Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

nginx version update #234

Closed
drboone opened this issue Dec 5, 2019 · 1 comment
Closed

nginx version update #234

drboone opened this issue Dec 5, 2019 · 1 comment
Assignees

Comments

@drboone
Copy link

drboone commented Dec 5, 2019

Could nginx be updated? 1.17.0 is currently available in pkgsrc. 1.17.3 has a security fix, and there are some other http/2 fixes that I think might be helpful to us after that. Current seems to be 1.17.6.

jperkin pushed a commit that referenced this issue Mar 25, 2020
2.5.0 (2019-11-24)
------------------

* Rename the 'global' binding to 'globalThis' to match updated
  proposal-global; enable the binding by default; update
  polyfills/global.js (GH-2160)

* Add duk_pull() API call (GH-2184)

* Add experimental duk_cbor_encode() and duk_cbor_decode() API calls (GH-2163)

* Move CBOR extra into an actual Duktape built-in, enabled by default (GH-2163)

* Include "end of input" in error message if SyntaxError occurs at end of
  file (GH-2152, GH-2165)

* Add missing DUK_DEFPROP_xxx convenience constants for the 'EC' combination
  (like DUK_DEFPROP_EC, DUK_DEFPROP_HAVE_EC, etc) which were accidentally
  missing from the API header (GH-2187)

* Fix behavior of proxied Array objects for: Array.isArray(), duk_is_array(),
  Object.prototype.toString(), JSON.stringify(), Array.prototype.concat()
  (GH-2041, GH-2175, GH-2176)

* Fix a harmless assert in Math.atan2() when compiling with gcc -m32 (GH-2164)

* Fix (suppress) -Wfloat-equal warnings for GCC and Clang (GH-234, GH-2164)

* Fix compile warning when base64 support disabled (GH-2159)

* Fix some compile warnings (GH-2161, GH-2172)

* Add RISC-V architecture detection in duk_config.h; previous versions
  also compiled on RISC-V but identified as "generic" (GH-2174)

* Avoid ast/endian.h header on Solaris (GH-2180)

* Minor performance and footprint improvements (GH-2167, GH-2177)

2.4.0 (2019-07-28)
------------------

* Add duk_to_stacktrace() and duk_safe_to_stacktrace() to make it easier to
  get stacktraces in C code (GH-2059, GH-2086)

* Add duk_push_bare_array() to push an Array instance which doesn't
  inherit from anything (GH-2064)

* Add duk_require_constructable() and duk_require_constructor_call() to
  the public API (previously they were internal helpers) (GH-2102)

* Enable Symbol built-in by default (DUK_USE_SYMBOL_BUILTIN) (GH-1969)

* Remove arguments.caller for strict argument objects to match revised
  ES2017 behavior (GH-2009)

* Add DUK_USE_NATIVE_STACK_CHECK() macro config option (disabled by default)
  for a platform specific stack space check in recursive and stack heavy
  code paths; this is more accurate than the default fixed recursion limit
  (GH-1995)

* When using Proxy wrapping in console extra, don't return a fake NOP
  function for console.toJSON to avoid confusing JX serialization of the
  console object (GH-2052, GH-2054, GH-2055)

* Disable Proxy wrapper for 'duk' console binding because it is no longer
  the preferred console implementation method (GH-2055)

* Update UnicodeData.txt and SpecialCasing.txt used for building internal
  Unicode control data to Unicode version 12.1.0 (GH-2085)

* Use bare objects/arrays in more places internally: variable map and
  formals array of functions loaded from bytecode (to match behavior of
  compiled functions), context dump array for duk_push_context_dump(),
  and error tracedata (GH-2089)

* Expose DUK_INTERNAL_SYMBOL() macro; while an application shouldn't
  normally need to use this macro at all, it may be useful in some cases
  to peek into Duktape internals (with no versioning guarantees) (GH-2118)

* Accept non-plain buffer types in some examples/extras (cmdline, eventloop,
  logging, print-alert) (GH-2107)

* Fix eventloop example .write() method buffer handling which relied on
  Duktape.Buffer, also fix a related TCP client example bug (GH-2107)

* Minor changes to CBOR extra type handling: encode non-UTF-8 strings
  as CBOR byte strings (instead of text strings), encode Symbols as empty
  objects, refuse to decode Symbols, encode pointers as "(%p)" instead of
  "%p" to match JX, decode integers in most cases to fastints when possible
  (GH-2121, GH-2154)

* Minor performance improvements to CBOR extra (GH-2121, GH-2154)

* Add (untested) support for mixed endian targets to CBOR extra (GH-2121)

* Remove support for unnecessary DUK_USE_USER_DECLARE config option, use
  configure.py fixup line/file instead (GH-2123)

* Remove ncurses dependency from the eventloop example, add a new example
  for running a lot of timers, improve init error reporting (GH-2126,
  GH-2128)

* Add --no-auto-complete option to 'duk' to disable linenoise auto
  completion (GH-2131)

* Add support for keeping an array's internal array part in
  Object.defineProperty(), previously the array part was always
  abandoned if an array index was defined using Object.defineProperty()
  (even if property attributes were correct) (GH-2146)

* Rework some internal property handling call sites and helpers to e.g.
  avoid inheriting internal properties when not intended (GH-2149)

* Improve assertion coverage for internal structures during mark-and-sweep
  (GH-2092)

* Fix incorrect parsing of post-increment/post-decrement followed by
  division (e.g. "z++ / 20"), the slash was interpreted as beginning
  a regexp (GH-2140)

* Fix incorrect handling of zero-length dynamic buffer in base-64 fast path
  decoder (GH-2027, GH-2088)

* Fix Object.getOwnPropertySymbols() behavior for the virtual properties
  of arrays, Strings, and buffer objects: string keys were incorrectly
  included in the result (GH-1978, GH-1979)

* Fix Date .setTime(), setYear(), etc behavior for a frozen Date instance;
  they should be allowed, but were rejected with a TypeError (GH-2149)

* Fix compile error (missing DUK_DCERROR_UNSUPPORTED macro) when compiling
  with RegExp support disabled (GH-1990, GH-1991)

* Fix configure.py -D option to accept parenthesized macros, e.g.
  '-DFOO(bar)=quux', which were used in some examples but were not
  actually functional (GH-2013, GH-2014)

* Fix error handling corner case when a property-based call (foo.bar())
  caused an error and Duktape.errCreate returned a callable value (such
  as Float64Array); this caused an assertion failure (GH-2061, GH-2087)

* Fix coercion of +'+' and +'-' to NaN instead of 0 (GH-2019, GH-2134)

* Fix possible out-of-memory in call stack unwind by preallocating the
  environment property table on creation (GH-476, GH-2021, GH-2106)

* Fix possibility for unbounded native recursion without call stack limit
  backstop when call handling triggers a Proxy trap (GH-2032, GH-2108)

* Fix several assertion failures with possible memory unsafe behavior
  (GH-2022, GH-2023, GH-2024, GH-2025, GH-2026, GH-2031, GH-2033, GH-2035,
  GH-2036, GH-2065, GH-2115, GH-2138, GH-2146)

* Fix incorrect assertion with no underlying bug for resolving bound
  function chains with a Proxy object (rather than a plain function)
  as the final non-bound function (GH-2049, GH-2103)

* Fix incorrect assertion with no underlying bug for "thr == heap_thread"
  during heap destruction finalizer runs; the assert is untrue when a
  finalizer (executed during heap destruction) resumes a coroutine (GH-2030,
  GH-2132, GH-2133)

* Fix compile error for extras/eventloop due to missing a header file
  (c_eventloop.h) in the dist package (GH-2090)

* Fix CBOR decoding of text strings and byte strings with a lot of
  concatenated pieces in the CBOR extra (GH-2093)

* Fix CBOR decoding of (ignored) 64-bit tags in the CBOR extra (GH-2095)

* Fix a CBOR encoding wrap check in the CBOR extra (GH-2121)

* Trivial fixes and cleanups: Windows Date provider return code check
  consistency (GH-1956)

* Fix MSVC ARM64 detection (GH-2078)

* Use GCC (>= 5.0) and Clang builtin bswap macros, add internal DUK_BSWAP64()
  macro (GH-2122)

* Short term workaround for a noreturn-related issue with GCC 5+ (GH-2155)
  where some internal duk_require_constructor_call() calls are entirely
  missing in compiler output in certain circumstances (GCC 5+, noreturn
  attributes enabled, debugger support enabled); the workaround is to
  disable noreturn macros for GCC 5+ for now (GH-2156)

* Various portability fixes (GH-1931, GH-1976)
@jperkin jperkin self-assigned this Apr 20, 2020
@jperkin
Copy link
Collaborator

jperkin commented Apr 20, 2020

This was done a while back.

@jperkin jperkin closed this as completed Apr 20, 2020
jperkin pushed a commit that referenced this issue Jul 14, 2020
### All Platforms
- Allow the RPC server to listen on an IPv6 address ([#161](transmission/transmission#161))
- Change `TR_CURL_SSL_VERIFY` to `TR_CURL_SSL_NO_VERIFY` and enable verification by default ([#334](transmission/transmission#334))
- Go back to using hash as base name for resume and torrent files (those stored in configuration directory) ([#122](transmission/transmission#122))
- Handle "fields" argument in "session-get" RPC request; if "fields" array is present in arguments, only return session fields specified; otherwise return all the fields as before
- Limit the number of incorrect authentication attempts in embedded web server to 100 to prevent brute-force attacks ([#371](transmission/transmission#371))
- Set idle seed limit range to 1..40320 (4 weeks tops) in all clients ([#212](transmission/transmission#212))
- Add Peer ID for Xfplay, PicoTorrent, Free Download Manager, Folx, Baidu Netdisk torrent clients ([#256](transmission/transmission#256), [#285](transmission/transmission#285), [#355](transmission/transmission#355), [#363](transmission/transmission#363), [#386](transmission/transmission#386))
- Announce `INT64_MAX` as size left if the value is unknown (helps with e.g. Amazon S3 trackers) ([#250](transmission/transmission#250))
- Add `TCP_FASTOPEN` support (should result in slight speedup) ([#184](transmission/transmission#184))
- Improve ToS handling on IPv6 connections ([#128](transmission/transmission#128), [#341](transmission/transmission#341), [#360](transmission/transmission#360), [#692](transmission/transmission#692), [#737](transmission/transmission#737))
- Abort handshake if establishing DH shared secret fails (leads to crash) ([#27](transmission/transmission#27))
- Don't switch trackers while announcing (leads to crash) ([#297](transmission/transmission#297))
- Improve completion scripts execution and error handling; add support for .cmd and .bat files on Windows ([#405](transmission/transmission#405))
- Maintain a "session ID" file (in temporary directory) to better detect whether session is local or remote; return the ID as part of "session-get" response (TRAC-5348, [#861](transmission/transmission#861))
- Change torrent location even if no data move is needed ([#35](transmission/transmission#35))
- Support CIDR-notated blocklists ([#230](transmission/transmission#230), [#741](transmission/transmission#741))
- Update the resume file before running scripts ([#825](transmission/transmission#825))
- Make multiscrape limits adaptive ([#837](transmission/transmission#837))
- Add labels support to libtransmission and transmission-remote ([#822](transmission/transmission#822))
- Parse `session-id` header case-insensitively ([#765](transmission/transmission#765))
- Sanitize suspicious path components instead of rejecting them ([#62](transmission/transmission#62), [#294](transmission/transmission#294))
- Load CA certs from system store on Windows / OpenSSL ([#446](transmission/transmission#446))
- Add support for mbedtls (formely polarssl) and wolfssl (formely cyassl), LibreSSL ([#115](transmission/transmission#115), [#116](transmission/transmission#116), [#284](transmission/transmission#284), [#486](transmission/transmission#486), [#524](transmission/transmission#524), [#570](transmission/transmission#570))
- Fix building against OpenSSL 1.1.0+ ([#24](transmission/transmission#24))
- Fix quota support for uClibc-ng 1.0.18+ and DragonFly BSD ([#42](transmission/transmission#42), [#58](transmission/transmission#58), [#312](transmission/transmission#312))
- Fix a number of memory leaks (magnet loading, session shutdown, bencoded data parsing) ([#56](transmission/transmission#56))
- Bump miniupnpc version to 2.0.20170509 ([#347](transmission/transmission#347))
- CMake-related improvements (Ninja generator, libappindicator, systemd, Solaris and macOS) ([#72](transmission/transmission#72), [#96](transmission/transmission#96), [#117](transmission/transmission#117), [#118](transmission/transmission#118), [#133](transmission/transmission#133), [#191](transmission/transmission#191))
- Switch to submodules to manage (most of) third-party dependencies
- Fail installation on Windows if UCRT is not installed

### Mac Client
- Bump minimum macOS version to 10.10
- Dark Mode support ([#644](transmission/transmission#644), [#722](transmission/transmission#722), [#757](transmission/transmission#757), [#779](transmission/transmission#779), [#788](transmission/transmission#788))
- Remove Growl support, notification center is always used ([#387](transmission/transmission#387))
- Fix autoupdate on High Sierra and up by bumping the Sparkle version ([#121](transmission/transmission#121), [#600](transmission/transmission#600))
- Transition to ARC ([#336](transmission/transmission#336))
- Use proper UTF-8 encoding (with macOS-specific normalization) when setting download/incomplete directory and completion script paths ([#11](transmission/transmission#11))
- Fix uncaught exception when dragging multiple items between groups ([#51](transmission/transmission#51))
- Add flat variants of status icons for message log ([#134](transmission/transmission#134))
- Optimize image resources size ([#304](transmission/transmission#304), [#429](transmission/transmission#429))
- Update file icon when file name changes ([#37](transmission/transmission#37))
- Update translations

### GTK+ Client
- Add queue up/down hotkeys ([#158](transmission/transmission#158))
- Modernize the .desktop file ([#162](transmission/transmission#162))
- Add AppData file ([#224](transmission/transmission#224))
- Add symbolic icon variant for the Gnome top bar and when the high contrast theme is in use ([#414](transmission/transmission#414), [#449](transmission/transmission#449))
- Update file icon when its name changes ([#37](transmission/transmission#37))
- Switch from intltool to gettext for translations ([#584](transmission/transmission#584), [#647](transmission/transmission#647))
- Update translations, add new translations for Portuguese (Portugal)

### Qt Client
- Bump minimum Qt version to 5.2
- Fix dropping .torrent files into main window on Windows ([#269](transmission/transmission#269))
- Fix prepending of drive letter to various user-selected paths on Windows ([#236](transmission/transmission#236), [#307](transmission/transmission#307), [#404](transmission/transmission#404), [#437](transmission/transmission#437), [#699](transmission/transmission#699), [#723](transmission/transmission#723), [#877](transmission/transmission#877))
- Fix sorting by progress in presence of magnet transfers ([#234](transmission/transmission#234))
- Fix .torrent file trashing upon addition ([#262](transmission/transmission#262))
- Add queue up/down hotkeys ([#158](transmission/transmission#158))
- Reduce torrent properties (file tree) memory usage
- Display tooltips in torrent properties (file tree) in case the names don't fit ([#411](transmission/transmission#411))
- Improve UI look on hi-dpi displays (YMMV)
- Use session ID (if available) to check if session is local or not ([#861](transmission/transmission#861))
- Use default (instead of system) locale to be more flexible ([#130](transmission/transmission#130))
- Modernize the .desktop file ([#162](transmission/transmission#162))
- Update translations, add new translations for Afrikaans, Catalan, Danish, Greek, Norwegian Bokmål, Slovenian

### Daemon
- Use libsystemd instead of libsystemd-daemon (TRAC-5921)
- Harden transmission-daemon.service by disallowing privileges elevation ([#795](transmission/transmission#795))
- Fix exit code to be zero when dumping settings ([#487](transmission/transmission#487))

### Web Client
- Fix tracker error XSS in inspector (CVE-?)
- Fix performance issues due to improper use of `setInterval()` for UI refresh (TRAC-6031)
- Fix recognition of `https://` links in comments field ([#41](transmission/transmission#41), [#180](transmission/transmission#180))
- Fix torrent list style in Google Chrome 59+ ([#384](transmission/transmission#384))
- Show ETA in compact view on non-mobile devices ([#146](transmission/transmission#146))
- Show upload file button on mobile devices ([#320](transmission/transmission#320), [#431](transmission/transmission#431), [#956](transmission/transmission#956))
- Add keyboard hotkeys for web interface ([#351](transmission/transmission#351))
- Disable autocompletion in torrent URL field ([#367](transmission/transmission#367))

### Utils
- Prevent crash in transmission-show displaying torrents with invalid creation date ([#609](transmission/transmission#609))
- Handle IPv6 RPC addresses in transmission-remote ([#247](transmission/transmission#247))
- Add `--unsorted` option to transmission-show ([#767](transmission/transmission#767))
- Widen the torrent-id column in transmission-remote for cleaner formatting ([#840](transmission/transmission#840))
jperkin pushed a commit that referenced this issue Sep 16, 2020
Update ruby-bcrypt package to 3.1.16.


3.1.16 Sep 3 2020
  - Fix compilation on FreeBSD. [GH #234]

3.1.15 July 21 2020
  - Remove GVL optimization.  Apparently it breaks things [GH #230]

3.1.14 July 21 2020
  - Start calibration from the minimum cost supported by the algorithm
    [GH #206 by @sergey-alekseev]
jperkin pushed a commit that referenced this issue Sep 21, 2020
2.0.3 (2020-08-22)
~~~~~~~~~~~~~~~~~~

- Fix issues when building re2c as a CMake subproject
  (`#302 <https://github.com/skvadrik/re2c/pull/302>`_:

- Final corrections in the SIMPA article "RE2C: A lexer generator based on
  lookahead-TDFA", https://doi.org/10.1016/j.simpa.2020.100027

2.0.2 (2020-08-08)
~~~~~~~~~~~~~~~~~~

- Enable re2go building by default.

- Package CMake files into release tarball.

2.0.1 (2020-07-29)
~~~~~~~~~~~~~~~~~~

- Updated version for CMake build system (forgotten in release 2.0).

- Added a short article about re2c for the Software Impacts journal.

2.0 (2020-07-20)
~~~~~~~~~~~~~~~~

- Added new code generation backend for Go and a new ``re2go`` program
  (`#272 <https://github.com/skvadrik/re2c/issues/272>`_: Go support).
  Added option ``--lang <c | go>``.

- Added CMake build system as an alternative to Autotools
  (`#275 <https://github.com/skvadrik/re2c/pull/275>`_:
  Add a CMake build system (thanks to ligfx),
  `#244 <https://github.com/skvadrik/re2c/issues/244>`_: Switching to CMake).

- Changes in generic API:

  + Removed primitives ``YYSTAGPD`` and ``YYMTAGPD``.
  + Added primitives ``YYSHIFT``, ``YYSHIFTSTAG``, ``YYSHIFTMTAG``
    that allow to express fixed tags in terms of generic API.
  + Added configurations ``re2c:api:style`` and ``re2c:api:sigil``.
  + Added named placeholders in interpolated configuration strings.

- Changes in reuse mode (``-r, --reuse`` option):

  + Do not reset API-related configurations in each `use:re2c` block
    (`#291 <https://github.com/skvadrik/re2c/issues/291>`_:
    Defines in rules block are not propagated to use blocks).
  + Use block-local options instead of last block options.
  + Do not accumulate options from rules/reuse blocks in whole-program options.
  + Generate non-overlapping YYFILL labels for reuse blocks.
  + Generate start label for each reuse block in storable state mode.

- Changes in start-conditions mode (``-c, --start-conditions`` option):

  + Allow to use normal (non-conditional) blocks in `-c` mode
    (`#263 <https://github.com/skvadrik/re2c/issues/263>`_:
    allow mixing conditional and non-conditional blocks with -c,
    `#296 <https://github.com/skvadrik/re2c/issues/296>`_:
    Conditions required for all lexers when using '-c' option).
  + Generate condition switch in every re2c block
    (`#295 <https://github.com/skvadrik/re2c/issues/295>`_:
    Condition switch generated for only one lexer per file).

- Changes in the generated labels:

  + Use ``yyeof`` label prefix instead of ``yyeofrule``.
  + Use ``yyfill`` label prefix instead of ``yyFillLabel``.
  + Decouple start label and initial label (affects label numbering).

- Removed undocumented configuration ``re2c:flags:o``, ``re2c:flags:output``.

- Changes in ``re2c:flags:t``, ``re2c:flags:type-header`` configuration:
  filename is now relative to the output file directory.

- Added option ``--case-ranges`` and configuration ``re2c:flags:case-ranges``.

- Extended fixed tags optimization for the case of fixed-counter repetition.

- Fixed bugs related to EOF rule:

  + `#276 <https://github.com/skvadrik/re2c/issues/276>`_:
    Example 01_fill.re in docs is broken
  + `#280 <https://github.com/skvadrik/re2c/issues/280>`_:
    EOF rules with multiple blocks
  + `#284 <https://github.com/skvadrik/re2c/issues/284>`_:
    mismatched YYBACKUP and YYRESTORE
    (Add missing fallback states with EOF rule)

- Fixed miscellaneous bugs:

  + `#286 <https://github.com/skvadrik/re2c/issues/286>`_:
    Incorrect submatch values with fixed-length trailing context.
  + `#297 <https://github.com/skvadrik/re2c/issues/297>`_:
    configure error on ubuntu 18.04 / cmake 3.10

- Changed bootstrap process (require explicit configuration flags and a path to
  re2c executable to regenerate the lexers).

- Added internal options ``--posix-prectable <naive | complex>``.

- Added debug option ``--dump-dfa-tree``.

- Major revision of the paper "Efficient POSIX submatch extraction on NFA".

----
1.3x
----

1.3 (2019-12-14)
~~~~~~~~~~~~~~~~

- Added option: ``--stadfa``.

- Added warning: ``-Wsentinel-in-midrule``.

- Added generic API primitives:

  + ``YYSTAGPD``
  + ``YYMTAGPD``

- Added configurations:

  + ``re2c:sentinel = 0;``
  + ``re2c:define:YYSTAGPD = "YYSTAGPD";``
  + ``re2c:define:YYMTAGPD = "YYMTAGPD";``

- Worked on reproducible builds
  (`#258 <https://github.com/skvadrik/re2c/pull/258>`_:
  Make the build reproducible).

----
1.2x
----

1.2.1 (2019-08-11)
~~~~~~~~~~~~~~~~~~

- Fixed bug `#253 <https://github.com/skvadrik/re2c/issues/253>`_:
  re2c should install unicode_categories.re somewhere.

- Fixed bug `#254 <https://github.com/skvadrik/re2c/issues/254>`_:
  Turn off re2c:eof = 0.

1.2 (2019-08-02)
~~~~~~~~~~~~~~~~

- Added EOF rule ``$`` and configuration ``re2c:eof``.

- Added ``/*!include:re2c ... */`` directive and ``-I`` option.

- Added ``/*!header:re2c:on*/`` and ``/*!header:re2c:off*/`` directives.

- Added ``--input-encoding <ascii | utf8>`` option.

  + `#237 <https://github.com/skvadrik/re2c/issues/237>`_:
    Handle non-ASCII encoded characters in regular expressions
  + `#250 <https://github.com/skvadrik/re2c/issues/250>`_
    UTF8 enoding

- Added include file with a list of definitions for Unicode character classes.

  + `#235 <https://github.com/skvadrik/re2c/issues/235>`_:
    Unicode character classes

- Added ``--location-format <gnu | msvc>`` option.

  + `#195 <https://github.com/skvadrik/re2c/issues/195>`_:
    Please consider using Gnu format for error messages

- Added ``--verbose`` option that prints "success" message if re2c exits
  without errors.

- Added configurations for options:

  + ``-o --output`` (specify output file)
  + ``-t --type-header`` (specify header file)

- Removed configurations for internal/debug options.

- Extended ``-r`` option: allow to mix multiple ``/*!rules:re2c*/``,
  ``/*!use:re2c*/`` and ``/*!re2c*/`` blocks.

  + `#55 <https://github.com/skvadrik/re2c/issues/55>`_:
    allow standard re2c blocks in reuse mode

- Fixed ``-F --flex-support`` option: parsing and operator precedence.

  + `#229 <https://github.com/skvadrik/re2c/issues/229>`_:
    re2c option -F (flex syntax) broken
  + `#242 <https://github.com/skvadrik/re2c/issues/242>`_:
    Operator precedence with --flex-syntax is broken

- Changed difference operator ``/`` to apply before encoding expansion of
  operands.

  + `#236 <https://github.com/skvadrik/re2c/issues/236>`_:
    Support range difference with variable-length encodings

- Changed output generation of output file to be atomic.

  + `#245 <https://github.com/skvadrik/re2c/issues/245>`_:
    re2c output is not atomic

- Authored research paper "Efficient POSIX Submatch Extraction on NFA"
  together with Dr Angelo Borsotti.

- Added experimental libre2c library (``--enable-libs`` configure option) with
  the following algorithms:

  + TDFA with leftmost-greedy disambiguation
  + TDFA with POSIX disambiguation (Okui-Suzuki algorithm)
  + TNFA with leftmost-greedy disambiguation
  + TNFA with POSIX disambiguation (Okui-Suzuki algorithm)
  + TNFA with lazy POSIX disambiguation (Okui-Suzuki algorithm)
  + TNFA with POSIX disambiguation (Kuklewicz algorithm)
  + TNFA with POSIX disambiguation (Cox algorithm)

- Added debug subsystem (``--enable-debug`` configure option) and new debug
  options:

  + ``-dump-cfg`` (dump control flow graph of tag variables)
  + ``-dump-interf`` (dump interference table of tag variables)
  + ``-dump-closure-stats`` (dump epsilon-closure statistics)

- Added internal options:

  + ``--posix-closure <gor1 | gtop>`` (switch between shortest-path algorithms
    used for the construction of POSIX closure)

- Fixed a number of crashes found by American Fuzzy Lop fuzzer:

  + `#226 <https://github.com/skvadrik/re2c/issues/226>`_,
    `#227 <https://github.com/skvadrik/re2c/issues/227>`_,
    `#228 <https://github.com/skvadrik/re2c/issues/228>`_,
    `#231 <https://github.com/skvadrik/re2c/issues/231>`_,
    `#232 <https://github.com/skvadrik/re2c/issues/232>`_,
    `#233 <https://github.com/skvadrik/re2c/issues/233>`_,
    `#234 <https://github.com/skvadrik/re2c/issues/234>`_,
    `#238 <https://github.com/skvadrik/re2c/issues/238>`_

- Fixed handling of newlines:

  + correctly parse multi-character newlines CR LF in ``#line`` directives
  + consistently convert all newlines in the generated file to Unix-style LF

- Changed default tarball format from .gz to .xz.

  + `#221 <https://github.com/skvadrik/re2c/issues/221>`_:
    big source tarball

- Fixed a number of other bugs and resolved issues:

  + `#2 <https://github.com/skvadrik/re2c/issues/2>`_: abort
  + `#6 <https://github.com/skvadrik/re2c/issues/6>`_: segfault
  + `#10 <https://github.com/skvadrik/re2c/issues/10>`_:
    lessons/002_upn_calculator/calc_002 doesn't produce a useful example program
  + `#44 <https://github.com/skvadrik/re2c/issues/44>`_:
    Access violation when translating the attached file
  + `#49 <https://github.com/skvadrik/re2c/issues/49>`_:
    wildcard state \000 rules makes lexer behave weard
  + `#98 <https://github.com/skvadrik/re2c/issues/98>`_:
    Transparent handling of #line directives in input files
  + `#104 <https://github.com/skvadrik/re2c/issues/104>`_:
    Improve const-correctness
  + `#105 <https://github.com/skvadrik/re2c/issues/105>`_:
    Conversion of pointer parameters into references
  + `#114 <https://github.com/skvadrik/re2c/issues/114>`_:
    Possibility of fixing bug 2535084
  + `#120 <https://github.com/skvadrik/re2c/issues/120>`_:
    condition consisting of default rule only is ignored
  + `#167 <https://github.com/skvadrik/re2c/issues/167>`_:
    Add word boundary support
  + `#168 <https://github.com/skvadrik/re2c/issues/168>`_:
    Wikipedia's article on re2c
  + `#180 <https://github.com/skvadrik/re2c/issues/180>`_:
    Comment syntax?
  + `#182 <https://github.com/skvadrik/re2c/issues/182>`_:
    yych being set by YYPEEK () and then not used
  + `#196 <https://github.com/skvadrik/re2c/issues/196>`_:
    Implicit type conversion warnings
  + `#198 <https://github.com/skvadrik/re2c/issues/198>`_:
    no match for ‘operator!=’ in ‘i != std::vector<_Tp, _Alloc>::rend() [with _Tp = re2c::bitmap_t, _Alloc = std::allocator<re2c::bitmap_t>]()’
  + `#210 <https://github.com/skvadrik/re2c/issues/210>`_:
    How to build re2c in windows?
  + `#215 <https://github.com/skvadrik/re2c/issues/215>`_:
    A memory read overrun issue in s_to_n32_unsafe.cc
  + `#220 <https://github.com/skvadrik/re2c/issues/220>`_:
    src/dfa/dfa.h: simplify constructor to avoid g++-3.4 bug
  + `#223 <https://github.com/skvadrik/re2c/issues/223>`_:
    Fix typo
  + `#224 <https://github.com/skvadrik/re2c/issues/224>`_:
    src/dfa/closure_posix.cc: pack() tweaks
  + `#225 <https://github.com/skvadrik/re2c/issues/225>`_:
    Documentation link is broken in libre2c/README
  + `#230 <https://github.com/skvadrik/re2c/issues/230>`_:
    Changes for upcoming Travis' infra migration
  + `#239 <https://github.com/skvadrik/re2c/issues/239>`_:
    Push model example has wrong re2c invocation, breaks guide
  + `#241 <https://github.com/skvadrik/re2c/issues/241>`_:
    Guidance on how to use re2c for full-duplex command & response protocol
  + `#243 <https://github.com/skvadrik/re2c/issues/243>`_:
    A code generated for period (.) requires 4 bytes
  + `#246 <https://github.com/skvadrik/re2c/issues/246>`_:
    Please add a license to this repo
  + `#247 <https://github.com/skvadrik/re2c/issues/247>`_:
    Build failure on current Cygwin, probably caused by force-fed c++98 mode
  + `#248 <https://github.com/skvadrik/re2c/issues/248>`_:
    distcheck still looks for README
  + `#251 <https://github.com/skvadrik/re2c/issues/251>`_:
    Including what you use is find, but not without inclusion guards

- Updated documentation and website.
jperkin pushed a commit that referenced this issue Oct 4, 2020
Changelog:
* Verilator 4.100 2020-09-07

**    C++11 or newer compilers are now required.

**    SystemC 2.3.0 or newer (SYSTEMC_VERSION >= 20111121) is now required.

**    Support hierarchical Verilation (#2206). [Yutetsu TAKATSUKASA]

****  Support (with limitations) class extern, class extends, virtual class.

****  Support $urandom, $urandom_range without stability.

****  Fix false DECLFILENAME on black-boxed modules (#2430). [Philipp Wagner]

****  Fix naming of "id : begin" blocks.

****  Fix class constructor error on assignments to const.

****  Fix splitting eval functions with --output-split-cfuncs (#2368). [Geza Lore]

****  Fix queues as class members (#2525). [nanduraj1]

****  Add support for assume property. [Peter Monsson]


* Verilator 4.040 2020-08-15

**    Version 4.040 is planned to be the final version that will
      support pre-C++11 compilers. Please move to C++11 or newer compilers.

***   Fix arrayed interfaces, broke in 4.038 (#2468). [Josh Redford]

****  Support $stable, $rose and $fell.  (#2148) (#2501) [Peter Monsson]

****  Support simple function localparams (#2461). [James Hanlon]

****  Miscellaneous parsing error changes towards UVM support.

****  Fix arrayed interfaces (#2469).  [Josh Redford]

****  Fix protect lib VCS warning. (#2479) [Julien Margetts]

****  Fix combining different-width parameters (#2484). [abirkmanis]

****  Fix protect-lib without sequential logic (#2492). [Yutetsu TAKATSUKASA]

****  Fix V3Unknown from running with flat XML output (#2494). [James Hanlon]

****  Fix non-32 bit conversion to float (#2495). [dsvf]

****  Fix casting non-self-determined subexpressions (#2493). [phantom-killua]

****  Fix SystemC net names (#2500). [Edgar E. Iglesias]

****  Fix build with Bison 3.7 and newer (#2505). [Rupert Swarbrick]

****  Fix slice of unpacked array (#2506) (#2507). [Yutetsu TAKATSUKASA]


* Verilator 4.038 2020-07-11

**    Versions 4.038 and 4.040 are planned to be the final versions that will
      support pre-C++11 compilers. Please move to C++11 or newer compilers.

***   Support VPI access to parameters and localparam. [Ludwig Rogiers]

***   Support parsing (not elaboration, yet) of UVM.

****  Add new UNSUPPORTED error code to replace most previous Unsupported: messages.

****  With --bbox-unsup continue parsing on many (not all) UVM constructs.

****  Support for-loop increments with commas.

****  Support $swrite with arbitrary arguments.

****  Support $writememb (#2450). [Fan Shupei]

****  Fix OS X, Free BSD, and -m32 portability issues. [Geza Lore]

****  Fix to flush FST trace on termination due to $stop or assertion failure.

****  Fix part select error when multipling by power-of-two (#2413). [Conor McCullough]

****  Fix division exception (#2460) [Kuoping Hsu]


* Verilator 4.036 2020-06-06

**    OPT_FAST is now -Os by default. See the BENCHMARKING & OPTIMIZATION part
      of the manual if you experience issues with compilation speed.

***   Configure now enables SystemC if it is installed as a system headers,
      e.g. with 'apt-get install systemc-dev'.

***   Add --waiver-output flag that writes a verilator config file (.vlt) with
      waivers to the warnings emitted during a Verilator run.

***   Support verilator_coverage --write-info for lcov HTML reports.
      Line Coverage now tracks all statement lines, not just branch lines.

***   --output-split is now on by default. VM_PARALLEL_BUILDS is set by
      default iff the --output-split caused an actual file split to occur.
      --output-split-cfuncs and --output-split-ctrace now default to the
      value of --output-split. These changes should improve build times of
      medium and large designs with default options. User makefiles may
      require changes.

***   The run-time library is now compiled with -Os by default. (#2369, #2373)

****  Support multi channel descriptor I/O (#2190) [Stephen Henry]

****  Support $countbits. (#2287) [Yossi Nivin]

****  Support $isunbounded and parameter $. (#2104)

****  Support unpacked array .sum and .product.

****  Support prefix/postfix increment/decrement. (#2223) [Maciej Sobkowski]

****  Fix FST tracing of little bit endian signals. [Geza Lore]

****  Fix +: and -: on unpacked arrays. (#2304) [engr248]

****  Fix $isunknown with constant Z's.

****  Fix queues and dynamic array wide ops. (#2352) [Vassilis Papaefstathiou]


* Verilator 4.034 2020-05-03

**    Add simplistic class support with many restrictions, see manual. (#377)

**    Support IEEE time units and time precisions. (#234)
      Includes `timescale, $printtimescale, $timeformat.
      VL_TIME_MULTIPLIER, VL_TIME_PRECISION, VL_TIME_UNIT have been removed
      and the time precision must now match the SystemC time precision. To
      get closer behavior to older versions, use e.g. --timescale-override
      "1ps/1ps".

**    Add --build to call make automatically. (#2249) [Yutetsu TAKATSUKASA]

**    Configuring with ccache present now defaults to using it; see OBJCACHE.

**    Fix DPI import/export to be standard compliant. (#2236) [Geza Lore]

**    Add --trace-threads for general multithreaded tracing. (#2269) [Geza Lore]

***   Add --flatten for use with --xml-only. (#2270) [James Hanlon]

****  Greatly improve FST/VCD dump performance (#2244) (#2246) (#2250) (#2257) [Geza Lore]

****  Support $ferror, and $fflush without arguments. (#1638)

****  Support event data type (with some restrictions).

****  Support $root. (#2150) [Keyi Zhang]

****  Add error if use SystemC 2.2 and earlier (pre-2011) as is deprecated.

****  Fix build of fast path tracing code to use OPT_FAST. (#2245) [Geza Lore]

****  Fix arrayed instances connecting to slices. (#2263) [Don/engr248]

****  Fix error on unpacked connecting to packed. (#2288) [Joseph Shaker]

****  Fix logical not optimization with empty begin. (#2291) [Baltazar Ortiz]

****  Fix reduction OR on wide data, broke in v4.026. (#2300) [Jack Koenig]

****  Fix clock enables with bit-extends. (#2299) [Marco Widmer]

****  Fix MacOs Homebrew by removing default LIBS. (#2298) [Ryan Clarke]


* Verilator 4.032 2020-04-04

***   Add column numbers to errors and warnings.

***   Add GCC 9-style line number prefix when showing source text for errors.

***   Add setting VM_PARALLEL_BUILDS=1 when using --output-split. (#2185)

***   Change --quiet-exit to also suppress 'Exiting due to N errors'.

****  Suppress REALCVT for whole real numbers.

****  Support split_var in vlt files. (#2219) [Marco Widmer]

****  Fix parameter type redeclaring a type. (#2195) [hdzhangdoc]

****  Fix VCD open with empty filename. (#2198) [Julius Baxter]

****  Fix packages as enum base types. (#2202) [Driss Hafdi]

****  Fix duplicate typedefs in generate for. (#2205) [hdzhangdoc]

****  Fix MinW portability. (#2114) [Sean Cross]

****  Fix assertions with unique case inside. (#2199) [hdzhangdoc]

****  Fix implicit conversion of floats to wide integers.
jperkin pushed a commit that referenced this issue Oct 19, 2020
0.25.9          (2019-06-18):

* Bugfix: %GITHUB%/issues/261
       Issue with iterating Python sequences
* Bugfix: %GITHUB%/issues/271
       Chose cell coordinates on "Make Cell"
* Bugfix: %GITHUB%/issues/272
       Error message if trying to run macros in unsupported languages
* Bugfix: %GITHUB%/issues/275
       "Write without context" did not have an effect with OASIS
* Bugfix: %GITHUB%/issues/276
       LayerPropertiesNodeRef was not working as documented
* Bugfix: %GITHUB%/issues/278
       Lost reference with ObjectInstPath#shape
* Bugfix: %GITHUB%/issues/281
       Width and space violations are reported now also for
       the "kissing corners" case

0.25.8          (2019-02-23):

* Bugfix: %GITHUB%/issues/234
       Issues with LayoutView#save_image_with_options
* Bugfix: %GITHUB%/issues/232
       Crash on reading .lyp files with big stipple pattern
* Bugfix: %GITHUB%/issues/228
       Bug in Region#interact and DRC's "interact" function.
* Bugfix: %GITHUB%/issues/225
       Mirrored custom stipple pattern

0.25.7          (2019-01-09):

* Bugfix: %GITHUB%/issues/200
       Safer iteration of cell instances and shapes (with
       modifications of container during iteration) - in this
       case while flattening instances
* Bugfix: %GITHUB%/issues/209
       Reader options were grayed out in stream import feature.
* Bugfix: %GITHUB%/issues/207
       Basic.TEXT PCell was rounding bias a spacing values to
       integer multiples.
* Bugfix: %GITHUB%/issues/203
       A segfault was fixed that happend on certain platforms
       when closing the application (e.g. CentOS7).
* Bugfix: (RBA/pya) Technology#load was not working
       Instead of load, the technology was saved.
jperkin pushed a commit that referenced this issue Oct 19, 2020
This notably fixes a security issue, CVE-2020-27197.

Version 1.1.118:

 * #247 [CVE-2020-27197] Avoid SSRF on parsing XML (@orsinium)

Version 1.1.117:

 * #244 SSL Verify Server not working correctly (@motok) (@nschwane)
 * #245 Unicode lxml.etree.SerialisationError on lxml 4.5.0+ (@advptr)

Version 1.1.116:

 * #240 PY3 Compatibility changes for HTTP Response Body (@nschwane)

Version 1.1.115:

 * #239 Convert the HTTP response body to a string type (PY3 this will be bytes) (@sddj)

Version 1.1.114:

 * #237 Support converting dicts to content bindings (@danielsamuels)
 * #238 Provide XMLParser copies instead of reusing the cached instance. Prevents future messages to lose namespace

Version 1.1.113:

 * #234 Add ability to load a configuration file when executing a script
 * #232 Fix TLS handshake failure when a server requires SNI (@marcelslotema)

Version 1.1.112:

 * #227 Fixes to poll_client script (Python3 compatibility)
 * #226 Clean-up documentation warnings
 * #228 Fix 'HTTPMessage' has no attribute 'getheader' (Python3 compatibility)
 * #225 Fix checks that involve xpath (lxml) to prevent FutureWarning message
 * #230 Fix parsing status message round-trip (@danielsamuels)

Thanks leot@ and pkgsrc's security team for the heads up!
Pull-up to be requested.
jperkin pushed a commit that referenced this issue Feb 13, 2021
Gnumeric 1.12.48

Andreas:
	* Add axis title to chart in histogram tool. [#408]
	* Fix line end marker roundtrip through strict ODF
	* Improve export of line markers to ODF for interoperability
	* Improve line marker handling on import
	* Fix LaTeX export. [#489]
	* When reading an ODF file make all sheets of equal size. [#505]

Jean:
	* Fix xlsx object non-import crash.
	* Fix in-place graph data problem.  [#492]
	* Port to Python3. [#419]

Morten:
	* Fix performance issue with sample_datasource.  [#491]
	* Fix partial-line issue with sample_datasource.
	* Fix load of in-place graph data with extra ()s.  [#492]
	* Fix Ctrl-; cursor position.  [#494]
	* Fix ssconvert --merge-to problem.  [#496]
	* Fix sheet size paste problem.  [#497]
	* Speed up really large auto-filters.  [#465]
	* Fix 2038 problem on quit.
	* Improve tests.
	* Improve dependency tracking for implicit intersection. [#501]
	* Fix format dialog issue.  [#503]
	* Re-tune style quad tree.  [#234]
	* Re-tune dependency bucket system.  [#502]
	* Fix global name parsing problem with non-uniform sheet sizing.
	* Avoid style dependency redraw during file load.
	* Tend to dead kittens.
	* Fix metadata dialog.  [#510]
	* Fix potential 64-bit problem with signals.
	* Fix GnmRange introspection.
jperkin pushed a commit that referenced this issue Mar 6, 2021
Changes:
1.17.0
------
### Additions
 - [cyberdrop] add support for `https://cyberdrop.me/` (#1328)
 - [exhentai] add `metadata` option; extract more metadata from gallery
   pages (#1325)
 - [hentaicafe] add `search` and `tag` extractors (#1345)
 - [hentainexus] add `original` option (#1322)
 - [instagram] support `/user/reels/` URLs (#1329)
 - [naverwebtoon] add support for `https://comic.naver.com/` (#1331)
 - [pixiv] add `translated-tags` option (#1354)
 - [tbib] add support for `https://tbib.org/` (#473, #1082)
 - [tumblrgallery] add support for `https://tumblrgallery.xyz/` (#1298)
 - [twitter] add extractor for followed users (#1337)
 - [twitter] add option to download all media from conversations (#1319)
 - [wallhaven] add `collections` extractor (#1351)
 - [snap] allow access to user's .netrc for site authentication (#1352)
 - add extractors for Gelbooru v0.1 sites (#234, #426, #473, #767, #1238)
 - add `-E/--extractor-info` command-line option (#875)
 - add GitHub Actions workflow for building standalone executables (#1312)
 - add `browser` and `headers` options (#1117)
 - add option to use different youtube-dl forks (#1330)
 - support using multiple input files at once (#1353)

### Changes
 - [deviantart] extend `extra` option to also download embedded DeviantArt
   posts.
 - [exhentai] rename metadata fields to match API results (#1325)
 - [mangadex] use `api.mangadex.org` as default API server
 - [mastodon] cache OAuth tokens (#616)
 - replace `wait-min` and `wait-max` with `sleep-request`

### Fixes
 - [500px] skip unavailable photos (#1335)
 - [komikcast] fix extraction
 - [readcomiconline] download high quality image versions (#1347)
 - [twitter] update GraphQL endpoints
 - fix crash when `base-directory` is an empty string (#1339)

### Removals
 - remove support for formerly deprecated options
 - remove `cloudflare` module
jperkin pushed a commit that referenced this issue Mar 30, 2021
Packaging changes:
 - Some patches got upstreamed
 - Upstream now defaults to name=sc-im so it no longer needs to be set

Changes, (reformatted) from the official changelog:

New features:
 - New motions in edit mode: df cf F dF cF d0 d$ c0 c$ t T dt dT ct cT ^
   g_ d^ dg_ c^ cg_
 - Simple mouse support. Can handle selection of single cells and scroll.
 - Added markdown export.
 - Add custom colors with RGB definitions.
 - Add support for italic attribute to be appled to cells.
 - Added digraphs.
 - Added EXECUTE command.
 - Added --export_csv --export_tab --export_txt parameters.
 - New input_bar_bottom config variable.
 - New underline_grid config variable.
 - Added filename in status bar (filename_with_mode config variable).
 - Added option to truncate cells.
 - Added xlsx sheet parameter.
 - New @fact function.

Other:
 - modified config and history file locations
 - renamed winch to sig_winch.
 - current fg and bg colors are kept if they are not specified in
 :cellcolor.
 - OpenBSD support (mostly wordexp() workaround)
 - Correct lua api function names in doc
 - always generate backup file when opening file
 - renamed scim to sc-im in Makefile
 - Document trigger return value convention

Issues fixed:
 - fix bug when deleting an ent that for instance has a @sum()... it
   used to remove its vertex and THE ENTS LINKED to THEM!
 - fix error messages when using "scim --version" and color definitions
   are intented to be applied from .scimrc.
 - fix in waiting for valid command to complete after pressing ESC key.
 - fix in parse_str so a word with white space can be stored in
   dictionary value
 - fix when setting default_paste_from_clipboard_cmd
 - Don't clobber startup message w/ err opening file
 - Allow for lua scripts in local .sc directory #259
 - Send informational messages to stderr rather than the output when
   used in non-interactive mode   #263
 - fixed cell_negative color      #271
 - fixed locked cells when saving #261
 - fixed DEL key in insert mode   #272
 - fix when resizing column       #266
 - "Autobackup - case insensitive QER options when backup exists"
 - fixed segfault when fcopy'ing with no selection while on first column
 - Call write triggers on value clear
 - Use sc_info to report trigger exit code
 - fixed #277
 - Grow table up to MAXROWS exactly
 - Remove redundant if clause (God only knows where that was).
 - fix in getVertex that prevented rebuild_graph to work properly.
 - fix annoying bug because of not resetting inputline_pos to 0 when
   confirming a command in COMMAND_MODE
 - fix in let and slet. existing vertexs should not be removed.
 - added "eval_visited" in vertex struct for not to collide with
   current "visited", since:
     EvalAll uses EvalBottomUp
     EvalBottomUp uses EvalJustOneVertex
     EvalJustOneVertex uses eval
     eval uses GraphAddEdge
     GraphAddEdge uses GraphIsReachable
     GraphIsReachable uses visited
     and EvalBottomUp also uses uses visited!
 - Also changed markAllVerticesNotVisited and
   All_vertexs_of_edges_visited functions.
 - Some other issues fixed: #228, #234, #239, #240, #244, #246, #260,
   #295, #308
 - .. and many other fixes and improvements!

Pending:
  The most significative issue is regarding circular references.
  This have to be deeply analyzed and with the collaboration of the
  community
  it would be hopefully fixed by v0.9.
jperkin pushed a commit that referenced this issue Jun 15, 2021
httpuv 1.6.1
============

* The `timegm()` function is a non-standard GNU extension, so it has
  been replaced with an internal `timegm2()` function. (#300)

httpuv 1.6.0
============

* Remove BH dependency. httpuv now requires a compiler which supports
  C++11. (#297)

httpuv 1.5.5
============

* Fix SHA1 calculation, and thus WebSocket server handshakes, on
  big-endian systems. (#284)

* Fixed #195: Responses required `headers` to be a named list. Now it
  can also be `NULL`, an empty unnamed list, or it can be
  unset. (#289)

* Allow responses to omit `body` (or set it as `NULL`) to avoid
  sending a body or setting the `Content-Length` header. This is
  intended for use with HTTP 204/304 responses. (#288)

httpuv 1.5.4
============

* Fixed #275: Large HTTP request headers could get truncated if they
  spanned more than one TCP message. (#277)

* Fixed build for Solaris. (#271)

* Fixed a test that had incorrect logic. (#272)

httpuv 1.5.3.1
==============

* Updated libuv to version 1.37.0. (#266)

* Fixed #204: On UBSAN builds of R, there were warnings about
  unaligned memory access. (#246)

* Avoid creating a new Rook error stream object for each request. This
  should improve performance. (#245)

* Resolved #247: httpuv no longer returns a HTTP 400 code for static
  files when the "Content-Length" header is 0. This Content-Length
  header is inserted by some proxies even for messages without
  payloads. (#248)

* Resolved #253: Setting the FRAMEWORK environment variable would
  break compilation.  This change removes any dependency on that
  variable. (#254)

httpuv 1.5.2
============

* In the static file-serving code path, httpuv previously looked for a
  `Connection: upgrade` header; if it found this header, it would not
  try to serve a static file, and it would instead forward the HTTP
  request to the R code path. However, some proxies are configured to
  always set this header, even when the connection is not actually
  meant to be upgraded. Now, instead of looking for a `Connection:
  upgrade` header, httpuv looks for the presence of an `Upgrade`
  header (with any value), and should be more robust to
  incorrectly-configured proxies. (#215)

* Fixed handling of messages without payloads: (#219)

* Fixed #224: Static file serving on Windows did not work correctly if
  it was from a path that contained non-ASCII characters. (#227)

* Resolved #194, #233: Added a `quiet` option to `startServer`, which
  suppresses startup error messages that are normally printed to
  console (and can't be intercepted with `capture.output()`). (#234)

* Added a new function `randomPort()`, which returns a random
  available port for listening on. (#234)

* Added a new (unexported) function `logLevel()`, for controlling
  debugging information that will be printed to the
  console. Previously, httpuv occasionally printed messages like
  `ERROR: [uv_write] broken pipe` and `ERROR: [uv_write] bad file
  descriptor` by default. This happened when the server tried to write
  to a pipe that was already closed, but the situation was not
  harmful, and was already being handled correctly. Now these messages
  are printed only if the log level is set to `INFO` or
  `DEBUG`. (#223)

* If an application's `$call()` method is missing, it will now give a
  404 response instead of a 500 response. (#237)

* Disallowed backslash in static path, to prevent path traversal attacks. (#235)

* Static file serving on Windows could fail if multiple requests
  accessed the same file simultaneously. (#239)
jperkin pushed a commit that referenced this issue Jun 15, 2021
# forcats 0.5.1

* Re-license as MIT (#277).

* `fct_lump_n()` no longer uses a partial argument name (@malcolmbarrett, #276).

# forcats 0.5.0

* `as_factor()` gains a logical method that always returns a factor with
  levels "FALSE" and "TRUE" (#185).

* `fct_c()`, `fct_collapse()` and `fct_recode()` are now explicitly
  documented as using [dynamic dots](https://rlang.r-lib.org/reference/dyn-dots.html)
  (@labouz, #234).

* `fct_collapse()` now accepts a `other_level` argument, to allow a
   user-specified `Other` level (@gtm19, #194). It now correctly collapses
   factors when `other_level` is not `NULL` (#172), and makes `"Other"` the
   last level (#202) (@gtm19, #172 & #202)

* `fct_count()` no longer converts implicit NAs into explicit NAs (#151).

* `fct_inseq()` behaves more robustly when factor levels aren't all numbers
  (#221).

* `fct_lump()` has been split up into three new functions: `fct_lump_prop()`,
  `fct_lump_n()`, and `fct_lump_lowfreq()`. (@jonocarroll, #167, #142).
  All `fct_lump_()` functions check their inputs more carefully
  (@robinson_es, #169)

* `fct_reorder2()` gains a helper function `first2()`, that sorts `.y` by the
  first value of `.x` (@jtr13).
jperkin pushed a commit that referenced this issue Jun 15, 2021
# pillar 1.6.1

- Bump required versions of ellipsis and vctrs to avoid warning during package load.
- `obj_sum()` no longer includes shape twice (#315).


# pillar 1.6.0

## Features

- New `num()` and `char()` offer a flexible way to customize the display of numeric and character columns (#191, #84).
- New `"pillar.max_dec_width"` option (#308).
- New `format_type_sum.AsIs()` avoids the need to implement your own `format_type_sum()` method (#286).
- `align()` gains `space` argument to control the character used for filling (#285).
- Numbers in scientific and decimal notation are formatted with the same rules regarding significant or decimal digits (#297).

## Bug fixes

- Load the debugme package only if the `DEBUGME` environment variable is set.
- More accurate detection if the decimal dot is necessary, and how many digits to show after the decimal dot (#298).
- Use display width instead of number of characters when truncating character columns.

## Documentation

- New `vignette("numbers")` and `vignette("digits")` (#308).

## Internal

- Compatibility with vctrs 0.3.7 (#291).
- `format.pillar_shaft_simple()` requires `"na"` attribute and no longer defaults to `pillar_na()` (#273).


# pillar 1.5.1

## Features

- New `format_glimpse()` (#177).

## Bug fixes

- Color and formatting can now be reliably turned off by setting the `"cli.num_colors"` option to 1 (#269).

## Documentation

- Add examples for new functions (#264).
- Fix lifecycle badges everywhere.


# pillar 1.5.0

## Breaking changes

- `obj_sum()` now always returns a string. `pillar_shaft.list()` iterates over its elements and calls `obj_sum()` for each (#137).

- Breaking: `print.pillar()` and `print.pillar_ornament()` now show  `<pillar>` `<pillar_ornament>` in the first line (#227, #228).

- pillar has been re-licensed as MIT (#215).

## Extensibility

- New `size_sum()` generic (#239).

- New `ctl_new_pillar()` and `ctl_new_compound_pillar()` used via `print.tbl()`, `format.tbl()` and `tbl_format_setup.tbl()` (#230).

- New `new_pillar()` low-level constructor (#230).

- New `new_pillar_component()` and `pillar_component()` (#230).

- New articles `vignette("extending")` and `vignette("printing")` (#251).

## Formatting

- All printing code has been moved from tibble to pillar (#179), including `glimpse()` (#234). This concentrates the printing code in one package and allows for better extensibility.

- Improve formatting for `"Surv"` and `"Surv2"` classes from the survival package (#199).

- Vectors of the `vctrs_unspecified()` class are formatted better (#256).

- Arrays are now formatted by showing only their first slice (#142).

- Avoid wrapping extra column names with spaces (#254).

## Internal

- Now using debugme to simplify understand the complex control flow, see `vignette("debugme")` (#248).

- New `format.pillar_ornament()` (#228).

- Using testthat 3e (#218).

- Avoid pillar.bold option in most tests (#216).

- Change internal storage format for `colonnade()` and `extra_cols()` (#204).


# pillar 1.4.7

- Adapt to changed environment on CRAN's Solaris machine.


# pillar 1.4.6

- Restore compatibility with R 3.2.


# pillar 1.4.5

## Features

- New `pillar.min_chars` option allows controlling the minimum number of characters shown for a character column (#178, @statsmaths).

- `bit64::integer64()` columns are now formatted the same way as numeric columns (#175).

- New `align()` to support easy alignment of strings within a character vector (existing function exported by @davidchall, #185).

## Technical

- `pillar_shaft()`, `format_type_sum()` and `extra_cols()` issue a warning if dots are unused.

- `new_pillar_title()` and `new_pillar_type()` warn if `...` is not empty.

## Internal

- Use lifecycle package.

- Remove compatibility code for R < 3.3.


# pillar 1.4.4

- `obj_sum()` uses `vctrs::vec_size()` internally.

- `is_vector_s3.default()` is soft-deprecated and no longer used. Please ensure that `vctrs::vec_is()` is `TRUE` for your class.

- Rely on vctrs for type abbreviations.


# pillar 1.4.3

- `new_pillar_shaft_simple()` gains `na` argument to control appearance of `NA` values.

- String columns are quoted if at least one value needs quotes (#171).

- Apply subtle style to `list_of` columns (#172).

- Fix formatting if mantissa is very close to 1 (#174).

- Use `as.character()` instead of `as_character()`.

- Remove compatibility with testthat < 2.0.0.
jperkin pushed a commit that referenced this issue Aug 23, 2021
# rio 0.5.27
* Documentation fixes for CRAN.

# rio 0.5.26
* Added support for "zsav" format. (#273)

# rio 0.5.25
* Modified tests per email request from CRAN.
* Added `coerce_character` argument (default FALSE) to `factorize()`
  to enable coercing character columns to factor. (#278)

# rio 0.5.24
* Fix handling of "label" and "labels" attributes when exporting using
  haven methods (SPSS, Stata, SAS). (#268, h/t Ruben Arslan)
* Fix (a different bug?) handling factors by haven::labelled() (#271,
  Alex Bokov)
* HTML import can now handle multiple tbody elements within a single
  table, a th element in a non-header row, and empty elements in
  either the header or data. (#260, #263, #264 Bill Denney)

# rio 0.5.23
* CSVY support is now provided by `data.table::fread()` and
  `data.table::fwrite()`, providing significant performance gains.
* Added an internal `arg_reconcile()` function to streamline the task
  of removing/renaming arguments for compatibility with various
  functions (#245, Alex Bokov)

# rio 0.5.22
* Added an `export_list()` function to write a list of data frames to
  multiple files using a vector of file names or a file
  pattern. (#207, h/t Bill Denney)
* Added an `is_file_text()` function to determine whether a file is in
  a plain-text format. Optionally narrower subsets of characters can
  be specified, e.g. ASCII. (#236 Alex Bokov)

# rio 0.5.21
* Added support for Apache Arrow (Parquet) files. (#214)
* Fix dropping of variable label in `characterize()` and
  `factorize()`. (#204, h/t David Armstrong)
* `import_list()` now returns a `filename` attribute for each data
  frame in the list (when importing from multiple files), in order to
  distinguish files with the same base name but different extensions
  (e.g., `import_list(c("foo.csv", "foo.tsv"))`). (#208, h/t Vimal
  Rawat)
* Import of DBF files now does not convert strings to factors. (#202,
  h/t @jllipatz)
* Implemented `import()` method for .dump R files. (#240)

# rio 0.5.20
* Additional pointers were added to indicate how to load .doc, .docx,
  and .pdf files (#210, h/t Bill Denney)
* Ensure that tests only run if the corresponding package is
  installed.  (h/t Bill Denney)
* Escape ampersands for html and xml export (#234 Alex Bokov)

# rio 0.5.19
* Fix behavior of `export()` to plain text files when `append = TRUE`
  (#201, h/t Juli�$BC!�(Bn Urbano)
* `import_list()` now preserve names of Excel sheets, etc. when the
  'which' argument is specified. (#162, h/t Danny Parsons)
* Modify message and errors when working with unrecognized file
  formats. (#195, h/t Trevor Davis)
* Add support for GraphPad Prism .pzfx files (#205, h/t Bill Denney)

# rio 0.5.18
* Adjust `import()`/`export()` for JSON file formats to allow non-data
  frame objects. Behavior modeled after RDS format. (#199 h/t Nathan
  Day)

# rio 0.5.17
* Fix `the condition has length > 1 and only the first element will be
  used` warning in `gather_attributes()`. (#196, h/t Ruben Arslan)
jperkin pushed a commit that referenced this issue Jan 18, 2022
Changes since 0.2.0:

## What's added?
- feat: Add additional info in view cmd #209 @ankitpokhrel
- feat: Show linked issues when viewing #219 @ankitpokhrel
- feat: Show latest comment when viewing #220 @ankitpokhrel
- feat: Add an option to load N comments when viewing issue #226 @ankitpokhrel

## What's fixed?
- fix: Allow config generations even when no boards #216 @sushilkg
- fix: Off by one error in wiki parser #224 @ankitpokhrel
- fix: Language support for Jira cloud #234 @ankitpokhrel
- fix(docs): Optional COMMENT_BODY #236 @realtime-neil
- fix: Respect BROWSER env #253 @ankitpokhrel

## Other notable changes
- cfg: A new field handle is added in issue.types section as part of #234
- build: Reproducible builds #244 #245 @realtime-neil
- build: Initialize version using runtime build info #249 @ankitpokhrel

Full Changelog: ankitpokhrel/jira-cli@v0.2.0...v0.3.0

To all direct/indirect contributors and backers, Thank you
jperkin pushed a commit that referenced this issue May 1, 2022
# cpp11 0.4.2

* Romain François is now the maintainer.

# cpp11 0.4.1

* Fix crash related to unwind protect optimization (#244)

# cpp11 0.4.0

## New Features

* New  opt-in  message  formatting  with the  {fmt}  C++  library  for
  `cpp11::messages()` `cpp11::stop()` and `cpp11::warning()`.  Set the
  `CPP11_USE_FMT`    macro   to    use    this    feature   in    your
  package. (@sbearrows, #169, #208)

* New `as_double()` and `as_integer()` methods to coerce integers to
  doubles and doubles to integers to doubles (@sbearrows, #46)

* `cpp11::matrix` iterators can now be used either row-wise or
  column-wise (the default) depending on the user's choice (@alyst,
  #229)

## Improvements and fixes

* Read-only matrix accessors are now marked const (#234)

* `writable::r_vector` default constructors now return a 0 length
  vector when converted to `SEXP` (#166)

* Read-only `r_vector` constructors now disallow implicit construction
  with named arguments (#237)

* Read-only `r_vector.attr()` methods now return const objects, so it
  is a compile time error to try to assign to them (#237)

* Fixed `+` and `+=` operators of `r_vector::[const_]iterator` to
  conform the *iterators* concept: `+=` updates the iterator, and `+`
  returns the updated copy, while keeping the original unchanged
  (@alyst, #231)

* Remove undefined behavior when constructing global `cpp11::sexp`s (#224)

* Removed redundant `.Call calls` in cpp11.cpp file (@sbearrows, #170)

* Error messages now output original file name rather than the
  temporary file name (@sbearrows, #194)

* `cpp_register()` now includes `attribute_visible` in the init
  function, so packages compiled with `C_VISIBILITY` will find the
  init function.

* Fixed bug when running `cpp_source()` on the same file more than
  once (@sbearrows, #202)

* Allow cpp11 decorators of the form `cpp11::linking_to` (@sbearrows,
  #193)

* Removed internal instances of `cpp11::stop()` and replaced with C++
  exceptions (@sbearrows, #203)

* Names of named lists are now resized along with the list elements
  (@sbearrows, #206)
gco pushed a commit to gco/pkgsrc that referenced this issue Sep 11, 2022
3.2.7 (2022-04-04)

Merged Pull Requests

* Loosen platform regex to allow 64 or 32 bit mingw TritonDataCenter#234 (clintoncwolfe)
* Hard Coding the gems in the gemfile to overcome a Ruby 3.1 bug TritonDataCenter#235
  (johnmccrae)

3.2.6 (2022-03-31)

Merged Pull Requests

* Loosen platform regex to allow 64 or 32 bit mingw TritonDataCenter#234 (clintoncwolfe)
jperkin pushed a commit that referenced this issue Sep 17, 2022
Patches privately shared by <pin> and RVP, thanks!

Changes:
608
---
* Add the --header option (github #43).
* Add the --no-number-headers option (github #178).
* Add the --status-line option.
* Add the --redraw-on-quit option (github #36).
* Add the --search-options option (github #213).
* Add the --exit-follow-on-close option (github #244).
* Add 'H' color type to set color of header lines.
* Add #version conditional to lesskey.
* Add += syntax to variable section in lesskey files.
* Allow option name in -- command to end with '=' in addition to '\n'.
* Add $HOME/.config to possible locations of lesskey file (github #153).
* Add $XDG_STATE_HOME and $HOME/.local/state to possible locations
  of history file (github #223).
* Don't read or write history file in secure mode (github #201).
* Fix display of multibyte and double-width chars in prompt.
* Fix ESC-BACKSPACE command when BACKSPACE key does not send 0x08
  (github #188).
* Add more \k codes to lesskey format.
* Fix bug when empty file is modified while viewing it.
* Fix bug when parsing a malformed lesskey file (githb #234).
* Fix bug scrolling history when --incsearch is set (github #214).
* Fix buffer overflow when invoking lessecho with more than 63 -m/-n
  options (github #198).
* Fix buffer overflow in bin_file (github #271).
* Fix bug restoring color at end of highlighted text.
* Fix bug in parsing lesskey file.
* Defer moving cursor to lower left in some more cases.
* Suppress TAB filename expansion in some cases where it doesn't make sense.
* Fix termlib detection when compiler doesn't accept
  calls to undeclared functions.
* Fix bug in input of non-ASCII characters on Windows (github #247)
* Escape filenames when invoking LESSCLOSE.
* Fix bug using multibyte UTF-8 char in search string
  with --incsearch (github #273).

590
---
* Make less able to read lesskey source files (deprecating lesskey).
* If XDG_CONFIG_HOME is set, find lesskey source file
  in $XDG_CONFIG_HOME/lesskey rather than $HOME/.lesskey.
* If XDG_DATA_HOME is set, find and store history file
  in $XDG_DATA_HOME/lesshst rather than $HOME/.lesshst.
* Add the --lesskey-src option.
* Add the --file-size option.
* With -F, if screen is resized to make file fit on one screen, don't exit.
* Fix bug which could leave terminal in mouse-reporting mode
  after exiting less.
* Fix bug which caused failure to respond to window resize.
* Fix backslash bug searching in tag file.

581
---
* Change ESC-u command to toggle, not disable, highlighting per man page.
* Add ESC-U command.
* Add ctrl-W search modifier for wrapping search.
* F command can be interrupted by ^X.
* Support OSC 8 hyperlinks when -R is in effect.
* g command with no number will ignore -j and put first line at top of screen.
* Multiple + or -p command line options are handled better.
* Add the --incsearch option.
* Add the --line-num-width option.
* Add the --status-col-width option.
* Add the --use-color and --color options.
* Display -w highlight even if highlighted line is empty.
* If search result is in a long line, scroll to ensure it is visible.
* Editing the same file under different names now creates only
  one entry in the file list.
* Make visual bell more visible on some terminals.
* Ring end-of-file bell no more than once per second.
* Build can use either Python or Perl for Makefile.aut operations.
* Fix crash when using the @ search modifier.
* Fix crash in the 's' command due to duplicate free.
* Fix realpath crash on Darwin.
jperkin pushed a commit that referenced this issue Dec 18, 2022
# tidyselect 1.2.0

## New features

* New `tidyselect_data_proxy()` and `tidyselect_data_has_predicates()`
  allows tidyselect to work with custom input types (#242).

* New `eval_relocate()` for moving a selection. This powers `dplyr::relocate()`
  (#232).

## Lifecycle changes

* Using `all_of()` outside of a tidyselect context is now deprecated (#269).
  In the future it will error to be consistent with `any_of()`.

* Use of `.data` in tidyselect expressions is now deprecated to more cleanly
  separate tidy-select from data-masking. Replace `.data$x` with `"x"` and
  `.data[[var]]` with `any_of(var)` or `all_of(var)` (#169).

* Use of bare predicates (not wrapped in `where()`) and indirection (without
  using `all_of()`) have been formally deprecated (#317).

## Minor improvements and bug fixes

* Selection language:

  * `any_of()` generates a more informative error if you supply too many
    arguments (#241).

  * `all_of()` (like `any_of()`) returns an integer vector to make it easier
    to combine in functions (#270, #294). It also fails when it can't find
    variables even when `strict = FALSE`.

  * `matches()` recognises and correctly uses stringr pattern objects
    (`stringr::regex()`, `stringr::fixed()`, etc) (#238). It also now
    works with named vectors (#250).

  * `num_range()` gains a `suffix` argument (#229).

  * `where()` is now exported, like all other select helpers (#201),
    and gives more informative errors (#236).

* `eval_select()` with `include` now preserves the order of the variables
  if they're present in the selection (#224).

* `eval_select()` always returns a named vector, even when renaming is not
  permitted (#220).

* `eval_select()` and `eval_relocate()` gain new `allow_empty` argument which
  makes it possible to forbid empty selections with `allow_empty = FALSE` (#252).

* `eval_select(allow_rename = FALSE)` no longer fails with empty
  selections (#221, @eutwt) or with predicate functions (#225). It now properly
  fails with partial renaming (#305).

* `peek_var()` error now generates hyperlink to docs with recent RStudio (#289).

* `vars_pull()` generates more informative error messages (#234, #258, #318)
  and gains `error_call` and `error_arg` arguments.

* Errors produced by tidyselect should now be more informative. Evaluation
  errors are now chained, with the child error call is set to the `error_call`
  argument of `eval_select()` and `eval_rename()`. We've also improved
  backtraces of base errors, and done better at propagating the root
  `error_call` to vctrs input checkers.

* `tidyselect_verbosity` is no longer used; deprecation messaging is now
  controlled by `lifecycle_verbosity` like all other packages (#317).
jperkin pushed a commit that referenced this issue Feb 7, 2023
pkgsrc change: remove pkglint warning.

0.29.0.gfm.1 (2021-09-14)

* Fixed denial of service bug in GFM's table extension per
  GHSA-7gc6-9qr5-hc85

0.29.0.gfm.2 (2021-09-16)

* Fixed issues with footnote rendering when used with the autolinker (#121),
  and when footnotes are adjacent (#139).

* We now allow footnotes to be referenced from inside a footnote definition,
  we use the footnote label for the fnref href text when rendering html, and
  we insert multiple backrefs when a footnote has been referenced multiple
  times (#229, #230)

* We added new data- attributes to footnote html rendering to make them
  easier to style (#234)

0.29.0.gfm.3 (2022-03-03)

* Fixed heap memory corruption vulnerabiliy via integer overflow per
  GHSA-mc3g-88wq-6f4x

0.29.0.gfm.4 (2022-05-31)

* Remove source from list of HTML block elements per
  commonmark/commonmark-spec#710

0.29.0.gfm.5 (2022-08-25)

* Added xmpp: and mailto: support to the autolink extension

0.29.0.gfm.6 (2022-09-15)

* Fixed polynomial time complexity DoS vulnerability in autolink extension
  per GHSA-cgh3-p57x-9q7q

0.29.0.gfm.7 (2023-01-23)

* Fixed CVE-2023-22486, a polynomial time complexity issue in cmark-gfm
  which may lead to unbounded resource exhaustion and subsequent denial of
  service.

* Fixed CVE-2023-22485, in which a crafted markdown document could trigger
  an out-of-bounds read in the validate_protocol function.

* Fixed CVE-2023-22484, a polynomial time complexity issue in cmark-gfm
  which may lead to unbounded resource exhaustion and subsequent denial of
  service.

* Fixed CVE-2023-22483, several polynomial time complexity issues in
  cmark-gfm which may lead to unbounded resource exhaustion and subsequent
  denial of service.

* We removed an unneeded .DS_Store file (#291)

* We added a test for domains with underscores and fix roundtrip behavior
  (#292)

* We now use an up-to-date clang-format (#294)

* We made a variety of implicit integer truncations explicit by moving to
  size_t as our standard size integer type (#302)

* We introduced a new flag mechanism that is used in cmark node state
  management, which requires clients call the cmark_init_standard_node_flags
  function at program startup (420c20a)

The security issues were reported and resolved by @kevinbackhouse and
@philipturnbull of the GitHub Security Lab

0.29.0.gfm.8 (2023-01-25)

* We restored backwards compatibility by deprecating the
  cmark_init_standard_node_flags() requirement, which is now a noop (#305)

* We added a quadratic complexity fuzzing target (#304)

0.29.0.gfm.9 Latest (2023-01-31)

Code was tidied:

* Use of a private header was cleaned up #248
* Man page was update #255
* Warnings for -Wstrict-prototypes were cleaned up #285
* We avoid header duplication #289

New functionality:

* We now store positioning info for url_match #201
* We now expose cmark_parent_footnote_def for non-C renderers #254
* Footnote aria-label text now reference the specific footnote backref, and
  we include a data-footnote-backref-idx attribute so the label can be
  internationalized in a downstream filter #307
jperkin pushed a commit that referenced this issue Feb 21, 2023
pkgsrc change: avoid use empty in options.mk.

What's new in Sudo 1.9.13 (2023-02-14)

 * Fixed a bug running relative commands via sudo when "log_subcmds"
   is enabled.  GitHub issue #194.
 * Fixed a signal handling bug when running sudo commands in a shell
   script.  Signals were not being forwarded to the command when
   the sudo process was not run in its own process group.
 * Fixed a bug in cvtsudoers' LDIF parsing when the file ends without
   a newline and a backslash is the last character of the file.
 * Fixed a potential use-after-free bug with cvtsudoers filtering.
   GitHub issue #198.
 * Added a reminder to the default lecture that the password will
   not echo. This line is only displayed when the pwfeedback option
   is disabled. GitHub issue #195.
 * Fixed potential memory leaks in error paths.  GitHub issues #199,
   #202.
 * Fixed potential NULL dereferences on memory allocation failure.
   GitHub issues #204, #211.
 * Sudo now uses C23-style attributes in function prototypes instead
   of gcc-style attributes if supported.
 * Added a new "list" pseudo-command in sudoers to allow a user to
   list another user's privileges.  Previously, only root or a user
   with the ability to run any command as either root or the target
   user on the current host could use the -U option.  This also
   includes a fix to the log entry when a user lacks permission to
   run "sudo -U otheruser -l command".  Previously, the logs would
   indicate that the user tried to run the actual command, now the
   log entry includes the list operation.
 * JSON logging now escapes control characters if they happen to
   appear in the command or environment.
 * New Albanian translation from translationproject.org.
 * Regular expressions in sudoers or logsrvd.conf may no longer
   contain consecutive repetition operators.  This is implementation-
   specific behavior according to POSIX, but some implementations
   will allocate excessive amounts of memory.  This mainly affects
   the fuzzers.
 * Sudo now builds AIX-style shared libraries and dynamic shared
   objects by default instead of svr4-style. This means that the
   default sudo plugins are now .a (archive) files that contain a
   .so shared object file instead of bare .so files.  This was done
   to improve compatibility with the AIX Freeware ecosystem,
   specifically, the AIX Freeware build of OpenSSL.  Sudo will still
   load svr4-style .so plugins and if a .so file is requested,
   either via sudo.conf or the sudoers file, and only the .a file
   is present, sudo will convert the path from plugin.so to
   plugin.a(plugin.so) when loading it.  This ensures compatibility
   with existing configurations.  To restore the old, pre-1.9.13
   behavior, run configure using the --with-aix-soname=svr4 option.
 * Sudo no longer checks the ownership and mode of the plugins that
   it loads.  Plugins are configured via either the sudo.conf or
   sudoers file which are trusted configuration files.  These checks
   suffered from time-of-check vs. time-of-use race conditions and
   complicate loading plugins that are not simple paths.  Ownership
   and mode checks are still performed when loading the sudo.conf
   and sudoers files, which do not suffer from race conditions.
   The sudo.conf "developer_mode" setting is no longer used.
 * Control characters in sudo log messages and "sudoreplay -l"
   output are now escaped in octal format.  Space characters in the
   command path are also escaped.  Command line arguments that
   contain spaces are surrounded by single quotes and any literal
   single quote or backslash characters are escaped with a backslash.
   This makes it possible to distinguish multiple command line
   arguments from a single argument that contains spaces.
 * Improved support for DragonFly BSD which uses a different struct
   procinfo than either FreeBSD or 4.4BSD.
 * Fixed a compilation error on Linux arm systems running older
   kernels that may not define EM_ARM in linux/elf-em.h.
   GitHub issue #232.
 * Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined.
   Sudo will now link using -Wl,--no-undefined by default if possible.
   GitHub issue #234.
 * Fixed a bug executing a command with a very long argument vector
   when "log_subcmds" or "intercept" is enabled on a system where
   "intercept_type" is set to "trace".  GitHub issue #194.
 * When sudo is configured to run a command in a pseudo-terminal
   but the standard input is not connected to a terminal, the command
   will now be run as a background process.  This works around a
   problem running sudo commands in the background from a shell
   script where changing the terminal to raw mode could interfere
   with the interactive shell that ran the script.
   GitHub issue #237.
 * A missing include file in sudoers is no longer a fatal error
   unless the error_recovery plugin argument has been set to false.

What's new in Sudo 1.9.13p1 (2023-02-17)

 * Fixed a typo in the configure script that resulted in a line
   like "]: command not found" in the output.  GitHub issue #238.
 * Corrected the order of the C23 [[noreturn]] attribute in function
   prototypes.  This fixes a build error with GCC 13.  GitHub issue
   #239.
 * The "check" make target misbehaved when there was more than
   one version of the UTF-8 C locale in the output of "locale -a".
   GitHub issue #241.
 * Removed a dependency on the AC_SYS_YEAR2038 macro in configure.ac.
   This was added in autoconf 2.72 but sudo's configure.ac only
   required autoconf 2.70.
 * Relaxed the autoconf version requirement to version 2.69.
jperkin pushed a commit that referenced this issue Mar 12, 2023
# rgl 1.0.1

## Major changes

* The long promised deprecations of the `rgl.*` functions
have happened.  Now deprecated: `rgl.abclines`,
`rgl.bbox`, `rgl.bg`, `rgl.clear`, `rgl.clipplanes`,
`rgl.close`, `rgl.light`, `rgl.lines`,
`rgl.linestrips`, `rgl.material`,  `rgl.open`,
`rgl.planes`, `rgl.points`, `rgl.quads`,
`rgl.select3d`, `rgl.set`, `rgl.setAxisCallback`,
`rgl.sprites`, `rgl.surface`, `rgl.texts`,
`rgl.triangles`, and `rgl.viewpoint`.
* A vignette "Deprecating the `rgl.*` interface"
has been added.
* Also deprecated: `elementId2Prefix`, `writeWebGL`

## Minor changes

* Since `rgl.material` is deprecated and no
longer contains the list of material types in its
argument list, `rgl.material.names` and `rgl.material.readonly` have been
added.
* Similarly, `rgl.par3d.names` and `rgl.par3d.readonly`
contain lists of properties that may be set or queried
in `par3d()`.
* The flexibility improvements for `surface3d()` in
0.111.6 were incomplete.
* Argument `flip` has been added to `surface3d()` to allow
front and back to be switched.

# rgl 0.111.6

## Minor changes

* Added a panning example to the help page for `setUserCallbacks()`.
* Replaced all calls to `sprintf` from C/C++ code with calls to
`snprintf`.
* `surface3d` and `rgl.surface` are now more flexible,
allowing any of the 3 coordinates to be a vector or matrix
as long as at least one is a matrix.
* `material3d` can now specify an `id` to query properties
for individual objects.
* Since `rgl.material` is soon to be deprecated and no
longer contain the list of material types in its
argument list, `rgl.material.names` and `rgl.material.readonly` have been
added.
* Similarly, `rgl.par3d.names` and `rgl.par3d.readonly`
contain lists of properties that may be set or queried
in `par3d()`.
* Made some examples conditional on interactive use
to save time on CRAN.

## Bug fixes

* Default mouse modes used when a window is opened by an `rgl.*`
call (which is not recommended!) now match
the defaults in `rgl::r3dDefaults`.
* Missing values could cause `surface3d()` to segfault.
* The C source code for `gl2psGetFileFormat` missed declaring
a prototype.

# rgl 0.110.2

## Major changes

* Material property `"blend"` has been added, to allow
various kinds of blending for semi-transparent objects
(issue #245).

## Minor changes

* The `Buffer` object now handles reading of sparse
accessors.
* Low level drawing of primitives has been made more
memory efficient.  This is only likely to make a
noticeable change with very large objects, where R
was running out of memory because of unnecessary
duplication. (Related to issue #260.)
* Recycling of x, y and z vectors in several functions
is more consistent.
* The `polygon3d()` function now chooses coordinates
automatically, as `triangulate()` does (PR #262.)
* The `mtext3d()` and related functions such as
`title3d()` now accept language objects
other than expressions, as `plotmath3d()` always has
(issue #273).

## Bug fixes

* The bounding box could be calculated incorrectly
if data all had large values (issue #250).
* Shiny displays failed to load the shaders (issue #249).
* `transform3d()` failed due to missing argument (issue #253).
* `readOBJ()` is now more flexible in what kinds of
separators it will accept. (issue #258).
* Failure to initialize could cause a segfault.
* On non-macOS platforms, gray-scale textures failed
to display, with a message about an invalid enumerant.
* The third coordinate for `adj` that was added in 0.108.3
was not rendered properly in `rglwidget()` displays of
text.  This sometimes caused text to disappear when it
was near the far limit of the display (issue #269).
* The X11 error fix in 0.109.6 could result in R
freezing in `Rcmdr`.
* Low level drawing functions are now more consistent
about returning an invisible `NULL` if asked to plot zero
items, rather than raising an error or crashing (issue #274).
* Calling `axis3d()` with no ticks or labels no longer triggers
an error, it now silently returns `NULL`.

# rgl  0.109.6

## Minor changes

* `rglwidget()` displays now act on "pointer" events,
not just "mouse" events, so they should be more usable
on touch screens and tablets (PR #240).

## Bug fixes

* Plotting `scene3d()` objects didn't handle suppressed
axes properly, drawing the default axis instead (issue
#241).
* On some systems using X11, `rgl` would segfault when
the "fixed" font was not found.
* X11 errors could cause R to abort.

# rgl  0.109.2

## Major changes

* Changes to support glTF animation:
  - Handling of `embedding = "modify"` for the model matrix
    has changed.  Now the centering step is only done for
    `embedding = "replace"`.  In addition, various bugs
    have been fixed.
  - If a subscene has no lights defined, the lights from the parent
    are used.
  - `plot.rglscene()` now ends with the root subscene as
    current.  It also allows specification of `open3d()`
    parameters in a list.
  - The `MATn` types in `Buffer` are returned as arrays with
    dim `c(n, n, count)`.
  - The `plot3d.rglscene` method now passes `...` to `open3d()`.
  - The `setUserShaders()` function now allows arrays of 4x4 matrices as "uniforms", and allows additional textures to be specified.
* `sprites3d()` now has the option of
`rotating = TRUE`, to allow 3D sprites to rotate with
the scene.
* Added `getShaders()` function to get shaders used in WebGL.
* Now detects if `rgl` is running within `reprex::reprex()`
and if so arranges that a screenshot will be included in the
output.
* Added default shaders to be used in `rglwidget()`, rather than
constructing them on the fly.  This incompatibly affects the use
of lights and clipping planes with user shaders:  their data
is now stored in arrays rather than multiple numbered variables.

## Minor changes

* Now that `pkgdown` 2.0.0 has been released, a number
of internal workarounds to support the development version
have been removed.
* Added `as.mesh3d()` methods for `"rglsubscene"` and `"rglscene"`.
* `open3d()` now handles `useNULL` and `silent` arguments
passed in `params`.
* Controls passed to `playwidget()` may now include a
component specifying HTML dependencies.
* Added `rglwidgetClass.readAccessor()` method to let other
code use the buffering.
* Changed the internal organization of bounding box calculations.
* All functions that produce meshes now accept
material properties.  Newly modified to do so using the `...`
argument:  `cylinder3d()`, and `getBoundary3d()`.
* Updated the system requirements and installation instructions.
* Solid bounding box decorations now try harder to display 3 faces (issue #206).
* Now that `webshot2` is on CRAN, instructions for
installing it from Github have been removed.
* Sometimes `webshot2` snapshots are very slow, so
the default for the `webshot` argument to `snapshot3d()`
now depends on the `RGL_USE_WEBSHOT` environment
variable, using `TRUE` if it is unset. (Reported by Prof. B. D. Ripley.)
* If the Chrome browser is not found, `snapshot3d(webshot = TRUE)` now issues a warning and
reverts to using `rgl.snapshot()`.
* Buffers now use "normalized integers" to store
color or texture coordinate values that lie between 0
and 1 when it saves some space.
* At the request of CRAN, the `akima` package is no
longer suggested.

## Bug fixes

* `as.mesh3d.rglobject()` didn't handle objects with indices
properly.
* In WebGL, the front vs back calculation sometimes
got the wrong result (issue #164).
* `pop3d(tag = x)` did not always find the objects with `tag == x` if they were not in the current subscene.
* The default values for `front` and `back` in `rgl.material`
and `material3d` are now `"filled"`, as documented in some
places.
* The `fog` setting wasn't handled properly by `bg3d()`.
* Numerous cases of partial argument matching were fixed
(suggestion of Henrik Bengtsson in issue #170.)
* Argument `col` is accepted as a synonym for `color` in `material3d()` and `rgl.material()`.
* `planes3d()` objects were not displayed consistently
in `rgl` windows and WebGL displays, because the bounding
boxes were not computed consistently (issue #169).
* Some initialization wasn't done properly in Shiny apps,
so they failed after a redraw (issue #173).
* Buffers are now optional, as they don't work with
Shiny scene changes (also issue #173).
* The NULL device would sometimes miscalculate the
bounding box.
* `selectpoints3d(closest = TRUE)` selected too many points
when multiple objects were in the scene.
* Clearing nested subscenes could cause a segfault and crash.
* In `knitr` and `rmarkdown`, blank plots could be shown
when `par3d(skipRedraw=TRUE)` was set (issue #188).
* Objects drawn with `sprites3d()` weren't lit correctly
in WebGL (issue #189).
* Objects with textures were sometimes drawn more than once, both
before the texture loaded and after.  This was most noticeable for
objects with user textures.
* Axis mode `"pretty"` got lost when scenes were redrawn.
* Tick labels were sometimes lost in WebGL displays and
`snapshot3d()` results (issue #197).
* The new material properties from 0.107.10 and 0.108.3
were not handled properly by `plotmath3d()`.
* `rglMouse()` did not set the default value of the drop-down
selector properly (issue #213).
* `merge.mesh3d()`, used by `filledContour3d()`, didn't handle
colors properly (issue #212).
* `bg3d(sphere = TRUE)` has been fixed (issue #207).
* Textures were not appearing on spheres, and front-back
differences weren't being rendered (issue #217).
* When "knitting" within RStudio under R 4.2.0 on
Windows, `rgl` scenes didn't appear (reported by
Dieter Menne.) A workaround has been added.
* In `rglwidget()`, axis labels were not always
displayed, and did not move with solid bounding box
decorations properly (issue #206).
* On some systems, `lines3d()` using both missing values
and transparency did not draw properly (issue #234,
originally reported by Gaspar Jekely).
* The `rglShared()` example failed when `crosstalk`
was uninstalled.


# rgl  0.108.3.2

## Bug fixes

* Changes introduced in 0.100.50 lacked checks; these caused
segfaults in Windows with R 4.2.0 and RStudio (issue #208).
* A typo caused problems loading fonts on some systems.

# rgl  0.108.3

## Major changes

* Added `getBoundary3d()` function to extract the boundary
edges of a mesh.
* Added material property `tag`, a string associated
with each object.  The value is reported by `ids3d(tags = TRUE)` and
may be used to select objects in most functions that use ids,
but otherwise is
largely ignored by `rgl`.  The `tagged3d()` function returns
information on tags.
* Primitive types (points, lines, segments, triangles, quads)
can now accept an `indices` parameter, similar to the
indices in `mesh3d` objects.
* Added `Buffer` object, based on glTF design, for holding binary
data for `rglwidget()`.

## Minor changes

* Allowed for a third coordinate in `text3d()`'s `adj`
parameter.
* Added support for `adj`, `pos` and `offset` to
`sprites3d()`.
* Added support for `pos` values of `0` (at specified
location), `5` (in front of it), and `6` (behind it) in
`text3d()`, `sprites3d()` and `plotmath3d()`.
* `crosstalk` is now a Suggested package, rather than
a required one.
* The `Makevars.ucrt` file has been modified with
contributions from Tomas Kalibera to work with his `winutf8`
build of R.
* `bgplot3d()` no longer pauses for each page when running
examples.
* `deldir` version 1.0-2 is incompatible with `rgl`.  Added
the `checkDeldir()` function to avoid running it.
* `shade3d()` treated texture coordinates like colors, and
  duplicated the first one for the whole face when `meshColor = "faces"` was chosen.
  Instead, they are now treated like vertex coordinates.
  (Reported by Michael Sumner in issue #145).
* Corrected the documentation and made the implementations
of `asHomogeneous()`, `asEuclidean()` etc. more consistent.
* An `as.rglscene()` generic has been added, though no methods
are defined in this package.
* `downlit` 0.4.0 has been released with support for `rgl`, so instructions
for installing the devel version have been removed.

## Bug fixes

* Fixed rendering of text as sprites3d() objects.
* Added `--static` flag to configure script for FreeType
  installation.  (Suggestion of Simon Urbanek and Prof. Brian Ripley.)
* `shade3d()`, `wire3d()` and `dots3d()` overrode
  `"front"` and `"back"` material settings in mesh objects.
* `rglwidget()` handling of bounding box decorations had
  several bugs.
* `rgl` could not find routines in the DLL on some Windows
installs (Issue 148.)
* Some cases where allocations were not protected have been fixed.
jperkin pushed a commit that referenced this issue Apr 28, 2023
Upstream's changelist:

[2.2] fix CVE-2022-45188 by @rdmark in #254
[2.2] papd: Fix incorrect type in printer status check by @smagoun in #320
[2.2] Improvements to the macusers script by @rdmark in #263
[2.2] man pages: create an a2boot man page by @rdmark in #235
[2.2] Improve systemd service dependencies, improving stability at
      boot on wifi only hosts by @rdmark in #233
[2.2] Update manual to match current behavior and correct typos by
      @rdmark in #230 #234 #257
[2.2] Remove release notes code since it's no longer used by @rdmark
      in #256
Create Github workflow that builds, tests, and runs static analysis by
@rdmark in #255 #290 #314
jperkin pushed a commit that referenced this issue Jun 11, 2023
# gargle 1.4.0

## Google Compute Engine

* `credentials_gce(scopes = NULL)` is now equivalent to
  `credentials_gce(scopes =
  "https://www.googleapis.com/auth/cloud-platform")`, i.e. there's an
  even stronger current towards the recommended "cloud-platform"
  scope.

* `credentials_gce(scopes =)` now includes those `scopes` in its
  request to the metadata server for an access token (#216). Note that
  the scopes for a GCE access token are generally pre-determined for
  the instance and its associated service account at creation/launch
  time and these requested `scopes` will have no effect. But this
  seems to do no harm and it is possible that there are contexts where
  this is useful.

* `credentials_gce()` now emits considerably more information when the
  `"gargle_verbosity"` option is set to `"debug"`. For example, it
  reports mismatches between requested scopes and instance scopes and
  between requested scopes and the access token's actual scopes.

* `credentials_gce()` stores the actual scopes of the received access
  token, which can differ from the requested scopes. This is also
  noted when the `"gargle_verbosity"` option is set to `"debug"`.

* The `GceToken` R6 class gains a better `$print()` method that is
  more similar to gargle's treatment of tokens obtained with other
  flows.

## Behaviour in a cloud/server context

* gargle is better able to detect when it's running on Posit Workbench
  or RStudio Server, e.g., in a subprocess.

* `gargle_oauth_client_type()` is a new function that returns either
"installed" or "web".  It returns the value of the new global option
by the same name (`"gargle_oauth_client_type"`), if defined.  If the
option is not defined, returns "web" on RStudio Server, Posit
Workbench, Posit Cloud, or Google Colaboratory and "installed"
otherwise.  In the context of out-of-band (OOB) auth, an "installed"
client type leads to the conventional OOB flow (only available for GCP
projects in testing mode) and a "web" client leads to the new
pseudo-OOB flow.  The option and accessor have been added to cover
contexts other than those mentioned above where it is helpful to
request a "web" client.

* `credentials_user_oauth2()` now works in Google Colaboratory (#140).

## Everything else

* gargle now elicits user input via `readline()`, instead of via
  `utils::menu()`, which is favorable for interacting with the user in
  a Jupyter notebook (#242).

* The roxygen templating functions that wrapper packages can use to
generate standardized documentation around auth have been updated to
reflect gargle's pivot from OAuth "app" to "client".  Changes of note:

  - `PREFIX_auth_configure_description()` crosslinks to `PREFIX_oauth_client()`
    now, not `PREFIX_oauth_app()`. So this assumes the package has indeed
    introduced the `PREFIX_oauth_client()` function (and, presumably, has
    deprecated `PREFIX_oauth_app()`).
  - `PREFIX_auth_configure_params()` gains `client` argument.
  - `PREFIX_auth_configure_params()` deprecates the `app` argument and uses a
    lifecycle badge. It is assumed that the badge SVG is present, which can be
    achieved with `usethis::use_lifecycle()`.
  - `PREFIX_auth_configure_params()` crosslinks to
    `gargle::gargle_oauth_client_from_json()`. The wrapper package therefore
    needs to state a minimum version for gargle, e.g. `gargle (>= 1.3.0)` (or
    higher).

* `credentials_byo_oauth2()` works now for (variations of) service
  account tokens, as intended, not just for user tokens (#250). It
  also emits more information about scopes when the
  `"gargle_verbosity"` option is set to `"debug"`.

# gargle 1.3.0

## (Partial) deprecation out-of-band (OOB) auth flow

On February 16, 2022, Google announced the gradual deprecation of the
out-of-band (OOB) OAuth flow.  OOB **still works** if the OAuth client
is associated with a GCP project that is in testing mode and this is
not going away.  But OOB is no longer supported for projects in
production mode.  To be more accurate, some production-mode projects
have gotten an extension to permit the use of OOB auth for a bit
longer, but that's just a temporary reprieve.

The typical user who will (eventually) be impacted is:

* Using R via RStudio Server, Posit Workbench, or Posit Cloud.
* Using tidyverse packages such as googledrive, googlesheets4, or bigrquery.
* Relying on the built-in OAuth client. Importantly, this client is associated
  with a GCP project that is in production mode.

The phased deprecation of OOB is nearly complete and we expect
conventional OOB to stop working with the built-in tidyverse OAuth
client on February 1, 2023, at the latest.

**In preparation for this, gargle has gained support for a new flow,
which we call pseudo-OOB (in contrast to conventional OOB)**.  The
pseudo-OOB flow is triggered when `use_oob = TRUE` (an existing
convention in gargle and gargle-using packages) and the configured
OAuth client is of "Web application" type.  The
gargle/googledrive/googlesheets4/bigrquery packages should now default
to a "Web application" client on RStudio Server, Posit Workbench and
Posit Cloud, leading the user through the pseudo-OOB flow.  Other than
needing to re-auth once, affected users should still find that things
"just work".

Read the `vignette("auth-from-web")` for more.

## gargle-specific notion of OAuth client

`gargle_oauth_client()` is a new constructor for an S3 class by the same name.
There are two motivations:

  - To adjust to Google's deprecation of conventional OOB and to support
    gargle's new pseudo-OOB flow, it is helpful for gargle to know whether an
    OAuth client ID is of type "Web application" or "Desktop app". That means we
    need a Google- and gargle-specific notion of an OAuth client, so we can
    introduce a `type` field.
  - A transition from httr to httr2 is on the horizon, so it makes sense to
    look more toward `httr2:oauth_client()` than to `httr::oauth_app()`.
    gargle's vocabulary is generally shifting towards "client" and away from
    "app".

`oauth_app_from_json()` has therefore been (soft) deprecated, in favor
of a new function `gargle_oauth_client_from_json()`, which is the
preferred way to instantiate an OAuth client, since the downloaded
JSON conveys the client type and redirect URI(s).  As a bridging
measure, `gargle_oauth_client` currently inherits from httr's
`oauth_app`, but this probably won't be true in the long-term.

`gargle_client(type =)` replaces `gargle_app()`.

## Google Compute Engine and Google Kubernetes Engine

`credentials_gce()` no longer asks the user about initiating an OAuth
cache, which is not relevant to that flow (#221).

`gce_instance_service_accounts()` is a newly exported utility that
exposes the service accounts available from the metadata server for
the current instance (#234).

The global option `"gargle.gce.timeout"` is newly documented in
`credentials_gce()`.  This controls the timeout, in seconds, for
requests to the metadata server.  The default value (or strategy) for
setting this should often suffice, but the option exists for those
with an empirical need to increase the timeout (#186, #195).

`vignette("non-interactive-auth")` has a new section "Workload
Identity on Google Kubernetes Engine (GKE)" that explains how gargle
supports the use of workload identity for applications running on
GKE. This is the recommended method of auth in R code running on GKE
that needs to access other Google Cloud services, such as the BigQuery
API (#197, #223, @MarkEdmondson1234).

## Credential function registry

It's gotten a bit easier to work with the credential registry.
The primary motivation is that, for example, on Google Compute Engine, you might
actually want to suppress auth with the default service account and auth as a
normal user instead.
This is especially likely to come up with gmailr / the Gmail API.

* The credential-fetcher `credentials_byo_oauth2()` has been moved to the very
  beginning of the default registry. The logic is that a user who has specified
  a non-`NULL` value of `token` must mean business and does not want automagic
  auth methods like ADC or GCE to be tried before using their `token`
  (#187, #225).

* The `...` in `cred_funs_all()` are now
  [dynamic dots](https://rlang.r-lib.org/reference/dyn-dots.html) (#224).

* Every registered credential function must have a unique name now.
  This is newly enforced by `cred_funs_add()` and `cred_funs_set()` (#224).

* `cred_funs_list_default()` is a new function that returns gargle's default
  list of credential functions (#226).

* `cred_funs_add(cred_fun = NULL)` is now available to remove a credential
  function from the registry (#224).

* `with_cred_funs()` and `local_cred_funs()` are new helpers for making narrowly
  scoped changes to the registry (#226).

* The `ls` argument of `cred_funs_set()` has been renamed to `funs` (#226).

* In general, credential registry functions now return the current registry,
  invisibly (#224).

# gargle 1.2.1

* Help files below `man/` have been re-generated, so that they give
  rise to valid HTML5. (This is the impetus for this release, to keep
  the package safely on CRAN.)

* We have switched to newer oauth2.googleapis.com-based OAuth2 URIs,
  moving away from the accounts.google.com and googleapis.com/oauth2
  equivalents.

* `credentials_gce()` no longer validates the requested scopes against
instance scopes.  In practice, it's easy for this check to be more of
a nuisance than a help (#161, #185 @craigcitro).

* `request_retry()` retries for an expanded set of HTTP codes: 408,
  429, 500, 502, 503. Previously, retries were limited to 429 (#169).

## Dependency changes

* The minimum versions of rlang and testthat have been bumped. The
  motivation is to exploit and adapt to the changes to the display of
  error messages.
jperkin pushed a commit that referenced this issue Jun 21, 2023
pkgsrc change: avoid use empty in options.mk.

What's new in Sudo 1.9.13 (2023-02-14)

 * Fixed a bug running relative commands via sudo when "log_subcmds"
   is enabled.  GitHub issue #194.
 * Fixed a signal handling bug when running sudo commands in a shell
   script.  Signals were not being forwarded to the command when
   the sudo process was not run in its own process group.
 * Fixed a bug in cvtsudoers' LDIF parsing when the file ends without
   a newline and a backslash is the last character of the file.
 * Fixed a potential use-after-free bug with cvtsudoers filtering.
   GitHub issue #198.
 * Added a reminder to the default lecture that the password will
   not echo. This line is only displayed when the pwfeedback option
   is disabled. GitHub issue #195.
 * Fixed potential memory leaks in error paths.  GitHub issues #199,
   #202.
 * Fixed potential NULL dereferences on memory allocation failure.
   GitHub issues #204, #211.
 * Sudo now uses C23-style attributes in function prototypes instead
   of gcc-style attributes if supported.
 * Added a new "list" pseudo-command in sudoers to allow a user to
   list another user's privileges.  Previously, only root or a user
   with the ability to run any command as either root or the target
   user on the current host could use the -U option.  This also
   includes a fix to the log entry when a user lacks permission to
   run "sudo -U otheruser -l command".  Previously, the logs would
   indicate that the user tried to run the actual command, now the
   log entry includes the list operation.
 * JSON logging now escapes control characters if they happen to
   appear in the command or environment.
 * New Albanian translation from translationproject.org.
 * Regular expressions in sudoers or logsrvd.conf may no longer
   contain consecutive repetition operators.  This is implementation-
   specific behavior according to POSIX, but some implementations
   will allocate excessive amounts of memory.  This mainly affects
   the fuzzers.
 * Sudo now builds AIX-style shared libraries and dynamic shared
   objects by default instead of svr4-style. This means that the
   default sudo plugins are now .a (archive) files that contain a
   .so shared object file instead of bare .so files.  This was done
   to improve compatibility with the AIX Freeware ecosystem,
   specifically, the AIX Freeware build of OpenSSL.  Sudo will still
   load svr4-style .so plugins and if a .so file is requested,
   either via sudo.conf or the sudoers file, and only the .a file
   is present, sudo will convert the path from plugin.so to
   plugin.a(plugin.so) when loading it.  This ensures compatibility
   with existing configurations.  To restore the old, pre-1.9.13
   behavior, run configure using the --with-aix-soname=svr4 option.
 * Sudo no longer checks the ownership and mode of the plugins that
   it loads.  Plugins are configured via either the sudo.conf or
   sudoers file which are trusted configuration files.  These checks
   suffered from time-of-check vs. time-of-use race conditions and
   complicate loading plugins that are not simple paths.  Ownership
   and mode checks are still performed when loading the sudo.conf
   and sudoers files, which do not suffer from race conditions.
   The sudo.conf "developer_mode" setting is no longer used.
 * Control characters in sudo log messages and "sudoreplay -l"
   output are now escaped in octal format.  Space characters in the
   command path are also escaped.  Command line arguments that
   contain spaces are surrounded by single quotes and any literal
   single quote or backslash characters are escaped with a backslash.
   This makes it possible to distinguish multiple command line
   arguments from a single argument that contains spaces.
 * Improved support for DragonFly BSD which uses a different struct
   procinfo than either FreeBSD or 4.4BSD.
 * Fixed a compilation error on Linux arm systems running older
   kernels that may not define EM_ARM in linux/elf-em.h.
   GitHub issue #232.
 * Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined.
   Sudo will now link using -Wl,--no-undefined by default if possible.
   GitHub issue #234.
 * Fixed a bug executing a command with a very long argument vector
   when "log_subcmds" or "intercept" is enabled on a system where
   "intercept_type" is set to "trace".  GitHub issue #194.
 * When sudo is configured to run a command in a pseudo-terminal
   but the standard input is not connected to a terminal, the command
   will now be run as a background process.  This works around a
   problem running sudo commands in the background from a shell
   script where changing the terminal to raw mode could interfere
   with the interactive shell that ran the script.
   GitHub issue #237.
 * A missing include file in sudoers is no longer a fatal error
   unless the error_recovery plugin argument has been set to false.

What's new in Sudo 1.9.13p1 (2023-02-17)

 * Fixed a typo in the configure script that resulted in a line
   like "]: command not found" in the output.  GitHub issue #238.
 * Corrected the order of the C23 [[noreturn]] attribute in function
   prototypes.  This fixes a build error with GCC 13.  GitHub issue
   #239.
 * The "check" make target misbehaved when there was more than
   one version of the UTF-8 C locale in the output of "locale -a".
   GitHub issue #241.
 * Removed a dependency on the AC_SYS_YEAR2038 macro in configure.ac.
   This was added in autoconf 2.72 but sudo's configure.ac only
   required autoconf 2.70.
 * Relaxed the autoconf version requirement to version 2.69.
jperkin pushed a commit that referenced this issue Jun 22, 2023
Link with libsocket where needed (#234) by @amigadave in #235
Remove libsoup from doc and CI by @janbrummer in #238
Fix coverity findings by @janbrummer in #241
Add a comment that docs option needs introspection by @janbrummer in #242
Set pac data after download only by @janbrummer in #244
Fix race condition in px_manager_get_proxies_sync by @janbrummer in #245
Update gobject dependency in pkgconfig file by @floppym in #239
Reread env variables in each get_config call by @janbrummer in #246
Bump version to 0.5.2 by @janbrummer in #247
jperkin pushed a commit that referenced this issue Sep 7, 2023
- updated astyle lib to version 3.4.6
- moved old yaml.lang to yaml-ansible.lang and added a new yaml
  definition (#235)
- omit size property in BBCode output if `--fragment` is set (#234)
- allowed font size unit with `--font-size` for HTML and ODT
  output (#145)
- GUI: updated JP translation (#144)
jperkin pushed a commit that referenced this issue Sep 10, 2023
Enhancements

    Update LSP spec to latest by @karthiknadig in #230
    Add --output-dir switch to code generator by @karthiknadig in #239

Dotnet

    Dotnet: Code generation for LSP methods by @karthiknadig in #222
    Generate request, notification and options classes by @karthiknadig in #224
    dotnet: Add test case generation by @karthiknadig in #226
    Add devcontainer support to repo by @timheuer in #234
    Add dotnet test and format check to GHA by @karthiknadig in #240
    Add response types and improve test suite by @karthiknadig in #243
    Generate dotnet project package. by @karthiknadig in #252
    Format Generated Code by @karthiknadig in #257
    Use record instead of class for LSP types. by @karthiknadig in #258
    Use ImmutableArray and ImmutableDictionary by @karthiknadig in #256

Bug Fixes

    Fix bug with structuring LSPObject type by @karthiknadig in #229
    dotnet: Fix issues with OrType serialization by @karthiknadig in #232
    Improve documentation tags in generated code by @karthiknadig in #250
    Fix warning with generated converter code by @karthiknadig in #251
    Fix for missing notebook selector hook by @karthiknadig in #260
jperkin pushed a commit that referenced this issue Oct 23, 2023
This is the biggest update ever, with 36 new features, 24 bug fixes,
and 3 performance improvements.

Thank you to every contributor for making Yazi better and better!
What's Changed

    feat: add Mintty (Git Bash) image preview support by @sxyazi in #103
    refactor: use Url instead of PathBuf by @sxyazi in #107
    fix: mime of javascript by @XYenon in #106
    perf: load large folders in chunks by @sxyazi in #117
    fix: set cursor block after closing input prompt from insert mode
         by @auvred in #109
    fix: doesn't redirect the stderr of the clipboard command to null
         by @sxyazi in #119
    feat: suspend process (Ctrl-Z) by @sxyazi in #120
    fix: notification of file changes in linked directories by @sxyazi in #121
    feat: file size sorting under the simplified file system by @sxyazi in #123
    fix: show_hidden not properly applied to hovered folder by @sxyazi in #124
    fix: recognize symlink directories as files by @sxyazi in #125
    fix: respect symlink paths without canonicalizing them by @sxyazi in #126
    feat: make Input streamable by @sxyazi in #127
    perf: doesn't wait for the process of killing by @sxyazi in #128
    feat: find by @sxyazi in #104
    feat: tab-specific sorting by @sxyazi in #131
    feat: new V, D, C keybinding for Input component by @sxyazi in #139
    fix: swap description for search commands by @knutwalker in #141
    fix: image position calculation by @sxyazi in #144
    feat: support for image preview within tmux by @sxyazi in #147
    feat: show keywords when in search mode by @sxyazi in #152
    feat: fallback to built-in highlighting if jq is not installed
          by @ndtoan96 in #151
    feat: make the glob expr case insensitive by default, and prepend \s to
          make it sensitive by @sxyazi in #156
    fix: check relative path on expand_path by @sxyazi in #165
    feat: support for FreeBSD permission type by @yggdr in #169
    feat: multiple openers for a single rule by @Linus789 in #154
    fix: leave upwards only if an IO error occurs in current by @sxyazi in #172
    docs: add archlinuxcn installation guide by @Integral-Tech in #176
    fix: image preview not working on Zellij by @Eric-Song-Nop in #181
    feat: make trash optional by @sxyazi in #178
    fix: inconsistent Shift key behavior on Unix and Windows
         by @ndtoan96 in #174
    feat: new force option added for the remove command, which does not show
          the confirmation dialog on trashing/deleting by @sxyazi in #173
    fix: typo of LICENSE file by @conradojordan in #201
    feat: add flake.nix by @XYenon in #205
    feat: include ignored files on search when hidden files are shown
          by @PhotonQuantum in #212
    feat: new orphan option for opener rules, to keep the process running even
          when Yazi exited by @sxyazi in #216
    feat: scroll half/full page with arrow percentage supported, and new
          Vi-like <C-u>, <C-d>, <C-b>, and <C-f> keybindings added by
          @TD-Sky in #213
    feat: highlight matching words on finding by @PhotonQuantum in #211
    feat: add BackTab support by @sxyazi in #209
    fix: set stdio to null when orphan is true by @sxyazi in #229
    feat: new force option for creating and renaming by @sxyazi in #208
    feat: loop through to find by @ndtoan96 in #234
    feat: backward/forward by @ndtoan96 in #230
    perf: reimplement optimized natural sorting algorithm, speed up ~6 times
          for case-insensitive sorting by @sxyazi in #237
    chore: changing the finding key to n/N to keep with Vim's conventions
           by @sxyazi in #238
    feat: added new options to the `find' command for smart-case/
          case-insensitive finds by @ndtoan96 in #240
    feat: add new --no-cwd-file option to quit command for flexible cwd-file
          setting by @XOR-op in #245
    fix: avoid adding non-regular paths to backstack by @ndtoan96 in #249
    fix: support RGBA16 images by @sxyazi in #250
    feat: support trash for NetBSD by @sxyazi in #251
    feat: support environment variable in cd path by @ndtoan96 in #241
    feat: new theme system by @sxyazi in #161
    fix: cannot cd if there is whitespace in path by @ndtoan96 in #255
    fix: add application/x-wine-extension-ini to text mime by @ndtoan96 in #259
    fix: collect and fix all hard coded themes and color
         by @Eric-Song-Nop in #221
    fix: some colors not readable in light mode by @sxyazi in #264
    feat: better file hover state by @sxyazi in #269
    refactor: split commands into separate files by @sxyazi in #272
    feat: cancel selected items automatically on entering, leaving, copying, or
          cutting by @sxyazi in #273
    feat: add a new Bar component, and make border styles customizable
          by @sxyazi in #278
    fix: adapt another $TERM value of foot-extra for foot by @sxyazi in #277
    refactor: simplify building conditions by @sxyazi in #280
    chore: add git rev to nix pkg version by @XYenon in #206
    feat: new Manager component for better style extensions by @sxyazi in #284
    feat: cross-system opener rule support by @sxyazi in #289
    fix: delegate the SIGINT signal of processes with orphan=true to their
    parent by @sxyazi in #290
    feat: line mode by @sxyazi in #291
    feat: shell completions & auto releasing by @TD-Sky in #282
jperkin pushed a commit that referenced this issue Dec 4, 2023
  Changes:
  - #234: Add MSYS2 MINGW64 terminal packages for Windows (pull request by Ari)
  - Made release-notes accessible from menu
  - Upgraded rusqlite to 0.30.0
  - Upgraded regex to 1.10.2
  - Upgraded serde to 1.0.193
  - Upgraded toml to 0.8.8
  - Upgraded clap to 4.4.8
  - Upgraded urlencoding to 2.1.3
  - Upgraded rcgen to 0.11.3
  - Upgraded unicode-width to 0.1.11
  - Upgraded time to 0.3.29
  - Upgraded base64 to 0.21.4
  - Upgraded url to 2.4.1
  - Upgraded backtrace to 0.3.69
  - Upgraded log to 0.4.19
  - Upgraded percent-encoding to 2.3.0
  - Upgraded idna to 0.4.0
  - Upgraded linkify to 0.10.0
  - Upgraded openssl to 0.10.55
  - Upgraded dirs to 5.0.1
  - Upgraded crossbeam-channel to 0.5.8
  - Upgraded mime to 0.3.17
  - Upgraded pem to 1.1.1
  - Upgraded bumpalo to 3.12.0

  Bugfixes:
  - Fixes #305 Added 'vendored' feature to native-tls
  - Fixes #210. Remove double dot in gopher content
jperkin pushed a commit that referenced this issue Dec 18, 2023
15.0.0 (2022-01-04)

Added
* [Ruby,JavaScript,Go] Add bigdecimal, biginteger parameter types (#42)
* [.NET] Implementation of Cucumber Expressions by porting the Java parser
  (#1743)
* [Python] Added Python Cucumber Expressions (#65)

Changed
* [Go] Parameters of type {float} are now parsed as float32 (previously it
  was float64). Use {double} if you need float64. (#42)

15.0.1 (2022-01-04)

Fixed
* Fixed release scripts

15.0.2 (2022-03-15)

Fixed
* Add missing name field in CommonJS package file (#87)

15.1.0 (2022-04-21)

Added
* [JavaScript] Add CucumberExpression.ast and expose the AST types.

15.1.1 (2022-04-21)

Fixed
* [JavaScript] Make CucumberExpression.ast public (it was accidentally
  private in 15.1.0)

15.2.0 (2022-05-24)

Added
* [JavaScript] Add ParameterInfo (#124)

Fixed
* [.NET] Fix casing in "word" parameter type constant

16.0.0 (2022-06-12)

Changed
* [JavaScript] The ParameterType constructor's regexps parameter has a new
  type: type Regexps = StringOrRegExp | readonly StringOrRegExp[]; type
  StringOrRegExp = string | RegExp.

16.0.1 (2022-11-06)

Fixed
* [JavaScript] The ParameterType constructor's transform, useForSnippets and
  preferForRegexpMatch should be optional. (#178)

16.1.0 - 2022-11-28

Added
* [Java] Enabled reproducible builds
* [JavaScript] Added ParameterType.builtin. This is to allow JSON
  serialization of only the non-builtin parameter types.

16.1.1 - 2022-12-08

Fixed
* [Java] Improve expression creation performance (#187, #189)

16.1.2 (2023-01-17)

Fixed
* [Java] Improve cucumber expression creation performance (#202)

17.0.0 (2023-10-06)

Changed
* [JavaScript] Added TypeScript source to the package (#211)
* [Ruby] Minimum supported ruby is now 2.5+ (#232)
* [Ruby] Large suite wide refactor for basic rubocop compliance (#233 #235)
* [Ruby] Expose ParameterType#transformer as a new public reader (#234)
* [Ruby] Remove ParameterType#prefer_for_regexp_match? and
  ParameterType#use_for_snippets? -> Use their standard reader equivalents
  instead (Remove the ?) (#234)

17.0.1 (2023-11-24)

Fixed
* [JavaScript] Fix import paths lacking file suffix (#243)
* [Ruby] Fixed up Layout rubocop autofixes
jperkin pushed a commit that referenced this issue Dec 18, 2023
    c4befd0 Merge pull request #223 from danielgtaylor/dependabot/go_modules/golang.org/x/net-0.17.0
    2db8c10 Merge pull request #225 from exoscale/cached-transport
    c0f180c Merge pull request #226 from danielgtaylor/dependabot/go_modules/golang.org/x/image-0.10.0
    b75a307 Merge pull request #227 from cbliard/patch-1
    a92c7db Merge pull request #229 from danielgtaylor/redirect-url
    21a9017 Merge pull request #233 from danielgtaylor/hide-secrets-input
    d16bdd7 Merge pull request #234 from danielgtaylor/clear-auth-cache
    0a1f26c Update docs to use go install instead of go get
    00b34d8 chore(deps): bump golang.org/x/image from 0.5.0 to 0.10.0
    8135dc8 chore(deps): bump golang.org/x/net from 0.7.0 to 0.17.0
    ac559b9 chore: add configurable redirect_url, preserve default value
    97c3636 feat: add command to clear auth token cache
    13fe1aa fix(api): Do not cache server responses when refreshing API defs
    1ecdb09 fix: hide secret input during API config, fixes #232
    9a25266 fix: use better url parsing
jperkin pushed a commit that referenced this issue Apr 3, 2024
Features / Improvements ✨
    Links should be "openable" (#43)
    Add support for previewing images in room scrollback (#108)
    Enable sending strikethrough text (#141)
    Support composing messages in an external editor (#155)
    Add support for logging in with SSO (#160)
    Add new command for logging out of iamb session (#162)
    Support custom sorting for room and user lists (#170)
    feat: desktop file for GUI environment launchers (#178)
    Add a new :chats window that lists both DMs and Rooms (#184)
    Add support for desktop notifications (#192)
    Support coloring entire message with the user color (#193)
    Indicate and sort on rooms with unread messages (#205)
    Support following the .well-known entries for a username's domain (#209)
    Add support for threads (#216)
    Add support for custom key macros (#217)
    Support displaying shortcodes instead of Emojis in messages (#222)
    Support configuring user gutter width (#223)
    Enable autolinking when rendering Markdown (#226)
    Support notifications via terminal bell (#227)
    Support loading a TOML configuration (#229)
    Add commands for importing and exporting room keys (#233)

Documentation / README updates 📚
    Fix example config (#140)
    Add more documentation (#166)
    Update README.md to add openSUSE Tumbleweed (#191)
    Add snap install instructions (#210)
    Add example of mapping "V" to toggle message selection mode (#195)
    Update manual pages to use mdoc(7) and list commands (#230)
    Add an icon for iamb (#232)

Bug Fixes 🐞
    Fix not showing display names in already synced rooms (#171)
    Fix image preview offset (#179)
    Update to ratatui-image@0.4.3 to use native sixel lib (#181)
    Fix truncation/padding for non-ASCII sender names (#182)
    Fix crash on small image preview (#198)
    Download rooms keys from backups if they exist (#211)
    Ignore key releases on platforms that support it (#220)
    Provide better error message for M_UNKNOWN_TOKEN (#101)
    Fix entering thread view when there's no messages yet (#224)
    Fix image previews in replies (#225)
    Reset message bar when ! is passed with :cancel (#231)
    Wait to log in before starting background tasks (#234)

Performance ⏱️
    Reduce CPU usage by instead fetching read receipts after related sync events (#168)
    Load receipts for room before acquiring lock (#213)

Building / Housekeeping 🧹
    Update Cargo.lock file (#157)
    Update modalkit for newer ratatui and crossterm
    Fix CI workflow (#164)
    Use mozilla-actions/sccache-action for caching builds (#169)
    Enable direnv for Nix flakes (#183)
    Update to matrix-sdk@0.7.1 (#200)
    Rename Nix flake build input from pkgconfig to pkg-config (#203)
    Update modalkit dependencies (#204)
    Move LTO into its own "release-lto" profile (#207)
    Fix Nix flake hashes (#206)
    Pull in modalkit repository with a Cargo.lock (#208)
    Nix flake updates (#214)
    Update to ratatui-image@0.8.1 (#215)
    Support linking against system OpenSSL (#218)
    GitHub workflow should use --locked to avoid broken Cargo.lock (#219)
    Fix odd Windows-only compile error (#221)
jperkin pushed a commit that referenced this issue May 3, 2024
texmath (0.12.8.8)

  * TeX reader: support unicode-math Greek symbols, e.g. `\Alpha` (#235).
    This includes symbols like `\Alpha` and `\omicron` that weren't
    defined in original TeX.

  * Use typst-symbols 0.1.6

texmath (0.12.8.7)

  * TeX reader: convert Bin symbols to Ord when appropriate (#234).
    E.g. in '-3', we should have an Ord rather than a Bin, so
    the spacing will be appropriate.

  * Pandoc writer: fix spacing inside EDelimited (#234).
    Previously spaces around binary operators were omitted when
    they occurred inside parens or brackets.

  * test-texmath: allow pandoc output.

texmath (0.12.8.6)

  * Typst writer: avoid redundant `lr`s (#233).

texmath (0.12.8.5)

  * Typst writer: use ASCII symbols when possible instead of symbols (#232).
    E.g., `+` instead of `plus`. Add `\` to characters needing escape.
    Enhance list of characters that need escaping.

  * Typst writer: fixed EBoxed output so it includes a border.

  * Handle `\ddot` better in conversion to typst (#231).

  * Use typst-symbols 0.1.5
github-actions bot pushed a commit that referenced this issue Oct 10, 2024
v3.0.0 - 2024/10/09
Major feature: nextest support

Hit n to launch the nextest job.

It's a default job, but you may define your own one by specifying analyzer = "nextest" in the job entry.

Internally, this is supported by a new analyzer framework which will allow easier analysis updates or addition of analysis for other tools (or languages).

Fix #196
Major feature: scope test job to failure

If you're running a test or nextest job and you want only the failing test to be retried, hit f.

If you want all tests to be executed again, hit esc.

Fix #214
Other features:
- grace period (by default 5ms) after a file event before the real launch of the command and during which other file events may be disregarded. Helps when saving a file changes several ones (eg backup then rename).
- new exports structure in configuration. New analysis export bound by default to ctrl-e. The old syntax defining locations export is still supported but won't appear in documentations anymore.
- recognize panic location in test - Fix #208
- lines to ignore can be specified as a set of regular expressions in a ignored_lines field either in the job or at the top of the prefs or bacon.toml - Fix #223
- toggle-backtrace accepts an optional level: toggle-backtrace(1) or toggle-backtrace(full) - Experimental - Fix #210
- configuration paths can be passed in BACON_PREFS and BACON_CONFIG env vars - Fix #76

Fixes:
    fix changing wrapping mode not always working in raw output mode - Fix #234
github-actions bot pushed a commit that referenced this issue Oct 21, 2024
7.1.2 (2024-10-15)

* Test on Ruby 3.3 (#236)
* Support alpine 3.19 and up (#234)
* Use libsodium constants for scrypt params (#231)
* Fix error message generation when empty hmac key is given (#224)
* Add ed25519 to curve25519 conversion helpers (#217)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants