Sat Jan 28 22:45:07 2023
—
Update to 3.0.40. From the changelog: - switch generator-v3 docker image to ubi-minimal jre-17
Sat Jan 28 22:45:07 2023
—
doc: Updated devel/swagger-codegen to 3.0.40
Wed Jan 25 15:45:08 2023
—
Update to 3.0.39. From the changelog: - fix set-output in GH workflows by @frantuma in #12032 - bump org.json:json and jersey versions (CVE-2022-45690, CVE-2021-28168) by @frantuma in #12033
Wed Jan 25 15:45:08 2023
—
doc: Updated devel/swagger-codegen to 3.0.39
Tue Jan 24 00:45:04 2023
—
Update to 3.0.38. From the changelog: - add ENV disableOas31Resolve to dockerfile by @frantuma in #12026
Tue Jan 24 00:45:04 2023
—
doc: Updated devel/swagger-codegen to 3.0.38
Sat Jan 21 00:15:05 2023
—
Update to 4.2.0. From the changelog: - Feature: mob.sh now starts a mob session with an empty commit to skip CI when creating a new remote branch for the session. The commit is squashed or dropped when `mob done` except for `--no-squash` option.
Sat Jan 21 00:15:04 2023
—
doc: Updated devel/mob to 4.2.0
Fri Jan 20 14:45:08 2023
—
Update to 3.0.37. From the changelog: - Updated Swagger Core and Parser to latest release
Fri Jan 20 14:45:08 2023
—
doc: Updated devel/swagger-codegen to 3.0.37
Thu Jan 19 22:15:08 2023
—
Update to 1.30.0. From the changelog: * Fixed wrong OOD-cache value of source file dependency. Targets could be rebuilt without any reason.
Thu Jan 19 22:15:08 2023
—
doc: Updated devel/goredo to 1.30.0
Wed Jan 18 15:15:04 2023
—
Add and enable sheldon.
Wed Jan 18 15:15:04 2023
—
Add sheldon, a fast, configurable shell plugin manager. Features: - Plugins from Git repositories - Branch / tag / commit support - Submodule support - First class support for GitHub repositories - First class support for Gists - Arbitrary remote scripts or binary plugins - Local plugins - Inline plugins
Wed Jan 18 15:15:04 2023
—
doc: Added shells/sheldon version 0.7.1
Wed Jan 18 08:45:04 2023
—
Update to 2.11.2.0. From the changelog: - Adaptation to skalibs-2.13.0.0. - The name of the service is now passed as an argument to ./run and as the third argument to ./finish. - The 1-second service restart delay can now only be skipped when the service is ready. - New s6-log directive: p, to set a log line prefix. - Implementation of instances! New programs: s6-instance-maker, s6-instance-create, s6-instance-delete, s6-instance-control, s6-instance-status, s6-instance-list. - Bugfixes.
Wed Jan 18 08:45:04 2023
—
Update to 2.9.1.0. From the changelog: - Adaptation to skalibs-2.13.0.0 - New program: eltest. - New -a/-o options to wait (-o waits for one process only). - wait now exits 99 on timeout. - Bugfixes.
Wed Jan 18 08:45:04 2023
—
doc: Updated devel/skalibs to 2.13.0.0
Wed Jan 18 08:45:04 2023
—
doc: Updated lang/execline to 2.9.1.0
Wed Jan 18 08:45:04 2023
—
doc: Updated sysutils/s6 to 2.11.2.0
Wed Jan 18 08:45:03 2023
—
Provide compatibility defines for skalibs 2.13.0.0 and up.
Wed Jan 18 08:45:03 2023
—
Update to 0.0.1.2. From the changelog: - Adaptation to skalibs-2.13.0.0.
Wed Jan 18 08:45:03 2023
—
Update to 1.27.39. From the changelog: 1.27.51 ======= * api-change:``billingconductor``: This release adds support for SKU Scope for pricing plans. * api-change:``cloud9``: Added minimum value to AutomaticStopTimeMinutes parameter. * api-change:``imagebuilder``: Add support for AWS Marketplace product IDs as input during CreateImageRecipe for the parent-image parameter. Add support for listing third-party components. * api-change:``network-firewall``: Network Firewall now allows creation of dual stack endpoints, enabling inspection of IPv6 traffic. 1.27.50 ======= * api-change:``connect``: This release updates the responses of UpdateContactFlowContent, UpdateContactFlowMetadata, UpdateContactFlowName and DeleteContactFlow API with empty responses. * api-change:``ec2``: Documentation updates for EC2. * api-change:``outposts``: This release adds POWER_30_KVA as an option for PowerDrawKva. PowerDrawKva is part of the RackPhysicalProperties structure in the CreateSite request. * api-change:``resource-groups``: AWS Resource Groups customers can now turn on Group Lifecycle Events in their AWS account. When you turn this on, Resource Groups monitors your groups for changes to group state or membership. Those changes are sent to Amazon EventBridge as events that you can respond to using rules you create. 1.27.49 ======= * api-change:``cleanrooms``: Initial release of AWS Clean Rooms * api-change:``lambda``: Add support for MaximumConcurrency parameter for SQS event source. Customers can now limit the maximum concurrent invocations for their SQS Event Source Mapping. * api-change:``logs``: Bug fix: logGroupName is now not a required field in GetLogEvents, FilterLogEvents, GetLogGroupFields, and DescribeLogStreams APIs as logGroupIdentifier can be provided instead * api-change:``mediaconvert``: The AWS Elemental MediaConvert SDK has added support for compact DASH manifest generation, audio normalization using TruePeak measurements, and the ability to clip the sample range in the color corrector. * api-change:``secretsmanager``: Update documentation for new ListSecrets and DescribeSecret parameters 1.27.48 ======= * api-change:``kendra``: This release adds support to new document types - RTF, XML, XSLT, MS_EXCEL, CSV, JSON, MD 1.27.47 ======= * api-change:``location``: This release adds support for two new route travel models, Bicycle and Motorcycle which can be used with Grab data source. * api-change:``rds``: This release adds support for configuring allocated storage on the CreateDBInstanceReadReplica, RestoreDBInstanceFromDBSnapshot, and RestoreDBInstanceToPointInTime APIs. 1.27.46 ======= * bugfix:``codeartifact login``: Fix parsing of dotnet output for aws codeartifact login command; fixes `#6197 <https://github.com/aws/aws-cli/issues/6197>`__ * api-change:``ecr-public``: This release for Amazon ECR Public makes several change to bring the SDK into sync with the API. * api-change:``kendra-ranking``: Introducing Amazon Kendra Intelligent Ranking, a new set of Kendra APIs that leverages Kendra semantic ranking capabilities to improve the quality of search results from other search services (i.e. OpenSearch, ElasticSearch, Solr). * api-change:``network-firewall``: Network Firewall now supports the Suricata rule action reject, in addition to the actions pass, drop, and alert. * api-change:``ram``: Enabled FIPS aws-us-gov endpoints in SDK. * api-change:``workspaces-web``: This release adds support for a new portal authentication type: AWS IAM Identity Center (successor to AWS Single Sign-On). 1.27.45 ======= * api-change:``acm-pca``: Added revocation parameter validation: bucket names must match S3 bucket naming rules and CNAMEs conform to RFC2396 restrictions on the use of special characters in URIs. * api-change:``auditmanager``: This release introduces a new data retention option in your Audit Manager settings. You can now use the DeregistrationPolicy parameter to specify if you want to delete your data when you deregister Audit Manager. 1.27.44 ======= * api-change:``amplifybackend``: Updated GetBackendAPIModels response to include ModelIntrospectionSchema json string * api-change:``apprunner``: This release adds support of securely referencing secrets and configuration data that are stored in Secrets Manager and SSM Parameter Store by adding them as environment secrets in your App Runner service. * api-change:``connect``: Documentation update for a new Initiation Method value in DescribeContact API * api-change:``emr-serverless``: Adds support for customized images. You can now provide runtime images when creating or updating EMR Serverless Applications. * api-change:``lightsail``: Documentation updates for Amazon Lightsail. * api-change:``mwaa``: MWAA supports Apache Airflow version 2.4.3. * api-change:``rds``: This release adds support for specifying which certificate authority (CA) to use for a DB instance's server certificate during DB instance creation, as well as other CA enhancements. 1.27.43 ======= * api-change:``application-autoscaling``: Customers can now use the existing DescribeScalingActivities API to also see the detailed and machine-readable reasons for Application Auto Scaling not scaling their resources and, if needed, take the necessary corrective actions. * api-change:``logs``: Update to remove sequenceToken as a required field in PutLogEvents calls. * api-change:``ssm``: Adding support for QuickSetup Document Type in Systems Manager 1.27.42 ======= * api-change:``securitylake``: Allow CreateSubscriber API to take string input that allows setting more descriptive SubscriberDescription field. Make souceTypes field required in model level for UpdateSubscriberRequest as it is required for every API call on the backend. Allow ListSubscribers take any String as nextToken param. 1.27.41 ======= * api-change:``cloudfront``: Extend response headers policy to support removing headers from viewer responses * api-change:``iotfleetwise``: Update documentation - correct the epoch constant value of default value for expiryTime field in CreateCampaign request. 1.27.40 ======= * api-change:``apigateway``: Documentation updates for Amazon API Gateway * api-change:``emr``: Update emr command to latest version * api-change:``secretsmanager``: Added owning service filter, include planned deletion flag, and next rotation date response parameter in ListSecrets. * api-change:``wisdom``: This release extends Wisdom CreateContent and StartContentUpload APIs to support PDF and MicrosoftWord docx document uploading.
Wed Jan 18 08:45:03 2023
—
Update to 1.29.0. From the changelog: * Fix possible error when two always-ed targets are run simultaneously. * Updated dependant libraries.
Wed Jan 18 08:45:03 2023
—
Update to 2.2.5.1. From the changelog: - Adaptation to skalibs-2.13.0.0. - s6-test is now deprecated: replaced with execline's eltest. - Bugfixes.
Wed Jan 18 08:45:03 2023
—
Update to 2.3.5.5. From the changelog: - Adaptation to skalibs-2.13.0.0. - Workarounds for broken DNS caches. - Bugfixes.
Wed Jan 18 08:45:03 2023
—
Update to 2.5.1.2. From the changelog: - Adaptation to skalibs-2.13.0.0. - Bugfixes.
Wed Jan 18 08:45:03 2023
—
Update to 3.7.0. From the upstream LibreSSL changelog: 3.5.3: * Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in advancing the passed *der_in pointer incorrectly. Thanks to Aram Sargsyan for reporting the issue and testing the fix. 3.6.0: * Internal improvements - Avoid expensive RFC 3779 checks during cert verification. - The templated ASN.1 decoder has been cleaned up, refactored, modernized with parts rewritten using CBB and CBS. - The ASN.1 time parser has been rewritten. - Rewrite and fix ASN1_STRING_to_UTF8(). - Use asn1_abs_set_unused_bits() rather than inlining it. - Simplify ec_asn1_group2curve(). - First pass at a clean up of ASN1_item_sign_ctx() - ssl_txt.c was cleaned up. - Internal function arguments and struct member have been changed to size_t. - Lots of missing error checks of EVP API were added. - Clean up and clarify BN_kronecker(). - Simplify ASN1_INTEGER_cmp() - Rewrite ASN1_INTEGER_{get,set}() using CBS and CBB and reuse the ASN1_INTEGER functions for ASN1_ENUMERATED. - Use ASN1_INTEGER to parse and build {Z,}LONG_it - Refactored and cleaned up group (elliptic curve) handling in t1_lib.c. - Simplify certificate list handling code in the legacy server. - Make CBB_finish() fail if *out_data is not NULL. - Remove tls_buffer_set_data() and remove/revise callers. - Rewrite SSL{_CTX,}_set_alpn_protos() using CBS. - Simplify tlsext_supported_groups_server_parse(). - Remove redundant length checks in tlsext parse functions. - Simplify tls13_server_encrypted_extensions_recv(). - Add read and write support to tls_buffer. - Convert TLS transcript from BUF_MEM to tls_buffer. - Clear key on exit in PKCS12_gen_mac(). - Minor fixes in PKCS12_parse(). - Provide and use a primitive clear function for BIGNUM_it. - Use ASN1_INTEGER to encode/decode BIGNUM_it. - Add stack frames to AES-NI x86_64 assembly. - Use named initialisers for BIGNUMs. - Tidy up some of BN_nist_mod_*. - Expand BLOCK_CIPHER_* and related macros. - Avoid shadowing the cbs function parameter in tlsext_alpn_server_parse() - Deduplicate peer certificate chain processing code. - Make it possible to signal an error from an i2c_* function. - Rewrite i2c_ASN1_INTEGER() using CBB/CBS. - Remove UINT32_MAX limitation on ChaCha() and CRYPTO_chacha_20(). - Remove bogus length checks from EVP_aead_chacha20_poly1305(). - Reworked DSA_size() and ECDSA_size(). - Stop using CBIGNUM_it internal to libcrypto. - Provide c2i_ASN1_ENUMERATED_cbs() and call it from asn1_c2i_primitive(). - Ensure ASN.1 types are appropriately encoded. - Avoid recycling ASN1_STRINGs when decoding ASN.1. - Tidy up asn1_c2i_primitive() slightly. - Mechanically expand IMPLEMENT_BLOCK_CIPHER, IMPLEMENT_CFBR, BLOCK_CIPHER and the looney M_do_cipher macros. - Use correct length for EVP CFB mode ciphers. - Provide a version of ssl_msg_callback() that takes a CBS. - Use CBS to parse TLS alerts in the legacy stack. - Increment the input and output position for EVP AES CFB1. - Ensure there is no trailing data for a CCS received by the TLSv1.3 stack. - Use CBS when procesing a CCS message in the legacy stack. - Be stricter with middlebox compatibility mode in the TLSv1.3 server. * Compatibility changes - The ASN.1 time parser has been refactored and rewritten using CBS. It has been made stricter in that it now enforces the rules from RFC 5280. - ASN1_AFLG_BROKEN was removed. - Error check tls_session_secret_cb() like OpenSSL. - Added ASN1_INTEGER_{get,set}_{u,}int64() - Move leaf certificate checks to the last thing after chain validation. - Added -s option to openssl(1) ciphers that only shows the ciphers supported by the specified protocol. - Use TLS_client_method() instead of TLSv1_client_method() in the openssl(1) ciphers command. - Validate the protocols in SSL{_CTX,}_set_alpn_protos(). - Made TS and PKCS12 opaque. - Per RFC 7292, safeContentsBag is a SEQUENCE OF, not a SET OF. - Align PKCS12_key_gen_uni() with OpenSSL - Various PKCS12 and TS accessors were added. In particular, the TS_RESP_CTX_set_time_cb() function was added back. - Allow a NULL header in PEM_write{,_bio}() - Allow empty attribute sets in CSRs. - Adjust signatures of BIO_ctrl functions. - Provide additional defines for EVP AEAD. - Provide OPENSSL_cleanup(). - Make BIO_info_cb() identical to bio_info_cb(). * Bug fixes - Avoid use of uninitialized in BN_mod_exp_recp(). - Fix X509_get_extension_flags() by ensuring that EXFLAG_INVALID is set on X509_get_purpose() failure. - Fix HMAC() with NULL key. - Add ERR_load_{COMP,CT,KDF}_strings() to ERR_load_crypto_strings(). - Avoid strict aliasing violations in BN_nist_mod_*(). - Do not return X509_V_ERR_UNSPECIFIED from X509_check_ca(). No return value of X509_check_ca() indicates failure. Application code should therefore issue a checked call to X509_check_purpose() before calling X509_check_ca(). - Rewrite and fix X509v3_asid_subset() to avoid segfaults on some valid input. - Call the ASN1_OP_D2I_PRE callback after ASN1_item_ex_new(). - Fix d2i_ASN1_OBJECT to advance the *der_in pointer correctly. - Avoid use of uninitialized in ASN1_STRING_to_UTF8(). - Do not pass uninitialized pointer to ASN1_STRING_to_UTF8(). - Do not refuse valid IPv6 addresses in nc(1)'s HTTP CONNECT proxy. - Do not reject primes in trial divisions. - Error out on negative shifts in BN_{r,l}shift() instead of accessing arrays out of bounds. - Fix URI name constraints, allow for URI's with no host part. - Fix the legacy verifier callback behaviour for untrusted certs. - Correct serfver-side handling of TLSv1.3 key updates. - Plug leak in PKCS12_setup_mac(). - Plug leak in X509V3_add1_i2d(). - Only print X.509 versions we know about. - Avoid signed integer overflow due to unary negation - Initialize readbytes in BIO_gets(). - Plug memory leak in CMS_add_simple_smimecap(). - Plug memory leak in X509_REQ_print_ex(). - Check HMAC() return value to avoid a later use of uninitialized. - Avoid potential NULL dereference in ssl_set_pkey(). - Check return values in ssl_print_tmp_key(). - Switch loop bounds from size_t to int in check_hosts(). - Avoid division by zero if no connection was made in s_time.c. - Check sk_SSL_CIPHER_push() return value - Avoid out-of-bounds read in ssl_cipher_process_rulestr(). - Use LONG_MAX as the limit for ciphers with long based APIs. * New features - EVP API for HKDF ported from OpenSSL and subsequently cleaned up. - The security level API (SSL_{,CTX}_{get,set}_security_level()) is now available. Callbacks and ex_data are not supported. Sane software will not be using this. - Experimental support for the BoringSSL QUIC API. - Add initial support for TS ESSCertIDv2 verification. - LibreSSL now uses the Baillie-PSW primality test instead of Miller-Rabin . 3.6.1: - Custom verification callbacks could cause the X.509 verifier to fail to store errors resulting from leaf certificate verification. Reported by Ilya Shipitsin. - Unbreak ASN.1 indefinite length encoding. Reported by Niklas Hallqvist. - Fix endian detection on macOS Reported by jiegec on Github 3.7.0: * Internal improvements - Remove dependency on system timegm() and gmtime() by replacing traditional Julian date conversion with POSIX epoch-seconds date conversion from BoringSSL. - Clean old and unused BN code dealing with primes. - Start rewriting name constraints code using CBS. - Remove support for the HMAC PRIVATE KEY. - Rework DSA signing and verifying internals. - First few passes on cleaning up the BN code. - Internal headers coming from OpenSSL are all called *_local.h now. - Rewrite TLSv1.2 key exporter. - Cleaned up and refactored various aspects of the legacy TLS stack. * Compatibility changes - BIO_read() and BIO_write() now behave more closely to OpenSSL 3 in various corner cases. More work is needed here. * Bug fixes - Add EVP_chacha20_poly1305() to the list of all ciphers. - Fix potential leaks of EVP_PKEY in various printing functions - Fix potential leak in OBJ_NAME_add(). - Avoid signed overflow in i2c_ASN1_BIT_STRING(). - Clean up EVP_PKEY_ASN1_METHOD related tables and code. - Fix long standing bugs BN_GF2m_poly2arr() and BN_GF2m_mod(). - Fix segfaults in BN_{dec,hex}2bn(). - Fix NULL dereference in x509_constraints_uri_host() reachable only in the process of generating certificates. - Fixed a variety of memory corruption issues in BIO chains coming from poor old and new API: BIO_push(), BIO_pop(), BIO_set_next(). - Avoid potential divide by zero in BIO_dump_indent_cb() * Documentation improvements - Numerous improvements and additions for ASN.1, BIO, BN, and X.509. - The BN documentation is now considered to be complete. * Testing and Proactive Security - As always, new test coverage is added as bugs are fixed and subsystems are cleaned up. - Many old tests rewritten, cleaned up and extended. * New features - Added Ed25519 support both as a primitive and via OpenSSL's EVP interfaces. - X25519 is now also supported via EVP. - The OpenSSL 1.1 raw public and private key API is available with support for EVP_PKEY_ED25519, EVP_PKEY_HMAC and EVP_PKEY_X25519. Poly1305 is not currently supported via this interface.
Wed Jan 18 08:45:03 2023
—
doc: Updated devel/goredo to 1.29.0
Wed Jan 18 08:45:03 2023
—
doc: Updated mail/smtpd-starttls-proxy to 0.0.1.2
Wed Jan 18 08:45:03 2023
—
doc: Updated misc/s6-portable-utils to 2.2.5.1
Wed Jan 18 08:45:03 2023
—
doc: Updated net/py-awscli to 1.27.51
Wed Jan 18 08:45:03 2023
—
doc: Updated net/s6-dns to 2.3.5.5
Wed Jan 18 08:45:03 2023
—
doc: Updated net/s6-networking to 2.5.1.2
Wed Jan 18 08:45:03 2023
—
doc: Updated security/libretls to 3.7.0
Tue Jan 10 13:45:05 2023
—
Update to 20230101. From the changelog: - LICENCE update from public-domain to CC0 public domain works differently depending on the country, to avoid it, set explicitly CC0
Tue Jan 10 13:45:05 2023
—
Update to 20230101. From the changelog: 20230101: - removed duplicit crypto_scalarmult_curve25519.* implementation and used X25519 from bearssl library - randombytes: rollback to /dev/urandom variant only - Makefile: removed bearssl target 20221229: - fixed parallel build 20221227: - LICENCE updated from public-domain to CC0 - updated examples and linked examples.md from README.md - added more error log messages when proxy-protocol is used
Tue Jan 10 13:45:05 2023
—
doc: Updated net/dq to 20230101
Tue Jan 10 13:45:05 2023
—
doc: Updated security/tlswrapper to 20230101
Thu Jan 5 23:45:03 2023
—
TODO: suggest Frescobaldi and EndBASIC.
Wed Dec 28 17:15:04 2022
—
doc: Updated pkgtools/rc.d-boot to 20221225
Wed Dec 28 17:15:04 2022
—
rc.d-boot: fix references to rc.subr in previous (it will have gotten installed to ${SYSCONFBASE}, not necessarily the same as ${PKG_SYSCONFDIR}). UNPRIVILEGED still works, says triaxx@. Bump version.
Tue Dec 27 16:45:07 2022
—
Add and enable asdf.
Tue Dec 27 16:45:07 2022
—
Add and enable gng.
Tue Dec 27 16:45:07 2022
—
Add and enable swagger-codegen.
Tue Dec 27 16:45:07 2022
—
Add gng, a tool to run (or create) each project's own Gradle wrapper. GNG is a script that automatically search your gradlew when you are inside your Gradle project and execute it. It also contains an official Gradle wrapper. You can create gradle projects from scratch without installing Gradle. This is originally inspired by gdub and gradlew-bootstrap.
Tue Dec 27 16:45:07 2022
—
Add swagger-codegen, for generating clients, server stubs, and docs from an OpenAPI spec. swagger-codegen contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition.
Tue Dec 27 16:45:07 2022
—
Indent.
Tue Dec 27 16:45:07 2022
—
Update to 1.14.2. From the changelog: ## v1.14.2 (2022-11-11) ### 1. Enhancements #### Elixir * [Code] Add `Code.eval_quoted_with_env/4` with support for the `:prune_binding` option #### ExUnit * [ExUnit.Case] Allow test cases to not be registered on use * [ExUnit.DocTest] Include `:doctest` and `:doctest_line` as meta tags * [ExUnit.Formatter] Expose `ExUnit.Formatter.format_assertion_diff/4` #### Mix * [Mix] `Mix.install/2` accepts atoms as paths ### 2. Bug fixes #### Elixir * [Code.Formatter] Fix `size*unit` shortcut in bitstring * [Kernel] Generate unique variables for macro expansion of `defguard` * [Protocol] Expand `:for` in protocols with the appropriate env #### ExUnit * [ExUnit] Do not run duplicate cases on `ExUnit.run/1` #### Mix * [mix test] Ensure proper error message when there is no test directory ## v1.14.1 (2022-10-10) ### 1. Enhancements #### Elixir * [Kernel] Perform partial expansion of literals in module attributes * [Kernel] Do not add compile-time dependencies for literals as defaults in `Application.compile_env/3` inside module attributes * [Macro] Add `Macro.expand_literals/2` and `Macro.expand_literals/3` * [System] Add `:close_stdin` to `System.shell/2` #### Mix * [mix test] Accept `--all-warnings` option ## 2. Bug fixes #### Elixir * [Kernel] Fix misleading warning when `:uniq` is given in `for` comprehensions and the result is unused * [Kernel] Improve error message for when there is a conflicting struct and ignoring module conflict * [Kernel] Do not delete `@enforce_keys` attribute after `defstruct` declaration * [Kernel] Do not crash the checker on modules with missing `:debug_info` chunk * [Macro] Fix error in `Macro.to_string/2` when converting an AST with `:erlang.binary_to_atom/2` * [String] Fix `String.split/3` and `String.next_grapheme/1` returning invalid results on invalid UTF-8 encoding * [System] Do not close stdin by default in `System.shell/2` * [URI] Do not return `uri.port` as `:undefined` in certain cases in `URI.new/1` #### ExUnit * [ExUnit.DocTest] Do not crash when both `:moduledoc` and functions are specified in `:only` #### IEx * [CLI] Fix invalid argument handling when `--no-pry` is given #### Mix * [mix format] Do not cache inputs from `.formatter.exs` so they are properly re-evaluted on every call
Tue Dec 27 16:45:07 2022
—
Update to 25.2 to match lang/erlang.
Tue Dec 27 16:45:07 2022
—
Update to 25.2. From the changelog: Potential incompatibilities: - The inet:setopts/2 {reuseaddr, true} option will now be ignored on Windows unless the socket is an UDP socket. For more information see the documentation of the reuseaddr option part of the documentation of inet:setopts/2. Prior to OTP 25 the {reuseaddr, true} option was ignored for all sockets on Windows, but as of OTP 25.0 this was changed so that it was not ignored for any sockets.
Tue Dec 27 16:45:07 2022
—
Update to 3.11.5. From the changelog: 3.11.5: ## Changes Worth Mentioning ### Core Server #### Enhancements * Backported a number of free disk space monitor resiliency improvements. GitHub issue: #5831 * `raft.adaptive_failure_detector.poll_interval` exposes [`aten`]()'s `poll_interval` setting to RabbitMQ users. Increasing it can reduce the probability of false positives in clusters where inter-node communication links are used at close to maximum capacity. The default is `5000` (5 seconds). GitHub issue: #6632 * When both `disk_free_limit.relative` and `disk_free_limit.absolute`, or both `vm_memory_high_watermark.relative` and `vm_memory_high_watermark.absolute` are set, the absolute settings will now take precedence. GitHub issue: #4980 * Closing channels will now log a warning if they had any messages pending a confirmation from the server. GitHub issue: #1399 * New quorum queue option for in-memory table (MemTable) compression. GitHub issue: #6590 * Default queue type (a virtual host setting) is now applied when importing definitions into a single virtual host. GitHub issue: #6599 #### Bug Fixes * Feature flags provided by plugins were mistakingly disabled after node restart. GitHub issue: #6500 * Classic queues with Single Active Consumer enabled could run into an exception. GitHub issue: #6502 * When a global parameter was cleared, nodes emitted an internal event of the wrong type. GitHub issue: #6538 ### CLI Tools #### Bug Fixes * `rabbitmq-queues grow` and `rabbitmq-queues shrink` misformatted the errors they could encounter. GitHub issue: #6601 #### Enhancements * Implicit `help` command (when CLI tools were invoked without a command name) now respects all global flags (such as `--node`). For example, previously the `--node` flag in rabbitmqctl --node rabbit@ns1.rabbitmq.cluster.local was ignored but now CLI tools would discover what plugins are enabled on node `rabbit@ns1.rabbitmq.cluster.local` and include them into `help` output. GitHub issue: #6598 * New key supported by `rabbitmqctl list_queues`: `effective_policy_definition` that returns merged definitions of regular and operator policies effective for the queue. GitHub issue: #6556 ### Management Plugin #### Enhancements * It is now possible to omit explicitly specifying queue type when declaring a queue (or stream) in the management UI, and rely on the default queue type configured for the selected virtual host. GitHub issue: #6600 * New HTTP API endpoint, `GET /api/config/effective`, returns effective node configuration. This is an HTTP API counterpart of `rabbitmq-diagnostics environment`. GitHub issue: #6016 ### Shovel Plugin #### Enhancements * Flow control state for Shovels is now reported with higher fidelity (of 1 second vs. several seconds previously). This means it should be easier to spot Shovels that run into flow control using management UI. GitHub issue: #6615 ### Sharding Plugin #### Bug Fixes * Plugin could fail to boot and halt node boot due to incorrect boot step metadata. GitHub issue: #6583 ## Dependency Upgrades * `ra` was upgraded from `2.4.1` to `2.4.5`. 3.11.4: ## Changes Worth Mentioning ### Core Server #### Enhancements * Import of definition files with many streams is now more efficient. GitHub issue: #6436 * Lower CPU throughput in clusters with many mostly idle streams. GitHub issue: #6436 * Streams with `max_age` retention now attempt to reclaim disk space every hour. This is relevant in environments with a lot of mostly inactive streams that set `max_age`. GitHub issue: #6436 * Quorum queues are now more resilient to WAL log growth with workloads that involve clients that register a consumer and then close the channel or connection without ever consuming any deliveries or cancelling the consumer. GitHub issue: #6447 #### Bug Fixes * When a node encouters an invalid `definitions.local.file` on boot, it will refuse to start instead of ignoring the file. GitHub issue: #2610 * Fixed a type analyzer definition. GitHub issue: #6401 ### CLI Tools #### Enhancements * `rabbitmq-diagnostics check_if_node_is_quorum_critical` and `rabbitmq-upgrade await_online_quorum_plus_one` now consider stream (not just quorum queues) replica placement when determining if target node is quorum-critical. GitHub issue: #6448 * Queue info keys now support more inclusive property names related to (deprecated) classic mirrored queues. For example, `mirror_pids` can now be used instead of `slave_pids`. GitHub issue: #2635 * `rabbitmq-diagnostics memory_breakdown` now executes significantly faster in environments with a large number (say, tens or hundreds of thousands) of quorum queues. Two orders of magnitude faster, in fact. GitHub issue: #6388 #### Bug Fixes * Definition export in JSON failed on nodes that used `definitions.skip_if_unchanged`. GitHub issue: #6424 * Using quorum queue-specific commands on streams now results in clearer error messages. GitHub issue: #6488 ### LDAP Plugin #### Bug Fixes * LDAP server password could end up in the logs in certain types of exceptions. GitHub issue: #4842 ### STOMP Plugin #### Enhancements * `x-max-age` stream setting now can be set by STOMP clients via a header. GitHub issue: #5003 ## Dependency Upgrades * `osiris` was upgraded from `1.3.3` to `1.4.0`
Tue Dec 27 16:45:07 2022
—
Update to 6.2. From the changelog: Merge pull requests: pdewacht#107 Added DCP-7070DW; Thanks Jan Musinsky pdewacht#133 Fixed MFC-7460DN; Thanks Peter Ye pdewacht#169 Changed Code; Thanks Thomas Nixon Added additional Brother printer entries: HL-L5000D series HL-L2370DN series DCP-7070DW DCP-8065DN Errors Fixed: Fix the ppd file name for the MFC-7460DN, changed from br7365dn.ppd to br7460dn.ppd Code Changes: Explicitly disable duplex in PCL \033&l0S. Issues Resolved: The HL-L2350DW printer continued to duplex even when disabled, but every other page was garbled. Thanks to Thomas Nixon for the fix.
Tue Dec 27 16:45:07 2022
—
doc: Added devel/asdf version 0.11.0
Tue Dec 27 16:45:07 2022
—
doc: Added devel/gng version 1.0.3
Tue Dec 27 16:45:07 2022
—
doc: Added devel/swagger-codegen version 3.0.36
Tue Dec 27 16:45:07 2022
—
doc: Updated lang/elixir to 1.14.2
Tue Dec 27 16:45:07 2022
—
doc: Updated lang/erlang to 25.2
Tue Dec 27 16:45:07 2022
—
doc: Updated lang/erlang-doc to 25.2
Tue Dec 27 16:45:07 2022
—
doc: Updated lang/erlang-man to 25.2
Tue Dec 27 16:45:07 2022
—
doc: Updated net/rabbitmq to 3.11.5
Tue Dec 27 16:45:07 2022
—
doc: Updated print/brlaser to 6.2
Sun Dec 25 11:30:04 2022
—
pkgsrc-cpus: cover the remaining platforms.
Sat Dec 24 10:30:06 2022
—
On NetBSD, set MAKE_JOBS from sysctl hw.ncpus.
Thu Dec 22 10:15:04 2022
—
Indent.
Thu Dec 22 10:15:04 2022
—
Update to 1.18.18. From the changelog: 1.18.18: - Replace deprecated egrep with grep -E. Thanks, Sam James - Added support for Void Linux's xbps package manager. Thanks, Zev Weiss. 1.18.17: - Fix committing of files with spaces in name when perl is not available. Thanks, Henrik Riomar - Ignore udev's FHS violating large binary cache file /etc/udev/hwdb.bin - Avoid warning messages from grep about binary files when there are filenames in /etc that do not correspond to the current locale settings. Thanks, thm pkgsrc changes: - Adjust installed bash-completion location to match other packages - Use MAKE_DIRS instead of OWN_DIRS so unchanged files are uninstalled - Take MAINTAINER
Thu Dec 22 10:15:04 2022
—
doc: Updated sysutils/etckeeper to 1.18.18
Wed Dec 21 15:30:05 2022
—
BUILDVM-TODO: update status.
Wed Dec 21 15:30:05 2022
—
buildvm-mk: accept ruby-license.
Wed Dec 21 15:30:05 2022
—
buildvm-mk: disable xcb option by default.
Tue Dec 20 17:45:07 2022
—
Update to 4.6.0. From the changelog: - Fix warning on signedness of the ONE constant. Thanks: Marek Vasut. - Add note to conf-cc about how to silence gcc's incorrect warning "suggest parentheses around assignment". Thanks: Marek Vasut. - Fix overflow in output for reported address. Thanks: Marek Vasut. - Add note about randomizing values used at runtime by seeding PRNG. Disabled by default for reproducibility.
Tue Dec 20 17:45:07 2022
—
doc: Updated sysutils/memtester to 4.6.0
Mon Dec 19 07:45:04 2022
—
Update to 4.2.2. From the changelog: Bugfixes: - Fixed problem with replay delay control in the UI, which did not work in locales with "," as decimal point. - Fixed UI bug where scrolling in the Running tab ended up scrolling numeric values if the cursor was there.
Mon Dec 19 07:45:04 2022
—
Update to 8.0.0. From the changelog: - Rename 'Throttle' to 'Limit'
Mon Dec 19 07:45:04 2022
—
Update to 8.0.0. No changes other than the version bump, but updating because this is usually tightly coupled with py-approvaltests.
Mon Dec 19 07:45:04 2022
—
doc: Updated devel/py-approval-utilities to 8.0.0
Mon Dec 19 07:45:04 2022
—
doc: Updated devel/py-approvaltests to 8.0.0
Mon Dec 19 07:45:04 2022
—
doc: Updated devel/texttest to 4.2.2
Mon Dec 19 05:30:03 2022
—
Try parallel builds, except where it looks broken.
Thu Dec 15 09:15:07 2022
—
Mark MAKE_JOBS_SAFE=no (likely fixes NetBSD-current bulk build).
Thu Dec 15 06:00:03 2022
—
Add trn-license for latest editors/ce.
Tue Dec 13 18:15:03 2022
—
REPLACE_BASH *.sh one subdirectory further, fixing - src/crypto/internal/boring/build.sh - src/go/doc/comment/mkstd.sh when ${PREFIX} != "/usr/pkg".
Tue Dec 13 09:45:05 2022
—
Avoid extracting the vendored discount library. We don't use it at all (instead buildlinking textproc/discount), and it sometimes contains macOS xattrs that break extraction as root on other systems. Fixes "Cannot restore extended attributes: com.apple.quarantine com.apple.quarantine" seen with pkg_comp(8) on NetBSD/amd64 9.3.
Mon Dec 12 10:45:04 2022
—
Update to 7.4.0. Changes: - Add dependency on py-typing-extensions - [pkgsrc] Add missing dependency on py-empty-files
Mon Dec 12 10:45:04 2022
—
Update to 7.4.0. From the changelog: Throttling of reporters after 5: - To avoid too many diff tools being launched, ApprovalTests will stop launching after the 5th time. This is configurable in GenericDiffReporter.throttling_threshold
Mon Dec 12 10:45:04 2022
—
doc: Updated devel/py-approval-utilities to 7.4.0
Mon Dec 12 10:45:04 2022
—
doc: Updated devel/py-approvaltests to 7.4.0
Thu Dec 8 09:15:04 2022
—
Update to 3.8.6. From the changelog: 3.8.6: ** Bug * [[MNG-7432](https://issues.apache.org/jira/browse/MNG-7432)] - [REGRESSION] Resolver session contains non-MavenWorkspaceReader * [[MNG-7433](https://issues.apache.org/jira/browse/MNG-7433)] - [REGRESSION] Multiple maven instances working on same source tree can lock each other * [[MNG-7441](https://issues.apache.org/jira/browse/MNG-7441)] - Update Version of (optional) Logback to Address CVE-2021-42550 * [[MNG-7448](https://issues.apache.org/jira/browse/MNG-7448)] - Don't ignore bin/ otherwise bin/ in apache-maven module cannot be readded * [[MNG-7455](https://issues.apache.org/jira/browse/MNG-7455)] - [REGRESSION] IllegalStateException in SessionScope during guice injection in multithreaded build * [[MNG-7459](https://issues.apache.org/jira/browse/MNG-7459)] - Revert MNG-7347 (SessionScoped beans should be singletons for a given session) * [[MNG-7467](https://issues.apache.org/jira/browse/MNG-7467)] - [REGRESSION] Compilation failure with relocated transitive dependency * [[MNG-7487](https://issues.apache.org/jira/browse/MNG-7487)] - Fix deadlock during forked lifecycle executions * [[MNG-7493](https://issues.apache.org/jira/browse/MNG-7493)] - [REGRESSION] Resolving dependencies between submodules fails ** New Feature * [[MNG-7486](https://issues.apache.org/jira/browse/MNG-7486)] - Create a multiline message helper for boxed log messages ** Improvement * [[MNG-7445](https://issues.apache.org/jira/browse/MNG-7445)] - to refactor some useless code * [[MNG-7476](https://issues.apache.org/jira/browse/MNG-7476)] - Display a warning when an aggregator mojo is locking other mojo executions ** Task * [[MNG-7466](https://issues.apache.org/jira/browse/MNG-7466)] - Align Assembly Descriptor NS versions ** Dependency upgrade * [[MNG-7488](https://issues.apache.org/jira/browse/MNG-7488)] - Upgrade SLF4J to 1.7.36 * [[MNG-7489](https://issues.apache.org/jira/browse/MNG-7489)] - Upgrade JUnit to 4.13.2 * [[MNG-7490](https://issues.apache.org/jira/browse/MNG-7490)] - Upgrade Plexus Utils to 3.3.1 3.8.5: ** Bug * [[MNG-5180](https://issues.apache.org/jira/browse/MNG-5180)] - Versioning's snapshot version list is not included in metadata merge * [[MNG-5561](https://issues.apache.org/jira/browse/MNG-5561)] - Plugin relocation loses configuration * [[MNG-5982](https://issues.apache.org/jira/browse/MNG-5982)] - The POM for ... is invalid, transitive dependencies ... while property was overriden * [[MNG-6326](https://issues.apache.org/jira/browse/MNG-6326)] - Build continues when core extensions aren't found * [[MNG-6727](https://issues.apache.org/jira/browse/MNG-6727)] - Using version range in parent and CI Friendly Version fails * [[MNG-6802](https://issues.apache.org/jira/browse/MNG-6802)] - FileProfileActivator changes FileProfileActivator.exists which lets flattened resolveCiFriendliesOnly depending fail activating profile * [[MNG-7156](https://issues.apache.org/jira/browse/MNG-7156)] - Parallel build can cause issues between clean and forked goals * [[MNG-7335](https://issues.apache.org/jira/browse/MNG-7335)] - [Regression] Parallel build fails due to missing JAR artifacts in compilePath * [[MNG-7347](https://issues.apache.org/jira/browse/MNG-7347)] - SessionScoped beans should be singletons for a given session * [[MNG-7357](https://issues.apache.org/jira/browse/MNG-7357)] - All Maven Core JARs have unusual entry order * [[MNG-7362](https://issues.apache.org/jira/browse/MNG-7362)] - DefaultArtifactResolver has spurious "Failure detected" INFO log * [[MNG-7374](https://issues.apache.org/jira/browse/MNG-7374)] - Mutating RelocatedArtifact does not retain type * [[MNG-7386](https://issues.apache.org/jira/browse/MNG-7386)] - ModelMerger$MergingList is not serializable * [[MNG-7402](https://issues.apache.org/jira/browse/MNG-7402)] - BuildListCalculator never detaches the classloader * [[MNG-7417](https://issues.apache.org/jira/browse/MNG-7417)] - Several classes do not set properties properly for building requests ** New Feature * [[MNG-7395](https://issues.apache.org/jira/browse/MNG-7395)] - Support interpolation in extensions.xml * [[MNG-7407](https://issues.apache.org/jira/browse/MNG-7407)] - Introduce a ModelVersionProcessor component to make CI Friendly Versions pluggable ** Improvement * [[MNG-6960](https://issues.apache.org/jira/browse/MNG-6960)] - Use RuntimeInformation instead of reading properties * [[MNG-7349](https://issues.apache.org/jira/browse/MNG-7349)] - Limit relocation warning message to direct dependencies only * [[MNG-7380](https://issues.apache.org/jira/browse/MNG-7380)] - Don't log non-threadsafe warning if only building a single module * [[MNG-7381](https://issues.apache.org/jira/browse/MNG-7381)] - Shorten parallel builder thread name to artifactId, conditionally with groupId * [[MNG-7385](https://issues.apache.org/jira/browse/MNG-7385)] - Improve documentation on repository metadata * [[MNG-7400](https://issues.apache.org/jira/browse/MNG-7400)] - Allow more WorkspaceReaders to participate * [[MNG-7408](https://issues.apache.org/jira/browse/MNG-7408)] - Explain reporting plugin version automatic selection (in Maven 3) ** Dependency upgrade * [[MNG-7370](https://issues.apache.org/jira/browse/MNG-7370)] - Upgrade Maven Wagon to 3.5.1 * [[MNG-7384](https://issues.apache.org/jira/browse/MNG-7384)] - Upgrade Maven JAR Plugin to 3.2.2 * [[MNG-7428](https://issues.apache.org/jira/browse/MNG-7428)] - Upgrade Maven Parent to 35 3.8.4: ** Bug * [[MNG-7270](https://issues.apache.org/jira/browse/MNG-7270)] - Maven startup script (init) calls which(1) which is an external command * [[MNG-7285](https://issues.apache.org/jira/browse/MNG-7285)] - [Regression] MavenProject.getArtifacts() not returning correct value across multiple threads * [[MNG-7300](https://issues.apache.org/jira/browse/MNG-7300)] - [Regression] Reloading web application (Enter) fails due to java.lang.ClassNotFoundException ** Task * [[MNG-7312](https://issues.apache.org/jira/browse/MNG-7312)] - Revert ThreadLocal approach from MNG-6843 and MNG-7251 ** Dependency upgrade * [[MNG-7331](https://issues.apache.org/jira/browse/MNG-7331)] - Upgrade Jansi to 2.4.0
Thu Dec 8 09:15:04 2022
—
doc: Updated devel/apache-maven to 3.8.6
Thu Dec 8 07:45:05 2022
—
Update to 4.1.1. From the changelog: - Fix: mob showed the wrong executable name in windows - Feature: mob.sh now makes use of `--push-option=ci.skip` when pushing - Feature: mob.sh now warns you when your git version is too old
Thu Dec 8 07:45:05 2022
—
doc: Updated devel/mob to 4.1.1
Tue Dec 6 12:15:06 2022
—
README.Cygwin: if using git, make sure to checkout with Unix line endings.
Sun Nov 27 16:45:04 2022
—
Avoid needing additional dependency not yet in pkgsrc (or still-experimental core feature). Bump PKGREVISION.
Sun Nov 27 16:45:04 2022
—
doc: Updated textproc/po4a to 0.68nb2
Tue Nov 22 07:45:05 2022
—
Update to 7.3.0. From the changelog: - Doc: add CLI example
Tue Nov 22 07:45:05 2022
—
Update to 7.3.0. From the changelog: MrJobApprovals accepts options: - MrJobApprovals mistakenly did not allow you to pass options. It does now. This is an api change, hence the minor version bump.
Tue Nov 22 07:45:05 2022
—
doc: Updated devel/py-approval-utilities to 7.3.0
Tue Nov 22 07:45:05 2022
—
doc: Updated devel/py-approvaltests to 7.3.0
Thu Nov 17 11:45:04 2022
—
Update to 0.16. From the changelog: - 3f9e817 clean up MANIFEST and dist clean target files - eac211d update manifest files
Thu Nov 17 11:45:04 2022
—
doc: Updated textproc/p5-Text-Markdown-Discount to 0.16
Tue Nov 15 16:00:05 2022
—
From <URL:http://cr.yp.to/distributors.html>: 2022.11.15: I hereby place the serialmail package (in particular, serialmail-0.75.tar.gz, with SHA-256 checksum 1825c911087f28692c3441d4f95747201c520a22575ab3e6132b5c14097038f3) into the public domain. The package is no longer copyrighted. Bump PKGREVISION for license change.
Tue Nov 15 16:00:05 2022
—
doc: Updated mail/serialmail to 0.75nb3
Tue Nov 15 10:00:08 2022
—
Update to 0.14. From the changelog: - e191fde Add missing URL in POD @anirvan
Tue Nov 15 10:00:08 2022
—
Update to 1.28.0. From the changelog: * Do not remove '.lock' files, that leads to possible races between running targets. Although 'nncp-cleanup lock' can be used to cleanup. * Updated dependant libraries.
Tue Nov 15 10:00:08 2022
—
Update to 2.2.7b. From the changelog: - Declare missing dependencies for pandoc_headers to fix parallel make
Tue Nov 15 10:00:08 2022
—
Update to 4.4. From the changelog: - added support for Zig - added `Legacy` option in lsp.conf to add support for LSP servers without capabilities report - removed apidocs target in makefile - CLI: added `--ls-legacy` option - GUI: added legacy checkbox in the LSP section
Tue Nov 15 10:00:08 2022
—
doc: Updated devel/goredo to 1.28.0
Tue Nov 15 10:00:08 2022
—
doc: Updated textproc/discount to 2.2.7b
Tue Nov 15 10:00:08 2022
—
doc: Updated textproc/highlight to 4.4
Tue Nov 15 10:00:08 2022
—
doc: Updated textproc/libhighlight to 4.4
Tue Nov 15 10:00:08 2022
—
doc: Updated textproc/p5-Text-Markdown-Discount to 0.14
Tue Nov 15 10:00:08 2022
—
doc: Updated textproc/p5-highlight to 4.4
Mon Nov 7 18:30:06 2022
—
Add script to generate stable/unique MAC per host.
Mon Nov 7 18:30:06 2022
—
Specify which non-root user has the stuff.
Sat Nov 5 21:30:06 2022
—
Follow the default PKGSRC_USE_MKTOOLS=auto.
Sat Nov 5 21:30:06 2022
—
Reorganize default options. NFCI.
Sat Nov 5 01:30:07 2022
—
pkgsrc-vbox: Tribblix moved to qemu.
Thu Nov 3 23:30:05 2022
—
Oops, commit sums for new patch filenames.
Thu Nov 3 23:30:05 2022
—
Remove vestige of the tty-vs-x11 dualism from DESCR.
Thu Nov 3 12:30:06 2022
—
Missed a removal in previous.
Thu Nov 3 12:30:06 2022
—
Note removal (and successor) of ce-{doc,x11}.
Thu Nov 3 12:30:06 2022
—
Remove stray comment.
Thu Nov 3 12:30:06 2022
—
Retire ce-doc and ce-x11 packages.
Thu Nov 3 12:30:06 2022
—
Update to 4.8. No changelog. From the diffs: - Update maintainer email address - Regenerate with Autoconf 2.61 - Remove --with-purify configure option - Remove old malloc - Improve build system - Remove TODO - Sprinkle missing return types - Fix bugs pkgsrc changes: - Specify license - Merge ce-doc (always installed) and ce-x11 (with the 'x11' option) into this package - Remove MAKE_JOBS_SAFE=no (seems fine) - Comment patches and modernize patch filenames
Thu Nov 3 12:30:06 2022
—
doc: Updated editors/ce to 4.8
Wed Nov 2 22:00:04 2022
—
Fix macOS build with the 13.0 SDK, which has its own definition of __deprecated__.
Wed Nov 2 22:00:04 2022
—
Fix packaging after recent py-sphinx update.
Wed Nov 2 17:00:07 2022
—
Update to 3.5.2. From the changelog: - tls_signer: Replace ECDSA_METHOD with EC_KEY_METHOD - doc: Note OpenSSL 3.0.0 compatibility in README From the upstream LibreSSL changelog for 3.5.0: * New Features - The RFC 3779 API was ported from OpenSSL. Many bugs were fixed, regression tests were added and the code was cleaned up. - Certificate Transparency was ported from OpenSSL. Many internal improvements were made, resulting in cleaner and safer code. Regress coverage was added. libssl does not yet make use of it. * Portable Improvements - Fixed various POSIX compliance and other portability issues found by the port to the Sortix operating system. - Add libmd as platform specific libraries for Solaris. Issue reported from (ihsan <at> opencsw org) on libressl ML. - Set IA-64 compiler flag only if it is HP-UX with IA-64. Suggested from Larkin Nickle (me <at> larbob org) by libressl ML. - Enabled and scheduled Coverity scan. Contributed by Ilya Shipitsin (chipitsine <at> gmail com> on github. * Compatibility Changes - Most structs that were previously defined in the following headers are now opaque as they are in OpenSSL 1.1: bio.h, bn.h, comp.h, dh.h, dsa.h, evp.h, hmac.h, ocsp.h, rsa.h, x509.h, x509v3.h, x509_vfy.h - Switch TLSv1.3 cipher names from AEAD- to OpenSSL's TLS_ OpenSSL added the TLSv1.3 ciphersuites with "RFC names" instead of using something consistent with the previous naming. Various test suites expect these names (instead of checking for the much more sensible cipher numbers). The old names are still accepted as aliases. - Subject alternative names and name constraints are now validated when they are added to certificates. Various interoperability problems with stacks that validate certificates more strictly than OpenSSL can be avoided this way. - Attempt to opportunistically use the host name for SNI in s_client * Bug fixes - In some situations, the verifier would discard the error on an unvalidated certificate chain. This would happen when the verification callback was in use, instructing the verifier to continue unconditionally. This could lead to incorrect decisions being made in software. - Avoid an infinite loop in SSL_shutdown() - Fix another return 0 bug in SSL_shutdown() - Handle zero byte reads/writes that trigger handshakes in the TLSv1.3 stack - A long standing memleak in libtls CRL handling was fixed * Internal Improvements - Cache the SHA-512 hash instead of the SHA-1 hash and cache notBefore and notAfter times when X.509 certificates are parsed. - The X.509 lookup code has been simplified and cleaned up. - Fixed numerous issues flagged by coverity and the cryptofuzz project - Increased the number of Miller-Rabin checks in DH and DSA key/parameter generation - Started using the bytestring API in libcrypto for cleaner and safer code - Convert {i2d,d2i}_{,EC_,DSA_,RSA_}PUBKEY{,_bio,_fp}() to templated ASN1 - Convert ASN1_OBJECT_new() to calloc() - Convert ASN1_STRING_type_new() to calloc() - Rewrite ASN1_STRING_cmp() - Use calloc() for X509_CRL_METHOD_new() instead of malloc() - Convert ASN1_PCTX_new() to calloc() - Replace asn1_tlc_clear and asn1_tlc_clear_nc macros with a function - Consolidate {d2i,i2d}_{pr,pu}.c - Remove handling of a NULL BUF_MEM from asn1_collect() - Pull the recursion depth check up to the top of asn1_collect() - Inline collect_data() in asn1_collect() - Convert asn1_d2i_ex_primitive()/asn1_collect() from BUF_MEM to CBB - Clean up d2i_ASN1_BOOLEAN() and i2d_ASN1_BOOLEAN() - Consolidate ASN.1 universal tag type data - Rewrite ASN.1 identifier/length parsing in CBS - Make OBJ_obj2nid() work correctly with NID_undef - tlsext_tick_lifetime_hint is now an uint32_t - Untangle ssl3_get_message() return values - Rename tls13_buffer to tls_buffer - Fold DTLS_STATE_INTERNAL into DTLS1_STATE - Provide a way to determine our maximum legacy version - Mop up enc_read_ctx and read_hash - Fold SSL_SESSION_INTERNAL into SSL_SESSION - Use ssl_force_want_read in the DTLS code - Add record processing limit to DTLS code - Add explicit CBS_contains_zero_byte() check in CBS_strdup() - Improve SNI hostname validation - Ensure SSL_set_tlsext_host_name() is given a valid hostname - Fix a strange check in the auto DH codepath - Factor out/rewrite DHE key exchange - Convert server serialisation of DHE parameters/public key to new functions - Check DH public key in ssl_kex_peer_public_dhe() - Move the minimum DHE key size check into ssl_kex_peer_params_dhe() - Clean up and refactor server side DHE key exchange - Provide CBS_get_last_u8() - Provide CBS_get_u64() - Provide CBS_add_u64() - Provide various CBS_peek_* functions - Use CBS_get_last_u8() to find the content type in TLSv1.3 records - unifdef TLS13_USE_LEGACY_CLIENT_AUTH - Correct SSL_get_peer_cert_chain() when used with the TLSv1.3 stack - Only allow zero length key shares when we know we're doing HRR - Pull key share group/length CBB code up from tls13_key_share_public() - Refactor ssl3_get_server_kex_ecdhe() to separate parsing and validation - Return 0 on failure from send/get kex functions in the legacy stack - Rename tls13_key_share to tls_key_share - Allocate and free the EVP_AEAD_CTX struct in tls13_record_protection - Convert legacy TLS client to tls_key_share - Convert legacy TLS server to tls_key_share - Stop attempting to duplicate the public and private key of dh_tmp - Rename dh_tmp to dhe_params - Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY - Clean up pkey handling in ssl3_get_server_key_exchange() - Fix GOST skip certificate verify handling - Simplify tlsext_keyshare_server_parse() - Plumb decode errors through key share parsing code - Simplify SSL_get_peer_certificate() - Cleanup/simplify ssl_cert_type() - The S3I macro was removed - The openssl(1) cms and smime subcommands option handling was converted and the C source was cleaned up. * Documentation improvements - 45 new manual pages, most of which were written from scratch. Documentation coverage of ASN.1 and X.509 code has been significantly improved. Upstream 3.5.1 changelog: * A malicious certificate can cause an infinite loop. Reported by and fix from Tavis Ormandy and David Benjamin, Google. Upstream 3.5.2 changelog: This is the first stable release for the 3.5.x branch, as shipped with OpenBSD 7.1.
Wed Nov 2 17:00:07 2022
—
doc: Updated security/libretls to 3.5.2
Tue Nov 1 16:30:05 2022
—
Note nodejs{,16} PKGREVISION bumps.
Tue Nov 1 16:30:05 2022
—
lang/nodejs{,16}: as expected by upstream, install corepack (and bump PKGREVISION). For earlier versions, no change.
Mon Oct 31 22:30:04 2022
—
Add more Gentoo OS update details.
Mon Oct 31 22:30:04 2022
—
bootstrap-bootstrap: extract TREESDIR, NFCI.
Mon Oct 31 22:30:04 2022
—
bootstrap-moretools: add tmux, extract TREESDIR.
Mon Oct 31 22:30:04 2022
—
buildvm: WRKOBJDIR must not contain any symlinks.
Sun Oct 30 22:00:07 2022
—
Update to 0.83. From the changelog: - Updated keyword translations from upstream Cucumber project
Sun Oct 30 22:00:07 2022
—
doc: Updated devel/p5-Test-BDD-Cucumber to 0.83
Wed Oct 26 01:00:03 2022
—
Trim newly(?) verbose CC_VERSION on macOS Ventura.
Wed Oct 26 01:00:03 2022
—
pkgsrc-vbox: not much VirtualBox usage left.
Fri Oct 21 23:15:04 2022
—
Fix some line wrapping on wide terminals.
Fri Oct 21 15:30:08 2022
—
Install the zsh completion to site-functions. Bump PKGREVISION.
Fri Oct 21 15:30:08 2022
—
doc: Updated devel/git-base to 2.38.0nb1
Thu Oct 20 17:00:03 2022
—
Define environ before it's used, to fix build on at least NetBSD. Take MAINTAINER.
Thu Oct 20 17:00:03 2022
—
Take MAINTAINER.
Wed Oct 19 09:30:07 2022
—
Add and enable py-approval-utilities.
Wed Oct 19 09:30:07 2022
—
Add py-approval-utilities, utilities for your production code that work well with (and have just been extracted to their own package from) py-approvaltests.
Wed Oct 19 09:30:07 2022
—
Update to 7.2.0. From the changelog: 7.0.0: Breaking Change: - approval_utilities is becoming its own pypi package to allow usage in production code. 7.1.0: Command Line Approvals: - You can now easily verify command line outputs. You can also pass inputs into the command line under test, including Iterables. This allows you to easily test non-python programs from ApprovalTests. 7.2.0: - You can invoke a verify() call from the command line. This allows invoking python approvals from any other stack via subprocesses.
Wed Oct 19 09:30:07 2022
—
doc: Added devel/py-approval-utilities version 7.2.0
Wed Oct 19 09:30:07 2022
—
doc: Updated devel/py-approvaltests to 7.2.0
Wed Oct 19 08:30:06 2022
—
Update to 4.0.0. From the changelog: - **NEW** Feature: `mob reset` doesn't reset the mob branch anymore. It now warns you that it deletes the mob branch for everyone and if you want to continue do `mob reset --delete-remote-wip-branch`. - **NEW** Feature: `mob timer`, `mob break`, `mob start`, `mob next` and `mob done` will stop already running local timers. - Feature: `mob start --create` will create the remote branch and start the mob session on that branch. - Feature: mob.sh now also works with tools like `git-repo` which symlink the `.git` folder - Removed `MOB_START_INCLUDE_UNCOMMITTED_CHANGES` environment variable (has been deprecated for some time). - `MOB_DONE_SQUASH` no longer supports a boolean value, you have to use the proper values `squash`, `no-squash` or `squash-wip` instead.