www/php-apcu: update to 5.1.16 #42

mmoll · 2019-02-04T14:32:55Z

No description provided.

bsiegert · 2019-02-05T16:25:55Z

Looks good! I'll merge this.

Changes in dconf 0.32.0 ======================= - No changes since 0.31.92 Changes in dconf 0.31.92 ======================== - bin: Add an option to ignore changes to locked keys during load (Tomasz Miąsko; #1; !43) - tests: Use more concise key and value (Tomasz Miąsko; #1; !43) - tests: shm: fix pwrite wrapper with -D_FILE_OFFSET_BITS=64 (Ben Wolsieffer; !37) - tests: replace usage of dlsym with separate modules containing functions that need to be mocked out (Daniel Playfair Cal; !37) - tests: Avoid using real system bus during tests (Tomasz Miąsko; #51; !45) Changes in dconf 0.31.2 ======================= - Bin: rewrite dconf utility in C. Updates are no longer conditional on the mtime of the database directory and files. Help information is shown on erroneous usage, but not otherwise. (Tomasz Miąsko; !39) - build: Make dconf client vapi file installation optional, and thus the Vala dependency optional (still built by default) (Tomasz Miąsko; !40) - bin: Add a new database directory argument for the update command (Tomasz Miąsko, Takao Fujiwara; !39, !41) Changes in dconf 0.31.1 ======================= - Engine: Fix memory leak when subscribing to a path. (Guido Günther; !25) - CI: Always store test artifacts so we always get code coverage results. (Philip Withnall; !32) - Sort output of list and dump commands. (Tomasz Miąsko; !31) - Tests: Add integration tests for dconf and dconf-service running within a separate D-Bus session and clean XDG_RUNTIME_DIR and XDG_CONFIG_HOME. (Tomasz Miąsko; !31) - Engine: Coalesce pending writes into a single changeset. (Tomasz Miąsko; !30) - Consistently validate the number of arguments. Add optional directory argument for update command. (Tomasz Miąsko; !33) - Tests: Add further integration tests (Tomasz Miąsko; !33) - Check mtimes of files when updating databases. (Marek Kasik; !27; #11) - Indicate update failure with non-zero exit code. Consistently handle invalid configuration in update. (Tomasz Miąsko; !34; #42) - Replace Bugzilla by Gitlab URL in DOAP file. (Andre Klapper) - Tests: Add test for key paths locked in system databases (Tomasz Miąsko; !35)

Changelog: New Libraries Variant2: A never-valueless, strong guarantee implementation of std::variant, from Peter Dimov. Updated Libraries Align: Support for any integral type in the integral versions of align_up and align_down. Revised the implementation of aligned_allocator to no longer require a specialization for void. Define propagate_on_container_move_assignment and is_always_equal in aligned_allocator. Asio: Improved performance slightly by eliminating a redundant move construction when completed handlers are dispatched. Eliminated a compiler warning by annotating a case fall-through in the free function connect() implementation. Fixed the is_*_buffer_sequence detection traits for user-defined sequence types. Fixed some Windows-specific warnings about an incompatible pointer cast when obtaining the CancelIoEx entry point. Changed to automatically set the defaults when opening a serial port on Windows. Changed the serial port get_option() member function to be const. Fixed a name hiding issue with the WinRT stream-oriented socket backend's shutdown function. Applied a minor fix to the documentation for is_dynamic_buffer. Added some support for Haiku OS. Added wolfSSL compatability. Changed to require C++17 or later for coroutines TS support with clang. Fixed a doxygen generation problem in the tutorial. Ensured example programs are correctly incorporated into the documentation. Any: Static initialization of the default constructed boost::any is now possible. Fixed performance regression in assignment on a compilers without move-semantics. Maintenance work. Beast: This version consists mostly of bug fixes and performance improvements. Substantial work included for the split compilation mode, to reduce compile time when defining BOOST_BEAST_SEPARATE_COMPILATION. We'd love to know how you or your company use Beast, consider adding an item to the Companies and Individuals Using Beast list. See the full Release Notes for a complete list of changes. Circular Buffer: Correct doxygen generated reference to no longer show internal members. (Glen Fernandes) Eliminate ubsan warning on add and sub. (Glen Fernandes) Fix incorrect check in is_uninitialized. (Niklas Fejes) Container: Fixed bugs: GitHub #47: "added alignment specification for small_vector". GitHub #88: "Implement C++17 MoveAssignable requirements for self-move assignments". GitHub #107: "Alignment ignored in resource_adaptor". GitHub #109: "Get rid of integer overflow in copy_move_algo.hpp (-fsanitize=integer)". GitHub #110: "Avoid gcc 9 deprecated copy warnings in new_allocator.hpp". GitHub #112: "vector::resize() compilation error with msvc-10..12: data is not a member of boost::detail::aligned_storage". GitHub #114: "Fix small_vector noexcept specification". GitHub #116: "MSVC + boost 1.70 compilation error when windows.h is already included (detail/thread_mutex.hpp)". GitHub #117: "flat_map/map::insert_or_assign with hint has wrong return types". GitHub #118: "Non-unique inplace_set_difference used in in flat_tree_merge_unique and iterator invalidation in insert_unique". GitHub #122: "Fix has_trivial_destructor_after_move". GitHub #123: "With heterogeneous lookup, equal_range can result in a range with length greater than 1". deque can now have options, using deque_options. The block size/bytes can be be specified. static_vector can now have options, using static_vector_options. Alignment and throwing behaviour can be be specified. small_vector can now have options, using small_vector_options. Alignment and growth factor can be be specified. Context: Add support for RISC-V LP64D #72: Fix ABI violation on ppc64 ELFv2 #99: cleanup of stack if creating ucontext fails Conversion: Maintenance work. Core: Added functions alloc_construct, alloc_construct_n, alloc_destroy, and alloc_destroy_n in <boost/core/alloc_construct.hpp> for allocator aware and exception safe construction and destruction of objects and arrays. (Glen Fernandes) Added constexpr functions first_scalar in <boost/core/first_scalar.hpp> for obtaining a pointer to the first scalar element of an array. Given a pointer of type T* they return a pointer of type remove_all_extents_t<T>*. (Glen Fernandes) Added class template noinit_adaptor in <boost/core/noinit_adaptor.hpp> which is an allocator adaptor that converts any allocator into one whose construct(ptr) performs default initialization via placement new, and whose destroy(ptr) invokes the value_type destructor directly. (Glen Fernandes) Added class template default_allocator in <boost/core/default_allocator.hpp>, which can serve as a minimal default allocator that has interface similar to C++20 std::allocator, supports configurations with disabled exceptions and does not have std as an associated namespace. The allocator uses operator new and operator delete for allocation. (Glen Fernandes) In <boost/core/uncaught_exceptions.hpp> header, added workarounds for better compatibility with QNX SDP 7.0 when libc++/libc++abi libraries are used. (Andrey Semashev, #59) The <boost/detail/sp_typeinfo.hpp> header is now marked as deprecated and will be removed in a future release. <boost/core/typeinfo.hpp> should be used instead. (Peter Dimov) Dynamic Bitset: Enabled hardware-assisted popcount on MSVC (#38). Added support for boost::hash and std::hash (#45). Support copy-initialization with default constructor (#48). Endian: Clarified requirements on the value type template parameter Added support for float and double Added endian_load, endian_store Updated endian_reverse to correctly support all non-bool integral types Moved deprecated names to the deprecated header endian.hpp Fiber: documentation for shared_work updated Filesystem: Fixed incorrect error_code returned from directory iterator increment when readdir_r is used. For path, fixed rvalue-aware operator/ return type to return an rvalue instead of rvalue reference. This fixes leaving a dangling reference in the user's code if the result of operator/ is bound to a const reference. (#110) Fixes for better compatibility with Windows CE. (#24) Added minimal support for CMake. (#106) Flyweight: Maintenance work. Histogram: New features: Support for thread-safe storages and new thread-safe accumulators Support for compiling without exceptions/RTTI (increases performance by 10-20 %) (with Glen Fernandes) Performance improvements for 1D and 2D histograms boost::histogram::indexed now returns forward iterator range instead of input iterator range boost::histogram::indexed_range::accessor is now non-copyable and acts like reference to cell value, making more algorithms from the C++ stdlib work boost::histogram::algorithm::reduce with new slice option and option fusion boost::histogram::algorithm::project accepts runtime indices for static histograms Bug Fixes: boost::histogram::algorithm::reduce also works on histograms that have some axis types without reduction support boost::histogram::axis::traits::update now works correctly for boost::histogram::axis::variant Other: 100 % test coverage Reduced internal Boost dependencies Improved documentation and examples Guaranteed no-throw moves for all builtin axis types Compile cleanly at higher warning levels See changelog for more details. IoStreams: Fixed processing of multi-stream files (#87). Added support for multi-threaded LZMA (#95). Interprocess: GitHub #85 ("warning: Implicit conversion loses integer precision"). GitHub #86 ("warning: Possible misuse of comma operator"). Intrusive: GitHub #42: Documentation does not describe treap priority_of_value changes GitHub #43: Fix tests with BOOST_INTRUSIVE_VARIADIC_TEMPLATES enabled GitHub #45: Disable variadic templates for MSVC-12 to avoid ICEs LexicalCast: Added tests for boost::filesystem::path conversions #25. Maintenance work, including #28. Log: New features: Improved support for C++17 std::string_view in basic_formatting_ostream. The string view can now participate in character code conversion on output. Added auto_newline formatter and stream manipulator. It can be used to ensure that formatted output always ends with a newline while avoiding duplicate newlines. In the output stream, text file and text multi-file sink backends added support for configuring behavior with regard to appending a trailing newline to every formatted log record. Use auto_newline_mode named parameter of the backend constructor or call the set_auto_newline_mode method on the sink backend. Note: The default behavior with regard to trailing newlines added by sink backends has changed slightly compared to the previous Boost.Log releases. The backends will now only add a trailing newline if there isn't one in the formatted log message string already. In previous releases a newline was added unconditionally. Added support for passing arbitrary function objects in the filter and format named parameters to sink constructors and convenience functions for initializing sinks. For example, it is now possible to specify C++11 lambda functions directly in these parameters. (#63) In the default filter and formatter factories used in filter and formatter parsers, added support for severity level attribute values of type boost::log::trivial::severity_level. For filters, the support is limited to attributes with "Severity" name. Bug fixes: Fixed incorrect parsing of components of the rotated file names while scanning for files in the text file sink backend. If the file name pattern ended with a placeholder (for example, a file counter), the scan_for_files method would not find files matching that pattern in the target storage, leaving them unmanaged. In particular, such files would not be deleted to free target storage. (#78) Updated basic_formatting_ostream and basic_record_ostream to make it possible to overload stream output operators for pointers to user-defined types. User-defined operator<< overloads taking std::basic_ostream and a pointer argument should now be picked up by the compiler when the pointer is being written to one of Boost.Log streams. (#84) See changelog for more details. Math: New features: Catmull-Rom interpolator now works in C++11 Cardinal quadratic B-spline interpolation Domain of elliptic integrals extended sin_pi and cos_pi performance improvements Forward-mode automatic differentiation Vector valued barycentric rational interpolation Ooura's method for evaluation of Fourier integrals Bug fixes: Multiple compatibility issues with Multiprecision fixed Lambert-W fixed on a rare architecture Metaparse: New features: In C++11 variadic template support for the following: sequence, one_of_c, one_of, repeated_one_of, repeated_one_of1, one_char_except_c, one_char_except. Bug fixes: BOOST_METAPARSE_STRING does not use out of range character values as template arguments. any_of_c<> does not create empty array in C++14. Move: Git Issue #26: "Invalid iterator increment/decrement in the last iteration of adaptive_sort_combine_blocks". Multi Array: Simplify allocator support by using new alloc_construct_n and alloc_destroy_n facilities from Core. (Glen Fernandes) Multi-index Containers: Added variants of const_mem_fun and mem_fun for differently qualified member functions (issue #24). Terse key specification syntax now correctly handles noexcept-specified member functions (issue #24). Outcome: Enhancements: #184 As per request from Boost release managers, relocated version.hpp and revision.hpp into detail, and added the Boost licence boilerplate to the top of every source file which was missing one (I think). Also took the opportunity to run the licence restamping script over all Outcome, so copyright dates are now up to date. #185 Add FAQ item explaining issue #185, and why we will do nothing to fix it right now. #189 Refactored the OUTCOME_TRY implementation to use more clarified customisation points capable of accepting very foreign inputs. Removed the std::experimental::expected<T, E> specialisations, as those are no longer necessary. Fixed the documentation for the customisation points which previously claimed that they are ADL discovered, which they are not. Added a recipe describing how to add in support for foreign input types. #183 Added a separate motivation/plug_error_code specifically for Boost. Bug fixes: OUTCOME_VERSION_MINOR hadn't been updated to 1. #181 Fix issue #181 where Outcome didn't actually implement the strong swap guarantee, despite being documented as doing so. #190 Fix issue #190 in Boost edition where unit test suite was not runnable from the Boost release distro. #182 Fix issue #182 where trait::is_exception_ptr_available<T> was always true, thus causing much weirdness, like not printing diagnostics and trying to feed everything to make_exception_ptr(). #192 Fix issue #192 where the std::basic_outcome_failure_exception_from_error() was being defined twice for translation units which combine standalone and Boost Outcome's. Parameter: Upgraded keyword generation macro BOOST_PARAMETER_TEMPLATE_KEYWORD (#15). Moved keyword generation macro BOOST_PARAMETER_NESTED_KEYWORD from Accumulators to this library (#28). Added support for std::reference_wrapper and std::ref() (#16). Moved boost::parameter::required, boost::parameter::optional, and boost::parameter::deduced metafunction definitions to their own header files in directory boost/parameter (#18). Added support for Boost.Parameter-enabled function call operators (#20). Added support for parameter category qualifiers "forward", "consume", and "move_from" (current qualifiers are "in", "out", and "in_out") (#21) (#23) based on http://www.modernescpp.com/index.php/c-core-guidelines-how-to-pass-function-parameters. Added new usage syntax BOOST_PARAMETER_NAME((object-name), namespace-name) qualifier(tag-name)) and BOOST_PARAMETER_NAME(qualifier(name)). (Existing code that uses qualifiers directly and correctly with BOOST_PARAMETER_FUNCTION and other code generation macros should remain unaffected for now, so no breaking changes.) The reason for the change in usage is to enable applying of parameter category constraints to Boost.Parameter-enabled functions and constructors invoked through argument composition. (Otherwise, it is currently possible to use argument composition to bypass parameter category constraints applied in BOOST_PARAMETER_FUNCTION et. al.) Added support for perfect forwarding (#23) (#26), so that parameter::parameters::operator() can accept non-const rvalues. As a positive side effect, Boost.Parameter-enabled functions and constructors are no longer bound by BOOST_PARAMETER_MAX_ARITY on compilers that support perfect forwarding. User code can now check for this support by detecting the configuration macro BOOST_PARAMETER_HAS_PERFECT_FORWARDING, or manually turn off this support by defining the configuration macro BOOST_PARAMETER_DISABLE_PERFECT_FORWARDING. Added metafunctions boost::parameter::is_argument_pack (#27), boost::parameter::are_tagged_arguments (#52), and boost::parameter::result_of::compose (#75). Added variadic function template boost::parameter::compose() which takes in named arguments and returns them in an argument pack (#52). For compilers that do not support perfect forwarding, the configuration macro BOOST_PARAMETER_COMPOSE_MAX_ARITY determines the maximum number of arguments that boost::parameter::compose() can take in (#61). Added code generation macros BOOST_PARAMETER_BASIC_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_BASIC_CONST_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_NO_SPEC_FUNCTION, BOOST_PARAMETER_NO_SPEC_MEMBER_FUNCTION, BOOST_PARAMETER_NO_SPEC_CONST_MEMBER_FUNCTION, BOOST_PARAMETER_NO_SPEC_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_NO_SPEC_CONST_FUNCTION_CALL_OPERATOR, BOOST_PARAMETER_NO_SPEC_CONSTRUCTOR, and BOOST_PARAMETER_NO_SPEC_NO_BASE_CONSTRUCTOR (#52). Added support for Boost.MP11 (#47) (#66) (#70). User code can now check for this support by detecting the configuration macro BOOST_PARAMETER_CAN_USE_MP11, or manually turn off this support by defining the configuration macro BOOST_PARAMETER_DISABLE_MP11_USAGE. Improved support for parameter-dependent return types via SFINAE (#73). PtrContainer: Fix a ptr_vector regression introduced in 1.66.0 (#24). PolyCollection: Maintenance work. SmartPtr: Added aliasing constructors to weak_ptr Added weak_ptr<T>::empty() Added enable_shared_from, shared_from, and weak_from Stacktrace: Fixed output of name(), source_location() and source_line() for the default constructed frame with thread sanitizer builds in C++98 mode. Fixed output of long strings from name() and source_location() on MSVC #78. Maintenance work. Test: Boost.test v3.11 see the Changes log for more details. Breaking changes: Boost.Test shows deprecation warnings if some very old headers as deprecated. If you encounter such warnings, please follow the indications: those headers will be removed in a future release. New feature: Now BOOST_TEST can be used to compare abstract types Bug fixes and pull requests: GitHub Issues: #209, #218 GitHub Pull Requests: #219, #224 Utility: Implemented function template ostream_string in <boost/utility/ostream_string.hpp> to optimally write any kind of string content to an output stream. It satisfies the requirements of [ostream.formatted.reqmts]. (Glen Fernandes) Optimized the stream output operators of basic_string_view and basic_string_ref to write directly to the rdbuf stream buffer. (Glen Fernandes) Uuid: Breaking change: MD5 name-based uuid generation was corrected to be identical on all endian systems. Define BOOST_UUID_COMPAT_PRE_1_71_MD5 to keep the result in a format compatible with 1.66 through 1.70. This does not affect the default name-based uuid generation which is based on SHA1. (#109) Variant: Fixed compilation of boost::apply_visitor with variants passed by non const reference in #68. Many thanks to Ed Catmur for providing the fix. Added support for std::hash (#49). Macro BOOST_VARIANT_DO_NOT_SPECIALIZE_STD_HASH could be defined to avoid those specializations. Added micro optimizations for binary size and performance by Nikita Kniazev in #63 and #66. Maintenance work, including #64 by Nikita Kniazev and #67 by Hans Dembinski. YAP: Added an example showing how to make self-evaluating YAP expressions (that is, expressions that don't need an explicit call to evaluate() or transform()).

update ruby-rgl to 0.5.6. pkgsrc change: add "USE_LANGUAGES= # none". 2019-01 Release 0.5.6 Artemy Kirienko * PR #42 Add method Graph#path?(u, v) to check if a path exists between two vertices Horst Duchene * Fix #47 set_to_begin for graph iterator (881aa8) 2019-01 Release 0.5.5 Artemy Kirienko * PR #42 Add method Graph#path?(u, v) to check if a path exists between two vertices Horst Duchene * Fix #47 set_to_begin for graph iterator (881aa8)

ChangeLog: 2019-11-04 1.3 - FIX: Escaped @ ("\@") is treated as "@" (#42, #103) - NEW: Support reading JSON array elements (#91) - UPD: Add home and removable-media interfaces to snap (#94) - FIX: fix unlikely crash after malloc fail when base64 encoding. - NEW: Support reading nested data from pipes (#82)

0.33 2019-03-09 15:18:15 PST - Removed dependency to Digest::SHA1 #45 - Added explicit dep to HTTP::Request::Common #44 - Add t/lib to INC for Perl 5.26+ - Fix POD link 0.32 2019-02-26 14:36:19 MST - Fix dependency for Cookie::Baker 0.31 2019-02-26 12:01:00 MST - Documentation fix - Support samesite cookie attributes #42

== v1.2.2 [2020-01-06] Michael Granger <ged@FaerieMUD.org> Enhancements: - Add a binary gem for Ruby 2.7. == v1.2.1 [2020-01-02] Michael Granger <ged@FaerieMUD.org> Enhancements: - Added internal API for sequel_pg compatibility. == v1.2.0 [2019-12-20] Michael Granger <ged@FaerieMUD.org> Repository: - Our primary repository has been moved to Github https://github.com/ged/ruby-pg . Most of the issues from https://bitbucket.org/ged/ruby-pg have been migrated. #43 API enhancements: - Add PG::Result#field_name_type= and siblings to allow symbols to be used as field names. #306 - Add new methods for error reporting: - PG::Connection#set_error_context_visibility - PG::Result#verbose_error_message - PG::Result#result_verbose_error_message (alias) - Update errorcodes and error classes to PostgreSQL-12.0. - New constants: PG_DIAG_SEVERITY_NONLOCALIZED, PQERRORS_SQLSTATE, PQSHOW_CONTEXT_NEVER, PQSHOW_CONTEXT_ERRORS, PQSHOW_CONTEXT_ALWAYS Type cast enhancements: - Add PG::TextEncoder::Record and PG::TextDecoder::Record for en/decoding of Composite Types. #258, #36 - Add PG::BasicTypeRegistry.register_coder to register instances instead of classes. This is useful to register parametrized en/decoders like PG::TextDecoder::Record . - Add PG::BasicTypeMapForQueries#encode_array_as= to switch between various interpretations of ruby arrays. - Add Time, Array<Time>, Array<BigDecimal> and Array<IPAddr> encoders to PG::BasicTypeMapForQueries - Exchange sprintf based float encoder by very fast own implementation with more natural format. #301 - Define encode and decode methods only in en/decoders that implement it, so that they can be queried by respond_to? . - Improve PG::TypeMapByColumn#inspect - Accept Integer and Float as input to TextEncoder::Numeric . #310 Other enhancements: - Allocate the data part and the ruby object of PG::Result in one step, so that we don't need to check for valid data. This removes PG::Result.allocate and PG::Result.new, which were callable but without any practical use. #42 - Make use of PQresultMemorySize() of PostgreSQL-12 and fall back to our internal estimator. - Improve performance of PG::Result#stream_each_tuple . - Store client encoding in data part of PG::Connection and PG::Result objects, so that we no longer use ruby's internal encoding bits. #280 - Update Windows fat binary gem to OpenSSL-1.1.1d and PostgreSQL-12.1. - Add support for TruffleRuby. It is regulary tested as part of our CI. - Enable +frozen_string_literal+ in all pg's ruby files Bugfixes: - Update the license in gemspec to "BSD-2-Clause". It was incorrectly labeled "BSD-3-Clause". #40 - Respect PG::Coder#flags in PG::Coder#to_h. - Fix PG::Result memsize reporting after #clear. - Release field names to GC on PG::Result#clear. - Fix double free in PG::Result#stream_each_tuple when an exception is raised in the block. - Fix PG::Result#stream_each_tuple to deliver typemapped values. - Fix encoding of Array<unknown> with PG::BasicTypeMapForQueries Deprecated: - Add a deprecation warning to PG::Connection#socket . Removed: - Remove PG::Connection#guess_result_memsize= which was temporary added in pg-1.1. - Remove PG::Result.allocate and PG::Result.new (see enhancements). - Remove support of tainted objects. #307 - Remove support of ruby-2.0 and 2.1. Minimum is ruby-2.2 now. Documentation: - Update description of connection params. See PG::Connection.new - Link many method descriptions to corresponding libpq's documentation. - Update sync_* and async_* query method descriptions and document the aliases. The primary documentation is now at the async_* methods which are the default since pg-1.1. - Fix documentation of many constants

0.20.2 * secret-file-collection: force little-endian in GVariant [!49, #42] * Prefer g_info() over g_message() [!48, #40] * meson: Don't specify shared_library() [!47] * docs: Make sure to set install: true [!46]

Update ruby-mixlib-log to 3.0.8. 3.0.8 (2019-12-30) * Expand testing / Update GitHub templates #51 (tas50) * Add Build Kite PR Testing #52 (tas50) * Remove Travis PR Testing #53 (tas50) * Resolve all warnings emitted during testing #54 (zenspider) * Add windows testing in Buildkite #56 (tas50) * Test on Ruby 2.7 + random testing improvements #58 (tas50) * Substitute require for require_relative #59 (tas50) 3.0.1 (2019-01-05) * reverting back to ruby 2.3 support #48 (lamont-granquist) 3.0.0 (2019-01-04) * update travis, drop ruby < 2.5, major version bump #47 (lamont-granquist) 2.0.9 (2018-12-18) * remove hashrocket syntax #41 (lamont-granquist) * Remove the changelog generator gem #42 (tas50) * Test on all the Ruby versions we support #43 (tas50) * Test on Ruby 2.6 in Travis + test on Xenial #46 (tas50) * Only ship the required library files in the gem artifact #45 (tas50)

### All Platforms - Allow the RPC server to listen on an IPv6 address ([#161](transmission/transmission#161)) - Change `TR_CURL_SSL_VERIFY` to `TR_CURL_SSL_NO_VERIFY` and enable verification by default ([#334](transmission/transmission#334)) - Go back to using hash as base name for resume and torrent files (those stored in configuration directory) ([#122](transmission/transmission#122)) - Handle "fields" argument in "session-get" RPC request; if "fields" array is present in arguments, only return session fields specified; otherwise return all the fields as before - Limit the number of incorrect authentication attempts in embedded web server to 100 to prevent brute-force attacks ([#371](transmission/transmission#371)) - Set idle seed limit range to 1..40320 (4 weeks tops) in all clients ([#212](transmission/transmission#212)) - Add Peer ID for Xfplay, PicoTorrent, Free Download Manager, Folx, Baidu Netdisk torrent clients ([#256](transmission/transmission#256), [#285](transmission/transmission#285), [#355](transmission/transmission#355), [#363](transmission/transmission#363), [#386](transmission/transmission#386)) - Announce `INT64_MAX` as size left if the value is unknown (helps with e.g. Amazon S3 trackers) ([#250](transmission/transmission#250)) - Add `TCP_FASTOPEN` support (should result in slight speedup) ([#184](transmission/transmission#184)) - Improve ToS handling on IPv6 connections ([#128](transmission/transmission#128), [#341](transmission/transmission#341), [#360](transmission/transmission#360), [#692](transmission/transmission#692), [#737](transmission/transmission#737)) - Abort handshake if establishing DH shared secret fails (leads to crash) ([#27](transmission/transmission#27)) - Don't switch trackers while announcing (leads to crash) ([#297](transmission/transmission#297)) - Improve completion scripts execution and error handling; add support for .cmd and .bat files on Windows ([#405](transmission/transmission#405)) - Maintain a "session ID" file (in temporary directory) to better detect whether session is local or remote; return the ID as part of "session-get" response (TRAC-5348, [#861](transmission/transmission#861)) - Change torrent location even if no data move is needed ([#35](transmission/transmission#35)) - Support CIDR-notated blocklists ([#230](transmission/transmission#230), [#741](transmission/transmission#741)) - Update the resume file before running scripts ([#825](transmission/transmission#825)) - Make multiscrape limits adaptive ([#837](transmission/transmission#837)) - Add labels support to libtransmission and transmission-remote ([#822](transmission/transmission#822)) - Parse `session-id` header case-insensitively ([#765](transmission/transmission#765)) - Sanitize suspicious path components instead of rejecting them ([#62](transmission/transmission#62), [#294](transmission/transmission#294)) - Load CA certs from system store on Windows / OpenSSL ([#446](transmission/transmission#446)) - Add support for mbedtls (formely polarssl) and wolfssl (formely cyassl), LibreSSL ([#115](transmission/transmission#115), [#116](transmission/transmission#116), [#284](transmission/transmission#284), [#486](transmission/transmission#486), [#524](transmission/transmission#524), [#570](transmission/transmission#570)) - Fix building against OpenSSL 1.1.0+ ([#24](transmission/transmission#24)) - Fix quota support for uClibc-ng 1.0.18+ and DragonFly BSD ([#42](transmission/transmission#42), [#58](transmission/transmission#58), [#312](transmission/transmission#312)) - Fix a number of memory leaks (magnet loading, session shutdown, bencoded data parsing) ([#56](transmission/transmission#56)) - Bump miniupnpc version to 2.0.20170509 ([#347](transmission/transmission#347)) - CMake-related improvements (Ninja generator, libappindicator, systemd, Solaris and macOS) ([#72](transmission/transmission#72), [#96](transmission/transmission#96), [#117](transmission/transmission#117), [#118](transmission/transmission#118), [#133](transmission/transmission#133), [#191](transmission/transmission#191)) - Switch to submodules to manage (most of) third-party dependencies - Fail installation on Windows if UCRT is not installed ### Mac Client - Bump minimum macOS version to 10.10 - Dark Mode support ([#644](transmission/transmission#644), [#722](transmission/transmission#722), [#757](transmission/transmission#757), [#779](transmission/transmission#779), [#788](transmission/transmission#788)) - Remove Growl support, notification center is always used ([#387](transmission/transmission#387)) - Fix autoupdate on High Sierra and up by bumping the Sparkle version ([#121](transmission/transmission#121), [#600](transmission/transmission#600)) - Transition to ARC ([#336](transmission/transmission#336)) - Use proper UTF-8 encoding (with macOS-specific normalization) when setting download/incomplete directory and completion script paths ([#11](transmission/transmission#11)) - Fix uncaught exception when dragging multiple items between groups ([#51](transmission/transmission#51)) - Add flat variants of status icons for message log ([#134](transmission/transmission#134)) - Optimize image resources size ([#304](transmission/transmission#304), [#429](transmission/transmission#429)) - Update file icon when file name changes ([#37](transmission/transmission#37)) - Update translations ### GTK+ Client - Add queue up/down hotkeys ([#158](transmission/transmission#158)) - Modernize the .desktop file ([#162](transmission/transmission#162)) - Add AppData file ([#224](transmission/transmission#224)) - Add symbolic icon variant for the Gnome top bar and when the high contrast theme is in use ([#414](transmission/transmission#414), [#449](transmission/transmission#449)) - Update file icon when its name changes ([#37](transmission/transmission#37)) - Switch from intltool to gettext for translations ([#584](transmission/transmission#584), [#647](transmission/transmission#647)) - Update translations, add new translations for Portuguese (Portugal) ### Qt Client - Bump minimum Qt version to 5.2 - Fix dropping .torrent files into main window on Windows ([#269](transmission/transmission#269)) - Fix prepending of drive letter to various user-selected paths on Windows ([#236](transmission/transmission#236), [#307](transmission/transmission#307), [#404](transmission/transmission#404), [#437](transmission/transmission#437), [#699](transmission/transmission#699), [#723](transmission/transmission#723), [#877](transmission/transmission#877)) - Fix sorting by progress in presence of magnet transfers ([#234](transmission/transmission#234)) - Fix .torrent file trashing upon addition ([#262](transmission/transmission#262)) - Add queue up/down hotkeys ([#158](transmission/transmission#158)) - Reduce torrent properties (file tree) memory usage - Display tooltips in torrent properties (file tree) in case the names don't fit ([#411](transmission/transmission#411)) - Improve UI look on hi-dpi displays (YMMV) - Use session ID (if available) to check if session is local or not ([#861](transmission/transmission#861)) - Use default (instead of system) locale to be more flexible ([#130](transmission/transmission#130)) - Modernize the .desktop file ([#162](transmission/transmission#162)) - Update translations, add new translations for Afrikaans, Catalan, Danish, Greek, Norwegian Bokmål, Slovenian ### Daemon - Use libsystemd instead of libsystemd-daemon (TRAC-5921) - Harden transmission-daemon.service by disallowing privileges elevation ([#795](transmission/transmission#795)) - Fix exit code to be zero when dumping settings ([#487](transmission/transmission#487)) ### Web Client - Fix tracker error XSS in inspector (CVE-?) - Fix performance issues due to improper use of `setInterval()` for UI refresh (TRAC-6031) - Fix recognition of `https://` links in comments field ([#41](transmission/transmission#41), [#180](transmission/transmission#180)) - Fix torrent list style in Google Chrome 59+ ([#384](transmission/transmission#384)) - Show ETA in compact view on non-mobile devices ([#146](transmission/transmission#146)) - Show upload file button on mobile devices ([#320](transmission/transmission#320), [#431](transmission/transmission#431), [#956](transmission/transmission#956)) - Add keyboard hotkeys for web interface ([#351](transmission/transmission#351)) - Disable autocompletion in torrent URL field ([#367](transmission/transmission#367)) ### Utils - Prevent crash in transmission-show displaying torrents with invalid creation date ([#609](transmission/transmission#609)) - Handle IPv6 RPC addresses in transmission-remote ([#247](transmission/transmission#247)) - Add `--unsorted` option to transmission-show ([#767](transmission/transmission#767)) - Widen the torrent-id column in transmission-remote for cleaner formatting ([#840](transmission/transmission#840))

== Version 2.9 (2020-07-18) New features:: * core: add bar option "color_bg_inactive": color for window bars in inactive window (issue #732) * core: add Alacritty title escape sequence support (issue #1517) * core: display notify level for current buffer with command /buffer notify (issue #1505) * core: count only visible nicks in bar item "buffer_nicklist_count", add bar items "buffer_nicklist_count_groups" and "buffer_nicklist_count_all" (issue #1506) * core: set default size for input bar to 0 (automatic) (issue #1498) * core: add default key kbd:[Alt+Enter] to insert a newline (issue #1498) * core: add flag "input_multiline" in buffer (issue #984, issue #1063) * core: add a scalable WeeChat logo (SVG) (issue #1454, issue #1456) * core: add base 16/32/64 encoding/decoding in evaluation of expressions with "base_encode:base,xxx" and "base_decode:base,xxx" * core: add case sensitive wildcard matching comparison operator (`+==*+` and `+!!*+`) and case sensitive/insensitive include comparison operators (`+==-+`, `+!!-+`, `+=-+`, `+!-+`) in evaluation of expressions * core: add default key kbd:[Alt+Shift+N] to toggle nicklist bar * core: add command line option "--stdout" in weechat-headless binary to log to stdout rather than ~/.weechat/weechat.log (issue #1475, issue #1477) * core: reload configuration files on SIGHUP (issue #1476) * api: add pointer "_bar_window" in hashtable sent to hook focus callback (issue #1450) * api: add info_hashtable "focus_info" (issue #1245, issue #1257) * api: rename function hook_completion_get_string to completion_get_string and hook_completion_list_add to completion_list_add * api: add functions completion_new, completion_search and completion_free * api: add hdata "completion_word" * buflist: add default key kbd:[Alt+Shift+B] to toggle buflist * buflist: add options enable/disable/toggle in command /buflist * buflist: evaluate option buflist.look.sort so that sort can be customized for each of the three buflist bar items (issue #1465) * irc: add support of UTF8MAPPING (issue #1528) * irc: display account messages in buffers (issue #1250) * python: add WeeChat sharedir python directory to PYTHONPATH (issue #1537) * relay: increase default limits for IRC backlog options * relay: add command "handshake" in weechat relay protocol and nonce to prevent replay attacks, add options relay.network.password_hash_algo, relay.network.password_hash_iterations, relay.network.nonce_size (issue #1474) * relay: add command "completion" in weechat relay protocol to perform a completion on a string at a given position (issue #1484) * relay: add option relay.network.auth_timeout * relay: update default colors for client status * relay: add status "waiting_auth" in irc and weechat protocols (issue #1358) * trigger: evaluate arguments of command when the trigger is created (issue #1472) Bug fixes:: * core: fix command /window scroll_beyond_end when buffer has fewer lines than chat height (issue #1509) * core: force buffer property "time_for_each_line" to 0 for buffers with free content (issue #1485) * core: don't collapse consecutive newlines in lines displayed before the first buffer is created * core: don't remove consecutive newlines when pasting text (issue #1500) * core: don't collapse consecutive newlines in bar content (issue #1500) * core: fix WEECHAT_SHAREDIR with CMake build (issue #1461) * core: fix memory leak in calculation of expression on FreeBSD (issue #1469) * core: fix resize of a bar when its size is 0 (automatic) (issue #1470) * api: fix use of pointer after free in function key_unbind * api: replace plugin and buffer name by buffer pointer in argument "modifier_data" sent to weechat_print modifier callback (issue #42) * buflist: add "window" pointer in bar item evaluation only if it's not NULL (if bar type is "window") * exec: fix use of same task id for different tasks (issue #1491) * fifo: fix errors when writing in the FIFO pipe (issue #713) * guile: enable again /guile eval (issue #1514) * irc: use new default chantypes "#&" when the server does not send it * irc: add support of optional server in info "irc_is_nick", fix check of nick using UTF8MAPPING isupport value (issue #1528) * irc: fix add of ignore with flags in regex, display full ignore mask in list of ignores (issue #1518) * irc: do not remove spaces at the end of users messages received (issue #1513) * irc: fix realname delimiter color in WHO/WHOX response (issue #1497) * irc: reuse a buffer with wrong type "channel" when a private message is received (issue #869) * python: fix crash when invalid UTF-8 string is in a WeeChat hashtable converted to a Python dict (issue #1463) * relay: add missing field "notify_level" in message "_buffer_line_added" (issue #1529) * relay: fix slow send of data to clients when SSL is enabled * trigger: only return trigger's return code when condition evaluates to true (issue #592) * trigger: fix truncated trigger command with commands /trigger input|output|recreate * trigger: do not hide values of options with /set command in cmd_pass trigger Documentation:: * add includes directory * merge 53 auto-generated files into 11 files * fix broken literal blocks in Japanese docs with Firefox (issue #1466) Tests:: * core: add CI with GitHub Actions, move codecov.io upload to GitHub Actions * core: switch to Ubuntu Bionic on Travis CI, use pylint3 to lint Python scripts * core: run tests on plugins only if the plugins are enabled and compiled * irc: add tests on IRC color and channel functions Build:: * javascript: disable build by default and remove Debian packaging of JavaScript plugin (issue #360) * core: make GnuTLS a required dependency * core: fix build with CMake 3.17.0 * core: fix build with cygport on Cygwin

net/transmission-gtk: security update net/transmission-qt: security update net/transmission: security update Revisions pulled up: - net/transmission-gtk/Makefile 1.46 - net/transmission-gtk/PLIST 1.2 - net/transmission-qt/Makefile 1.54 - net/transmission/Makefile 1.27 - net/transmission/Makefile.common 1.10 - net/transmission/PLIST 1.4 - net/transmission/distinfo 1.16 - net/transmission/patches/patch-qt_qtr.pro 1.7 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: wiz Date: Mon Jul 13 13:01:02 UTC 2020 Modified Files: pkgsrc/net/transmission: Makefile Makefile.common PLIST distinfo pkgsrc/net/transmission-gtk: Makefile PLIST pkgsrc/net/transmission-qt: Makefile pkgsrc/net/transmission/patches: patch-qt_qtr.pro Log Message: transmission*: update to 3.00 ### All Platforms - Allow the RPC server to listen on an IPv6 address ([#161](transmission/transmission#161)) - Change `TR_CURL_SSL_VERIFY` to `TR_CURL_SSL_NO_VERIFY` and enable verification by default ([#334](transmission/transmission#334)) - Go back to using hash as base name for resume and torrent files (those stored in configuration directory) ([#122](transmission/transmission#122)) - Handle "fields" argument in "session-get" RPC request; if "fields" array is present in arguments, only return session fields specified; otherwise return all the fields as before - Limit the number of incorrect authentication attempts in embedded web server to 100 to prevent brute-force attacks ([#371](transmission/transmission#371)) - Set idle seed limit range to 1..40320 (4 weeks tops) in all clients ([#212](transmission/transmission#212)) - Add Peer ID for Xfplay, PicoTorrent, Free Download Manager, Folx, Baidu Netdisk torrent clients ([#256](transmission/transmission#256), [#285](transmission/transmission#285), [#355](transmission/transmission#355), [#363](transmission/transmission#363), [#386](transmission/transmission#386)) - Announce `INT64_MAX` as size left if the value is unknown (helps with e.g. Amazon S3 trackers) ([#250](transmission/transmission#250)) - Add `TCP_FASTOPEN` support (should result in slight speedup) ([#184](transmission/transmission#184)) - Improve ToS handling on IPv6 connections ([#128](transmission/transmission#128), [#341](transmission/transmission#341), [#360](transmission/transmission#360), [#692](transmission/transmission#692), [#737](transmission/transmission#737)) - Abort handshake if establishing DH shared secret fails (leads to crash) ([#27](transmission/transmission#27)) - Don't switch trackers while announcing (leads to crash) ([#297](transmission/transmission#297)) - Improve completion scripts execution and error handling; add support for .cmd and .bat files on Windows ([#405](transmission/transmission#405)) - Maintain a "session ID" file (in temporary directory) to better detect whether session is local or remote; return the ID as part of "session-get" response (TRAC-5348, [#861](transmission/transmission#861)) - Change torrent location even if no data move is needed ([#35](transmission/transmission#35)) - Support CIDR-notated blocklists ([#230](transmission/transmission#230), [#741](transmission/transmission#741)) - Update the resume file before running scripts ([#825](transmission/transmission#825)) - Make multiscrape limits adaptive ([#837](transmission/transmission#837)) - Add labels support to libtransmission and transmission-remote ([#822](transmission/transmission#822)) - Parse `session-id` header case-insensitively ([#765](transmission/transmission#765)) - Sanitize suspicious path components instead of rejecting them ([#62](transmission/transmission#62), [#294](transmission/transmission#294)) - Load CA certs from system store on Windows / OpenSSL ([#446](transmission/transmission#446)) - Add support for mbedtls (formely polarssl) and wolfssl (formely cyassl), LibreSSL ([#115](transmission/transmission#115), [#116](transmission/transmission#116), [#284](transmission/transmission#284), [#486](transmission/transmission#486), [#524](transmission/transmission#524), [#570](transmission/transmission#570)) - Fix building against OpenSSL 1.1.0+ ([#24](transmission/transmission#24)) - Fix quota support for uClibc-ng 1.0.18+ and DragonFly BSD ([#42](transmission/transmission#42), [#58](transmission/transmission#58), [#312](transmission/transmission#312)) - Fix a number of memory leaks (magnet loading, session shutdown, bencoded data parsing) ([#56](transmission/transmission#56)) - Bump miniupnpc version to 2.0.20170509 ([#347](transmission/transmission#347)) - CMake-related improvements (Ninja generator, libappindicator, systemd, Solaris and macOS) ([#72](transmission/transmission#72), [#96](transmission/transmission#96), [#117](transmission/transmission#117), [#118](transmission/transmission#118), [#133](transmission/transmission#133), [#191](transmission/transmission#191)) - Switch to submodules to manage (most of) third-party dependencies - Fail installation on Windows if UCRT is not installed ### Mac Client - Bump minimum macOS version to 10.10 - Dark Mode support ([#644](transmission/transmission#644), [#722](transmission/transmission#722), [#757](transmission/transmission#757), [#779](transmission/transmission#779), [#788](transmission/transmission#788)) - Remove Growl support, notification center is always used ([#387](transmission/transmission#387)) - Fix autoupdate on High Sierra and up by bumping the Sparkle version ([#121](transmission/transmission#121), [#600](transmission/transmission#600)) - Transition to ARC ([#336](transmission/transmission#336)) - Use proper UTF-8 encoding (with macOS-specific normalization) when setting download/incomplete directory and completion script paths ([#11](transmission/transmission#11)) - Fix uncaught exception when dragging multiple items between groups ([#51](transmission/transmission#51)) - Add flat variants of status icons for message log ([#134](transmission/transmission#134)) - Optimize image resources size ([#304](transmission/transmission#304), [#429](transmission/transmission#429)) - Update file icon when file name changes ([#37](transmission/transmission#37)) - Update translations ### GTK+ Client - Add queue up/down hotkeys ([#158](transmission/transmission#158)) - Modernize the .desktop file ([#162](transmission/transmission#162)) - Add AppData file ([#224](transmission/transmission#224)) - Add symbolic icon variant for the Gnome top bar and when the high contrast theme is in use ([#414](transmission/transmission#414), [#449](transmission/transmission#449)) - Update file icon when its name changes ([#37](transmission/transmission#37)) - Switch from intltool to gettext for translations ([#584](transmission/transmission#584), [#647](transmission/transmission#647)) - Update translations, add new translations for Portuguese (Portugal) ### Qt Client - Bump minimum Qt version to 5.2 - Fix dropping .torrent files into main window on Windows ([#269](transmission/transmission#269)) - Fix prepending of drive letter to various user-selected paths on Windows ([#236](transmission/transmission#236), [#307](transmission/transmission#307), [#404](transmission/transmission#404), [#437](transmission/transmission#437), [#699](transmission/transmission#699), [#723](transmission/transmission#723), [#877](transmission/transmission#877)) - Fix sorting by progress in presence of magnet transfers ([#234](transmission/transmission#234)) - Fix .torrent file trashing upon addition ([#262](transmission/transmission#262)) - Add queue up/down hotkeys ([#158](transmission/transmission#158)) - Reduce torrent properties (file tree) memory usage - Display tooltips in torrent properties (file tree) in case the names don't fit ([#411](transmission/transmission#411)) - Improve UI look on hi-dpi displays (YMMV) - Use session ID (if available) to check if session is local or not ([#861](transmission/transmission#861)) - Use default (instead of system) locale to be more flexible ([#130](transmission/transmission#130)) - Modernize the .desktop file ([#162](transmission/transmission#162)) - Update translations, add new translations for Afrikaans, Catalan, Danish, Greek, Norwegian Bokmål, Slovenian ### Daemon - Use libsystemd instead of libsystemd-daemon (TRAC-5921) - Harden transmission-daemon.service by disallowing privileges elevation ([#795](transmission/transmission#795)) - Fix exit code to be zero when dumping settings ([#487](transmission/transmission#487)) ### Web Client - Fix tracker error XSS in inspector (CVE-?) - Fix performance issues due to improper use of `setInterval()` for UI refresh (TRAC-6031) - Fix recognition of `https://` links in comments field ([#41](transmission/transmission#41), [#180](transmission/transmission#180)) - Fix torrent list style in Google Chrome 59+ ([#384](transmission/transmission#384)) - Show ETA in compact view on non-mobile devices ([#146](transmission/transmission#146)) - Show upload file button on mobile devices ([#320](transmission/transmission#320), [#431](transmission/transmission#431), [#956](transmission/transmission#956)) - Add keyboard hotkeys for web interface ([#351](transmission/transmission#351)) - Disable autocompletion in torrent URL field ([#367](transmission/transmission#367)) ### Utils - Prevent crash in transmission-show displaying torrents with invalid creation date ([#609](transmission/transmission#609)) - Handle IPv6 RPC addresses in transmission-remote ([#247](transmission/transmission#247)) - Add `--unsorted` option to transmission-show ([#767](transmission/transmission#767)) - Widen the torrent-id column in transmission-remote for cleaner formatting ([#840](transmission/transmission#840)) To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 pkgsrc/net/transmission/Makefile cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/transmission/Makefile.common cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/transmission/PLIST cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/transmission/distinfo cvs rdiff -u -r1.45 -r1.46 pkgsrc/net/transmission-gtk/Makefile cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/transmission-gtk/PLIST cvs rdiff -u -r1.52 -r1.53 pkgsrc/net/transmission-qt/Makefile cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/transmission/patches/patch-qt_qtr.pro ------------------------------------------------------------------- Module Name: pkgsrc Committed By: wiz Date: Sat Jul 25 20:20:05 UTC 2020 Modified Files: pkgsrc/net/transmission-qt: Makefile Log Message: transmission-qt: needs gcc 7.x (for <optional>) Reported and tested by spz. To generate a diff of this commit: cvs rdiff -u -r1.53 -r1.54 pkgsrc/net/transmission-qt/Makefile

Pkgsrc changes: * Added a patch to cope with fromStatT on NetBSD * Added a patch to cope with docker client default settings (build also on NetBSD) Upstream changes: 1.5.3 (August 27th, 2020) NOTE: All security content from 1.5.2, 1.5.1, 1.4.5, 1.4.4, 1.3.9, 1.3.8, 1.2.6, and 1.2.5 has been made fully open source, and the git tags for 1.5.3, 1.4.6, 1.3.10, and 1.2.7 will build correctly for open source users. BUG FIXES: * auth/aws: Made header handling for IAM authentication more robust * secrets/ssh: Fixed a bug with role option for SSH signing algorithm to allow more than RSA signing ## 1.5.1 CHANGES: * pki: The tidy operation will now remove revoked certificates if the parameter `tidy_revoked_certs` is set to `true`. This will result in certificate entries being immediately removed, as opposed to awaiting until its NotAfter time. Note that this only affects certificates that have been already revoked. [[GH-9609](https://github.com/hashicorp/vault/pull/9609)] IMPROVEMENTS: * auth/jwt: Add support for fetching groups and user information from G Suite during authentication. [[GH-9574](https://github.com/hashicorp/vault/pull/9574)] * secrets/openldap: Add "ad" schema that allows the engine to correctly rotate AD passwords. [[GH-9740](https://github.com/hashicorp/vault/pull/9740)] * ui: Wrap TTL option on transit engine export action is updated to a new component. [[GH-9632](https://github.com/hashicorp/vault/pull/9632)] BUG FIXES: * secrets/gcp: Ensure that the IAM policy version is appropriately set after a roleset's bindings have changed. [[GH-9603](https://github.com/hashicorp/vault/pull/9603)] * replication (enterprise): Fix status API output incorrectly stating replication is in `idle` state. * core: Fix panic when printing over-long info fields at startup [[GH-9681](https://github.com/hashicorp/vault/pull/9681)] ## 1.5.0 ### July 21st, 2020 CHANGES: * storage/raft: The storage configuration now accepts a new `max_entry_size` config that will limit the total size in bytes of any entry committed via raft. It defaults to `"1048576"` (1MiB). [[GH-9027](https://github.com/hashicorp/vault/pull/9027)] * token: Token creation with custom token ID via `id` will no longer allow periods (`.`) as part of the input string. The final generated token value may contain periods, such as the `s.` prefix for service token indication. [[GH-8646](https://github.com/hashicorp/vault/pull/8646/files)] * token: Token renewals will now return token policies within the `token_policies` , identity policies within `identity_policies`, and the full policy set within `policies`. [[GH-8535](https://github.com/hashicorp/vault/pull/8535)] * cubbyhole: Reject reads and writes to an empty ("") path. [[GH-8971](https://github.com/hashicorp/vault/pull/8971)] * core: Remove the addition of newlines to parsed configuration when using integer/boolean values [[GH-8928](https://github.com/hashicorp/vault/pull/8928)] * audit: Token TTL and issue time are now provided in the auth portion of audit logs. [[GH-9091](https://github.com/hashicorp/vault/pull/9091)] IMPROVEMENTS: * audit: Replication status requests are no longer audited. [[GH-8877](https://github.com/hashicorp/vault/pull/8877)] * audit: Added mount_type field to requests and responses. [[GH-9167](https://github.com/hashicorp/vault/pull/9167)] * auth/aws: Add support for Web Identity credentials [[GH-7738](https://github.com/hashicorp/vault/pull/7738)] * auth/jwt: Support users that are members of more than 200 groups on Azure [[GH-120](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/120)] * auth/kubernetes: Allow disabling `iss` validation [[GH-91](https://github.com/hashicorp/vault-plugin-auth-kubernetes/pull/91)] * core: Add the Go version used to build a Vault binary to the server message output. [[GH-9078](https://github.com/hashicorp/vault/pull/9078)] * core: Added Password Policies for user-configurable password generation [[GH-8637](https://github.com/hashicorp/vault/pull/8637)] * core: New telemetry metrics covering token counts, token creation, KV secret counts, lease creation. [[GH-9239](https://github.com/hashicorp/vault/pull/9239)] [[GH-9250](https://github.com/hashicorp/vault/pull/9250)] [[GH-9244](https://github.com/hashicorp/vault/pull/9244)] [[GH-9052](https://github.com/hashicorp/vault/pull/9052)] * cli: Support reading TLS parameters from file for the `vault operator raft join` command. [[GH-9060](https://github.com/hashicorp/vault/pull/9060)] * plugin: Add SDK method, `Sys.ReloadPlugin`, and CLI command, `vault plugin reload`, for reloading plugins. [[GH-8777](https://github.com/hashicorp/vault/pull/8777)] * plugin (enterprise): Add a scope field to plugin reload, which when global, reloads the plugin anywhere in a cluster. [[GH-9347](https://github.com/hashicorp/vault/pull/9347)] * sdk/framework: Support accepting TypeFloat parameters over the API [[GH-8923](https://github.com/hashicorp/vault/pull/8923)] * secrets/aws: Add iam_groups parameter to role create/update [[GH-8811](https://github.com/hashicorp/vault/pull/8811)] * secrets/database: Add static role rotation for MongoDB Atlas database plugin [[GH-11](https://github.com/hashicorp/vault-plugin-database-mongodbatlas/pull/11)] * secrets/database: Add static role rotation for MSSQL database plugin [[GH-9062](https://github.com/hashicorp/vault/pull/9062)] * secrets/database: Allow InfluxDB to use insecure TLS without cert bundle [[GH-8778](https://github.com/hashicorp/vault/pull/8778)] * secrets/gcp: Support BigQuery dataset ACLs in absence of IAM endpoints [[GH-78](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/78)] * secrets/pki: Allow 3072-bit RSA keys [[GH-8343](https://github.com/hashicorp/vault/pull/8343)] * secrets/ssh: Add a CA-mode role option to specify signing algorithm [[GH-9096](https://github.com/hashicorp/vault/pull/9096)] * secrets/transit: Transit requests that make use of keys now include a new field `key_version` in their responses [[GH-8775](https://github.com/hashicorp/vault/pull/8775)] * secrets/transit: Improving transit batch encrypt and decrypt latencies [[GH-9100](https://github.com/hashicorp/vault/pull/9100)] * sentinel: Add a sentinel config section, and "additional_enabled_modules", a list of Sentinel modules that may be imported in addition to the defaults. * ui: Update TTL picker styling on SSH secret engine [[GH-8891](https://github.com/hashicorp/vault/pull/8891)] * ui: Only render the JWT input field of the Vault login form on mounts configured for JWT auth [[GH-8952](https://github.com/hashicorp/vault/pull/8952)] * cli: Add a new subcommand, `vault monitor`, for tailing server logs in the console. [[GH-8477](https://github.com/hashicorp/vault/pull/8477)] * ui: Add replication dashboards. Improve replication management workflows. [[GH-8705]](https://github.com/hashicorp/vault/pull/8705). BUG FIXES: * agent: Restart template server when it shuts down [[GH-9200](https://github.com/hashicorp/vault/pull/9200)] * auth/oci: Fix issue where users of the Oracle Cloud Infrastructure (OCI) auth method could not authenticate when the plugin backend was mounted at a non-default path. [[GH-7](https://github.com/hashicorp/vault-plugin-auth-oci/pull/7)] * core: Extend replicated cubbyhole fix in 1.4.0 to cover case where a performance primary is also a DR primary [[GH-9148](https://github.com/hashicorp/vault/pull/9148)] * secrets/aws: Fix issue where performance standbys weren't able to generate STS credentials after an IAM access key rotation in AWS and root IAM credential update in Vault [[GH-9186](https://github.com/hashicorp/vault/pull/9186)] * secrets/database: Fix issue where rotating root database credentials while Vault's storage backend is unavailable causes Vault to lose access to the database [[GH-8782](https://github.com/hashicorp/vault/pull/8782)] * secrets/database: Fix issue that prevents performance standbys from connecting to databases after a root credential rotation [[GH-9129](https://github.com/hashicorp/vault/pull/9129)] * secrets/gcp: Fix issue were updates were not being applied to the `token_scopes` of a roleset. [[GH-90](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/90)] * secrets/kv: Return the value of delete_version_after when reading kv/config, even if it is set to the default. [[GH-42](https://github.com/hashicorp/vault-plugin-secrets-kv/pull/42)] * ui: Add Toggle component into core addon so it is available in KMIP and other Ember Engines. [[GH-8913]](https://github.com/hashicorp/vault/pull/8913) * ui: Disallow max versions value of large than 9999999999999999 on kv2 secrets engine. [[GH-9242](https://github.com/hashicorp/vault/pull/9242)] ## 1.4.3 (TBD) IMPROVEMENTS: * auth/aws: Add support for Web Identity credentials [[GH-9251](https://github.com/hashicorp/vault/pull/9251)] * core: Add the Go version used to build a Vault binary to the server message output. [[GH-9078](https://github.com/hashicorp/vault/pull/9078)] * secrets/database: Add static role rotation for MongoDB Atlas database plugin [[GH-9311](https://github.com/hashicorp/vault/pull/9311)] * ui: Link to the Vault Changelog in the UI footer [[GH-9216](https://github.com/hashicorp/vault/pull/9216)] BUG FIXES: * auth/oci: Fix issue where users of the Oracle Cloud Infrastructure (OCI) auth method could not authenticate when the plugin backend was mounted at a non-default path. [[GH-9278](https://github.com/hashicorp/vault/pull/9278)] * replication: The issue causing cubbyholes in namespaces on performance secondaries to not work, which was fixed in 1.4.0, was still an issue when the primary was both a performance primary and DR primary. * secrets/aws: Fix issue where performance standbys weren't able to generate STS credentials after an IAM access key rotation in AWS and root IAM credential update in Vault [[GH-9207](https://github.com/hashicorp/vault/pull/9207)] * secrets/database: Fix issue that prevents performance standbys from connecting to databases after a root credential rotation [[GH-9208](https://github.com/hashicorp/vault/pull/9208)] * secrets/gcp: Fix issue were updates were not being applied to the `token_scopes` of a roleset. [[GH-9277](https://github.com/hashicorp/vault/pull/9277)] ## 1.4.2 (May 21st, 2020) SECURITY: * core: Proxy environment variables are now redacted before being logged, in case the URLs include a username:password. This vulnerability, CVE-2020-13223, is fixed in 1.3.6 and 1.4.2, but affects 1.4.0 and 1.4.1, as well as older versions of Vault [[GH-9022](https://github.com/hashicorp/vault/pull/9022)] * secrets/gcp: Fix a regression in 1.4.0 where the system TTLs were being used instead of the configured backend TTLs for dynamic service accounts. This vulnerability is CVE-2020-12757. [[GH-85](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/85)] IMPROVEMENTS: * storage/raft: The storage stanza now accepts `leader_ca_cert_file`, `leader_client_cert_file`, and `leader_client_key_file` parameters to read and parse TLS certificate information from paths on disk. Existing non-path based parameters will continue to work, but their values will need to be provided as a single-line string with newlines delimited by `\n`. [[GH-8894](https://github.com/hashicorp/vault/pull/8894)] * storage/raft: The `vault status` CLI command and the `sys/leader` API now contain the committed and applied raft indexes. [[GH-9011](https://github.com/hashicorp/vault/pull/9011)] BUG FIXES: * auth/aws: Fix token renewal issues caused by the metadata changes in 1.4.1 [[GH-8991](https://github.com/hashicorp/vault/pull/8991)] * auth/ldap: Fix 1.4.0 regression that could result in auth failures when LDAP auth config includes upndomain. [[GH-9041](https://github.com/hashicorp/vault/pull/9041)] * secrets/ad: Forward rotation requests from standbys to active clusters [[GH-66](https://github.com/hashicorp/vault-plugin-secrets-ad/pull/66)] * secrets/database: Prevent generation of usernames that are not allowed by the MongoDB Atlas API [[GH-9](https://github.com/hashicorp/vault-plugin-database-mongodbatlas/pull/9)] * secrets/database: Return an error if a manual rotation of static account credentials fails [[GH-9035](https://github.com/hashicorp/vault/pull/9035)] * secrets/openldap: Forward all rotation requests from standbys to active clusters [[GH-9028](https://github.com/hashicorp/vault/pull/9028)] * secrets/transform (enterprise): Fix panic that could occur when accessing cached template entries, such as a requests that accessed templates directly or indirectly from a performance standby node. * serviceregistration: Fix a regression for Consul service registration that ignored using the listener address as the redirect address unless api_addr was provided. It now properly uses the same redirect address as the one used by Vault's Core object. [[GH-8976](https://github.com/hashicorp/vault/pull/8976)] * storage/raft: Advertise the configured cluster address to the rest of the nodes in the raft cluster. This fixes an issue where a node advertising 0.0.0.0 is not using a unique hostname. [[GH-9008](https://github.com/hashicorp/vault/pull/9008)] * storage/raft: Fix panic when multiple nodes attempt to join the cluster at once. [[GH-9008](https://github.com/hashicorp/vault/pull/9008)] * sys: The path provided in `sys/internal/ui/mounts/:path` is now namespace-aware. This fixes an issue with `vault kv` subcommands that had namespaces provided in the path returning permission denied all the time. [[GH-8962](https://github.com/hashicorp/vault/pull/8962)] * ui: Fix snowman that appears when namespaces have more than one period [[GH-8910](https://github.com/hashicorp/vault/pull/8910)] ## 1.4.1 (April 30th, 2020) CHANGES: * auth/aws: The default set of metadata fields added in 1.4.1 has been changed to `account_id` and `auth_type` [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] * storage/raft: Disallow `ha_storage` to be specified if `raft` is set as the `storage` type. [[GH-8707](https://github.com/hashicorp/vault/pull/8707)] IMPROVEMENTS: * auth/aws: The set of metadata stored during login is now configurable [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] * auth/aws: Improve region selection to avoid errors seen if the account hasn't enabled some newer AWS regions [[GH-8679](https://github.com/hashicorp/vault/pull/8679)] * auth/azure: Enable login from Azure VMs with user-assigned identities [[GH-33](https://github.com/hashicorp/vault-plugin-auth-azure/pull/33)] * auth/gcp: The set of metadata stored during login is now configurable [[GH-92](https://github.com/hashicorp/vault-plugin-auth-gcp/pull/92)] * auth/gcp: The type of alias name used during login is now configurable [[GH-95](https://github.com/hashicorp/vault-plugin-auth-gcp/pull/95)] * auth/ldap: Improve error messages during LDAP operation failures [[GH-8740](https://github.com/hashicorp/vault/pull/8740)] * identity: Add a batch delete API for identity entities [[GH-8785]](https://github.com/hashicorp/vault/pull/8785) * identity: Improve performance of logins when no group updates are needed [[GH-8795]](https://github.com/hashicorp/vault/pull/8795) * metrics: Add `vault.identity.num_entities` metric [[GH-8816]](https://github.com/hashicorp/vault/pull/8816) * secrets/kv: Allow `delete-version-after` to be reset to 0 via the CLI [[GH-8635](https://github.com/hashicorp/vault/pull/8635)] * secrets/rabbitmq: Improve error handling and reporting [[GH-8619](https://github.com/hashicorp/vault/pull/8619)] * ui: Provide One Time Password during Operation Token generation process [[GH-8630]](https://github.com/hashicorp/vault/pull/8630) BUG FIXES: * auth/okta: Fix MFA regression (introduced in [GH-8143](https://github.com/hashicorp/vault/pull/8143)) from 1.4.0 [[GH-8807](https://github.com/hashicorp/vault/pull/8807)] * auth/userpass: Fix upgrade value for `token_bound_cidrs` being ignored due to incorrect key provided [[GH-8826](https://github.com/hashicorp/vault/pull/8826/files)] * config/seal: Fix segfault when seal block is removed [[GH-8517](https://github.com/hashicorp/vault/pull/8517)] * core: Fix an issue where users attempting to build Vault could receive Go module checksum errors [[GH-8770](https://github.com/hashicorp/vault/pull/8770)] * core: Fix blocked requests if a SIGHUP is issued during a long-running request has the state lock held. Also fixes deadlock that can happen if `vault debug` with the config target is ran during this time. [[GH-8755](https://github.com/hashicorp/vault/pull/8755)] * core: Always rewrite the .vault-token file as part of a `vault login` to ensure permissions and ownership are set correctly [[GH-8867](https://github.com/hashicorp/vault/pull/8867)] * database/mongodb: Fix context deadline error that may result due to retry attempts on failed commands [[GH-8863](https://github.com/hashicorp/vault/pull/8863)] * http: Fix superflous call messages from the http package on logs caused by missing returns after `respondError` calls [[GH-8796](https://github.com/hashicorp/vault/pull/8796)] * namespace (enterprise): Fix namespace listing to return `key_info` when a scoping namespace is also provided. * seal/gcpkms: Fix panic that could occur if all seal parameters were provided via environment variables [[GH-8840](https://github.com/hashicorp/vault/pull/8840)] * storage/raft: Fix memory allocation and incorrect metadata tracking issues with snapshots [[GH-8793](https://github.com/hashicorp/vault/pull/8793)] * storage/raft: Fix panic that could occur if `disable_clustering` was set to true on Raft storage cluster [[GH-8784](https://github.com/hashicorp/vault/pull/8784)] * storage/raft: Handle errors returned from the API during snapshot operations [[GH-8861](https://github.com/hashicorp/vault/pull/8861)] * sys/wrapping: Allow unwrapping of wrapping tokens which contain nil data [[GH-8714](https://github.com/hashicorp/vault/pull/8714)] ## 1.4.0 (April 7th, 2020) CHANGES: * cli: The raft configuration command has been renamed to list-peers to avoid confusion. FEATURES: * **Kerberos Authentication**: Vault now supports Kerberos authentication using a SPNEGO token. Login can be performed using the Vault CLI, API, or agent. * **Kubernetes Service Discovery**: A new Kubernetes service discovery feature where, if configured, Vault will tag Vault pods with their current health status. For more, see [#8249](https://github.com/hashicorp/vault/pull/8249). * **MongoDB Atlas Secrets**: Vault can now generate dynamic credentials for both MongoDB Atlas databases as well as the [Atlas programmatic interface] (https://docs.atlas.mongodb.com/tutorial/manage-programmatic-access/). * **OpenLDAP Secrets Engine**: We now support password management of existing OpenLDAP user entries. For more, see [#8360] (https://github.com/hashicorp/vault/pull/8360/). * **Redshift Database Secrets Engine**: The database secrets engine now supports static and dynamic secrets for the Amazon Web Services (AWS) Redshift service. * **Service Registration Config**: A newly introduced `service_registration` configuration stanza, that allows for service registration to be configured separately from the storage backend. For more, see [#7887] (https://github.com/hashicorp/vault/pull/7887/). * **Transform Secrets Engine (Enterprise)**: A new secrets engine that handles secure data transformation and tokenization against provided input value. * **Integrated Storage**: Promoted out of beta and into general availability for both open-source and enterprise workloads. IMPROVEMENTS: * agent: add option to force the use of the auth-auth token, and ignore the Vault token in the request [[GH-8101](https://github.com/hashicorp/vault/pull/8101)] * api: Restore and fix DNS SRV Lookup [[GH-8520](https://github.com/hashicorp/vault/pull/8520)] * audit: HMAC http_raw_body in audit log; this ensures that large authenticated Prometheus metrics responses get replaced with short HMAC values [[GH-8130](https://github.com/hashicorp/vault/pull/8130)] * audit: Generate-root, generate-recovery-token, and generate-dr-operation-token requests and responses are now audited. [[GH-8301](https://github.com/hashicorp/vault/pull/8301)] * auth/aws: Reduce the number of simultaneous STS client credentials needed [[GH-8161](https://github.com/hashicorp/vault/pull/8161)] * auth/azure: subscription ID, resource group, vm and vmss names are now stored in alias metadata [[GH-30](https://github.com/hashicorp/vault-plugin-auth-azure/pull/30)] * auth/jwt: Additional OIDC callback parameters available for CLI logins [[GH-80](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/80) & [GH-86](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/86)] * auth/jwt: Bound claims may be optionally configured using globs [[GH-89](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/89)] * auth/jwt: Timeout during OIDC CLI login if process doesn't complete within 2 minutes [[GH-97](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/97)] * auth/jwt: Add support for the `form_post` response mode [[GH-98](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/98)] * auth/jwt: add optional client_nonce to authorization flow [[GH-104](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/104)] * auth/okta: Upgrade okta sdk lib, which should improve handling of groups [[GH-8143](https://github.com/hashicorp/vault/pull/8143)] * aws: Add support for v2 of the instance metadata service (see [issue 7924](https://github.com/hashicorp/vault/issues/7924) for all linked PRs) * core: Separate out service discovery interface from storage interface to allow new types of service discovery not coupled to storage [[GH-7887](https://github.com/hashicorp/vault/pull/7887)] * core: Add support for telemetry option `metrics_prefix` [[GH-8340](https://github.com/hashicorp/vault/pull/8340)] * core: Entropy Augmentation can now be used with AWS KMS and Vault Transit seals * core: Allow tls_min_version to be set to TLS 1.3 [[GH-8305](https://github.com/hashicorp/vault/pull/8305)] * cli: Incorrect TLS configuration will now correctly fail [[GH-8025](https://github.com/hashicorp/vault/pull/8025)] * identity: Allow specifying a custom `client_id` for identity tokens [[GH-8165](https://github.com/hashicorp/vault/pull/8165)] * metrics/prometheus: improve performance with high volume of metrics updates [[GH-8507](https://github.com/hashicorp/vault/pull/8507)] * replication (enterprise): Fix race condition causing clusters with high throughput writes to sometimes fail to enter streaming-wal mode * replication (enterprise): Secondary clusters can now perform an extra gRPC call to all nodes in a primary cluster in an attempt to resolve the active node's address * replication (enterprise): The replication status API now outputs `last_performance_wal`, `last_dr_wal`, and `connection_state` values * replication (enterprise): DR secondary clusters can now be recovered by the `replication/dr/secondary/recover` API * replication (enterprise): We now allow for an alternate means to create a Disaster Recovery token, by using a batch token that is created with an ACL that allows for access to one or more of the DR endpoints. * secrets/database/mongodb: Switched internal MongoDB driver to mongo-driver [[GH-8140](https://github.com/hashicorp/vault/pull/8140)] * secrets/database/mongodb: Add support for x509 client authorization to MongoDB [[GH-8329](https://github.com/hashicorp/vault/pull/8329)] * secrets/database/oracle: Add support for static credential rotation [[GH-26](https://github.com/hashicorp/vault-plugin-database-oracle/pull/26)] * secrets/consul: Add support to specify TLS options per Consul backend [[GH-4800](https://github.com/hashicorp/vault/pull/4800)] * secrets/gcp: Allow specifying the TTL for a service key [[GH-54](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/54)] * secrets/gcp: Add support for rotating root keys [[GH-53](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/53)] * secrets/gcp: Handle version 3 policies for Resource Manager IAM requests [[GH-77](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/77) * secrets/nomad: Add support to specify TLS options per Nomad backend [[GH-8083](https://github.com/hashicorp/vault/pull/8083)] * secrets/ssh: Allowed users can now be templated with identity information [[GH-7548](https://github.com/hashicorp/vault/pull/7548)] * secrets/transit: Adding RSA3072 key support [[GH-8151](https://github.com/hashicorp/vault/pull/8151)] * storage/consul: Vault returns now a more descriptive error message when only a client cert or a client key has been provided [[GH-4930]](https://github.com/hashicorp/vault/pull/8084) * storage/raft: Nodes in the raft cluster can all be given possible leader addresses for them to continuously try and join one of them, thus automating the process of join to a greater extent [[GH-7856](https://github.com/hashicorp/vault/pull/7856)] * storage/raft: Fix a potential deadlock that could occur on leadership transition [[GH-8547](https://github.com/hashicorp/vault/pull/8547)] * storage/raft: Refresh TLS keyring on snapshot restore [[GH-8546](https://github.com/hashicorp/vault/pull/8546)] * storage/etcd: Bumped etcd client API SDK [[GH-7931](https://github.com/hashicorp/vault/pull/7931) & [GH-4961](https://github.com/hashicorp/vault/pull/4961) & [GH-4349](https://github.com/hashicorp/vault/pull/4349) & [GH-7582](https://github.com/hashicorp/vault/pull/7582)] * ui: Make Transit Key actions more prominent [[GH-8304](https://github.com/hashicorp/vault/pull/8304)] * ui: Add Core Usage Metrics [[GH-8347](https://github.com/hashicorp/vault/pull/8347)] * ui: Add refresh Namespace list on the Namespace dropdown, and redesign of Namespace dropdown menu [[GH-8442](https://github.com/hashicorp/vault/pull/8442)] * ui: Update transit actions to codeblocks & automatically encode plaintext unless indicated [[GH-8462](https://github.com/hashicorp/vault/pull/8462)] * ui: Display the results of transit key actions in a modal window [[GH-8462](https://github.com/hashicorp/vault/pull/8575)] * ui: Transit key version styling updates & ability to copy key from dropdown [[GH-8480](https://github.com/hashicorp/vault/pull/8480)] BUG FIXES: * agent: Fix issue where TLS options are ignored for agent template feature [[GH-7889](https://github.com/hashicorp/vault/pull/7889)] * auth/jwt: Use lower case role names for `default_role` to match the `role` case convention [[GH-100](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/100)] * auth/ldap: Fix a bug where the UPNDOMAIN parameter was wrongly used to lookup the group membership of the given user [[GH-6325]](https://github.com/hashicorp/vault/pull/8333) * cli: Support autocompletion for nested mounts [[GH-8303](https://github.com/hashicorp/vault/pull/8303)] * cli: Fix CLI namespace autocompletion [[GH-8315](https://github.com/hashicorp/vault/pull/8315)] * identity: Fix incorrect caching of identity token JWKS responses [[GH-8412](https://github.com/hashicorp/vault/pull/8412)] * metrics/stackdriver: Fix issue that prevents the stackdriver metrics library to create unnecessary stackdriver descriptors [[GH-8073](https://github.com/hashicorp/vault/pull/8073)] * replication: Fix issue causing cubbyholes in namespaces on performance secondaries to not work. * replication (enterprise): Unmounting a dynamic secrets backend could sometimes lead to replication errors. Change the order of operations to prevent that. * seal (enterprise): Fix seal migration when transactional seal wrap backend is in use. * secrets/database/influxdb: Fix potential panic if connection to the InfluxDB database cannot be established [[GH-8282](https://github.com/hashicorp/vault/pull/8282)] * secrets/database/mysql: Ensures default static credential rotation statements are used [[GH-8240](https://github.com/hashicorp/vault/pull/8240)] * secrets/database/mysql: Fix inconsistent query parameter names: {{name}} or {{username}} for different queries. Now it allows for either for backwards compatibility [[GH-8240](https://github.com/hashicorp/vault/pull/8240)] * secrets/database/postgres: Fix inconsistent query parameter names: {{name}} or {{username}} for different queries. Now it allows for either for backwards compatibility [[GH-8240](https://github.com/hashicorp/vault/pull/8240)] * secrets/pki: Support FQDNs in DNS Name [[GH-8288](https://github.com/hashicorp/vault/pull/8288)] * storage/raft: Allow seal migration to be performed on Vault clusters using raft storage [[GH-8103](https://github.com/hashicorp/vault/pull/8103)] * telemetry: Prometheus requests on standby nodes will now return an error instead of forwarding the request to the active node [[GH-8280](https://github.com/hashicorp/vault/pull/8280)] * ui: Fix broken popup menu on the transit secrets list page [[GH-8348](https://github.com/hashicorp/vault/pull/8348)] * ui: Update headless Chrome flag to fix `yarn run test:oss` [[GH-8035](https://github.com/hashicorp/vault/pull/8035)] * ui: Update CLI to accept empty strings as param value to reset previously-set values * ui: Fix bug where error states don't clear when moving between action tabs on Transit [[GH-8354](https://github.com/hashicorp/vault/pull/8354)] ## 1.3.6 (May 21st, 2020) SECURITY: * core: proxy environment variables are now redacted before being logged, in case the URLs include a username:password. This vulnerability, CVE-2020-13223, is fixed in 1.3.6 and 1.4.2, but affects 1.4 and 1.4.1, as well as older versions of Vault [[GH-9022](https://github.com/hashicorp/vault/pull/9022) BUG FIXES: * auth/aws: Fix token renewal issues caused by the metadata changes in 1.3.5 [[GH-8991](https://github.com/hashicorp/vault/pull/8991)] * replication: Fix mount filter bug that allowed replication filters to hide local mounts on a performance secondary ## 1.3.5 (April 28th, 2020) CHANGES: * auth/aws: The default set of metadata fields added in 1.3.2 has been changed to `account_id` and `auth_type` [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] IMPROVEMENTS: * auth/aws: The set of metadata stored during login is now configurable [[GH-8783](https://github.com/hashicorp/vault/pull/8783)] ## 1.3.4 (March 19th, 2020) SECURITY: * A vulnerability was identified in Vault and Vault Enterprise such that, under certain circumstances, an Entity's Group membership may inadvertently include Groups the Entity no longer has permissions to. This vulnerability, CVE-2020-10660, affects Vault and Vault Enterprise versions 0.9.0 and newer, and is fixed in 1.3.4. [[GH-8606](https://github.com/hashicorp/vault/pull/8606)] * A vulnerability was identified in Vault Enterprise such that, under certain circumstances, existing nested-path policies may give access to Namespaces created after-the-fact. This vulnerability, CVE-2020-10661, affects Vault Enterprise versions 0.11 and newer, and is fixed in 1.3.4. ## 1.3.3 (March 5th, 2020) BUG FIXES: * approle: Fix excessive locking during tidy, which could potentially block new approle logins for long enough to cause an outage [[GH-8418](https://github.com/hashicorp/vault/pull/8418)] * cli: Fix issue where Raft snapshots from standby nodes created an empty backup file [[GH-8097](https://github.com/hashicorp/vault/pull/8097)] * identity: Fix incorrect caching of identity token JWKS responses [[GH-8412](https://github.com/hashicorp/vault/pull/8412)] * kmip: role read now returns tls_client_ttl * kmip: fix panic when templateattr not provided in rekey request * secrets/database/influxdb: Fix potential panic if connection to the InfluxDB database cannot be established [[GH-8282](https://github.com/hashicorp/vault/pull/8282)] * storage/mysql: Fix potential crash when using MySQL as coordination for high availability [[GH-8300](https://github.com/hashicorp/vault/pull/8300)] * storage/raft: Fix potential crash when using Raft as coordination for high availability [[GH-8356](https://github.com/hashicorp/vault/pull/8356)] * ui: Fix missing License menu item [[GH-8230](https://github.com/hashicorp/vault/pull/8230)] * ui: Fix bug where default auth method on login is defaulted to auth method that is listing-visibility=unauth instead of "other" [[GH-8218](https://github.com/hashicorp/vault/pull/8218)] * ui: Fix bug where KMIP details were not shown in the UI Wizard [[GH-8255](https://github.com/hashicorp/vault/pull/8255)] * ui: Show Error messages on Auth Configuration page when you hit permission errors [[GH-8500](https://github.com/hashicorp/vault/pull/8500)] * ui: Remove duplicate form inputs for the GitHub config [[GH-8519](https://github.com/hashicorp/vault/pull/8519)] * ui: Correct HMAC capitalization [[GH-8528](https://github.com/hashicorp/vault/pull/8528)] * ui: Fix danger message in DR [[GH-8555](https://github.com/hashicorp/vault/pull/8555)] * ui: Fix certificate field for LDAP config [[GH-8573](https://github.com/hashicorp/vault/pull/8573)] ## 1.3.2 (January 22nd, 2020) SECURITY: * When deleting a namespace on Vault Enterprise, in certain circumstances, the deletion process will fail to revoke dynamic secrets for a mount in that namespace. This will leave any dynamic secrets in remote systems alive and will fail to clean them up. This vulnerability, CVE-2020-7220, affects Vault Enterprise 0.11.0 and newer. IMPROVEMENTS: * auth/aws: Add aws metadata to identity alias [[GH-7985](https://github.com/hashicorp/vault/pull/7985)] * auth/kubernetes: Allow both names and namespaces to be set to "*" [[GH-78](https://github.com/hashicorp/vault-plugin-auth-kubernetes/pull/78)] BUG FIXES: * auth/azure: Fix Azure compute client to use correct base URL [[GH-8072](https://github.com/hashicorp/vault/pull/8072)] * auth/ldap: Fix renewal of tokens without configured policies that are generated by an LDAP login [[GH-8072](https://github.com/hashicorp/vault/pull/8072)] * auth/okta: Fix renewal of tokens without configured policies that are generated by an Okta login [[GH-8072](https://github.com/hashicorp/vault/pull/8072)] * core: Fix seal migration error when attempting to migrate from auto unseal to shamir [[GH-8172](https://github.com/hashicorp/vault/pull/8172)] * core: Fix seal migration config issue when migrating from auto unseal to auto unseal [[GH-8172](https://github.com/hashicorp/vault/pull/8172)] * plugin: Fix issue where a plugin unwrap request potentially used an expired token [[GH-8058](https://github.com/hashicorp/vault/pull/8058)] * replication: Fix issue where a forwarded request from a performance/standby node could run into a timeout * secrets/database: Fix issue where a manual static role rotation could potentially panic [[GH-8098](https://github.com/hashicorp/vault/pull/8098)] * secrets/database: Fix issue where a manual root credential rotation request is not forwarded to the primary node [[GH-8125](https://github.com/hashicorp/vault/pull/8125)] * secrets/database: Fix issue where a manual static role rotation request is not forwarded to the primary node [[GH-8126](https://github.com/hashicorp/vault/pull/8126)] * secrets/database/mysql: Fix issue where special characters for a MySQL password were encoded [[GH-8040](https://github.com/hashicorp/vault/pull/8040)] * ui: Fix deleting namespaces [[GH-8132](https://github.com/hashicorp/vault/pull/8132)] * ui: Fix Error handler on kv-secret edit and kv-secret view pages [[GH-8133](https://github.com/hashicorp/vault/pull/8133)] * ui: Fix OIDC callback to check storage [[GH-7929](https://github.com/hashicorp/vault/pull/7929)]. * ui: Change `.box-radio` height to min-height to prevent overflow issues [[GH-8065](https://github.com/hashicorp/vault/pull/8065)] ## 1.3.1 (December 18th, 2019) IMPROVEMENTS: * agent: Add ability to set `exit-after-auth` via the CLI [[GH-7920](https://github.com/hashicorp/vault/pull/7920)] * auth/ldap: Add a `request_timeout` configuration option to prevent connection requests from hanging [[GH-7909](https://github.com/hashicorp/vault/pull/7909)] * auth/kubernetes: Add audience to tokenreview API request for Kube deployments where issuer is not Kube. [[GH-74](https://github.com/hashicorp/vault/pull/74)] * secrets/ad: Add a `request_timeout` configuration option to prevent connection requests from hanging [[GH-59](https://github.com/hashicorp/vault-plugin-secrets-ad/pull/59)] * storage/postgresql: Add support for setting `connection_url` from enviornment variable `VAULT_PG_CONNECTION_URL` [[GH-7937](https://github.com/hashicorp/vault/pull/7937)] * telemetry: Add `enable_hostname_label` option to telemetry stanza [[GH-7902](https://github.com/hashicorp/vault/pull/7902)] * telemetry: Add accept header check for prometheus mime type [[GH-7958](https://github.com/hashicorp/vault/pull/7958)] BUG FIXES: * agent: Fix issue where Agent exits before all templates are rendered when using and `exit_after_auth` [[GH-7899](https://github.com/hashicorp/vault/pull/7899)] * auth/aws: Fixes region-related issues when using a custom `sts_endpoint` by adding a `sts_region` parameter [[GH-7922](https://github.com/hashicorp/vault/pull/7922)] * auth/token: Fix panic when getting batch tokens on a performance standby from a role that does not exist [[GH-8027](https://github.com/hashicorp/vault/pull/8027)] * core: Improve warning message for lease TTLs [[GH-7901](https://github.com/hashicorp/vault/pull/7901)] * identity: Fix identity token panic during invalidation [[GH-8043](https://github.com/hashicorp/vault/pull/8043)] * plugin: Fix a panic that could occur if a mount/auth entry was unable to mount the plugin backend and a request that required the system view to be retrieved was made [[GH-7991](https://github.com/hashicorp/vault/pull/7991)] * replication: Add `generate-public-key` endpoint to list of allowed endpoints for existing DR secondaries * secrets/gcp: Fix panic if bindings aren't provided in roleset create/update. [[GH-56](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/56)] * secrets/pki: Prevent generating certificate on performance standby when storing [[GH-7904](https://github.com/hashicorp/vault/pull/7904)] * secrets/transit: Prevent restoring keys to new names that are sub paths [[GH-7998](https://github.com/hashicorp/vault/pull/7998)] * storage/s3: Fix a bug in configurable S3 paths that was preventing use of S3 as a source during `operator migrate` operations [[GH-7966](https://github.com/hashicorp/vault/pull/7966)] * ui: Ensure secrets with a period in their key can be viewed and copied [[GH-7926](https://github.com/hashicorp/vault/pull/7926)] * ui: Fix status menu after demotion [[GH-7997](https://github.com/hashicorp/vault/pull/7997)] * ui: Fix select dropdowns in Safari when running Mojave [[GH-8023](https://github.com/hashicorp/vault/pull/8023)] ## 1.3 (November 14th, 2019) CHANGES: * Secondary cluster activation: There has been a change to the way that activating performance and DR secondary clusters works when using public keys for encryption of the parameters rather than a wrapping token. This flow was experimental and never documented. It is now officially supported and documented but is not backwards compatible with older Vault releases. * Cluster cipher suites: On its cluster port, Vault will no longer advertise the full TLS 1.2 cipher suite list by default. Although this port is only used for Vault-to-Vault communication and would always pick a strong cipher, it could cause false flags on port scanners and other security utilities that assumed insecure ciphers were being used. The previous behavior can be achieved by setting the value of the (undocumented) `cluster_cipher_suites` config flag to `tls12`. * API/Agent Renewal behavior: The API now allows multiple options for how it deals with renewals. The legacy behavior in the Agent/API is for the renewer (now called the lifetime watcher) to exit on a renew error, leading to a reauthentication. The new default behavior is for the lifetime watcher to ignore 5XX errors and simply retry as scheduled, using the existing lease duration. It is also possible, within custom code, to disable renewals entirely, which allows the lifetime watcher to simply return when it believes it is time for your code to renew or reauthenticate. FEATURES: * **Vault Debug**: A new top-level subcommand, `debug`, is added that allows operators to retrieve debugging information related to a particular Vault node. Operators can use this simple workflow to capture triaging information, which can then be consumed programmatically or by support and engineering teams. It has the abilitity to probe for config, host, metrics, pprof, server status, and replication status. * **Recovery Mode**: Vault server can be brought up in recovery mode to resolve outages caused due to data store being in bad state. This is a privileged mode that allows `sys/raw` API calls to perform surgical corrections to the data tore. Bad storage state can be caused by bugs. However, this is usually observed when known (and fixed) bugs are hit by older versions of Vault. * **Entropy Augmentation (Enterprise)**: Vault now supports sourcing entropy from external source for critical security parameters. Currently an HSM that supports PKCS#11 is the only supported source. * **Active Directory Secret Check-In/Check-Out**: In the Active Directory secrets engine, users or applications can check out a service account for use, and its password will be rotated when it's checked back in. * **Vault Agent Template**: Vault Agent now supports rendering templates containing Vault secrets to disk, similar to Consul Template [[GH-7652](https://github.com/hashicorp/vault/pull/7652)] * **Transit Key Type Support**: Signing and verification is now supported with the P-384 (secp384r1) and P-521 (secp521r1) ECDSA curves [[GH-7551](https://github.com/hashicorp/vault/pull/7551)] and encryption and decryption is now supported via AES128-GCM96 [[GH-7555](https://github.com/hashicorp/vault/pull/7555)] * **SSRF Protection for Vault Agent**: Vault Agent has a configuration option to require a specific header before allowing requests [[GH-7627](https://github.com/hashicorp/vault/pull/7627)] * **AWS Auth Method Root Rotation**: The credential used by the AWS auth method can now be rotated, to ensure that only Vault knows the credentials it is using [[GH-7131](https://github.com/hashicorp/vault/pull/7131)] * **New UI Features**: The UI now supports managing users and groups for the Userpass, Cert, Okta, and Radius auth methods. * **Shamir with Stored Master Key**: The on disk format for Shamir seals has changed, allowing for a secondary cluster using Shamir downstream from a primary cluster using Auto Unseal. [[GH-7694](https://github.com/hashicorp/vault/pull/7694)] * **Stackdriver Metrics Sink**: Vault can now send metrics to [Stackdriver](https://cloud.google.com/stackdriver/). See the [configuration documentation](https://www.vaultproject.io/docs/config/index.html) for details. [[GH-6957](https://github.com/hashicorp/vault/pull/6957)] * **Filtered Paths Replication (Enterprise)**: Based on the predecessor Filtered Mount Replication, Filtered Paths Replication allows now filtering of namespaces in addition to mounts. * **Token Renewal via Accessor**: Tokens can now be renewed via the accessor value through the new `auth/token/renew-accessor` endpoint if the caller's token has permission to access that endpoint. * **Improved Integrated Storage (Beta)**: Improved raft write performance, added support for non-voter nodes, along with UI support for: using raft storage, joining a raft cluster, and downloading and restoring a snapshot. IMPROVEMENTS: * agent: Add ability to set the TLS SNI name used by Agent [[GH-7519](https://github.com/hashicorp/vault/pull/7519)] * agent & api: Change default renewer behavior to ignore 5XX errors [[GH-7733](https://github.com/hashicorp/vault/pull/7733)] * auth/jwt: The redirect callback host may now be specified for CLI logins [[GH-71](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/71)] * auth/jwt: Bound claims may now contain boolean values [[GH-73](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/73)] * auth/jwt: CLI logins can now open the browser when running in WSL [[GH-77](https://github.com/hashicorp/vault-plugin-auth-jwt/pull/77)] * core: Exit ScanView if context has been cancelled [[GH-7419](https://github.com/hashicorp/vault/pull/7419)] * core: re-encrypt barrier and recovery keys if the unseal key is updated [[GH-7493](https://github.com/hashicorp/vault/pull/7493)] * core: Don't advertise the full set of TLS 1.2 cipher suites on the cluster port, even though only strong ciphers were used [[GH-7487](https://github.com/hashicorp/vault/pull/7487)] * core (enterprise): Add background seal re-wrap * core/metrics: Add config parameter to allow unauthenticated sys/metrics access. [[GH-7550](https://github.com/hashicorp/vault/pull/7550)] * metrics: Upgrade DataDog library to improve performance [[GH-7794](https://github.com/hashicorp/vault/pull/7794)] * replication (enterprise): Write-Ahead-Log entries will not duplicate the data belonging to the encompassing physical entries of the transaction, thereby improving the performance and storage capacity. * replication (enterprise): Added more replication metrics * replication (enterprise): Reindex process now compares subpages for a more accurate indexing process. * replication (enterprise): Reindex API now accepts a new `skip_flush` parameter indicating all the changes should not be flushed while the tree is locked. * secrets/aws: The root config can now be read [[GH-7245](https://github.com/hashicorp/vault/pull/7245)] * secrets/database/cassandra: Add ability to skip verfication of connection [[GH-7614](https://github.com/hashicorp/vault/pull/7614)] * secrets/gcp: Fix panic during rollback if the roleset has been deleted [[GH-52](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/52)] * storage/azure: Add config parameter to Azure storage backend to allow specifying the ARM endpoint [[GH-7567](https://github.com/hashicorp/vault/pull/7567)] * storage/cassandra: Improve storage efficiency by eliminating unnecessary copies of value data [[GH-7199](https://github.com/hashicorp/vault/pull/7199)] * storage/raft: Improve raft write performance by utilizing FSM Batching [[GH-7527](https://github.com/hashicorp/vault/pull/7527)] * storage/raft: Add support for non-voter nodes [[GH-7634](https://github.com/hashicorp/vault/pull/7634)] * sys: Add a new `sys/host-info` endpoint for querying information about the host [[GH-7330](https://github.com/hashicorp/vault/pull/7330)] * sys: Add a new set of endpoints under `sys/pprof/` that allows profiling information to be extracted [[GH-7473](https://github.com/hashicorp/vault/pull/7473)] * sys: Add endpoint that counts the total number of active identity entities [[GH-7541](https://github.com/hashicorp/vault/pull/7541)] * sys: `sys/seal-status` now has a `storage_type` field denoting what type of storage the cluster is configured to use * sys: Add a new `sys/internal/counters/tokens` endpoint, that counts the total number of active service token accessors in the shared token storage. [[GH-7541](https://github.com/hashicorp/vault/pull/7541)] * sys/config: Add a new endpoint under `sys/config/state/sanitized` that returns the configuration state of the server. It excludes config values from `storage`, `ha_storage`, and `seal` stanzas and some values from `telemetry` due to potential sensitive entries in those fields. * ui: when using raft storage, you can now join a raft cluster, download a snapshot, and restore a snapshot from the UI [[GH-7410](https://github.com/hashicorp/vault/pull/7410)] * ui: clarify when secret version is deleted in the secret version history dropdown [[GH-7714](https://github.com/hashicorp/vault/pull/7714)] BUG FIXES: * agent: Fix a data race on the token value for inmemsink [[GH-7707](https://github.com/hashicorp/vault/pull/7707)] * api: Fix Go API using lease revocation via URL instead of body [[GH-7777](https://github.com/hashicorp/vault/pull/7777)] * api: Allow setting a function to control retry behavior [[GH-7331](https://github.com/hashicorp/vault/pull/7331)] * auth/gcp: Fix a bug where region information in instance groups names could cause an authorization attempt to fail [[GH-74](https://github.com/hashicorp/vault-plugin-auth-gcp/pull/74)] * cli: Fix a bug where a token of an unknown format (e.g. in ~/.vault-token) could cause confusing error messages during `vault login` [[GH-7508](https://github.com/hashicorp/vault/pull/7508)] * cli: Fix a bug where the `namespace list` command with JSON formatting always returned an empty object [[GH-7705](https://github.com/hashicorp/vault/pull/7705)] * cli: Command timeouts are now always specified solely by the `VAULT_CLIENT_TIMEOUT` value. [[GH-7469](https://github.com/hashicorp/vault/pull/7469)] * core: Don't allow registering a non-root zero TTL token lease. This is purely defense in depth as the lease would be revoked immediately anyways, but there's no real reason to allow registration. [[GH-7524](https://github.com/hashicorp/vault/pull/7524)] * identity (enterprise): Fixed identity case sensitive loading in secondary cluster [[GH-7327](https://github.com/hashicorp/vault/pull/7327)] * identity: Ensure only replication primary stores the identity case sensitivity state [[GH-7820](https://github.com/hashicorp/vault/pull/7820)] * raft: Fixed VAULT_CLUSTER_ADDR env being ignored at startup [[GH-7619](https://github.com/hashicorp/vault/pull/7619)] * secrets/pki: Don't allow duplicate SAN names in issued certs [[GH-7605](https://github.com/hashicorp/vault/pull/7605)] * sys/health: Pay attention to the values provided for `standbyok` and `perfstandbyok` rather than simply using their presence as a key to flip on that behavior [[GH-7323](https://github.com/hashicorp/vault/pull/7323)] * ui: using the `wrapped_token` query param will work with `redirect_to` and will automatically log in as intended [[GH-7398](https://github.com/hashicorp/vault/pull/7398)] * ui: fix an error when initializing from the UI using PGP keys [[GH-7542](https://github.com/hashicorp/vault/pull/7542)] * ui: show all active kv v2 secret versions even when `delete_version_after` is configured [[GH-7685](https://github.com/hashicorp/vault/pull/7685)] * ui: Ensure that items in the top navigation link to pages that users have access to [[GH-7590](https://github.com/hashicorp/vault/pull/7590)] ## 1.2.4 (November 7th, 2019) SECURITY: * In a non-root namespace, revocation of a token scoped to a non-root namespace did not trigger the expected revocation of dynamic secret leases associated with that token. As a result, dynamic secret leases in non-root namespaces may outlive the token that created them. This vulnerability, CVE-2019-18616, affects Vault Enterprise 0.11.0 and newer. * Disaster Recovery secondary clusters did not delete already-replicated data after a mount filter has been created on an upstream Performance secondary cluster. As a result, encrypted secrets may remain replicated on a Disaster Recovery secondary cluster after application of a mount filter excluding those secrets from replication. This vulnerability, CVE-2019-18617, affects Vault Enterprise 0.8 and newer. * Update version of Go to 1.12.12 to fix Go bug golang.org/issue/34960 which corresponds to CVE-2019-17596. CHANGES: * auth/aws: If a custom `sts_endpoint` is configured, Vault Agent and the CLI should provide the corresponding region via the `region` parameter (which already existed as a CLI parameter, and has now been added to Agent). The automatic region detection added to the CLI and Agent in 1.2 has been removed. IMPROVEMENTS: * cli: Ignore existing token during CLI login [[GH-7508](https://github.com/hashicorp/vault/pull/7508)] * core: Log proxy settings from environment on startup [[GH-7528](https://github.com/hashicorp/vault/pull/7528)] * core: Cache whether we've been initialized to reduce load on storage [[GH-7549](https://github.com/hashicorp/vault/pull/7549)] BUG FIXES: * agent: Fix handling of gzipped responses [[GH-7470](https://github.com/hashicorp/vault/pull/7470)] * cli: Fix panic when pgp keys list is empty [[GH-7546](https://github.com/hashicorp/vault/pull/7546)] * cli: Command timeouts are now always specified solely by the `VAULT_CLIENT_TIMEOUT` value. [[GH-7469](https://github.com/hashicorp/vault/pull/7469)] * core: add hook for initializing seals for migration [[GH-7666](https://github.com/hashicorp/vault/pull/7666)] * core (enterprise): Migrating from one auto unseal method to another never worked on enterprise, now it does. * identity: Add required field `response_types_supported` to identity token `.well-known/openid-configuration` response [[GH-7533](https://github.com/hashicorp/vault/pull/7533)] * identity: Fixed nil pointer panic when merging entities [[GH-7712](https://github.com/hashicorp/vault/pull/7712)] * replication (Enterprise): Fix issue causing performance standbys nodes disconnecting when under high loads. * secrets/azure: Fix panic that could occur if client retries timeout [[GH-7793](https://github.com/hashicorp/vault/pull/7793)] * secrets/database: Fix bug in combined DB secrets engine that can result in writes to static-roles endpoints timing out [[GH-7518](https://github.com/hashicorp/vault/pull/7518)] * secrets/pki: Improve tidy to continue when value is nil [[GH-7589](https://github.com/hashicorp/vault/pull/7589)] * ui (Enterprise): Allow kv v2 secrets that are gated by Control Groups to be viewed in the UI [[GH-7504](https://github.com/hashicorp/vault/pull/7504)]

Changes: Vim-style expandtab option (#75, #76, #80) Provides Turkish translation (#68) Backspace now deletes \ rather than being escaped (#25) T during motion commands is now VI-compatible (#35) Encoding related fixes, such as UTF-8 detection (#61, #42, #65) Fixed a number of memory management issues (#56)

# 2.1.1 This version has no user visible changes. # 2.1.0 * `unzip_process()` now does not fail randomly on Windows (#60). * Now all functions handle Unicode paths correctly, on Windows as well (#42, #53). * `unzip_process()` now works when R library is on different drive than `exdir` on Windows (#45) * zip functions now have a `mode` argument to choose how files and directories are assembled into the archive. See the docs for details. * zip functions now have a `root` argument, zip changes the working directory to this before creating the archive, so all files are relative to `root`. * `zip()` and `zip_append()` are not deprecated any more, as it was hard to achieve the same functionality with the other zip functions.

@rcanavan

Update php-http3 to 3.2.1. pkgsrc change: * Update supported PHP versions. * Add a few dependency. 3.2.1, 2019-06-07 * Fixed gh-issue #88: Unable to run test suite (Remi Collet) * Fixed gh-issue #86: test failure with curl 7.64 * Fixed gh-issue #85: [-Wformat-extra-args] build warnings * Fixed gh-issue #84: segfault and build failure since curl 7.62 * Fixed gh-issue #82: Test harness improvements (Chris Wright) * Fixed gh-issue #64: compress and connecttimeout interfere with low_speed_limit (@rcanavan) * Fixed http\QueryString::getGlobalInstance() * Fixed missing 2nd reflection argument info of http\Client::notify() * Fixed PHP-7.4 compatibility 3.2.0, 2018-07-19 * PHP-7.2 compatibility * Fixed gh-issue #73: build fails with libidn and libidn2 * Added brotli compression support * Implemented gh-issue #58: Notify observers before any request is built 3.2.0RC1, 2018-04-09 * PHP-7.2 compatibility * Fixed gh-issue #73: build fails with libidn and libidn2 * Added brotli compression support * Implemented gh-issue #58: Notify observers before any request is built 3.1.0, 2016-12-12 * Added http\Client\Curl\User interface for userland event loops * Added http\Url::IGNORE_ERRORS, http\Url::SILENT_ERRORS and http\Url::STDFLAGS * Added http\Client::setDebug(callable $debug) * Added http\Client\Curl\FEATURES constants and namespace * Added http\Client\Curl\VERSIONS constants and namespace * Added share_cookies and share_ssl (libcurl >= 7.23.0) options to http\Client::configure() * http\Client uses curl_share handles to properly share cookies and SSL/TLS sessions between requests * Improved configure checks for default CA bundles * Improved negotiation precision * Fixed regression introduced by http\Params::PARSE_RFC5987: negotiation using the params parser would receive param keys without the trailing asterisk, stripped by http\Params::PARSE_RFC5987. * Fix gh-issue #50: http\Client::dequeue() within http\Client::setDebug() causes segfault (Mike, Maik Wagner) * Fix gh-issue #47: http\Url: Null pointer deref in sanitize_value() (Mike, @rc0r) * Fix gh-issue #45: HTTP/2 response message parsing broken with libcurl >= 7.49.1 (Mike) * Fix gh-issue #43: Joining query with empty original variable in query (Mike, Sander Backus) * Fix gh-issue #42: fatal error when using punycode in URLs (Mike, Sebastian Thielen) * Fix gh-issue #41: Use curl_version_info_data.features when initializing options (Mike) * Fix gh-issue #40: determinde the SSL backend used by curl at runtime (Mike, @rcanavan) * Fix gh-issue #39: Notice: http\Client::enqueue(): Could not set option proxy_service_name (Mike, @rcanavan) * Fix gh-issue #38: Persistent curl handles: error code not properly reset (Mike, @afflerbach) * Fix gh-issue #36: Unexpected cookies sent if persistent_handle_id is used (Mike, @rcanavan, @afflerbach) * Fix gh-issue #34: allow setting multiple headers with the same name (Mike, @rcanavan) * Fix gh-issue #33: allow setting prodyhost request option to NULL (Mike, @rcanavan) * Fix gh-issue #31: add/improve configure checks for default CA bundle/path (Mike, @rcanavan)

@dmurdoch

# backports 1.2.1 * Adapted `get0()` to work with R-devel / R-4.1.0 for first argument having length greater than 1. # backports 1.2.0 * Switched to semantic versioning. * Added backport for `asplit()` for R versions prior to 3.6.0 (#47). * Added backport for `removeSource()` which also supports language objects for R versions prior to 3.6.0 (#50). * Added backport for `isNamespaceLoaded` for R versions prior to 3.2.0 (#49). # backports 1.1.10 * Added `suppressMessages()` and `suppressWarnings()` with support for argument `classes` for R versions prior to 4.0.0 # backports 1.1.9 * Added backports for `str2lang()` and `str2expression()` (#42) Thanks to @dmurdoch. * `import()` imported too many functions and has been fixed. # backports 1.1.8 * Added backport for `tools::vignetteInfo()` for R versions prior to 3.6.0 * Fixed import of `list2DF()` and `deparse1()` # backports 1.1.7 * Added backport for `deparse1()` for R versions prior to 4.0.0. * Added backport for `list2DF()` for R versions prior to 4.0.0. # backports 1.1.6 * Added backport for `R_user_dir()` for R versions prior to 4.0.0. * Added `dQuote()` and `sQuote()` with support for argument `q` for R versions prior to 3.6.0. # backports 1.1.5 * Changed license from GPL-2 to GPL-2 or GPL-3. * Added backport for `isTRUE()` implementing the new behaviour introduced in R 3.5.0.

Change to the OpenPrinting fork of apple/cups, e.g., that fork already contains - dnssd patch patch-config-scripts_cups-dnssd.m4 - freebsd patch patch-cups_getifaddrs-internal.h - libtool patch patch-af apple/cups#4947 was fixed in both. Changes in CUPS v2.3.3op1 ------------------------- - The automated test suite can now be activated using `make test` for consistency with other projects and CI environments - the old `make check` continues to work as well, and the previous test server behavior can be accessed by running `make testserver`. - ippeveprinter now supports multiple icons and strings files. - ippeveprinter now uses the system's FQDN with Avahi. - ippeveprinter now supports Get-Printer-Attributes on "/". - ippeveprinter now uses a deterministic "printer-uuid" value. - ippeveprinter now uses system sounds on macOS for Identify-Printer. - Updated ippfind to look for files in "~/Desktop" on Windows. - Updated ippfind to honor `SKIP-XXX` directives with `PAUSE`. - Updated IPP Everywhere support to work around printers that only advertise color raster support but really also support grayscale (Issue #1) - ipptool now supports DNS-SD URIs like `ipps://My%20Printer._ipps._tcp.local` (Issue #5) - The scheduler now allows root backends to have world read permissions but not world execute permissions (Issue #21) - Failures to bind IPv6 listener sockets no longer cause errors if IPv6 is disabled on the host (Issue #25) - The SNMP backend now supports the HP and Ricoh vendor MIBs (Issue #28) - The scheduler no longer includes a timestamp in files it writes (Issue #29) - The systemd service names are now "cups.service" and "cups-lpd.service" (Issue #30, Issue #31) - The scheduler no longer adds the local hostname to the ServerAlias list (Issue #32) - Added `LogFileGroup` directive in "cups-files.conf" to control the group owner of log files (Issue #34) - Added `--with-max-log-size` configure option (Issue #35) - Added `--enable-sync-on-close` configure option (Issue #37) - Added `--with-error-policy` configure option (Issue #38) - IPP Everywhere PPDs could have an "unknown" default InputSlot (Issue #44) - The `httpAddrListen` function now uses a listen backlog of 128. - Added USB quirks (Apple issue #5789, #5823, #5831) - Fixed IPP Everywhere v1.1 conformance issues in ippeveprinter. - Fixed DNS-SD name collision support in ippeveprinter. - Fixed compiler and code analyzer warnings. - Fixed TLS support on Windows. - Fixed ippfind sub-type searches with Avahi. - Fixed the default hostname used by ippeveprinter on macOS. - Fixed resolution of local IPP-USB printers with Avahi. - Fixed coverity issues (Issue #2) - Fixed `httpAddrConnect` issues (Issue #3) - Fixed web interface device URI issue (Issue #4) - Fixed lp/lpr "printer/class not found" error reporting (Issue #6) - Fixed xinetd support for LPD clients (Issue #7) - Fixed libtool build issue (Issue #11) - Fixed a memory leak in the scheduler (Issue #12) - Fixed a potential integer overflow in the PPD hashing code (Issue #13) - Fixed output-bin and print-quality handling issues (Issue #18) - Fixed PPD options getting mapped to odd IPP values like "tray---4" (Issue #23) - Fixed remote access to the cupsd.conf and log files (Issue #24) - Fixed the automated test suite when running in certain build/CI environments (Issue #25) - Fixed a logging regression caused by a previous change for Apple issue #5604 (Issue #25) - Fixed fax phone number handling with GNOME (Issue #40) - Fixed potential rounding error in rastertopwg filter (Issue #41) - Fixed the "uri-security-supported" value from the scheduler (Issue #42) - Fixed IPP backend crash bug with "printer-alert" values (Issue #43) - Removed old Solaris inetconv(1m) reference in cups-lpd man page (Issue #46) - Fixed default options that incorrectly use the "custom" prefix (Issue #48) - Fixed a memory leak when resolving DNS-SD URIs (Issue #49) - Fixed systemd status reporting by adopting the notify interface (Issue #51) - Fixed crash in rastertopwg (Apple issue #5773) - Fixed cupsManualCopies values in IPP Everywhere PPDs (Apple issue #5807)

Change log: 0.5.3 ====== - Appearance Changes: - Use old style menu alignment (#97, !77) - Bug Fixes: - Add a keybinding to reset font size - Fix inverted return value of scroll event handler - Various small improvements regarding accels - Block the right signal handler for tooltip updates - A clarification about action groups - Translation Updates: Basque, French, Galician, Portuguese (Brazil), Russian, Slovenian, Swedish 0.5.2 ====== - New Features: - Add a "Viewer Mode" toggle (#50, !72) - Improve `--quit` option: close all windows interactively (!71) - Improve encoding management (#42, !69) - Display the current encoding in the status bar - Make the default encoding configurable via GSettings - Allow to choose encoding in the "Open" and "Save As" dialogs (#42) - Add a command line option to choose encoding - Add a "Delete Line" action (#13, !66) - Make automatic addition of the last EOL character configurable (#53, !65) - Switch to GFile for I/O operations (#4, #27, #75, !64) - Add file monitoring (#75) - Add a setting to create a tilde-backup file when saving (#27) - Make saving atomic (#4) - Appearance Changes: - Filter files on mime type in the "Open" and "Save As" dialogs (#2, #35, !67) - Code Refactoring: - Improve encoding management (#42, !69) - Make encoding dialog more generic and self-contained - Encodings definition review - Clarify encoding management when opening files - Improve unicode BOM management - Switch to GFile for I/O operations (#4, #27, #75, !64) - Set the save action sensitivity more precisely - Let GFile APIs check for file existence when reading - Let GFile APIs check for external modifications when saving - Basic switch to GFile for I/O operations - Bug Fixes: - Make "replace" and "replace all" behaviors consistent (#94) - Ensure that the page setup is properly applied when printing (#90) - Avoid character escape issues in menu item action names (#91) - Properly initialize document search properties - Avoid illegal memory access when searching with tab changes (!73) - Revert to "Wrap Around" always true for the search bar (#83) - Prevent too late accesses to the buffer in selection mode - Direct call to keybinding signals for "Delete" and "Select All" (#83) - Improve editing keybindings consistency (#83) - Translation Updates: Albanian, Arabic, Armenian (Armenia), Basque, Belarusian, Bulgarian, Catalan, Chinese (China), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, Eastern Armenian, English (Australia), English (United Kingdom), Estonian, Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål, Occitan (post 1500), Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian, Uyghur

Changes: -added cursor navigation in SearchView's text box (#42) -fixed minor bugs -added performance optimizations in Cargo.toml's release profile -added Github CI actions -added docker image of the latest main branch build

@Bisaloo

2.2 - WORDLIST is now sorted with a locale-independent method, which avoids large diffs in version control due to the fact that developpers use different locale, with different lexicographic ordering rules (#48, @Bisaloo) - spell_check_package() now loads Rd macros (#42)

net/transmission-gtk: security update net/transmission-qt: security update net/transmission: security update Revisions pulled up: - net/transmission-gtk/Makefile 1.46 - net/transmission-gtk/PLIST 1.2 - net/transmission-qt/Makefile 1.54 - net/transmission/Makefile 1.27 - net/transmission/Makefile.common 1.10 - net/transmission/PLIST 1.4 - net/transmission/distinfo 1.16 - net/transmission/patches/patch-qt_qtr.pro 1.7 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: wiz Date: Mon Jul 13 13:01:02 UTC 2020 Modified Files: pkgsrc/net/transmission: Makefile Makefile.common PLIST distinfo pkgsrc/net/transmission-gtk: Makefile PLIST pkgsrc/net/transmission-qt: Makefile pkgsrc/net/transmission/patches: patch-qt_qtr.pro Log Message: transmission*: update to 3.00 ### All Platforms - Allow the RPC server to listen on an IPv6 address ([#161](transmission/transmission#161)) - Change `TR_CURL_SSL_VERIFY` to `TR_CURL_SSL_NO_VERIFY` and enable verification by default ([#334](transmission/transmission#334)) - Go back to using hash as base name for resume and torrent files (those stored in configuration directory) ([#122](transmission/transmission#122)) - Handle "fields" argument in "session-get" RPC request; if "fields" array is present in arguments, only return session fields specified; otherwise return all the fields as before - Limit the number of incorrect authentication attempts in embedded web server to 100 to prevent brute-force attacks ([#371](transmission/transmission#371)) - Set idle seed limit range to 1..40320 (4 weeks tops) in all clients ([#212](transmission/transmission#212)) - Add Peer ID for Xfplay, PicoTorrent, Free Download Manager, Folx, Baidu Netdisk torrent clients ([#256](transmission/transmission#256), [#285](transmission/transmission#285), [#355](transmission/transmission#355), [#363](transmission/transmission#363), [#386](transmission/transmission#386)) - Announce `INT64_MAX` as size left if the value is unknown (helps with e.g. Amazon S3 trackers) ([#250](transmission/transmission#250)) - Add `TCP_FASTOPEN` support (should result in slight speedup) ([#184](transmission/transmission#184)) - Improve ToS handling on IPv6 connections ([#128](transmission/transmission#128), [#341](transmission/transmission#341), [#360](transmission/transmission#360), [#692](transmission/transmission#692), [#737](transmission/transmission#737)) - Abort handshake if establishing DH shared secret fails (leads to crash) ([#27](transmission/transmission#27)) - Don't switch trackers while announcing (leads to crash) ([#297](transmission/transmission#297)) - Improve completion scripts execution and error handling; add support for .cmd and .bat files on Windows ([#405](transmission/transmission#405)) - Maintain a "session ID" file (in temporary directory) to better detect whether session is local or remote; return the ID as part of "session-get" response (TRAC-5348, [#861](transmission/transmission#861)) - Change torrent location even if no data move is needed ([#35](transmission/transmission#35)) - Support CIDR-notated blocklists ([#230](transmission/transmission#230), [#741](transmission/transmission#741)) - Update the resume file before running scripts ([#825](transmission/transmission#825)) - Make multiscrape limits adaptive ([#837](transmission/transmission#837)) - Add labels support to libtransmission and transmission-remote ([#822](transmission/transmission#822)) - Parse `session-id` header case-insensitively ([#765](transmission/transmission#765)) - Sanitize suspicious path components instead of rejecting them ([#62](transmission/transmission#62), [#294](transmission/transmission#294)) - Load CA certs from system store on Windows / OpenSSL ([#446](transmission/transmission#446)) - Add support for mbedtls (formely polarssl) and wolfssl (formely cyassl), LibreSSL ([#115](transmission/transmission#115), [#116](transmission/transmission#116), [#284](transmission/transmission#284), [#486](transmission/transmission#486), [#524](transmission/transmission#524), [#570](transmission/transmission#570)) - Fix building against OpenSSL 1.1.0+ ([#24](transmission/transmission#24)) - Fix quota support for uClibc-ng 1.0.18+ and DragonFly BSD ([#42](transmission/transmission#42), [#58](transmission/transmission#58), [#312](transmission/transmission#312)) - Fix a number of memory leaks (magnet loading, session shutdown, bencoded data parsing) ([#56](transmission/transmission#56)) - Bump miniupnpc version to 2.0.20170509 ([#347](transmission/transmission#347)) - CMake-related improvements (Ninja generator, libappindicator, systemd, Solaris and macOS) ([#72](transmission/transmission#72), [#96](transmission/transmission#96), [#117](transmission/transmission#117), [#118](transmission/transmission#118), [#133](transmission/transmission#133), [#191](transmission/transmission#191)) - Switch to submodules to manage (most of) third-party dependencies - Fail installation on Windows if UCRT is not installed ### Mac Client - Bump minimum macOS version to 10.10 - Dark Mode support ([#644](transmission/transmission#644), [#722](transmission/transmission#722), [#757](transmission/transmission#757), [#779](transmission/transmission#779), [#788](transmission/transmission#788)) - Remove Growl support, notification center is always used ([#387](transmission/transmission#387)) - Fix autoupdate on High Sierra and up by bumping the Sparkle version ([#121](transmission/transmission#121), [#600](transmission/transmission#600)) - Transition to ARC ([#336](transmission/transmission#336)) - Use proper UTF-8 encoding (with macOS-specific normalization) when setting download/incomplete directory and completion script paths ([#11](transmission/transmission#11)) - Fix uncaught exception when dragging multiple items between groups ([#51](transmission/transmission#51)) - Add flat variants of status icons for message log ([#134](transmission/transmission#134)) - Optimize image resources size ([#304](transmission/transmission#304), [#429](transmission/transmission#429)) - Update file icon when file name changes ([#37](transmission/transmission#37)) - Update translations ### GTK+ Client - Add queue up/down hotkeys ([#158](transmission/transmission#158)) - Modernize the .desktop file ([#162](transmission/transmission#162)) - Add AppData file ([#224](transmission/transmission#224)) - Add symbolic icon variant for the Gnome top bar and when the high contrast theme is in use ([#414](transmission/transmission#414), [#449](transmission/transmission#449)) - Update file icon when its name changes ([#37](transmission/transmission#37)) - Switch from intltool to gettext for translations ([#584](transmission/transmission#584), [#647](transmission/transmission#647)) - Update translations, add new translations for Portuguese (Portugal) ### Qt Client - Bump minimum Qt version to 5.2 - Fix dropping .torrent files into main window on Windows ([#269](transmission/transmission#269)) - Fix prepending of drive letter to various user-selected paths on Windows ([#236](transmission/transmission#236), [#307](transmission/transmission#307), [#404](transmission/transmission#404), [#437](transmission/transmission#437), [#699](transmission/transmission#699), [#723](transmission/transmission#723), [#877](transmission/transmission#877)) - Fix sorting by progress in presence of magnet transfers ([#234](transmission/transmission#234)) - Fix .torrent file trashing upon addition ([#262](transmission/transmission#262)) - Add queue up/down hotkeys ([#158](transmission/transmission#158)) - Reduce torrent properties (file tree) memory usage - Display tooltips in torrent properties (file tree) in case the names don't fit ([#411](transmission/transmission#411)) - Improve UI look on hi-dpi displays (YMMV) - Use session ID (if available) to check if session is local or not ([#861](transmission/transmission#861)) - Use default (instead of system) locale to be more flexible ([#130](transmission/transmission#130)) - Modernize the .desktop file ([#162](transmission/transmission#162)) - Update translations, add new translations for Afrikaans, Catalan, Danish, Greek, Norwegian Bokmål, Slovenian ### Daemon - Use libsystemd instead of libsystemd-daemon (TRAC-5921) - Harden transmission-daemon.service by disallowing privileges elevation ([#795](transmission/transmission#795)) - Fix exit code to be zero when dumping settings ([#487](transmission/transmission#487)) ### Web Client - Fix tracker error XSS in inspector (CVE-?) - Fix performance issues due to improper use of `setInterval()` for UI refresh (TRAC-6031) - Fix recognition of `https://` links in comments field ([#41](transmission/transmission#41), [#180](transmission/transmission#180)) - Fix torrent list style in Google Chrome 59+ ([#384](transmission/transmission#384)) - Show ETA in compact view on non-mobile devices ([#146](transmission/transmission#146)) - Show upload file button on mobile devices ([#320](transmission/transmission#320), [#431](transmission/transmission#431), [#956](transmission/transmission#956)) - Add keyboard hotkeys for web interface ([#351](transmission/transmission#351)) - Disable autocompletion in torrent URL field ([#367](transmission/transmission#367)) ### Utils - Prevent crash in transmission-show displaying torrents with invalid creation date ([#609](transmission/transmission#609)) - Handle IPv6 RPC addresses in transmission-remote ([#247](transmission/transmission#247)) - Add `--unsorted` option to transmission-show ([#767](transmission/transmission#767)) - Widen the torrent-id column in transmission-remote for cleaner formatting ([#840](transmission/transmission#840)) To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 pkgsrc/net/transmission/Makefile cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/transmission/Makefile.common cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/transmission/PLIST cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/transmission/distinfo cvs rdiff -u -r1.45 -r1.46 pkgsrc/net/transmission-gtk/Makefile cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/transmission-gtk/PLIST cvs rdiff -u -r1.52 -r1.53 pkgsrc/net/transmission-qt/Makefile cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/transmission/patches/patch-qt_qtr.pro ------------------------------------------------------------------- Module Name: pkgsrc Committed By: wiz Date: Sat Jul 25 20:20:05 UTC 2020 Modified Files: pkgsrc/net/transmission-qt: Makefile Log Message: transmission-qt: needs gcc 7.x (for <optional>) Reported and tested by spz. To generate a diff of this commit: cvs rdiff -u -r1.53 -r1.54 pkgsrc/net/transmission-qt/Makefile

v1.2 / 2020-02-02 * makefile: merge compiling and linking * ioping: add -r, -rate-limit * ioping: reformat usage * Merge pull request #42 from kohju/patch-Solaris * Support for Solaris. * ioping: option -J|-json for printing JSON * ioping: add option -a|-warmup <count> * ioping: add long options * ioping: print filesystem size for file or directory target * Merge pull request #39 from justinpitts/patch-1 * Fix grammar mistake.

Change log: 2.7.0 ===== - Add showing categories as icons on top or bottom. (Issue #62) - Add hiding username. (Issue #36) - Add rounded profile picture. - Add optional AccountsService support. - Add catfish search action. - Add CSS classes for theming. - Improve search result relevance. - Make stripping release builds optional. - Rearrange settings dialog. - Remove sliding out search results. - Remove useless grab check. - Rename icon to follow reverse DNS scheme. - Replace size grip with resizing from edges. - Replace slots with lambdas. - Use original menu layout. - Use dm-tool for switching users. - Translation updates: Basque, Bulgarian, Chinese (Taiwan), Danish, Dutch, French, Greek, Lithuanian, Portuguese, Portuguese (Brazil), Slovak, Spanish, Swedish, Turkish, Ukrainian. 2.6.2 ===== - Fix background shifting when showing menu. (Issue #41) - Fix menu not toggling after pressing escape. (Issue #65) - Properly prevent interactive search in treeview. 2.6.1 ===== - Fix menu not toggling. (Issue #61) - Fix small icon in multi-row panels. (Issue #37) - Fix missing minimize and maximize buttons in settings dialog. - Replace deprecated code for grab check. - Translation updates: Greek, Slovak, Spanish. 2.6.0 ===== - Fix unable to resize with metacity. (Issue #56) - Fix invalid desktop files when hiding applications. (Issue #53) - Fix not showing focused launcher when searching. (Issue #45) - Add option to disable sorting categories. (Issue #42) - Translation updates: Arabic, Basque, Bulgarian, Catalan, Chinese (China), Chinese (Taiwan), Czech, Danish, Dutch, Esperanto, Finnish, French, Galician, Georgian, German, Hungarian, Interlingue, Italian, Lithuanian, Polish, Portuguese, Portuguese (Brazil), Russian, Spanish, Swedish, Thai, Turkish, Ukrainian.

Change log: 4.16.2 ====== - Properly initialize GdkRectangle to prevent crash (Issue #57) 4.16.1 ====== - Revamp the documentation to modernize and uniformize accross components - Fix keyboard navigation when only one item is present (#53) 4.16.0 ====== - Focus must not be required in single click mode (Issue #190) - Remove GLIB_CHECK_VERSION IFDEFs which are obsolete after glib bump - Adjust padding only for vertical item orientation (Issue #48) - bump glib (and gio, gthread, etc) to 2.50.0 - Fix GCC warning (false negative) - Translation Updates: Basque, Estonian, Norwegian Bokmål, Portuguese (Brazil), Russian, Slovenian, Turkish, Vietnamese 4.15.3 ====== - Re-grab tree selection to prevent rare crash (Issue #46) - Remove unneeded RTL adjustment (Issue #45) - exo-open: Wrap long URI in error dialog (Issue #26) - Avoid truncated text in small zoom levels (#42) - Make ExoIconView reduce selection on a single click (issue #39) - Partially restore 6fcefce9 (Issue #18) - Adds new, foreign README.md - Add check for valid GtkTreeSelection (issue #40) - Reset cursor on drag end in single-click mode - exo-open: Change priority of command line parameters (Fixes #20) - Prevent label from overlapping icon in RTL (Fixes #36) - Prevent "selection_changed" bursts (#37) - Small change to documentation for exo_strdup_strftime - desktop-item-edit: Fix fallback for desktop file type detection - desktop-item-edit: Improve detection of invalid icon names (Fixes #33) - AC_CONFIG_MACRO_DIR → AC_CONFIG_MACRO_DIRS (Closes !9) - Translation Updates: Albanian, Amharic, Arabic, Armenian, Armenian (Armenia), Asturian, Basque, Belarusian, Bengali, Bulgarian, Catalan, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, Eastern Armenian, English (Australia), English (United Kingdom), Estonian, Finnish, French, Galician, Greek, Hebrew, Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese, Kannada, Latvian, Malay, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500), Panjabi (Punjabi), Persian (Iran), Polish, Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Telugu, Thai, Turkish, Ukrainian, Urdu, Urdu (Pakistan), Uyghur, Vietnamese, 4.15.2 ====== - icon-chooser-dialog: Allow removing selected icon (Fixes #2) - desktop-item-edit: Fix sensitivity of save button (Fixes #28) - Rework exo_icon_view_scroll_event for overshoot effect (Fixes #25) - Allow resizing the xfce4-settings window smaller (Fixes #19) - Drop exo-csource from exo - Fix build on OpenBSD (!2) - Fix race condition in make install (Fixes #29) - Remove unused perl module requirement - Replace bugzilla occurences with gitlab (Fixes #30) - Translation Updates: Albanian, Chinese (China), Chinese (Hong Kong), Danish, Eastern Armenian, French, German, Hebrew, Japanese, Kazakh, Korean, Lithuanian, Portuguese, Portuguese (Brazil), Russian, Swedish, Turkish 4.15.1 ====== This release transitions several exo components to xfce-settings. Please use with xfce-settings 4.15.1 or later for best results. - Removed binaries: exo-compose-mail, exo-helper-2 - Removed from API: ExoCellRendererEllipsizedText, ExoIconBar, ExoToolbarsEditor, ExoToolbarsEditorDialog, ExoToolbarsModel, ExoToolbarsView, ExoWrapTable, ExoXsessionClient, exo_atomic_inc, exo_atomic_dec Other Updates: - state variable is a GtkStateFlags - Fix previous commit - desktop-item-edit: Fix sensitivity of save button (Bug #16813) - Add basic GitLab pipeline - Attach popup window to toplevel parent (Bug #16768) - Rename Thunar.desktop to thunar.desktop (Bug #16197) - Extend selection on shift+drag (Bug #7526) - Do not cancel selection on shift+drag - Rename Thunar.desktop to thunar.desktop (Bug #16197) - Fix type declaration (Bug #16678) - desktop-item-edit: Use new XfceTitledDialog API - Fix GTimeVal deprecation - Replace deprecated G_INLINE_FUNC macro - Replace deprecated macro - Wrong keyboard navigation after using rubberband in exo-icon-view (Bug #16286) - Cursor position in icon view not visible/highlighted when using ctrl + arrows (Bug #12227) - Make sure default applications are properly set in mimeapps.list - Translation Updates: Albanian, Amharic, Arabic, Asturian, Basque, Belarusian, Bengali, Catalan, Chinese (Hong Kong), Chinese (Taiwan), Danish, Dutch, Estonian, Greek, Hungarian, Icelandic, Interlingue, Italian, Kannada, Latvian, Lithuanian, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500), Panjabi (Punjabi), Persian (Iran), Portuguese, Romanian, Russian, Slovak, Spanish, Telugu, Turkish, Uighur, Urdu, Urdu (Pakistan), Vietnamese

1.10.2 (2021-10-24) * Restored compatibility with GHC 7.10 (and possibly even older) (#80) 1.10.1 (2021-08-15) * Fixed possible high CPU usage of some blocking calls with the threaded RTS (#78) 1.10 (2021-05-31) * Added setClientMessageEvent' (#71) * Fixed type of xrrUpdateConfiguration (#72) * Fixed bottom when deserializing XRRNotifyEvent in getEvent (#72) * Added xrrGetMonitors and XRRMonitorInfo (#42) * Added setClassHint (#76) * Added a few missing event mask fields to WindowAttributes (#77)

Bug Fixes - Only drop previous releases if skipped (#44) - Run clippy from nightly toolchain - Update tests about optional config values - Set the previous release when using `--unreleased` (#47) - Lower the priority of global configuration file (#51) - Update the download link of latest grcov release - Use the correct tar command for extracting grcov archive - Update grcov download command - Update custom error tests Documentation - Update template contexts about link_parsers - Add minimal example - Update copyright years Features - Add `link_parsers` for parsing/extracting links (#42) - Make the `git` section optional (#45) - Make the `changelog` section optional (#45) - [**breaking**] Use conventional commit body to check against commit parsers - [**breaking**] Replace --topo-order by --date-order (#58) Miscellaneous Tasks - Update arg parsing to clap v3 (#49) - Upgrade dependencies - Bump the Rust version in Dockerfile - Run cargo-audit for checking vulnerabilities - Update the runner to macos-11 Refactor - Apply clippy suggestions - [**breaking**] Change the default value of `trim` to `true` - Unify serde and serde_derive using derive feature (#57) Styling - Update the styling - Comply with MD022 and fix minor typos (#61)

@Builditluc

Breaking Changes Move Parser Configuration into a Feature Option by @Builditluc in #63 Exciting New Features Add option to change the keybindings via configuration by @Builditluc in #38 Add AUR install option by @ThomasFrans in #42 Add a desktop-entry for packaging by @ThomasFrans in #44 Add checksums for the release assets by @Builditluc in #59 Bug Fixes Fix Header Selection by @Builditluc in #41 Fix Keybinding Crash by @Builditluc in #46 Add missing element after line split by @ThomasFrans in #48 Disable stdout logging for release builds by @ThomasFrans in #47 Fix publish action in the cd workflow by @Builditluc in #60 Fix toc not having scrollbars by @Builditluc in #64 Other Changes Update Bug Report Issue Template by @Builditluc in #40 Add label requirement to ci workflow by @Builditluc in #52 Add documentation job to ci workflow by @Builditluc in #55 Fix typo in search.rs by @eltociear in #56 Add yashinghcodes/wik project to similar projects by @Builditluc in #58 Increase Stale Days to 365 by @Builditluc in #61

0.1.35 (2022-04-05) * Land #42, Add ruby 3.1.1 to test matrix 0.1.36 (2022-05-03) * Land #45, Allow explicitly setting peer hostname 0.1.37 (2022-05-03) * Land #46, fixes a bug caused by a missing require statement 0.1.38 (2022-05-03) * Land #44, Ignore trailing commas in range walker 0.1.39 (2022-05-09) * Land #48, Fix typo in ssl_tcp.rb Fixes #47 0.1.40 (2022-06-13) * Fix typo in README.md 0.1.41 (2022-08-02) * Land #50, Run ubuntu 22.04 in test matrix

0.2.37 (2021-09-16) * Land #42, Update Ubuntu version & Ruby setup 0.2.38 (2022-06-29) * Land #44, Fix rex-text split string crash 0.2.39 (2022-08-08) * Land #47, Run ubuntu 22.04 in test matrix

Change log: 0.6.4 ====== - settings: Improve app icon and name matching - settings: Sort known apps by notification count - settings: Show 'Unspecified app' instead of empty line - daemon: Improve application icon matching - Correctly reset position during slideout (Fixes #42) - panel-plugin: Remove duplicate function call (Fixes #40) - panel-plugin: Fix file monitor (Fixes #40) - Properly free the GKeyFile - tests: Add logging test - Fix compiler warnings - Fix tooltip grammar - build: Fix intltool lock file problem during make distcheck - Update gitignore - Update COPYING (#61) - Translation Updates: Albanian, Basque, Belarusian, Bulgarian, Catalan, Chinese (China), Chinese (Taiwan), Czech, Danish, Dutch, Eastern Armenian, Estonian, French, Galician, German, Greek, Hebrew, Indonesian, Italian, Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål, Polish, Portuguese, Portuguese (Brazil), Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian

Remove patches for GUILE and PHP (options no longer supported by pkgsrc). ## [7.0.2] – 2022-11-18 ### Added - The `cluster`, `dot_builtins`, `dot2gxl`, `gv2gxl`, `gvedit`, and `prune` utilities are now included in the CMake build system. #1753, #1836 ### Changed - `gvedit` now uses a relative path from its own executable to discover its attributes file, `../share/graphviz/gvedit/attrs.txt`. This should make it more relocatable and make its behavior more consistent across operating systems. - `alt` tags are no longer set in the cmap output. #265 ### Fixed - `gxl2gv`, when dealing with `name` attributes, may be less likely to crash. We say “may be less likely” because a bug remains that makes a crash still the most likely outcome. #2300 - Gradient URL references in SVG output once again align with their targets (linear or radial gradients) when `id` attributes are in use. This was arguably a regression in Graphviz 6.0.1. #2307 - The CMake build system’s interactions with a Zlib installed in a non-system location has been improved. - Do not try to install `gv.php` if using SWIG-4.1.0. Graphviz 7.0.1 changes listed SWIG 4.1.0 as supported, but there was an oversight that is fixed in 7.0.2. Complete #2277, #2303 - Several compilation errors when building Smyrna on macOS have been fixed. This was a regression in Graphviz 7.0.1. - A crash when using neato layout with large inferred per-node edge counts was fixed. #42 ## [7.0.1] – 2022-11-09 ### Added - SWIG 4.1.0 is now supported in the Autotools build system. #2277, #2303 ### Changed - When built with zlib support, Graphviz will unconditionally use `deflateBound`. The only user-visible effect should be slightly decreased memory usage when using a zlib-compressed output format. - The test suite only detects Graphviz companion programs adjacent to the first `dot` found in `$PATH` #2201 ### Fixed - Failure of arrowhead and arrowtail to respect penwidth #372 \ Fixed also for the `diamond` and `tee` [edge arrow shapes](https://graphviz.org/doc/info/arrows.html#primitive-shapes). - The CMake build system no longer uses the final install location as the staging area for example graphs and templates during `cpack`. This bug was introduced in Graphviz 4.0.0. #2232 - The CMake build system uses corrected paths to DevIL and FreeType headers and libraries when discovered. - The CMake build system under MinGW no longer attempts to install third party Expat and Getopt libraries. ## [7.0.0] – 2022-10-22 ### Changed - **Breaking**: An `outline_width` field has been added to the `Agnodeinfo_t` struct. - **Breaking**: An `outline_height` field has been added to the `Agnodeinfo_t` struct. - When using the CMake build system, the minimum requirement has been increased from CMake 3.9 to CMake 3.13.0. - When compiling Graphviz with the Intel C Compiler, the Autotools build system no longer suppresses `-ffast-math`. Users relying on this are encouraged to investigate what in their build environment is appending a flag their C compiler does not support. - The `-ffast-math` compiler flag is no longer enabled by the Autotools build system. - Reserved stack size on Windows for the `dot.exe` binary has been increased from the default 1MB to ~3.8MB. ### Fixed - Issues with GCC 8, `-O3` and `-ffast-math` #1412 - Problem building Graphviz-5.0.1: undefined symbols `__*_finite` #2296 - Failure of arrowhead and arrowtail to respect penwidth #372 \ Fixed for all [polygon-based node shapes](https://graphviz.org/doc/info/shapes.html#polygon) (except for the `cylinder` node shape) and for the [edge arrow shapes](https://graphviz.org/doc/info/arrows.html) `normal`, `inv`, `box` and `dot` ### Removed - Support for the MOSEK commercial solver has been removed. The `MOSEK` build-time macro no longer does anything.

pkgsrc change: Add PKG_SKIP_REASON if ruby*-base has the same version. 0.3.2 (2022-09-28) * Make exception API compatible with what Ruby expects #42 0.3.3 (2022-10-29) * No timeout library required #44 * Make the digest library optional #45

@arthurhenrique

v1.0.1 What's Changed - Revert "feat(:nail-care:): dracula-theme" by @arthurhenrique in #51 - revert for color blind by @arthurhenrique in #52 v1.0.0 What's Changed - Add NetBSD by @0323pin in #39 - chore: add performance checker by @arthurhenrique in #42 - Refactor count_leap_years() and add test cases by @elliotwutingfeng in #40 - Refactor count_leap_years() and add test cases (#40) by @arthurhenrique in #43 - Configure Renovate by @renovate in #44 - feat: show today by @arthurhenrique in #46 - chore: update by @arthurhenrique in #47 - feat(:nail-care:): dracula-theme by @arthurhenrique in #48 - chore: release 🚀 by @arthurhenrique in #49

@wishdev

1.7.0 (2022-11-17) What's Changed * Extract creation of Net::HTTP in httpproxy by @wishdev in #41 * Fix httpd error in CJK directory by @jeremyevans in #42 * Use GitHub Actions instead of Travis CI (retry) by @deivid-rodriguez in #40 * Skip env-locale-sensitive CGI test on the "java" platform by @headius in #46 * Make readpartial limit chunk to appropriate size by @wishdev in #45 * Do not use ensure in a block without begin by @jeremyevans in #49 * Allow empty POST and PUT requests without content length by @jeremyevans in #50 * Only run test_big_bodies test on Ruby 2.5+ by @jeremyevans in #51 * Fix test when run with US-ASCII encoding by @jeremyevans in #52 * Allow shutdown_pipe to be passed in via @config by @wishdev in #44 * Ensure server port numbers are numeric and ensure they are stored as ... by @wishdev in #55 * Fix shutdown_pipe test issue by @wishdev in #54 * Allow EPROTOTYPE error when writing junk to a socket by @jeremyevans in #56 * Use ruby/setup-ruby instead of actions/setup-ruby by @hsbt in #58 * Refix test_shutdown_pipe by @wishdev in #59 * add mime type of extention mjs by @paulownia in #60 * Make it more strict to interpret some headers by @mame in #61 1.8.0 (2023-01-27) What's Changed * Use frozen strings by @kirs in #65 * Use test-unit by @hsbt in #66 * More rubies on CI, deprecating ruby 2.3 due to test failure by @mathieujobin in #68 * Adds common mime types by @gotoken in #75 * add mime type for .webmanifest extension by @olleolleolle in #76 * CI: use bundler-cache: true by @olleolleolle in #79 * Typo by @printfinn in #78 * s/RubyVM::JIT/RubyVM::MJIT/g by @k0kubun in #82 * Fix invalid use of IP addresses in SNI by @jeremyevans in #83 * Bump actions/checkout from 2 to 3 by @dependabot in #91 * remove unneeded bin/console and bin/setup files from gemspec by @Benjamin-L in #94 * Accept put requests by @bharjr01 in #70 * Move the host request parsing to a separate method. by @wishdev in #85 * Only output prime information to $stderr if $VERBOSE by @jeremyevans in #88 * Better support for connection upgrade and bi-directional streaming. by @ioquatix in #101 1.8.1 (2023-01-27) What's Changed * Body should be non-frozen by default. by @ioquatix in #103 * Join test thread. by @ioquatix in #104 * Fix several regexp warnings. by @ioquatix in #105

0.1.37 (2023-01-31) * Land #42, Add support for Ruby 3.2

@GegznaV

3.0.2 - Find paths to dictionaries of RStudio 1.3.x and 1.4.x (@GegznaV, #42)

@0323pin

What's Changed - Add NetBSD by @0323pin in #3 - Migrate from tui-rs to ratatui by @AmmarAbouZor in #4 - settings improvements by @AmmarAbouZor in #13 - [Documentation] Create README Badges by @kevinmatthes in #14 - CI Improvements by @AmmarAbouZor in #15 - Changed: Help popup improvements by @AmmarAbouZor in #17 - Added: Export current journal's content by @AmmarAbouZor in #18 - Increase Version by @AmmarAbouZor in #19 - Fixed setting backend path from CLI by @AmmarAbouZor in #22 - Added: Release CD action by @AmmarAbouZor in #24 - Fixed: Export journal extension by @AmmarAbouZor in #25 - Changed: Enhance render loop by @AmmarAbouZor in #28 - Added: CITATION.cff by @kevinmatthes in #26 - Added: Edit current journal content in external editor by @AmmarAbouZor in #29 - Added: configure CHANGELOG maintenance utilities by @kevinmatthes in #16 - Added: Tabs and scrolling to help popup by @AmmarAbouZor in #32 - Fixed: bugs in fragment creation by @kevinmatthes in #33 - Added: Multi-selection for journals by @AmmarAbouZor in #34 - Changed: bump baptiste0928/cargo-install to v2.1.0 by @kevinmatthes in #36 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #37 - Added: Export Import functions for multiple journals by @AmmarAbouZor in #39 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #40 - Fixed: Synchronizing problems with sqlite back-end by @AmmarAbouZor in #41 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #42 - Changed: improve GHA linting speed dramatically by @kevinmatthes in #43 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #44 - Addd: Option to Use Git Configured Editor as External editor by @AmmarAbouZor in #45 - [Aeruginous] Create CHANGELOG Fragment by @github-actions in #46 - [Aeruginous] Create Missing CHANGELOG Fragments by @AmmarAbouZor in #48 - Chore: Add dependabot by @AmmarAbouZor in #50 - [Aeruginous] Assemble CHANGELOG by @github-actions in #52

Upstream changes: 0.22 2023-02-01T05:14:13Z - Clear %Handle cache if dbh is set to undef #42 - Skip fork test on win32 #41

Upstream changes: 6.92 2023-06-07 - Time zone fixes Newest zoneinfo data (tzdata 2023c). - Documentation fixes Typo fix. Reported by Derek Terveer 6.91 2023-03-01 - Fixed bug where timezone alias wasn't handled On linux systems configured to be in a timezone that is an alias, the system timezone wasn't recognized, and it defaulted to GMT. This is now fixed. Patch supplied by Sandi Wallendahl (GitHub #43) 6.90 2022-12-02 - Time zone fixes Aliases in the tzdata database were not being added to the timezone data. Reported in GitHub issue #40. The UTC timezone is now named Etc/UTC instead of UTC to be in line with the aliases. Newest zoneinfo data (tzdata 2022g). - Language fixes Additions to the Polish translation. GitHub issue #41. Additions to several languages. GitHub issue #42. Added some support for per-language parsing rules to respond to GitHub issue #42. - Documentation fixes The version numbers in the change log was messed up due to a skipped release (no new timezone fixes that time). Fixed. 6.89 2022-09-01 - (!) Date::Manip 5.xx interface to be removed The old version of Date::Manip (version 5.xx) has been distributed as part of the package in order to support versions of perl older than 5.10 . I see no valid reason to continue to support that, so as of version 7.00, Date::Manip will only include the newer interfaces (which require perl 5.10 or newer). There are no plans to deprecate the functional interface. - Time zone fixes Newest zoneinfo data (tzdata 2022c).

1.17.3 (2023-07-19) Reduce serialized subject to simple string field. (#41) * Only log subject class name. * Follow similar formatting rules for subject as we do for the terminal logger. 1.17.4 (2023-07-19) * Remove class as it is already part of subject. (#42) 1.18.0 (2023-07-21) Fix behaviour of CONSOLE_ON and CONSOLE_OFF. (#43) * Remove unused `enabled:` option. * Add more tests for Filter. Introduce null log output.

What's new in Sudo 1.9.14p3 * Fixed a crash with Python 3.12 when the sudo Python python is unloaded. This only affects "make check" for the Python plugin. * Adapted the sudo Python plugin test output to match Python 3.12. What's new in Sudo 1.9.14p2 * Fixed a crash on Linux systems introduced in version 1.9.14 when running a command with a NULL argv[0] if "log_subcmds" or "intercept" is enabled in sudoers. * Fixed a problem with "stair-stepped" output when piping or redirecting the output of a sudo command that takes user input. * Fixed a bug introduced in sudo 1.9.14 that affects matching sudoers rules containing a Runas_Spec with an empty Runas user. These rules should only match when sudo's -g option is used but were matching even without the -g option. GitHub issue #290. What's new in Sudo 1.9.14p1 * Fixed an invalid free bug in sudo_logsrvd that was introduced in version 1.9.14 which could cause sudo_logsrvd to crash. * The sudoers plugin no longer tries to send the terminal name to the log server when no terminal is present. This bug was introduced in version 1.9.14. What's new in Sudo 1.9.14 * Fixed a bug where if the "intercept" or "log_subcmds" sudoers option was enabled and a sub-command was run where the first entry of the argument vector didn't match the command being run. This resulted in commands like "sudo su -" being killed due to the mismatch. Bug #1050. * The sudoers plugin now canonicalizes command path names before matching (where possible). This fixes a bug where sudo could execute the wrong path if there are multiple symbolic links with the same target and the same base name in sudoers that a user is allowed to run. GitHub issue #228. * Improved command matching when a chroot is specified in sudoers. The sudoers plugin will now change the root directory id needed before performing command matching. Previously, the root directory was simply prepended to the path that was being processed. * When NETGROUP_BASE is set in the ldap.conf file, sudo will now perform its own netgroup lookups of the host name instead of using the system innetgr(3) function. This guarantees that user and host netgroup lookups are performed using the same LDAP server (or servers). * Fixed a bug introduced in sudo 1.9.13 that resulted in a missing " ; " separator between environment variables and the command in log entries. * The visudo utility now displays a warning when it ignores a file in an include dir such as /etc/sudoers.d. * When running a command in a pseudo-terminal, sudo will initialize the terminal settings even if it is the background process. Previously, sudo only initialized the pseudo-terminal when running in the foreground. This fixes an issue where a program that checks the window size would read the wrong value when sudo was running in the background. * Fixed a bug where only the first two digits of the TSID field being was logged. Bug #1046. * The "use_pty" sudoers option is now enabled by default. To restore the historic behavior where a command is run in the user's terminal, add "Defaults !use_pty" to the sudoers file. GitHub issue #258. * Sudo's "-b" option now works when the command is run in a pseudo-terminal. * When disabling core dumps, sudo now only modifies the soft limit and leaves the hard limit as-is. This avoids problems on Linux when sudo does not have CAP_SYS_RESOURCE, which may be the case when run inside a container. GitHub issue #42. * Sudo configuration file paths have been converted to colon-separated lists of paths. This makes it possible to have configuration files on a read-only file system while still allowing for local modifications in a different (writable) directory. The new --enable-adminconf configure option can be used to specify a directory that is searched for configuration files in preference to the sysconfdir (which is usually /etc). * The "intercept_verify" sudoers option is now only applied when the "intercept" option is set in sudoers. Previously, it was also applied when "log_subcmds" was enabled. * The NETGROUP_QUERY ldap.conf parameter can now be disabled for LDAP servers that do not support querying the nisNetgroup object by its nisNetgroupTriple attribute, while still allowing sudo to query the LDAP server directly to determine netgroup membership. * Fixed a long-standing bug where a sudoers rule without an explicit runas list allowed the user to run a command as root and any group instead of just one of the groups that root is a member of. For example, a rule such as "myuser ALL = ALL" would permit "sudo -u root -g othergroup" even if root did not belong to "othergroup". * Fixed a bug where a sudoers rule with an explicit runas list allowed a user to run sudo commands as themselves. For example, a rule such as "myuser ALL = (root) ALL", "myuser" should only allow commands to be run as root (optionally using one of root's groups). However, the rule also allowed the user to run "sudo -u myuser -g myuser command". * Fixed a bug that prevented the user from specifying a group on the command line via "sudo -g" if the rule's Runas_Spec contained a Runas_Alias. * Sudo now requires a C compiler that conforms to ISO C99 or higher to build.

@bensie

3.0.0 (2023-08-25) What's Changed * Breaking: Drop support for Ruby < 2.5. * Added: Support for ECDSA (@bensie, @rchekaluk) #43, #44, #46, #49 * Added: OpenSSL 3.x support by @rchekaluk in #48 * Added: Test against Ruby 2.5, 2.6, 2.7, 3.0, 3.1, 3.2, 3.3, jruby-9.3, jruby-9.4 with GitHub Actions * Fixed: SSH public keys not validated/parsed if contain comments by @MangyCoyote in #39 New Contributors * @djberg96 made their first contribution in #40 * @MangyCoyote made their first contribution in #39 * @gogainda made their first contribution in #42 * @rchekaluk made their first contribution in #43

What's Changed - stdout/stderr are now streamed as the subprocess is executing, rather than output only once the subprocess completes (#43). - NotFound errors during cleanup are now ignored (#42). - Improved error handling for malformed executables (#37). API Changes - New methods Bkt::retrieve_streaming and Bkt::refresh_streaming have been added for library users that want to stream output, however these methods are subject to change and should be treated as experimental.

v1.1.1.11: * Dependency update for base 4.18, GHC 9.4.5 (PR #42, thanks Miezhiko) v1.1.1.10: * When parsing as an expression and as a declaration both fail, show both errors (PR #39, thanks 1in1) * GitHub Action for CI * Dependency update for base 4.16, GHC 9.2.5 (PR #39, thanks Andreas Ländle)

2.002004 2023-07-15 - Remove 'perl -T' from tests. This way we can run on perls compiled without support for taint mode. The test didn't actually care about taint anyway. 2.002003 2023-04-19 - Fix line numbers after inlined type checks (gh #42). Previously, the code for type checks was inlined literally, so if a particular check took 5 lines of code, all the following line numbers in the source file would be off by 5 (they would be "pushed down" by the interpolated code). These bad line numbers would show up in error messages from Perl (including warn and die) as well as __LINE__ and caller (and thus stack traces). 2.002002 2023-04-01 - Work around old versions of ExtUtils::MakeMaker not providing is_make_type(), whose version dependency is undocumented (sigh). - Restrict GNU syntax for exporting variables to type 'gmake'; should fix building on BSD, Solaris, etc. - Declare dependency on ExtUtils::MakeMaker 7+ and remove compatibility code for older versions. 2.002001 2023-04-01 - Fix (hopefully) Windows builds using nmake.exe. 2.002 2023-04-01 - Provide //= for default arguments that are also used when the caller passes in undef. - Provide more type combinators in parameter declarations: In addition to | (union types), now ~ & / are also supported (for complement types, intersection types, and alternative types, respectively). - Enable type coercions. If a parameter has a declared type and that type supports coercions ($type->has_coercion returns true), call its ->coerce($value) method to transform arguments before type checking. - Enable inline type checks. If a parameter has a declared type and that type supports inlining ($type->can_be_inlined returns true), its inline code (as provided by ->inline_check('$value')) is baked into the function definition instead of a call to ->check($value). This may speed up type checks. - Move a big chunk of tests to xt/ (author testing only). - Remove xt/ from the distribution. - Enable parallel testing by default (with -j4). 2.001006 2023-03-27 - Work around perl core issue GH#20950 (use re "eval" doesn't capture lexical %^H environment like eval() does and stringifies it instead) by downgrading the previous hard error to a warning (in the new category 'Function::Parameters') and switching Function::Parameters off in the affected scope. 2.001005 2023-01-27 - Fix failures with perl 5.37.5 .. 5.37.6 caused by new internal opcode structure for anonymous subs. 2.001004 2023-01-20 - Drop Dir::Self test dependency (use FindBin instead).

15.0.0 (2022-01-04) Added * [Ruby,JavaScript,Go] Add bigdecimal, biginteger parameter types (#42) * [.NET] Implementation of Cucumber Expressions by porting the Java parser (#1743) * [Python] Added Python Cucumber Expressions (#65) Changed * [Go] Parameters of type {float} are now parsed as float32 (previously it was float64). Use {double} if you need float64. (#42) 15.0.1 (2022-01-04) Fixed * Fixed release scripts 15.0.2 (2022-03-15) Fixed * Add missing name field in CommonJS package file (#87) 15.1.0 (2022-04-21) Added * [JavaScript] Add CucumberExpression.ast and expose the AST types. 15.1.1 (2022-04-21) Fixed * [JavaScript] Make CucumberExpression.ast public (it was accidentally private in 15.1.0) 15.2.0 (2022-05-24) Added * [JavaScript] Add ParameterInfo (#124) Fixed * [.NET] Fix casing in "word" parameter type constant 16.0.0 (2022-06-12) Changed * [JavaScript] The ParameterType constructor's regexps parameter has a new type: type Regexps = StringOrRegExp | readonly StringOrRegExp[]; type StringOrRegExp = string | RegExp. 16.0.1 (2022-11-06) Fixed * [JavaScript] The ParameterType constructor's transform, useForSnippets and preferForRegexpMatch should be optional. (#178) 16.1.0 - 2022-11-28 Added * [Java] Enabled reproducible builds * [JavaScript] Added ParameterType.builtin. This is to allow JSON serialization of only the non-builtin parameter types. 16.1.1 - 2022-12-08 Fixed * [Java] Improve expression creation performance (#187, #189) 16.1.2 (2023-01-17) Fixed * [Java] Improve cucumber expression creation performance (#202) 17.0.0 (2023-10-06) Changed * [JavaScript] Added TypeScript source to the package (#211) * [Ruby] Minimum supported ruby is now 2.5+ (#232) * [Ruby] Large suite wide refactor for basic rubocop compliance (#233 #235) * [Ruby] Expose ParameterType#transformer as a new public reader (#234) * [Ruby] Remove ParameterType#prefer_for_regexp_match? and ParameterType#use_for_snippets? -> Use their standard reader equivalents instead (Remove the ?) (#234) 17.0.1 (2023-11-24) Fixed * [JavaScript] Fix import paths lacking file suffix (#243) * [Ruby] Fixed up Layout rubocop autofixes

@sciurius

1.059 2023-07-20 - correctly propagate the exit value of a packed executable Get the exit value from perl_destruct() instead of perl_run(). These may be different, e.g. if the value of $? is set in an END block. - clean up tests a bit - set up GitHub CI and add cpanfile (for CI only) - check more return codes in myldr/*.c 1.058 2023-06-12 - patch DynaLoader.pm to make intercepting DynaLoader::bootstrap work again for Perl >= 5.35 on Windows (see #74) $do_expand was changed in perl 5.36 from an (implicit) "local" variable to "my". This breaks how PAR::Heavy intercepts calls to DynaLoader::bootstrap: monkey-patching DynaLoader::bootstrap, DynaLoader::dl_findfile and DynaLoader::bootstrap while setting "local $DynaLoader::do_expand = 1". - reorganize modules etc used in tests - add test to run an XS module from a .par file - add a test for loading XS "glue" DLLs - remove unused code for packed DLLs ("pp --link ...") - nobody packs (non-XS) DLLs as embedded "FILE"s - nobody uses a $Config{version) sub directory when packing DLLs below "shlib/" in the zip 1.057 2022-11-29 - use a different method to mark executable built from "pp --clean ..." - scripts/par.pl: don't patch the string "__PASS_PAR_CLEAN__ \0" in the "boot" section of the executable and ... - myldr/boot.c: ... stop looking for the patched string - scripts/par.pl: add "\0CLEAN" in lieu of "\0CACHE" (and drop the 40-byte cache name below that) in the "trailer" section when generating a packed executable when META.yml indicates "--clean" was specified) - myldr/mktmpdir.c: allow "\0CLEAN" as an alternative to "\0CACHE" and set PAR_CLEAN=1 in that case - myldr/mktmpdir.c: implement find_par_magic() akin the one in script/par.pl - better CLT detection in MacOS (#70) [plk <Philip@kime.org.uk>] - use Getopt::ArgvFile with resolveEnvVars=1 suggested by Johan Vromans (@sciurius on GitHub) 1.056 2022-09-05 - Fix #66: patch myldr/boot for "pp --clean ..." without side effects - make sure myldr/boot contains exactly one string of the form "__PASS_PAR_CLEAN__ \0" so that there are no duplicates that may get split on chunk boundaries (myldr/boot_embedded_files.c) - simplify patching of this string (in $loader) to "__PASS_PAR_CLEAN__=1 \0" in script/par.pl - add a test for #66 (check for ephemeral vs persistent cache directory) - Revert "Fixes #62: rs6000_71 (AIX) "An offset in the .loader section header is too large."" PAR_CLEAN is set too late: at this point PAR_TEMP has already been set (and populated) to a persistent cache directory (/tmp/par-USER/cache-SHA1) instead of an ephemeral one (/tmp/par-USER/temp-PID). - Some code cleanup - replace some magic numbers with constants - use string interpolation (instead of concatenation) - clean up some convoluted C code 1.055 2022-07-03 - Fix #62: rs6000_71 (AIX) "An offset in the .loader section header is too large." Communicate pp option "--clean" to the generated executable in a different way. Previously this was done by patching "__ENV_PAR_..." strings **in the executable being built** and interpreting these strings in par.pl **at runtime**. Though hacky, this seemingly worked on any OS (without rendering the executable invalid). But the only information ever passed was the value of PAR_CLEAN and this was gleaned at build time from the value of JSONPath $par.clean from META.yml in the zip (set by pp by option "--clean"). Instead read and interpret "META.yml" in par.pl **at runtime**. - Fix: merge PR #58 from Philip@kime.org.uk: Adding support for running MacOS Universal binaries created via 'lipo' from already pp'ed and signed thin binaries - Make writing stuff more robust: check return value of print() and close() in some places. 1.054 2022-01-27 - Temporarily disable t/90-gh41.t (system("\\\\?\\some-absolute-path") fails) 1.053 2022-01-25 - Fix: merge PR #56 from from Philip Kime <Philip@kime.org.uk>: Updating OSX codesign fix util with fix for automatically added ad-hoc signatures on OSX 12+ - Fix: merge PR #42 from Andrew-Kulpa/master: Get exe size from file handle instead of path - Fix: prevent TABs in literal makefile fragments from being expanded - Cleanups: - par_findprog(): pass a copy of argument `path´ to strtok() - simplify searching for PAR magic - consolidate die()s - add a test for GitHub #41 - add error message when exec'ing the custom perl fails in myldr/boot - untangle %require_list and %ModuleCache

@joshka

Release Notes - Migrate to Ratatui (#42 by @joshka) - Better readline support using tui-input (move cursor forward / backward, jump to the start, etc) - Improve buffer history to retrieve more than just the last input

In addition to the upstream changes below, the package now also includes the cJSON backend (and dependency). Fix: - improve naming (#42) - magical spaces in recursive partials (#43) - installation when tool isn't built - correct detection of falsey values (#45) Minor: - update to newer reference tests https://gitlab.com/jobol/mustach/-/releases/1.2.6

This is actually an update from 3.0.0-alpha to 3.0.0-beta. Unfortunately, I made a mistake on the previous update and pushed it as 3.0.0 instead of 3.0.0-alpha as it should have been. new major pre-release version: 3.0.0-beta - update deps, man pages, completions, readme, v3.md - output of image is now the basename - wallust doesn't require a config file, because of this, the default - config file has been simplify to what most people would 'expect', - avoiding advance configuration. - fix a cache bug (bdd133771d) - make some common cli flags globals. (aa7c7af753) - new -N/--no-config global flag - template: * add colors array (906ce4b1f8) * HEXA representation of colors (e48c376984) #41 * avoid UNC windows paths (53efe6ea92) #42 - overall MASSIVE changes to the code => instead of implementing some - functionality manualy, I'm using the palette crate which is very refined and displays much better results. REAKING: - rename generation to fallback_generator (a9548c24a8) - rename --config-path to --config-file (735bd3861b

@feddynventor

What's Changed - store file path in tooltip by @feddynventor in #42

Python 3.12.3 Security gh-115398: Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() xml.parsers.expat.xmlparser.SetReparseDeferralEnabled() xml.sax.expatreader.ExpatParser.flush() gh-115399: Update bundled libexpat to 2.6.0 gh-115243: Fix possible crashes in collections.deque.index() when the deque is concurrently modified. gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads. Core and Builtins gh-109120: Added handle of incorrect star expressions, e.g f(3, *). Patch by Grigoryev Semyon gh-99108: Updated the hashlib built-in HACL* project C code from upstream that we use for many implementations when they are not present via OpenSSL in a given build. This also avoids the rare potential for a C symbol name one definition rule linking issue. gh-116735: For INSTRUMENTED_CALL_FUNCTION_EX, set arg0 to sys.monitoring.MISSING instead of None for CALL event. gh-113964: Starting new threads and process creation through os.fork() are now only prevented once all non-daemon threads exit. gh-116604: Respect the status of the garbage collector when indirect calls are made via PyErr_CheckSignals() and the evaluation breaker. Patch by Pablo Galindo gh-116626: Ensure INSTRUMENTED_CALL_FUNCTION_EX always emits CALL gh-116296: Fix possible refleak in object.__reduce__() internal error handling. gh-116034: Fix location of the error on a failed assertion. gh-115823: Properly calculate error ranges in the parser when raising SyntaxError exceptions caused by invalid byte sequences. Patch by Pablo Galindo gh-112087: For an empty reverse iterator for list will be reduced to reversed(). Patch by Donghee Na. gh-115154: Fix a bug that was causing the tokenize.untokenize() function to handle unicode named literals incorrectly. Patch by Pablo Galindo gh-114828: Fix compilation crashes in uncommon code examples using super() inside a comprehension in a class body. gh-115011: Setters for members with an unsigned integer type now support the same range of valid values for objects that has a __index__() method as for int. gh-112215: Change the C recursion limits to more closely reflect the underlying platform limits. gh-96497: Fix incorrect resolution of mangled class variables used in assignment expressions in comprehensions. Library gh-117467: Preserve mailbox ownership when rewriting in mailbox.mbox.flush(). Patch by Tony Mountifield. gh-117310: Fixed an unlikely early & extra Py_DECREF triggered crash in ssl when creating a new _ssl._SSLContext if CPython was built implausibly such that the default cipher list is empty or the SSL library it was linked against reports a failure from its C SSL_CTX_set_cipher_list() API. gh-117178: Fix regression in lazy loading of self-referential modules, introduced in gh-114781. gh-117084: Fix zipfile extraction for directory entries with the name containing backslashes on Windows. gh-117110: Fix a bug that prevents subclasses of typing.Any to be instantiated with arguments. Patch by Chris Fu. gh-90872: On Windows, subprocess.Popen.wait() no longer calls WaitForSingleObject() with a negative timeout: pass 0 ms if the timeout is negative. Patch by Victor Stinner. gh-116957: configparser: Don’t leave ConfigParser values in an invalid state (stored as a list instead of a str) after an earlier read raised DuplicateSectionError or DuplicateOptionError. gh-90095: Ignore empty lines and comments in .pdbrc gh-116764: Restore support of None and other false values in urllib.parse functions parse_qs() and parse_qsl(). Also, they now raise a TypeError for non-zero integers and non-empty sequences. gh-116811: In PathFinder.invalidate_caches, delegate to MetadataPathFinder.invalidate_caches. gh-116600: Fix repr() for global Flag members. gh-116484: Change automatically generated tkinter.Checkbutton widget names to avoid collisions with automatically generated tkinter.ttk.Checkbutton widget names within the same parent widget. gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on opening named pipe. gh-116143: Fix a race in pydoc _start_server, eliminating a window in which _start_server can return a thread that is “serving” but without a docserver set. gh-116325: typing: raise SyntaxError instead of AttributeError on forward references as empty strings. gh-90535: Fix support of interval values > 1 in logging.TimedRotatingFileHandler for when='MIDNIGHT' and when='Wx'. gh-115978: Disable preadv(), readv(), pwritev(), and writev() on WASI. Under wasmtime for WASI 0.2, these functions don’t pass test_posix (bytecodealliance/wasmtime#7830). gh-88352: Fix the computation of the next rollover time in the logging.TimedRotatingFileHandler handler. computeRollover() now always returns a timestamp larger than the specified time and works correctly during the DST change. doRollover() no longer overwrite the already rolled over file, saving from data loss when run at midnight or during repeated time at the DST change. gh-87115: Set __main__.__spec__ to None when running a script with pdb gh-76511: Fix UnicodeEncodeError in email.Message.as_string() that results when a message that claims to be in the ascii character set actually has non-ascii characters. Non-ascii characters are now replaced with the U+FFFD replacement character, like in the replace error handler. gh-116040: [Enum] fix by-value calls when second value is falsey; e.g. Cardinal(1, 0) gh-75988: Fixed unittest.mock.create_autospec() to pass the call through to the wrapped object to return the real result. gh-115881: Fix issue where ast.parse() would incorrectly flag conditional context managers (such as with (x() if y else z()): ...) as invalid syntax if feature_version=(3, 8) was passed. This reverts changes to the grammar made as part of gh-94949. gh-115886: Fix silent truncation of the name with an embedded null character in multiprocessing.shared_memory.SharedMemory. gh-115809: Improve algorithm for computing which rolled-over log files to delete in logging.TimedRotatingFileHandler. It is now reliable for handlers without namer and with arbitrary deterministic namer that leaves the datetime part in the file name unmodified. gh-74668: urllib.parse functions parse_qs() and parse_qsl() now support bytes arguments containing raw and percent-encoded non-ASCII data. gh-67044: csv.writer() now always quotes or escapes '\r' and '\n', regardless of lineterminator value. gh-115712: csv.writer() now quotes empty fields if delimiter is a space and skipinitialspace is true and raises exception if quoting is not possible. gh-112364: Fixed ast.unparse() to handle format_spec with ", ' or \\. Patched by Frank Hoffmann. gh-111358: Fix a bug in asyncio.BaseEventLoop.shutdown_default_executor() to ensure the timeout passed to the coroutine behaves as expected. gh-115618: Fix improper decreasing the reference count for None argument in property methods getter(), setter() and deleter(). gh-115570: A DeprecationWarning is no longer omitted on access to the __doc__ attributes of the deprecated typing.io and typing.re pseudo-modules. gh-112006: Fix inspect.unwrap() for types with the __wrapper__ data descriptor. gh-101293: Support callables with the __call__() method and types with __new__() and __init__() methods set to class methods, static methods, bound methods, partial functions, and other types of methods and descriptors in inspect.Signature.from_callable(). gh-115392: Fix a bug in doctest where incorrect line numbers would be reported for decorated functions. gh-114563: Fix several format() bugs when using the C implementation of Decimal: * memory leak in some rare cases when using the z format option (coerce negative 0) * incorrect output when applying the z format option to type F (fixed-point with capital NAN / INF) * incorrect output when applying the # format option (alternate form) gh-115197: urllib.request no longer resolves the hostname before checking it against the system’s proxy bypass list on macOS and Windows. gh-115165: Most exceptions are now ignored when attempting to set the __orig_class__ attribute on objects returned when calling typing generic aliases (including generic aliases created using typing.Annotated). Previously only AttributeError was ignored. Patch by Dave Shawley. gh-115133: Fix tests for XMLPullParser with Expat 2.6.0. gh-115059: io.BufferedRandom.read1() now flushes the underlying write buffer. gh-79382: Trailing ** no longer allows to match files and non-existing paths in recursive glob(). gh-114071: Support tuple subclasses using auto() for enum member value. gh-114763: Protect modules loaded with importlib.util.LazyLoader from race conditions when multiple threads try to access attributes before the loading is complete. gh-97959: Fix rendering class methods, bound methods, method and function aliases in pydoc. Class methods no longer have “method of builtins.type instance” note. Corresponding notes are now added for class and unbound methods. Method and function aliases now have references to the module or the class where the origin was defined if it differs from the current. Bound methods are now listed in the static methods section. Methods of builtin classes are now supported as well as methods of Python classes. gh-112281: Allow creating union of types for typing.Annotated with unhashable metadata. gh-111775: Fix importlib.resources.simple.ResourceHandle.open() for text mode, added missed stream argument. gh-90095: Make .pdbrc and -c work with any valid pdb commands. gh-107155: Fix incorrect output of help(x) where x is a lambda function, which has an __annotations__ dictionary attribute with a "return" key. gh-105866: Fixed _get_slots bug which caused error when defining dataclasses with slots and a weakref_slot. gh-60346: Fix ArgumentParser inconsistent with parse_known_args. gh-100985: Update HTTPSConnection to consistently wrap IPv6 Addresses when using a proxy. gh-100884: email: fix misfolding of comma in address-lists over multiple lines in combination with unicode encoding. gh-95782: Fix io.BufferedReader.tell(), io.BufferedReader.seek(), _pyio.BufferedReader.tell(), io.BufferedRandom.tell(), io.BufferedRandom.seek() and _pyio.BufferedRandom.tell() being able to return negative offsets. gh-96310: Fix a traceback in argparse when all options in a mutually exclusive group are suppressed. gh-93205: Fixed a bug in logging.handlers.TimedRotatingFileHandler where multiple rotating handler instances pointing to files with the same name but different extensions would conflict and not delete the correct files. bpo-44865: Add missing call to localization function in argparse. bpo-43952: Fix multiprocessing.connection.Listener.accept() to accept empty bytes as authkey. Not accepting empty bytes as key causes it to hang indefinitely. bpo-42125: linecache: get module name from __spec__ if available. This allows getting source code for the __main__ module when a custom loader is used. gh-66543: Make mimetypes.guess_type() properly parsing of URLs with only a host name, URLs containing fragment or query, and filenames with only a UNC sharepoint on Windows. Based on patch by Dong-hee Na. bpo-33775: Add ‘default’ and ‘version’ help text for localization in argparse. Documentation gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”. gh-115233: Fix an example for LoggerAdapter in the Logging Cookbook. Tests gh-83434: Disable JUnit XML output (--junit-xml=FILE command line option) in regrtest when hunting for reference leaks (-R option). Patch by Victor Stinner. gh-117187: Fix XML tests for vanilla Expat <2.6.0. gh-116333: Tests of TLS related things (error codes, etc) were updated to be more lenient about specific error message strings and behaviors as seen in the BoringSSL and AWS-LC forks of OpenSSL. gh-115979: Update test_importlib so that it passes under WASI SDK 21. gh-112536: Add –tsan to test.regrtest for running TSAN tests in reasonable execution times. Patch by Donghee Na. gh-116307: Added import helper isolated_modules as CleanImport does not remove modules imported during the context. Use it in importlib.resources tests to avoid leaving mod around to impede importlib.metadata tests. gh-115720: Leak tests (-R, --huntrleaks) now show a summary of the number of leaks found in each iteration. gh-115122: Add --bisect option to regrtest test runner: run failed tests with test.bisect_cmd to identify failing tests. Patch by Victor Stinner. gh-115596: Fix ProgramPriorityTests in test_os permanently changing the process priority. Build gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI 0.2/preview2 primitives. gh-116117: Backport libb2’s PR #42 to fix compiling CPython on 32-bit Windows with clang-cl. gh-115167: Avoid vendoring vcruntime140_threads.dll when building with Visual Studio 2022 version 17.8. gh-112536: Add support for thread sanitizer (TSAN) Windows gh-117267: Ensure DirEntry.stat().st_ctime behaves consistently with os.stat() during the deprecation period of st_ctime by containing the same value as st_birthtime. After the deprecation period, st_ctime will be the metadata change time (or unavailable through DirEntry), and only st_birthtime will contain the creation time. gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash. gh-91227: Fix the asyncio ProactorEventLoop implementation so that sending a datagram to an address that is not listening does not prevent receiving any more datagrams. gh-115554: The installer now has more strict rules about updating the Python Launcher for Windows. In general, most users only have a single launcher installed and will see no difference. When multiple launchers have been installed, the option to install the launcher is disabled until all but one have been removed. Downgrading the launcher (which was never allowed) is now more obviously blocked. gh-115543: Python Launcher for Windows can now detect Python 3.13 when installed from the Microsoft Store, and will install Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set. gh-115049: Fixes py.exe launcher failing when run as users without user profiles. gh-115009: Update Windows installer to use SQLite 3.45.1. IDLE gh-88516: On macOS show a proxy icon in the title bar of editor windows to match platform behaviour. Tools/Demos gh-113516: Don’t set LDSHARED when building for WASI. C API gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows 64-bit platforms. gh-116869: Make the C API compatible with -Werror=declaration-after-statement compiler flag again. Patch by Victor Stinner.

v0.10.2.5 - 2023-11-11 Support GHC 9.8 (#42) Allow base-4.19, bump CI to GHC 9.8.1 (#43)

@andrelaszlo

1.0.6 (2024-06-01) * Fix error formatting bug in HTTP::CookieJar::AbstractStore (#42 by @andrelaszlo) * Allow non-RFC 3986-compliant URLs (#45 by @c960657) * Add coverage for Ruby 3.2 and 3.3 (#46 by @flavorjones) * Quash ruby 3.4 warnings (#47 by @flavorjones)

### 1.8.10 - 15 June 2024 * feature: new "`--output`" option to write to a file instead of standard output (pull request [#90](https://codeberg.org/a-j-wood/pv/pulls/90)) supplied by [xmort](https://codeberg.org/xmort) ### 1.8.9 - 21 April 2024 * feature: new "`--si`" option to display and interpret size suffixes in multiples of 1000 rather than 1024 (pull request [#85](https://codeberg.org/a-j-wood/pv/pulls/85)) supplied by [kevinruddy](https://codeberg.org/kevinruddy) * fix: continue producing progress output when the output is blocking writes ([#34](https://codeberg.org/a-j-wood/pv/issues/34), [#86](https://codeberg.org/a-j-wood/pv/issues/86), [#87](https://codeberg.org/a-j-wood/pv/issues/87)) * fix: honour the _TMPDIR_ / _TMP_ environment variables again, rather than hard-coding "`/tmp`", when using a terminal lock file (originally removed in 1.8.0) ([#88](https://codeberg.org/a-j-wood/pv/issues/88)) * i18n: corrections and missing strings added to French translations (pull request [#83](https://codeberg.org/a-j-wood/pv/pulls/83)) supplied by [Thomas Bertels](https://codeberg.org/tbertels) ### 1.8.5 - 19 November 2023 * fix: corrected percentage formatting so it doesn't jump from 2 to 3 characters wide at 100% ([#80](https://codeberg.org/a-j-wood/pv/issues/80)) * fix: replaced "`--remote`" mechanism, using a temporary file instead of SysV IPC, so it can work reliably even when there are multiple PV instances * fix: corrected compilation failure when without IPC support * security: addressed all issues highlighted by the software auditing tools "`splint`" and "`flawfinder`" (see "`make analyse`") ([#77](https://codeberg.org/a-j-wood/pv/issues/77)) * cleanup: compilation warnings fixed on non-IPC and MacOS systems ### 1.8.0 - 24 September 2023 #### Features * feature: new "`--discard`" option to discard input as if writing to */dev/null* ([#42](https://codeberg.org/a-j-wood/pv/issues/42)) * feature: new "`--error-skip-block`" option to make "`--skip-errors`" skip whole blocks ([#37](https://codeberg.org/a-j-wood/pv/issues/37)) * feature: use `posix_fadvise()` like `cat`(1) does, to improve efficiency ([#39](https://codeberg.org/a-j-wood/pv/issues/39)) * feature: new "`--enable-static`" option to "`configure`" for static builds ([#75](https://codeberg.org/a-j-wood/pv/pull/75)) #### Security * security: with "`--pidfile`", write to a temporary file and rename it into place, to improve security * security: keep self-contained copies of name and format string in PV internal state for memory safety * security: ignore _TMP_ / _TMPDIR_ environment variables when using a terminal lock file #### Fixes * fix: only report errors about missing files when starting to transfer from them, not while calculating size, and behave more like `cat`(1) by skipping them and moving on * fix: auto-calculate total line count with "`--line-mode`" when all inputs are regular files * fix: use `clock_gettime()` in ETA calculation to cope with machine suspend/resume ([#13](https://codeberg.org/a-j-wood/pv/issues/13)) * fix: if "`--width`" or "`--height`" were provided, do not change them when the window size changes ([#36](https://codeberg.org/a-j-wood/pv/issues/36)) * fix: when a file descriptor position in "`--watchfd`" moves backwards, show the rate using the correct prefix ([#41](https://codeberg.org/a-j-wood/pv/issues/41)) * fix: rewrite terminal state save/restore so state is not intermittently garbled on exit when using "`--cursor`" ([#20](https://codeberg.org/a-j-wood/pv/issues/20)), ([#24](https://codeberg.org/a-j-wood/pv/issues/24)) #### Cleanups * cleanup: addressed many potential issues highlighted by the software auditing tools "`splint`" and "`flawfinder`" (see new target "`make analyse`") * cleanup: switched the build system to GNU Automake * cleanup: replaced the test harness with the one native to GNU Automake * cleanup: added a test for terminal width detection to "`make check`" * cleanup: added a test to "`make check`" to ensure that "`make install`" installs everything expected * cleanup: replaced *AC_HEADER_TIOCGWINSZ* with *AC_CHECK_HEADERS(sys/ioctl.h)* for better MacOS compatibility ([#74](https://codeberg.org/a-j-wood/pv/issues/74)) * cleanup: with "`--sync`", call `fsync()` instead of `fdatasync()` on incapable systems ([#73](https://codeberg.org/a-j-wood/pv/issues/73)) * cleanup: the manual is now a static file instead of needing to be built with "`configure`" #### Dropped items * dropped: dropped support for "`--enable-static-nls`" * dropped: removed the Linux Software Map file, as the LSM project appears to be long dead * dropped: will no longer publish to SourceForge as it has a chequered history and is unnecessary * dropped: removed project from GitHub and moved to Codeberg - see "[Give Up GitHub](https://giveupgithub.org/)" #### Other items * licensing change from Artistic 2.0 to GPLv3+ ### 1.7.24 - 30 July 2023 * fix: correct terminal size detection, broken in 1.7.17 by the configuration script rewrite ([#72](https://codeberg.org/a-j-wood/pv/issues/72)) * security: removed *DEBUG* environment variable in debug mode, added "`--debug`" instead * cleanup: added "`make analyse`" to run "`splint`" and "`flawfinder`" on all source files * cleanup: corrected detection of boolean capability * cleanup: word wrapping of "`--help`" output is now multi-byte locale aware * cleanup: adjusted "`indent`" rules to line length of 120 and reformatted code ### 1.7.18 - 28 July 2023 * fix: language file installation had been broken by the configuration script rewrite ### 1.7.17 - 27 July 2023 * feature: new "`--sync`" option to flush cache to disk after every write (related to [#6](https://codeberg.org/a-j-wood/pv/issues/6), to improve accuracy when writing to slow disks) * feature: new "`--direct-io`" option to bypass cache - implements [#29 "Option to enable *O_DIRECT*"](https://codeberg.org/a-j-wood/pv/issues/29) - requested by Romain Kang, Jacek Wielemborek * fix: correct byte prefix size to 2 spaces in rate display, so progress display size remains constant at low transfer rates * cleanup: rewrote `configure.in` as per suggestions in newer "`autoconf`" manuals * cleanup: replaced `header.in` with one generated by "`autoheader`", moving custom logic to a separate header file "`config-aux.h`" * cleanup: added copyright notice to all source files as per GNU standards * cleanup: changed "`--version`" output to conform to GNU standards * cleanup: replaced backticks with `$()` in all shell scripts that did not come from elsewhere, as backticks are deprecated and harder to read * cleanup: improved the output formatting of "`make test`" * cleanup: extended the "`make test`" mechanism to allow certain tests to be skipped on platforms that cannot support them * cleanup: skip the "pipe" test (for *SIGPIPE*) if GNU "`head`" is not available, so that "`make test`" on stock OpenBSD 7.3 works * cleanup: added a lot more tests to "`make test`" * cleanup: replace all calls to `sprintf()` and `snprintf()` with a new wrapper function `pv_snprintf()` to improve security and compatibility * cleanup: replace all calls to `strcat()` with a wrapper `pv_strlcat()` to improve security and compatibility * cleanup: replace all `write()` calls to the terminal with a wrapper `pv_write_retry()` for consistency * cleanup: tidy up and fix compilation warning in "`--watchfd`" code * cleanup: rewrote all local shell scripts to pass analysis by [ShellCheck](https://www.shellcheck.net) ### 1.7.0 - 17 July 2023 * dropped: support for Red Hat Enterprise Linux and its derivatives has been dropped; removed the RPM spec file, and will no longer build binaries * feature: the "`--size`" option now accepts "`@filename`" to use the size of another file (pull request [#57](https://codeberg.org/a-j-wood/pv/pull/57) supplied by [Dave Beckett](https://github.com/dajobe)) * feature: the "`--watchfd`" option is now available on OS X (pull request [#60](https://codeberg.org/a-j-wood/pv/pull/60) supplied by [christoph-zededa](https://github.com/christoph-zededa)) * feature: new "`--bits`" option to show bit count instead of byte count (adapted from pull request [#63](https://codeberg.org/a-j-wood/pv/pull/63) supplied by [Nick Black](https://nick-black.com)) * feature: new "`--average-rate-window`" option, to set the window over which the average rate is calculated, also used for ETA (modified from pull request [#65](https://codeberg.org/a-j-wood/pv/pull/65) supplied by [lemonsqueeze](https://github.com/lemonsqueeze)) * feature: the "`--watchfd`" option will now show relative filenames, if they are under the current directory (pull request [#66](https://codeberg.org/a-j-wood/pv/pull/66) supplied by [ikasty](https://github.com/ikasty)) * fix: correction to `pv_in_foreground()` to behave as its comment block says it should, when not on a terminal - corrects [#19 "No output in Arch Linux initcpio after 1.6.6"](https://codeberg.org/a-j-wood/pv/issues/19), [#31 "No output written from inside zsh <() construct"](https://codeberg.org/a-j-wood/pv/issues/31), [#55 "pv Stopped Working in the Background"](https://codeberg.org/a-j-wood/pv/issues/55) (pull request [#64](https://codeberg.org/a-j-wood/pv/pull/64) supplied by [Michael Weiß](https://github.com/quitschbo)) * fix: workaround for OS X 11 behaviour in configure script regarding stat64 at compile time (pull request [#57](https://codeberg.org/a-j-wood/pv/pull/57) supplied by [Dave Beckett](https://github.com/dajobe)) * fix: workaround for macOS equivalence of stat to stat64 - patches from [Filippo Valsorda](https://github.com/FiloSottile) and [Demitri Muna](https://github.com/demitri), correcting [#33 "Fix compilation problems due to `stat64()` on Apple Silicon"](https://codeberg.org/a-j-wood/pv/issues/33) * fix: add burst rate limit to transfer, so rate limits are not broken by bursty traffic (pull request [#62](https://codeberg.org/a-j-wood/pv/pull/62) supplied by [Volodymyr Bychkovyak](https://github.com/vbychkoviak)) * fix: corrected "`--force`" option so it will still output progress when not in the same process group as the owner of the terminal - corrects [#23 "No output with "`-f`" when run in background after 1.6.6"](https://codeberg.org/a-j-wood/pv/issues/23) and helps to correct [#31 "No output written from inside zsh <() construct"](https://codeberg.org/a-j-wood/pv/issues/31) * fix: corrected elapsed time display to show as D:HH:MM:SS after 1 day, like the ETA does - corrects [#16 "Show days in same format in ETA as in elapsed time"](https://codeberg.org/a-j-wood/pv/issues/16) * fix: corrected bug where percentages went down after 100% when in "`--numeric`" mode with a "`--size`" that was too small - corrects [#26 "Correct "`-n`" behaviour when going past 100% of "`-s`" size"](https://codeberg.org/a-j-wood/pv/issues/26) * i18n: recoded Polish translation file to UTF-8 * i18n: removed inaccurate fuzzy translation matches * docs: moved all open issues into GitHub and updated the TODO list * docs: renamed README to README.md and altered it to Markdown format * docs: moved contributors from the README to docs/ACKNOWLEDGEMENTS.md * docs: moved TODO to TODO.md and altered it to Markdown format * docs: moved NEWS to NEWS.md, converted it to UTF-8, and altered it to Markdown format

www/php-apcu: update to 5.1.16

ce96921

netbsd-srcmastr closed this in 029f190 Feb 5, 2019

mmoll deleted the php_apcu_5116 branch February 5, 2019 20:30

netbsd-srcmastr pushed a commit that referenced this pull request Feb 15, 2023

security/ruby-rex-exploitation: update to 0.1.37

e8cc13d

0.1.37 (2023-01-31) * Land #42, Add support for Ruby 3.2

netbsd-srcmastr pushed a commit that referenced this pull request Jun 11, 2023

(textproc/R-hunspell) Updated 3.0.1 to 3.0.2

73c5a38

3.0.2 - Find paths to dictionaries of RStudio 1.3.x and 1.4.x (@GegznaV, #42)

netbsd-srcmastr pushed a commit that referenced this pull request Jun 27, 2023

Update to 0.22

5427919

Upstream changes: 0.22 2023-02-01T05:14:13Z - Clear %Handle cache if dbh is set to undef #42 - Skip fork test on win32 #41

netbsd-srcmastr pushed a commit that referenced this pull request Apr 9, 2024

sysutils/ripdrag: update to 0.4.7

3725cee

What's Changed - store file path in tooltip by @feddynventor in #42

netbsd-srcmastr pushed a commit that referenced this pull request May 2, 2024

devel/hs-lifted-async: Update to 0.10.2.5

53b6df3

v0.10.2.5 - 2023-11-11 Support GHC 9.8 (#42) Allow base-4.19, bump CI to GHC 9.8.1 (#43)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

www/php-apcu: update to 5.1.16 #42

www/php-apcu: update to 5.1.16 #42

mmoll commented Feb 4, 2019

bsiegert commented Feb 5, 2019

www/php-apcu: update to 5.1.16 #42

www/php-apcu: update to 5.1.16 #42

Conversation

mmoll commented Feb 4, 2019

bsiegert commented Feb 5, 2019