-
Notifications
You must be signed in to change notification settings - Fork 160
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
editors/dte: update to dte-1.7 #26
Closed
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Upstream changelog: https://craigbarnes.gitlab.io/dte/releases.html
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Sep 23, 2018
## [v0.4.16](https://github.com/chef/mixlib-archive/tree/v0.4.16) (2018-08-28) #### Merged Pull Requests - Fix read_tar_magic to properly return an array when a file has less than 264 characters [#30](chef/mixlib-archive#30) ([bdwyertech](https://github.com/bdwyertech)) <!-- latest_release --> <!-- release_rollup since=0.4.13 --> ### Changes not yet released to rubygems.org #### Merged Pull Requests - Fix read_tar_magic to properly return an array when a file has less than 264 characters [#30](chef/mixlib-archive#30) ([bdwyertech](https://github.com/bdwyertech)) <!-- 0.4.16 --> - Fix mixlib-archive on Windows, add Appveyor [#31](chef/mixlib-archive#31) ([stuartpreston](https://github.com/stuartpreston)) <!-- 0.4.15 --> - Ensure that paths like foo..bar.baz aren't ignored [#9](chef/mixlib-archive#9) ([thommay](https://github.com/thommay)) <!-- 0.4.14 --> <!-- release_rollup --> <!-- latest_stable_release --> ## [v0.4.13](https://github.com/chef/mixlib-archive/tree/v0.4.13) (2018-08-03) #### Merged Pull Requests - add codeowners [#24](chef/mixlib-archive#24) ([thommay](https://github.com/thommay)) - Move deps to the Gemfile and expand Rake tasks [#25](chef/mixlib-archive#25) ([tas50](https://github.com/tas50)) - Add github issue template & standardize expeditor config [#26](chef/mixlib-archive#26) ([tas50](https://github.com/tas50)) - Update codeowners and add PR template [#27](chef/mixlib-archive#27) ([tas50](https://github.com/tas50)) - bugfix to make dir.chdir threadsafe [#29](chef/mixlib-archive#29) ([stevenoneill](https://github.com/stevenoneill)) <!-- latest_stable_release --> ## [v0.4.8](https://github.com/chef/mixlib-archive/tree/v0.4.8) (2018-06-21) #### Merged Pull Requests - Use the correct entry size for content with multi-byte characters. [#23](chef/mixlib-archive#23) ([coderanger](https://github.com/coderanger)) <!-- latest_release --> <!-- release_rollup since=0.4.7 --> ### Changes not yet released to rubygems.org #### Merged Pull Requests - Use the correct entry size for content with multi-byte characters. [#23](chef/mixlib-archive#23) ([coderanger](https://github.com/coderanger)) <!-- 0.4.8 --> <!-- release_rollup --> <!-- latest_stable_release --> ## [v0.4.7](https://github.com/chef/mixlib-archive/tree/v0.4.7) (2018-06-07) #### Merged Pull Requests - fixup strange edge case around tar magic reading [#22](chef/mixlib-archive#22) ([spion06](https://github.com/spion06)) <!-- latest_stable_release --> ## [v0.4.6](https://github.com/chef/mixlib-archive/tree/v0.4.6) (2018-05-08) #### Merged Pull Requests - update tar magic to identify oldgnu style tar headers [#21](chef/mixlib-archive#21) ([spion06](https://github.com/spion06)) ## [v0.4.5](https://github.com/chef/mixlib-archive/tree/v0.4.5) (2018-05-04) #### Merged Pull Requests - Fix up creating archives [#18](chef/mixlib-archive#18) ([thommay](https://github.com/thommay)) - Fix up writing tar archives with the rubygems tar [#19](chef/mixlib-archive#19) ([thommay](https://github.com/thommay)) ## [v0.4.2](https://github.com/chef/mixlib-archive/tree/v0.4.2) (2018-04-25) #### Merged Pull Requests - use libarchive by preference [#17](chef/mixlib-archive#17) ([thommay](https://github.com/thommay))
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Oct 29, 2018
2018-10-27 -- 0.9.0 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report! * Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report! * Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Be fully compliant to C89 (GitHub #28) and C++98 in test code * Fixed: Fix off-by-one in uriComposeQueryCharsRequired* and ...Ex* Reported space requirements were 1 byte bigger than necessary * Changed: Marked as deprecated: Deprecated functions: uriNormalizeSyntaxMaskRequired[AW] uriParseUri[AW] uriParseUriEx[AW] * Added: Add convenience functions to ease user code to parse a single URI New functions: uriParseSingleUri[AW] uriParseSingleUriEx[AW] uriParseSingleUriExMm[AW] * Added: Support for custom memory managers (GitHub #26, #35), see Doxygen New functions (as extension of existing ones): uriAddBaseUriExMm[AW] uriComposeQueryMallocExMm[AW] uriDissectQueryMallocExMm[AW] uriFreeQueryListMm[AW] uriFreeUriMembersMm[AW] uriNormalizeSyntaxExMm[AW] uriParseSingleUriExMm[AW] uriRemoveBaseUriMm[AW] New functions (for convenience): uriCompleteMemoryManager uriEmulateCalloc uriEmulateReallocarray uriTestMemoryManager New error codes: URI_ERROR_MEMORY_MANAGER_FAULTY URI_ERROR_MEMORY_MANAGER_INCOMPLETE New types: UriFuncCalloc UriFuncFree UriFuncMalloc UriFuncRealloc UriFuncReallocarray UriMemoryManager * Added: Add non-void versions of uriNormalizeSyntaxMaskRequired* New functions: uriNormalizeSyntaxMaskRequiredEx[AW] * Changed: Migrate test suite from CppTest to GoogleTest 1.8.1 * Improved: Make test suite free of memory leaks (GitHub #31) Thanks to AddressSanitizer! * Removed: Support for pointless define URI_SIZEDOWN (GitHub #29) Related configure option --enable-sizedown has also been removed. * Soname: 1:23:0
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Oct 29, 2018
textproc/uriparser: security update Revisions pulled up: - textproc/uriparser/Makefile 1.11 - textproc/uriparser/distinfo 1.9 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Mon Oct 29 16:17:25 UTC 2018 Modified Files: pkgsrc/textproc/uriparser: Makefile distinfo Log Message: Update uriparser to 0.9.0. 2018-10-27 -- 0.9.0 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report! * Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report! * Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Be fully compliant to C89 (GitHub #28) and C++98 in test code * Fixed: Fix off-by-one in uriComposeQueryCharsRequired* and ...Ex* Reported space requirements were 1 byte bigger than necessary * Changed: Marked as deprecated: Deprecated functions: uriNormalizeSyntaxMaskRequired[AW] uriParseUri[AW] uriParseUriEx[AW] * Added: Add convenience functions to ease user code to parse a single URI New functions: uriParseSingleUri[AW] uriParseSingleUriEx[AW] uriParseSingleUriExMm[AW] * Added: Support for custom memory managers (GitHub #26, #35), see Doxygen New functions (as extension of existing ones): uriAddBaseUriExMm[AW] uriComposeQueryMallocExMm[AW] uriDissectQueryMallocExMm[AW] uriFreeQueryListMm[AW] uriFreeUriMembersMm[AW] uriNormalizeSyntaxExMm[AW] uriParseSingleUriExMm[AW] uriRemoveBaseUriMm[AW] New functions (for convenience): uriCompleteMemoryManager uriEmulateCalloc uriEmulateReallocarray uriTestMemoryManager New error codes: URI_ERROR_MEMORY_MANAGER_FAULTY URI_ERROR_MEMORY_MANAGER_INCOMPLETE New types: UriFuncCalloc UriFuncFree UriFuncMalloc UriFuncRealloc UriFuncReallocarray UriMemoryManager * Added: Add non-void versions of uriNormalizeSyntaxMaskRequired* New functions: uriNormalizeSyntaxMaskRequiredEx[AW] * Changed: Migrate test suite from CppTest to GoogleTest 1.8.1 * Improved: Make test suite free of memory leaks (GitHub #31) Thanks to AddressSanitizer! * Removed: Support for pointless define URI_SIZEDOWN (GitHub #29) Related configure option --enable-sizedown has also been removed. * Soname: 1:23:0 To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/uriparser/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/textproc/uriparser/distinfo
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Dec 1, 2018
pkgsrc changes: - Switch to www/webkit-gtk (instead of using webkit24-gtk3) - Adjust GITHUB_RELEASE to remove the trailing `a', please note that this will probably not needed for future releases! Changes: 1.12.5 ------ * #665: Webkit browser now supplies 'Liferea' component in user agent * #664: Added "Mark All As Read" button to headerbar plugin * #620: Added flatpak JSON (glitsj16) * #579: Added item list column drag and drop reordering (Yanko Kaneti) * #436, #662: Move from GnomeKeyring to libsecret (bgermann) * Fixes #663: Correct instapaper sharing link (Daniel Alexandersen) * Fixes #661: Update sharing links (Daniel Alexandersen) * Fixes #271: Consistent over usage of CPU (trigger by "Next Unread" loop) (reported by GreenLunar) * #472, #632: Dropping Inoreader support (API broke) 1.12.4 ------ * Fixes #660: Added installable plugin to change accels (Lars Windolf) * Fixes #654: Segfault on date out of range (Leaiz) * Fixes #651: Fixes Free Music Archive link in default OPMLs (reported by benjbrandall) * Fixes #649: Switch from persistent to session-only cookies (Daniel Alexandersen) * Fixes #645, #646: unread count of vfolder (Leaiz) * Fixes #637: Extra keywords in .desktop file (syndication; rss; atom) (Daniel Alexandersen) * Fixes #557: Updating counters for remote sources (Leiaz) * Updated cookie usage hint in FAQ 1.12.3 ------ * #634: Added setting for custom download commands (Leiaz) * #614: GTK Headerbar support via plugin (Lars Windolf) * #608: Refactoring UI code to switch to GAction and GtkBuilder Note: this implies not having icons in the main menu anymore which were still there for all non-GNOME users (see #626). (Leiaz) * #589: Item list view column order rework as a preparation for possible real column drag&drop. Introduces a new DConf setting for the column order. (Yanko Kaneti) * Fixes #280: Mark read toolbar button always disabled for search folders (Lars Windolf, reported by dvahalev) * Fixes #591: Please add a safety question when "marking all read" (Leiaz, reported by Nudin) * Fixes #625: Avoid exception in trayicon.py (Lars Windolf) * Fixes #627: GnomeKeyring plugin fails to activate when keyring doesn't exist (Lars Windolf) * Fixes #630: Fix feed list selection after DnD (Peter Zaitev) * Fixes #633: Big Memory leak in date code (Leiaz) * Update of Turkish translation (emintufan) * Update of French translation (guilieb) 1.12.2 ------ * Adding a plugin installer plugin that allows discovering and automatically installing 3rd party plugins * #585: Drop language from user agent to increase privacy (Daniel Aleksandersen) * #583: Add transmission-gtk and aria2 as download tool options (Daniel Aleksandersen) * #495: New command line option --disable-plugins (-p) to start with all plugins disabled. * Fixes #610: Liferea not showing up in GNOME Software (Yanko Kaneti) * Fixes #604: Correctly print error message when failing to unlock GNOME keyring (ghost) * Fixes #602: CSS style for GTK link colors not used (reported by pupyc) * Fixes #581: Redirect location updates and adds HTTP 308 (RFC 7538) support (Daniel Aleksandersen) * Fixes #578: Unable to set unread items in bold (Leiaz, reported by EverEve) * #612: Update of French translation (Guillaume Bernard) * #596: Update of Swedish translation (jony0008) * #594: Update of Polish default feed list (wmyrda) * #584: Fixes broken OPML feed list entries (Daniel Aleksandersen) * #584: Added Norwegian feed list (Daniel Aleksandersen) * #577: Fixes newsbin doc typo (Daniel Aleksandersen) 1.12.1 ------ * Fixes #562: Lintian spelling errors (reported by Paul Gevers) * Fixes #563: Appstream data has new format (patch by Paul Gevers) * Fixes #572: Doesn't remember some sort orders (reported by geplus) * Fixes #504: Fix assertions/crashes on changing view layouts (Leiaz) * Fixes #573: Workaround to avoid GtkPaned shrinking (Leiaz) * #566: Update of Italian translation (Gianvito Cavasoli) * #566: Update of Italian default feed list (Gianvito Cavasoli) * #514: Update of Indonesian translation (Samsul Ma'arif) * #514: Added Indonesian default feed list (Samsul Ma'arif) * Update of German translation 1.12.0 ------ * Fixes unhiding from tray icon when activated via GApplication (when starting Liferea a 2nd time) * #399: Reorder columns in 'Normal' email-like view to have the date column always at the end (Mikel Olasagasti) * #532: Add plugin to make unread feeds titles bold (Yanko Kaneti) * Workaround for #503: Liferea deanonymize Tor (Leiaz) * Fixes #450: #546 Resize both panes in normal and wide view (Leiaz) * Fixes #538: toggle_visibility() does not make a minimized window visible again (reported by Balló György) * Fixes #522: Segfault when switching feed in combined view (patch by jonmstone) * Fixes #419, #457: Handling of relative URLs in Atom parser (Leiaz) * Added 'View Image' context menu option in HTML view * Dropped del.icio.us from social bookmarking options as it is a read-only service now. * Redesign of the wide view mode: larger titles with small text teasers * Added optional AMP/HTML5 content enrichment feature 1.12-rc3 -------- * Fixes #459: Fixes GtkDoc warnings (Leiaz) * Fixes #415: Filter commands are not asynchronous (Rich Coe) * Fixes #363: Missing space above internal browser address bar (reported by nekohayo, patch by Mikel Olasagasti) * Fixes #208: All "Unread" search folder items marked read at once (Leiaz) * Fixes #251: Liferea does not always use theme icons when it is launched on system startup (reported by GreenLunar, fix by Leiaz) * Change headline column sorting in wide view to time sorted * Updated Finnish translation (Jorma Karvonen) * Updated Latvian translation (Rihards Prieditis) * Updated Albanian translation (Bensik Bleta) * Updated Hungarian translation (Balázs Úr) * Updated Brazlian translation (Rafael Ferreira) * Updated French translation (Guillaume Bernard) 1.12-rc2 -------- * Change all g_warnings() to g_print() for remote source to avoid "crashing" on errors. * Reorganized all UI definitions in separate files to simplify GtkBuilder handling. * Github #425: Add GeoRSS info and map link in item header (Mikel Olasagasti) * Github #407: Replacing deprecated elements in preferences (Leiaz) * Github #396: Create LifereaApplication type (Leiaz) * Github #434: Partial RFC3229+feed support for bandwidth savings (Daniel Aleksandersen) * Fixes Github #208: gtk_tree_store_get_path: assertion 'iter->stamp == priv->stamp' (reported by Mno-hime) * Fixes Github #403: Leftover OSM XSLT in item view (reported by Paul Gevers) * Fixes Github #423: Internal browser shows files system on go-back (Leiaz, reported by Paul Gevers) * Updated German translation * Github #441: Updated French translation (Surfoo) 1.12-rc1a --------- * Fixing missing header files 1.12-rc1 -------- * Github #348: Added support for downloading content that cannot be displayed by HTML widget (e.g. PDFs) (Leiaz) * Github #355: Migrate to Python3 libpeas loader (patch by picsel2) * Github #311: Upgrade to WebKit2 (patch by Leiaz) * Github #292: Show new item count in tray icon (patch by mozbugbox) * Github #297: Minimize to systray on window close (patch by Hugo Arregui) * Github #325: Auto-fitting, translated license (patches by GreenLunar and Adolfo Jayme-Barrientos) * Fixes Github #73: Problem with favicon update (reported by asl97) * Fixes Github #177, #350: Tray icon not scaled properly (patch by mozbugbox) * Removes GeoIP rendering via OSM to avoid exposing users to remote JS library resources. (reported by Paul Gevers) * Fixes Github #337: Case sensitive sorting (reported by Pi03k) * Fixes Github #361: Show all enclosuers (Leiaz) * Fixes Github #368: Segfault on liferea-feed-add (Leiaz) * Fixes Github #382: Broken Auto-Detect/No Proxy setting (Leiaz) * Fixes Github #383: Per feed don't use proxy setting is broken (reported by Leiaz) * Github #309: Update of Japanese translation (IWAI, Masaharu) * Github #329: Update of Hebrew translation (GreenLunar) * Github #330: Update of Spanish translation (Adolfo Jayme-Barrientos) * Update of Swedish translation (Andreas Ronnquist) 1.11.7 ------ * Github #287: Add support for media:group. (patch by Leiaz) * Github #287: Fixes issues with media:content. (patch by Leiaz) * Fixes Github #283: Bad .desktop categories definition (reported by Wuzzy2) * Fixes Github #279: Fixes rules no visible in searchdialog (patch by Leiaz) * Fixes Github #278: No "Download" tab in Tools/Preferences (docs error, reported by Anders Jonsson) * Fixes Github #83: Segfault when sorting feeds in folder (patch by Leiaz) * Fixes French translation (patch by polo2ro) * Github #300: Updated manpage (patch by GreenLunar) 1.11.6 ------ * Added "Do Not Track" support (enabled per default) * Github #193: Added x-scheme-handler/feed to desktop file (suggested by GreenLunar) * Github #209: Add image icons to plugins (by GreenLunar) * Github #210: Enable tests for parsing RFC822 dates with 2 digit year (patch by arunanbala) * Fixes Github #78: Shaky text in feed list (reported by GreenLunar) * Fixes Github #195: Out-dated documentation on enclose download (reported by brian-in-crawford) * Fixes Github #198: Traceback on popup notifications (reported by GreenLunar) * Fixes Github #216: Untranslatable strings (reported by GreenLunar) * Fixes Github #256: PyGIWarnings on loading plugins (patch by glitjs16) 1.11.5 ------ * Github #178: Implementing full screen mode for videos (mozbugbox) * Fixes Github #32: Prevent erroneous "Mark all as read" (reported by Mno-hime) * Improves Github #36, #113: UI lock up during refresh (suggested by mozbugbox) * Fixes Github #180: Removing item from (v)folder marks all read (reported by GreenLunar) * Fixes Github #140, #158: Vertical pane placement is forgotten. (patch by foresto) * Fixes Github #182: Missing config.h include in date.c (reported by Paul Gevers) * Update of Russian translation (bboa) 1.11.4 ------ * Fixes Github #154: Crashes while starting (corrupt icon) (reported by jcamposz) * Github #149: Fixes a random crash on startup (patch by mozbugbox) * Fixes Github #79: RTL ordering of Back/Forward icons (reported by GreenLunar) * Fixes Github #30: Segfault after updating from 1.8 to 1.10 (reported by vakuum) * Fixes Github #87: URL resolving wrong if base tag involved (reported by DanMan, fixed by mozbugbox) * Fixes all defects reported by Coverity scan * Simplied external browser handling. Now Liferea only supports the gtk_show_uri() launch mechanism for the system default browser and a user specified browser command. * Update of Albanian translation (Besnik Bleta) * Update of Hebrew translation (Genghis Khan) * Update of Spanish translation (Juan Campos Zambrana) * Fixes typo in Italian translation 1.11.3 ------ * Fixes Github #134: Broken default news feed. (reported by pvdl) * Fixes Github #133: Subscribe into TheOldReader categories * Fixes Github #122: Crashes at launch, "segmentation fault" (reported by geoffm) * Fixes some memory leaks (patch by Rich Coe) * Fixes Github #145: Incorrect method triggered for 'Launch External' (patch by mozbugbox) * Fixes Github #48: Window stays hidden on next start after Ctrl+W (reported by Jeff Fortin) * Expose LifereaHtmlView to GObject Introspection (patch by mozbugbox) * Improves Google Reader API error handling * Now using HTTPS only when accessing TheOldReader * Added LifereaNodeSourceActivatable interface to allow plugins implementing new node source types. * Downgrade enclosure drop warning from Glib warning to debug trace. 1.11.2 ------ * Fixes Github #132: Broken documentation link (reported by kallus) * Fixes Github #121: Wrapping issue in folder display (reported by Jeff Forting) * Fixes Github #114: Avoid termination on UTF-8 validation error * Fixes Github #90: Libnotify plugin not working (reported by asl97) * Fixes Github #86: Support HTTP content negotiation (suggested by DanMan) * Black-list some categories used by Google Reader clones that should not be visible. * Allowing browser history to go back to previously shown headline when browsing inside the item view. * Dropping offline option as this is duplicated with desktop environment in GNOME/network manager. * Fixes Github #100: Problems with dark Adwaita theme in GTK 3.14 (reported by majutsushi) * Fixes for preferences dialog width. (patch by Jeff Fortin) * Update of Arabic translation (Khaled Hosny) 1.11.1 ------ * Fixes Github #81: Inability to add subscriptions (reported by GreenLunar) * Fixes Javascript links not opening in new browser tabs * Updated Hebrew translation (Genghis Khan) * Fixes Github #88: Minor DE translation mistake (moraxy) 1.11.0 ------ * Added experimental InoReader support * Added experimental Reedah support * Fixes SF #1123: Mistakenly claims "TinyTinyRSS source is not self-updating" (reported by Dominik Grafenhoher) * Fixes SF #1119: Crash on font resize at startup. (reported by David Smith) * Fixes #1056, #1089, #1098: Honor preferences when opening links (patch by Daniel Seither) * Fixes #1117: Selecting last unread item in reduced feed list jumps to next feed (reported by Bruce Guenter) * Fixes missing "Via" metadata type (patch by Rich Coe) * Fixes incorrect new count reset handling in item_state.c and some of the node source implementations. * Fixes SF #1096: missing installation of liferea.convert file (reported by stqn) * Fixes SF #1135: liferea-add-feed doesn't process feed:https// (patch by Kevin Walke) * Fixes SF #1137, #1142: startup race with LifereaHtmlView (reported by Yanko Kaneti) * Fixes Github #13: Parsing errors not visible with dark themes (reported by Steve Kelly) * Fixes Github #29: Do not use bold text for feeds/folders with unread items in the leftmost treeview (repored by Jeff Fortin) * Fixes SF #1141: Liferea does not update feeds with TinyTinyRSS (reported by Dominik Grafenhofer, denk_mal, Fabian Henze) * Fixes SF #1150: subscription prop/source: not all fields and buttons visible (reported by David Smith) * Fixes Github #26: RTL comments appear incorrectly (reported by yaconf) * Fixes Github #27: Images do not autosize to fit the available space (reported by Jeff Fortin) * Fixes Github #34: Add TinyTinyRSS Enclosure Support (reported by Adrixan) * Fixes Github #43: "Any of the following" search condition doesn't work (reported by Jeff Fortin) * Fixes Github #49: Some dialogs scrolling areas do not request enough height (reported by Jeff Fortin) * Fixes Github #53: Doesn't automatically update feed name and favicon for new feed (reported by asl97) * Patch SF #224: Update to new libxml2 buffer API (Simon Kagedal Reimer) * Patch SF #209: Avoid copying list in itemset_merge_items (kaloyan) * Make Liferea use ETags and send If-None-Match (patch by Chris Siebenmann) * Support NOCONFIGURE for RPM builds (Charles A Edwards) * Rename README to README.md * Removing libindicate support (to be added as plugin maybe) * Removing libnotify support (to be added as plugin maybe) * Removing build in tray icon support * Added tray icon plugin * Added category/folder support for TheOldReader * Added folder auto-removal for TinyTinyRSS & TheOldReader * Updated README on plugin contribution * Updated Arabic translation (Khaled Hosny)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
May 19, 2019
textproc/uriparser: security update Revisions pulled up: - textproc/uriparser/Makefile 1.11 - textproc/uriparser/distinfo 1.9 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Mon Oct 29 16:17:25 UTC 2018 Modified Files: pkgsrc/textproc/uriparser: Makefile distinfo Log Message: Update uriparser to 0.9.0. 2018-10-27 -- 0.9.0 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report! * Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report! * Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Be fully compliant to C89 (GitHub #28) and C++98 in test code * Fixed: Fix off-by-one in uriComposeQueryCharsRequired* and ...Ex* Reported space requirements were 1 byte bigger than necessary * Changed: Marked as deprecated: Deprecated functions: uriNormalizeSyntaxMaskRequired[AW] uriParseUri[AW] uriParseUriEx[AW] * Added: Add convenience functions to ease user code to parse a single URI New functions: uriParseSingleUri[AW] uriParseSingleUriEx[AW] uriParseSingleUriExMm[AW] * Added: Support for custom memory managers (GitHub #26, #35), see Doxygen New functions (as extension of existing ones): uriAddBaseUriExMm[AW] uriComposeQueryMallocExMm[AW] uriDissectQueryMallocExMm[AW] uriFreeQueryListMm[AW] uriFreeUriMembersMm[AW] uriNormalizeSyntaxExMm[AW] uriParseSingleUriExMm[AW] uriRemoveBaseUriMm[AW] New functions (for convenience): uriCompleteMemoryManager uriEmulateCalloc uriEmulateReallocarray uriTestMemoryManager New error codes: URI_ERROR_MEMORY_MANAGER_FAULTY URI_ERROR_MEMORY_MANAGER_INCOMPLETE New types: UriFuncCalloc UriFuncFree UriFuncMalloc UriFuncRealloc UriFuncReallocarray UriMemoryManager * Added: Add non-void versions of uriNormalizeSyntaxMaskRequired* New functions: uriNormalizeSyntaxMaskRequiredEx[AW] * Changed: Migrate test suite from CppTest to GoogleTest 1.8.1 * Improved: Make test suite free of memory leaks (GitHub #31) Thanks to AddressSanitizer! * Removed: Support for pointless define URI_SIZEDOWN (GitHub #29) Related configure option --enable-sizedown has also been removed. * Soname: 1:23:0 To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/uriparser/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/textproc/uriparser/distinfo
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 25, 2019
Changelog: New Libraries Variant2: A never-valueless, strong guarantee implementation of std::variant, from Peter Dimov. Updated Libraries Align: Support for any integral type in the integral versions of align_up and align_down. Revised the implementation of aligned_allocator to no longer require a specialization for void. Define propagate_on_container_move_assignment and is_always_equal in aligned_allocator. Asio: Improved performance slightly by eliminating a redundant move construction when completed handlers are dispatched. Eliminated a compiler warning by annotating a case fall-through in the free function connect() implementation. Fixed the is_*_buffer_sequence detection traits for user-defined sequence types. Fixed some Windows-specific warnings about an incompatible pointer cast when obtaining the CancelIoEx entry point. Changed to automatically set the defaults when opening a serial port on Windows. Changed the serial port get_option() member function to be const. Fixed a name hiding issue with the WinRT stream-oriented socket backend's shutdown function. Applied a minor fix to the documentation for is_dynamic_buffer. Added some support for Haiku OS. Added wolfSSL compatability. Changed to require C++17 or later for coroutines TS support with clang. Fixed a doxygen generation problem in the tutorial. Ensured example programs are correctly incorporated into the documentation. Any: Static initialization of the default constructed boost::any is now possible. Fixed performance regression in assignment on a compilers without move-semantics. Maintenance work. Beast: This version consists mostly of bug fixes and performance improvements. Substantial work included for the split compilation mode, to reduce compile time when defining BOOST_BEAST_SEPARATE_COMPILATION. We'd love to know how you or your company use Beast, consider adding an item to the Companies and Individuals Using Beast list. See the full Release Notes for a complete list of changes. Circular Buffer: Correct doxygen generated reference to no longer show internal members. (Glen Fernandes) Eliminate ubsan warning on add and sub. (Glen Fernandes) Fix incorrect check in is_uninitialized. (Niklas Fejes) Container: Fixed bugs: GitHub #47: "added alignment specification for small_vector". GitHub #88: "Implement C++17 MoveAssignable requirements for self-move assignments". GitHub #107: "Alignment ignored in resource_adaptor". GitHub #109: "Get rid of integer overflow in copy_move_algo.hpp (-fsanitize=integer)". GitHub #110: "Avoid gcc 9 deprecated copy warnings in new_allocator.hpp". GitHub #112: "vector::resize() compilation error with msvc-10..12: data is not a member of boost::detail::aligned_storage". GitHub #114: "Fix small_vector noexcept specification". GitHub #116: "MSVC + boost 1.70 compilation error when windows.h is already included (detail/thread_mutex.hpp)". GitHub #117: "flat_map/map::insert_or_assign with hint has wrong return types". GitHub #118: "Non-unique inplace_set_difference used in in flat_tree_merge_unique and iterator invalidation in insert_unique". GitHub #122: "Fix has_trivial_destructor_after_move". GitHub #123: "With heterogeneous lookup, equal_range can result in a range with length greater than 1". deque can now have options, using deque_options. The block size/bytes can be be specified. static_vector can now have options, using static_vector_options. Alignment and throwing behaviour can be be specified. small_vector can now have options, using small_vector_options. Alignment and growth factor can be be specified. Context: Add support for RISC-V LP64D #72: Fix ABI violation on ppc64 ELFv2 #99: cleanup of stack if creating ucontext fails Conversion: Maintenance work. Core: Added functions alloc_construct, alloc_construct_n, alloc_destroy, and alloc_destroy_n in <boost/core/alloc_construct.hpp> for allocator aware and exception safe construction and destruction of objects and arrays. (Glen Fernandes) Added constexpr functions first_scalar in <boost/core/first_scalar.hpp> for obtaining a pointer to the first scalar element of an array. Given a pointer of type T* they return a pointer of type remove_all_extents_t<T>*. (Glen Fernandes) Added class template noinit_adaptor in <boost/core/noinit_adaptor.hpp> which is an allocator adaptor that converts any allocator into one whose construct(ptr) performs default initialization via placement new, and whose destroy(ptr) invokes the value_type destructor directly. (Glen Fernandes) Added class template default_allocator in <boost/core/default_allocator.hpp>, which can serve as a minimal default allocator that has interface similar to C++20 std::allocator, supports configurations with disabled exceptions and does not have std as an associated namespace. The allocator uses operator new and operator delete for allocation. (Glen Fernandes) In <boost/core/uncaught_exceptions.hpp> header, added workarounds for better compatibility with QNX SDP 7.0 when libc++/libc++abi libraries are used. (Andrey Semashev, #59) The <boost/detail/sp_typeinfo.hpp> header is now marked as deprecated and will be removed in a future release. <boost/core/typeinfo.hpp> should be used instead. (Peter Dimov) Dynamic Bitset: Enabled hardware-assisted popcount on MSVC (#38). Added support for boost::hash and std::hash (#45). Support copy-initialization with default constructor (#48). Endian: Clarified requirements on the value type template parameter Added support for float and double Added endian_load, endian_store Updated endian_reverse to correctly support all non-bool integral types Moved deprecated names to the deprecated header endian.hpp Fiber: documentation for shared_work updated Filesystem: Fixed incorrect error_code returned from directory iterator increment when readdir_r is used. For path, fixed rvalue-aware operator/ return type to return an rvalue instead of rvalue reference. This fixes leaving a dangling reference in the user's code if the result of operator/ is bound to a const reference. (#110) Fixes for better compatibility with Windows CE. (#24) Added minimal support for CMake. (#106) Flyweight: Maintenance work. Histogram: New features: Support for thread-safe storages and new thread-safe accumulators Support for compiling without exceptions/RTTI (increases performance by 10-20 %) (with Glen Fernandes) Performance improvements for 1D and 2D histograms boost::histogram::indexed now returns forward iterator range instead of input iterator range boost::histogram::indexed_range::accessor is now non-copyable and acts like reference to cell value, making more algorithms from the C++ stdlib work boost::histogram::algorithm::reduce with new slice option and option fusion boost::histogram::algorithm::project accepts runtime indices for static histograms Bug Fixes: boost::histogram::algorithm::reduce also works on histograms that have some axis types without reduction support boost::histogram::axis::traits::update now works correctly for boost::histogram::axis::variant Other: 100 % test coverage Reduced internal Boost dependencies Improved documentation and examples Guaranteed no-throw moves for all builtin axis types Compile cleanly at higher warning levels See changelog for more details. IoStreams: Fixed processing of multi-stream files (#87). Added support for multi-threaded LZMA (#95). Interprocess: GitHub #85 ("warning: Implicit conversion loses integer precision"). GitHub #86 ("warning: Possible misuse of comma operator"). Intrusive: GitHub #42: Documentation does not describe treap priority_of_value changes GitHub #43: Fix tests with BOOST_INTRUSIVE_VARIADIC_TEMPLATES enabled GitHub #45: Disable variadic templates for MSVC-12 to avoid ICEs LexicalCast: Added tests for boost::filesystem::path conversions #25. Maintenance work, including #28. Log: New features: Improved support for C++17 std::string_view in basic_formatting_ostream. The string view can now participate in character code conversion on output. Added auto_newline formatter and stream manipulator. It can be used to ensure that formatted output always ends with a newline while avoiding duplicate newlines. In the output stream, text file and text multi-file sink backends added support for configuring behavior with regard to appending a trailing newline to every formatted log record. Use auto_newline_mode named parameter of the backend constructor or call the set_auto_newline_mode method on the sink backend. Note: The default behavior with regard to trailing newlines added by sink backends has changed slightly compared to the previous Boost.Log releases. The backends will now only add a trailing newline if there isn't one in the formatted log message string already. In previous releases a newline was added unconditionally. Added support for passing arbitrary function objects in the filter and format named parameters to sink constructors and convenience functions for initializing sinks. For example, it is now possible to specify C++11 lambda functions directly in these parameters. (#63) In the default filter and formatter factories used in filter and formatter parsers, added support for severity level attribute values of type boost::log::trivial::severity_level. For filters, the support is limited to attributes with "Severity" name. Bug fixes: Fixed incorrect parsing of components of the rotated file names while scanning for files in the text file sink backend. If the file name pattern ended with a placeholder (for example, a file counter), the scan_for_files method would not find files matching that pattern in the target storage, leaving them unmanaged. In particular, such files would not be deleted to free target storage. (#78) Updated basic_formatting_ostream and basic_record_ostream to make it possible to overload stream output operators for pointers to user-defined types. User-defined operator<< overloads taking std::basic_ostream and a pointer argument should now be picked up by the compiler when the pointer is being written to one of Boost.Log streams. (#84) See changelog for more details. Math: New features: Catmull-Rom interpolator now works in C++11 Cardinal quadratic B-spline interpolation Domain of elliptic integrals extended sin_pi and cos_pi performance improvements Forward-mode automatic differentiation Vector valued barycentric rational interpolation Ooura's method for evaluation of Fourier integrals Bug fixes: Multiple compatibility issues with Multiprecision fixed Lambert-W fixed on a rare architecture Metaparse: New features: In C++11 variadic template support for the following: sequence, one_of_c, one_of, repeated_one_of, repeated_one_of1, one_char_except_c, one_char_except. Bug fixes: BOOST_METAPARSE_STRING does not use out of range character values as template arguments. any_of_c<> does not create empty array in C++14. Move: Git Issue #26: "Invalid iterator increment/decrement in the last iteration of adaptive_sort_combine_blocks". Multi Array: Simplify allocator support by using new alloc_construct_n and alloc_destroy_n facilities from Core. (Glen Fernandes) Multi-index Containers: Added variants of const_mem_fun and mem_fun for differently qualified member functions (issue #24). Terse key specification syntax now correctly handles noexcept-specified member functions (issue #24). Outcome: Enhancements: #184 As per request from Boost release managers, relocated version.hpp and revision.hpp into detail, and added the Boost licence boilerplate to the top of every source file which was missing one (I think). Also took the opportunity to run the licence restamping script over all Outcome, so copyright dates are now up to date. #185 Add FAQ item explaining issue #185, and why we will do nothing to fix it right now. #189 Refactored the OUTCOME_TRY implementation to use more clarified customisation points capable of accepting very foreign inputs. Removed the std::experimental::expected<T, E> specialisations, as those are no longer necessary. Fixed the documentation for the customisation points which previously claimed that they are ADL discovered, which they are not. Added a recipe describing how to add in support for foreign input types. #183 Added a separate motivation/plug_error_code specifically for Boost. Bug fixes: OUTCOME_VERSION_MINOR hadn't been updated to 1. #181 Fix issue #181 where Outcome didn't actually implement the strong swap guarantee, despite being documented as doing so. #190 Fix issue #190 in Boost edition where unit test suite was not runnable from the Boost release distro. #182 Fix issue #182 where trait::is_exception_ptr_available<T> was always true, thus causing much weirdness, like not printing diagnostics and trying to feed everything to make_exception_ptr(). #192 Fix issue #192 where the std::basic_outcome_failure_exception_from_error() was being defined twice for translation units which combine standalone and Boost Outcome's. Parameter: Upgraded keyword generation macro BOOST_PARAMETER_TEMPLATE_KEYWORD (#15). Moved keyword generation macro BOOST_PARAMETER_NESTED_KEYWORD from Accumulators to this library (#28). Added support for std::reference_wrapper and std::ref() (#16). Moved boost::parameter::required, boost::parameter::optional, and boost::parameter::deduced metafunction definitions to their own header files in directory boost/parameter (#18). Added support for Boost.Parameter-enabled function call operators (#20). Added support for parameter category qualifiers "forward", "consume", and "move_from" (current qualifiers are "in", "out", and "in_out") (#21) (#23) based on http://www.modernescpp.com/index.php/c-core-guidelines-how-to-pass-function-parameters. Added new usage syntax BOOST_PARAMETER_NAME((object-name), namespace-name) qualifier(tag-name)) and BOOST_PARAMETER_NAME(qualifier(name)). (Existing code that uses qualifiers directly and correctly with BOOST_PARAMETER_FUNCTION and other code generation macros should remain unaffected for now, so no breaking changes.) The reason for the change in usage is to enable applying of parameter category constraints to Boost.Parameter-enabled functions and constructors invoked through argument composition. (Otherwise, it is currently possible to use argument composition to bypass parameter category constraints applied in BOOST_PARAMETER_FUNCTION et. al.) Added support for perfect forwarding (#23) (#26), so that parameter::parameters::operator() can accept non-const rvalues. As a positive side effect, Boost.Parameter-enabled functions and constructors are no longer bound by BOOST_PARAMETER_MAX_ARITY on compilers that support perfect forwarding. User code can now check for this support by detecting the configuration macro BOOST_PARAMETER_HAS_PERFECT_FORWARDING, or manually turn off this support by defining the configuration macro BOOST_PARAMETER_DISABLE_PERFECT_FORWARDING. Added metafunctions boost::parameter::is_argument_pack (#27), boost::parameter::are_tagged_arguments (#52), and boost::parameter::result_of::compose (#75). Added variadic function template boost::parameter::compose() which takes in named arguments and returns them in an argument pack (#52). For compilers that do not support perfect forwarding, the configuration macro BOOST_PARAMETER_COMPOSE_MAX_ARITY determines the maximum number of arguments that boost::parameter::compose() can take in (#61). Added code generation macros BOOST_PARAMETER_BASIC_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_BASIC_CONST_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_NO_SPEC_FUNCTION, BOOST_PARAMETER_NO_SPEC_MEMBER_FUNCTION, BOOST_PARAMETER_NO_SPEC_CONST_MEMBER_FUNCTION, BOOST_PARAMETER_NO_SPEC_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_NO_SPEC_CONST_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_NO_SPEC_CONSTRUCTOR, and BOOST_PARAMETER_NO_SPEC_NO_BASE_CONSTRUCTOR (#52). Added support for Boost.MP11 (#47) (#66) (#70). User code can now check for this support by detecting the configuration macro BOOST_PARAMETER_CAN_USE_MP11, or manually turn off this support by defining the configuration macro BOOST_PARAMETER_DISABLE_MP11_USAGE. Improved support for parameter-dependent return types via SFINAE (#73). PtrContainer: Fix a ptr_vector regression introduced in 1.66.0 (#24). PolyCollection: Maintenance work. SmartPtr: Added aliasing constructors to weak_ptr Added weak_ptr<T>::empty() Added enable_shared_from, shared_from, and weak_from Stacktrace: Fixed output of name(), source_location() and source_line() for the default constructed frame with thread sanitizer builds in C++98 mode. Fixed output of long strings from name() and source_location() on MSVC #78. Maintenance work. Test: Boost.test v3.11 see the Changes log for more details. Breaking changes: Boost.Test shows deprecation warnings if some very old headers as deprecated. If you encounter such warnings, please follow the indications: those headers will be removed in a future release. New feature: Now BOOST_TEST can be used to compare abstract types Bug fixes and pull requests: GitHub Issues: #209, #218 GitHub Pull Requests: #219, #224 Utility: Implemented function template ostream_string in <boost/utility/ostream_string.hpp> to optimally write any kind of string content to an output stream. It satisfies the requirements of [ostream.formatted.reqmts]. (Glen Fernandes) Optimized the stream output operators of basic_string_view and basic_string_ref to write directly to the rdbuf stream buffer. (Glen Fernandes) Uuid: Breaking change: MD5 name-based uuid generation was corrected to be identical on all endian systems. Define BOOST_UUID_COMPAT_PRE_1_71_MD5 to keep the result in a format compatible with 1.66 through 1.70. This does not affect the default name-based uuid generation which is based on SHA1. (#109) Variant: Fixed compilation of boost::apply_visitor with variants passed by non const reference in #68. Many thanks to Ed Catmur for providing the fix. Added support for std::hash (#49). Macro BOOST_VARIANT_DO_NOT_SPECIALIZE_STD_HASH could be defined to avoid those specializations. Added micro optimizations for binary size and performance by Nikita Kniazev in #63 and #66. Maintenance work, including #64 by Nikita Kniazev and #67 by Hans Dembinski. YAP: Added an example showing how to make self-evaluating YAP expressions (that is, expressions that don't need an explicit call to evaluate() or transform()).
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Oct 22, 2019
Update archivers/ruby-minitar to 0.9. ## 0.9 / 2019-09-04 * jtappa added the ability to skip fsync with a new option to Minitar.unpack and Minitar::Input#extract_entry. Provide `:fsync => false` as the last parameter to enable. Merged from a modified version of PR [#37][]. ## 0.8 / 2019-01-05 * inkstak resolved an issue introduced in the fix for [#31][] by allowing spaces to be considered valid characters in strict octal handling. Octal conversion ignores leading spaces. Merged from a slightly modified version of PR [#35][]. * dearblue contributed PR [#32][] providing an explicit call to #bytesize for strings that include multibyte characters. The PR has been modified to be compatible with older versions of Ruby and extend tests. * Akinori MUSHA (knu) contributed PR [#36][] that treats certain badly encoded regular files (with names ending in `/`) as if they were directories on decode. ## 0.7 / 2018-02-19 * Fixed issue [#28][] with a modified version of PR [#29][] covering the security policy and position for Minitar. Thanks so much to ooooooo\_q for the report and an initial patch. Additional information was added as [#30][]. * dearblue contributed PR [#33][] providing a fix for Minitar::Reader when the IO-like object does not have a `#pos` method. * Kevin McDermott contributed PR [#34][] so that an InvalidTarStream is raised if the tar header is not valid, preventing incorrect streaming of files from a non-tarfile. This is a minor breaking change, so the version has been bumped accordingly. * Kazuyoshi Kato contributed PR [#26][] providing support for the GNU tar long filename extension. * Addressed a potential DOS with negative size fields in tar headers ([#31][]). This has been handled in two ways: the size field in a tar header is interpreted as a strict octal value and the Minitar reader will raise an InvalidTarStream if the size ends up being negative anyway.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Nov 9, 2019
- mkdocs: enforce sufficiently new version, and use mkdocs-exclude. - cookbook/container: example of building+running docker containers. - cookbook/container: add missing PS1 to sh example - Merge pull request #25 from ejona86/missing-ps1 - cookbook/container: remove unexplained "exec >&2" lines. - cookbook/container: skip on missing cpio and missing kvm kernel image. - cookbook/container: some minor clarifications. - cookbook/container: minor proofreading - Merge pull request #26 from martinmosegaard/proof-cook-container - Better handling if parent closes REDO_CHEATFDS or MAKEFLAGS fds. - docs/cookbook/container: don't delete *.out and *.code during build. - mkdocs: include additional hljs languages. - Fix builder: Reinstate stderr instead of opening /dev/tty - Merge pull request #27 from spacefrogg/fix-tty - cookbook/container/kvm: better handling of \r\n line endings. - mkdocs: exclude more generated files from cookbook/container. - Merge remote-tracking branch 'origin/master' - mkdocs: exclude more generated file types. - Experimental new redoconf C/C++ build/autoconfiguration system. - redoconf: avoid sed -E in _objlist(). - redoconf: clock_gettime() detection needs to depend on -lrt. - redoconf: better handling of required vs optional detectors. - redoconf: posix.rc: fix abort when timespec is not available. - Fix some build problems on MacOS X. - minimal/do: remove dependency on 'seq' command. - Precompiled headers: supply "-x c-header" or "-x c++-header" if available. - docs/cookbook/c/allconfig.do: avoid need for '&' backgrounding. - mkdocs: don't bother to include cookbook/c/out.*/ dirs. - redoconf: move -Wl,-rpath flags to shlib.rc and add -Wl,-z,origin. - minimal/do: remove dependency on 'seq' command. - Certain redo post-build failures would still mark a target as built. - Overridden files were accidentally getting reclassified as static. - If redo searched all the way up to /default.do, it would run ./default.do instead. - Explicitly reject target/source filenames with newlines in them. - redo-ifchange regression: if REDO_LOG is not set, assume it's 1. - builder.py: atomically replace the log for a given target. - Merge branch 'master' into redoconf - redoconf: assorted minor fixes. - redoconf: a stub rc_include() now sources ./redoconf.rc automatically. - Merge branch 'redoconf' - logs.py: don't print (unchanged) lines with --no-log unless DEBUG. - Change -x/-v to only affect top-level targets by default, not recursively. - redo-log: sometimes print a (resumed) line after ending a level of recursion. - Minor clarifications to redo install instructions. - shelltest.od: warning 84 (W84) triggered on *all* shells, not just posh. - Work around ancient shells where >$3 does not implicitly quote $3. - docs/cookbook/container: update docker image builder. - docs/cookbook/redoconf-simple: a simple redoconf C++ project. - builder.py: create temp log file in the same directory as the final one. - Unset CDPATH if it is set. - redo-log: "(resumed)" lines didn't print as often as they should. - Fix minor pylint warnings. - redoconf/configure.sh: use "cmp -s" to silence output. - cookbook/container/default.sha256.do: use explicit close_fds=False. - Fix more problems with "/usr/bin/env python" picking python3. - Merge remote-tracking branch 'origin/experimental/dockrepo' - Oops, redo/whichpython.do would fail if python2.7 didn't exist. - Disable docker container test from toplevel 'redo test' - t/103-unicode: workaround unicode normalization on newer macOS. - t/shelltest.od: Add a new preliminary test for IFS= behaviour.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Nov 16, 2019
0.45 2019-07-23 - PR #21: fix version 0.43 in Changes file (thanks karenetheridge) - PR #19: Added missing license meta name. (thanks manwar and karenetheridge) - PR #24: allow for dev = 0 on NetBSD (thanks plicease) - PR #25: Remove warning when copying a dir without write perm on the original. (thanks ehickeycp) - Issue #26: change issues from rt to github
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Nov 19, 2019
6.05 2019-10-24 02:21:51Z - Fix GH#32 by checking for " as well as ; when splitting. (GH#49) (colinnewell) - Fix GH#48 update documentation about $version (GH#55) (Dave Menninger) - Fix broken README badge (GH#54) (Alex Peters) - Whenever possible, use an absolute four digit year for Time::Local (GH#52) (Olaf Alders) - Add test case for Issue #26 (GH#45) (George-NG) - Long numbers (GH#47) (pludlamCVL) - Cookies.pm: die if close on $fh in ->save fails (GH#46) (MCRayRay) - Replace "use vars" with "our" (GH#43) (James Raspass) - Fixed minor typo in the pod for HTTP::Cookies. (GH#39) (Mohammad S Anwar)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 1, 2020
0.5.1.1 (21 May 2018) * Only depend on fail package when GHC < 8.0. 0.5.1 (9 February 2017) * Re-export System.Random from Control.Monad.Random.{Lazy,Strict} and hence also from Control.Monad.Random. * Hackage r1: allow transformers-compat-0.6.x. 0.5 (3 January 2017) * This release has quite a few small additions as well as a big module reorganization. However, thanks to module re-exports, most existing code using the library should continue to work with no changes; the major version bump reflects the large reorganization and my inability to 100% guarantee that existing user code will not break. * The biggest changes that may be of interest to users of the library include new lazy vs strict variants of the Rand monad; a new MonadInterleave class which is a big improvement over MonadSplit; new PrimMonad instances; and new random selection functions like weighted, weightedMay, uniformMay, etc.. See the list below for full details. * Although there was some discussion of generalizing MonadRandom to work for a wider range of underlying generators (see #26, #31, and comments on this blog post), I decided to punt on that for now. It seems rather complicated and there are already good alternatives so I decided to keep things simple for this release. I'm still open to proposals for generalizing future releases. Changes in 0.5 include: * Refactor to reflect structure of mtl and transformers libraries. * Add lazy and strict variants of RandT. * Add MonadRandom and MonadSplit instances for ListT. * Add (but do not export) unRandT field to RandT. * Add MonadCont, MonadError, MonadRWS, PrimMonad, and MonadFail instances for RandT. * Add evalRandTIO operation. * Move fromList and uniform operations to Control.Monad.Random.Class. * fromList now raises an error when the total weight of elements is zero. * Generalize the type of uniform to work over any Foldable. * Add new operations weighted, weightedMay, fromListMay, and uniformMay. weighted is like fromList but generalized to work over any Foldable. The May variants return a Maybe result instead of raising an error. * New MonadInterleave class for random monads which can interleave random generation using split. In some ways this is similar to MonadSplit but much more useful. * Improved documentation. 0.4.2.3 (21 April 2016) * Mark Control.Monad.Random as Trustworthy. 0.4.2.2 (18 January 2016) * Allow transformers-0.5. 0.4.2.1 (16 January 2016) * Allow transformers-compat-0.5. 0.4.2 (16 January 2016) * Add MonadPlus and Alternative instances for RandT. 0.4.1 (20 November 2015) * Remove unnecessary Monad m constraint from liftRandT and runRandT. This should again technically require a major version bump, but I'm not doing it this time in the interest of not being super annoying. If this breaks something for you, just yell, and I will deprecate this version and do a proper 0.5 release. 0.4 (12 May 2015) * Remove unnecessary RandomGen g constraints from liftRandT, liftRand, evalRandT, evalRand, runRandT, runRand. * A major version bump is required by the PVP since the types of all the above methods have changed, but this release is again very unlikely to break any client code. 0.3.0.2 (30 March 2015) * Add transformers-compat to allow building with newer mtl 0.3.0.1 (24 November 2014) * Improve documentation: ranges are exclusive at the upper bound
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 14, 2020
textproc/uriparser: security update Revisions pulled up: - textproc/uriparser/Makefile 1.11 - textproc/uriparser/distinfo 1.9 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Mon Oct 29 16:17:25 UTC 2018 Modified Files: pkgsrc/textproc/uriparser: Makefile distinfo Log Message: Update uriparser to 0.9.0. 2018-10-27 -- 0.9.0 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report! * Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report! * Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Be fully compliant to C89 (GitHub #28) and C++98 in test code * Fixed: Fix off-by-one in uriComposeQueryCharsRequired* and ...Ex* Reported space requirements were 1 byte bigger than necessary * Changed: Marked as deprecated: Deprecated functions: uriNormalizeSyntaxMaskRequired[AW] uriParseUri[AW] uriParseUriEx[AW] * Added: Add convenience functions to ease user code to parse a single URI New functions: uriParseSingleUri[AW] uriParseSingleUriEx[AW] uriParseSingleUriExMm[AW] * Added: Support for custom memory managers (GitHub #26, #35), see Doxygen New functions (as extension of existing ones): uriAddBaseUriExMm[AW] uriComposeQueryMallocExMm[AW] uriDissectQueryMallocExMm[AW] uriFreeQueryListMm[AW] uriFreeUriMembersMm[AW] uriNormalizeSyntaxExMm[AW] uriParseSingleUriExMm[AW] uriRemoveBaseUriMm[AW] New functions (for convenience): uriCompleteMemoryManager uriEmulateCalloc uriEmulateReallocarray uriTestMemoryManager New error codes: URI_ERROR_MEMORY_MANAGER_FAULTY URI_ERROR_MEMORY_MANAGER_INCOMPLETE New types: UriFuncCalloc UriFuncFree UriFuncMalloc UriFuncRealloc UriFuncReallocarray UriMemoryManager * Added: Add non-void versions of uriNormalizeSyntaxMaskRequired* New functions: uriNormalizeSyntaxMaskRequiredEx[AW] * Changed: Migrate test suite from CppTest to GoogleTest 1.8.1 * Improved: Make test suite free of memory leaks (GitHub #31) Thanks to AddressSanitizer! * Removed: Support for pointless define URI_SIZEDOWN (GitHub #29) Related configure option --enable-sizedown has also been removed. * Soname: 1:23:0 To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/uriparser/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/textproc/uriparser/distinfo
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 14, 2020
0.5.1.1 (21 May 2018) * Only depend on fail package when GHC < 8.0. 0.5.1 (9 February 2017) * Re-export System.Random from Control.Monad.Random.{Lazy,Strict} and hence also from Control.Monad.Random. * Hackage r1: allow transformers-compat-0.6.x. 0.5 (3 January 2017) * This release has quite a few small additions as well as a big module reorganization. However, thanks to module re-exports, most existing code using the library should continue to work with no changes; the major version bump reflects the large reorganization and my inability to 100% guarantee that existing user code will not break. * The biggest changes that may be of interest to users of the library include new lazy vs strict variants of the Rand monad; a new MonadInterleave class which is a big improvement over MonadSplit; new PrimMonad instances; and new random selection functions like weighted, weightedMay, uniformMay, etc.. See the list below for full details. * Although there was some discussion of generalizing MonadRandom to work for a wider range of underlying generators (see #26, #31, and comments on this blog post), I decided to punt on that for now. It seems rather complicated and there are already good alternatives so I decided to keep things simple for this release. I'm still open to proposals for generalizing future releases. Changes in 0.5 include: * Refactor to reflect structure of mtl and transformers libraries. * Add lazy and strict variants of RandT. * Add MonadRandom and MonadSplit instances for ListT. * Add (but do not export) unRandT field to RandT. * Add MonadCont, MonadError, MonadRWS, PrimMonad, and MonadFail instances for RandT. * Add evalRandTIO operation. * Move fromList and uniform operations to Control.Monad.Random.Class. * fromList now raises an error when the total weight of elements is zero. * Generalize the type of uniform to work over any Foldable. * Add new operations weighted, weightedMay, fromListMay, and uniformMay. weighted is like fromList but generalized to work over any Foldable. The May variants return a Maybe result instead of raising an error. * New MonadInterleave class for random monads which can interleave random generation using split. In some ways this is similar to MonadSplit but much more useful. * Improved documentation. 0.4.2.3 (21 April 2016) * Mark Control.Monad.Random as Trustworthy. 0.4.2.2 (18 January 2016) * Allow transformers-0.5. 0.4.2.1 (16 January 2016) * Allow transformers-compat-0.5. 0.4.2 (16 January 2016) * Add MonadPlus and Alternative instances for RandT. 0.4.1 (20 November 2015) * Remove unnecessary Monad m constraint from liftRandT and runRandT. This should again technically require a major version bump, but I'm not doing it this time in the interest of not being super annoying. If this breaks something for you, just yell, and I will deprecate this version and do a proper 0.5 release. 0.4 (12 May 2015) * Remove unnecessary RandomGen g constraints from liftRandT, liftRand, evalRandT, evalRand, runRandT, runRand. * A major version bump is required by the PVP since the types of all the above methods have changed, but this release is again very unlikely to break any client code. 0.3.0.2 (30 March 2015) * Add transformers-compat to allow building with newer mtl 0.3.0.1 (24 November 2014) * Improve documentation: ranges are exclusive at the upper bound
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Apr 6, 2020
3.0.3 (stable) Build: * docs/docs/reference/meson.build: Check if perl is found (Kjell Ahlstedt) Issue #53 (Rasmus Thomsen) * README.md: Describe building with Meson (Kjell Ahlstedt) Examples: * Add example of using libsigc++ with Qt (Robert Middleton) Pull request #35 Tests: * Replace C-style casts with static_cast<> (Lennard Berger) 3.0.2 (stable) * Build: Meson build improvements. (Kjell Ahlstedt, Chun-Wei Fan) 3.0.1 (stable) * Build: - Add meson build, alongside the existing autotools and CMake builds. (Kjell Ahlstedt, Chun-Wei Fan) - CMake: Fix the MSVC build, enable warnings, and disable unnecessary warnings, with MVSC. (Stuart Dootson) * connection: Allow copying of empty connections. (Aigrind) * sigc++/adaptors/bind.h: Make bind_functor::bound_ public. (Used by sigc::visitor::do_visit_each(). (Kjell Ahlstedt) Bug #26 * test_limit_reference: Avoid virtual-move-assign warning (seen with g++ 9.2) (Murray Cumming) * signal: slot_iterator_buf: Remove unused T_result default type (Murray Cumming) * tests: Slight cleanups (Murray Cumming) * Remove unused #ifdefed code. (Murray Cumming)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
May 12, 2020
Patchlevel 7b (Oct 2019) NEW FEATURES: o A X color database is not needed, but can be provided. The location of the database can be given at compile time, default /etc/X11/rgb.txt. BUGS FIXED: Ticket numbers refer to https://sourceforge.net/p/mcj/tickets/#. Debian bug numbers refer to https://bugs.debian.org/#. o Do not clip objects with line-thickness 0 having arrows. Ticket #53. o Do not segfault on circle/half circle arrowheads with a magnification larger 42. Always draw circle arrowheads with 40 points. Ticket #52. o Allow circles or ellipses with negative radii. Ticket #49. o Avoid "dimension too large error" with tikz output by avoiding coordinate values smaller than -16383. o Make tests (test1.c) work with -fsanitize=address compiler option. o Obey join-style of lines in tikz output. o Pass utf8-strings to svg output, escape some chars (<>&). o Accept inclined boxes and change them to polygons. Fixes ticket #43. o Make tests #27 and #33 work on Mac Darwin, failed due to whitespace formatting differences. From Hanspeter Niederstrasser. Ticket #40. o Use only latex, neither etex or tex, to test tikz output. Usage of etex, after hint from Roland Rosenfeld, closed debian bug 920368. o For tikz output, do not draw arrows on a single point line. o Omit spurious showpage when including jpg-file. From Rainer Buchty. o Correct a few memory leaks and corruptions. See commit d1c54f6. o Change negative color numbers to default color. Fixes ticket #30. o A spline with one point would cause segfault. Fixed, see ticket #29. o Allow one char without newline in the last line of an input file. Fixes ticket #28. o Harden input, mainly against files in which an incomplete object would be created and freeing the object would violate memory, i.e, it may cause segfault. See, e.g., ticket #27. o Properly initalize line storage when reading fig files version 1.3. Would segfault when reading incomplete line and trying to free it. Fixes ticket #26, debian bug 906743. o Silently ignore the hundred-first and more comment lines. This fixes ticket #25 and debian bug 906740. o Use SetFigFont, not SetFigFontNFSS in pictex output. Fixes https://bugs.launchpad.net/ubuntu/+source/transfig/+bug/1359485 . o Accept blanks in color names (e.g., fig2dev -L eps -g"Misty Rose"..). o Correct typos in man-pages, debian 30_man_typo.patch. ------------------------------------- Patchlevel 7a (May 2018) NEW FEATURES: o Add option -w, wrap (create stand-alone perl file) for Perl/Tk output. o Distribute the X bitmaps files within fig2dev, no need to install these files. The files were needed for Tk and Perl/Tk output. BUGS FIXED: Ticket numbers refer to https://sourceforge.net/p/mcj/tickets/#. o Fix regression whereupon flipped ellipses were not read. Ticket #23. o Distribute i18n files ru_RU.CP1251.ps and uk_UA.KOI8-U.ps. o Make test "survive debian bug #890016" succeed on 32 bit systems. ------------------------------------- Patchlevel 7 (April 2018) OPTION LETTER CHANGES: o Language previous option current option ------------------------------------------------------------ cgm -b dummy -a epic -A scale -d scale eepic -A scale -d scale eepicemu -A scale -d scale gbx -i on|off -v ibmgl -m mag,xoff,yoff -m mag -x xoff -y yoff mp -I file -d file ps -S dummy -o NEW FEATURES: o Print language-specific help text by using fig2dev -L lang -h. o Add option -M, multipage, for MetaPost output language. o Add option -P, pagemode, and -z to choose a pagesize for pdf output. o Add option -W (scaling of figures not possible) for tikz. o Add option -b, border width, for LaTeX output language. o Add option -f for pstex_t and pdftex_t output language. o Add uk_UA and ru_RU encodings for PostScript output. Ticket #12. BUGS FIXED: o Update help text: Output help for dxf and textyl output language, add description of -g option for Tk/Tcl and Perl/Tk output, allow -f option for pstex_t and pdftex_t output language. Debian bug numbers refer to https://bugs.debian.org/#. Ticket numbers refer to https://sourceforge.net/p/mcj/tickets/#. o Sanitize input. Do not segfault on malformed input files. Fixes debian bugs 881143, 881144, 881396, 890015, 890016, 882021 and also 882022. o Do not put an %%Orientation: comment into PostScript output. Some viewers would rotate the resulting file, others not. o Fix build on NetBSD, which has a _setmode() function different from _setmode() on Windows. Ticket #17. Also, avoid alloca(). Ticket #16. o tikz output: Omit the semicolon after \pgftext[..]{...};. o Define PostScript patterns with larger tiles, may render better. #13 o Fix build in case libXpm is missing. Ticket #15. o Use netpbm programs instead of ghostscript, to produce smaller files. o Correctly embed eps files with binary preview (epsi, typically found on Microsoft systems). Also, allow to embed ps-files. Fixes debian bug 248807, ticket #8. o For compilation, do not depend on PATH_MAX being defined.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
May 27, 2020
textproc/uriparser: security update Revisions pulled up: - textproc/uriparser/Makefile 1.11 - textproc/uriparser/distinfo 1.9 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Mon Oct 29 16:17:25 UTC 2018 Modified Files: pkgsrc/textproc/uriparser: Makefile distinfo Log Message: Update uriparser to 0.9.0. 2018-10-27 -- 0.9.0 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report! * Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report! * Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Be fully compliant to C89 (GitHub #28) and C++98 in test code * Fixed: Fix off-by-one in uriComposeQueryCharsRequired* and ...Ex* Reported space requirements were 1 byte bigger than necessary * Changed: Marked as deprecated: Deprecated functions: uriNormalizeSyntaxMaskRequired[AW] uriParseUri[AW] uriParseUriEx[AW] * Added: Add convenience functions to ease user code to parse a single URI New functions: uriParseSingleUri[AW] uriParseSingleUriEx[AW] uriParseSingleUriExMm[AW] * Added: Support for custom memory managers (GitHub #26, #35), see Doxygen New functions (as extension of existing ones): uriAddBaseUriExMm[AW] uriComposeQueryMallocExMm[AW] uriDissectQueryMallocExMm[AW] uriFreeQueryListMm[AW] uriFreeUriMembersMm[AW] uriNormalizeSyntaxExMm[AW] uriParseSingleUriExMm[AW] uriRemoveBaseUriMm[AW] New functions (for convenience): uriCompleteMemoryManager uriEmulateCalloc uriEmulateReallocarray uriTestMemoryManager New error codes: URI_ERROR_MEMORY_MANAGER_FAULTY URI_ERROR_MEMORY_MANAGER_INCOMPLETE New types: UriFuncCalloc UriFuncFree UriFuncMalloc UriFuncRealloc UriFuncReallocarray UriMemoryManager * Added: Add non-void versions of uriNormalizeSyntaxMaskRequired* New functions: uriNormalizeSyntaxMaskRequiredEx[AW] * Changed: Migrate test suite from CppTest to GoogleTest 1.8.1 * Improved: Make test suite free of memory leaks (GitHub #31) Thanks to AddressSanitizer! * Removed: Support for pointless define URI_SIZEDOWN (GitHub #29) Related configure option --enable-sizedown has also been removed. * Soname: 1:23:0 To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/uriparser/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/textproc/uriparser/distinfo
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jun 10, 2020
Overview of changes in 3.36.0 ============================= * Updated translations: Finnish Kurdish (Sorani) Overview of changes in 3.35.90 ============================== * Bugs fixed: !41 Polish some rough edges in the Meson build !43 build: Remove AC_ISC_POSIX !44 build: Remove AC_HEADER_STDC !45 kerberos-identity-manager: Remove unused signal handler ID #43 daemon, dbus: Enable checking if a provider type is supported * Updated translations: Croatian English (British) Japanese Malay Overview of changes in 3.35.3 ============================= * Remove Pocket (!18) * Bugs fixed: !36 Drop the priv pointer from the GObject instance structures !37 Port away from deprecated GLib API like g_memove and g_get_current_time !39 webview: Port to JSCValue !40 Use the G_DECLARE_* macros to reduce GObject boilerplate #83 Add Exchange and Last.fm icons * Updated translations: Galician Russian Overview of changes in 3.35.1 ============================= * Bugs fixed: #8 icons: Unbreak providers without any visual identity * Updated translations: Basque Catalan Traditional Chinese (Taiwan) Czech Danish Dutch Finnish French Friulian Galician German Greek Hungarian Indonesian Italian Japanese Korean Latvian Lithuanian Persian Polish Portuguese (Brazilian) Punjabi Romanian Serbian Slovak Slovenian Spanish Swedish Turkish Overview of changes in 3.33.91 ============================== * Support Fedora Account System (#26) * Bugs fixed: !21 owncloud: Use "Nextcloud", not "ownCloud", in user-visible errors !23 build: Allow building with gettext ≥ 0.20 !26 webview: Make it more flexible in terms of its size !28 kerberos: Use GTask's task data slot to leverage the compiler !29 daemon: Return a D-Bus error if AddAccount fails to list all providers !30 kerberos: Use GTask's task data slot to leverage the compiler #73 build: Support the use of g_autolist with GoaObject 764157 Port to GTask from GSimpleAsyncResult * Updated translations: Basque Czech German Indonesian Karbi Lithuanian Polish Romanian Spanish Swedish Overview of changes in 3.32.0 ============================= * Updated translations: Basque Finnish Gaelic (Scottish) Icelandic Overview of changes in 3.31.90 ============================== * Bugs fixed: !17 icons: Replace PNGs with SVGs and add symbolics !19 google: Only request the email field when getting the user's identity 796095 alarm: Refresh Kerberos tickets after a suspended system is resumed * Updated translations: Afrikaans French Japanese Kabyle Overview of changes in 3.31.3 ============================= * Remove Todoist * Bugs fixed: !14 build: Don't define _POSIX_PTHREAD_SEMANTICS and _REENTRANT !15 identity: Port away from deprecated g_type_class_add_private 764157 Port to GTask from GSimpleAsyncResult * Updated translations: Belarusian Esperanto Estonian Malayalam Overview of changes in 3.30.0 ============================= * Updated translations: Arabic Overview of changes in 3.29.91 ============================== * Bugs fixed: !2 build: Fix #FooObject style links !8 Remove additional unnecessary GDestroyNotify casts #10 build: Silence warning about _FORTIFY_SOURCE requiring optimization Overview of changes in 3.29.4 ============================= * Bugs fixed: !2 Port to meson build system * Updated translations: Occitan Overview of changes in 3.29.1 ============================= * Remove Telepathy support (795322) * Updated translations: Simplified Chinese Czech
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Sep 4, 2020
Change the DEPENDS to BUILD_DEPENDS since it is only for test. Upstream changes: 0.52 2019-06-16 10:10:00 MANWAR - Applied patch provided by Matthew (Issue #25). 0.51 2019-06-15 06:30:00 MANWAR - Now ignores .git folder (Issue #26). 0.50 2019-06-14 15:30:00 MANWAR - Added Test::Roo::Role to the list (Issue #29). 0.49 2019-06-13 12:20:00 MANWAR - Fixed CPANTS issue (main_module_version_matches_dist_version). 0.48 2019-05-29 11:00:00 MANWAR - Added Test::Most to modules with strictures, #27 @robrwo
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Sep 7, 2020
1.28 2020-08-28 - Move a test that was added in 1.27 to xt. This test is a sensitive to small variations in error message text, and testing it locally and in CI is sufficient. Reported by Kent Fredric. GH #27. 1.27 2020-08-28 - The $locale->locale_data method now returns a deep clone of the locale's data. This allows you to safely modify any elements of the returned hash without breaking the original locale. Implemented by Alexander Pankoff. GH #26. - We now support loading locale data from relative directories in @inc. Implemented by Alexander Pankoff. GH #25. - When loading locale data, we now check $! for read errors, as well as checking for an error eval'ing the file's contents in $@. Fixed by Alexander Pankoff. GH #24. 1.26 2020-07-03 - Rebuilt all locale data with CLDR 37, released on 2020-04-23.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Sep 7, 2020
6.09 2020-07-16 13:33:05Z - Make available the version of SSL/TLS protocol used in the connection (GH#56) (Jon Jensen) 6.08 2020-03-23 20:19:22Z (TRIAL RELEASE) - Add defined check (GH#53) (Mohammad S Anwar) - Fix copyright year (GH#55) (Olaf Alders) - Upgrade Mozilla::CA dependency; originally #26 by dolmen (GH#54) (Shoichi Kaji) - Adds coverage tests (GH#51) (Juan Julin Merelo Guervs) - Migrated to DZil (GH PR#30) - Moved bug tracking from RT to GitHub (GH#48) (Olaf Alders)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Sep 10, 2020
Pkgsrc changes: * Added a patch to cope with fromStatT on NetBSD * Added a patch to cope with docker client default settings (build also on NetBSD) Upstream changes: 1.5.3 (August 27th, 2020) NOTE: All security content from 1.5.2, 1.5.1, 1.4.5, 1.4.4, 1.3.9, 1.3.8, 1.2.6, and 1.2.5 has been made fully open source, and the git tags for 1.5.3, 1.4.6, 1.3.10, and 1.2.7 will build correctly for open source users. BUG FIXES: * auth/aws: Made header handling for IAM authentication more robust * secrets/ssh: Fixed a bug with role option for SSH signing algorithm to allow more than RSA signing ## 1.5.1 CHANGES: * pki: The tidy operation will now remove revoked certificates if the parameter `tidy_revoked_certs` is set to `true`. This will result in certificate entries being immediately removed, as opposed to awaiting until its NotAfter time. Note that this only affects certificates that have been already revoked. [[GH-9609](https://github.com/hashicorp/vault/pull/9609)] IMPROVEMENTS: * auth/jwt: Add support for fetching groups and user information from G Suite during authentication. [[GH-9574](https://github.com/hashicorp/vault/pull/9574)] * secrets/openldap: Add "ad" schema that allows the engine to correctly rotate AD passwords. [[GH-9740](https://github.com/hashicorp/vault/pull/9740)] * ui: Wrap TTL option on transit engine export action is updated to a new component. [[GH-9632](https://github.com/hashicorp/vault/pull/9632)] BUG FIXES: * secrets/gcp: Ensure that the IAM policy version is appropriately set after a roleset's bindings have changed. [[GH-9603](https://github.com/hashicorp/vault/pull/9603)] * replication (enterprise): Fix status API output incorrectly stating replication is in `idle` state. * core: Fix panic when printing over-long info fields at startup [[GH-9681](https://github.com/hashicorp/vault/pull/9681)] ## 1.5.0 ### July 21st, 2020 CHANGES: * storage/raft: The storage configuration now accepts a new `max_entry_size` config that will limit the total size in bytes of any entry committed via raft. It defaults to `"1048576"` (1MiB). [[GH-9027](https://github.com/hashicorp/vault/pull/9027)] * token: Token creation with custom token ID via `id` will no longer allow periods (`.`) as part of the input string. The final generated token value may contain periods, such as the `s.` prefix for service token indication. [[GH-8646](https://github.com/hashicorp/vault/pull/8646/files)] * token: Token renewals will now return token policies within the `token_policies` , identity policies within `identity_policies`, and the full policy set within `policies`. [[GH-8535](https://github.com/hashicorp/vault/pull/8535)] * cubbyhole: Reject reads and writes to an empty ("") path. [[GH-8971](https://github.com/hashicorp/vault/pull/8971)] * core: Remove the addition of newlines to parsed configuration when using integer/boolean values [[GH-8928](https://github.com/hashicorp/vault/pull/8928)] * audit: Token TTL and issue time are now provided in the auth portion of audit logs. [[GH-9091](https://github.com/hashicorp/vault/pull/9091)] IMPROVEMENTS: * audit: Replication status requests are no longer audited. [[GH-8877](https://github.com/hashicorp/vault/pull/8877)] * audit: Added mount_type field to requests and responses. [[GH-9167](https://github.com/hashicorp/vault/pull/9167)] * auth/aws: Add support for Web Identity credentials [[GH-7738](https://github.com/hashicorp/vault/pull/7738)] * auth/jwt: Support users that are members of more than 200 groups on Azure [[GH-120](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/120)] * auth/kubernetes: Allow disabling `iss` validation [[GH-91](https://github.com/hashicorp/vault-plugin-auth-kubernetes/pull/91)] * core: Add the Go version used to build a Vault binary to the server message output. [[GH-9078](https://github.com/hashicorp/vault/pull/9078)] * core: Added Password Policies for user-configurable password generation [[GH-8637](https://github.com/hashicorp/vault/pull/8637)] * core: New telemetry metrics covering token counts, token creation, KV secret counts, lease creation. [[GH-9239](https://github.com/hashicorp/vault/pull/9239)] [[GH-9250](https://github.com/hashicorp/vault/pull/9250)] [[GH-9244](https://github.com/hashicorp/vault/pull/9244)] [[GH-9052](https://github.com/hashicorp/vault/pull/9052)] * cli: Support reading TLS parameters from file for the `vault operator raft join` command. [[GH-9060](https://github.com/hashicorp/vault/pull/9060)] * plugin: Add SDK method, `Sys.ReloadPlugin`, and CLI command, `vault plugin reload`, for reloading plugins. [[GH-8777](https://github.com/hashicorp/vault/pull/8777)] * plugin (enterprise): Add a scope field to plugin reload, which when global, reloads the plugin anywhere in a cluster. [[GH-9347](https://github.com/hashicorp/vault/pull/9347)] * sdk/framework: Support accepting TypeFloat parameters over the API [[GH-8923](https://github.com/hashicorp/vault/pull/8923)] * secrets/aws: Add iam_groups parameter to role create/update [[GH-8811](https://github.com/hashicorp/vault/pull/8811)] * secrets/database: Add static role rotation for MongoDB Atlas database plugin [[GH-11](https://github.com/hashicorp/vault-plugin-database-mongodbatlas/pull/11)] * secrets/database: Add static role rotation for MSSQL database plugin [[GH-9062](https://github.com/hashicorp/vault/pull/9062)] * secrets/database: Allow InfluxDB to use insecure TLS without cert bundle [[GH-8778](https://github.com/hashicorp/vault/pull/8778)] * secrets/gcp: Support BigQuery dataset ACLs in absence of IAM endpoints [[GH-78](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/78)] * secrets/pki: Allow 3072-bit RSA keys [[GH-8343](https://github.com/hashicorp/vault/pull/8343)] * secrets/ssh: Add a CA-mode role option to specify signing algorithm [[GH-9096](https://github.com/hashicorp/vault/pull/9096)] * secrets/transit: Transit requests that make use of keys now include a new field `key_version` in their responses [[GH-8775](https://github.com/hashicorp/vault/pull/8775)] * secrets/transit: Improving transit batch encrypt and decrypt latencies [[GH-9100](https://github.com/hashicorp/vault/pull/9100)] * sentinel: Add a sentinel config section, and "additional_enabled_modules", a list of Sentinel modules that may be imported in addition to the defaults. * ui: Update TTL picker styling on SSH secret engine [[GH-8891](https://github.com/hashicorp/vault/pull/8891)] * ui: Only render the JWT input field of the Vault login form on mounts configured for JWT auth [[GH-8952](https://github.com/hashicorp/vault/pull/8952)] * cli: Add a new subcommand, `vault monitor`, for tailing server logs in the console. [[GH-8477](https://github.com/hashicorp/vault/pull/8477)] * ui: Add replication dashboards. Improve replication management workflows. [[GH-8705]](https://github.com/hashicorp/vault/pull/8705). BUG FIXES: * agent: Restart template server when it shuts down [[GH-9200](https://github.com/hashicorp/vault/pull/9200)] * auth/oci: Fix issue where users of the Oracle Cloud Infrastructure (OCI) auth method could not authenticate when the plugin backend was mounted at a non-default path. [[GH-7](https://github.com/hashicorp/vault-plugin-auth-oci/pull/7)] * core: Extend replicated cubbyhole fix in 1.4.0 to cover case where a performance primary is also a DR primary [[GH-9148](https://github.com/hashicorp/vault/pull/9148)] * secrets/aws: Fix issue where performance standbys weren't able to generate STS credentials after an IAM access key rotation in AWS and root IAM credential update in Vault [[GH-9186](https://github.com/hashicorp/vault/pull/9186)] * secrets/database: Fix issue where rotating root database credentials while Vault's storage backend is unavailable causes Vault to lose access to the database [[GH-8782](https://github.com/hashicorp/vault/pull/8782)] * secrets/database: Fix issue that prevents performance standbys from connecting to databases after a root credential rotation [[GH-9129](https://github.com/hashicorp/vault/pull/9129)] * secrets/gcp: Fix issue were updates were not being applied to the `token_scopes` of a roleset. [[GH-90](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/90)] * secrets/kv: Return the value of delete_version_after when reading kv/config, even if it is set to the default. [[GH-42](https://github.com/hashicorp/vault-plugin-secrets-kv/pull/42)] * ui: Add Toggle component into core addon so it is available in KMIP and other Ember Engines. [[GH-8913]](https://github.com/hashicorp/vault/pull/8913) * ui: Disallow max versions value of large than 9999999999999999 on kv2 secrets engine. [[GH-9242](https://github.com/hashicorp/vault/pull/9242)] ## 1.4.3 (TBD) IMPROVEMENTS: * auth/aws: Add support for Web Identity credentials [[GH-9251](https://github.com/hashicorp/vault/pull/9251)] * core: Add the Go version used to build a Vault binary to the server message output. [[GH-9078](https://github.com/hashicorp/vault/pull/9078)] * secrets/database: Add static role rotation for MongoDB Atlas database plugin [[GH-9311](https://github.com/hashicorp/vault/pull/9311)] * ui: Link to the Vault Changelog in the UI footer [[GH-9216](https://github.com/hashicorp/vault/pull/9216)] BUG FIXES: * auth/oci: Fix issue where users of the Oracle Cloud Infrastructure (OCI) auth method could not authenticate when the plugin backend was mounted at a non-default path. [[GH-9278](https://github.com/hashicorp/vault/pull/9278)] * replication: The issue causing cubbyholes in namespaces on performance secondaries to not work, which was fixed in 1.4.0, was still an issue when the primary was both a performance primary and DR primary. * secrets/aws: Fix issue where performance standbys weren't able to generate STS credentials after an IAM access key rotation in AWS and root IAM credential update in Vault [[GH-9207](https://github.com/hashicorp/vault/pull/9207)] * secrets/database: Fix issue that prevents performance standbys from connecting to databases after a root credential rotation [[GH-9208](https://github.com/hashicorp/vault/pull/9208)] * secrets/gcp: Fix issue were updates were not being applied to the `token_scopes` of a roleset. [[GH-9277](https://github.com/hashicorp/vault/pull/9277)] ## 1.4.2 (May 21st, 2020) SECURITY: * core: Proxy environment variables are now redacted before being logged, in case the URLs include a username:password. This vulnerability, CVE-2020-13223, is fixed in 1.3.6 and 1.4.2, but affects 1.4.0 and 1.4.1, as well as older versions of Vault [[GH-9022](https://github.com/hashicorp/vault/pull/9022)] * secrets/gcp: Fix a regression in 1.4.0 where the system TTLs were being used instead of the configured backend TTLs for dynamic service accounts. This vulnerability is CVE-2020-12757. [[GH-85](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/85)] IMPROVEMENTS: * storage/raft: The storage stanza now accepts `leader_ca_cert_file`, `leader_client_cert_file`, and `leader_client_key_file` parameters to read and parse TLS certificate information from paths on disk. Existing non-path based parameters will continue to work, but their values will need to be provided as a single-line string with newlines delimited by `\n`. [[GH-8894](https://github.com/hashicorp/vault/pull/8894)] * storage/raft: The `vault status` CLI command and the `sys/leader` API now contain the committed and applied raft indexes. [[GH-9011](https://github.com/hashicorp/vault/pull/9011)] BUG FIXES: * auth/aws: Fix token renewal issues caused by the metadata changes in 1.4.1 [[GH-8991](https://github.com/hashicorp/vault/pull/8991)] * auth/ldap: Fix 1.4.0 regression that could result in auth failures when LDAP auth config includes upndomain. [[GH-9041](https://github.com/hashicorp/vault/pull/9041)] * secrets/ad: Forward rotation requests from standbys to active clusters [[GH-66](https://github.com/hashicorp/vault-plugin-secrets-ad/pull/66)] * secrets/database: Prevent generation of usernames that are not allowed by the MongoDB Atlas API [[GH-9](https://github.com/hashicorp/vault-plugin-database-mongodbatlas/pull/9)] * secrets/database: Return an error if a manual rotation of static account credentials fails [[GH-9035](https://github.com/hashicorp/vault/pull/9035)] * secrets/openldap: Forward all rotation requests from standbys to active clusters [[GH-9028](https://github.com/hashicorp/vault/pull/9028)] * secrets/transform (enterprise): Fix panic that could occur when accessing cached template entries, such as a requests that accessed templates directly or indirectly from a performance standby node. * serviceregistration: Fix a regression for Consul service registration that ignored using the listener address as the redirect address unless api_addr was provided. It now properly uses the same redirect address as the one used by Vault's Core object. [[GH-8976](https://github.com/hashicorp/vault/pull/8976)] * storage/raft: Advertise the configured cluster address to the rest of the nodes in the raft cluster. This fixes an issue where a node advertising 0.0.0.0 is not using a unique hostname. [[GH-9008](https://github.com/hashicorp/vault/pull/9008)] * storage/raft: Fix panic when multiple nodes attempt to join the cluster at once. [[GH-9008](https://github.com/hashicorp/vault/pull/9008)] * sys: The path provided in `sys/internal/ui/mounts/:path` is now namespace-aware. This fixes an issue with `vault kv` subcommands that had namespaces provided in the path returning permission denied all the time. [[GH-8962](https://github.com/hashicorp/vault/pull/8962)] * ui: Fix snowman that appears when namespaces have more than one period [[GH-8910](https://github.com/hashicorp/vault/pull/8910)] ## 1.4.1 (April 30th, 2020) CHANGES: * auth/aws: The default set of metadata fields added in 1.4.1 has been changed to `account_id` and `auth_type` [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] * storage/raft: Disallow `ha_storage` to be specified if `raft` is set as the `storage` type. [[GH-8707](https://github.com/hashicorp/vault/pull/8707)] IMPROVEMENTS: * auth/aws: The set of metadata stored during login is now configurable [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] * auth/aws: Improve region selection to avoid errors seen if the account hasn't enabled some newer AWS regions [[GH-8679](https://github.com/hashicorp/vault/pull/8679)] * auth/azure: Enable login from Azure VMs with user-assigned identities [[GH-33](https://github.com/hashicorp/vault-plugin-auth-azure/pull/33)] * auth/gcp: The set of metadata stored during login is now configurable [[GH-92](https://github.com/hashicorp/vault-plugin-auth-gcp/pull/92)] * auth/gcp: The type of alias name used during login is now configurable [[GH-95](https://github.com/hashicorp/vault-plugin-auth-gcp/pull/95)] * auth/ldap: Improve error messages during LDAP operation failures [[GH-8740](https://github.com/hashicorp/vault/pull/8740)] * identity: Add a batch delete API for identity entities [[GH-8785]](https://github.com/hashicorp/vault/pull/8785) * identity: Improve performance of logins when no group updates are needed [[GH-8795]](https://github.com/hashicorp/vault/pull/8795) * metrics: Add `vault.identity.num_entities` metric [[GH-8816]](https://github.com/hashicorp/vault/pull/8816) * secrets/kv: Allow `delete-version-after` to be reset to 0 via the CLI [[GH-8635](https://github.com/hashicorp/vault/pull/8635)] * secrets/rabbitmq: Improve error handling and reporting [[GH-8619](https://github.com/hashicorp/vault/pull/8619)] * ui: Provide One Time Password during Operation Token generation process [[GH-8630]](https://github.com/hashicorp/vault/pull/8630) BUG FIXES: * auth/okta: Fix MFA regression (introduced in [GH-8143](https://github.com/hashicorp/vault/pull/8143)) from 1.4.0 [[GH-8807](https://github.com/hashicorp/vault/pull/8807)] * auth/userpass: Fix upgrade value for `token_bound_cidrs` being ignored due to incorrect key provided [[GH-8826](https://github.com/hashicorp/vault/pull/8826/files)] * config/seal: Fix segfault when seal block is removed [[GH-8517](https://github.com/hashicorp/vault/pull/8517)] * core: Fix an issue where users attempting to build Vault could receive Go module checksum errors [[GH-8770](https://github.com/hashicorp/vault/pull/8770)] * core: Fix blocked requests if a SIGHUP is issued during a long-running request has the state lock held. Also fixes deadlock that can happen if `vault debug` with the config target is ran during this time. [[GH-8755](https://github.com/hashicorp/vault/pull/8755)] * core: Always rewrite the .vault-token file as part of a `vault login` to ensure permissions and ownership are set correctly [[GH-8867](https://github.com/hashicorp/vault/pull/8867)] * database/mongodb: Fix context deadline error that may result due to retry attempts on failed commands [[GH-8863](https://github.com/hashicorp/vault/pull/8863)] * http: Fix superflous call messages from the http package on logs caused by missing returns after `respondError` calls [[GH-8796](https://github.com/hashicorp/vault/pull/8796)] * namespace (enterprise): Fix namespace listing to return `key_info` when a scoping namespace is also provided. * seal/gcpkms: Fix panic that could occur if all seal parameters were provided via environment variables [[GH-8840](https://github.com/hashicorp/vault/pull/8840)] * storage/raft: Fix memory allocation and incorrect metadata tracking issues with snapshots [[GH-8793](https://github.com/hashicorp/vault/pull/8793)] * storage/raft: Fix panic that could occur if `disable_clustering` was set to true on Raft storage cluster [[GH-8784](https://github.com/hashicorp/vault/pull/8784)] * storage/raft: Handle errors returned from the API during snapshot operations [[GH-8861](https://github.com/hashicorp/vault/pull/8861)] * sys/wrapping: Allow unwrapping of wrapping tokens which contain nil data [[GH-8714](https://github.com/hashicorp/vault/pull/8714)] ## 1.4.0 (April 7th, 2020) CHANGES: * cli: The raft configuration command has been renamed to list-peers to avoid confusion. FEATURES: * **Kerberos Authentication**: Vault now supports Kerberos authentication using a SPNEGO token. Login can be performed using the Vault CLI, API, or agent. * **Kubernetes Service Discovery**: A new Kubernetes service discovery feature where, if configured, Vault will tag Vault pods with their current health status. For more, see [#8249](https://github.com/hashicorp/vault/pull/8249). * **MongoDB Atlas Secrets**: Vault can now generate dynamic credentials for both MongoDB Atlas databases as well as the [Atlas programmatic interface] (https://docs.atlas.mongodb.com/tutorial/manage-programmatic-access/). * **OpenLDAP Secrets Engine**: We now support password management of existing OpenLDAP user entries. For more, see [#8360] (https://github.com/hashicorp/vault/pull/8360/). * **Redshift Database Secrets Engine**: The database secrets engine now supports static and dynamic secrets for the Amazon Web Services (AWS) Redshift service. * **Service Registration Config**: A newly introduced `service_registration` configuration stanza, that allows for service registration to be configured separately from the storage backend. For more, see [#7887] (https://github.com/hashicorp/vault/pull/7887/). * **Transform Secrets Engine (Enterprise)**: A new secrets engine that handles secure data transformation and tokenization against provided input value. * **Integrated Storage**: Promoted out of beta and into general availability for both open-source and enterprise workloads. IMPROVEMENTS: * agent: add option to force the use of the auth-auth token, and ignore the Vault token in the request [[GH-8101](https://github.com/hashicorp/vault/pull/8101)] * api: Restore and fix DNS SRV Lookup [[GH-8520](https://github.com/hashicorp/vault/pull/8520)] * audit: HMAC http_raw_body in audit log; this ensures that large authenticated Prometheus metrics responses get replaced with short HMAC values [[GH-8130](https://github.com/hashicorp/vault/pull/8130)] * audit: Generate-root, generate-recovery-token, and generate-dr-operation-token requests and responses are now audited. [[GH-8301](https://github.com/hashicorp/vault/pull/8301)] * auth/aws: Reduce the number of simultaneous STS client credentials needed [[GH-8161](https://github.com/hashicorp/vault/pull/8161)] * auth/azure: subscription ID, resource group, vm and vmss names are now stored in alias metadata [[GH-30](https://github.com/hashicorp/vault-plugin-auth-azure/pull/30)] * auth/jwt: Additional OIDC callback parameters available for CLI logins [[GH-80](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/80) & [GH-86](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/86)] * auth/jwt: Bound claims may be optionally configured using globs [[GH-89](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/89)] * auth/jwt: Timeout during OIDC CLI login if process doesn't complete within 2 minutes [[GH-97](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/97)] * auth/jwt: Add support for the `form_post` response mode [[GH-98](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/98)] * auth/jwt: add optional client_nonce to authorization flow [[GH-104](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/104)] * auth/okta: Upgrade okta sdk lib, which should improve handling of groups [[GH-8143](https://github.com/hashicorp/vault/pull/8143)] * aws: Add support for v2 of the instance metadata service (see [issue 7924](https://github.com/hashicorp/vault/issues/7924) for all linked PRs) * core: Separate out service discovery interface from storage interface to allow new types of service discovery not coupled to storage [[GH-7887](https://github.com/hashicorp/vault/pull/7887)] * core: Add support for telemetry option `metrics_prefix` [[GH-8340](https://github.com/hashicorp/vault/pull/8340)] * core: Entropy Augmentation can now be used with AWS KMS and Vault Transit seals * core: Allow tls_min_version to be set to TLS 1.3 [[GH-8305](https://github.com/hashicorp/vault/pull/8305)] * cli: Incorrect TLS configuration will now correctly fail [[GH-8025](https://github.com/hashicorp/vault/pull/8025)] * identity: Allow specifying a custom `client_id` for identity tokens [[GH-8165](https://github.com/hashicorp/vault/pull/8165)] * metrics/prometheus: improve performance with high volume of metrics updates [[GH-8507](https://github.com/hashicorp/vault/pull/8507)] * replication (enterprise): Fix race condition causing clusters with high throughput writes to sometimes fail to enter streaming-wal mode * replication (enterprise): Secondary clusters can now perform an extra gRPC call to all nodes in a primary cluster in an attempt to resolve the active node's address * replication (enterprise): The replication status API now outputs `last_performance_wal`, `last_dr_wal`, and `connection_state` values * replication (enterprise): DR secondary clusters can now be recovered by the `replication/dr/secondary/recover` API * replication (enterprise): We now allow for an alternate means to create a Disaster Recovery token, by using a batch token that is created with an ACL that allows for access to one or more of the DR endpoints. * secrets/database/mongodb: Switched internal MongoDB driver to mongo-driver [[GH-8140](https://github.com/hashicorp/vault/pull/8140)] * secrets/database/mongodb: Add support for x509 client authorization to MongoDB [[GH-8329](https://github.com/hashicorp/vault/pull/8329)] * secrets/database/oracle: Add support for static credential rotation [[GH-26](https://github.com/hashicorp/vault-plugin-database-oracle/pull/26)] * secrets/consul: Add support to specify TLS options per Consul backend [[GH-4800](https://github.com/hashicorp/vault/pull/4800)] * secrets/gcp: Allow specifying the TTL for a service key [[GH-54](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/54)] * secrets/gcp: Add support for rotating root keys [[GH-53](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/53)] * secrets/gcp: Handle version 3 policies for Resource Manager IAM requests [[GH-77](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/77) * secrets/nomad: Add support to specify TLS options per Nomad backend [[GH-8083](https://github.com/hashicorp/vault/pull/8083)] * secrets/ssh: Allowed users can now be templated with identity information [[GH-7548](https://github.com/hashicorp/vault/pull/7548)] * secrets/transit: Adding RSA3072 key support [[GH-8151](https://github.com/hashicorp/vault/pull/8151)] * storage/consul: Vault returns now a more descriptive error message when only a client cert or a client key has been provided [[GH-4930]](https://github.com/hashicorp/vault/pull/8084) * storage/raft: Nodes in the raft cluster can all be given possible leader addresses for them to continuously try and join one of them, thus automating the process of join to a greater extent [[GH-7856](https://github.com/hashicorp/vault/pull/7856)] * storage/raft: Fix a potential deadlock that could occur on leadership transition [[GH-8547](https://github.com/hashicorp/vault/pull/8547)] * storage/raft: Refresh TLS keyring on snapshot restore [[GH-8546](https://github.com/hashicorp/vault/pull/8546)] * storage/etcd: Bumped etcd client API SDK [[GH-7931](https://github.com/hashicorp/vault/pull/7931) & [GH-4961](https://github.com/hashicorp/vault/pull/4961) & [GH-4349](https://github.com/hashicorp/vault/pull/4349) & [GH-7582](https://github.com/hashicorp/vault/pull/7582)] * ui: Make Transit Key actions more prominent [[GH-8304](https://github.com/hashicorp/vault/pull/8304)] * ui: Add Core Usage Metrics [[GH-8347](https://github.com/hashicorp/vault/pull/8347)] * ui: Add refresh Namespace list on the Namespace dropdown, and redesign of Namespace dropdown menu [[GH-8442](https://github.com/hashicorp/vault/pull/8442)] * ui: Update transit actions to codeblocks & automatically encode plaintext unless indicated [[GH-8462](https://github.com/hashicorp/vault/pull/8462)] * ui: Display the results of transit key actions in a modal window [[GH-8462](https://github.com/hashicorp/vault/pull/8575)] * ui: Transit key version styling updates & ability to copy key from dropdown [[GH-8480](https://github.com/hashicorp/vault/pull/8480)] BUG FIXES: * agent: Fix issue where TLS options are ignored for agent template feature [[GH-7889](https://github.com/hashicorp/vault/pull/7889)] * auth/jwt: Use lower case role names for `default_role` to match the `role` case convention [[GH-100](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/100)] * auth/ldap: Fix a bug where the UPNDOMAIN parameter was wrongly used to lookup the group membership of the given user [[GH-6325]](https://github.com/hashicorp/vault/pull/8333) * cli: Support autocompletion for nested mounts [[GH-8303](https://github.com/hashicorp/vault/pull/8303)] * cli: Fix CLI namespace autocompletion [[GH-8315](https://github.com/hashicorp/vault/pull/8315)] * identity: Fix incorrect caching of identity token JWKS responses [[GH-8412](https://github.com/hashicorp/vault/pull/8412)] * metrics/stackdriver: Fix issue that prevents the stackdriver metrics library to create unnecessary stackdriver descriptors [[GH-8073](https://github.com/hashicorp/vault/pull/8073)] * replication: Fix issue causing cubbyholes in namespaces on performance secondaries to not work. * replication (enterprise): Unmounting a dynamic secrets backend could sometimes lead to replication errors. Change the order of operations to prevent that. * seal (enterprise): Fix seal migration when transactional seal wrap backend is in use. * secrets/database/influxdb: Fix potential panic if connection to the InfluxDB database cannot be established [[GH-8282](https://github.com/hashicorp/vault/pull/8282)] * secrets/database/mysql: Ensures default static credential rotation statements are used [[GH-8240](https://github.com/hashicorp/vault/pull/8240)] * secrets/database/mysql: Fix inconsistent query parameter names: {{name}} or {{username}} for different queries. Now it allows for either for backwards compatibility [[GH-8240](https://github.com/hashicorp/vault/pull/8240)] * secrets/database/postgres: Fix inconsistent query parameter names: {{name}} or {{username}} for different queries. Now it allows for either for backwards compatibility [[GH-8240](https://github.com/hashicorp/vault/pull/8240)] * secrets/pki: Support FQDNs in DNS Name [[GH-8288](https://github.com/hashicorp/vault/pull/8288)] * storage/raft: Allow seal migration to be performed on Vault clusters using raft storage [[GH-8103](https://github.com/hashicorp/vault/pull/8103)] * telemetry: Prometheus requests on standby nodes will now return an error instead of forwarding the request to the active node [[GH-8280](https://github.com/hashicorp/vault/pull/8280)] * ui: Fix broken popup menu on the transit secrets list page [[GH-8348](https://github.com/hashicorp/vault/pull/8348)] * ui: Update headless Chrome flag to fix `yarn run test:oss` [[GH-8035](https://github.com/hashicorp/vault/pull/8035)] * ui: Update CLI to accept empty strings as param value to reset previously-set values * ui: Fix bug where error states don't clear when moving between action tabs on Transit [[GH-8354](https://github.com/hashicorp/vault/pull/8354)] ## 1.3.6 (May 21st, 2020) SECURITY: * core: proxy environment variables are now redacted before being logged, in case the URLs include a username:password. This vulnerability, CVE-2020-13223, is fixed in 1.3.6 and 1.4.2, but affects 1.4 and 1.4.1, as well as older versions of Vault [[GH-9022](https://github.com/hashicorp/vault/pull/9022) BUG FIXES: * auth/aws: Fix token renewal issues caused by the metadata changes in 1.3.5 [[GH-8991](https://github.com/hashicorp/vault/pull/8991)] * replication: Fix mount filter bug that allowed replication filters to hide local mounts on a performance secondary ## 1.3.5 (April 28th, 2020) CHANGES: * auth/aws: The default set of metadata fields added in 1.3.2 has been changed to `account_id` and `auth_type` [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] IMPROVEMENTS: * auth/aws: The set of metadata stored during login is now configurable [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] ## 1.3.4 (March 19th, 2020) SECURITY: * A vulnerability was identified in Vault and Vault Enterprise such that, under certain circumstances, an Entity's Group membership may inadvertently include Groups the Entity no longer has permissions to. This vulnerability, CVE-2020-10660, affects Vault and Vault Enterprise versions 0.9.0 and newer, and is fixed in 1.3.4. [[GH-8606](https://github.com/hashicorp/vault/pull/8606)] * A vulnerability was identified in Vault Enterprise such that, under certain circumstances, existing nested-path policies may give access to Namespaces created after-the-fact. This vulnerability, CVE-2020-10661, affects Vault Enterprise versions 0.11 and newer, and is fixed in 1.3.4. ## 1.3.3 (March 5th, 2020) BUG FIXES: * approle: Fix excessive locking during tidy, which could potentially block new approle logins for long enough to cause an outage [[GH-8418](https://github.com/hashicorp/vault/pull/8418)] * cli: Fix issue where Raft snapshots from standby nodes created an empty backup file [[GH-8097](https://github.com/hashicorp/vault/pull/8097)] * identity: Fix incorrect caching of identity token JWKS responses [[GH-8412](https://github.com/hashicorp/vault/pull/8412)] * kmip: role read now returns tls_client_ttl * kmip: fix panic when templateattr not provided in rekey request * secrets/database/influxdb: Fix potential panic if connection to the InfluxDB database cannot be established [[GH-8282](https://github.com/hashicorp/vault/pull/8282)] * storage/mysql: Fix potential crash when using MySQL as coordination for high availability [[GH-8300](https://github.com/hashicorp/vault/pull/8300)] * storage/raft: Fix potential crash when using Raft as coordination for high availability [[GH-8356](https://github.com/hashicorp/vault/pull/8356)] * ui: Fix missing License menu item [[GH-8230](https://github.com/hashicorp/vault/pull/8230)] * ui: Fix bug where default auth method on login is defaulted to auth method that is listing-visibility=unauth instead of "other" [[GH-8218](https://github.com/hashicorp/vault/pull/8218)] * ui: Fix bug where KMIP details were not shown in the UI Wizard [[GH-8255](https://github.com/hashicorp/vault/pull/8255)] * ui: Show Error messages on Auth Configuration page when you hit permission errors [[GH-8500](https://github.com/hashicorp/vault/pull/8500)] * ui: Remove duplicate form inputs for the GitHub config [[GH-8519](https://github.com/hashicorp/vault/pull/8519)] * ui: Correct HMAC capitalization [[GH-8528](https://github.com/hashicorp/vault/pull/8528)] * ui: Fix danger message in DR [[GH-8555](https://github.com/hashicorp/vault/pull/8555)] * ui: Fix certificate field for LDAP config [[GH-8573](https://github.com/hashicorp/vault/pull/8573)] ## 1.3.2 (January 22nd, 2020) SECURITY: * When deleting a namespace on Vault Enterprise, in certain circumstances, the deletion process will fail to revoke dynamic secrets for a mount in that namespace. This will leave any dynamic secrets in remote systems alive and will fail to clean them up. This vulnerability, CVE-2020-7220, affects Vault Enterprise 0.11.0 and newer. IMPROVEMENTS: * auth/aws: Add aws metadata to identity alias [[GH-7985](https://github.com/hashicorp/vault/pull/7985)] * auth/kubernetes: Allow both names and namespaces to be set to "*" [[GH-78](https://github.com/hashicorp/vault-plugin-auth-kubernetes/pull/78)] BUG FIXES: * auth/azure: Fix Azure compute client to use correct base URL [[GH-8072](https://github.com/hashicorp/vault/pull/8072)] * auth/ldap: Fix renewal of tokens without configured policies that are generated by an LDAP login [[GH-8072](https://github.com/hashicorp/vault/pull/8072)] * auth/okta: Fix renewal of tokens without configured policies that are generated by an Okta login [[GH-8072](https://github.com/hashicorp/vault/pull/8072)] * core: Fix seal migration error when attempting to migrate from auto unseal to shamir [[GH-8172](https://github.com/hashicorp/vault/pull/8172)] * core: Fix seal migration config issue when migrating from auto unseal to auto unseal [[GH-8172](https://github.com/hashicorp/vault/pull/8172)] * plugin: Fix issue where a plugin unwrap request potentially used an expired token [[GH-8058](https://github.com/hashicorp/vault/pull/8058)] * replication: Fix issue where a forwarded request from a performance/standby node could run into a timeout * secrets/database: Fix issue where a manual static role rotation could potentially panic [[GH-8098](https://github.com/hashicorp/vault/pull/8098)] * secrets/database: Fix issue where a manual root credential rotation request is not forwarded to the primary node [[GH-8125](https://github.com/hashicorp/vault/pull/8125)] * secrets/database: Fix issue where a manual static role rotation request is not forwarded to the primary node [[GH-8126](https://github.com/hashicorp/vault/pull/8126)] * secrets/database/mysql: Fix issue where special characters for a MySQL password were encoded [[GH-8040](https://github.com/hashicorp/vault/pull/8040)] * ui: Fix deleting namespaces [[GH-8132](https://github.com/hashicorp/vault/pull/8132)] * ui: Fix Error handler on kv-secret edit and kv-secret view pages [[GH-8133](https://github.com/hashicorp/vault/pull/8133)] * ui: Fix OIDC callback to check storage [[GH-7929](https://github.com/hashicorp/vault/pull/7929)]. * ui: Change `.box-radio` height to min-height to prevent overflow issues [[GH-8065](https://github.com/hashicorp/vault/pull/8065)] ## 1.3.1 (December 18th, 2019) IMPROVEMENTS: * agent: Add ability to set `exit-after-auth` via the CLI [[GH-7920](https://github.com/hashicorp/vault/pull/7920)] * auth/ldap: Add a `request_timeout` configuration option to prevent connection requests from hanging [[GH-7909](https://github.com/hashicorp/vault/pull/7909)] * auth/kubernetes: Add audience to tokenreview API request for Kube deployments where issuer is not Kube. [[GH-74](https://github.com/hashicorp/vault/pull/74)] * secrets/ad: Add a `request_timeout` configuration option to prevent connection requests from hanging [[GH-59](https://github.com/hashicorp/vault-plugin-secrets-ad/pull/59)] * storage/postgresql: Add support for setting `connection_url` from enviornment variable `VAULT_PG_CONNECTION_URL` [[GH-7937](https://github.com/hashicorp/vault/pull/7937)] * telemetry: Add `enable_hostname_label` option to telemetry stanza [[GH-7902](https://github.com/hashicorp/vault/pull/7902)] * telemetry: Add accept header check for prometheus mime type [[GH-7958](https://github.com/hashicorp/vault/pull/7958)] BUG FIXES: * agent: Fix issue where Agent exits before all templates are rendered when using and `exit_after_auth` [[GH-7899](https://github.com/hashicorp/vault/pull/7899)] * auth/aws: Fixes region-related issues when using a custom `sts_endpoint` by adding a `sts_region` parameter [[GH-7922](https://github.com/hashicorp/vault/pull/7922)] * auth/token: Fix panic when getting batch tokens on a performance standby from a role that does not exist [[GH-8027](https://github.com/hashicorp/vault/pull/8027)] * core: Improve warning message for lease TTLs [[GH-7901](https://github.com/hashicorp/vault/pull/7901)] * identity: Fix identity token panic during invalidation [[GH-8043](https://github.com/hashicorp/vault/pull/8043)] * plugin: Fix a panic that could occur if a mount/auth entry was unable to mount the plugin backend and a request that required the system view to be retrieved was made [[GH-7991](https://github.com/hashicorp/vault/pull/7991)] * replication: Add `generate-public-key` endpoint to list of allowed endpoints for existing DR secondaries * secrets/gcp: Fix panic if bindings aren't provided in roleset create/update. [[GH-56](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/56)] * secrets/pki: Prevent generating certificate on performance standby when storing [[GH-7904](https://github.com/hashicorp/vault/pull/7904)] * secrets/transit: Prevent restoring keys to new names that are sub paths [[GH-7998](https://github.com/hashicorp/vault/pull/7998)] * storage/s3: Fix a bug in configurable S3 paths that was preventing use of S3 as a source during `operator migrate` operations [[GH-7966](https://github.com/hashicorp/vault/pull/7966)] * ui: Ensure secrets with a period in their key can be viewed and copied [[GH-7926](https://github.com/hashicorp/vault/pull/7926)] * ui: Fix status menu after demotion [[GH-7997](https://github.com/hashicorp/vault/pull/7997)] * ui: Fix select dropdowns in Safari when running Mojave [[GH-8023](https://github.com/hashicorp/vault/pull/8023)] ## 1.3 (November 14th, 2019) CHANGES: * Secondary cluster activation: There has been a change to the way that activating performance and DR secondary clusters works when using public keys for encryption of the parameters rather than a wrapping token. This flow was experimental and never documented. It is now officially supported and documented but is not backwards compatible with older Vault releases. * Cluster cipher suites: On its cluster port, Vault will no longer advertise the full TLS 1.2 cipher suite list by default. Although this port is only used for Vault-to-Vault communication and would always pick a strong cipher, it could cause false flags on port scanners and other security utilities that assumed insecure ciphers were being used. The previous behavior can be achieved by setting the value of the (undocumented) `cluster_cipher_suites` config flag to `tls12`. * API/Agent Renewal behavior: The API now allows multiple options for how it deals with renewals. The legacy behavior in the Agent/API is for the renewer (now called the lifetime watcher) to exit on a renew error, leading to a reauthentication. The new default behavior is for the lifetime watcher to ignore 5XX errors and simply retry as scheduled, using the existing lease duration. It is also possible, within custom code, to disable renewals entirely, which allows the lifetime watcher to simply return when it believes it is time for your code to renew or reauthenticate. FEATURES: * **Vault Debug**: A new top-level subcommand, `debug`, is added that allows operators to retrieve debugging information related to a particular Vault node. Operators can use this simple workflow to capture triaging information, which can then be consumed programmatically or by support and engineering teams. It has the abilitity to probe for config, host, metrics, pprof, server status, and replication status. * **Recovery Mode**: Vault server can be brought up in recovery mode to resolve outages caused due to data store being in bad state. This is a privileged mode that allows `sys/raw` API calls to perform surgical corrections to the data tore. Bad storage state can be caused by bugs. However, this is usually observed when known (and fixed) bugs are hit by older versions of Vault. * **Entropy Augmentation (Enterprise)**: Vault now supports sourcing entropy from external source for critical security parameters. Currently an HSM that supports PKCS#11 is the only supported source. * **Active Directory Secret Check-In/Check-Out**: In the Active Directory secrets engine, users or applications can check out a service account for use, and its password will be rotated when it's checked back in. * **Vault Agent Template**: Vault Agent now supports rendering templates containing Vault secrets to disk, similar to Consul Template [[GH-7652](https://github.com/hashicorp/vault/pull/7652)] * **Transit Key Type Support**: Signing and verification is now supported with the P-384 (secp384r1) and P-521 (secp521r1) ECDSA curves [[GH-7551](https://github.com/hashicorp/vault/pull/7551)] and encryption and decryption is now supported via AES128-GCM96 [[GH-7555](https://github.com/hashicorp/vault/pull/7555)] * **SSRF Protection for Vault Agent**: Vault Agent has a configuration option to require a specific header before allowing requests [[GH-7627](https://github.com/hashicorp/vault/pull/7627)] * **AWS Auth Method Root Rotation**: The credential used by the AWS auth method can now be rotated, to ensure that only Vault knows the credentials it is using [[GH-7131](https://github.com/hashicorp/vault/pull/7131)] * **New UI Features**: The UI now supports managing users and groups for the Userpass, Cert, Okta, and Radius auth methods. * **Shamir with Stored Master Key**: The on disk format for Shamir seals has changed, allowing for a secondary cluster using Shamir downstream from a primary cluster using Auto Unseal. [[GH-7694](https://github.com/hashicorp/vault/pull/7694)] * **Stackdriver Metrics Sink**: Vault can now send metrics to [Stackdriver](https://cloud.google.com/stackdriver/). See the [configuration documentation](https://www.vaultproject.io/docs/config/index.html) for details. [[GH-6957](https://github.com/hashicorp/vault/pull/6957)] * **Filtered Paths Replication (Enterprise)**: Based on the predecessor Filtered Mount Replication, Filtered Paths Replication allows now filtering of namespaces in addition to mounts. * **Token Renewal via Accessor**: Tokens can now be renewed via the accessor value through the new `auth/token/renew-accessor` endpoint if the caller's token has permission to access that endpoint. * **Improved Integrated Storage (Beta)**: Improved raft write performance, added support for non-voter nodes, along with UI support for: using raft storage, joining a raft cluster, and downloading and restoring a snapshot. IMPROVEMENTS: * agent: Add ability to set the TLS SNI name used by Agent [[GH-7519](https://github.com/hashicorp/vault/pull/7519)] * agent & api: Change default renewer behavior to ignore 5XX errors [[GH-7733](https://github.com/hashicorp/vault/pull/7733)] * auth/jwt: The redirect callback host may now be specified for CLI logins [[GH-71](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/71)] * auth/jwt: Bound claims may now contain boolean values [[GH-73](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/73)] * auth/jwt: CLI logins can now open the browser when running in WSL [[GH-77](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/77)] * core: Exit ScanView if context has been cancelled [[GH-7419](https://github.com/hashicorp/vault/pull/7419)] * core: re-encrypt barrier and recovery keys if the unseal key is updated [[GH-7493](https://github.com/hashicorp/vault/pull/7493)] * core: Don't advertise the full set of TLS 1.2 cipher suites on the cluster port, even though only strong ciphers were used [[GH-7487](https://github.com/hashicorp/vault/pull/7487)] * core (enterprise): Add background seal re-wrap * core/metrics: Add config parameter to allow unauthenticated sys/metrics access. [[GH-7550](https://github.com/hashicorp/vault/pull/7550)] * metrics: Upgrade DataDog library to improve performance [[GH-7794](https://github.com/hashicorp/vault/pull/7794)] * replication (enterprise): Write-Ahead-Log entries will not duplicate the data belonging to the encompassing physical entries of the transaction, thereby improving the performance and storage capacity. * replication (enterprise): Added more replication metrics * replication (enterprise): Reindex process now compares subpages for a more accurate indexing process. * replication (enterprise): Reindex API now accepts a new `skip_flush` parameter indicating all the changes should not be flushed while the tree is locked. * secrets/aws: The root config can now be read [[GH-7245](https://github.com/hashicorp/vault/pull/7245)] * secrets/database/cassandra: Add ability to skip verfication of connection [[GH-7614](https://github.com/hashicorp/vault/pull/7614)] * secrets/gcp: Fix panic during rollback if the roleset has been deleted [[GH-52](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/52)] * storage/azure: Add config parameter to Azure storage backend to allow specifying the ARM endpoint [[GH-7567](https://github.com/hashicorp/vault/pull/7567)] * storage/cassandra: Improve storage efficiency by eliminating unnecessary copies of value data [[GH-7199](https://github.com/hashicorp/vault/pull/7199)] * storage/raft: Improve raft write performance by utilizing FSM Batching [[GH-7527](https://github.com/hashicorp/vault/pull/7527)] * storage/raft: Add support for non-voter nodes [[GH-7634](https://github.com/hashicorp/vault/pull/7634)] * sys: Add a new `sys/host-info` endpoint for querying information about the host [[GH-7330](https://github.com/hashicorp/vault/pull/7330)] * sys: Add a new set of endpoints under `sys/pprof/` that allows profiling information to be extracted [[GH-7473](https://github.com/hashicorp/vault/pull/7473)] * sys: Add endpoint that counts the total number of active identity entities [[GH-7541](https://github.com/hashicorp/vault/pull/7541)] * sys: `sys/seal-status` now has a `storage_type` field denoting what type of storage the cluster is configured to use * sys: Add a new `sys/internal/counters/tokens` endpoint, that counts the total number of active service token accessors in the shared token storage. [[GH-7541](https://github.com/hashicorp/vault/pull/7541)] * sys/config: Add a new endpoint under `sys/config/state/sanitized` that returns the configuration state of the server. It excludes config values from `storage`, `ha_storage`, and `seal` stanzas and some values from `telemetry` due to potential sensitive entries in those fields. * ui: when using raft storage, you can now join a raft cluster, download a snapshot, and restore a snapshot from the UI [[GH-7410](https://github.com/hashicorp/vault/pull/7410)] * ui: clarify when secret version is deleted in the secret version history dropdown [[GH-7714](https://github.com/hashicorp/vault/pull/7714)] BUG FIXES: * agent: Fix a data race on the token value for inmemsink [[GH-7707](https://github.com/hashicorp/vault/pull/7707)] * api: Fix Go API using lease revocation via URL instead of body [[GH-7777](https://github.com/hashicorp/vault/pull/7777)] * api: Allow setting a function to control retry behavior [[GH-7331](https://github.com/hashicorp/vault/pull/7331)] * auth/gcp: Fix a bug where region information in instance groups names could cause an authorization attempt to fail [[GH-74](https://github.com/hashicorp/vault-plugin-auth-gcp/pull/74)] * cli: Fix a bug where a token of an unknown format (e.g. in ~/.vault-token) could cause confusing error messages during `vault login` [[GH-7508](https://github.com/hashicorp/vault/pull/7508)] * cli: Fix a bug where the `namespace list` command with JSON formatting always returned an empty object [[GH-7705](https://github.com/hashicorp/vault/pull/7705)] * cli: Command timeouts are now always specified solely by the `VAULT_CLIENT_TIMEOUT` value. [[GH-7469](https://github.com/hashicorp/vault/pull/7469)] * core: Don't allow registering a non-root zero TTL token lease. This is purely defense in depth as the lease would be revoked immediately anyways, but there's no real reason to allow registration. [[GH-7524](https://github.com/hashicorp/vault/pull/7524)] * identity (enterprise): Fixed identity case sensitive loading in secondary cluster [[GH-7327](https://github.com/hashicorp/vault/pull/7327)] * identity: Ensure only replication primary stores the identity case sensitivity state [[GH-7820](https://github.com/hashicorp/vault/pull/7820)] * raft: Fixed VAULT_CLUSTER_ADDR env being ignored at startup [[GH-7619](https://github.com/hashicorp/vault/pull/7619)] * secrets/pki: Don't allow duplicate SAN names in issued certs [[GH-7605](https://github.com/hashicorp/vault/pull/7605)] * sys/health: Pay attention to the values provided for `standbyok` and `perfstandbyok` rather than simply using their presence as a key to flip on that behavior [[GH-7323](https://github.com/hashicorp/vault/pull/7323)] * ui: using the `wrapped_token` query param will work with `redirect_to` and will automatically log in as intended [[GH-7398](https://github.com/hashicorp/vault/pull/7398)] * ui: fix an error when initializing from the UI using PGP keys [[GH-7542](https://github.com/hashicorp/vault/pull/7542)] * ui: show all active kv v2 secret versions even when `delete_version_after` is configured [[GH-7685](https://github.com/hashicorp/vault/pull/7685)] * ui: Ensure that items in the top navigation link to pages that users have access to [[GH-7590](https://github.com/hashicorp/vault/pull/7590)] ## 1.2.4 (November 7th, 2019) SECURITY: * In a non-root namespace, revocation of a token scoped to a non-root namespace did not trigger the expected revocation of dynamic secret leases associated with that token. As a result, dynamic secret leases in non-root namespaces may outlive the token that created them. This vulnerability, CVE-2019-18616, affects Vault Enterprise 0.11.0 and newer. * Disaster Recovery secondary clusters did not delete already-replicated data after a mount filter has been created on an upstream Performance secondary cluster. As a result, encrypted secrets may remain replicated on a Disaster Recovery secondary cluster after application of a mount filter excluding those secrets from replication. This vulnerability, CVE-2019-18617, affects Vault Enterprise 0.8 and newer. * Update version of Go to 1.12.12 to fix Go bug golang.org/issue/34960 which corresponds to CVE-2019-17596. CHANGES: * auth/aws: If a custom `sts_endpoint` is configured, Vault Agent and the CLI should provide the corresponding region via the `region` parameter (which already existed as a CLI parameter, and has now been added to Agent). The automatic region detection added to the CLI and Agent in 1.2 has been removed. IMPROVEMENTS: * cli: Ignore existing token during CLI login [[GH-7508](https://github.com/hashicorp/vault/pull/7508)] * core: Log proxy settings from environment on startup [[GH-7528](https://github.com/hashicorp/vault/pull/7528)] * core: Cache whether we've been initialized to reduce load on storage [[GH-7549](https://github.com/hashicorp/vault/pull/7549)] BUG FIXES: * agent: Fix handling of gzipped responses [[GH-7470](https://github.com/hashicorp/vault/pull/7470)] * cli: Fix panic when pgp keys list is empty [[GH-7546](https://github.com/hashicorp/vault/pull/7546)] * cli: Command timeouts are now always specified solely by the `VAULT_CLIENT_TIMEOUT` value. [[GH-7469](https://github.com/hashicorp/vault/pull/7469)] * core: add hook for initializing seals for migration [[GH-7666](https://github.com/hashicorp/vault/pull/7666)] * core (enterprise): Migrating from one auto unseal method to another never worked on enterprise, now it does. * identity: Add required field `response_types_supported` to identity token `.well-known/openid-configuration` response [[GH-7533](https://github.com/hashicorp/vault/pull/7533)] * identity: Fixed nil pointer panic when merging entities [[GH-7712](https://github.com/hashicorp/vault/pull/7712)] * replication (Enterprise): Fix issue causing performance standbys nodes disconnecting when under high loads. * secrets/azure: Fix panic that could occur if client retries timeout [[GH-7793](https://github.com/hashicorp/vault/pull/7793)] * secrets/database: Fix bug in combined DB secrets engine that can result in writes to static-roles endpoints timing out [[GH-7518](https://github.com/hashicorp/vault/pull/7518)] * secrets/pki: Improve tidy to continue when value is nil [[GH-7589](https://github.com/hashicorp/vault/pull/7589)] * ui (Enterprise): Allow kv v2 secrets that are gated by Control Groups to be viewed in the UI [[GH-7504](https://github.com/hashicorp/vault/pull/7504)]
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Oct 17, 2020
Notable bugs fixed: - Last release introduced a bug where Date: headers were localized, which is against RFC. Further, that localization then broke character rendering in some locales. A new fix for the original issue (#17) was put in place, which no longer localizes the Date: header and fixes the newly introduced rendering issue (#25) - Last release introduced a bug which prevented –protect-prompt from working. This is now fixed (#26)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 14, 2021
=== 1.10.0 (2020-11-13) * Improve template parsing, mostly by reducing allocations (jeremyevans) * Do not ship tests in the gem, reducing gem size about 20% (jeremyevans) * Support :literal_prefix and :literal_postfix options for how to output literal tags (e.g. <%% code %>) (jaredcwhite) (#26, #27)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 30, 2021
-Fixed color on Windows (#26)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Feb 5, 2021
0.1.25 (2020-11-30) * relax dev bundle and update authors … - Allows bundle with latest bundler - Updates authors to reflect current maintainers - Update travis to test with 2.7.2 * Land #26, Update gemspec 0.1.24 (2020-09-23) * x509_certificate: Allow use of EC keys - Add new capability to allow the use of EC keys. Resolves issue with using EC keys in metasploit.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Mar 8, 2021
Upstream changes: 1.448 2021-03-05T15:01:18Z * Promote to a user release 1.447_01 2021-03-02T16:11:23Z * Try handling all-numeric user and group names (but, also, wtf?) Github #26. 1.447 2021-02-24T21:32:41Z * Trying harder to get the tests to pass on Cygwin 1.446 2021-02-20T21:18:48Z * Better cygwin detection, from Achim Gratz 1.445 2021-02-16T08:57:34Z * Get the tests to pass under Cygwin (Github #17, from Slaven Rezić) 1.444 2021-01-06T03:40:19Z * Remove Travis, add GitHub actions * Add file_is_symlink_not_ok 1.443_03 2020-06-15T13:13:42Z * Merge some test additions from Desmond Daignault (GitHub #20) 1.443_02 2020-06-15T12:10:34Z * Deprecated directories in tests appropriate for only plain files. It's a diag() message now but will be a test failure later. 1.443_01 2020-06-12T11:54:41Z * change the file_writeable_ok tests to file_writable_ok, which is the correct spelling. The old names work but now warn to use the new name. * Some updates to refresh the tests. * Start mirroring Test2::Tools::File so we support the same names. Thanks to Torbjørn Lindahl for spotting rough edges.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Apr 21, 2021
Overview of changes for 1.6 ============================== • Add getters with default fallback for JsonObject [Emmanuele Bassi] • #26 - Clarify some expections of the json_object_get_*_member APIs [Debarshi Ray] • #29 - Improve reproducibility of the build [Ravish Bhatia] • Use json_node_unref() with g_autoptr() [Robert Ancell] • Clarify documentation regarding programmer errors [Philip Withnall] • Fix getting immutable root nodes from empty input [Philip Withnall] • Fix various memory leaks [Philip Withnall, Emmanuele Bassi] • Add `--output` option to json-glib-format [Emmanuele Bassi] • Refresh the build [Emmanuele Bassi] • Add glib as a fallback sub-project [Xavier Claessens] • Don't error with MSVC C4819 warning [Seungha Yang] • Fix nullable annotation [Niels De Graef] • Allow disabling tests when building [Stéphane Cerveau] • #39 - Fix default deserialization method for JsonSerializable [Jeremy Philippe] • Stop string to GVariant conversion failing due to unrelated errno changes [Robert Ancell] • Support loading files via memory mapping [Philip Withnall] • #33 - Add a symbol version to all exported symbols [Simon McVittie] • #48 - Fix build with Clang 11 [Dimitry Andric] • Stop using deprecated g_object_newv() constructor [Emmanuele Bassi] • Add ordered iteration to JsonObjectIter [Emmanuele Bassi] • #46 - Document nullability of `json_from_string()` [Emmanuele Bassi] • #45 - Properly detect multiple top-level statements [Emmanuele Bassi] • #41, #22 - Fix library versions on Darwin [Tom Schoonjans] • Fix build reproducibility [!33, Alexander Kanavin] • #26 - Fix parsing of UTF-16 surrogate pairs [James Westman] • #56 - Ignore UTF-8 BOM [Jan-Michael Brummer]
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 24, 2022
pkgsrc changes: * Update HOMEPAGE since cukes.info is unreachable. * Add "USE_LANGUAGES= # empty". 1.1.0 (2022-05-11) Added * MultiTest.disable_autorun is back again! (#33 #26) 1.0.0 (2022-05-04) Changed * As per #251: renamed History.md to CHANGELOG.md, added contributing message at beginning, and other formatting. (#12 jaysonesmith) Removed * Remove test files from the gem to prevent false-positive with security scanners as reported in #21 * Drop support for ruby < 2.0 (PR#28) * Removed disable_autorun (PR#30 Issue#26)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 31, 2022
0.1.21 (2022-01-25) * Land #21, Apply rubocop changes to socket_abstraction 0.1.22 (2022-01-26) * Land #23, GitHub actions for running tests 0.1.23 (2022-01-26) * Land #24, move verify.yml to workflows folder 0.1.24 (2022-01-26) * Land #24, move verify.yml to workflows folder 0.1.25 (2022-01-26) * Land #22, cherry pick of stream_server cleanup 0.1.26 (2022-02-15) * Land #20, Fix metasploit-framework#15968 (Multiple Socket Abstraction Bugs) 0.1.27 (2022-03-24) * Land #25, Stop refs being cloned or duped 0.1.28 (2022-04-05) * Land #26, Rex::Compat: open_browser: Prepend 'file://' to file URLs for Android
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 9, 2023
3.0.2 (2022-11-11) What's Changed * Simplify charset parsing by @semaperepelitsa in #28 3.0.1 (2022-10-08) What's Changed * Fix ReDos/performance when receiving crafted response headers by @ooooooo-q in #27 3.0.0 (2022-08-08) What's Changed * Add support for the new Faraday streaming API by @iMacTia in #26 Why a 3.0 release? What's the breaking change? Faraday 2.5 introduces a new streaming API and other changes that we want to take advantage on. However, releasing a new 2.x version of the gem would cause it to be pulled in projects where Faraday has not been updated to v2.5+ yet, causing errors. For this reason, we're instead releasing this as v3.0, which only the next (compatible) version of faraday will allow to use. 2.1.0 (2022-07-28) What's Changed * Handle verify_hostname ssl option by @kazarin in #23 2.0.3 (2022-05-17) What's Changed * Add Errno::EALREADY to list of Net::HTTP exceptions by @iMacTia in #21 2.0.2 (2022-04-10) What's Changed * Add Ruby 3.1 to CI by @petergoldstein in #15 * Anchor Encoding references to avoid faraday-encoding conflicts by @nbibler in #18 2.0.1 (2022-01-05) Fixes * Add back support for Faraday 1.0 2.0.0 (2022-01-04) What's Changed * Test on Ruby 3 by @tricknotes in #3 * Update gem to be compatible with Faraday 2.0 by @iMacTia in #9 * chore: Move development deps to Gemfile by @olleolleolle in #10 * refactor: CI: Inline scripts, cache gems by @olleolleolle in #11 * fix: gemspec metadata for changelog notes by @olleolleolle in #12 * Honor Content-Type charset by @xkwd in #13
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 18, 2023
3.0.2 (2022-11-11) What's Changed * Simplify charset parsing by @semaperepelitsa in #28 3.0.1 (2022-10-08) What's Changed * Fix ReDos/performance when receiving crafted response headers by @ooooooo-q in #27 3.0.0 (2022-08-08) What's Changed * Add support for the new Faraday streaming API by @iMacTia in #26 Why a 3.0 release? What's the breaking change? Faraday 2.5 introduces a new streaming API and other changes that we want to take advantage on. However, releasing a new 2.x version of the gem would cause it to be pulled in projects where Faraday has not been updated to v2.5+ yet, causing errors. For this reason, we're instead releasing this as v3.0, which only the next (compatible) version of faraday will allow to use. 2.1.0 (2022-07-28) What's Changed * Handle verify_hostname ssl option by @kazarin in #23 2.0.3 (2022-05-17) What's Changed * Add Errno::EALREADY to list of Net::HTTP exceptions by @iMacTia in #21 2.0.2 (2022-04-10) What's Changed * Add Ruby 3.1 to CI by @petergoldstein in #15 * Anchor Encoding references to avoid faraday-encoding conflicts by @nbibler in #18 2.0.1 (2022-01-05) Fixes * Add back support for Faraday 1.0 2.0.0 (2022-01-04) What's Changed * Test on Ruby 3 by @tricknotes in #3 * Update gem to be compatible with Faraday 2.0 by @iMacTia in #9 * chore: Move development deps to Gemfile by @olleolleolle in #10 * refactor: CI: Inline scripts, cache gems by @olleolleolle in #11 * fix: gemspec metadata for changelog notes by @olleolleolle in #12 * Honor Content-Type charset by @xkwd in #13
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 18, 2023
textproc/uriparser: security update Revisions pulled up: - textproc/uriparser/Makefile 1.11 - textproc/uriparser/distinfo 1.9 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Mon Oct 29 16:17:25 UTC 2018 Modified Files: pkgsrc/textproc/uriparser: Makefile distinfo Log Message: Update uriparser to 0.9.0. 2018-10-27 -- 0.9.0 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report! * Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report! * Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Be fully compliant to C89 (GitHub #28) and C++98 in test code * Fixed: Fix off-by-one in uriComposeQueryCharsRequired* and ...Ex* Reported space requirements were 1 byte bigger than necessary * Changed: Marked as deprecated: Deprecated functions: uriNormalizeSyntaxMaskRequired[AW] uriParseUri[AW] uriParseUriEx[AW] * Added: Add convenience functions to ease user code to parse a single URI New functions: uriParseSingleUri[AW] uriParseSingleUriEx[AW] uriParseSingleUriExMm[AW] * Added: Support for custom memory managers (GitHub #26, #35), see Doxygen New functions (as extension of existing ones): uriAddBaseUriExMm[AW] uriComposeQueryMallocExMm[AW] uriDissectQueryMallocExMm[AW] uriFreeQueryListMm[AW] uriFreeUriMembersMm[AW] uriNormalizeSyntaxExMm[AW] uriParseSingleUriExMm[AW] uriRemoveBaseUriMm[AW] New functions (for convenience): uriCompleteMemoryManager uriEmulateCalloc uriEmulateReallocarray uriTestMemoryManager New error codes: URI_ERROR_MEMORY_MANAGER_FAULTY URI_ERROR_MEMORY_MANAGER_INCOMPLETE New types: UriFuncCalloc UriFuncFree UriFuncMalloc UriFuncRealloc UriFuncReallocarray UriMemoryManager * Added: Add non-void versions of uriNormalizeSyntaxMaskRequired* New functions: uriNormalizeSyntaxMaskRequiredEx[AW] * Changed: Migrate test suite from CppTest to GoogleTest 1.8.1 * Improved: Make test suite free of memory leaks (GitHub #31) Thanks to AddressSanitizer! * Removed: Support for pointless define URI_SIZEDOWN (GitHub #29) Related configure option --enable-sizedown has also been removed. * Soname: 1:23:0 To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/uriparser/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/textproc/uriparser/distinfo
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 24, 2023
cmark-gfm 0.2.5 (27 Sep 2022) * Add support for enabling footnotes (#26, Anton Sorokin). cmark-gfm 0.2.4 (22 Sep 2022) * Pull in upstream changes (includes security fix). cmark-gfm 0.2.3 (9 Mar 2022) * Pull in upstream changes.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 25, 2023
0.4.6 * Resolve redundant import of Data.Monoid #26 * Added renderSetCookieBS and renderCookiesBS
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Apr 29, 2023
Upstream changes: 0.51 2022-08-15 - Bump min perl version to 5.16 (as per core Mojolicious) 0.50 2022-08-08 - Allow client_id / client_secret in body params (GH #28) 0.49 2022-06-02 - Fix tests broken by Mojolicious multiple render fixes (GH #27) 0.48 2021-06-15 - Accept error_description from auth methods (GH #26)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jun 9, 2023
# repurrrsive 1.1.0 * Some NSFW content has been removed from `got_chars` (#26). * `gmaps_cities` is a new dataset, containing the results of geocoding five US cities.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jun 11, 2023
fastmap 1.1.1 ============= * Updated hopscotch-map library to 2.3.0. * Closed #24: Added a `$clone()` method to `fastmap`. (#26) * Fixed #27: If a `fastmap` object has no holes in the lists storing keys and values, and then it is serialized and then unserialized, the new `fastmap` would contain zero items. (#28) * Faster implementations of `fastmap` `$keys()` and `$as_list()` methods.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jun 12, 2023
What's Changed - Add NetBSD by @0323pin in #3 - Migrate from tui-rs to ratatui by @AmmarAbouZor in #4 - settings improvements by @AmmarAbouZor in #13 - [Documentation] Create README Badges by @kevinmatthes in #14 - CI Improvements by @AmmarAbouZor in #15 - Changed: Help popup improvements by @AmmarAbouZor in #17 - Added: Export current journal's content by @AmmarAbouZor in #18 - Increase Version by @AmmarAbouZor in #19 - Fixed setting backend path from CLI by @AmmarAbouZor in #22 - Added: Release CD action by @AmmarAbouZor in #24 - Fixed: Export journal extension by @AmmarAbouZor in #25 - Changed: Enhance render loop by @AmmarAbouZor in #28 - Added: CITATION.cff by @kevinmatthes in #26 - Added: Edit current journal content in external editor by @AmmarAbouZor in #29 - Added: configure CHANGELOG maintenance utilities by @kevinmatthes in #16 - Added: Tabs and scrolling to help popup by @AmmarAbouZor in #32 - Fixed: bugs in fragment creation by @kevinmatthes in #33 - Added: Multi-selection for journals by @AmmarAbouZor in #34 - Changed: bump baptiste0928/cargo-install to v2.1.0 by @kevinmatthes in #36 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #37 - Added: Export Import functions for multiple journals by @AmmarAbouZor in #39 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #40 - Fixed: Synchronizing problems with sqlite back-end by @AmmarAbouZor in #41 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #42 - Changed: improve GHA linting speed dramatically by @kevinmatthes in #43 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #44 - Addd: Option to Use Git Configured Editor as External editor by @AmmarAbouZor in #45 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #46 - [Aeruginous] Create Missing CHANGELOG Fragments by @AmmarAbouZor in #48 - Chore: Add dependabot by @AmmarAbouZor in #50 - [Aeruginous] Assemble CHANGELOG by @github-actions in #52
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jun 18, 2023
# fansi Release Notes ## v1.0.4 CRAN compiled code warning suppression release. * Fix void function declarations and definitions. * Change `sprintf` to `snprintf`. ## v1.0.3 * Address problem uncovered by gcc-12 linters, although the issue itself could not manifest due to redundancy of checks in the code. ## v1.0.0-2 This is a major release and includes some behavior changes. ### Features * New functions: * [#26](brodieG/fansi#26) Replacement forms of `substr_cl` (i.e `substr_ctl<-`). * `state_at_end` to compute active state at end of a string. * `close_state` to generate a closing sequence given an active state. * [#31](brodieG/fansi#31) `trimws_ctl` as an equivalent to `trimws`. * [#64](brodieG/fansi#64) `normalize_sgr` converts compound _Control Sequences_ into normalized form (e.g. "ESC[44;31m" becomes "ESC[31mESC[44m") for better compatibility with [`crayon`](https://github.com/r-lib/crayon). Additionally, most functions gain a `normalize` parameter so that they may return their output in normalized form (h/t @krlmlr). * [#74](https://github.com/brodieG/fansi/issues/74)`substr_ctl` and related functions are now all-C instead of a combination of C offset computations and R level `substr` operations. This greatly improves performance, particularly for vectors with many distinct strings. Despite documentation claiming otherwise, `substr_ctl` was quite slow in that case. * [#66](brodieG/fansi#66) Improved grapheme support, including accounting for them in `type="width"` mode, as well as a `type="graphemes"` mode to measure in graphemes instead of characters. Implementation is based on heuristics designed to work in most common use cases. * `html_esc` gains a `what` parameter to indicate which HTML special characters should be escaped. * Many functions gain `carry` and `terminate` parameters to control how `fansi` generated substrings interact with surrounding formats. * [#71](brodieG/fansi#71) Functions that write SGR and OSC are now more parsimonious (see "Behavior Changes" below). * [#73](brodieG/fansi#73) Default parameter values retrieved with `getOption` now always have explicit fallback values defined (h/t @gadenbui). * Better warnings and error messages, including more granular messages for `unhandled_ctl` for adjacent _Control Sequences_. * `term.cap` parameter now accepts "all" as value, like the `ctl` parameter. ### Deprecated Functions * All the "sgr" functions (e.g., `substr_sgr`, `strwrap_sgr`) are deprecated. They will likely live on indefinitely, but they are of limited usefulness and with the added support for OSC hyperlinks their name is misleading. * `sgr_to_html` is now `to_html` with slight modifications to semantics; the old function remains and does not warn about unescaped "<" or ">" in the input string. ### Behavior Changes The major intentional behavior change is to default `fansi` to always recognize true color CSI SGR sequences (e.g. `"ESC[38;2;128;50;245m"`). The prior default was to match the active terminal capabilities, but it is unlikely that the intent of a user manipulating a string with truecolor sequences is to interpret them incorrectly, even if their terminal does. `fansi` will continue to warn in this case. To keep the pre-1.0 behavior add `"old"` to the `term.cap` parameter. Additionally, `to_html` will now warn if it encounters unescaped HTML special character "<" or ">" in the input string. Finally, the 1.0 release is an extensive refactoring of many parts of the SGR and OSC hyperlink controls (_Special Sequences_) intake and output algorithms. In some cases this means that some `fansi` functions will output _Special Sequences_ slightly differently than they did before. In almost all cases the rendering of the output should remain unchanged, although there are some corner cases with changes (e.g. in `strwrap_ctl` SGRs embedded in whitespace sequences don't break the sequence). The changes are a side effect of applying more consistent treatment of corner cases around leading and trailing control sequences and (partially) invalid control sequences. Trailing _Special Sequences_ in the output is now omitted as it would be immediately closed (assuming `terminate=TRUE`, the default). Leading SGR is interpreted and re-output. Normally output consistency alone would not be a reason to change behavior, but in this case the changes should be almost always undetectable in the **rendered** output, and maintaining old inconsistent behavior in the midst of a complete refactoring of the internals was beyond my patience. I apologize if these behavior changes adversely affect your programs. > WARNING: we will strive to keep rendered appearance of `fansi` outputs > consistent across releases, but the exact bytes used in the output of _Special > Sequences_ may change. Other changes: * Tests may no longer pass with R < 4.0 although the package should still function correctly. This is primarily because of changes to the character width Unicode Database that ships with R, and many of the newly added grapheme tests touch parts of that database that changed (emoji). * CSI sequences with more than one "intermediate" byte are now considered valid, even though they are likely to be very rare, and CSI sequences consume all subsequent bytes until a valid closing byte or end of string is encountered. * `strip_ctl` only warns with malformed CSI and OSC if they are reported as supported via the `ctl` parameter. If CSI and OSC are indicated as not supported, but two byte escapes are, the two initial bytes of CSI and OSCs will be stripped. * "unknown" encoded strings are no longer translated to UTF-8 in UTF-8 locales (they are instead assumed to be UTF-8). * `nchar_ctl` preserves `dim`, `dimnames`, and `names` as the base functions do. * UTF-8 known to be invalid should not be output, even if present in input (UTF-8 validation is not complete, only sequences that are obviously wrong are detected). ### Bug Fixes * Fix `tabs_as_spaces` to handle sequential tabs, and to perform better on very wide strings. * Strings with invalid UTF-8 sequences with "unknown" declared encoding in UTF-8 locales now cause errors instead of being silently translated into byte escaped versions (e.g. "\xf0\xc2" (2 bytes), used to be interpreted as "<f0><c2>" (four characters). These now cause errors as they would have if they had had "UTF-8" declared encoding. * In some cases true colors of form "38;2;x;x;x" and "48;2;x;x;x" would only be partially transcribed. ### Internal Changes * More aggressive UTF-8 validation, also, invalid UTF-8 code points now advance only one byte instead of their putative width based on the initial byte. * Reduce peak memory usage by making some intermediate buffers eligible for garbage collection prior to native code returning to R. * Reworked internals to simplify buffer size computation and synchronization, in some cases this might cause slightly reduced performance. Please report any significant performance regressions. * `nchar_ctl(...)` is no longer a wrapper for `nchar(strip_ctl(...))` so that it may correctly support grapheme width calculations.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 10, 2023
[0.3.0] - 2023-08-09 Added - Add support for description field. You can use this to provide more detail about a jolly entry, beyond its title. #19 - Add support for icons. Jolly will look up appropriate icons for files and display them inline. #18, #20, #35 - Added support for logging facade. Logging can be configured in the config file. #30 - Added basic CLI args to Jolly. Config file can now be specified as an argument. #31 Changed - Text shaping uses iced Advanced text shaping. Should have better support for non-ascii characters in entries #25, #36 Fixed - Cleaned up window resize commands to avoid flashing of window #26
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 26, 2023
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 31, 2023
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 11, 2024
[0.12.0] - 2024-01-07 Added - Move app-level configuration into a file (#89) - Right now the only supported field is preview_templates - Toggle query parameters and headers in recipe pane (#30) - You can easily enable/disable parameters and headers without having to modify the collection file now - Add Copy URL action, to get the full URL that a request will generate (#93) Changed - Show profile contents while in the profile list (#26) - Remove settings modal in favor of the settings file - Supporting changing configuration values during a session adds a lot of complexity
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jan 14, 2024
v1.3.1 Changes Drop 3.7 support by @bagel897 in #28 do sys path hack by @bagel897 in #31 Misc Update deps by @bagel897 in #29 Update docs by @bagel897 in #30 v.1.3.0 Features Enum Support by @bagel897 in #19 Misc Use trusted publishing by @bagel897 in #17 deduplicate ci by @bagel897 in #20 chore: Configure Renovate by @renovate in #21 chore(deps): update pre-commit hook hadialqattan/pycln to v2.4.0 by @renovate in #23 chore(deps): update pre-commit hook pre-commit/mirrors-prettier to v3.1.0 by @renovate in #25 chore(deps): update pre-commit hook psf/black to v23.12.1 by @renovate in #26 chore(deps): update pre-commit hook charliermarsh/ruff-pre-commit to v0.1.11 by @renovate in #22 chore(deps): update actions/checkout action to v4 by @renovate in #27
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Feb 20, 2024
v1.3.0 Released 2023-02-19 Features: garden eval and garden expressions in general will now resolve variables defined within environment blocks. Environment blocks were previously not considered when resolving variables. Environment blocks are now resolved and checked for variables when ${variable} expressions do not find the variable in scopes with higher precedence. The precedence order, from strongest to weakest, is the variables block in a garden's scope, the variables block in a tree's scope, the variables block in global configuration scope, the environments block in a garden's scope, the environments block in a tree's scope, the environments block in global configuration scope and, lastly, OS environment variables. The first entry found is used when expanding variable expressions. (#23) Evaluation cycles (i.e. circular variable dependencies) are now prevented when evaluating garden variables. The evaluation engine will now return empty strings when a variable with a cyclical expression is evaluated. (#24) When zsh is used as the garden.shell, which happens automatically when zsh is installed, garden will now use zsh -o shwordsplit in order to enable word-splitting of $variable expressions by default. This makes zsh behave just like other shells by default, which improves the portability of commands. Configure garden.shell-wordsplit to false or use the garden <cmd> -z | --no-wordsplit option to opt-out of this behavior. (#25) garden.shell can now be configured to use arbitrary commands for executing command strings. Garden uses the configured garden.shell as-is and does not augment its options (e.g. -e or -o shwordsplit) when a custom command is used. Custom commands are identified as commands that expand to 2 or more command-line arguments. Thus, python3 is not considered a custom command and garden will run python3 -c <string> to run commands. On the other hand, specifying ruby -e is considered a custom command because it expands to ["ruby", "-e"] under the hood. If you need to use a custom command that takes no additional command-line arguments then you can use env as an extra argument to have it be considered as a custom shell. For example, env custom-shell will cause garden to run env custom-shell <string>, which is equivalent to custom-shell <string>. Using just custom-shell would have resulted in garden running custom-shell -c <string> instead, which may not be desired. (#26) The garden shell command can now be configured to use an interactive command shell that is distinct from the command specified in the garden.shell configuration by configuring the garden.interactive-shell value. (#26) garden shell can now be run without any arguments. The tree query now defaults to . so that the tree in the current directory is used when nothing is specified. (#26) Custom commands now have access to a ${GARDEN_CMD_VERBOSE} and ${GARDEN_CMD_QUIET} variables which can be used to forward the --verbose and --quiet arguments down into child garden invocations. ${GARDEN_CMD_VERBOSE} uses the short -v flag in the value to support the case where the verbose option is specified multiples times to increase the verbosity level (e.g. -vv). (#27)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Feb 24, 2024
1.12.0 (2024-01-16) * feature: add sqlite3 driver #18 * feature: add lastId() method on mysql, mysqli and sqlite3 #19 #21 * task: fix prototypes for PHP 8 #12 * task: Try and fix test by removing each #16 * task: PHP8.1 Compatability restore error handling to previous state whilst ... #13 * task: DB::apiVersion() should be declared as static #17 * task: Fix PHP8.2 Deprecated use of ${var} instead of {$var} #14 * task: PHP8.2 ready #21 * task: Mark mssql-Driver, mysql-Driver and sybase-Driver as Deprecated #21 * bug: PHP 8.0 testcase failure #23 #24 1.12.1 (2024-01-17) * bug: Missing new file in package.xml #25 * bug: Minimal fix for sqlite3 #26
netbsd-srcmastr
pushed a commit
that referenced
this pull request
May 12, 2024
Added support for HEREDOCs (#45) Fixed an issue where whitespace after a line continuation causes parsing to fail (#26) Fixed parsing a port range (#27) Allow capital letters in user names (#35) Added support for single-quoted strings (#37) Fixed an issue where ADD and COPY only accepted a single parameter (#43)
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jun 27, 2024
### 1.8.10 - 15 June 2024 * feature: new "`--output`" option to write to a file instead of standard output (pull request [#90](https://codeberg.org/a-j-wood/pv/pulls/90)) supplied by [xmort](https://codeberg.org/xmort) ### 1.8.9 - 21 April 2024 * feature: new "`--si`" option to display and interpret size suffixes in multiples of 1000 rather than 1024 (pull request [#85](https://codeberg.org/a-j-wood/pv/pulls/85)) supplied by [kevinruddy](https://codeberg.org/kevinruddy) * fix: continue producing progress output when the output is blocking writes ([#34](https://codeberg.org/a-j-wood/pv/issues/34), [#86](https://codeberg.org/a-j-wood/pv/issues/86), [#87](https://codeberg.org/a-j-wood/pv/issues/87)) * fix: honour the _TMPDIR_ / _TMP_ environment variables again, rather than hard-coding "`/tmp`", when using a terminal lock file (originally removed in 1.8.0) ([#88](https://codeberg.org/a-j-wood/pv/issues/88)) * i18n: corrections and missing strings added to French translations (pull request [#83](https://codeberg.org/a-j-wood/pv/pulls/83)) supplied by [Thomas Bertels](https://codeberg.org/tbertels) ### 1.8.5 - 19 November 2023 * fix: corrected percentage formatting so it doesn't jump from 2 to 3 characters wide at 100% ([#80](https://codeberg.org/a-j-wood/pv/issues/80)) * fix: replaced "`--remote`" mechanism, using a temporary file instead of SysV IPC, so it can work reliably even when there are multiple PV instances * fix: corrected compilation failure when without IPC support * security: addressed all issues highlighted by the software auditing tools "`splint`" and "`flawfinder`" (see "`make analyse`") ([#77](https://codeberg.org/a-j-wood/pv/issues/77)) * cleanup: compilation warnings fixed on non-IPC and MacOS systems ### 1.8.0 - 24 September 2023 #### Features * feature: new "`--discard`" option to discard input as if writing to */dev/null* ([#42](https://codeberg.org/a-j-wood/pv/issues/42)) * feature: new "`--error-skip-block`" option to make "`--skip-errors`" skip whole blocks ([#37](https://codeberg.org/a-j-wood/pv/issues/37)) * feature: use `posix_fadvise()` like `cat`(1) does, to improve efficiency ([#39](https://codeberg.org/a-j-wood/pv/issues/39)) * feature: new "`--enable-static`" option to "`configure`" for static builds ([#75](https://codeberg.org/a-j-wood/pv/pull/75)) #### Security * security: with "`--pidfile`", write to a temporary file and rename it into place, to improve security * security: keep self-contained copies of name and format string in PV internal state for memory safety * security: ignore _TMP_ / _TMPDIR_ environment variables when using a terminal lock file #### Fixes * fix: only report errors about missing files when starting to transfer from them, not while calculating size, and behave more like `cat`(1) by skipping them and moving on * fix: auto-calculate total line count with "`--line-mode`" when all inputs are regular files * fix: use `clock_gettime()` in ETA calculation to cope with machine suspend/resume ([#13](https://codeberg.org/a-j-wood/pv/issues/13)) * fix: if "`--width`" or "`--height`" were provided, do not change them when the window size changes ([#36](https://codeberg.org/a-j-wood/pv/issues/36)) * fix: when a file descriptor position in "`--watchfd`" moves backwards, show the rate using the correct prefix ([#41](https://codeberg.org/a-j-wood/pv/issues/41)) * fix: rewrite terminal state save/restore so state is not intermittently garbled on exit when using "`--cursor`" ([#20](https://codeberg.org/a-j-wood/pv/issues/20)), ([#24](https://codeberg.org/a-j-wood/pv/issues/24)) #### Cleanups * cleanup: addressed many potential issues highlighted by the software auditing tools "`splint`" and "`flawfinder`" (see new target "`make analyse`") * cleanup: switched the build system to GNU Automake * cleanup: replaced the test harness with the one native to GNU Automake * cleanup: added a test for terminal width detection to "`make check`" * cleanup: added a test to "`make check`" to ensure that "`make install`" installs everything expected * cleanup: replaced *AC_HEADER_TIOCGWINSZ* with *AC_CHECK_HEADERS(sys/ioctl.h)* for better MacOS compatibility ([#74](https://codeberg.org/a-j-wood/pv/issues/74)) * cleanup: with "`--sync`", call `fsync()` instead of `fdatasync()` on incapable systems ([#73](https://codeberg.org/a-j-wood/pv/issues/73)) * cleanup: the manual is now a static file instead of needing to be built with "`configure`" #### Dropped items * dropped: dropped support for "`--enable-static-nls`" * dropped: removed the Linux Software Map file, as the LSM project appears to be long dead * dropped: will no longer publish to SourceForge as it has a chequered history and is unnecessary * dropped: removed project from GitHub and moved to Codeberg - see "[Give Up GitHub](https://giveupgithub.org/)" #### Other items * licensing change from Artistic 2.0 to GPLv3+ ### 1.7.24 - 30 July 2023 * fix: correct terminal size detection, broken in 1.7.17 by the configuration script rewrite ([#72](https://codeberg.org/a-j-wood/pv/issues/72)) * security: removed *DEBUG* environment variable in debug mode, added "`--debug`" instead * cleanup: added "`make analyse`" to run "`splint`" and "`flawfinder`" on all source files * cleanup: corrected detection of boolean capability * cleanup: word wrapping of "`--help`" output is now multi-byte locale aware * cleanup: adjusted "`indent`" rules to line length of 120 and reformatted code ### 1.7.18 - 28 July 2023 * fix: language file installation had been broken by the configuration script rewrite ### 1.7.17 - 27 July 2023 * feature: new "`--sync`" option to flush cache to disk after every write (related to [#6](https://codeberg.org/a-j-wood/pv/issues/6), to improve accuracy when writing to slow disks) * feature: new "`--direct-io`" option to bypass cache - implements [#29 "Option to enable *O_DIRECT*"](https://codeberg.org/a-j-wood/pv/issues/29) - requested by Romain Kang, Jacek Wielemborek * fix: correct byte prefix size to 2 spaces in rate display, so progress display size remains constant at low transfer rates * cleanup: rewrote `configure.in` as per suggestions in newer "`autoconf`" manuals * cleanup: replaced `header.in` with one generated by "`autoheader`", moving custom logic to a separate header file "`config-aux.h`" * cleanup: added copyright notice to all source files as per GNU standards * cleanup: changed "`--version`" output to conform to GNU standards * cleanup: replaced backticks with `$()` in all shell scripts that did not come from elsewhere, as backticks are deprecated and harder to read * cleanup: improved the output formatting of "`make test`" * cleanup: extended the "`make test`" mechanism to allow certain tests to be skipped on platforms that cannot support them * cleanup: skip the "pipe" test (for *SIGPIPE*) if GNU "`head`" is not available, so that "`make test`" on stock OpenBSD 7.3 works * cleanup: added a lot more tests to "`make test`" * cleanup: replace all calls to `sprintf()` and `snprintf()` with a new wrapper function `pv_snprintf()` to improve security and compatibility * cleanup: replace all calls to `strcat()` with a wrapper `pv_strlcat()` to improve security and compatibility * cleanup: replace all `write()` calls to the terminal with a wrapper `pv_write_retry()` for consistency * cleanup: tidy up and fix compilation warning in "`--watchfd`" code * cleanup: rewrote all local shell scripts to pass analysis by [ShellCheck](https://www.shellcheck.net) ### 1.7.0 - 17 July 2023 * dropped: support for Red Hat Enterprise Linux and its derivatives has been dropped; removed the RPM spec file, and will no longer build binaries * feature: the "`--size`" option now accepts "`@filename`" to use the size of another file (pull request [#57](https://codeberg.org/a-j-wood/pv/pull/57) supplied by [Dave Beckett](https://github.com/dajobe)) * feature: the "`--watchfd`" option is now available on OS X (pull request [#60](https://codeberg.org/a-j-wood/pv/pull/60) supplied by [christoph-zededa](https://github.com/christoph-zededa)) * feature: new "`--bits`" option to show bit count instead of byte count (adapted from pull request [#63](https://codeberg.org/a-j-wood/pv/pull/63) supplied by [Nick Black](https://nick-black.com)) * feature: new "`--average-rate-window`" option, to set the window over which the average rate is calculated, also used for ETA (modified from pull request [#65](https://codeberg.org/a-j-wood/pv/pull/65) supplied by [lemonsqueeze](https://github.com/lemonsqueeze)) * feature: the "`--watchfd`" option will now show relative filenames, if they are under the current directory (pull request [#66](https://codeberg.org/a-j-wood/pv/pull/66) supplied by [ikasty](https://github.com/ikasty)) * fix: correction to `pv_in_foreground()` to behave as its comment block says it should, when not on a terminal - corrects [#19 "No output in Arch Linux initcpio after 1.6.6"](https://codeberg.org/a-j-wood/pv/issues/19), [#31 "No output written from inside zsh <() construct"](https://codeberg.org/a-j-wood/pv/issues/31), [#55 "pv Stopped Working in the Background"](https://codeberg.org/a-j-wood/pv/issues/55) (pull request [#64](https://codeberg.org/a-j-wood/pv/pull/64) supplied by [Michael Weiß](https://github.com/quitschbo)) * fix: workaround for OS X 11 behaviour in configure script regarding stat64 at compile time (pull request [#57](https://codeberg.org/a-j-wood/pv/pull/57) supplied by [Dave Beckett](https://github.com/dajobe)) * fix: workaround for macOS equivalence of stat to stat64 - patches from [Filippo Valsorda](https://github.com/FiloSottile) and [Demitri Muna](https://github.com/demitri), correcting [#33 "Fix compilation problems due to `stat64()` on Apple Silicon"](https://codeberg.org/a-j-wood/pv/issues/33) * fix: add burst rate limit to transfer, so rate limits are not broken by bursty traffic (pull request [#62](https://codeberg.org/a-j-wood/pv/pull/62) supplied by [Volodymyr Bychkovyak](https://github.com/vbychkoviak)) * fix: corrected "`--force`" option so it will still output progress when not in the same process group as the owner of the terminal - corrects [#23 "No output with "`-f`" when run in background after 1.6.6"](https://codeberg.org/a-j-wood/pv/issues/23) and helps to correct [#31 "No output written from inside zsh <() construct"](https://codeberg.org/a-j-wood/pv/issues/31) * fix: corrected elapsed time display to show as D:HH:MM:SS after 1 day, like the ETA does - corrects [#16 "Show days in same format in ETA as in elapsed time"](https://codeberg.org/a-j-wood/pv/issues/16) * fix: corrected bug where percentages went down after 100% when in "`--numeric`" mode with a "`--size`" that was too small - corrects [#26 "Correct "`-n`" behaviour when going past 100% of "`-s`" size"](https://codeberg.org/a-j-wood/pv/issues/26) * i18n: recoded Polish translation file to UTF-8 * i18n: removed inaccurate fuzzy translation matches * docs: moved all open issues into GitHub and updated the TODO list * docs: renamed README to README.md and altered it to Markdown format * docs: moved contributors from the README to docs/ACKNOWLEDGEMENTS.md * docs: moved TODO to TODO.md and altered it to Markdown format * docs: moved NEWS to NEWS.md, converted it to UTF-8, and altered it to Markdown format
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 13, 2024
Upstream changes: 1.601 2024-07-27T00:58:50Z * changed default DTD header to use "Apple" instead of "Apple Computer" to match what XCode has been doing (Apple changed it's name in 2007). (GitHub #27). 1.505 2024-07-14T17:52:31Z * Don't read binary files in text mode, which has problems on Windows (from joz-k, GitHub #26) * Fix problem with negative integers in WriteBinary. They should always be longs. * First release to use GitHub Attestations (see README.pod) 1.504 2022-07-08T03:16:18Z * @trwyant fixed some stray debugging output (#14 and #15) 1.503 2022-06-30T18:16:29Z * Darren Kulp noted an XML error in one of the test strings (GitHub #12) * No other code changes
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Aug 18, 2024
From Iris via pkgsrc-wip. Changelog from 2.9.27 to 2.9.28: 8f4e86ca Version 2.9.28 c6c3823b Added Sven Höxter to aboutDialog for his patches cba17cc6 Feature: link app icon as a mimetype icon for the hicolor default theme (#109) 01aae901 Fix: do not install manpage in doc dir (#107) 201ca770 Bugfix: Open french documention if required 97e0e837 Spelling fix: remove duplicate word (#108) 1a3d001d Spelling fixes (#105) 7eb79dde Desktop file improvements (#106) 92a762ed Merge branch 'release' of github.com:insilmaril/vym into release d9d7b12a Updated project name 5248d9a0 Fixed typo in version number 0e87888d Updated year in README.md acdf0677 Updated release notes -- Release notes VYM - View Your Mind The lists below shows differences between vym 2.8.0 and the latest 2.9.x version. Feel free to report any bugs or feature requests on https://github.com/insilmaril/vym/issues Thanks for using vym! Uwe Drechsel - May 2024 Version 2.9.27 Bugfixes Bugfix: Markdown improvements by Markus Seilnacht Bugfix: Allow saving of readonly maps Bugfix: Use vymBaseDir when setting up libreoffice export Bugfix: Resetting task delta prio not limited to visible tasks Version 2.9.26 Features Feature: #87 Enable Crtl modifier for macros triggered by function keys. Feature: Set last export type to "Update" after successfully "Creating" Confluence page Feature: Updated status bar messages when loading/saving maps Feature: #91 Update Italian translation Feature: Dropped URLs are truncated at start of parameters Bugfixes Bugfix: Minor typo in German translation Bugfix: Minor typo in Confluence settings dialog Bugfix: Pasted text URLs in a heading no longer create URL in branch Bugfix: #90 Disable BSP indexing to avoid crashes Bugfix: #88 Improved ASCII export Changes Change: Removed or changed shortcuts with ALT Version 2.9.22 Features Feature: Support multiple Jira instances with specific authentication methods Feature: Floppy disk icon for unsaved maps better visible, if active Feature: Upload images also for new Confluence pages Feature: New commands to control visuals of selection box Feature: added script to set colors of selection box for dark theme: demos/scripts/setSelectionBoxDarkTheme.vys Feature: Center on selection and fit to view with Key_Period + Key_Shift Feature: Delete vymLink with Ctrl-Shift click Feature: Scale pasted images to 300px width Feature: Define pen color, width and brush for selection box setSelectionPenColor setSelectionPenWidth setSelectionBrushColor Feature: Option to 'never' use dark theme Feature: Support Personal Access Tokens for Jira and Confluence Feature: Improved animated centering on selection (Shortcut: Key_Period) Feature: For multiple selected items show count in status line Feature: Scale images on the fly This allows to paste and shrink images (Ctrl + "-"), but when zooming in the images are not pixelized, but still have original resolution. Storing e.g. screenshots is more efficient this way. Bugfixes Bugfix: Creating Confluence page without attachments Bugfix: Icon and status of view icons Bugfix: disabled all icons when no map is available. Bugfix: Fixed layout of dialog for Confluence export Bugfix: Improved adding new branches at border of current scene Bugfix: Urls and VymLinks shown again in statusBar Bugfix: Wrong positon of selection box of xlinks control points, resulting in crazy scrolling, when control point is selected. Bugfix: #79 quell linking error (#79) Bugfix: Set selection background color in TreeEditor Bugfix: Also center on selected branch when using HeadingEditor while editing a heading Bugfix: Save colors of headings Bugfix: Editing long plainText headings might open HeadingEditor Bugfix: #65 and #71 Colors in NoteEditor with RichText Bugfix: #76 Editing heading of zoomed in view causes panning Bugfix: When zooming in/out using mouse wheel don't change rotation Bugfix: Background colors in HeadingEditor Bugfix: #40 Editing PlainText headings with linebreaks Bugfix: #75 TreeEditor and Linebreaks in headings Bugfix: #73 Default maps should not have word default in MapCenter Bugfix: #72 Improved support to load new default maps Bugfix: #74 HTML export uses word wrap for PlainText notes Bugfix: Update HeadingEditor for RichText heading, when frame background changes Bugfix: Update color and heading of HeadingEditor Bugfix: #70 HeadingEditor doesn't use map background when switching on RichText mode Bugfix: #70 settings override macroPath, if local option is used "-l" Bugfix: #68 HeadingEditor doesn't update after in MapEditor Bugfix: Consider zoomFactor after load when scrolling to selection Bugfix: Set color and width of legacy xlink Changes Change: Use Control modifier instead of Shift to only move MapCenter Change: Compatibility with 2.9.514: Some elements can be read, even if vym Version 2.9.2 Bugfixes Bugfix: #64 Read notes correctly from (very old) maps Version 2.9.0 This version provides bugfixes and some new features. The biggest and most visible changes are dark theme support and an extended color bar to select colors. The platform support has been improved, native Mac version is available (again) and also binaries for various Linux flavors. See the README.md for details Features Feature: Dark theme Feature: Increase max. number of recent maps to 20 Feature: Reset priority delta for visible tasks (all maps) Feature: Toggle target for multiple selected items Feature: Copying and pasting between vym instances and pasting images Feature: Added desktop files for easier packaging accross Linux distros Feature: Larger font size for editing headings on WIndows Feature: Scripting commands to edit heading and get depth of branch Feature: Introduced colors toolbar (#39) Feature: Use expand macro in Confluence export for scrolled branches Feature: Move branches diagonally with Ctrl-PageUp/Down Feature: Enable openSSL on Windows Feature: Add information from JIRA as attributes Feature: Toggle flag for multiselection Feature: Confluence and JIRA support Feature: Cycle tasks by clicking status in taskeditor Feature: Cursor up/down + Shift-key can be used to select multiple branches Feature: Updated translations for Greek and German Bugfixes Bugfix: #52 Saving part of map overwrites original map Bugfix: #48 lockfile cannot be renamed on Windows Bugfix: Read map attributes for default map Bugfix: Create translation files during build Bugfix: German translation to show keyboard macros in help menu Bugfix: Set URL when getting Jira data Bugfix: Use mapname and correct postfic when exporting Bugfix: #25 treeEditor opens when pasting images Bugfix: less compiler warnings related to deprecated Qt Bugfix: Restore state of treeEditor and slideEditor from settings in map after load Bugfix: Don't set URL for Jira ticket, if Jira pattern is not known Bugfix: Umlauts when exporting to a Confluence page Bugfix: undo/redo when toggling task via F12-macro Bugfix: Allow selecting text while editing a heading in QLineEdit Bugfix: Remove invalid QModelIndex warning when relinking images from mainbranch to center Bugfix: Avoid jumping of view when adding branches to center" Bugfix: Reset current text format when switching from RichText to PlainText Bugfix: Unused duplicate branchPropertyEditor dockwidget removed Bugfix: Setting for Windows data-root directory (#36) Bugfix: vymBaseDir improvements (#34) Bugfix: Don't trigger reposition when selection changes Bugfix: Relink branches and keep parent Bugfix: set CMAKE_INSTALL_DATAROOTDIR (#24) Bugfix: #31 Confluence export missing siblinigs of hidden first branch Bugfix: #26 tabname for save but unchanged maps does not update Bugfix: Getting user info from Confluence Bugfix: Freemind import Bugfix: exportLast of Markdown export Bugfix: piping plaintext mails from mutt into note Bugfix: Cycling tasks in taskeditor Bugfix: Links to images (color and hiding) Bugfix: Don't give up on unknown tags when importing Freeplane Bugfix: Remove unnecessary columns from taskeditor Bugfix: #14 Packaging for openSUSE: Set vymBaseDir correctly Bugfix: Trash button in NoteEditor Bugfix: vym crashed, when cursor left/right was used and multiple branches were selected Bugfix: Copy to new map Bugfix: crash while checking an empty directory (#9) Changes Changed: Settings for JIRA and Confluence Changed: Moved functionality of recover session into restore ression Changed: Sleeping tasks keep their priority (Before prio was lowered and sleeping tasks dropped to bottom.) Changed: Removed unused Bugzilla script Changed: Builds now use cmake Release notes View Your Mind - vym 2.8.0 This version provides bugfixes and some new features. The biggest and most visible change are the (mostly) reworked and now scalable icons in mind maps. At least on Linux you now can also connect to JIRA and Confluence and retrieve data, but also create or update Confluence pages. A brandnew feature is the (experimental) support to import and export Firefox bookmarks - very handy to sort bigger bookmark collections. Scripting still is considered as Technology Preview - APIs still might change in upcoming versions, when vym will be based on Qt6. Just check out the keyboard macros for F01 to F24 or also the example scripts. The lists below list differences between vym 2.7.0 and 2.8.0. Feel free to report any bugs or feature requests on https://github.com/insilmaril/vym/issues Thanks for using vym! Uwe Drechsel - April 2021 Notes: Some function keys have changed, e.g. Shift-F8 for toggling frames to include children File format has changed within the vym files CDATA is no longer used, but <vymtext> and <heading> use attributes now for texts. Vym versions below 2.7.566 cannot read newer maps Removed support for Bugzilla Removed support for SUSE FATE tool Removed dependency on 7z on Windows platform Removed setting to edit branch after creating Various optimizations, e.g. when updating map when NoteEditor changes Removed unused windows code Updated code to Qt 5.14 Reorganized source code, moved it to github and applied coding style using clang-format Detailed list of features Feature: Improved presentation mode and added projector icon Feature: Added recover option (--recover) Feature: Allow cursor positioning during edit of heading Feature: Allow middle mouse for pasting while editing heading Feature: Alternatively pan view using middle mouse button Feature: Basic editing of tasks in TaskEditor Feature: BranchPropertyEditor show sleep time Feature: Initial Confluence support (on Linux) Create new Confluence pages Get Confluence username and use in export (experimental) Native Confluence Agent to retrieve page name Feature: Dialog to enter credentials for Confluence Feature: Drag drop in TaskEditor for repriorization Feature: Editing in TreeEditor Feature: Hide less popular standard flags if not used in a map (Present, rose, phone, clock) Feature: Icons for filters in taskeditor Feature: Improved editing in TaskEditor Feature: Improved handling of modifiers Feature: Improved winter mode Feature: Import and export of Firefox bookmarks (experimental) Feature: Internal testsuite prepared Feature: Load default map instead of creating it Feature: More verbose status message for toggling frames when using function keys Feature: Most of the flags have been reworked and are scalable vector graphics now Feature: Repeat last command in map using F8 Feature: Save as default map Feature: Select images using cursor left/right in MapEditor Feature: Set sleep time weeks with 'w' Feature: Setting for margin when scrolling to selection Feature: Shortcut Shift-G to goto linked map Feature: Show Delta Priority in TaskEditor Feature: Show Task modification times Feature: Show file location in properties dialog Feature: Show flags in taskeditor Bugfixes Bugfix: Collapse selected branch using "<"-key Bugfix: Better placement of flags toolbars for new user Bugfix: Comment in map properties no longer saved as HTML Bugfix: Compiler warnings Bugfix: Correctly read task modification time from file Bugfix: Crash when exporting HTML Bugfix: Disable user flags toolbar when image is selected Bugfix: Don't save definitions of unused userflags Bugfix: Edit and actually use the correct path for macros Bugfix: Editing of branch heading in heading editor Bugfix: Editor states related to multiple selection Bugfix: Emtpy lines for hidden branches in ASCII export Bugfix: Flag to search notes in FindResultWidget Bugfix: For non-sleeping tasks display "-" in table as sleep time Bugfix: Function key F4 not executing related macro Bugfix: HTML export for svg- and userflags Bugfix: History of changing RichText notes in editor Bugfix: History of editing notes and headings Bugfix: Inactive NoteEditor in some cases Bugfix: Modifier for modModes is SHIFT, not CTRL. Bugfix: Opening default map, but without existing file Bugfix: Reenable context menu in TaskEditor Bugfix: Removal of temporary files on Windows Bugfix: Repeat toggling target with F8 Bugfix: Ruby testsuite Bugfix: Select new tab after creating new map Bugfix: Shortcuts for formats in TextEditor Bugfix: Tests related to changing (named) flags Bugfix: Undo of setting task to sleep Bugfix: Undo/redo toggling flag Bugfix: Update HeadingEditor after reselect and undo/redo Bugfix: Update confluence script Bugfix: Waking up of sleeping tasks is visible again Bugfix: Warning when saving uncompressed map Bugfix: application to open external links Bugfix: libpng warning Bugfix: svg flags not displaying correctly Bugfix: toggling target was not saved Bugfix: use most important shortcuts also in TreeEditor
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Oct 21, 2024
2.3.0 (2024-10-07) What's Changed New features * Allow specifying connection name by @cocoahero in #26 * Support ciphers SSLOptions by @saiqulhaq in #24 New Contributors * @cocoahero made their first contribution in #26 * @saiqulhaq made their first contribution in #24
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Nov 12, 2024
# prettyunits 1.2.0 * New `pretty_num()` function with all the [BIPM](https://www.bipm.org) agreed unit prefix (#26, @cregouby). * New `pretty_round()` and `pretty_signif()` functions preserve the requested number of digits as character strings (#14, @billdenney). * New `pretty_p_value()` function to convert p-values to character strings where small values are shown like "<0.0001" (#13, @billdenney). * New `pretty_color()` functionm converts a color to a named color (#12, @billdenney).
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Nov 28, 2024
v0.2.9 What's Changed Migrate to cargo workspaces and introduce github workflows by @triyanox in #14 feat: add directory indicator #11 by @triyanox in #15 chore: fix release workflow by @triyanox in #16 Merge pull request #16 from triyanox/chore/fix-release-workflow by @triyanox in #17 fix release workflow by @triyanox in #18 Merge pull request #18 from triyanox/chore/fix-release-workflow by @triyanox in #19 fix release workflow by @triyanox in #20 Merge pull request #20 from triyanox/chore/fix-release-workflow by @triyanox in #21 Fix release workflow by @triyanox in #22 chore: version crates by @triyanox in #23 chore: fix the syncing issue on the release workflow by @triyanox in #24 chore: fix version check by @triyanox in #25 chore: add explicit version for lla_plugin_interface by @triyanox in #26 chore: fix path for lla_plugin_interface by @triyanox in #27 v0.2.7 What's Changed Add the config --set command to update the lla config by @triyanox in #13
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Dec 10, 2024
textproc/uriparser: security update Revisions pulled up: - textproc/uriparser/Makefile 1.11 - textproc/uriparser/distinfo 1.9 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bsiegert Date: Mon Oct 29 16:17:25 UTC 2018 Modified Files: pkgsrc/textproc/uriparser: Makefile distinfo Log Message: Update uriparser to 0.9.0. 2018-10-27 -- 0.9.0 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Out-of-bounds write in uriComposeQuery* and uriComposeQueryEx* Commit 864f5d4c127def386dd5cc926ad96934b297f04e Thanks to Google Autofuzz team for the report! * Fixed: Detect integer overflow in uriComposeQuery* and uriComposeQueryEx* Commit f76275d4a91b28d687250525d3a0c5509bbd666f Thanks to Google Autofuzz team for the report! * Fixed: Protect uriResetUri* against acting on NULL input Commit f58c25069cf4a986fe17a80c5b38687e31feb539 >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> * Fixed: Be fully compliant to C89 (GitHub #28) and C++98 in test code * Fixed: Fix off-by-one in uriComposeQueryCharsRequired* and ...Ex* Reported space requirements were 1 byte bigger than necessary * Changed: Marked as deprecated: Deprecated functions: uriNormalizeSyntaxMaskRequired[AW] uriParseUri[AW] uriParseUriEx[AW] * Added: Add convenience functions to ease user code to parse a single URI New functions: uriParseSingleUri[AW] uriParseSingleUriEx[AW] uriParseSingleUriExMm[AW] * Added: Support for custom memory managers (GitHub #26, #35), see Doxygen New functions (as extension of existing ones): uriAddBaseUriExMm[AW] uriComposeQueryMallocExMm[AW] uriDissectQueryMallocExMm[AW] uriFreeQueryListMm[AW] uriFreeUriMembersMm[AW] uriNormalizeSyntaxExMm[AW] uriParseSingleUriExMm[AW] uriRemoveBaseUriMm[AW] New functions (for convenience): uriCompleteMemoryManager uriEmulateCalloc uriEmulateReallocarray uriTestMemoryManager New error codes: URI_ERROR_MEMORY_MANAGER_FAULTY URI_ERROR_MEMORY_MANAGER_INCOMPLETE New types: UriFuncCalloc UriFuncFree UriFuncMalloc UriFuncRealloc UriFuncReallocarray UriMemoryManager * Added: Add non-void versions of uriNormalizeSyntaxMaskRequired* New functions: uriNormalizeSyntaxMaskRequiredEx[AW] * Changed: Migrate test suite from CppTest to GoogleTest 1.8.1 * Improved: Make test suite free of memory leaks (GitHub #31) Thanks to AddressSanitizer! * Removed: Support for pointless define URI_SIZEDOWN (GitHub #29) Related configure option --enable-sizedown has also been removed. * Soname: 1:23:0 To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/uriparser/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/textproc/uriparser/distinfo
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Dec 11, 2024
pkgsrc change: remove restriction to Ruby version. 0.3.2 (2024-11-11) What's Changed * Increase speed of UUID generation by @robotblake in #11 * Test RDoc coverage by @nobu in #25 * Build package by @nobu in #26 * Cleanup by @nobu in #27 * Update UUID documentation with RFC9562 links by @nevans in #30 New Contributors * @robotblake made their first contribution in #11 0.4.0 (2024-12-02) What's Changed * Bump rubygems/release-gem from 612653d273a73bdae1df8453e090060bb4db5f31 to 9e85cb11501bebc2ae661c1500176316d3987059 by @dependabot in #33 * Bump step-security/harden-runner from 2.10.1 to 2.10.2 by @dependabot in #32 * Removed Random::Formatter by @hsbt in #34
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Upstream changelog: https://craigbarnes.gitlab.io/dte/releases.html