 Add support for NuGet lock files version 2.
* Feature #655 Scan and report dependency groups (e.g. "dev dependencies") for vulnerabilities.
* Feature #702 Created an option to skip/disable upload to code scanning.
* Feature #732 Add option to not fail on vulnerability being found for GitHub Actions.
* Feature #729 Verify the spdx licenses passed in to the license allowlist.

Changes in 1.5.0:

* Feature #501 Add experimental license scanning support!
* Feature #642 Support scanning renv files for the R language ecosystem.
* Feature #513 Stabilize call analysis for Go
* Feature #676 Simplify return codes:
  Return 0 if there are no findings or errors.
  Return 1 if there are any findings (license violations or vulnerabilities).
  Return 128 if no packages are found.
* Feature #651 CVSS v4.0 support.
* Feature #60 Pre-commit hook support.

Changes in 1.4.3:

* Feature #621 Add support for scanning vendored C/C++ files.
* Feature #581 Scan submodules commit hashes.

Changes in 1.4.1:

* Feature #534 New SARIF format that separates out individual vulnerabilities
* Experimental Feature #57 Experimental Github Action

Changes in 1.4.0:

* Feature #183 Add (experimental) offline mode
* Feature #452 Add (experimental) rust call analysis, detect whether vulnerable functions are actually called in your Rust project
* Feature #505 OSV-Scanner support custom lockfile formats

Changes in 1.3.5:

* Feature #409 Adds an additional column to the table output which shows the severity if available.

Changes in 1.3.0:

* Feature #198 GoVulnCheck integration! Try it out when scanning go code by adding the --experimental-call-analysis flag.
* Feature #260 Support -r flag in requirements.txt files.
* Feature #300 Make IgnoredVulns also ignore aliases.
* Feature #304 OSV-Scanner now runs faster when there's multiple vulnerabilities.

Changes in 1.2.0:

* Feature #168 Support for scanning debian package status file, usually located in /var/lib/dpkg/status. Thanks @cmaritan
* Feature #94 Specify what parser should be used in --lockfile.
* Feature #158 Specify output format to use with the --format flag.
* Feature #165 Respect .gitignore files by default when scanning.
* Feature #156 Support markdown table output format. Thanks @deftdawg
* Feature #59 Support conan.lock lockfiles and ecosystem Thanks @SSE4
* Updated documentation! Check it out here: https://google.github.io/osv-scanner/

Changes in 1.1.0:

* Feature #98: Support for NuGet ecosystem.
* Feature #71: Now supports Pipfile.lock scanning.
* Bug #85: Even better support for narrow terminals by shortening osv.dev URLs.
* Bug #105: Fix rare cases of too many open file handles.
* Bug #131: Fix table highlighting overflow.
* Bug #101: Now supports 32 bit systems.

Tested on NetBSD/amd64.

(khorben)

doc: add XSS in phpldapadmin

(khorben)

doc: Updated databases/phpldapadmin to 1.2.6.7

(khorben)

phpldapadmin: update to version 1.2.6.7

This fixes an XSS vulnerability when importing using a file upload without a
valid LDIF.

Tested on NetBSD/amd64, Darwin/amd64.

(khorben)

jitsi-srtp: default to OpenSSL version 3 (or higher)

Bumps PKGREVISION.

Build-tested on NetBSD/amd64.

(khorben)

gtk-vnc: reflect the dependency on pulseaudio when enabled

This should help build packages depending on net/gtk-vnc, when it was
built with the "pulseaudio" option enabled.

<wiz> looks ok to me

Tested on NetBSD/amd64 with net/deforaos-vncviewer.

(khorben)

yquake2: fix the build on macOS

This lets the PLIST use the right filename extension for shared objects.

Tested on NetBSD/amd64 and macOS/amd64.

(khorben)

doc: Updated www/gitea to 1.18.5

(khorben)

gitea: update to 1.18.5

There have been a few security-related fixes between 1.18.0 and this
version. (XXX pull-up to pkgsrc-2023Q2)

This also includes a trivial fix in a comment for the default app.ini
configuration file.

Changes in 1.18.5:

* ENHANCEMENTS
  * Hide 2FA status from other members in organization members list
* BUGFIXES
  * Add force_merge to merge request and fix checking mergable
  * Use --message=%s for git commit message
  * Render access log template as text instead of HTML
  * Fix the Manually Merged form
  * Use beforeCommit instead of baseCommit
  * Display attachments of review comment when comment content is blank
  * Return empty url for submodule tree entries

Changes in 1.18.4:

* SECURITY
  * Provide the ability to set password hash algorithm parameters
  * Add command to bulk set must-change-password
* ENHANCEMENTS
  * Use import of OCI structs
  * Fix color of tertiary button on dark theme
  * Link issue and pull requests status change in UI notifications
    directly to their event in the timelined view.
* BUGFIXES
  * Notify on container image create
  * Fix blame view missing lines
  * Fix incorrect role labels for migrated issues and comments
  * Fix PR file tree folders no longer collapsing
  * Escape filename when assemble URL
  * Fix isAllowed of escapeStreamer
  * Load issue before accessing index in merge message
  * Improve trace logging for pulls and processes
  * Fix restore repo bug, clarify the problem of ForeignIndex
  * Add default user visibility to cli command "admin user create"
  * Escape path for the file list
  * Fix bugs with WebAuthn preventing sign in and registration.
  * Add missing close bracket in imagediff
  * Move code comments to a standalone file and fix the bug when adding
    a reply to an outdated review appears to not post(#20821)
  * Fix line spacing for plaintext previews
  * Fix wrong hint when deleting a branch successfully from pull request
    UI
  * Fix README TOC links
  * Fix missing message in git hook when pull requests disabled on fork
  * Improve checkIfPRContentChanged
  * Prevent duplicate labels when importing more than 99
  * Don't return duplicated users who can create org repo
* BUILD
  * Upgrade golangcilint to v1.51.0
* MISC
  * Use proxy for pull mirror
  * Use --index-url in PyPi description

Changes in 1.18.3:

* SECURITY
  * Prevent multiple To recipients
* BUGFIXES
  * Truncate commit summary on repo files table.
  * Mute all links in issue timeline

Changes in 1.18.2:

* BUGFIXES
  * When updating by rebase we need to set the environment for head repo
  * Fix issue not auto-closing when it includes a reference to a branch
  * Fix invalid issue branch reference if not specified in template
  * Fix 500 error viewing pull request when fork has pull requests
    disabled
  * Reliable selection of admin user
  * Set disable_gravatar/enable_federated_avatar when offline mode is
    true
* BUILD
  * cgo cross-compile for freebsd

Changes in 1.18.1:

* API
  * Add sync_on_commit option for push mirrors api
* BUGFIXES
  * Update github.com/zeripath/zapx/v15
  * Fix pull request API field closed_at always being null
  * Fix container blob mount
  * Fix error when calculating repository size
  * Fix Operator does not exist bug on explore page with
    ONLY_SHOW_RELEVANT_REPOS
  * Fix environments for KaTeX and error reporting
  * Remove the netgo tag for Windows build
  * Fix migration from GitBucket
  * Prevent panic on looking at api "git" endpoints for empty repos
  * Fix PR status layout on mobile
  * Fix wechatwork webhook sends empty content in PR review
  * Remove duplicate "Actions" label in mobile view
  * Fix leaving organization bug on user settings -> orgs
  * Fixed colour transparency regex matching in project board sorting
  * Correctly handle select on multiple channels in Queues
  * Prepend refs/heads/ to issue template refs
  * Restore function to "Show more" buttons
  * Continue GCing other repos on error in one repo
  * Allow HOST has no port
  * Fix omit avatar_url in discord payload when empty
  * Don't display stop watch top bar icon when disabled and hidden when
    click other place
  * Don't lookup mail server when using sendmail
  * Fix gravatar disable bug
  * Fix update settings table on install
  * Fix sitemap
  * Fix code search title translation
  * Fix due date rendering the wrong date in issue
  * Fix get system setting bug when enabled redis cache
  * Fix bug of DisableGravatar default value
  * Fix key signature error page
* TESTING
  * Remove test session cache to reduce possible concurrent problem
* MISC
  * Restore previous official review when an official review is deleted
  * Log STDERR of external renderer when it fails

(khorben)

doc: Updated devel/py-sentry-sdk to 1.29.2

(khorben)

py-sentry-sdk: update to 1.29.2

Changes since 1.1.0:

## 1.29.2

- Revert GraphQL integration (#2287) by @sentrivana

## 1.29.1

- Fix GraphQL integration swallowing responses (#2286) by @sentrivana
- Fix typo (#2283) by @sentrivana

## 1.29.0

- Capture GraphQL client errors (#2243) by @sentrivana
  - The SDK will now create dedicated errors whenever an HTTP client makes a request to a `/graphql` endpoint and the response contains an error. You can opt out of this by providing `capture_graphql_errors=False` to the HTTP client integration.
- Read MAX_VALUE_LENGTH from client options (#2121) (#2171) by @puittenbroek
- Rename `request_bodies` to `max_request_body_size` (#2247) by @mgaligniana
- Always sample checkin regardless of `sample_rate` (#2279) by @szokeasaurusrex
- Add information to short-interval cron error message (#2246) by @lobsterkatie
- Add DB connection attributes in spans (#2274) by @antonpirker
- Add `db.system` to remaining Redis spans (#2271) by @AbhiPrasad
- Clarified the procedure for running tests (#2276) by @szokeasaurusrex
- Fix Chalice tests (#2278) by @sentrivana
- Bump Black from 23.3.0 to 23.7.0 (#2256) by @dependabot
- Remove py3.4 from tox.ini (#2248) by @sentrivana

## 1.28.1

- Redis: Add support for redis.asyncio (#1933) by @Zhenay
- Make sure each task that is started by Celery Beat has its own trace. (#2249) by @antonpirker
- Add Sampling Decision to Trace Envelope Header (#2239) by @antonpirker
- Do not add trace headers (`sentry-trace` and `baggage`) to HTTP requests to Sentry (#2240) by @antonpirker
- Prevent adding `sentry-trace` header multiple times (#2235) by @antonpirker
- Skip distributions with incomplete metadata (#2231) by @rominf
- Remove stale.yml (#2245) by @hubertdeng123
- Django: Fix 404 Handler handler being labeled as "generic ASGI request" (#1277) by @BeryJu

## 1.28.0

- Add support for cron jobs in ARQ integration (#2088) by @lewazo
- Backpressure handling prototype (#2189) by @sl0thentr0py
- Add "replay" context to event payload (#2234) by @antonpirker
- Update test Django app to be compatible for Django 4.x (#1794) by @DilLip-Chowdary-Codes

## 1.27.1

- Add Starlette/FastAPI template tag for adding Sentry tracing information (#2225) by @antonpirker
  - By adding `{{ sentry_trace_meta }}` to your Starlette/FastAPI Jinja2 templates we will include Sentry trace information as a meta tag in the rendered HTML to allow your frontend to pick up and continue the trace started in the backend.
- Fixed generation of baggage when a DSC is already in propagation context (#2232) by @antonpirker
- Handle explicitly passing `None` for `trace_configs` in `aiohttp` (#2230) by @Harmon758
- Support newest Starlette versions (#2227) by @antonpirker

## 1.27.0

- Support for SQLAlchemy 2.0 (#2200) by @antonpirker
- Add instrumentation of `aiohttp` client requests (#1761) by @md384
- Add Django template tag for adding Sentry tracing information (#2222) by @antonpirker
  - By adding `{{ sentry_trace_meta }}` to your Django templates we will include Sentry trace information as a meta tag in the rendered HTML to allow your frontend to pick up and continue the trace started in the backend.

- Update Flask HTML meta helper (#2203) by @antonpirker
- Take trace ID always from propagation context (#2209) by @antonpirker
- Fix trace context in event payload (#2205) by @antonpirker
- Use new top level API in `trace_propagation_meta` (#2202) by @antonpirker
- Do not overwrite existing baggage on outgoing requests (#2191, #2214) by @sentrivana
- Set the transaction/span status from an OTel span (#2115) by @daniil-konovalenko
- Fix propagation of OTel `NonRecordingSpan` (#2187) by @hartungstenio
- Fix `TaskLockedException` handling in Huey integration (#2206) by @Zhenay
- Add message format configuration arguments to Loguru integration (#2208) by @Gwill
- Profiling: Add client reports for profiles (#2207) by @Zylphrex
- CI: Fix CI (#2220) by @antonpirker
- Dependencies: Bump `checkouts/data-schemas` from `7fdde87` to `1b85152` (#2218) by @dependabot
- Dependencies: Bump `mypy` from 1.3.0 to 1.4.1 (#2194) by @dependabot
- Docs: Change API doc theme (#2210) by @sentrivana
- Docs: Allow (some) autocompletion for top-level API (#2213) by @sentrivana
- Docs: Revert autocomplete hack (#2224) by @sentrivana

## 1.26.0

- Tracing without performance (#2136) by @antonpirker
- Load tracing information from environment (#2176) by @antonpirker
- Auto-enable HTTPX integration if HTTPX installed (#2177) by @sentrivana
- Support for SOCKS proxies (#1050) by @Roguelazer
- Wrap `parse_url` calls in `capture_internal_exceptions` (#2162) by @sentrivana
- Run 2.7 tests in CI again (#2181) by @sentrivana
- Crons: Do not support sub-minute cron intervals (#2172) by @antonpirker
- Profile: Add function name to profiler frame cache (#2164) by @Zylphrex
- Dependencies: bump checkouts/data-schemas from `0ed3357` to `7fdde87` (#2165) by @dependabot
- Update changelog (#2163) by @sentrivana

## 1.25.1

- Collections of improvements to our Django integration.
- Fix `parse_url` (#2161) by @sentrivana and @antonpirker
- Better version parsing in integrations (#2152) by @antonpirker
- Align HTTP status code as span data field `http.response.status_code` (#2113) by @antonpirker
- Do not encode cached value to determine size (#2143) by @sentrivana
- Fix using `unittest.mock` whenever available (#1926) by @mgorny
- Fix 2.7 `common` tests (#2145) by @sentrivana
- Bump `actions/stale` from `6` to `8` (#1978) by @dependabot
- Bump `black` from `22.12.0` to `23.3.0` (#1984) by @dependabot
- Bump `mypy` from `1.2.0` to `1.3.0` (#2110) by @dependabot
- Bump `sphinx` from `5.3.0` to `7.0.1` (#2112) by @dependabot

## 1.25.0

- Support urllib3>=2.0.0 (#2148) by @asottile-sentry
- Auto-retry tests on failure (#2134) by @sentrivana
- Correct `importlib.metadata` check in `test_modules` (#2149) by @asottile-sentry
- Fix distribution name normalization (PEP-0503) (#2144) by @rominf
- Fix `functions_to_trace` typing (#2141) by @rcmarron

## 1.24.0

- **New:** Celery Beat exclude tasks option (#2130) by @antonpirker
- **New:** Add support for **ExceptionGroups** (#2025) by @antonpirker
- Prefer `importlib.metadata` over `pkg_resources` if available (#2081) by @sentrivana
- Work with a copy of request, vars in the event (#2125) by @sentrivana
- Pinned version of dependency that broke the build (#2133) by @antonpirker

## 1.23.1

- Disable Django Cache spans by default. (#2120) by @antonpirker

## 1.23.0

- **New:** Add `loguru` integration (#1994) by @PerchunPak
  - An error event with the message `"I am an event"` will be created.
  - `"I am a breadcrumb"` will be attached as a breadcrumb to that event.
  - `bar` will end up in the `extra` attributes of that event.
  - `"An exception happened"` will send the current exception from `sys.exc_info()` with the stack trace to Sentry. If there's no exception, the current stack will be attached.
  - The debug message `"I am ignored"` will not be captured by Sentry. To capture it, set `level` to `DEBUG` or lower in `LoguruIntegration`.
- Do not truncate request body if `request_bodies` is `"always"` (#2092) by @sentrivana
- Fixed Celery headers for Beat auto-instrumentation (#2102) by @antonpirker
- Add `db.operation` to Redis and MongoDB spans (#2089) by @antonpirker
- Make sure we're importing `redis` the library (#2106) by @sentrivana
- Add `include_source_context` option (#2020) by @farhat-nawaz and @sentrivana
- Import `Markup` from `markupsafe` (#2047) by @rco-ableton
- Fix `__qualname__` missing attribute in asyncio integration (#2105) by @sl0thentr0py
- Remove relay extension from AWS Layer (#2068) by @sl0thentr0py
- Add a note about `pip freeze` to the bug template (#2103) by @sentrivana

## 1.22.2

- Fix: Django caching spans when using keyword arguments (#2086) by @antonpirker
- Fix: Duration in Celery Beat tasks monitoring (#2087) by @antonpirker
- Fix: Docstrings of SPANDATA (#2084) by @antonpirker

## 1.22.1

- Fix: Handle a list of keys (not just a single key) in Django cache spans (#2082) by @antonpirker

## 1.22.0

- Add `cache.hit` and `cache.item_size` to Django (#2057) by @antonpirker
- Use `http.method` instead of `method` (#2054) by @AbhiPrasad
- Handle non-int `exc.status_code` in Starlette (#2075) by @sentrivana
- Handle SQLAlchemy `engine.name` being bytes (#2074) by @sentrivana
- Fix `KeyError` in `capture_checkin` if SDK is not initialized (#2073) by @antonpirker
- Use `functools.wrap` for `ThreadingIntegration` patches to fix attributes (#2080) by @EpicWink
- Pin `urllib3` to <2.0.0 for now (#2069) by @sl0thentr0py

## 1.21.1

- Do not send monitor_config when unset (#2058) by @evanpurkhiser
- Add `db.system` span data (#2040, #2042) by @antonpirker
- Fix memory leak in profiling (#2049) by @Zylphrex
- Fix crash loop when returning none in before_send (#2045) by @sentrivana

## 1.21.0

- Better handling of redis span/breadcrumb data (#2033) by @antonpirker
- Add `db.system` to redis and SQLAlchemy db spans (#2037, #2038, #2039) (#2037) by @AbhiPrasad
- Upgraded linting tooling (#2026) by @antonpirker
- Made code more resilient. (#2031) by @antonpirker

## 1.20.0

- Send all events to /envelope endpoint when tracing is enabled (#2009) by @antonpirker
- Profiling: Remove profile context from SDK (#2013) by @Zylphrex
- Profiling: Additionl performance improvements to the profiler (#1991) by @Zylphrex
- Fix: Celery Beat monitoring without restarting the Beat process (#2001) by @antonpirker
- Fix: Using the Codecov uploader instead of deprecated python package (#2011) by @antonpirker
- Fix: Support for Quart (#2003)` (#2003) by @antonpirker

## 1.19.1

- Make auto monitoring beat update support Celery 4 and 5 (#1989) by @antonpirker

## 1.19.0

- **New:** [Celery Beat](https://docs.celeryq.dev/en/stable/userguide/periodic-tasks.html) auto monitoring (#1967) by @antonpirker
- **New:** [gRPC](https://grpc.io/) integration (#1911) by @hossein-raeisi
- **New:** socket integration (#1911) by @hossein-raeisi
- Fix: Do not trim span descriptions. (#1983) by @antonpirker

## 1.18.0

- **New:** Implement `EventScrubber` (#1943) by @sl0thentr0py
- **New:** Added new `functions_to_trace` option for central way of performance instrumentation (#1960) by @antonpirker
- Updated denylist to include other widely used cookies/headers (#1972) by @antonpirker
- Forward all `sentry-` baggage items (#1970) by @cleptric
- Update OSS licensing (#1973) by @antonpirker
- Profiling: Handle non frame types in profiler (#1965) by @Zylphrex
- Tests: Bad arq dependency in tests (#1966) by @Zylphrex
- Better naming (#1962) by @antonpirker

## 1.17.0

- **New:** Monitor Celery Beat tasks with Sentry [Cron Monitoring](https://docs.sentry.io/product/crons/).
- **New:** Add decorator for Sentry tracing (#1089) by @ynouri
- Make Django signals tracing optional (#1929) by @antonpirker
- Deprecated `with_locals` in favor of `include_local_variables` (#1924) by @antonpirker
- Added top level API to get current span (#1954) by @antonpirker
- Profiling: Add profiler options to init (#1947) by @Zylphrex
- Profiling: Set active thread id for quart (#1830) by @Zylphrex
- Fix: Update `get_json` function call for werkzeug 2.1.0+ (#1939) by @michielderoos
- Fix: Returning the tasks result. (#1931) by @antonpirker
- Fix: Rename MYPY to TYPE_CHECKING (#1934) by @untitaker
- Fix: Fix type annotation for ignore_errors in sentry_sdk.init() (#1928) by @tiangolo
- Tests: Start a real http server instead of mocking libs (#1938) by @antonpirker

## 1.16.0

- **New:** Add [arq](https://arq-docs.helpmanual.io/) Integration (#1872) by @Zhenay
- Update of [Falcon](https://falconframework.org/) Integration (#1733) by @bartolootrit
- Adding [Cloud Resource Context](https://docs.sentry.io/platforms/python/configuration/integrations/cloudresourcecontext/) integration (#1882) by @antonpirker
- Profiling: Use the transaction timestamps to anchor the profile (#1898) by @Zylphrex
- Profiling: Add debug logs to profiling (#1883) by @Zylphrex
- Profiling: Start profiler thread lazily (#1903) by @Zylphrex
- Fixed checks for structured http data (#1905) by @antonpirker
- Make `set_measurement` public api and remove experimental status (#1909) by @sl0thentr0py
- Add `trace_propagation_targets` option (#1916) by @antonpirker
- Add `enable_tracing` to default traces_sample_rate to 1.0 (#1900) by @sl0thentr0py
- Remove deprecated `tracestate` (#1907) by @sl0thentr0py
- Sanitize URLs in Span description and breadcrumbs (#1876) by @antonpirker
- Mechanism should default to true unless set explicitly (#1889) by @sl0thentr0py
- Better setting of in-app in stack frames (#1894) by @antonpirker
- Add workflow to test gevent (#1870) by @Zylphrex
- Updated outdated HTTPX test matrix (#1917) by @antonpirker
- Switch to MIT license (#1908) by @cleptric

## 1.15.0

- New: Add [Huey](https://huey.readthedocs.io/en/latest/) Integration (#1555) by @Zhenay
- Profiling: Do not send single sample profiles (#1879) by @Zylphrex
- Profiling: Add additional test coverage for profiler (#1877) by @Zylphrex
- Profiling: Always use builtin time.sleep (#1869) by @Zylphrex
- Profiling: Defaul in_app decision to None (#1855) by @Zylphrex
- Profiling: Remove use of threading.Event (#1864) by @Zylphrex
- Profiling: Enable profiling on all transactions (#1797) by @Zylphrex
- FastAPI: Fix check for Starlette in FastAPI integration (#1868) by @antonpirker
- Flask: Do not overwrite default for username with email address in FlaskIntegration (#1873) by @homeworkprod
- Tests: Add py3.11 to test-common (#1871) by @Zylphrex
- Fix: Don't log whole event in before_send / event_processor drops (#1863) by @sl0thentr0py

## 1.14.0

- Add `before_send_transaction` (#1840) by @antonpirker
- Django: Always remove values of Django session related cookies. (#1842) by @antonpirker
- Profiling: Enable profiling for ASGI frameworks (#1824) by @Zylphrex
- Profiling: Better gevent support (#1822) by @Zylphrex
- Profiling: Add profile context to transaction (#1860) by @Zylphrex
- Profiling: Use co_qualname in python 3.11 (#1831) by @Zylphrex
- OpenTelemetry: fix Use dict for sentry-trace context instead of tuple (#1847) by @AbhiPrasad
- OpenTelemetry: fix extra dependency (#1825) by @bernardotorres
- OpenTelemetry: fix NoOpSpan updates scope (#1834) by @Zylphrex
- OpenTelemetry: Make sure to noop when there is no DSN (#1852) by @antonpirker
- FastAPI: Fix middleware being patched multiple times (#1841) by @JohnnyDeuss
- Starlette: Avoid import of pkg_resource with Starlette integration (#1836) by @mgu
- Removed code coverage target (#1862) by @antonpirker

## 1.13.0

- Add Starlite integration (#1748) by @gazorby
- Profiling: Remove sample buffer from profiler (#1791) by @Zylphrex
- Profiling: Performance tweaks to profile sampler (#1789) by @Zylphrex
- Add span for Django SimpleTemplateResponse rendering (#1818) by @chdsbd
- Use @wraps for Django Signal receivers (#1815) by @meanmail
- Add enqueued_at and started_at to rq job extra (#1024) by @kruvasyan
- Remove sanic v22 pin (#1819) by @sl0thentr0py
- Add support for `byterray` and `memoryview` built-in types (#1833) by @Tarty
- Handle `"rc"` in SQLAlchemy version. (#1812) by @peterschutt
- Doc: Use .venv (not .env) as a virtual env location in CONTRIBUTING.md (#1790) by @tonyo
- Auto publish to internal pypi on release (#1823) by @asottile-sentry
- Added Python 3.11 to test suite (#1795) by @antonpirker
- Update test/linting dependencies (#1801) by @antonpirker
- Deps: bump sphinx from 5.2.3 to 5.3.0 (#1686) by @dependabot

## 1.12.1

- Link errors to OTel spans (#1787) by @antonpirker
- Tox Cleanup (#1749) by @antonpirker
- CI: Fix Github action checks (#1780) by @Zylphrex
- Profiling: Introduce active thread id on scope (#1764) by @Zylphrex
- Profiling: Eagerly hash stack for profiles (#1755) by @Zylphrex
- Profiling: Resolve inherited method class names (#1756) by @Zylphrex

## 1.11.1

- Move set_transaction_name out of event processor in fastapi/starlette (#1751) by @sl0thentr0py
- Expose proxy_headers as top level config and use in ProxyManager: https://docs.sentry.io/platforms/python/configuration/options/#proxy-headers (#1746) by @sl0thentr0py

## 1.11.0

- Fix signals problem on sentry.io (#1732) by @antonpirker
- Fix reading FastAPI request body twice. (#1724) by @antonpirker
- ref(profiling): Do not error if already setup (#1731) by @Zylphrex
- ref(profiling): Use sleep scheduler by default (#1729) by @Zylphrex
- feat(profiling): Extract more frame info (#1702) by @Zylphrex
- Update actions/upload-artifact to v3.1.1 (#1718) by @mattgauntseo-sentry
- Performance optimizations (#1725) by @antonpirker
- feat(pymongo): add PyMongo integration (#1590) by @Agalin
- Move relay to port 5333 to avoid collisions (#1716) by @sl0thentr0py
- fix(utils): strip_string() checks text length counting bytes not chars (#1711) by @mgaligniana
- chore: remove jira workflow (#1707) by @vladanpaunovic
- build(deps): bump checkouts/data-schemas from `a214fbc` to `20ff3b9` (#1703) by @dependabot
- perf(profiling): Tune the sample profile generation code for performance (#1694) by @Zylphrex

## 1.10.1

- Bug fixes for FastAPI and Sentry SDK 1.10.0 (#1699) by @antonpirker
- The wrapped receive() did not return anything. (#1698) by @antonpirker

## 1.10.0

- Unified naming for span ops (#1661) by @antonpirker
- Include framework in SDK name (#1662) by @antonpirker
- Asyncio integration (#1671) by @antonpirker
- Add exception handling to Asyncio Integration (#1695) by @antonpirker
- Fix asyncio task factory (#1689) by @antonpirker
- Have instrumentation for ASGI middleware receive/send callbacks. (#1673) by @antonpirker
- Use Django internal ASGI handling from Channels version 4.0.0. (#1688) by @antonpirker
- fix(integrations): Fix http putrequest when url is None (#1693) by @MattFlower
- build(deps): bump checkouts/data-schemas from `f0a57f2` to `a214fbc` (#1627) by @dependabot
- build(deps): bump flake8-bugbear from 22.9.11 to 22.9.23 (#1637) by @dependabot
- build(deps): bump sphinx from 5.1.1 to 5.2.3 (#1653) by @dependabot
- build(deps): bump actions/stale from 5 to 6 (#1638) by @dependabot
- build(deps): bump black from 22.8.0 to 22.10.0 (#1670) by @dependabot
- Remove unused node setup from ci. (#1681) by @antonpirker
- Check for Decimal is in_valid_sample_rate (#1672) by @Arvind2222
- Add session for aiohttp integration (#1605) by @denys-pidlisnyi
- feat(profiling): Extract qualified name for each frame (#1669) by @Zylphrex
- feat(profiling): Attach thread metadata to profiles (#1660) by @Zylphrex
- ref(profiling): Rename profiling frame keys (#1680) by @Zylphrex
- fix(profiling): get_frame_name only look at arguments (#1684) by @Zylphrex
- fix(profiling): Need to sample profile correctly (#1679) by @Zylphrex
- fix(profiling): Race condition spawning multiple profiling threads (#1676) by @Zylphrex
- tests(profiling): Add basic profiling tests (#1677) by @Zylphrex
- tests(profiling): Add tests for thread schedulers (#1683) by @Zylphrex

## 1.9.10

- Use content-length header in ASGI instead of reading request body (#1646, #1631, #1595, #1573) (#1649) by @antonpirker
- Added newer Celery versions to test suite (#1655) by @antonpirker
- Django 4.x support (#1632) by @antonpirker
- Cancel old CI runs when new one is started. (#1651) by @antonpirker
- Increase max string size for desc (#1647) by @k-fish
- Pin Sanic version for CI (#1650) by @antonpirker
- Fix for partial signals in old Django and old Python versions. (#1641) by @antonpirker
- Convert profile output to the sample format (#1611) by @phacops
- Dynamically adjust profiler sleep time (#1634) by @Zylphrex

## 1.9.9

- Instrument Django Signals so they show up in "Performance" view (#1526) by @BeryJu
- include other Django enhancements brought up by the community
- fix(profiling): Profiler mode type hints (#1633) by @Zylphrex
- New ASGIMiddleware tests (#1600) by @antonpirker
- build(deps): bump mypy from 0.961 to 0.971 (#1517) by @dependabot
- build(deps): bump black from 22.3.0 to 22.8.0 (#1596) by @dependabot
- build(deps): bump sphinx from 5.0.2 to 5.1.1 (#1524) by @dependabot
- ref: upgrade linters to flake8 5.x (#1610) by @asottile-sentry
- feat(profiling): Introduce different profiler schedulers (#1616) by @Zylphrex
- fix(profiling): Check transaction sampled status before profiling (#1624) by @Zylphrex
- Wrap Baggage ser/deser in capture_internal_exceptions (#1630) by @sl0thentr0py
- Faster Tests (DjangoCon) (#1602) by @antonpirker
- feat(profiling): Add support for profiles_sample_rate (#1613) by @Zylphrex
- feat(profiling): Support for multithreaded profiles (#1570) by @Zylphrex

## 1.9.8

- Baggage creation for head of trace (#1589) by @sl0thentr0py
  - The SDK now also generates new baggage entries for dynamic sampling when it is the first (head) SDK in the pipeline.

## 1.9.7

- Let SentryAsgiMiddleware work with Starlette and FastAPI integrations (#1594) by @antonpirker

## 1.9.6

- Auto-enable Starlette and FastAPI (#1533) by @antonpirker
- Add more version constraints (#1574) by @isra17
- Fix typo in starlette attribute check (#1566) by @sl0thentr0py

## 1.9.5

- fix(redis): import redis pipeline using full path (#1565) by @olksdr
- Fix side effects for parallel tests (#1554) by @sl0thentr0py

## 1.9.4

- Remove TRANSACTION_SOURCE_UNKNOWN and default to CUSTOM (#1558) by @sl0thentr0py
- feat(redis): Add instrumentation for redis pipeline (#1543) by @jjbayer
- Handle no release when uploading profiles (#1548) by @szokeasaurusrex

## 1.9.3

- Wrap StarletteRequestExtractor in capture_internal_exceptions (#1551) by @sl0thentr0py

## 1.9.2

- chore: remove quotes (#1545) by @vladanpaunovic

## 1.9.1

- Fix FastAPI issues (#1532) ( #1514) (#1532) by @antonpirker
- Add deprecation warning for 3.4, 3.5 (#1541) by @sl0thentr0py
- Fast tests (#1504) by @antonpirker
- Replace Travis CI badge with GitHub Actions badge (#1538) by @153957
- chore(deps): update urllib3 minimum version with environment markers (#1312) by @miketheman
- Update Flask and Quart integrations (#1520) by @pgjones
- chore: Remove ancient examples from tracing prototype (#1528) by @sl0thentr0py
- fix(django): Send correct "url" transaction source if Django resolver fails to resolve (#1525) by @sl0thentr0py

## 1.9.0

- feat(profiler): Add experimental profiler under experiments.enable_profiling (#1481) by @szokeasaurusrex
- Fixed problem with broken response and python-multipart (#1516) by @antonpirker

## 1.8.0

- feat(starlette): add Starlette integration (#1441) by @sl0thentr0py
- feat(fastapi): add FastAPI integration (#829) by @antonpirker
- fix: avoid sending empty Baggage header (#1507) by @intgr
- fix: properly freeze Baggage object (#1508) by @intgr
- docs: fix simple typo, collecter | collector (#1505) by @timgates42

## 1.7.2

- feat(transactions): Transaction Source (#1490) by @antonpirker
- Removed (unused) sentry_timestamp header (#1494) by @antonpirker

## 1.7.1

- Skip malformed baggage items (#1491) by @robyoung

## 1.7.0

- feat(tracing): Dynamic Sampling Context / Baggage continuation (#1485) by @sl0thentr0py

## 1.6.0

- Fix Deployment (#1474) by @antonpirker
- Serverless V2 (#1450) by @antonpirker
- Use logging levelno instead of levelname. Levelnames can be overridden (#1449) by @rrauenza

## 1.5.12

- feat(measurements): Add experimental set_measurement api on transaction (#1359) by @sl0thentr0py
- fix: Remove incorrect usage from flask helper example (#1434) by @BYK

## 1.5.11

- chore: Bump mypy and fix abstract ContextManager typing (#1421) by @sl0thentr0py
- chore(issues): add link to Sentry support (#1420) by @vladanpaunovic
- fix: replace git.io links with redirect targets (#1412) by @asottile-sentry
- ref: Update error verbose for sentry init (#1361) by @targhs
- fix(sessions): Update session also for non sampled events and change filter order (#1394) by @adinauer

## 1.5.10

- Remove Flask version contraint (#1395) by @antonpirker
- Change ordering of event drop mechanisms (#1390) by @adinauer

## 1.5.9

- fix(sqlalchemy): Use context instead of connection in sqlalchemy integration (#1388) by @sl0thentr0py
- Update correct test command in contributing docs (#1377) by @targhs
- Update black (#1379) by @antonpirker
- build(deps): bump sphinx from 4.1.1 to 4.5.0 (#1376) by @dependabot
- fix: Auto-enabling Redis and Pyramid integration (#737) by @untitaker
- feat(testing): Add pytest-watch (#853) by @lobsterkatie
- Treat x-api-key header as sensitive (#1236) by @simonschmidt
- fix: Remove obsolete MAX_FORMAT_PARAM_LENGTH (#1375) by @blueyed

## 1.5.8

- feat(asgi): Add support for setting transaction name to path in FastAPI (#1349) by @tiangolo
- fix(sqlalchemy): Change context manager type to avoid race in threads (#1368) by @Fofanko
- fix(perf): Fix transaction setter on scope to use containing_transaction to match with getter (#1366) by @sl0thentr0py
- chore(ci): Change stale GitHub workflow to run once a day (#1367) by @kamilogorek
- feat(django): Make django middleware expose more wrapped attributes (#1202) by @MattFisher

## 1.5.7

- fix(serializer): Make sentry_repr dunder method to avoid mock problems (#1364) by @sl0thentr0py

## 1.5.6

- Create feature.yml (#1350) by @vladanpaunovic
- Update contribution guide (#1346) by @antonpirker
- chore: add bug issue template (#1345) by @vladanpaunovic
- Added default value for auto_session_tracking (#1337) by @antonpirker
- docs(readme): reordered content (#1343) by @antonpirker
- fix(tests): Removed unsupported Django 1.6 from tests to avoid confusion (#1338) by @antonpirker
- Group captured warnings under separate issues (#1324) by @mnito
- build(changelogs): Use automated changelogs from Craft (#1340) by @BYK
- fix(aiohttp): AioHttpIntegration sentry_app_handle() now ignores ConnectionResetError (#1331) by @cmalek
- meta: Remove black GH action (#1339) by @sl0thentr0py
- feat(flask): Add `sentry_trace()` template helper (#1336) by @BYK

## 1.5.5

- Add session tracking to ASGI integration (#1329)
- Pinning test requirements versions (#1330)
- Allow classes to short circuit serializer with `sentry_repr` (#1322)
- Set default on json.dumps in compute_tracestate_value to ensure string conversion (#1318)

## 1.5.4

- Add Python 3.10 to test suite (#1309)
- Capture only 5xx HTTP errors in Falcon Integration (#1314)
- Attempt custom urlconf resolve in `got_request_exception` as well (#1317)

## 1.5.3

- Pick up custom urlconf set by Django middlewares from request if any (#1308)

## 1.5.2

- Record event_processor client reports #1281
- Add a Quart integration #1248
- Sanic v21.12 support #1292
- Support Celery abstract tasks #1287

## 1.5.1

- Fix django legacy url resolver regex substitution due to upstream CVE-2021-44420 fix #1272
- Record lost `sample_rate` events only if tracing is enabled #1268
- Fix gevent version parsing for non-numeric parts #1243
- Record span and breadcrumb when Django opens db connection #1250

## 1.5.0

- Also record client outcomes for before send #1211
- Add support for implicitly sized envelope items #1229
- Fix integration with Apache Beam 2.32, 2.33 #1233
- Remove Python 2.7 support for AWS Lambda layers in craft config #1241
- Refactor Sanic integration for v21.9 support #1212
- AWS Lambda Python 3.9 runtime support #1239
- Fix "shutdown_timeout" typing #1256

## 1.4.3

- Turned client reports on by default.

## 1.4.2

- Made envelope modifications in the HTTP transport non observable #1206

## 1.4.1

- Fix race condition between `finish` and `start_child` in tracing #1203

## 1.4.0

- No longer set the last event id for transactions #1186
- Added support for client reports (disabled by default for now) #1181
- Added `tracestate` header handling #1179
- Added real ip detection to asgi integration #1199

## 1.3.1

- Fix detection of contextvars compatibility with Gevent versions >=20.9.0 #1157

## 1.3.0

- Add support for Sanic versions 20 and 21 #1146

## 1.2.0

- Fix for `AWSLambda` Integration to handle other path formats for function initial handler #1139
- Fix for worker to set daemon attribute instead of deprecated setDaemon method #1093
- Fix for `bottle` Integration that discards `-dev` for version extraction #1085
- Fix for transport that adds a unified hook for capturing metrics about dropped events #1100
- Add `Httpx` Integration #1119
- Add support for china domains in `AWSLambda` Integration #1051

(khorben)

doc: Added archivers/py-zipstream-ng version 1.6.0

(khorben)

archivers: add py-zipstream-ng

(khorben)

archivers/py-zipstream-ng: import version 1.6.0

py-zipstream-ng is a modern and easy to use streamable zip file
generator. It can package and stream many files and folders into a zip
on the fly without needing temporary files or excessive memory. It can
also calculate the final size of the zip file before streaming it.

(khorben)

py-emoji: update to 2.8.0

Changes in version 2.8.0:

* Update translations to unicode release-43-1
* Include "derived annotations"-translations from unicode CLDR
* Fix translations for emoji that have multiple forms with/out \uFE0F
* Remove multiple underscore __, ___, ____ and - from translations

Changes in version 2.7.0:

* Extract aliases from cheat sheet and youtube
* Fix extracting translations from emojiterra
* Update EMOJI_DATA with new aliases and translations

(khorben)

doc: Updated textproc/fmtlib to 10.1.0

(khorben)

fmtlib: update to 10.1.0

>From the release information on GitHub:

  * Optimized format string compilation resulting in up to 40% speed up
    in compiled format_to and ~4x speed up in compiled format_to_n on a
    concatenation benchmark
  * Optimized storage of an empty allocator in basic_memory_buffer
  * Added formatters for proxy references to elements of
    std::vector<bool> and std::bitset<N>
  * Fixed an ambiguous formatter specialization for containers that look
    like container adaptors such as boost::flat_set
  * Fixed compilation when formatting durations not convertible from
    std::chrono::seconds
  * Made the formatter specialization for char* const-correct
  * Made {} and {:} handled consistently during compile-time checks
  * Disallowed passing temporaries to make_format_args to improve API
    safety by preventing dangling references
  * Improved the compile-time error for unformattable types
  * Improved the floating-point formatter
  * Fixed handling of precision for long double larger than 64 bits
  * Made floating-point and chrono tests less platform-dependent
  * Removed the remnants of the Grisu floating-point formatter that has
    been replaced by Dragonbox in earlier versions
  * Added throw_format_error to the public API
  * Made FMT_THROW assert even if assertions are disabled when compiling
    with exceptions disabled
  * Added support for the ? format specifier to std::filesystem::path
    and made the default unescaped for consistency with strings
  * Made format_as and std::filesystem::path formatter work with exotic
    code unit types
  * Deprecated the wide stream overload of printf
  * Removed unused basic_printf_parse_context.
  * Improved RTTI detection used when formatting exceptions
  * Improved compatibility with VxWorks7
  * Improved documentation
  * Improved build and CI configurations
  * Fixed various warnings and compilation issues

(khorben)

doc: Updated chat/irssi-icb to 0.17

(khorben)

irssi-icb: update to 0.17

This changes the upstream to a fork of the previous one, with extra
commits bringing support for irssi 1.4. Besides fixing the build (and
that of meta-pkgs/bulk-small) this also:

* Adds a buildlink3.mk file to chat/irssi;
* And therefore can avoid extracting a copy of irssi to build;
* Leverages autoreconf to build without a release (git commit ID)
* Reduces the patches required to two.

This is inspired by FreeBSD's port of the same software (irc/irssi-icb).

Tested on NetBSD/amd64; reviewed by jperkin@.

(khorben)

doc: Updated sysutils/open-vm-tools to 12.1.5

(khorben)

open-vm-tools: update to 12.1.5

From the release notes, this addresses:

* Premature reboots in the guest VM from the deployPkg plugin before cloud-init
  has completed user data setup
* A possible SIGSEGV when a non-quiescing snapshot times out.
* A number of issues reported by Coverity.

(khorben)

doc: Updated sysutils/open-vm-tools to 12.1.0

(khorben)

open-vm-tools: update to 12.1.0

From the release notes, this:

* resolves CVE-2022-31676
* includes pull request #588
* includes pull request #387

While there, use SYSCONFBASE in the RC script.

(khorben)

doc: Updated sysutils/open-vm-tools to 12.0.5

(khorben)

open-vm-tools: update to 12.0.5

From the release notes, resolved issues:

* glibc 2.35 and GCC 11 & 12 reporting possible array bounds overflow -
  bora/lib/asyncsocket/asyncksocket.c: AsyncTCPSocketPollWork()
* ContainerInfo Plugin: compilation warnings with a newer version of GCC

(khorben)

libnbcompat: sort the README file by most recent test first

While there, replace e-mail addresses of former developers by
pkgsrc-users@; otherwise NFCI.

Bumps PKGREVISION.

Tested on NetBSD/amd64.

(khorben)

jitsi-videobridge: fix distinfo

(khorben)

jitsi-videobridge: register dependency on jitsi-srtp

While there, ship jitsi-videobridge as a single JAR file.

Tested on NetBSD/amd64.

(khorben)

doc: Added chat/jitsi-srtp version 1.1

(khorben)

chat: add jitsi-srtp

(khorben)

jitsi-srtp: import version 1.1

Jitsi SRTP contains classes for encrypting and decrypting SRTP and SRTCP
packets. Jitsi SRTP contains native libraries to speed up encryption/decryption.

(khorben)

doc: Updated chat/jitsi-videobridge to 2.0.8252

(khorben)

doc: Updated chat/jicofo to 2.0.8252

(khorben)

doc: Updated chat/jitsi-meet-prosody to 2.0.8252

(khorben)

jicofo,jitsi-{meet-prosody,videobridge}: update to 2.0.8252

Changes in 2.0.8252:

jitsi-meet
----------
* feat(config/giphy) add proxyUrl config for giphy requests (#12816)
* fix(external-api) fix sending forms after introduction of sandbox
* fix(Thumbnail):limit the size of the avatar to 200
* Fixed overflow of popover (#12814)
* feat(base/lib-jitsi-meet): fixed build failing from bad import
* feat(narrow-layout) Use drawer menus on desktop narrow mode (#12799)
* fix(recording-dialog) Fix switch UI (#12826)
* Feat ssrc rewriting (#12408)
* chore(deps) lib-jitsi-meet@latest
* chore(deps) lib-jitsi-meet@latest
* fix(breakout-room, rn): joining room
* feat(ci) add luacheck
* fix(conferendce-timer) use "monospace" digits
* feat(chat) Redesign chat
* fix(lang) updated Esperanto
* feat(participants) Add count badge to toolbar button
* fix(authentication) don't hide the dialog until auth has completed
* feat(settings/native): changed FormSectionAccordion.js to FormSection.tsx
* feat(wifistats) drop support for WiFiStats
* fix(external-api) fix no longer allowing popups
* fix(local-rec) Reset max size on recording stop (#12815)
* fix(external-api) Don't check recording service for live streaming (#12807)
* fix(dialog) Make sure dialog fits in the available height (#12803)
* ref(external-api) set ifrma source last
* feat(external-api) sandbox the iframe
* fix(config,debian) fix multistream backwards compatibility
* fix(deep-linking) drop broken an unused setting
* fix(welcome-page) Fix narrow mode (#12781)
* chore(deps) lib-jitsi-meet@latest
* feat(polls): removed platform check and fixed button arrangement (#12780)
* feat(rn,deps) update react-native-webrtc to 106.0.4

lib-jitsi-meet
--------------
* feat(ssrc-rewriting) Advertise support to Jicofo. (#2209)
* Feat ssrc rewriting (#2192)
* fix: Bring back code setting externalAuthEnabled. (#2207)
* feat(statistics) drop support for WiFiStats
* fix(SignalingLayer) Update SSRC owners on leave. (#2184)

Changes in 2.0.8218:

jitsi-meet
----------
* chore(deps) lib-jitsi-meet@latest
* chore(deps) lib-jitsi-meet@latest
* fix: Drops jicofo-authuser as we use hardcoded value.
* chore(deps) run npm audit fix
* feat(rn,deps) update react-native-webrtc to 106.0.3
* feat(polls): added marginTop
* feat(share-room): created getInviteOthersControl helper (#12769)
* ref(dep): updated react navigation dependencies (#12768)
* fix: Fix appending URL params. (#12763)
* feat(rn,deps) update react-native-webrtc to 106.0.2
* chore(deps): update rn-safe-area-context to latest (#12760)
* chore(deps): update rn-gesture-handler to latest (#12759)
* feat(share-room): disable Invite Others button when Share is visible (#12765)
* feat(ui/polls/security/native): style fixes and updates  (#12761)
* fix(deeplinking) Consider deprecated config (#12758)
* fix(audio-only) Fix an issue where 'startAudioOnly' in config is not applied to web clients.
* fix(local-rec) Stop recording properly on size exceeded (#12757)
* fix: Fixes using s2s for visitors.
* chore(deps) lib-jitsi-meet@latest (#12754)
* feat: Append ?room= to conferenceRequestUrl. (#12753)
* feat(android) created Monochrome Icon
* feat(base/media): SS mobile align (#12743)
* jaas: pass the jitsi installation type at provisioning (#12750)
* Update react native paper dependency to latest (#12740)

lib-jitsi-meet
--------------
* fix: Fix setting machineUid when sending conference-request.
* fix(quality-control) Fix receiver constraints for default case. When the application doesn't set receiver constraints, generate default constraints in the source-name mode. Cleanup code related to the endpoint based video constraint handling for p2p connection.
* fix(qualitycontrol): Cleanup old receiver constraints. Endpoint based receiver constraints and other endpoint based bridge signaling messages are no longer supported by latest JVB after the switch to source-name signaling. Rename method names 'sendNewReceiverVideoConstraintsMessage'->'sendReceiverVideoConstraintsMessage', 'setNewReceiverVideoConstraints'->'setReceiverVideoConstraints'
* ref(TPC): Cleanup flags related to low fps screenshare. Simulcast for SS is always on in unified plan mode, the lower spatial resolution streams are turned off for low fps sharing.
* ref(ScreenObtainer): Always set the resolution constraints for SS. It was behind a testing flag setScreenSharingResolutionConstraints.
* fix(JitsiTrack) Add setSourceName/getSourceName methods to JitsiTrack class.
* ref(JitsiTrack) Alpha sort the methods.
* Use the XMPP connection's options instead of the conference options for Moderator. (#2202)
* chore(deps): bump json5 from 1.0.1 to 1.0.2
* chore(deps): bump minimatch from 3.0.4 to 3.1.2 in /types/types-comparer
* chore(deps): bump engine.io and socket.io
* fix(p2p) Fix an issue where unmute fails on p2p with channelLastN=0. Always initiate a sRD->cA->sLD cycle since renegotiation fails in the following scenario. In a p2p call when channelLastN=0, the direction on the video tranceiver is set to'inactive'. At this point, if the user unmutes, the track is replaced on the video sender. If a cO->sLD->sRD is triggered, the browser adds a third m-line which isn't expected and possibly is a bug. All renegotiations fail as a result. However, the browser does not add a third m-line in the answer it generates and renegotiation succeeds.
* fix(BridgeChannel) skip close notification if the code is 1001

Changes in 2.0.8194:

jitsi-meet
----------
* fix(config) Delete deprecated config. Client (receiver constraints)  and bridge use the new b/w allocation strategy by default.
* fix(config): Remove unused config values. capScreenshareBitrate and setScreenSharingResolutionConstraints are no longer valid.
* feat(prejoin) Disable join buttons during joining
* Re-use existing flags for visitor functioonality. (#12703)
* ref(participants) Remove sortedRemoteScreenshares used by legacy SS.
* fix(audio-only):Don't disable on SS started. (#12733)
* chore(ci): update to checkout@v3 to fix node12 warnings (#12722)
* ci: move jsonlint to npm run script (#12721)
* fix(lang) update German translation (#12720)
* chore(welcome-page) Welcome page redesign (#12717)
* fix(welcome-page) Fix error before joining a meeting from welcome page (#12718)
* fix(filmstrip): scroll
* chore(deps): bump loader-utils from 1.4.1 to 1.4.2
* chore(deps) lib-jitsi-meet@latest
* ref(setScreenshareMuted): remove mediaType
* ref(setVideoMuted): remove mediaType param.
* fix(config) Remove code related to deprecated configs 'preferH264' and 'disableH264'.
* fix(face-landmarks): check for track state only if image capture is not polyfill (#12711)
* feat(deeplinking) Move deeplinking to config.js (#12704)
* feat(audioOnly): do not disable when SS starts
* fix(rn) temporarily disable P2P
* fix(android,config) allow to override integer config
* fix(rn,polyfills) simplify WebRTC polyfills
* fix(rn,config) make sure VP9 is never selected
* deps(rn) react-native-webrtc@106.0.1
* chore(deps) lib-jitsi-meet@latest
* fix(rn) removes settings dialog webviews and opens urls in browser
* fix(invite-dialog) adjust dial in limit display condition and styling (#12654)
* fix(conference) Fixes an issue where first unmute with disableInitialGUM=true was resulting in user staying muted. When device list changes, create a new track with the preferred device only if the user is unmuted. If the user is audio/video muted, remove the existing track from conference. A new track will be created and replaced automatically when the user unmutes. Also since screensharing is a separate source, always check for updated camera devices.
* fix(config): cleanup config function (#12690)
* fix(rn,dynamic-branding) fix handling bogus response from the backend
* fix(prejoin) fix prejoin app dialogs not being visible (#12689)
* ref(TS) Convert some features to TS (#12651)
* chore(deps) lib-jitsi-meet@latest (#12684)
* fix(rn,screenshare) rework the logic for unified-plan with multi-stream
* fix(rn,config) don't disable multi-stream sending on RN
* feat(deps,rn) update react-native-webrtc@106
* chore(deps) lib-jitsi-meet@latest
* feat(route) Redirect to a custom welcome page
* fix(prejoin) Fix missing lib error
* chore(deps) lib-jitsi-meet@latest
* feat: Adds docs, config and scripts around the visitor mode. (#12658)
* chore(deps) lib-jitsi-meet@latest
* fix(salesforce) require selected records + styling (#12669)
* feat: Prints the error on problem sharing YouTube video.
* fix: Error in patching config.js
* fix: Fixes undefined error in some cases after patching config.js.
*  fix(android) adds default notification icons
* chore(deps): bumped rtcstats 9.5.0 -> 9.5.1 (#12664)
* fix(e2ee) avoid running middleware when there is no conference
* ref(misc) remove unused code for dock / undock (#12661)
* feat(giphy) disable feature from dynamic branding (#12620)

lib-jitsi-meet
--------------
* feat: Remove the startBitrate and minBitrate conference-request options. (#2194)
* Conference request over HTTP (#2188)
* fix(deps) Use Yarn v2 compatible syntax (#2092)
* fix(codec-selection): Codec selection fixes. 1. Checks peer's preferred codec in p2p case. Mobile and web have different preferred codecs. 2. Log an error message when the preferred codec is not offered by JVB. 3. Clean up code related to deprecated config.js settings 'preferH264' and 'disableH264'. 4. Refactor the codec selection logic so that correct codec is picked.
* fix(spot) adapt to API changes and fix remote screen-share
* feat(rn,TPC) use modern layer selection on RN
* fix(rn,CodecSelection) RN now supports the capabilities API so use it
* fix(rn,ConnectionQuality) use new APIs for target bitrate on RN
* fix(BridgeChannel): prevent multiple websockets on retries (#2179)
* fix(statistics): remove infinite logging (#2180)
* feat(browser-support) use Unified Plan on React Native
* Use insertable streams to drop all media when in lite mode. (#2178)
* feat: Moves vnode handle from  conferenceIQ error to success response.
* fix: set faceLandmarks on update only if it is has data (#2177)
* ref: Remove the created-ms property (obsoleted by meetingId). (#1500)

(khorben)

doc: Updated sysutils/open-vm-tools to 12.0.0

(khorben)

open-vm-tools: update to 12.0.0

From the release notes:

Two new features are available in open-vm-tools 12.0.0:

* Support for managing Salt Minion.
* Support for gathering and publishing a list of containers running inside
  Linux guests.

A potential failure to build from source [FTBFS] issue was reported. The fix
did not make the code freeze cut-off date, but the fix is available on the
development branch.

Open-vm-tools can be built with either libfuse2 or libfuse3.

(khorben)

grub2: fix building with the freetype option

grub2 builds binaries for execution during the build, to generate the
fonts for instance. Without the right COMPILER_RPATH_FLAG and path in
BUILD_LDFLAGS, the binaries may fail to find libfreetype.so.

Tested on NetBSD/amd64.

(khorben)

m1n1: fix the build when fonts are copied before building code

Tested on NetBSD/amd64 with MAKE_JOBS=32.

No other changes intended.

(khorben)

gdk-pixbuf2: register dependency on devel/py-gi-docgen

This prevents the build from cloning a remote Git repository while
configuring.

Bumps PKGREVISION. (added dependency, different gi-docgen)

Tested on NetBSD/amd64.

(khorben)

open-vm-tools: fix the installation of vm-support and tools.conf

Bumps PKGREVISION.

Tested on NetBSD/amd64.

(khorben)

openipmi: fix the build when dia in is $PATH

This forces using gsed through USE_TOOLS.
The build breaks otherwise with NetBSD's sed(1) because:

    $ echo 0.97.3 | sed 's/^[0-9.]\+$//'
    0.97.3
    $ echo 0.97.3 | gsed 's/^[0-9.]\+$//'

As per the configure script. (Is this a bug in NetBSD's sed?)

Tested on NetBSD/amd64.

(khorben)

pulseaudio: revert the build fix

After updating glib2 locally, pulseaudio no longer needs pcre to build.
(Tested on NetBSD/amd64)

Bump PKGREVISION for the corrected dependencies.

Thanks wiz@ for the heads up!

(khorben)

pulseaudio: register dependency on devel/pcre

This fixes users of pulseaudio, probably broken by glib2's update to 2.74.1.

Tested with x11/qt5-qtmultimedia (NetBSD/amd64).

(khorben)

pulseaudio: register dependency on devel/pcre

This fixes the build, probably broken by glib2's update to 2.74.1.

(khorben)

doc: Added devel/iaito version 5.8.0

(khorben)

devel: add iaito

(khorben)

iaito: import version 5.8.0

iaito is the official graphical interface for radare2, a libre reverse
engineering framework.

* Iaito was the original name of this GUI before being forked as Cutter.
* It's written in Qt/C++ (qt5 for now). No Qt6 support yet (contribs are
  welcome)
* Support latest versions, plugins and features of radare2
* Use r2 plugins (f.ex: no need for r2ghidra-iaito plugin if r2ghidra is
  installed)
* Focus on parity of commands, keybindings and r2-style workflows.
* Translations are community contributed! (https://crowdin.com/project/iaito)
* Aims to support all the features from the core, not just disassembler-based
  * forensics, networking, bindiffing, solvers, ...

(khorben)

doc: Updated devel/radare2 to 5.8.2

(khorben)

radare2: update to 5.8.2

Changes in 5.8.2:

### anal

* Honor the micromips codealign, add missing =SN and cc
* Set indirect code refs from load instructions
* Make r_anal_optype_{to,from}_string use the same optypes array
* Rework of the function merging
* Add Plan 9 calling conventions
* Basic blocks are not modified if not initialized
* Add test for gb srcs/dsts json and valtype
* Fix multiple typos in ios-syscalls.txt

### analysis

* Make r_anal_optype_{to,from}_string use the same optypes array
* Rework of the function merging

### api

* Make r_str_casecmp() null-proof to fix weird crash on windows
* Implement RCore.cmdCallAt() + minor improve internal cmd calls
* Fix RFile.path() when $PATH contains no colon

### arch

* Add esil support for v850 ei and di instructions
* Add esil support for v850 reti instruction
* Add esil support for v850 stsr instruction
* Add esil support for v850 ldsr instruction
* Blindfix for a glitch in the v850 disassembler
* Simplify esil generation of v850 bcond instructions
* Add esil support for v850 setf instruction
* Improve v850 esil support and fix some related bugs
* Fix asm.cpu=? when using arch plugins
* Fix rasm2 -a mips{.gnu} -b16 -e -c micro -d '4fe5'
* Move mcore into the arch
* Support micromips on both gnu and capstone plugins
* Move anal.propeller
* Add micromips cpu for the mips.gnu plugin
* Move nios2 away from anal
* Register RArch plugins to be loaded dynamically

### asm

* Implement .extern directive in rasm2, fix other directives
* Fix ARM assembler for blt, ble, cmn, tst, and teq instructions

### bin

* Fix null deref assert in the TE parser
* Fix unnecessary memory exhaustion in the elf parser
* Fix allocation crash in bin.symbols
* Support elf-micromips auto detection
* DWARF5 line header parsing
* License Plan 9 code as MIT
* Add Plan 9 line number information
* Fix load address of arm64 kernel

### build

* Do not depend on strcasecmp in libzip, build fail on Centos7
* Upgrade v35arm64 to fix non-c99 compilation
* Update to the latest tinycc in the CI
* Remove the need for ios-include.tar.gz
* Use an authorized API call for the abi job to increase the rate limit
* Remove condition on 'linux-static' job
* Integrate ABI diffing into CI scripts
* Add --with-ssl-crypto, rename --with-openssl to --with-ssl
* meson: Install various missing files
* Use fakeroot if available when packaging for debian
* Integrate ABI diffing into CI scripts

### ci

* Upgrade CodeQL actions from v1 to v2
* Update the SPEC file and build RPM packages in the CI
* Update the SPEC file and build RPM packages in the CI

### crash

* Fix infinite loop and null derefs when calling pd from pd in Cr
* Blindfix with a hack and a workaround to fix an UAF in Cr
* Fix an UAF in the visual bit editor
* Fix null deref segfault in Vd1
* Fix UAF in oc
* Fix null deref in io.bank

### debug

* Fix #8992 - Apply command line settings before initializing debug plugin
* Add required A0 register into x86 register profile provided by GDB
* Use proper type for the XMM register inside profile recieved
* Implement dpt. command to print the current selected process

### disasm

* Optimize RAnal.kind() as its called many times with a large buffer from pd
* Bring back and improve the Cr command

### doc

* Reference abidiff's ci usage in doc/abi.md
* Reference doc/abi in DEVELOPERS

### esil

* Fix emulation of the arm64 tst instruction

### fs

* Improve json output for mlj - mountpoint type and delta

### globals

* Remove global in util/lib and just use RLogLevel

### indent

* Balance spacings in braces

### js

* Add experimental r2.cmd0 and r2.call0 for qjs
* Enable stack overflow check when recursive calls
* Improve error messages in the qjs repl
* Rename qjs's dir function to dump
* Support loading/unloading multiple QJS plugins
* Update typescript compiler and move r2plugin into r2
* Fix undefined behaviour in quickjs when casting double to int64
* Fix #21205 - Missing object definition for aoj
* Fix undefined behaviour in double->int cast
* Extra checks and enforce the singleton core plugin
* Improve typescript entrypoint logic detection
* Initial support for javascript core plugins
* Upgrade r2papi-ts from 0.0.4 to 0.0.10
* Support typescript Main namespace and pass --allowJs

### json

* Fix #21205 - Missing object definition for aoj

### lang

* Initial implementation of lang.s assembly scripting
* R_TH_LOCAL two globals in RLang.c
* Reestructure lib dependencies, add lang.asm plugin

### perf

* Massage the bottleneck that was making r2dec super slow
* Some more likely hints in RCore.cmd from valgrind

### print

* Fix pA and pA? (/A was moved into /a)
* Implement pvp and wvp to print and write pointers
* Fix fortune message for #md5 and add ph: variant of "ph "

### qjs

* Add QJS_NOABORT option to avoid aborts

* r2pm

* Improvements for r2pm when getcwd is null
* Add R2PM_NEEDS and auto-install system build deps if possible
* Fix git check before cloning the repo
* Fix R2PM_DEPS first time issue
* Report better errors on first r2pm setup
* Initial experimental support for portable qjs packages

### search

* Implement tire algorithm in

### shell

* Fix assert in ph
* Initial skeleton integration with GNU/Poke
* Fix profiling RCore.cmdCall() via ?t""
* Add help message for the quote command "?
* Implement LAj and LAq commands to list arch plugins
* Implement uname -h, -m, -b, -j ...
* Handle unknown subcommands for t
* pdrj shouldnt be modifying the current seek
* Add -j command as an alias for js:
* Add the ability to run qjs scripts with r2 -je

### slides:xa

* Improve r2slides with title, colors and 2 column mode

### test

* Update libfuzz build instructions
* Add the dwarf fuzzer program
* Add some test for ARM assembler

### tools

* Add R2_DEBUG_NOPAPI env var
* Show error when passing un-even hexpair to rasm2

### visual

* Fix (null) regression in visual bit editor's disasm
* Handle JK in bit editor to move 8 bytes fwd/backward

### vuln

* Fix ANSI Escape Sequence Injection vulns via DWARF

(khorben)

doc: Updated sysutils/py-diffoscope to 233

(khorben)

py-diffoscope: update to 233

Changes in version 233:

[ FC Stegerman ]
* Split packaging metadata into an extras_require.json file instead of using
  the pep517 and the pip modules directly. This was causing build failures if
  not using a virtualenv and/or building without internet access.
  (Closes: #1029066, reproducible-builds/diffoscope#325)

[ Vagrant Cascadian ]
* Add an external tool reference for GNU Guix (lzip).
* Drop an external tool reference for GNU Guix (pedump).

[ Chris Lamb ]
* Split inline Python code in shell script to generate test dependencies to a
  separate Python script.
* No need for "from __future__ import print_function" import in setup.py
  anymore.
* Comment and tidy the new extras_require.json handling.

Changes in version 232:

[ Chris Lamb ]
* Allow ICC tests to (temporarily) fail.
* Update debian/tests/control after the addition of PyPDF 3 support.

[ FC Stegerman ]
* Update regular expression for Android .APK files.

[ Sam James ]
* Support PyPDF version 3.

(khorben)

json-c: introduce an option to build the documentation

The option is left off by default; hence no functional change nor
PKGREVISION bump necessary.

Tested on NetBSD/amd64.

(khorben)

deepstate: no longer download files during the build

With the update of math/py-smt to version 0.9.5, this package should no
longer download components past the "fetch" phase.

Bump PKGREVISION in the process.

Fixes pkg/56374.

(khorben)

doc: Updated math/py-smt to 0.9.5

(khorben)

py-smt: update to 0.9.5

From the release notes:

Intermediate release that collects 2 years of bugfixes and improvements.

Python 2 was deprecated in version 0.9.0, and this version removes the use of compatible code for that version.

What's Changed

* Add support for boolean-typed array in the AtomsOracle by @mikand in #644
* Switched from nosetests to pytest by @mikand in #662
* Fixed a bug in yices quantifier support and added regression test by @mikand in #657
* Fix Boolector install script by @4tXJ7f in #656
* BUG: define UFNIA as logic with integer arithmetic by @johnyf in #659
* Handling of algebraic constants in simplify by @EnricoMagnago in #658
* Integer div by @EnricoMagnago in #667
* Fix CVC4 installation on macOS by @kammoh in #666
* Bug in times distributor by @EnricoMagnago in #671
* Fixed reset_assertion method for incremental-tracking solvers by @mikand in #672
* Minor Corrections by @mfarif in #673
* implement add_assertions method for solver. by @EnricoMagnago in #679
* Fix "get_model" when called from a generic solver (Fix #674) by @btwael in #675
* Remove six and python 2 compatibility code by @marcogario in #684
* Added fallback to Swig3 to address as much as possible issue #682 by @mikand in #685
* Fix to correctly pass logic to solvers started by Portfolio by @ekilmer in #683
* SmtLib model validation support by @mikand in #681
* Fix iss694 by @EnricoMagnago in #695
* Fixed CVC4 installer after upstream repository renaming by @mikand in #697
* Remove call to FNode.substitute in SmtLibExecutionCache by @EnricoMagnago in #699
* Added printing of annotations to smt lib printers by @agirardi-fbk in #703
* Integer div by @EnricoMagnago in #705
* Updated docker images to solve deprecation issue on azure pipelines by @mikand in #706
* Workaround to fix Z3 segfault by @mikand in #713
* Add possibility to use several BV operators as left associative by @agirardi-fbk in #714
* Fixed issue #613 by @mikand in #710

(khorben)

u-boot: fix the build (typo)

(khorben)

doc: Updated sysutils/py-diffoscope to 231

(khorben)

py-diffoscope: update to 231

Changes in version 231:

* Improve "[X] may produce better output" messages. Based on a patch by
  Helmut Grohne. (Closes: #1026982)

Changes in version 230:

[ Chris Lamb ]
* Fix compatibility with file(1) version 5.43; thanks, Christoph Biedl.

[ Jelle van der Waa ]
* Support Berkeley DB version 6.

(khorben)

jitsi-meet-prosody: import missing distinfo file

(khorben)

radare2: remove requirement on Git to build

This removes the need to clone repositories to build radare2.
Thanks wiz@ for the heads up.

Tested on NetBSD/amd64.

No revision bump as the resulting package should be identical.

(khorben)

jitsi-meet: register two users for Makefile.common

(khorben)

doc: Added chat/jitsi-videobridge version 2.0.8138

(khorben)

Add jitsi-videobridge

(khorben)

jitsi-videobridge: import 2.0.8138

Jitsi Videobridge is an XMPP server component that allows for multiuser video
communication. Unlike the expensive dedicated hardware videobridges, Jitsi
Videobridge does not mix the video channels into a composite video stream, but
only relays the received video channels to all call participants. Therefore,
while it does need to run on a server with good network bandwidth, CPU
horsepower is not that critical for performance.

(khorben)

doc: Added chat/jicofo version 2.0.8138

(khorben)

Add jicofo

(khorben)

jicofo: import 2.0.8138

JItsi COnference FOcus is a server side focus component used in Jitsi Meet
conferences.

Conference focus is mandatory component of Jitsi Meet conferencing system next
to the videobridge. It is responsible for managing media sessions between each
of the participants and the videobridge. Whenever new conference is about to
start an IQ is sent to the component to allocate new focus instance. After that
special focus participant joins Multi User Chat room. It will be creating
Jingle session between Jitsi videobridge and the participant. Although the
session in terms of XMPP is between focus user and participant the media will
flow between participant and the videobridge. That's because focus user will
allocate Colibri channels on the bridge and use them as its own Jingle
transport.

(khorben)

doc: Added chat/jitsi-meet-prosody version 2.0.8138

(khorben)

Add jitsi-meet-prosody

(khorben)

jitsi-meet-prosody: import 2.0.8138

Jitsi Meet is an open-source (Apache) WebRTC JavaScript application that uses
Jitsi Videobridge to provide high quality, secure and scalable video
conferences. Jitsi Meet in action can be seen at here at the session #482 of
the VoIP Users Conference.

The Jitsi Meet client runs in your browser, without installing anything else on
your computer. You can try it out at https://meet.jit.si.

Jitsi Meet allows very efficient collaboration. Users can stream their desktop
or only some windows. It also supports shared document editing with Etherpad.

This package contains additional modules for Prosody.

(khorben)

doc: Updated chat/prosody to 0.12.2

(khorben)

prosody: update to 0.12.2

This is a regularly delayed release containing a number of fixes for issues
that we have come across since the last release of the 0.12 series.

Summary of all changes in this release:

Fixes and improvements:

* util.stanza: Allow U+7F when constructing stazas
* net.unbound: Preserve built-in defaults and Prosodys settings for luaunbound
  (fixes #1763: luaunbound not reading resolv.conf) (thanks rgd)
* mod_smacks: Disable not implemented resumption behavior on s2s
* mod_http: Allow disabling CORS in the http_cors_override option and by
  default

Minor changes:

* util.json: Accept empty arrays with whitespace (fixes #1782: util.json fails
  to parse empty array with whitespace)
* util.stanza: Adjust number of return values to handle change in dependency of
  test suite (fix test with luassert >=1.9)
* util.startup: Ensure import() is available in prosodyctl (thanks keyzer)
* mod_storage_sql: Fix initialization when called from prosodyctl
* mod_storage_sql: Fix the summary API with Postgres (#1766)
* mod_admin_shell: Fixes for showing data related to disconnected sessions
  (fixes #1777)
* core.s2smanager: Don窶冲 remove unrelated session on close of bidi session
* mod_smacks: Don窶冲 send redundant requests for acknowledgement (#1761)
* mod_admin_shell: Rename commands user:roles() to user:setroles() and
  user:showroles() to user:roles()
* mod_smacks: Bounce unhandled stanzas from local origin (fix #1759)
* mod_bookmarks: Reduce log level of message about not having any bookmarks
* mod_s2s: Fix firing buffer drain events
* mod_http_files: Log warning about legacy modules using mod_http_files
* util.startup: Wait for last shutdown steps
* util.datamapper: Improve handling of schemas with non-obvious 窶徼ype窶�
* util.jsonschema: Fix validation to not assume presence of 窶徼ype窶� field
* util.jsonschema: Use same integer/float logic on Lua 5.2 and 5.3

(khorben)

doc: Updated devel/radare2 to 5.8.0

(khorben)

radare2: update to 5.8.0

Changes:

  abi

  * RAnalOp.srcs,dsts are not pointers

  anal

  * Working apt and add apl to list function preludes
  * Rename axj to axlj, because axj is for jmp refs
  * Introduce anal.tailcall.delta and use flags for better metrics
  * Improve the tailcall detection logic
  * Improve warning that only seems to happen when anal.nopskip is set
  * Always show all the archinfo, even when not provided by the plug
  * Dont show analysis progress on non-interactive shells
  * Add esil.dfg.mapinfo and esil.dfg.maps config vars
  * Some more improvements to esil_dfg
  * Fix size returned from r_anal_op
  * Fix warning in aflj when parsing vargarg signatures
  * Add register computed const pointer support for esil dfg
  * Add memory computed const pointer support for esil dfg
  * Introduce R_ANAL_ESIL_DFG_TAG_{REG,MEM}
  * Use treebuf io plugin as memory access backed for esil_dfg
  * Fix pickle asm rejecting empty strings
  * Do not recurse noreturn inspection when !addr or -1
  * Generalize vector instruction types instead of following intel-specific
  * Add /au to search for unknown destination jmp/call
  * Add anal.noret and refactor anal.noret.refs
  * Fix #20827 - Show srcs/dsts in aoj
  * Fix aae argument parsing regression in and improve help
  * Add support for stack-computed const pointers in esil_dfg
  * Fix anal.a2f in aac
  * Increase default anal.depth from 64 to 128
  * Clarify which commands are used on each aaaa line
  * Fix anal.depth usage when analyzing one basic block
  * Loongarch analysis bug fixes (bl, race condition)
  * Implement aflxv and aflx? commands
  * Run /azq in aaaa
  * Fix long1,long4 pickle opcodes
  * Fix #20798 - Fix bx after add lr,pc,0 in arm32
  * Fix null pointer in aflxj
  * Implement aflxj
  * Add noreturn column in afll
  * Use RPVector in RAnalOp src/dst to support ldm/stm/simd
  * Fix pickle arch thinking 0 is 64 bit
  * Don't show the linearsize in the afl output
  * Add anal.vars.newstack - configurable improved stack-relative var

  analysis

  * Working apt and add apl to list function preludes
  * Rename axj to axlj, because axj is for jmp refs
  * Introduce anal.tailcall.delta and use flags for better metrics
  * Improve the tailcall detection logic
  * Improve warning that only seems to happen when anal.nopskip is set
  * Always show all the archinfo, even when not provided by the plug
  * Dont show analysis progress on non-interactive shells
  * Do not recurse noreturn inspection when !addr or -1
  * Generalize vector instruction types instead of following intel-specific
  * Add /au to search for unknown destination jmp/call
  * Add anal.noret and refactor anal.noret.refs
  * Fix #20827 - Show srcs/dsts in aoj
  * Fix aae argument parsing regression in and improve help
  * Fix anal.a2f in aac
  * Increase default anal.depth from 64 to 128
  * Clarify which commands are used on each aaaa line
  * Loongarch analysis bug fixes (bl, race condition)
  * Implement aflxv and aflx? commands
  * Run /azq in aaaa
  * Add noreturn column in afll
  * Add anal.vars.newstack - configurable improved stack-relative var

  api

  * Make RReg refcounted
  * Implement {ctz|clz}{32|64} RNum
  * Define RPluginMeta and RPluginStatus
  * Add new RCore.cmdCallf() helper function
  * Merge RParse into RAsm
  * Refactor RLang api to use the new design
  * Fix null deref on wrong api usage for RCore.cmdStr
  * Moving more logic between asm, arch, parse and anal
  * RAnalEsil -> REsil api refactor
  * Deprecate reil and sysarch defines
  * More refactorings and api redesigns in r_arch
  * Remove eprintf calls in favor of R_LOG
  * Implement RReg.clone()
  * Deprecate r_str_dup() - related to #20959
  * Rename RVector.len to RVector.length for consistency
  * Remove the unnecessary RThread.CpuAffinity()
  * Add portable NaN and INF defines for different float sizes
  * Deprecate r_cons_eprintf and use R_LOG instead
  * Rename RStr.home() to RFile.home() as part of the Plan
  * Rename r_mem_memzero to r_mem_zero
  * Prefer _tostring() instead of _to_string()
  * Improve r_ref implementation with debugging support
  * R_BIN_NM -> R_BIN_LANG
  * Implement thread-safe refcounting - but disabled by default
  * Deprecate the unused RFList
  * Implement r_str_ntrim() and speedup r_str_trim() with it
  * Initial implementation of RString (30% faster than RStrBuf)
  * Implement r_sys_getenv_asint
  * Add r_cons_is_initialized
  * Boolify r_core_yank_file_all() and fix shadow var bug
  * Add r_file_is_executable and r_file_extension apis
  * Fix UB bug when using r_vector random access
  * Change R_LOG_INFO to R_LOG_TODO where suitable
  * Merge rhash into rcrypto and improve apis
  * Fix memory leak in r_str_list_join()
  * Boolify and rename some methods and fields from RFS
  * Add .author field in all the RLang plugins
  * Add a public api for the yank-unset action
  * Constify the help

  arch

  * Add the arch.preludes() callback and new RSearchKeyword constructor
  * Move anal.v850 to arch
  * Fix counted string bug in pickle
  * Fix negative unsigned cast in the xtensa disassembler
  * Add RAnalOp.weakbytes() and move more analop apis to arch
  * Move anal.xap into the arch
  * Update tests and better arch.patch/modify callback
  * Move anal.{6502,snes} into arch
  * Kill RAsmOp, we can reuse RAnalOp in here
  * Improve pickle disasm on invalid instructions
  * Remove RAsmPlugin struct and add the 'aia' command to show archinfo
  * Move the remaining asm plugins into the arch
  * Minor plugin selection improvements
  * Move asm.nasm into the arch
  * Move asm.vasm into arch.any_vasm
  * Assemble large pickle instructions
  * Fix and move failing tests, reorder lib build
  * Move the arm assembler plugin from asm to arch
  * Temporary add RAnal as dependency for REgg
  * Improve x86.nz assembler parsing and other bugs in rnum
  * Initial implementation of the arch.any.as plugin
  * Better handle of RNum errors for egg and arch.x86.nz
  * Support reg+idx and idx+reg in x86.nz assembler
  * Move the x86.nz plugin
  * Fix asm.acur supporting arch, anal and asm plugins
  * Fix asm.acur supporting arch, anal and asm plugins
  * Move anal_riscv to arch_riscv
  * Fix rasm2 -LLL using the new multi-bits macros
  * Introduce RSysBits and its packing/checking macros
  * Implement archinfo() in RAnal.Plugin.tms320
  * Deprecate the unused RArchPlugin.esil field
  * Use PJ to return the list of mnemonics aoml in arm.v35
  * Move anal.rsp to the new home
  * Move anal.v810 into arch.v810
  * Move pickle from anal to arch and add it to meson
  * Remove anal.malbolge and fix CI r_esil issues
  * Move the 'sh' plugin to the new home
  * Honor plugin name in rate matching for RArch.use
  * Move jdh8 from asm/anal to arch
  * Unify RArchOp into RAnalOp using common include files
  * Fix RArchOp.refptr from bool to int
  * Bump cs5 to support FNOP on m68k
  * Wire-up RArch into RAnalOp
  * Fix arm64 plugin to work well with latest arm64 changes in capstone
  * Use the latest capstone5-next with updated aarch64 support
  * Copy anal_amd29k.c to rarch
  * Change arch plugin definition
  * Add some more arch config vars
  * Introduce arch.endian config var
  * Instantiate RArch in anal
  * Introduce RArchConfig->decoder
  * Add R_LIB_TYPE_ARCH and i4004 arch-plugin
  * First arch plugin (arch.null), implement basic lib api
  * Start moving EVM analysis from extras to core
  * First implementation of r_arch decoder api
  * Introduce the new r_arch library, just the skeleton
  * Add some r_arch api declarations
  * Initial commit on RArch structs

  asm

  * Deprecate more unused fields from RAsmPlugin
  * Fix the parse.z80.pseudo plugin and add a test
  * Remove the unused RAsm.binb
  * Internal cleanup of asm.c, deprecate the disassembly callback
  * Load cpu descriptions for multiarch plugins
  * Fix rasm2 x86.nz for "xchg eax,eax" and add tests

  bin

  * Fix JSON encoding of section addresses
  * Add test for cwd source listing, CLL and list
  * Add warning when loading DWARF5 files (not supported)
  * Add test for the obm with CL, support noncwd paths
  * Use obm when spotting a companion dwarf file on macOS
  * Implement RBinFile.merge() and obm command to use it
  * Initial implementation of the ob-- command to close the last binobj
  * Autoload the dwarf companion file on macOS systems if available
  * Use rabin2 -rO for raw dump operations
  * Use glob expressions to specify section name to dump
  * Fix #14540 - klass->super must be an RList instead of char*
  * Support for Xbox 360 PE32 architecture (PPC BE)
  * Fix wrong detection of main in elf-arm32
  * Fix rabin2 -gj and add tests
  * Add bin.types and disable by default for CI reasons
  * Support loading Plan 9 kernels
  * Use API instead of commands to autoload a pdb
  * Fix #21020 - fix json format for rabin2 -jM when no main is found
  * Expose section type for coff, elf and macho formats
  * Fix #18375 - Only patch arm64 relocs when not initialized
  * Add experimental bin.str.nofp config for less false positives
  * Parse the PT_DYNAMIC elf section for the preinit pointers
  * Fix validation check in xnu
  * Initialize macho header pf definitions
  * Speedup class bin loading with bin.filter=false
  * Implement 'ic.' command
  * Fix initial seek for Rosetta2 aot binaries
  * Silent noisy warning in dwarfprocess
  * Expose klass->super details for objc categories
  * Include fields in the ic output
  * Enable the swift metadata parser by default and import classinfo
  * Add lang field for classes, symbols and methods, expose it via ic
  * Warn about unpatched relocs when no bin.cache is set for macho fixups
  * Add support for 32bit Mach-O fixups
  * Expose the macho reloc fixups and use internal buffer for parsing
  * Fix obf and add tests for it
  * Fix Cd4[ invalid syntax used in macho _const section
  * Expose the id_dylib macho command info into the bin kv
  * Enlarge the c++ demangler stack limit to solve a warning
  * Implement Dwarf.register identifier mapping for v850
  * Infuse asm.cpu from the elf flags for v850 ELFs
  * Remove asm.features, improve RBinInfo with flags and abi details
  * Improve brainfuck detection to reduce false positives
  * Implement dwarf.regName() for arm64
  * Import the free pascal symbol demangler from rizin

  build

  * Double lowerdash defines should be defined only by the compiler
  * Fix and improve static build, faster libr.a with libtool if available
  * Improve libr.a creation with ar -rcT instead of ar -x
  * Speedup tcc builds by not using -g
  * Move esil one level up in libs.mk
  * Update sdb to remove double include paths
  * Fix compilation with -lcrypto
  * Do not use macos-latest (macos-11 is fine for LTS)
  * Update the capstone4 support to 4.0.2
  * Fix zig's @Cinclude of r_th.h
  * Add crosscompiling support with sys/zig.sh
  * Do not install the v35 archives (-50MB) in make install
  * Fix capstone dynamic memory allocation setup issue
  * Support sys/debian.sh crossbuilds
  * Remove unused lc-printscan-long-double wasi flag
  * Check if CWD contain spaces in sys/install.sh
  * Add the acr --enable-threadsafety flag and the same for meson
  * Fix meson infinite loop
  * Disable libuv by default on meson and acr
  * Change build order as long as now bin depends on fs

  ci

  * Test r2 build with all sysdependencies enabled
  * Upgrade al-cheb/configure-pagefile-action to the v1.3
  * Run unit tests in parallel
  * Upgrade github actions/checkout from v2 to v3
  * Upgrade actions/upload-artifact from v2 to v3

  cmd

  * Fix bugs in aeg command parser

  config

  * Deprecate the use of comma in e: as stated in the r2580 prophecy
  * Deprecate graph.web eval config var
  * Remove the file.offset unused config variable

  cons

  * Fix static themes listing
  * Add support for statically compiled themes
  * Fix Ctrl+Arrow dietline shortcut for word cursor
  * Fix console history log path regression

  core

  * Enable cmd.undo by default
  * Rename many bin.str evars into bin.str.
  * Use XDG instead of R2_HOME_CACHEDIR and R2_HOME_HISTORY
  * Initial support for XDG env vars and paths
  * Fix RConfig.setB when the key doesnt exist
  * Deprecate scr.seek configuration variable
  * Initial implementation of R_LOG_TODO

  crash

  * Fix segfault in poa 1
  * Fix integer overflow in fuzzed dwarf rendering in graphs
  * Fix use-after-free after @@@e spotted by meme
  * Fix UAF in aaft when the BB is removed during the loop
  * Fix UAF on quit exposed by r2frida

  crypto

  * Initial abi breaking changes in RCrypto/RHash
  * Fix rahash2 -L listing full hash
  * Initial work on the way RCrypto handles plugins
  * Separate SM4 algorithm from plugin
  * Implement the SIP hash algorithm

  debug

  * Bring back the 'dms' command
  * Fixed incorrect thread arena output
  * IO uses PID to read from child, tid is just for regs
  * Fix r2 -d foo\bar.exe and r2 -d bar.exe on windows
  * Make RDebug.regRead() and regWrite() return bool

  decompiler

  * Improve the outpuf of pdc by trimming the addresses of inline nops and colorize numbers
  * Add colorization support to pdc output

  disasm

  * Implement asm.bytes.align to justify them to the right
  * Fix char auto-comment in cmp instructions
  * Improve pseudodisasm for arm64
  * Improve arm.pseudo when no function information is available
  * Fix mips.pseudo shortpath when function is null
  * Fix x86.pseudo shortpath when function is null
  * Fix NULL function xrefs in pd
  * Implement asm.flags.right option
  * Add dummy parse.evm plugin to fix portability of test
  * Add a dummy bpf pseudo plugin
  * Add RParse.justify() to easily fix commas and spaces
  * Better spacing in arm.pseudo parse plugin

  esil

  * Initial support for threads in esil
  * Fix #21052 - wrong emulation for pop rsp
  * Move anal.esil into the new esil
  * Add aegb command as an alias for 'aeg pieq $Fi'
  * Add aegn command to combine N esil instructions into one dfg
  * Use a function instead for the spaguetti code in all cmp esil opcodes -30LOC

  globals

  * Remove one global variable in RCore.cmdEval()
  * Remove two globals from RCons.cpipe
  * Remove the 3 globals in anal.xtensa
  * Remove 3 globals from anal.tricore
  * Remove the 3 globals from anal.vax
  * Remove 3 globals from anal.nios2
  * Remove 3 globals from anal.arc
  * Remove 3 globals from anal.sparc.gnu
  * Remove 3 globals from anal.sh
  * Remove 3 globals from anal.alpha
  * Remove 3 globals from anal.lanai.gnu
  * Remove 3 more globals from anal.pdp11
  * Remove 3 globals from anal.hppa
  * Remove 3 globals from anal.m68k.gnu
  * Remove the 3 globals in anal.ppc.gnu
  * Remove 3 globals from anal.cris
  * Remove 4 globals from anal.mips.gnu
  * Deglob 4 vars in the arm.gnu disassembler
  * Remove 3 globals in s390.gnu
  * Remove 10 more globals from analysis and capstone
  * Remove 3 globals in ccarg analysis
  * Remove all global variables from RCrypto
  * Move colortable global into the RConsContext
  * Remove global from utf8
  * Remove the last global variable in libmagic
  * Remove in_log_process global
  * Remove global in bin.obj.reloc_patch
  * Remove global variable in esil loop

  graph

  * Initial work in graph.bubble for custom bg color in nodes
  * Honor graph.layout in aegv too, instead of harcoding horizontal one
  * Deprecate aegi and aggi, those were dupes for aegv and aggv
  * Fix null deref in agg and avoid destructive manners of 'V ,'

  help

  * Make the anal.depth warning more useful

  indent

  * Balance spacings in braces

  io

  * Initial implementation of the generic io-stream api
  * Fix UAF in streaming io plugins when used with io.va=1
  * Remove invocation of v layer cache in r_io_desc_read
  * Start rewriting io_cache.c
  * Kill r_io_read_at_mapped
  * Initial import of the serial plugin
  * Kill io->buffer
  * Remove unused fcn declarations
  * omfg runs omm if no map is set
  * New o++ command to create and open a new file
  * Add "reset" system command to treebuf io plugin
  * Minor bugfix in treebuf io plugin
  * Add treebuf io plugin
  * Fix free-before-use on r_io_reopen of a rbuf:// fd/desc
  * Handle reloc maps properly in r_io_map_remap and r_io_map_resize
  * Fix reloc map memleak
  * Add rio reloc maps
  * [5.8.0] Disable the default io.basemap

  json

  * Fix tj ttj tfj outputs
  * Fix invalid json in tj command
  * Fix #20772 - ihj rendering an invalid json because of pfj

  lang

  * Make r2 -j work as a hashbang handler for qjs
  * Enable BigNum in qjs
  * Use r2papi 0.0.4 with base64 and R2Api is now known as R2Papi
  * Add requirejs, simplify compilation and add js_ prefix to all the c files
  * Add typescript support
  * Minor improvements for js: with r2.call() and r2.cmdj
  * Enable Bignum support to the QJS interpreter
  * Import the alpha r2papi 0.0.2 api for qjs
  * Integrate the qjs repl into the js: command
  * Initial import of the interactive QJS repl
  * Import the quickjs rlang plugin
  * Implement py command and add stdin slurp support for js- too
  * Add 'js' and 'js:' commands, as well as improve help for #!?
  * Fix null deref in rlang
  * Add "lua" as an alias for "#!lua"

  leaks

  * Fix leaks in pdc
  * Fix more memory leaks in rbin and ranal for arm64
  * Patch more leaks in the analysis and rbin
  * Some safe memleaks related to analysis and registers refcounting
  * Fix memory leak in dietline

  lint

  * Enable the leading spaces linter rule and fix them all
  * Use more tabs and add a (disabled for now) linter for it

  logs

  * Redirect RLog messages into the Corelog
  * Add base64 support to the T and T* commands

  panels

  * Add ve command to set fg/bg colors for current panel

  print

  * New RPrint.spinBar() API used from scr.demo for now
  * Fix pcc trifids confussion issue
  * New command CLL (aka list) show function source using addrline (dwarf) info
  * Fix #21080 - Add cfg.codevar to change the buffer varname from pc
  * ASN.1 and x509: correct OCTET_STRING and Public key info parsing
  * Add ASN1 Algorithm Identifiers for Edwards curves
  * Fix #20993 - Correct ASN.1 BIT_STRING parsing
  * Implement pcn command to print bytes as space separated numbers
  * Add support for the swatch dot-beat internet time
  * Workaround for "too large buffer" in formats
  * px* is an alias for pc*
  * Implement pFoj command
  * Implement pFaj for asn1 json decoding
  * Initial refactoring/cleanup of ASN1 parser api
  * Add pFxj command to print x509 certificates in JSON format
  * Add pFpj command to print PKCS7 files as JSON
  * Fix issue in 'pdc' that was showing empty orphan nodes
  * Implement new 'pcq' command, like pc, but inline-include-friendly
  * Implement the new pieb command as an alias for pie $Fi
  * Fix read buffer overflow in pxq -272
  * Implement pFbJ command with quiet and verbose json formats
  * Implemen pFbj for json printing of protobuf
  * Set hex.hdroff=true by default
  * Implement pFAj to render android xml in JSON (abi break)
  * Implement TSV output format for RTable

  projects

  * Fix some problems when renaming projects
  * Fix some bugs in projects
  * Quote commit message to avoid git error when saving project
  * @radare Do changes in Px->Pc, Pc->PS* as planned

  r2pipe

  * Check magic header before assuming an interpreted file is executable

  r2pm

  * Fix assert in Str.Trim() when r2 is not installed
  * Add support for tarball and zip packages
  * Honor EDITOR in r2pm -e
  * Remove all the references to the old r2pm.sh
  * Implement R2PM_FAIL and mark it as deprecation for r2-5.9.x
  * Implement r2pm -cp like it was in r2pm.sh
  * Fix clean installations with r2pm -c
  * Expose R2PM_SUDO and list R2PM_PREFIX in -H
  * Handle -HH in r2pm for verbose env listing and remove unused R2PM_GITSKIP
  * Fixes pull/install/uninstall on windows
  * r2pm -Ui can be combined now and fix extras package building
  * Honor R2PM_DBDIR env var
  * Honor -f in r2pm -U to force clean the r2pm db
  * Support XDG on r2pm and expose the PKG_CONFIG_PATH
  * Expose R2_LIBEXT for r2pm packages
  * Update r2pm manpage and add -q and -a flags
  * Show package source with r2pm -d
  * Implement r2pm -H to make more packages build
  * Fixes parsing the GIT URL on some packages
  * Test the new default native r2pm fix flushing and using RLOG
  * Make R2PM_NATIVE the default and provide R2PM_LEGACY

  r2r

  * Fix rvector assert when indexing empty ones

  refactor

  * Move the RParse.cparse into RAnal.cparse
  * Stop aeg from abusing agg
  * Rename R_ANAL_ESIL_DFG_BLOCK_ to R_ANAL_ESIL_DFG_TAG_
  * Rename EsilDFGRegVar to EsilDFGVar and introduce EsilDFGVarType
  * Avoid using RArchConfig->big_endian
  * Add addr_bits to RArchPlugins and make info and decode cbs cfg aware
  * Add archcond api to rarch, some small cleanup in anal
  * Make bitness, endianess and esil-support fields of RArchPlugin again
  * Copy value.c and op.c from anal to arch
  * Copy switch.c from anal to arch
  * Add some more typedefs and enums to r_arch
  * Rename r_arch_set_ to r_arch_config_set_
  * Rename R_ASM_SYNTAX to R_ARCH_SYNTAX
  * Simplify x86_cs BSR and BSF esil
  * Use r_strbuf_replacef in anal_mips_gnu esil generation
  * Use r_strbuf_replacef in anal_mips_cs esil generation

  rvc

  * Initial refactoring of the version control api
  * Move rvc from core to util
  * Fix rvc.commit when non-interactive with a default message

  scan

  * Fix crash in the swift metadata parser spotted by coverity

  search

  * Fix JSON encoding of unsigned search values
  * Fix /au after aeim
  * Fix /w and /wi, add tests, minor code cleanup
  * Add r_anal_optype_index to make /atl and /at use full listings of optypes
  * Support space separated instruction types and family in /at and /af
  * Improve json output for /asj and /atj
  * Fix calling /re twice after ^C
  * /az uses anal.in instead of search.in to improve scan results
  * Make /az faster after aeim, skipping unrelated regions
  * Fix last char bug in swift strings found with /az
  * Add x86-64 support to /az
  * Add flags under the asm.str flag prefix when doing /az
  * Honor bin.minsz in /az is no argument is provided
  * Implement /azq to search for assembly strings and add tests
  * Implement the new /az command to find assembly constructed strings
  * Superseed #20447 - remove some magic globals

  shell

  * Fix ?vi:123 and ?v:123 commands
  * Print whatever is taken from io_system to rcons
  * Fix runtime warning after leaving an rlang session
  * Add "" command to run RCore.cmdCall()
  * Fix #21136 - o <tab> autocompletion not working
  * Show help when using invalid subcommand of afi
  * Implement abo and afbo commands to list opcode offsets in function or bb
  * Implement o-. command, add help for future o-$
  * Expose RCore.cmdCall() and fix b64: command + add tests
  * Show number conversion error messages in ?v command
  * Fixes for the line editor using live save/load with new RFile apis
  * Implement oe command to open a file using cfg.editor
  * Add quiet and table listing for lang plugins
  * Implement Ll, Llq and #!?q commands for better rlang listing
  * Fix r2 /directory behaviour
  * Support $r:REGNAME syntax and document it
  * Implement cmd.usr1 and cmd.usr2 to handle signals on unix
  * Add #!qjs and #!tiny for autocompletion
  * Fix behaviour of -a and -b flags (no arg= show current, append? for help)
  * Rename the drm command to drv for consistency
  * Add -s -i -f r2 commands
  * Implement -a, -b, -c and -e commands in r2
  * Add tabhelp exception for pf.
  * Add r2 -LL to list core plugins
  * Improve help message for f subcommands
  * Take into account static themes when listing
  * Add ot command as an alias for touch
  * Implement the ji: command as an alternative to ~{} without cons filtering
  * Also handle (j) and (*), more syntax-consistent and add a test
  * Implement (j for json output of macro commands
  * Initial implementation of ?ie
  * Add missing help for the '?i?' command
  * Use RCoreHelp for /ca?
  * Fix #20760 - Implement native gron via ~{=}
  * Remove RPrintRowlog and use R_LOG isntead
  * Allow changing number of saved input lines
  * Implement log.source and log.origin
  * Add the new ucu and ucd commands using the new core-undo apis
  * Rename asm.{off} variables to asm.offset

  syntax

  * Move the preincrement and void arg from tests to lint.sh

  threads

  * Initial ref-counted RRegItems, needed for threadsafety
  * Move the readahead logic to a local variable
  * Guard more critical sections in cons and core
  * Analysis now waits in background for the bin parsing to finish
  * Add some RThreadLocks and start to use the critical sections

  thready

  * Dont call RCore.seek() and read a new buffer in disasm

  tools

  * rax2: corrects base64 encoding for null bytes
  * Fix r2 -2
  * Fix broken tests for long number conversion
  * Fix base64 null byte decoding bug in rax2
  * Implement rasm2 -LLL to list arch plugins
  * Add Ls to list assemblers, and LA to list analysis plugins
  * Bring back the r2 -t for parsing bin and analysing in background
  * rarun2 supports multiple preload directives

  util

  * Fix the XML parser
  * shlr/yxml -> libr/util/rxml - fork the abandoned yxml parser and expose it
  * Add RStr.ansiStrip() and RStr.insert()
  * Improve internal RBuffer API checks
  * Add log error when pj depth limit reached
  * Add R_SYS_BITS_12
  * Introduce R_SYS_BITS_4
  * Add :header and :noheader in RTable
  * Fix crash in r_vector_shrink
  * Minor COV fix in r_str_char_count
  * Fix return type of r_str_char_count
  * Add new RStr.replaceAll() api
  * Use R_PRINTF_CHECK for r_strbuf_replacef
  * Add r_strbuf_replace{f}

  vc

  * Initial rvc refactoring and cleanup of the api
  * Move rvc apis into callbacks
  * Make ravc2 accessible via blob and r2 shell

  visual

  * Use RAnalOp instead of RAsmOp in r_core_visual_bit_editor
  * Fix issue with cursor disappearing towards the bottom of the screen
  * Don't draw two cursors when too many bytes are on disasm panels
  * Make j/k movement in panels' cursor mode more consistent with it's visual counterpart
  * Don't skip byte when moving left/right in cursor mode (disassembly panel)
  * Fix pdc glitching in panels
  * Handle arrow keys in VT
  * Handle JK0 keys in VT
  * Honor cmd.vprompt and scr.notch in VT
  * RStr.wrap() supports ansi and use it in VT
  * Implement Tv command and use it from VT
  * Fix the cache and other bugs in panels
  * Override scr.maxpage in panels to avoid undesired prompts

  wasm

  * Upgrade to the latest wasi16 sdk

(khorben)

doc: Updated sysutils/py-diffoscope to 229

(khorben)

py-diffoscope: updated to 229

Changes in 229:

[ Chris Lamb ]
* Skip test_html.py::test_diff if html2text is not installed.
  (Closes: #1026034)

[ Holger Levsen ]
* Bump standards version to 4.6.2, no changes needed.

Changes in 228:

[ FC Stegerman ]
* As an optimisation, don't run apktool if no differences are detected before
  the signing block. (Closes: reproducible-builds/diffoscope!105)

[ Chris Lamb ]
* Support both the python3-progressbar and python3-progressbar2 Debian
  packages, two modules providing the "progressbar" Python module.
  (Closes: reproducible-builds/diffoscope#323)
* Ensure we recommend apksigcopier. (Re: reproducible-builds/diffoscope!105)
* Make the code clearer around generating the Debian substvars and tidy
  generation of os_list.
* Update copyright years.

Changes in 227:

[ Chris Lamb ]
* Don't attempt to attach text-only differences notice if there are no
  differences to begin with. (Closes: #1024171, #1024349)
* Don't run Python decompiling tests on Python bytecode that both file(1)
  cannot yet detect and Python 3.11 cannot demarshall. (Closes: #1024335)

(khorben)

doc: Added textproc/libfyaml version 0.7.12

(khorben)

textproc: add libfyaml

(khorben)

libfyaml: import version 0.7.12

libfyaml is a fancy 1.2 YAML and JSON parser/writer.

Fully feature complete YAML parser and emitter, supporting the latest YAML spec
and passing the full YAML testsuite.

It is designed to be very efficient, avoiding copies of data, and has no
artificial limits like the 1024 character limit for implicit keys.

libfyaml is using https://github.com/yaml/yaml-test-suite as a core part of its
testsuite.

(khorben)

deforaos-configure: address a few warnings from pkglint(1)

(khorben)

deforaos-configure.mk: register one more user

(khorben)

doc: Updated www/deforaos-surfer to 0.3.1

(khorben)

deforaos-surfer: update to 0.3.1

This new release contains:

* Port to the WebKit2 API (the default)
* Removal of download(1) with the WebKit2 API (could not be ported yet)
* Additional documentation
* Renaming of the XDG desktop files

This also makes use of the helper for DeforaOS configure, found in
devel/deforaos-configure/deforaos-configure.mk.

(khorben)

gitea: use find(1) in a more portable way

Verified on NetBSD, Linux (Debian 10.13), and macOS (all amd64).

No changes to the package observed, so no revision bump.

(khorben)

doc: Updated www/gitea to 1.16.9

(khorben)

gitea: update to 1.16.9

Changes since 1.16.8:

SECURITY

* Add write check for creating Commit status (#20332) (#20334)
* Check for permission when fetching user controlled issues (#20133) (#20196)

BUGFIXES

* Hide notify mail setting ui if not enabled (#20138) (#20337)
* Add write check for creating Commit status (#20332) (#20334)
* Only show Followers that current user can access (#20220) (#20253)
* Release page show all tags in compare dropdown (#20070) (#20071)
* Fix permission check for delete tag (#19985) (#20001)
* Only log non ErrNotExist errors in git.GetNote (#19884) (#19905)
* Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893)
* Set Setpgid on child git processes (#19865) (#19881)
* Import git from alpine 3.16 repository as 2.30.4 is needed for safe.directory = '*' to work but alpine 3.13 has 2.30.3 (#19876)
* Ensure responses are context.ResponseWriters (#19843) (#19859)
* Fix incorrect usage of Count function (#19850)
* Fix raw endpoint PDF file headers (#19825) (#19826)
* Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780) (#19811)
* Don’t return 500 on NotificationUnreadCount (#19802)
* Prevent NPE when cache service is disabled (#19703) (#19783)
* Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774)
* Fix doctor pq: syntax error at or near “.” quote user table name (#19765) (#19770)
* Fix bug with assigneees (#19757)

(khorben)

doc: Added sysutils/py-reprotest version 0.7.22

(khorben)

sysutils: add py-reprotest

(khorben)

py-reprotest: import version 0.7.22

reprotest builds the same source code twice in different environments, and then
checks the binaries produced by each build for differences. If any are found,
then diffoscope(1) (or if unavailable then diff(1)) is used to display them in
detail for later analysis.

(khorben)

doc: Added devel/py-rstr version 3.2.0

(khorben)

devel: add py-rstr

(khorben)

py-rstr: import version 3.2.0

rstr is a helper module for easily generating random strings of various types.
It could be useful for fuzz testing, generating dummy data, or other
applications.

(khorben)

doc: Updated sysutils/py-diffoscope to 226

(khorben)

py-diffoscope: update to 226

Changes since 224:

[ Christopher Baines ]
* Add an lzip comparator with tests.

[ Chris Lamb ]
* Add support for comparing the "text" content of HTML files using html2text.
  (Closes: #1022209, reproducible-builds/diffoscope#318)
* Misc/test improvements:
  * Drop the ALLOWED_TEST_FILES test; it's mostly just annoying.
  * Drop other copyright notices from lzip.py and test_lzip.py.
  * Use assert_diff helper in test_lzip.py.
  * Pylint tests/test_source.py.

[ Mattia Rizzolo ]
* Add lzip to debian dependencies.

[ Chris Lamb ]
* Add support for detecting ordering-only differences in XML files.
  (Closes: #1022146)
* Fix an issue with detecting ordering differences. (Closes: #1022145)
* Add support for ttx(1) from fonttools.
  (Re: reproducible-builds/diffoscope#315)
* Test improvements:
  - Tidy up the JSON tests and use assert_diff over get_data and manual
    assert in XML tests.
  - Rename order1.diff to json_expected_ordering_diff for consistency.
  - Temporarily allow the stable-po pipeline to fail in the CI.
* Use consistently capitalised "Ordering" everywhere we use the word in
  diffoscope's output.

(khorben)

doc: Updated sysutils/py-diffoscope to 224

(khorben)

py-diffoscope: update to 224

Changes:

[ Mattia Rizzolo ]
* Fix rlib test failure with LLVM 15. Thanks to Gianfranco Costamagna
  (locutusofborg) for the patch.

[ Chris Lamb ]
* The cbfstools utility is now provided in Debian via the coreboot-utils
  Debian package, so we can enable that functionality within Debian.
  (Closes: #1020630)

[ Mattia Rizzolo ]
* Also include coreboot-utils in Build-Depends and Test-Depends so it is
  available for the tests.

[ Jelle van der Waa ]
* Add support for file 5.43.

[ Mattia Rizzolo ]
* Use pep517 and pip to load the requirements. (Closes: #1020091)
* Remove old Breaks/Replaces in debian/control that have been obsoleted since
  bullseye

* Don't crash if we can open a PDF file with PyPDF but cannot parse the
  annotations within. (Closes: reproducible-builds/diffoscope#311)
* Depend on the dedicated xxd package, not vim-common.
* Update external_tools.py to reflect xxd/vim-common change.

* Support Haskell 9.x series files and update the test files to match. Thanks
  to Scott Talbert for the relevant info about the new format.
  (Closes: reproducible-builds/diffoscope#309)
* Fix a regression introduced in diffoscope version 207 where diffoscope
  would crash if one directory contained a directory that wasn't in the
  other. Thanks to Alderico Gallo for the report and the testcase.
  (Closes: reproducible-builds/diffoscope#310)

More at https://diffoscope.org/

(khorben)

doc: Updated devel/deforaos-asm to 0.2.7

(khorben)

deforaos-asm: update to 0.2.7

This release addresses:

* Wrong indexes for ELF architectures (reported by he@, thanks!)
* Build issue on NetBSD/ppc (also reported by he@, thanks!)
* Test failures on Linux

(khorben)

doc: Updated net/py-dnsdiag to 2.0.2

(khorben)

py-dnsdiag: update to 2.0.2

Changes in version 2.0.2:

* Small bug fixes and improvements

Changes in version 2.0.1:

* Add support for DNSSEC
* Add -F to display flags for each response (dnsping)
* Display full response in verbose mode (dnsping)
* Add DoT (DNS over TLS) support (dnsping, dnseval)
* Add DoH (DNS over HTTPS) support (dnsping, dnseval)
* Add TCP support
* Improved JSON output support for dnseval
* Refactor and PEP8 cleanup
* Do not use system resolver when not needed
* Add support for user defined source IP address
* Add user-specified destination port (-p/--port)
* Improve error handling
* Display last response code for each entry
* Rework custom socket and custom TTL support
* Rework time calculation logic to eliminate an extra DNS request that
  was just sent for timing (dnstraceroute)
* Update docs (output samples, use cases, etc)
* Use proper terminology (in code) to reduce confusion

(khorben)

hplip: fix the build with the "sane" option

Tested on NetBSD/amd64.

(khorben)

deforaos-asm: fix the build

The package did not declare its use of pkg-config.

Tested on NetBSD/amd64.

(khorben)

doc: Updated databases/deforaos-libdatabase to 0.1.0

(khorben)

deforaos-libdatabase: update to 0.1.0

This release brings:
* re-licensing to 2-clause BSD
* additional documentation

While there, move the manual pages to the correct directory.

Tested on NetBSD/amd64.

(khorben)

doc: Updated databases/deforaos-libdatabase to 0.0.3

(khorben)

deforaos-libdatabase: update to 0.0.3

This release brings:
* fixes to the build
* additional tests

Tested on NetBSD/amd64.

(khorben)

deforaos-configure: register a new user for the helper

(khorben)

deforaos-libdatabase: use the helper for DeforaOS configure

This is as found in devel/deforaos-configure/deforaos-configure.mk.

Tested on NetBSD/amd64; NFCI.

(khorben)

deforaos-libdatabase: fix the build

The package did not declare its use of pkg-config.

Found by a bulk build of mef@, heads-up by wiz@. Thanks!

Tested on NetBSD/amd64.

(khorben)

deforaos-cpp: fix the build

The package did not declare its use of pkg-config.

Found by a bulk build of mef@, heads-up by wiz@. Thanks!

Tested on NetBSD/amd64.

(khorben)

prosody: support Lua 5.4 and improve security

The changes here are:

* prosody can be built with Lua 5.4 (as recommended since the 0.12
  series), also thanks to lua-unbound being available for Lua 5.4
* the prosody user's home directory is back to the default /nonexistent
  (prosody finds its own data directory nonetheless, as it is a
  compile-time option)
* the corresponding directories created (data directory, PID directory,
  logging) do not seem to actually require write access (or not anymore)

These last two changes together get rid of the security report "user
prosody home directory is group writable" from the daily insecurity
checks on NetBSD.

Tested on NetBSD/amd64.

(khorben)

lua-unbound: support building with 5.1 <= LUA_VERSION <= 5.4

(khorben)

doc: Updated editors/vim-xaw to 8.2.5172

(khorben)

doc: Updated editors/vim-motif to 8.2.5172

(khorben)

doc: Updated editors/vim-lang to 8.2.5172

(khorben)

doc: Updated editors/vim-gtk3 to 8.2.5172

(khorben)

doc: Updated editors/vim-gtk2 to 8.2.5172

(khorben)

doc: Updated editors/vim to 8.2.5172

(khorben)

doc: Updated editors/vim-share to 8.2.5172nb1

(khorben)

vim: update to 8.2.5172

On behalf of morr@ "please go ahead"

This includes security fixes. (more pending)

Tested on NetBSD/amd64.

XXX pull-up to pkgsrc-2022Q2

Changes:
8.2.4722  ending recording with mapping records too much
8.2.4723  the ModeChanged autocmd event is inefficient
8.2.4724  current instance of last search pattern not easily spotted
8.2.4725  unused variable in tiny build
8.2.4726  cannot use expand() to get the script name
8.2.4727  unused code
8.2.4728  no test that v:event cannot be modified
8.2.4729  HEEx and Surface templates do not need a separate filetype
8.2.4730  MS-Windows GUI: cannot use CTRL-/
8.2.4731  the changelist index is not remembered per buffer
8.2.4732  duplicate code to free fuzzy matches
8.2.4733  HEEx and Surface do need a separate filetype
8.2.4734  getcharpos() may change a mark position
8.2.4735  quickfix tests can be a bit hard to read
8.2.4736  build problem for Cygwin with Motif
8.2.4737  // in JavaScript string recognized as comment
8.2.4738  Esc on commandline executes command instead of abandoning it
8.2.4739  accessing freed memory after WinScrolled autocmd event
8.2.4740  when expand() fails there is no error message
8.2.4741  startup test fails
8.2.4742  there is no way to start logging very early in startup
8.2.4743  clang 14 is available on CI
8.2.4744  a terminal window can't use the bell
8.2.4745  using wrong flag for using bell in the terminal
8.2.4746  supercollider filetype not recognized
8.2.4747  no filetype override for .sys files
8.2.4748  cannot use an imported function in a mapping
8.2.4749  &lt;script&gt; is not expanded in autocmd context
8.2.4750  small pieces of dead code
8.2.4751  mapping &lt;SID&gt;name.Func does not work for autoload script
8.2.4752  wrong 'statusline' value can cause illegal memory access
8.2.4753  error from setting an option is silently ignored
8.2.4754  using cached values after unsetting some environment variables
8.2.4755  cannot use &lt;SID&gt;FuncRef in completion spec
8.2.4756  build error without the +eval feature
8.2.4757  list of libraries to suppress lsan errors is outdated
8.2.4758  when using an LSP channel want to get the message ID
8.2.4759  CurSearch highlight does not work for multi-line match
8.2.4760  using matchfuzzy() on a long list can take a while
8.2.4761  documentation for using LSP messages is incomplete
8.2.4762  using freed memory using synstack() and synID() in WinEnter
8.2.4763  using invalid pointer with "V:" in Ex mode
8.2.4764  CI uses an older gcc version
8.2.4765  function matchfuzzy() sorts too many items
8.2.4766  KRL files using "deffct" not recognized
8.2.4767  openscad files are not recognized
8.2.4768  CI: codecov upload sometimes does not work
8.2.4769  build warning with UCRT
8.2.4770  cannot easily mix expression and heredoc
8.2.4771  Coverity warns for not checking return value
8.2.4772  old Coverity warning for not checking ftell() return value
8.2.4773  build failure without the +eval feature
8.2.4774  crash when using a number for lambda name
8.2.4775  SpellBad highlighting does not work in Konsole
8.2.4776  GTK: 'lines' and 'columns' may change during startup
8.2.4777  screendump tests fail because of a redraw
8.2.4778  pacman files use dosini filetype
8.2.4779  lsan suppression is too version specific
8.2.4780  parsing an LSP message fails when it is split
8.2.4781  Maxima files are not recognized
8.2.4782  accessing freed memory
8.2.4783  Coverity warns for leaking memory
8.2.4784  lamba test with timer is flaky
8.2.4785  Visual mode not stopped if win_gotoid() goes to other buffer
8.2.4786  test for win_gotoid() in Visual mode fails on Mac
8.2.4787  prop_find() does not find the right property
8.2.4788  large payload for LSP message not tested
8.2.4789  cursor pos wrong when using :redraw while editing the cmdline
8.2.4790  lilypond filetype not recognized
8.2.4791  events triggered in different order when reusing buffer
8.2.4792  indent operator creates an undo entry for every line
8.2.4793  recognizing Maxima filetype even though it might be another
8.2.4794  compiler warning for not initialized variable
8.2.4795  'cursorbind' scrolling depends on whether 'cursorline' is set
8.2.4796  file left behind after running cursorline tests
8.2.4797  getwininfo() may get oudated values
8.2.4798  t_8u option was reset even when set by the user
8.2.4799  popup does not use correct topline
8.2.4800  missing test update for adjusted t_8u behavior
8.2.4801  fix for cursorbind fix not fully tested
8.2.4802  test is not cleaned up
8.2.4803  WinScrolled not always triggered when scrolling with mouse
8.2.4804  expression in heredoc doesn't work for compiled function
8.2.4805  CurSearch used for all matches in current line
8.2.4806  a mapping using &lt;LeftDrag&gt; does not start Select mode
8.2.4807  processing key eveints in Win32 GUI is not ideal
8.2.4808  unused item in engine struct
8.2.4809  various things not properly tested
8.2.4810  missing changes in one file
8.2.4811  Win32 GUI: caps lock doesn't work
8.2.4812  unused struct item
8.2.4813  pasting text while indent folding may mess up folds
8.2.4814  possible to leave a popup window with win_gotoid()
8.2.4815  cannot build with older GTK version
8.2.4816  still using older codecov app in some places of CI
8.2.4817  Win32 GUI: modifiers are not always used
8.2.4818  no test for what 8.2.4806 fixes
8.2.4819  unmapping simplified keys also deletes other mapping
8.2.4820  not simple programmatic way to find a specific mapping
8.2.4821  crash when imported autoload script was deleted
8.2.4822  setting ufunc to NULL twice
8.2.4823  concat more than 2 strings in :def function is inefficient
8.2.4824  expression is evaluated multiple times
8.2.4825  can only get a list of mappings
8.2.4826  .cshtml files are not recognized
8.2.4827  typo in variable name
8.2.4828  fix for unmapping simplified key not fully tested
8.2.4829  a key may be simplified to NUL
8.2.4830  possible endless loop if there is unused typahead
8.2.4831  crash when using maparg() and unmapping simplified keys
8.2.4832  passing zero instead of NULL to a pointer argument
8.2.4833  failure of mapping not checked for
8.2.4834  Vim9: some lines not covered by tests
8.2.4835  Vim9: some lines not covered by tests
8.2.4836  Vim9: some lines not covered by tests
8.2.4837  modifiers not simplified when timed out
8.2.4838  checking for absolute path is not trivial
8.2.4839  compiler warning for unused argument
8.2.4840  heredoc expression evaluated even when skipping
8.2.4841  empty string considered an error for expand()
8.2.4842  expand("%:p") is not empty when there is no buffer name
8.2.4843  treating CTRL + ALT as AltGr is not backwards compatible
8.2.4844  &lt;C-S-I&gt; is simplified to &lt;S-Tab&gt;
8.2.4845  duplicate code
8.2.4846  termcodes test fails
8.2.4847  crash when using uninitialized function pointer
8.2.4848  local completion with mappings and simplification not working
8.2.4849  Gleam filetype not detected
8.2.4850  mksession mixes up "tabpages" and "curdir" arguments
8.2.4851  compiler warning for uninitialized variable
8.2.4852  ANSI color index to RGB value not correct
8.2.4853  CI with FreeBSD is a bit outdated
8.2.4854  array size does not match usage
8.2.4855  robot files are not recognized
8.2.4856  MinGW compiler complains about unknown escape sequence
8.2.4857  Yaml indent for multiline is wrong
8.2.4858  K_SPECIAL may be escaped twice
8.2.4859  wget2 files are not recognized
8.2.4860  MS-Windows: always uses current directory for executables
8.2.4861  it is not easy to restore saved mappings
8.2.4862  Vim9: test may fail when run with valgrind
8.2.4863  accessing freed memory in test without the +channel feature
8.2.4864  Vim9: script test fails
8.2.4865  :startinsert right after :stopinsert may not work
8.2.4866  duplicate code in "get" functions
8.2.4867  listing of mapping with K_SPECIAL is wrong
8.2.4868  when closing help window autocmds triggered for wrong window
8.2.4869  expression in command block does not look after NL
8.2.4870  Vim9: expression in :substitute is not compiled
8.2.4871  Vim9: in :def function no error for misplaced range
8.2.4872  Vim9: no error for using an expression only
8.2.4873  Vim9: using "else" differs from using "endif/if !cond"
8.2.4874  Win32 GUI: horizontal scroll wheel not handled properly
8.2.4875  MS-Windows: some .exe files are not recognized
8.2.4876  MS-Windows: Shift-BS results in strange char in powershell
8.2.4877  MS-Windows: Wrongly using Normal colors for termguicolors
8.2.4878  valgrind warning for using uninitialized variable
8.2.4879  screendump test may fail when using valgrind
8.2.4880  Vim9: misplaced elseif causes invalid memory access
8.2.4881  "P" in Visual mode still changes some registers
8.2.4882  cannot make 'breakindent' use a specific column
8.2.4883  string interpolation only works in heredoc
8.2.4884  test fails without the job/channel feature
8.2.4885  test fails with the job/channel feature
8.2.4886  Vim9: redir in skipped block seen as assignment
8.2.4887  channel log does not show invoking a timer callback
8.2.4888  line number of lambda ignores line continuation
8.2.4889  CI only tests with FreeBSD 12
8.2.4890  inconsistent capitalization in error messages
8.2.4891  Vim help presentation could be better
8.2.4892  test failures because of changed error messages
8.2.4893  distributed import files are not installed
8.2.4894  MS-Windows: not using italics
8.2.4895  buffer overflow with invalid command with composing chars
8.2.4896  expression in command block does not look after NL
8.2.4897  comment inside an expression in lambda ignores the rest
8.2.4898  Coverity complains about pointer usage
8.2.4899  with latin1 encoding CTRL-W might go before the cmdline
8.2.4900  Vim9 expression test fails without the job feature
8.2.4901  NULL pointer access when using invalid pattern
8.2.4902  mouse wheel scrolling is inconsistent
8.2.4903  cannot get the current cmdline completion type and position
8.2.4904  codecov includes MS-Windows install files
8.2.4905  codecov includes MS-Windows install header file
8.2.4906  MS-Windows: cannot use transparent background
8.2.4907  some users do not want a line comment always inserted
8.2.4908  no text formatting for // comment after a statement
8.2.4909  MODE_ enum entries names are too generic
8.2.4910  imperfect coding
8.2.4911  the mode #defines are not clearly named
8.2.4912  using execute() to define a lambda doesn't work
8.2.4913  popup_hide() does not always have effect
8.2.4914  string interpolation in :def function may fail
8.2.4915  sometimes the cursor is in the wrong position
8.2.4916  mouse in Insert mode test fails
8.2.4917  fuzzy expansion of option names is not right
8.2.4918  conceal character from matchadd() displayed too many times
8.2.4919  can add invalid bytes with :spellgood
8.2.4920  MS-Windows GUI: unused variables
8.2.4921  spell test fails because of new illegal byte check
8.2.4922  mouse test fails on MS-Windows
8.2.4923  test checks for terminal feature unnecessarily
8.2.4924  maparg() may return a string that cannot be reused
8.2.4925  trailing backslash may cause reading past end of line
8.2.4926  #ifdef for crypt feature around too many lines
8.2.4927  return type of remove() incorrect when using three arguments
8.2.4928  various white space and cosmetic mistakes
8.2.4929  off-by-one error in in statusline item
8.2.4930  interpolated string expression requires escaping
8.2.4931  Crash with sequence of Perl commands
8.2.4932  not easy to filter the output of maplist()
8.2.4933  a few more capitalization mistakes in error messages
8.2.4934  string interpolation fails when not evaluating
8.2.4935  with 'foldmethod' "indent" some lines not included in fold
8.2.4936  MS-Windows: mouse coordinates for scroll event are wrong
8.2.4937  no test for what 8.2.4931 fixes
8.2.4938  crash when matching buffer with invalid pattern
8.2.4939  matchfuzzypos() with "matchseq" does not have all positions
8.2.4940  some code is never used
8.2.4941  '[ and '] marks may be wrong after undo
8.2.4942  error when setting 'filetype' in help file again
8.2.4943  changing 'switchbuf' may have no effect
8.2.4944  text properties are wrong after "cc"
8.2.4945  inconsistent use of white space
8.2.4946  Vim9: some code not covered by tests
8.2.4947  text properties not adjusted when accepting spell suggestion
8.2.4948  cannot use Perl heredoc in nested :def function
8.2.4949  Vim9: some code not covered by tests
8.2.4950  text properties position wrong after shifting text
8.2.4951  smart indenting done when not enabled
8.2.4952  GUI test will fail if color scheme changes
8.2.4953  with 'si' inserting '}' after completion goes wrong
8.2.4954  inserting line breaks text property spanning two lines
8.2.4955  text property in wrong position after auto-indent
8.2.4956  reading past end of line with "gf" in Visual block mode
8.2.4957  text properties in a wrong position after a block change
8.2.4958  a couple conditions are always true
8.2.4959  using NULL regexp program
8.2.4960  text properties that cross lines not updated for deleted line
8.2.4961  build error with a certain combination of features
8.2.4962  files show up in git status
8.2.4963  expanding path with "/**" may overrun end of buffer
8.2.4964  MS-Windows GUI: mouse event test is flaky
8.2.4965  GUI: testing mouse move event depends on screen cell size
8.2.4966  MS-Windows GUI: mouse event test gets extra event
8.2.4967  MS-Windows GUI: mouse event test sometimes fails
8.2.4968  reading past end of the line when C-indenting
8.2.4969  changing text in Visual mode may cause invalid memory access
8.2.4970  "eval 123" gives an error, "eval 'abc'" does not
8.2.4971  Vim9: interpolated string seen as range
8.2.4972  Vim9: compilation fails when using dict member when skipping
8.2.4973  Vim9: type error for list unpack mentions argument
8.2.4974  ":so" command may read after end of buffer
8.2.4975  recursive command line loop may cause a crash
8.2.4976  Coverity complains about not restoring a saved value
8.2.4977  memory access error when substitute expression changes window
8.2.4978  no error if engine selection atom is not at the start
8.2.4979  accessing freed memory when line is flushed
8.2.4980  when 'shortmess' contains 'A' loading session may still warn
8.2.4981  it is not possible to manipulate autocommands
8.2.4982  colors in terminal window are not 100% correct
8.2.4983  colors test fails in the GUI
8.2.4984  dragging statusline fails for window with winbar
8.2.4985  PVS warns for possible array underrun
8.2.4986  some github actions are outdated
8.2.4987  after deletion a small fold may be closable
8.2.4988  textprop in wrong position when replacing multi-byte chars
8.2.4989  cannot specify a function name for :defcompile
8.2.4990  memory leak when :defcompile fails
8.2.4991  no test for hwat patch 8.1.0535 fixes
8.2.4992  compiler warning for possibly uninitialized variable
8.2.4993  smart/C/lisp indenting is optional
8.2.4994  tests are using legacy functions
8.2.4995  still a compiler warning for possibly uninitialized variable
8.2.4996  setbufline() may change Visual selection
8.2.4997  Python: changing hidden buffer can cause display mess up
8.2.4998  Vim9: crash when using multiple funcref()
8.2.4999  filetype test table is not properly sorted
8.2.5000  no patch for documentation updates
8.2.5001  checking translations affects the search pattern history
8.2.5002  deletebufline() may change Visual selection
8.2.5003  cannot do bitwise shifts
8.2.5004  right shift on negative number does not work as documented
8.2.5005  compiler warning for uninitialized variable
8.2.5006  asan warns for undefined behavior
8.2.5007  spell suggestion may use uninitialized memory
8.2.5008  when 'formatoptions' contains "/" wrongly wrapping comment
8.2.5009  fold may not be closeable after appending
8.2.5010  the terminal debugger uses various global variables
8.2.5011  Replacing an autocommand requires several lines
8.2.5012  cannot select one character inside ()
8.2.5013  after text formatting cursor may be in an invalid position
8.2.5014  byte offsets are wrong when using text properties
8.2.5015  Hoon and Moonscript files are not recognized
8.2.5016  access before start of text with a put command
8.2.5017  gcc 12.1 warns for uninitialized variable
8.2.5018  Vim9: some code is not covered by tests
8.2.5019  cannot get the first screen column of a character
8.2.5020  using 'imstatusfunc' and 'imactivatefunc' breaks 'foldopen'
8.2.5021  build fails with normal features and +terminal
8.2.5022  'completefunc'/'omnifunc' error does not end completion
8.2.5023  substitute overwrites allocated buffer
8.2.5024  using freed memory with "]d"
8.2.5025  Vim9: a few lines not covered by tests
8.2.5026  Vim9: a few lines not covered by tests
8.2.5027  error for missing :endif when an exception was thrown
8.2.5028  syntax regexp matching can be slow
8.2.5029  "textlock" is always zero
8.2.5030  autocmd_add() can only handle one event and pattern
8.2.5031  cannot easily run the benchmarks
8.2.5032  Python 3 test fails without the GUI
8.2.5033  build error with +eval but without +quickfix
8.2.5034  there is no way to get the byte index from a virtual column
8.2.5035  when splitting a window the changelist position moves
8.2.5036  using two counters for timeout check in NFA engine
8.2.5037  cursor position may be invalid after "0;" range
8.2.5038  a finished terminal in a popup window does not show scrollbar
8.2.5039  confusing error if first argument of popup_create() is wrong
8.2.5040  scrollbar thumb in scrolled popup not visible
8.2.5041  cannot close a terminal popup with "NONE" job
8.2.5042  scrollbar thumb in tall scrolled popup not visible
8.2.5043  can open a cmdline window from a substitute expression
8.2.5044  command line test fails
8.2.5045  can escape a terminal popup window when the job is finished
8.2.5046  vim_regsub() can overwrite the destination
8.2.5047  CurSearch highlight is often wrong
8.2.5048  when using XIM the gui test may fail
8.2.5049  insufficient tests for autocommands
8.2.5050  using freed memory when searching for pattern in path
8.2.5051  check for autocmd_add() event argument is confusing
8.2.5052  CI checkout step title is a bit cryptic
8.2.5053  cannot have a comment halfway an expression in a block
8.2.5054  no good filetype for conf files similar to dosini
8.2.5055  statusline is not updated when terminal title changes
8.2.5056  the channel log only contains some of the raw terminal output
8.2.5057  using gettimeofday() for timeout is very inefficient
8.2.5058  input() does not handle composing characters properly
8.2.5059  autoconf 2.71 produces many obsolete warnings
8.2.5060  running configure fails
8.2.5061  C89 requires signal handlers to return void
8.2.5062  Coverity warns for dead code
8.2.5063  error for a command may go over the end of IObuff
8.2.5064  no test for what 8.1.0052 fixes
8.2.5065  wrong return type for main() in tee.c
8.2.5066  can specify multispace listchars only for whole line
8.2.5067  timer_create is not available on every Mac system
8.2.5068  gcc 12.1 warning when building tee
8.2.5069  various warnings from clang on MS-Windows
8.2.5070  unnecessary code
8.2.5071  with some Mac OS version clockid_t is redefined
8.2.5072  using uninitialized value and freed memory in spell command
8.2.5073  clang on MS-Windows produces warnings
8.2.5074  spell test fails on MS-Windows
8.2.5075  clang gives an out of bounds warning
8.2.5076  unnecessary code
8.2.5077  various warnings from clang on MS-Windows
8.2.5078  substitute test has a one second delay
8.2.5079  DirChanged autocommand may use freed memory
8.2.5080  when indenting gets out of hand it is hard to stop
8.2.5081  autocmd test fails on MS-Windows
8.2.5082  retab test fails
8.2.5083  autocmd test still fails on MS-Windows
8.2.5084  when the GUI shows a dialog tests get stuck
8.2.5085  gcc gives warning for signed/unsigned difference
8.2.5086  CI runs on Windows 2019
8.2.5087  cannot build with clang on MS-Windows
8.2.5088  value of cmod_verbose is a bit complicated to use
8.2.5089  some functions return a different value on failure
8.2.5090  MS-Windows: vim.def is no longer used
8.2.5091  terminal test fails with some shell commands
8.2.5092  using "'&lt;,'&gt;" in Ex mode may compare unrelated pointers
8.2.5093  error message for unknown command may have the command twice
8.2.5094  MS-Windows GUI: empty command may cause a dialog
8.2.5095  terminal test still fails with some shell commands
8.2.5096  terminal test still fails with some shell commands
8.2.5097  using uninitialized memory when using 'listchars'
8.2.5098  spelldump test sometimes hangs
8.2.5099  some terminal tests are not retried
8.2.5100  memory usage tests are not retried
8.2.5101  MS-Windows with MinGW: $CC may be "cc" instead of "gcc"
8.2.5102  interrupt not caught in test
8.2.5103  build fails with small features
8.2.5104  test hangs on MS-Windows
8.2.5105  test still hangs on MS-Windows
8.2.5106  default cmdwin mappings are re-mappable
8.2.5107  some callers of rettv_list_alloc() check for not OK
8.2.5108  retab test disabled because it hangs on MS-Windows
8.2.5109  mode not updated after CTRL-O CTRL-C in Insert mode
8.2.5110  icon filetype not recognized from the first line
8.2.5111  no test for --gui-dialog-file
8.2.5112  gui test hangs on MS-Windows
8.2.5113  timer becomes invalid after fork/exec, :gui gives errors
8.2.5114  time limit on searchpair() does not work properly
8.2.5115  search timeout is overrun with some patterns
8.2.5116  "limit" option of matchfuzzy() not always respected
8.2.5117  crash when calling a Lua callback from a :def function
8.2.5118  MS-Windows: sending a message to another Vim may hang
8.2.5119  CI uses cache v2
8.2.5120  searching for quotes may go over the end of the line
8.2.5121  interrupt test sometimes fails
8.2.5122  lisp indenting my run over the end of the line
8.2.5123  using invalid index when looking for spell suggestions
8.2.5124  when syntax timeout test fails it does not show the time
8.2.5125  MS-Windows: warnings from MinGW compiler
8.2.5126  substitute may overrun destination buffer
8.2.5127  using assert_true() does not show value on failure
8.2.5128  syntax disabled when using synID() in searchpair() skip expr
8.2.5129  timeout handling is not optimal
8.2.5130  edit test for mode message fails when using valgrind
8.2.5131  timeout implementation is not optimal
8.2.5132  :mkview test doesn't test much
8.2.5133  MacOS: build fails
8.2.5134  function has confusing name
8.2.5135  running configure gives warnings for main() return type
8.2.5136  debugger test fails when run with valgrind
8.2.5137  cannot build without the +channel feature
8.2.5138  various small issues
8.2.5139  TIME_WITH_SYS_TIME is no longer supported by autoconf
8.2.5140  seachpair timeout test is flaky
8.2.5141  using "volatile int" in a signal handler might be wrong
8.2.5142  startup test fails if there is a status bar
8.2.5143  some tests fail when using valgrind
8.2.5144  with 'lazyredraw' set completion menu may be wrong
8.2.5145  exit test causes spurious valgrind reports
8.2.5146  memory leak when substitute expression nests
8.2.5147  flaky test always fails on retry
8.2.5148  invalid memory access when using expression on command line
8.2.5149  cannot build without the +eval feature
8.2.5150  read past the end of the first line with ":0;'{"
8.2.5151  reading beyond the end of the line with lisp indenting
8.2.5152  search() gets stuck with "c" and skip evaluates to true
8.2.5153  "make uninstall" does not remove colors/lists
8.2.5154  still mentioning version8, some cosmetic issues
8.2.5155  in diff mode windows may get out of sync
8.2.5156  search timeout test often fails with FreeBSD
8.2.5157  MS-Windows GUI: CTRL-key combinations do not always work
8.2.5158  TSTP and INT signal tests are not run with valgrind
8.2.5159  fix for CTRL-key combinations causes problems
8.2.5160  accessing invalid memory after changing terminal size
8.2.5161  might still access invalid memory
8.2.5162  reading before the start of the line with BS in Replace mode
8.2.5163  crash when deleting buffers in diff mode
8.2.5164  invalid memory access after diff buffer manipulations
8.2.5165  import test fails because 'diffexpr' isn't reset
8.2.5166  test for DiffUpdated fails
8.2.5167  get(Fn, 'name') on funcref returns special byte code
8.2.5168  cannot build with Python 3.11
8.2.5169  nested :source may use NULL pointer
8.2.5170  tiny issues
8.2.5171  dependencies and proto files are outdated
8.2.5172  "make menu" still uses legacy script

(khorben)

doc: Updated chat/prosody to 0.12.1

(khorben)

prosody: update to 0.12.1

Summary of changes in this release:

Fixes and improvements

* mod_http (and dependent modules): Make CORS opt-in by default (#1731)
* mod_http: Reintroduce support for disabling or limiting CORS (#1730)
* net.unbound: Disable use of hosts file by default (fixes #1737)
* MUC: Allow kicking users with the same affiliation as the kicker (fixes #1724 and improves Jitsi Meet compatibility)
* mod_tombstones: Add caching to improve performance on busy servers (fixes #1728: mod_tombstone: inefficient I/O with internal storage)

Minor changes

* prosodyctl check config: Report paths of loaded configuration files (#1729)
* prosodyctl about: Report version of lua-readline
* prosodyctl: check config: Skip bare JID components in orphan check
* prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
* prosodyctl: check turn: warn about external port mismatches behind NAT
* mod_turn_external: Update status and friendlier handling of missing secret option (#1727)
* prosodyctl: Pass server when listing (outdated) plugins (fix #1738: prosodyctl list --outdated does not handle multiple versions of a module)
* util.prosodyctl: check turn: ensure a result is always returned from a check (thanks eTaurus)
* util.prosodyctl: check turn: Report lack of TURN services as a problem #1749
* util.random: Ensure that native random number generator works before using it, falling back to /dev/urandom (#1734)
* mod_storage_xep0227: Fix mapping of nodes without explicit configuration
* mod_admin_shell: Fix error in 窶藁odule:info()窶� when statistics is not enabled (#1754)
* mod_admin_socket: Compat for luasocket prior to unix datagram support
* mod_admin_socket: Improve error reporting when socket can窶冲 be created (#1719)
* mod_cron: Record last time a task runs to ensure correct intervals (#1751)
* core.moduleapi, core.modulemanager: Fix internal flag affecting logging in in some global modules, like mod_http (#1736, #1748)
* core.certmanager: Expand debug messages about cert lookups in index
* configmanager: Clearer errors when providing unexpected values after VirtualHost (#1735)
* mod_storage_xep0227: Support basic listing of PEP nodes in absence of pubsub#admin data
* mod_storage_xep0227: Handle missing {pubsub#owner}pubsub element (fixes #1740: mod_storage_xep0227 tracebacks reading non-existent PEP store)
* mod_storage_xep0227: Fix conversion of SCRAM into internal format (#1741)
* mod_external_services: Move error message to correct place (fix #1725: mod_external_services: Misplaced textual error message)
* mod_smacks: Fix handling of unhandled stanzas on disconnect (#1759)
* mod_smacks: Fix counting of handled stanzas
* mod_smacks: Fix bounce of stanzas directed to full JID on unclean disconnect
* mod_pubsub: Don窶冲 attempt to use server actor as publisher (#1723)
* mod_s2s: Improve robustness of outgoing s2s certificate verification
* mod_invites_adhoc: Fall back to generic allow_user_invites for role-less users
* mod_invites_register: Push invitee contact entry to inviter
* util.startup: Show error for unrecognized command-line arguments passed to 窶湾rosody窶� (#1722)
* util.jsonpointer: Add tests, compat improvements and minor fixes
* util.jsonschema: Lua version compat improvements

(khorben)

chat/prosody: always create the directory for the PID file

The RC script for prosody now always creates the corresponding
sub-directory for prosody's PID file. This is inspired by the RC script
for mdnsd in NetBSD, and for dbus in pkgsrc; thanks spz@ for the
suggestion!

Bumps PKGREVISION.

Tested on NetBSD/amd64.

XXX pull-up to pkgsrc-2022Q2 (completes request 6649)

(khorben)

doc: Updated chat/pidgin-silc to 2.14.10

(khorben)

doc: Updated chat/pidgin-sametime to 2.14.10

(khorben)

doc: Updated chat/pidgin to 2.14.10

(khorben)

doc: Updated chat/finch to 2.14.10

(khorben)

doc: Updated chat/libpurple to 2.14.10

(khorben)

libpurple, finch, pidgin: update to 2.14.10

This notably fixes security issues (CVE-2012-1257, CVE-2022-26491).

Tested on NetBSD/amd64.

XXX pull-up to the pkgsrc-2022Q2 branch

The complete changelog for the new versions is reproduced here:

version 2.14.10 (06/02/2022):
General:
* Audit and correct the COPYRIGHT file. (RR 1425) (Richard Laager)
* Fix a spelling error in a debug message for proxies. (RR 1426) (Richard
  Laager)
* Install some emojis already in the theme but not being installed.
  (RR 1428) (Richard Laager)
* Drop the QQ smileys as we don't ship QQ anymore. (PIDGIN-14385) (RR 1429)
  (Richard Laager)
* Modernize the desktop file. (RR 1433) (Richard Laager)
* Modernize the appdata file. (RR 1431) (Richard Laager)
* Make privacy settings persist. (PIDGIN-17137) (RR 1463) (Belgin ��tirbu)

Pidgin:
* Fix a use after free that was introduced in 2.14.9. (RR 1488) (ivanhoe)

IRC:
* Fix a crash if the server sends a short form JOIN message. (PIDGIN-17375)
  (RR 1484) (Belgin ��tirbu)

XMPP:
* Fix a regression from 2.14.9 where XMPP accounts state would get lost
  after failing to connect. (PIDGIN-17621) (RR 1455) (Belgin ��tirbu)
* Fix a crash when requesting your own info in an XMPP conference. (RR 1465)
  (Belgin ��tirbu)
* Fix hang when completing a file transfer over XMPP. (RR 1466) (Belgin
  ��tirbu)
* Fix updating custom smileys. (PIDGIN-17153) (RR 1477) (Belgin ��tirbu)
* Fix unblocking users. (PIDGIN-16414) (RR 1479) (Belgin ��tirbu)
* Fix a crash when cancelling a file transfer. (PIDGIN-17189) (RR 1485)
  (Belgin ��tirbu)

version 2.14.9 (04/28/2022):
Security:
* Remove _xmppconnect support. (RR 1357) (CVE-2022-26491) (Gary Kramlich)

libpurple:
* Fix a GLib CRITICAL message with typing time outs. (RR 1123) (Mohammed
  Sadiq)
* Fix an issue where the unit tests for purple_str_to_time would fail.
  (GENTOO-819774) (RR 1238) (Gary Kramlich)

Pidgin:
* Fix a memory leak in pidgin_conversations_set_tab_colors. (RR 1244)
  (ivanhoe)
* Fixed the majority of the infinite resizing issues in the input box.
  (PIDGIN-16753, PIDGIN-16999, PIDGIN-17287, PIDGIN-17413, PIDGIN-17430,
  PIDGIN-17568, PIDGIN-17602) (RR 1342) (Belgin ��tirbu)
* Add transient-buddy back which is used to show some context menus and
  other things. (PIDGIN-17523) (RR 1381) (Belgin ��tirbu)

Windows:
* Fix the download of dictionaries in the Windows installer. (PIDGIN-14618,
  PIDGIN-15648, PIDGIN-15540, PIDGIN-14612, PIDGIN-14893) (RR 1303) (Gary
  Kramlich)

Translations:
* Fix a typo in the German translations. (PIDGIN-17575) (RR 1242) (ivanhoe)
* Synced all of the translations with Transifex.

IRC:
* Fix IRC file transfers on Windows. (PIDGIN-17175) (RR 1382) (Belgin
  ��tirbu)
* Fix file transfers failing at 99% on IRC. (PIDGIN-15893) (RR 1385) (Belgin
  ��tirbu)
* Default realname and ident name in IRC to the username (nickname) of the
  account. (PIDGIN-17610) (RR 1386) (Belgin ��tirbu)
* Add an advanced account option to IRC accounts for explicitly setting the
  SASL login name. (PIDGIN-15451) (RR 1388) (Belgin ��tirbu)
* Added a rate limiter that should make it impossible to excess flood.
  (RR 1391) (Gary Kramlich)

SIMPLE:
* Fix an issue with the CSeq numbers in SIMPLE. (PIDGIN-9675) (RR 1379)
  (dohmniq)

XMPP:
* Fix XMPP attention messages being sent to incorrect JIDs. (PIDGIN-14714)
  (RR 1387) (itsnotabigtruck, Belgin ��tirbu)

(khorben)

deforaos-configure: register x11/deforaos-locker as a user

(khorben)

doc: Updated x11/deforaos-locker to 0.4.2

(khorben)

deforaos-locker: update to version 0.4.2

This update brings:
- re-licensing to the BSD license (2 clause)
- renaming of the desktop files
- documentation for plug-ins with Gtk-Doc
- re-generation of Makefiles with DeforaOS configure

(khorben)

pev: fix building on macOS

Tested on NetBSD/amd64, macOS/amd64.

(khorben)

libpe: add some link-time flags

This sets the rpath when linking libpe, and an absolute install_name
when linking libpe on macOS.

This notably fixes the build on macOS with PKG_DEVELOPER=yes.

Tested on NetBSD/amd64, macOS/amd64.

Bumps PKGREVISION.

(khorben)

python{39,310}: fix the build when the work directory is in $PREFIX

As documented in pkg/56774, when WRKOBJDIR is in LOCALBASE (eg set to
${LOCALBASE}/work) then changes done to Python's setup.py made it
unable to locate its own built-in modules, then failing to bootstrap and
build.

As suggested by tnn@; tested on NetBSD/amd64.

XXX pull-up to pkgsrc-2022Q2

(khorben)

prosody: make sure pidfile always matches PROSODY_RUN in the RC script

This concludes my investigation on the correct path for the PID file.
No changes to the final binary if PROSODY_RUN is set to its default
value.

Tested on NetBSD/amd64.

XXX pull-up to pkgsrc-2022Q2

(khorben)

prosody: fix the path to the PID file in the RC script

PROSODY_RUN is set to eg /var/run/prosody/prosody.pid instead of just
/var/run/prosody.pid, which is a good thing (tm) since prosody's user
needs the access rights to write to the corresponding directory.

Unfortunately, the directory is not automatically created nor the right
permissions set yet, but this is progress.

While there, appease pkglint(1).

Bumps PKGREVISION.

Tested on NetBSD/amd64.

XXX pull-up to pkgsrc-2022Q2 once the complete solution is in place

(khorben)

gpsd: provide a RC script

Bumps PKGREVISION.

Tested on NetBSD/amd64.

"ok with this" gdt@

(khorben)

pkginstall.xml: cupsd.sh is now in print/cups-base

(khorben)

lasso: fix the build with inkscape installed

Basically lasso installs additional files when Inkscape is available,
which it would normally re-generate but are already in the source tree.

This unconditionally caches "/bin/false" as the path to Inkscape, which:

* will always behave the same (install the missing files)
* will break if they ever have to be re-generated (thus exposing the
  issue directly, which is a good thing)

In addition since lasso can provide additional documentation when
gtk-doc is installed, I have enabled this by default as well.

Bumps PKGREVISION.

Reviewed by manu@, thanks!

(khorben)

doc: Updated www/gitea to 1.16.8

(khorben)

gitea: update to 1.16.8

This is a security update:

* CVE-2022-30781
* CVE-2022-27313
* and more security issues fixed but without CVEs - see below

XXX pull-up to pkgsrc-2022Q1

Tested on NetBSD/amd64.

Changes in 1.16.8:

ENHANCEMENTS

* Add doctor check/fix for bogus action rows (#19656) (#19669)
* Make .cs highlighting legible on dark themes (#19604) (#19605)

BUGFIXES

* Fix oauth setting list bug (#19681)
* Delete user related oauth stuff on user deletion too (#19677) (#19680)
* Fix new release from tags list UI (#19670) (#19673)
* Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
* GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
* Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
* Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591)
* Fix sending empty notifications (#19589) (#19590)
* Ignore DNS error when doing migration allow/block check (#19566) (#19567)
* Fix issue overview for teams (#19652) (#19653)

Changes in 1.16.7:

SECURITY

* Escape git fetch remote (#19487) (#19490) CVE-2022-30781

BUGFIXES

* Don't overwrite err with nil (#19572) (#19574)
* On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568)
* Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560)
* Don't error when branch's commit doesn't exist (#19547) (#19548)
* Support hostname:port to pass host matcher's check (#19543) (#19544)
* Prevent intermittent race in attribute reader close (#19537) (#19539)
* Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
* Prevent dangling archiver goroutine (#19516) (#19526)
* Fix migrate release from github (#19510) (#19523)
* When view _Siderbar or _Footer, just display once (#19501) (#19522)
* Fix blame page select range error and some typos (#19503)
* Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484)
* User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
* Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
* RepoAssignment ensure to close before overwrite (#19449) (#19460)
* Set correct PR status on 3way on conflict checking (#19457) (#19458)
* Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)

Changes in 1.16.6:

ENHANCEMENTS

* Only request write when necessary (#18657) (#19422)
* Disable service worker by default (#18914) (#19342)

BUGFIXES

* When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
* Fix DELETE request for non-existent public key (#19443) (#19444)
* Don't panic on ErrEmailInvalid (#19441) (#19442)
* Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
* Warn on SSH connection for incorrect configuration (#19317) (#19437)
* Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
* When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
* Fix nil error when some pages are rendered outside request context (#19427) (#19428)
* Fix double blob-hunk on diff page (#19404) (#19405)
* Don't allow merging PR's which are being conflict checked (#19357) (#19358)
* Fix middleware function's placements (#19377) (#19378)
* Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
* Restore user autoregistration with email addresses (#19261) (#19312)
* Move checks for pulls before merge into own function (#19271) (#19277)
* Granular webhook events in editHook (#19251) (#19257)
* Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
* Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
* Touch mirrors on even on fail to update (#19217) (#19233)
* Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
* Fix clone url JS error for the empty repo page (#19209)
* Bump goldmark to v1.4.11 (#19201) (#19203)

TESTING

* Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)

BUILD

* Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)

MISC

* Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
* Check go and nodejs version by go.mod and package.json (#19197) (#19254)

Changes in 1.16.5:

BREAKING

* Bump to build with go1.18 (#19120 et al) (#19127)

SECURITY

* Prevent redirect to Host (2) (#19175) (#19186)
* Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
* Clean paths when looking in Storage (#19124) (#19179)
* Do not send notification emails to inactive users (#19131) (#19139)
* Do not send activation email if manual confirm is set (#19119) (#19122)

ENHANCEMENTS

* Use the new/choose link for New Issue on project page (#19172) (#19176)

BUGFIXES

* Fix showing issues in your repositories (#18916) (#19191)
* Fix compare link in active feeds for new branch (#19149) (#19185)
* Redirect .wiki/* ui link to /wiki (#18831) (#19184)
* Ensure deploy keys with write access can push (#19010) (#19182)
* Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
* Cleanup protected branches when deleting users & teams (#19158) (#19174)
* Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
* Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
* Use custom favicon when viewing static files if it exists (#19130) (#19152)
* Fix the editor height in review box (#19003) (#19147)
* Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
* Fix wrong scopes caused by empty scope input (#19029) (#19145)
* Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
* Handle email address not exist (#19089) (#19121)

MISC

* Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
* Update golang.org/x/crypto (#19097) (#19098)

Changes in 1.16.4:

SECURITY

* Restrict email address validation (#17688) (#19085)
* Fix lfs bug (#19072) (#19080)

ENHANCEMENTS

* Improve SyncMirrors logging (#19045) (#19050)

BUGFIXES

* Refactor mirror code & fix StartToMirror (#18904) (#19075)
* Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
* Prevent 500 when there is an error during new auth source post (#19041) (#19059)
* If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
* Fix flag validation (#19046) (#19051)
* Add pam account authorization check (#19040) (#19047)
* Ignore missing comment for user notifications (#18954) (#19043)
* Set rel="nofollow noindex" on new issue links (#19023) (#19042)
* Upgrading binding package (#19034) (#19035)
* Don't show context cancelled errors in attribute reader (#19006) (#19027)
* Fix update hint bug (#18996) (#19002)

MISC

* Fix potential assignee query for repo (#18994) (#18999)

Changes in 1.16.3:

SECURITY

* Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313

ENHANCEMENTS

* Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)

BUGFIXES

* Set max text height to prevent overflow (#18862) (#18977)
* Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
* Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
* Send 404 on /{org}.gpg (#18959) (#18962)
* Fix admin user list pagination (#18957) (#18960)
* Fix lfs management setting (#18947) (#18946)
* Fix login with email panic when email is not exist (#18942)
* Update go-org to v1.6.1 (#18932) (#18933)
* Fix <strong> html in translation (#18929) (#18931)
* Fix page and missing return on unadopted repos API (#18848) (#18927)
* Allow adminstrator teams members to see other teams (#18918) (#18919)
* Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
* Correctly link URLs to users/repos with dashes, dots or underscores (
 (#18908)
* Fix redirect when using lowercase repo name (#18775) (#18902)
* Fix migration v210 (#18893) (#18892)
* Fix team management UI (#18887) (18886)
* BeforeSourcePath should point to base commit (#18880) (#18799)

TRANSLATION

* Backport locales from master (#18944)

MISC

* Don't update email for organisation (#18905) (#18906)

Changes in 1.16.2:

ENHANCEMENTS

* Show fullname on issue edits and gpg/ssh signing info (#18828)
* Immediately Hammer if second kill is sent (#18823) (#18826)
* Allow mermaid render error to wrap (#18791)

BUGFIXES

* Fix ldap user sync missed email in email_address table (#18786) (#18876)
* Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
* Don't report signal: killed errors in serviceRPC (#18850) (#18865)
* Fix bug where certain LDAP settings were reverted (#18859)
* Update go-org to 1.6.0 (#18824) (#18839)
* Fix login with email for ldap users (#18800) (#18836)
* Fix bug for get user by email (#18834)
* Fix panic in EscapeReader (#18820) (#18821)
* Fix ldap loginname (#18789) (#18804)
* Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
* In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
* Fix template bug of LFS lock (#18784) (#18787)
* Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
* Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
* Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
* Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
* Prevent dangling GetAttribute calls (#18754) (#18755)
* Fix isempty detection of git repository (#18746) (#18750)
* Fix source code line highlighting on external tracker (#18729) (#18740)
* Prevent double encoding of branch names in delete branch (#18714) (#18738)
* Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
* Fix forked repositories missed tags (#18719) (#18735)
* Fix release typo (#18728) (#18731)
* Separate the details links of commit-statuses in headers (#18661) (#18730)
* Update object repo with the migrated repository (#18684) (#18726)
* Fix bug for version update hint (#18701) (#18705)
* Fix issue with docker-rootless shimming script (#18690) (#18699)
* Let MinUnitAccessMode return correct perm (#18675) (#18689)
* Prevent security failure due to bad APP_ID (#18678) (#18682)
* Restart zero worker if there is still work to do (#18658) (#18672)
* If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)

TESTING

* Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)

BUILD

* Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)

MISC

* Put buttons back in org dashboard (#18817) (#18825)
* Various Mermaid improvements (#18776) (#18780)
* C preprocessor colors improvement (#18671) (#18696)
* Fix the missing i18n key for update checker (#18646) (#18665)

(khorben)

doc: Updated x11/deforaos-panel to 0.4.3

(khorben)

deforaos-panel: update to 0.4.3

Changes since 0.4.2:

* Documentation generated by Gtk-Doc
* Build fixes for FreeBSD
* Initial translation into German
* Minor fixes

(khorben)

deforaos-configure.mk: keep track of two more users

(khorben)

doc: Updated x11/deforaos-panel to 0.4.2

(khorben)

deforaos-panel: update to 0.4.2

Changes since 0.4.1:

* Renaming of the .desktop files
* Moved the configuration file to
  ~/.config/DeforaOS/Desktop/Panel/Panel.conf
* Build fixes and improved support for macOS
* Support for compilation modes with DeforaOS configure
* Improved compilation scripts (from DeforaOS configure)

This also makes use of the helper for DeforaOS configure, found in
devel/deforaos-configure/deforaos-configure.mk.

(khorben)

doc: Updated sysutils/deforaos-browser to 0.5.5

(khorben)

deforaos-browser: update to 0.5.5

Changes since 0.5.4:

* Renaming of the .desktop files
* Moved the configuration file to
  ~/.config/DeforaOS/Desktop/Browser/Browser.conf
* Improved architecture of the desktop(1) handler
* Matching the latest libDesktop
* Build fix for macOS
* Improved compilation scripts (from DeforaOS configure)

This also makes use of the helper for DeforaOS configure, found in
devel/deforaos-configure/deforaos-configure.mk.

(khorben)

deforaos-mixer: use DEFORAOS_CONFIGURE_MODE for the "embedded" option

(khorben)

deforaos-configure.mk: explicitly support configuration modes

(khorben)

doc: Updated www/php-nextcloud to 23.0.4

(khorben)

php-nextcloud: update to 23.0.4

Changes since 23.0.3:

* Run tests with primary object storage in CI + large upload fixes (server#31453)
* User_ldap fix ldap connection resets #31421 (server#31514)
* Validate overwrite.cli.url to be a url in setup check (server#31518)
* Fix duplicated UUID detection when there are empty uuids (server#31521)
* Fix occ user:add-app-password (server#31536)
* Fix the logger that is imported for critical actions (server#31540)
* Toggle profile globally (server#31624)
* Improve imagick, bcmath and gmp extension warnings (server#31634)
* Add optional WebDav propfind properties to count sub elements (server#31641)
* Fix listeners declaration in case of occ usage (server#31656)
* Do not forget DB table prefix with truncate query (server#31666)
* Limit the length of app password names (server#31678)
* Add OPcache recommendations to Transifex (server#31705)
* Bump babel-loader from 8.2.3 to 8.2.4 (server#31721)
* Add oauth2_clients migration for Owncloud (server#31730)
* Dont create cards_abiduri it if already exists (server#31733)
* Show that the web updater is not recommended on big instances (server#31740)
* Add direct arg to login flow (server#31748)
* Wrap oauth2 migrations inside conditions (server#31774)
* Fix assignment of the LDAP Wizard connection (server#31785)
* Fix ldap wizard styling (server#31804)
* Bump guzzlehttp/psr7 from 1.8.3 to 1.8.5 (server#31821)
* Ignore errors when searching for bundled preview (server#31831)
* Deduplicate storage ids in list before reusing (server#31835)
* Dont re-query fileinfo when getting dav quota (server#31836)
* Take permissions from multiple paths into account for share permissions (server#31846)
* Log in audit log federated shares events (server#31856)
* Update autoloaders and Node package-lock.json (server#31862)
* Fix incorrect if conditions in View (server#31878)
* Do not decorate the CLI output if its explicitly turned off (server#31880)
* Fix _App::getCurrentApp() when being called from CLI or phpunit (server#31882)
* Bump moment from 2.29.1 to 2.29.2 (server#31913)
* Fix shared mount roots not being returned from getSharesInFolder (server#31923)
* Confirm user is internal to globalscale (server#31940)
* AmazonS3: allow not implemented versioning (server#31946)
* Fix accept/reject remote share action (server#31949)
* Update CRL after revocation of socialsharing_telegram.csr (server#31955)
* Fix LDAP Dark Theme Issue (server#31968)
* Bump guzzlehttp/psr7 from 1.8.3 to 1.8.5 (3rdparty#1016)
* Fallback to the admin settings if the user did not configure it (activity#781)
* Bypass/limit permissions (circles#1001)
* Update memberships on path change (circles#1007)
* Check owner attendance (circles#1010)
* Remove child shares (circles#1015)
* Update displayName (circles#1017)
* Oracle support (circles#978)
* Limit some feature when Circles is managed by an app (circles#982)
* Use stable23 for oci tests (circles#985)
* Missing $prec (circles#995)
* Update population (circles#997)
* Disable social recommendation (firstrunwizard#693)
* Fix settings navigation order (firstrunwizard#697)
* Bump babel-loader from 8.2.3 to 8.2.4 (privacy#752)
* Build(deps): bump prosemirror-view from 1.23.7 to 1.23.9 (text#2233)
* Build(deps): bump prosemirror-view from 1.23.9 to 1.23.10 (text#2259)
* Build(deps): bump prosemirror-view from 1.23.10 to 1.23.11 (text#2274)
* Fix: menu bubble size at the end of the line (text#2277)
* Build(deps): bump prosemirror-view from 1.23.11 to 1.23.12 (text#2286)
* Properly cancel and reset ongoing streams when unmounting (viewer#1208)

Changes since 23.0.2:

* Allow writing audit log to syslog and systemdlog (server#30852)
* Allow to disable AuthToken v1 (server#30949)
* Add primary key for ratelimit table (server#30965)
* Bump samba images in tests (server#30967)
* Update variables.scss Fallback font before Noto Color Emoji (server#30969)
* Show if the mail server settings are not set or verified (server#30998)
* Use the unjailed-path in OC_Helper::getStorageInfo() for files located in SharedStorage. (server#30999)
* Fix: Birthday events missing after reimporting contacts (server#31000)
* Bump clipboard from 2.0.9 to 2.0.10 (server#31023)
* Fix bugs with incorrect currentFileList in the favorite and share by you view (server#31050)
* Allow specify a config prefix for another database connection (server#31059)
* Dont provide favorite activity settings (server#31084)
* Only setup part of the filesystem for appdata requests (server#31098)
* Allow sub-admins to access delegated settings. (server#31102)
* Ignore contact interaction with self (server#31120)
* Fix overlapping buttons in apps-management (server#31179)
* Fix typo in DAV namespace registration (server#31183)
* Fix a broken tooltip (server#31184)
* Improve user status revert performance (server#31192)
* Fix path handling when transferring incoming shares (server#31204)
* Bump dompurify from 2.3.5 to 2.3.6 (server#31226)
* Improve caching policy use immutable when loading versionned assets (server#31244)
* Hide download button for images (server#31253)
* Dont redirect when loading files index page (server#31255)
* Consider only reminders with calendar data (server#31262)
* Also cache non-existing to reuse it (server#31297)
* Ignore cache in occ ldap:check-ldap command (server#31299)
* Wrap S3 multipart upload exception (server#31302)
* Fix ldap:check-user method for newly created LDAP users (server#31306)
* Avoid PHP errors in the checkers drone step (server#31313)
* Background job time windows (server#31318)
* Mark split database configs as sensitive (server#31331)
* Update CRL after revocation of rocket_integration.csr (server#31350)
* Bump backbone from 1.4.0 to 1.4.1 (server#31369)
* Make Sabre File exception messages translatable (server#31392)
* Censor more configs (server#31399)
* Dont set up full filesystem to check for certificates (server#31401)
* Also use hashed/indexed column on delete (server#31402)
* Fix caching of the user avatar (server#31410)
* Fix duplicate primary email message (server#31412)
* Fix developer link (server#31423)
* Fix fileactions for sharing overview (server#31424)
* Prevent default right-click options when hideDownload is enabled (server#31427)
* Fix return type of avatar file (server#31432)
* Fix Nextcloud is not allowed to use the OPcache API warning (server#31437)
* Add Nextcloud docs link to OPcache recommends (server#31438)
* Be conservative when reading from fresh created column (server#31442)
* Init users file system if not existing on ownership transfer (server#31445)
* Use persistent connections when connecting to redis (server#31450)
* Fix settings error message timeout (server#31457)
* Connectivity check: allow using the protocol in connectivity_check_domains (server#31479)
* Add option to disallow creation of local storages (server#31481)
* Fix too many file download notifications when watching a video (server#31485)
* Fix new file menu (server#31490)
* Fix listeners declaration in case of occ usage (server#31529)
* Fix user status not resetting correctly after a call (server#31543)
* Prevent reading key on SFTP stat bool (server#31547)
* Fix more than 1000 entries in queries exception in CardDavBackend (server#31550)
* Update CRL after revoke deckimportfromtrello.csr (server#31618)
* Revert Fix listeners declaration in case of occ usage (server#31642)
* Try to reduce the load from writing (activity#731)
* Allow specify a config prefix for another database connection (activity#735)
* Adjust nextcloud lib version (activity#739)
* Make background job time insensitive (activity#741)
* Fix cached circle returning bool before being parsed as JSON (circles#932)
* MembershipsService -> membershipService (circles#934)
* Block/force circle types (circles#938)
* Set member as INVITED only if not external (circles#940)
* Allow configuration of one single password per circle (circles#944)
* Display spent time on request (circles#949)
* Lighter SQL requests and compat with Oracle (circles#956)
* Update population (circles#959)
* Fix PrimaryKey on circles_event (circles#965)
* Fix import (circles#970)
* Only refresh notifications once with notify push (notifications#1155)
* Improve mass notification processing (notifications#1156)
* Bump url-parse from 1.5.4 to 1.5.10 (photos#1043)
* Fix privacy UI with subscription (privacy#707)
* Bump vue-loader from 15.9.6 to 15.9.8 (privacy#712)
* Bump @nextcloud/babel-config from 1.0.0-beta.1 to 1.0.0 (privacy#715)
* Bump @babel/core from 7.13.15 to 7.13.16 (privacy#718)
* Bump eslint-import-resolver-webpack from 0.13.0 to 0.13.2 (privacy#721)
* Bump babel-loader from 8.2.2 to 8.2.3 (privacy#724)
* Bump sass from 1.32.10 to 1.32.13 (privacy#731)
* Bump vue and vue-template-compiler (privacy#732)
* Bump eslint-config-standard from 16.0.2 to 16.0.3 (privacy#733)
* Bump node-polyfill-webpack-plugin from 1.1.0 to 1.1.4 (privacy#734)
* Bump eslint-webpack-plugin from 2.5.3 to 2.5.4 (privacy#738)
* Add index for last_contact in text_sessions table (text#2147)
* Use file.path to track EditorWrapper instances more accurately (text#2150)
* Build(deps): bump prosemirror-transform from 1.3.3 to 1.3.4 (text#2159)
* Fix: only apply bullet style to ul > li (text#2195)
* Build(deps): bump prosemirror-view from 1.23.6 to 1.23.7 (text#2207)
* Fix: update psalm baseline to account for changes in server (text#2208)
* Derpgon cz fix/stable23/image data urls (text#2210)
* Display content first and then load menus (text#2228)
* Build(deps-dev): bump @babel/plugin-proposal-class-properties from 7.16.0 to 7.16.7 (viewer#1171)
* Build(deps-dev): bump @nextcloud/webpack-vue-config from 4.1.0 to 4.1.4 (viewer#1174)
* Build(deps): bump camelcase from 6.2.0 to 6.2.1 (viewer#1175)
* Build(deps): bump @nextcloud/event-bus from 2.1.0 to 2.1.1 (viewer#1176)
* Build(deps-dev): bump @cypress/browserify-preprocessor from 3.0.1 to 3.0.2 (viewer#1178)
* Build(deps-dev): bump @nextcloud/eslint-config from 6.1.0 to 6.1.2 (viewer#1179)
* Build(deps-dev): bump wait-on from 6.0.0 to 6.0.1 (viewer#1180)

"Please commit it" ryoon@

(khorben)

cyrus-saslauthd: let the RC script work unprivileged

This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64, Darwin/amd64.

Bumps PKGREVISION.

(khorben)