Please update Powerdns to fix CVE-2019-10163 and CVE-2019-10162 #239

jfqd · 2020-02-09T14:53:01Z

Would it be possible to update Powerdns to version 4.1.13 to fix the two CVEs? Thx :)

@Aketzu

# v0.19.4 ## Bugfix - slack: fix regression with slack library (#264) - slack: fix an unexpected panic (#263) # v0.19.3 ## Enhancement * general: Add UPDATELASTVIEWED command, and make DisableAutoView work consistently (#255) * slack: Handle message edits and deletion (#260) * slack: Add handling of reactions, stars and pins (#229) ## Bugfix * mattermost: Fix a panic #247 * mattermost: Fixes incorrect users because of paging. #244 * mattermost: Fix outdated channel issue * mattermost: Add paging so we can see > 200 users in a channel #248 * mattermost: Fix expired session panic #259 * general: Fix datarace #246 * general: Fix empty JoinInclude * general: Fix panic #257 This release couldn't exist without the following contributors: @Aketzu, @bucko909, @42wim # v0.19.2 ## Enhancement * general: Add a default value matterirc.toml for the '-conf' flag (#240) * slack: library updated * mattermost: library updated * mattermost: Add support for channel created/deleted events ## Bugfix * mattermost: Remove ourselves from the channel when removed in mattermost. Fixes #233 * mattermost: Add/remove ourselves to the channel if we join using the GUI. #239 * mattermost: Update topics in mattermost. Closes #241 * mattermost: Fix pastes and attachments in direct message. Closes #228 * mattermost: Update channels if not known on join yet # v0.19.1 ## New features * mattermost: Added support for disabling of automatic view flag updates (#226). See DisableAutoView in matterircd.toml.example * slack: Add message showing enhancements and add slackbot to all channels (#230) ## Bugfix * general: Fix tight loop (100% CPU). Closes #231 # v0.19.0 ## New features * irc: Add support for spoofing query messages. #195 * You can now see your own messages you've typed on slack/mattermost web in irc * irc: Add PasteBufferTimeout option (send ascii-art!) * See matterircd.toml.example for an example. * PasteBufferTimeout specifies the amount of time in milliseconds that messages get kept in matterircd internal buffer before being sent to mattermost or slack. Messages that will be received in this time will be concatenated together So this can be used to paste stuff like ascii-art or code. Default 0 (is disabled) Depending on how fast you type 2500 is a good number ## Bugfix * slack: Correctly handle different nick and username #203 * slack: Ignore channel join messages #198

jfqd · 2020-03-30T12:46:13Z

@jperkin Are CVE-Updates for pkgsrc still a thing?

jperkin · 2020-03-30T15:40:41Z

This was updated a few weeks ago, I'll backport to 2019Q4 once 2020Q1 has finished building.

jfqd · 2020-03-30T15:43:46Z

@jperkin Thx for your response, but in trunk powerdns is still 4.1.8 (nb4)

jperkin · 2020-03-30T15:48:25Z

Oh you're right, sorry, it looks like the last couple of builds failed to publish. I'll dig into why I wasn't notified about that.

jfqd · 2020-04-05T17:53:06Z

@jperkin Thanks for the update!

Upstream changes: 4.47 2020-05-01 [ FIX / TESTING ] - fix typo in variable name (GH #239) 4.46 2020-02-03 [ DOCUMENTATION ] - Document support for SameSite=None cookies (GH #238) 4.45 2019-06-03 [ ENHANCEMENT ] - Add support for SameSite=None cookies (GH #237, thanks to Dur09)

Changes: 1.27.5 ------ - cups-browsed: Do not remove the created local queues on shutdown, to avoid their re-creation on restart, so that desktops get no cluttered with notifications of new queues being created. One can return to the old behavior via "KeepGeneratedQueuesOnShutdown No" in cups-browsed.conf (Ubuntu bug #1869981, #1878241). - cups-browsed: Do not accept DNS-SD broadcasts of IPPS type of "remote" CUPS queues of another CUPS instance on the local machine. This way we get a local queue pointing to such a printer only in unencrypted version (IPP). For some reason printing from one CUPS server to another on the same machine works only unencrypted. - foomatic-rip: Map two-sided-short-edge to DuplexTumble (Pull request #236) - Build system: In configure.ac use AS_IF instead of AC_CHECK_FILE for font check (Issue #239, Pull request #240) - cups-browsed: Cleaned up code for determining to which CUPS server (host/port/domain socket) to connect, so that connection via DomainSocket cups-browsed.conf directive, CUPS_SERVER and IPP_PORT environment variables and all defaults and methods of libcups, including CUPS' client.conf work. - gstoraster, rastertopdf: Do not pass NULL to fprintf() (Pull request #230). - libcupsfilters: Silence compiler warning (Pull request #229).

pkgsrc changes: - sane-backends seems now make jobs safe - Add dependency to c++11 for genesys backend - Remove no longer needed patch-backend_epsonds.c: now sys/time.h is included - Use BJNP_HOST_MAX instead of non-portable/POSIX HOST_NAME_MAX via patch-backend_pixma_pixma__bjnp.c - Update MASTER_SITES and remove it from Makefile.common: the current one is specific to sane-backends Changes: 1.0.30 ------ This release fixes several security related issues and a build issue. ### Backends - `epson2`: fixes CVE-2020-12867 (GHSL-2020-075) and several memory management issues found while addressing that CVE - `epsonds`: addresses out-of-bound memory access issues to fix CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083), addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084) and disables network autodiscovery to mitigate CVE-2020-12866 (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864 (GHSL-2020-081). Note that this backend does not support network scanners to begin with. - `magicolor`: fixes a floating point exception and uninitialized data read - fixes an overflow in `sanei_tcp_read()` ### Build - fixes a build issue where linker flags would become link time dependencies (#239) 1.0.29 ------ ### Backends - adds an `escl` backend (theoretically supporting *all* AirPrint devices with a scan unit) - adds support for 23 new scanner models via existing backends - significantly changes `genesys` and `pixma` backends - fixes bugs in `canon_dr`, `fujitsu`, `hp3900`, `mustek_usb2`, `plustek` and `xerox_mfp` backends - fixes *all* compiler warnings on Debian 10 (#120) - fixes portability issues for uClibc-ng and MacOS builds - adds support to record and replay USB I/O traffic - adds timestamps to debug logs ### Frontends - fixes a 32-bit arithmetic overflow issue in `scanimage` ### Documentation - updates translations for British English, Catalan, German, Ukrainian, Valencian - adds `scangearmp2` external backend descriptions - updates `hpaio` and `utsushi` external backend descriptions - adds the `ChangeLogs/` directory to the source tarball (#103) ### Build - additionally requires `libcurl` and `libxml2` to build the `escl` backend - requires `libxml2` for USB I/O recording and replay functionality - re-enables pthread support for backends that use its API directly, irrespective of the `pthread_t` type (#153) - moves the `genesys` and `pixma` backends to a directory of their own 1.0.28 ------ ### Backends - adds a `ricoh2` backend - adds support for 40+ new scanner models - significantly changes `canon_dr`, `fujitsu`, `genesys`, `gt68xx`, `hp5590` and, `pixma` backends - fixes bugs in `as6e`, `avision`, `mustek` and `plustek` backends - fixes scores of compiler warnings ### Frontends - adds, changes and removes options for `saned` (see `man 8 saned` for details) - adds: `-l` (listen), `-D` (daemonize), `-o` (once), `-e` (stderr), `-u` (user) - removes: `-s` (syslog). Use `-a -d level -o -f` for the old behavior - changes: `-d` (debug). Use `-a -d level -o -f -e` for the old behavior - `saned` now cancels scans if the data connections appears to have gone away (after 4 seconds by default, configurable in `saned.conf`) - adds `--output-file` option to `scanimage` - adds `--help` option to `scan-find-scanner` - changes `sane-desc` to create relative hyperlinks ### Documentation - adds translations for Catalan, Hebrew and Valencian - updates translations for British English, Dutch, German and Ukrainian - marks unmaintained backends as such - documents USB workaround in `sane-usb` manual page ### Build - requires a C++11 compatible compiler for the `genesys` backend - requires a JPEG library when building the `pixma` backend - fixes unneeded linking when not using preloadable backend support - disables pthread support for systems with non-integral `pthread_t` type - fixes USB support detection on BeOS and OS/2 at `./configure` time - normalizes trailing whitespace in source code files. If you have local patches that no longer apply, have a look at the whitespace ignoring options of `patch` and `git apply`.

Version 2.11 - 9 Jul 2020 - Introduction of the barman-cli-cloud package that contains all cloud related utilities. - Add barman-cloud-wal-restore to restore a WAL file previously archived with barman-cloud-wal-archive from an object store - Add barman-cloud-restore to restore a backup previously taken with barman-cloud-backup from an object store - Add barman-cloud-backup-list to list backups taken with barman-cloud-backup in an object store - Add support for arbitrary archive size for barman-cloud-backup - Add support for --endpoint-url option to cloud utilities - Remove strict superuser requirement for PG 10+ (by Kaarel Moppel) - Add --log-level runtime option for barman to override default log level for a specific command - Support for PostgreSQL 13 - Bug fixes: - Suppress messages and warning with SSH connections in barman-cli (GH-257) - Fix a race condition when retrieving uploaded parts in barman-cloud-backup (GH-259) - Close the PostgreSQL connection after a backup (GH-258) - Check for uninitialized replication slots in receive-wal --reset (GH-260) - Ensure that begin_wal is valorised before acting on it (GH-262) - Fix bug in XLOG/WAL arithmetic with custom segment size (GH-287) - Fix rsync compatibility error with recent rsync - Fix PostgreSQLClient version parsing - Fix PostgreSQL exception handling with non ASCII messages - Ensure each postgres connection has an empty search_path - Avoid connecting to PostgreSQL while reading a backup.info file If you are using already barman-cloud-wal-archive or barman-cloud-backup installed via RPM/Apt package and you are upgrading your system, you must install the barman-cli-cloud package. All cloud related tools are now part of the barman-cli-cloud package, including barman-cloud-wal-archive and barman-cloud-backup that were previosly shipped with barman-cli. The reason is complex dependency management of the boto3 library, which is a requirement for the cloud utilities. Version 2.10 - 5 Dec 2019 - Pull .partial WAL files with get-wal and barman-wal-restore, allowing restore_command in a recovery scenario to fetch a partial WAL file's content from the Barman server. This feature simplifies and enhances RPO=0 recovery operations. - Store the PostgreSQL system identifier in the server directory and inside the backup information file. Improve check command to verify the consistency of the system identifier with active connections (standard and replication) and data on disk. - A new script called barman-cloud-wal-archive has been added to the barman-cli package to directly ship WAL files from PostgreSQL (using archive_command) to cloud object storage services that are compatible with AWS S3. It supports encryption and compression. - A new script called barman-cloud-backup has been added to the barman-cli package to directly ship base backups from a local PostgreSQL server to cloud object storage services that are compatible with AWS S3. It supports encryption, parallel upload, compression. - Automated creation of replication slots through the server/global option create_slot. When set to auto, Barman creates the replication slot, in case streaming_archiver is enabled and slot_name is defined. The default value is manual for back-compatibility. - Add '-w/--wait' option to backup command, making Barman wait for all required WAL files to be archived before considering the backup completed. Add also the --wait-timeout option (default 0, no timeout). - Redact passwords from Barman output, in particular from barman diagnose (InfoSec) - Improve robustness of receive-wal --reset command, by verifying that the last partial file is aligned with the current location or, if present, with replication slot's. - Documentation improvements - Bug fixes: - Wrong string matching operation when excluding tablespaces inside PGDATA (GH-245) - Minor fixes in WAL delete hook scripts (GH-240) - Fix PostgreSQL connection aliveness check (GH-239) Version 2.9 - 1 Aug 2019 - Transparently support PostgreSQL 12, by supporting the new way of managing recovery and standby settings through GUC options and signal files (recovery.signal and standby.signal) - Add --bwlimit command line option to set bandwidth limitation for backup and recover commands - Ignore WAL archive failure for check command in case the latest backup is WAITING_FOR_WALS - Add --target-lsn option to set recovery target Log Sequence Number for recover command with PostgreSQL 10 or higher - Add --spool-dir option to barman-wal-restore so that users can change the spool directory location from the default, avoiding conflicts in case of multiple PostgreSQL instances on the same server (thanks to Drazen Kacar). - Rename barman_xlog directory to barman_wal - JSON output writer to export command output as JSON objects and facilitate integration with external tools and systems (thanks to Marcin Onufry Hlybin). Experimental in this release. Bug fixes: - replication-status doesn’t show streamers with no slot (GH-222) - When checking that a connection is alive (“SELECT 1” query), preserve the status of the PostgreSQL connection (GH-149). This fixes those cases of connections that were terminated due to idle-in-transaction timeout, causing concurrent backups to fail. Version 2.8 - 17 May 2019 - Add support for reuse_backup in geo-redundancy for incremental backup copy in passive nodes - Improve performance of rsync based copy by using strptime instead of the more generic dateutil.parser (#210) - Add ‘--test’ option to barman-wal-archive and barman-wal-restore to verify the connection with the Barman server - Complain if backup_options is not explicitly set, as the future default value will change from exclusive_backup to concurrent_backup when PostgreSQL 9.5 will be declared EOL by the PGDG - Display additional settings in the show-server and diagnose commands: archive_timeout, data_checksums, hot_standby, max_wal_senders, max_replication_slots and wal_compression. - Merge the barman-cli project in Barman - Bug fixes: - Fix encoding error in get-wal on Python 3 (Jeff Janes, #221) - Fix exclude_and_protect_filter (Jeff Janes, #217) - Remove spurious message when resetting WAL (Jeff Janes, #215) - Fix sync-wals error if primary has WALs older than the first backup - Support for double quotes in synchronous_standby_names setting - Minor changes: - Improve messaging of check --nagios for inactive servers - Log remote SSH command with recover command - Hide logical decoding connections in replication-status command This release officially supports Python 3 and deprecates Python 2 (which might be discontinued in future releases). PostgreSQL 9.3 and older is deprecated from this release of Barman. Support for backup from standby is now limited to PostgreSQL 9.4 or higher and to WAL shipping from the standby (please refer to the documentation for details). Version 2.7 - 21 Mar 2019 - Fix error handling during the parallel backup. Previously an unrecoverable error during the copy could have corrupted the barman internal state, requiring a manual kill of barman process with SIGTERM and a manual cleanup of the running backup in PostgreSQL. (GH#199) - Fix support of UTF-8 characters in input and output (GH#194 and GH#196) - Ignore history/backup/partial files for first sync of geo-redundancy (GH#198) - Fix network failure with geo-redundancy causing cron to break (GH#202) - Fix backup validation in PostgreSQL older than 9.2 - Various documentation fixes Version 2.6 - 4 Feb 2019 - Add support for Geographical redundancy, introducing 3 new commands: sync-info, sync-backup and sync-wals. Geo-redundancy allows a Barman server to use another Barman server as data source instead of a PostgreSQL server. - Add put-wal command that allows Barman to safely receive WAL files via PostgreSQL's archive_command using the barman-wal-archive script included in barman-cli - Add ANSI colour support to check command - Minor fixes: - Fix switch-wal on standby with an empty WAL directory - Honour archiver locking in wait_for_wal method - Fix WAL compression detection algorithm - Fix current_action in concurrent stop backup errors - Do not treat lock file busy as an error when validating a backup

@heavywatal

(pkgsrc) - Add TEST_DEPENDS+, but still fails at pdLaTeX (upstream) # fs 1.5.0 ---------- * The libuv release used by fs was updated to 1.38.1 * `dir_create()` now consults the process umask so the mode during directory creation works like `mkdir` does (#284). * `fs_path`, `fs_bytes` and `fs_perms` objects are now compatible with vctrs 0.3.0 (#266) * `fs_path` objects now sort properly when there is a mix of ASCII and unicode elements (#279) # fs 1.4.2 ---------- * `file_info(..., follow = TRUE)`, `is_dir()`, and `is_file()` follow relative symlinks in non-current directories (@heavywatal, #280) * `dir_map()` now grows its internal list safely, the 1.4.0 release introduced an unsafe regression (#268) * `file_info()` returns a tibble if the tibble package is installed, and subsets work when it is a `data.frame` (#265) * `path_real()` always fails if the file does not exist. Thus it can no longer be used to resolve symlinks further up the path hierarchy for files that do not yet exist. This reverts the feature introduced in 1.2.7 (#144, #221, #231) # fs 1.4.1 ---------- * Fix compilation on Solaris. # fs 1.4.0 ---------- * `[[.fs_path`, `[[.fs_bytes` and `[[.fs_perms` now preserve their classes after subsetting (#254). * `path_has_parent()` now recycles both the `path` and `parent` arguments (#253). * `path_ext_set()` now recycles both the `path` and `ext` arguments (#250). * Internally fs no longer depends on Rcpp # fs 1.3.2 ---------- * fs now passes along `CPPFLAGS` during compilation of libuv, fixing an issue that could prevent compilation from source on macOS Catalina. (@kevinushey, #229) * fs now compiles on alpine linux (#210) * `dir_create()` now works with absolute paths and `recurse = FALSE` (#204). * `dir_tree()` now works with paths that need tilde expansion (@dmurdoch, @jennybc, #203). * `file_info()` now returns file sizes with the proper classes ("fs_bytes" and "numeric"), rather than just "fs_bytes" (#239) * `get_dirent_type()` gains a `fail` argument (@bellma-lilly, #219) * `Is_Dir()`, `is_file()`, `is_file_empty()` and `file_info()` gain a `follow` argument, to follow links and return information about the linked file rather than the link itself (#198) * `path()` now follows "tidy" recycling rules, namely only consistent or length 1 inputs are recycled. (#238) * `path()` now errors if the path given or constructed will exceed `PATH_MAX` (#233). * `path_ext_set()` now works with multiple paths (@maurolepore, #208).

2.0.3 (2020-08-22) ~~~~~~~~~~~~~~~~~~ - Fix issues when building re2c as a CMake subproject (`#302 <https://github.com/skvadrik/re2c/pull/302>`_: - Final corrections in the SIMPA article "RE2C: A lexer generator based on lookahead-TDFA", https://doi.org/10.1016/j.simpa.2020.100027 2.0.2 (2020-08-08) ~~~~~~~~~~~~~~~~~~ - Enable re2go building by default. - Package CMake files into release tarball. 2.0.1 (2020-07-29) ~~~~~~~~~~~~~~~~~~ - Updated version for CMake build system (forgotten in release 2.0). - Added a short article about re2c for the Software Impacts journal. 2.0 (2020-07-20) ~~~~~~~~~~~~~~~~ - Added new code generation backend for Go and a new ``re2go`` program (`#272 <https://github.com/skvadrik/re2c/issues/272>`_: Go support). Added option ``--lang <c | go>``. - Added CMake build system as an alternative to Autotools (`#275 <https://github.com/skvadrik/re2c/pull/275>`_: Add a CMake build system (thanks to ligfx), `#244 <https://github.com/skvadrik/re2c/issues/244>`_: Switching to CMake). - Changes in generic API: + Removed primitives ``YYSTAGPD`` and ``YYMTAGPD``. + Added primitives ``YYSHIFT``, ``YYSHIFTSTAG``, ``YYSHIFTMTAG`` that allow to express fixed tags in terms of generic API. + Added configurations ``re2c:api:style`` and ``re2c:api:sigil``. + Added named placeholders in interpolated configuration strings. - Changes in reuse mode (``-r, --reuse`` option): + Do not reset API-related configurations in each `use:re2c` block (`#291 <https://github.com/skvadrik/re2c/issues/291>`_: Defines in rules block are not propagated to use blocks). + Use block-local options instead of last block options. + Do not accumulate options from rules/reuse blocks in whole-program options. + Generate non-overlapping YYFILL labels for reuse blocks. + Generate start label for each reuse block in storable state mode. - Changes in start-conditions mode (``-c, --start-conditions`` option): + Allow to use normal (non-conditional) blocks in `-c` mode (`#263 <https://github.com/skvadrik/re2c/issues/263>`_: allow mixing conditional and non-conditional blocks with -c, `#296 <https://github.com/skvadrik/re2c/issues/296>`_: Conditions required for all lexers when using '-c' option). + Generate condition switch in every re2c block (`#295 <https://github.com/skvadrik/re2c/issues/295>`_: Condition switch generated for only one lexer per file). - Changes in the generated labels: + Use ``yyeof`` label prefix instead of ``yyeofrule``. + Use ``yyfill`` label prefix instead of ``yyFillLabel``. + Decouple start label and initial label (affects label numbering). - Removed undocumented configuration ``re2c:flags:o``, ``re2c:flags:output``. - Changes in ``re2c:flags:t``, ``re2c:flags:type-header`` configuration: filename is now relative to the output file directory. - Added option ``--case-ranges`` and configuration ``re2c:flags:case-ranges``. - Extended fixed tags optimization for the case of fixed-counter repetition. - Fixed bugs related to EOF rule: + `#276 <https://github.com/skvadrik/re2c/issues/276>`_: Example 01_fill.re in docs is broken + `#280 <https://github.com/skvadrik/re2c/issues/280>`_: EOF rules with multiple blocks + `#284 <https://github.com/skvadrik/re2c/issues/284>`_: mismatched YYBACKUP and YYRESTORE (Add missing fallback states with EOF rule) - Fixed miscellaneous bugs: + `#286 <https://github.com/skvadrik/re2c/issues/286>`_: Incorrect submatch values with fixed-length trailing context. + `#297 <https://github.com/skvadrik/re2c/issues/297>`_: configure error on ubuntu 18.04 / cmake 3.10 - Changed bootstrap process (require explicit configuration flags and a path to re2c executable to regenerate the lexers). - Added internal options ``--posix-prectable <naive | complex>``. - Added debug option ``--dump-dfa-tree``. - Major revision of the paper "Efficient POSIX submatch extraction on NFA". ---- 1.3x ---- 1.3 (2019-12-14) ~~~~~~~~~~~~~~~~ - Added option: ``--stadfa``. - Added warning: ``-Wsentinel-in-midrule``. - Added generic API primitives: + ``YYSTAGPD`` + ``YYMTAGPD`` - Added configurations: + ``re2c:sentinel = 0;`` + ``re2c:define:YYSTAGPD = "YYSTAGPD";`` + ``re2c:define:YYMTAGPD = "YYMTAGPD";`` - Worked on reproducible builds (`#258 <https://github.com/skvadrik/re2c/pull/258>`_: Make the build reproducible). ---- 1.2x ---- 1.2.1 (2019-08-11) ~~~~~~~~~~~~~~~~~~ - Fixed bug `#253 <https://github.com/skvadrik/re2c/issues/253>`_: re2c should install unicode_categories.re somewhere. - Fixed bug `#254 <https://github.com/skvadrik/re2c/issues/254>`_: Turn off re2c:eof = 0. 1.2 (2019-08-02) ~~~~~~~~~~~~~~~~ - Added EOF rule ``$`` and configuration ``re2c:eof``. - Added ``/*!include:re2c ... */`` directive and ``-I`` option. - Added ``/*!header:re2c:on*/`` and ``/*!header:re2c:off*/`` directives. - Added ``--input-encoding <ascii | utf8>`` option. + `#237 <https://github.com/skvadrik/re2c/issues/237>`_: Handle non-ASCII encoded characters in regular expressions + `#250 <https://github.com/skvadrik/re2c/issues/250>`_ UTF8 enoding - Added include file with a list of definitions for Unicode character classes. + `#235 <https://github.com/skvadrik/re2c/issues/235>`_: Unicode character classes - Added ``--location-format <gnu | msvc>`` option. + `#195 <https://github.com/skvadrik/re2c/issues/195>`_: Please consider using Gnu format for error messages - Added ``--verbose`` option that prints "success" message if re2c exits without errors. - Added configurations for options: + ``-o --output`` (specify output file) + ``-t --type-header`` (specify header file) - Removed configurations for internal/debug options. - Extended ``-r`` option: allow to mix multiple ``/*!rules:re2c*/``, ``/*!use:re2c*/`` and ``/*!re2c*/`` blocks. + `#55 <https://github.com/skvadrik/re2c/issues/55>`_: allow standard re2c blocks in reuse mode - Fixed ``-F --flex-support`` option: parsing and operator precedence. + `#229 <https://github.com/skvadrik/re2c/issues/229>`_: re2c option -F (flex syntax) broken + `#242 <https://github.com/skvadrik/re2c/issues/242>`_: Operator precedence with --flex-syntax is broken - Changed difference operator ``/`` to apply before encoding expansion of operands. + `#236 <https://github.com/skvadrik/re2c/issues/236>`_: Support range difference with variable-length encodings - Changed output generation of output file to be atomic. + `#245 <https://github.com/skvadrik/re2c/issues/245>`_: re2c output is not atomic - Authored research paper "Efficient POSIX Submatch Extraction on NFA" together with Dr Angelo Borsotti. - Added experimental libre2c library (``--enable-libs`` configure option) with the following algorithms: + TDFA with leftmost-greedy disambiguation + TDFA with POSIX disambiguation (Okui-Suzuki algorithm) + TNFA with leftmost-greedy disambiguation + TNFA with POSIX disambiguation (Okui-Suzuki algorithm) + TNFA with lazy POSIX disambiguation (Okui-Suzuki algorithm) + TNFA with POSIX disambiguation (Kuklewicz algorithm) + TNFA with POSIX disambiguation (Cox algorithm) - Added debug subsystem (``--enable-debug`` configure option) and new debug options: + ``-dump-cfg`` (dump control flow graph of tag variables) + ``-dump-interf`` (dump interference table of tag variables) + ``-dump-closure-stats`` (dump epsilon-closure statistics) - Added internal options: + ``--posix-closure <gor1 | gtop>`` (switch between shortest-path algorithms used for the construction of POSIX closure) - Fixed a number of crashes found by American Fuzzy Lop fuzzer: + `#226 <https://github.com/skvadrik/re2c/issues/226>`_, `#227 <https://github.com/skvadrik/re2c/issues/227>`_, `#228 <https://github.com/skvadrik/re2c/issues/228>`_, `#231 <https://github.com/skvadrik/re2c/issues/231>`_, `#232 <https://github.com/skvadrik/re2c/issues/232>`_, `#233 <https://github.com/skvadrik/re2c/issues/233>`_, `#234 <https://github.com/skvadrik/re2c/issues/234>`_, `#238 <https://github.com/skvadrik/re2c/issues/238>`_ - Fixed handling of newlines: + correctly parse multi-character newlines CR LF in ``#line`` directives + consistently convert all newlines in the generated file to Unix-style LF - Changed default tarball format from .gz to .xz. + `#221 <https://github.com/skvadrik/re2c/issues/221>`_: big source tarball - Fixed a number of other bugs and resolved issues: + `#2 <https://github.com/skvadrik/re2c/issues/2>`_: abort + `#6 <https://github.com/skvadrik/re2c/issues/6>`_: segfault + `#10 <https://github.com/skvadrik/re2c/issues/10>`_: lessons/002_upn_calculator/calc_002 doesn't produce a useful example program + `#44 <https://github.com/skvadrik/re2c/issues/44>`_: Access violation when translating the attached file + `#49 <https://github.com/skvadrik/re2c/issues/49>`_: wildcard state \000 rules makes lexer behave weard + `#98 <https://github.com/skvadrik/re2c/issues/98>`_: Transparent handling of #line directives in input files + `#104 <https://github.com/skvadrik/re2c/issues/104>`_: Improve const-correctness + `#105 <https://github.com/skvadrik/re2c/issues/105>`_: Conversion of pointer parameters into references + `#114 <https://github.com/skvadrik/re2c/issues/114>`_: Possibility of fixing bug 2535084 + `#120 <https://github.com/skvadrik/re2c/issues/120>`_: condition consisting of default rule only is ignored + `#167 <https://github.com/skvadrik/re2c/issues/167>`_: Add word boundary support + `#168 <https://github.com/skvadrik/re2c/issues/168>`_: Wikipedia's article on re2c + `#180 <https://github.com/skvadrik/re2c/issues/180>`_: Comment syntax? + `#182 <https://github.com/skvadrik/re2c/issues/182>`_: yych being set by YYPEEK () and then not used + `#196 <https://github.com/skvadrik/re2c/issues/196>`_: Implicit type conversion warnings + `#198 <https://github.com/skvadrik/re2c/issues/198>`_: no match for ‘operator!=’ in ‘i != std::vector<_Tp, _Alloc>::rend() [with _Tp = re2c::bitmap_t, _Alloc = std::allocator<re2c::bitmap_t>]()’ + `#210 <https://github.com/skvadrik/re2c/issues/210>`_: How to build re2c in windows? + `#215 <https://github.com/skvadrik/re2c/issues/215>`_: A memory read overrun issue in s_to_n32_unsafe.cc + `#220 <https://github.com/skvadrik/re2c/issues/220>`_: src/dfa/dfa.h: simplify constructor to avoid g++-3.4 bug + `#223 <https://github.com/skvadrik/re2c/issues/223>`_: Fix typo + `#224 <https://github.com/skvadrik/re2c/issues/224>`_: src/dfa/closure_posix.cc: pack() tweaks + `#225 <https://github.com/skvadrik/re2c/issues/225>`_: Documentation link is broken in libre2c/README + `#230 <https://github.com/skvadrik/re2c/issues/230>`_: Changes for upcoming Travis' infra migration + `#239 <https://github.com/skvadrik/re2c/issues/239>`_: Push model example has wrong re2c invocation, breaks guide + `#241 <https://github.com/skvadrik/re2c/issues/241>`_: Guidance on how to use re2c for full-duplex command & response protocol + `#243 <https://github.com/skvadrik/re2c/issues/243>`_: A code generated for period (.) requires 4 bytes + `#246 <https://github.com/skvadrik/re2c/issues/246>`_: Please add a license to this repo + `#247 <https://github.com/skvadrik/re2c/issues/247>`_: Build failure on current Cygwin, probably caused by force-fed c++98 mode + `#248 <https://github.com/skvadrik/re2c/issues/248>`_: distcheck still looks for README + `#251 <https://github.com/skvadrik/re2c/issues/251>`_: Including what you use is find, but not without inclusion guards - Updated documentation and website.

@orsinium

This notably fixes a security issue, CVE-2020-27197. Version 1.1.118: * #247 [CVE-2020-27197] Avoid SSRF on parsing XML (@orsinium) Version 1.1.117: * #244 SSL Verify Server not working correctly (@motok) (@nschwane) * #245 Unicode lxml.etree.SerialisationError on lxml 4.5.0+ (@advptr) Version 1.1.116: * #240 PY3 Compatibility changes for HTTP Response Body (@nschwane) Version 1.1.115: * #239 Convert the HTTP response body to a string type (PY3 this will be bytes) (@sddj) Version 1.1.114: * #237 Support converting dicts to content bindings (@danielsamuels) * #238 Provide XMLParser copies instead of reusing the cached instance. Prevents future messages to lose namespace Version 1.1.113: * #234 Add ability to load a configuration file when executing a script * #232 Fix TLS handshake failure when a server requires SNI (@marcelslotema) Version 1.1.112: * #227 Fixes to poll_client script (Python3 compatibility) * #226 Clean-up documentation warnings * #228 Fix 'HTTPMessage' has no attribute 'getheader' (Python3 compatibility) * #225 Fix checks that involve xpath (lxml) to prevent FutureWarning message * #230 Fix parsing status message round-trip (@danielsamuels) Thanks leot@ and pkgsrc's security team for the heads up! Pull-up to be requested.

This release addresses the following: New Features: Add support for infostore in EnvIsSet Test case #240 (ThomasAdam) Add variable/parameter which indicates the state of the FVWM3 logging #239 (NsCDE) Support for setting default mouse cursor on all FvwmScript widgets #222 (NsCDE) Add support for triangle indicator in/out sub options #221 (NsCDE) Add WindowName option to FvwmButtons #219 (NsCDE) Build problems: compilation fails on openbsd-current due to safemalloc.h (va_list) #231 "version of go" misinterpreted by configure script? #202 Unable to build 1.0, bson.h not found [FreeBSD 12.1] #200 Bug-fixes: _NET_WM_STATE was not updated for maximized windows #203 EwmhBaseStruts calculations don't use monitor's #241 DesktopConfiguration global inherits behaviour from per-monitor mode #236 FvwmEvent: missing monitor\_focus event #228 perllib: doesn't understand MX_MONITOR_* events #226 FvwmButtons subpanels not popped out on primary monitor when desk is > 0 #224 PositionPlacement Center: fix to use current screen #211 EwmhBaseStruts missing screen info from manpage #208 EwmhBaseStrut: fix calculations for per-monitor #242 (ThomasAdam) Fix window locations in Global mode #237 (ThomasAdam)

Packaging changes: - Some patches got upstreamed - Upstream now defaults to name=sc-im so it no longer needs to be set Changes, (reformatted) from the official changelog: New features: - New motions in edit mode: df cf F dF cF d0 d$ c0 c$ t T dt dT ct cT ^ g_ d^ dg_ c^ cg_ - Simple mouse support. Can handle selection of single cells and scroll. - Added markdown export. - Add custom colors with RGB definitions. - Add support for italic attribute to be appled to cells. - Added digraphs. - Added EXECUTE command. - Added --export_csv --export_tab --export_txt parameters. - New input_bar_bottom config variable. - New underline_grid config variable. - Added filename in status bar (filename_with_mode config variable). - Added option to truncate cells. - Added xlsx sheet parameter. - New @fact function. Other: - modified config and history file locations - renamed winch to sig_winch. - current fg and bg colors are kept if they are not specified in :cellcolor. - OpenBSD support (mostly wordexp() workaround) - Correct lua api function names in doc - always generate backup file when opening file - renamed scim to sc-im in Makefile - Document trigger return value convention Issues fixed: - fix bug when deleting an ent that for instance has a @sum()... it used to remove its vertex and THE ENTS LINKED to THEM! - fix error messages when using "scim --version" and color definitions are intented to be applied from .scimrc. - fix in waiting for valid command to complete after pressing ESC key. - fix in parse_str so a word with white space can be stored in dictionary value - fix when setting default_paste_from_clipboard_cmd - Don't clobber startup message w/ err opening file - Allow for lua scripts in local .sc directory #259 - Send informational messages to stderr rather than the output when used in non-interactive mode #263 - fixed cell_negative color #271 - fixed locked cells when saving #261 - fixed DEL key in insert mode #272 - fix when resizing column #266 - "Autobackup - case insensitive QER options when backup exists" - fixed segfault when fcopy'ing with no selection while on first column - Call write triggers on value clear - Use sc_info to report trigger exit code - fixed #277 - Grow table up to MAXROWS exactly - Remove redundant if clause (God only knows where that was). - fix in getVertex that prevented rebuild_graph to work properly. - fix annoying bug because of not resetting inputline_pos to 0 when confirming a command in COMMAND_MODE - fix in let and slet. existing vertexs should not be removed. - added "eval_visited" in vertex struct for not to collide with current "visited", since: EvalAll uses EvalBottomUp EvalBottomUp uses EvalJustOneVertex EvalJustOneVertex uses eval eval uses GraphAddEdge GraphAddEdge uses GraphIsReachable GraphIsReachable uses visited and EvalBottomUp also uses uses visited! - Also changed markAllVerticesNotVisited and All_vertexs_of_edges_visited functions. - Some other issues fixed: #228, #234, #239, #240, #244, #246, #260, #295, #308 - .. and many other fixes and improvements! Pending: The most significative issue is regarding circular references. This have to be deeply analyzed and with the collaboration of the community it would be hopefully fixed by v0.9.

@tlhackque

Changes with Apache 2.4.48 *) mod_proxy_wstunnel: Add ProxyWebsocketFallbackToProxyHttp to opt-out the fallback to mod_proxy_http for WebSocket upgrade and tunneling. [Yann Ylavic] *) mod_proxy: Fix flushing of THRESHOLD_MIN_WRITE data while tunneling. BZ 65294. [Yann Ylavic] *) core: Fix a regression that stripped the ETag header from 304 responses. PR 61820 [Ruediger Pluem, Roy T. Fielding] *) core: Adding SSL related inquiry functions to the server API. These function are always available, even when no module providing SSL is loaded. They provide their own "shadowing" implementation for the optional functions of similar name that mod_ssl and impersonators of mod_ssl provide. This enables loading of several SSL providing modules when all but one of them registers itself into the new hooks. Two old-style SSL modules will not work, as they replace the others optional functions with their own. Modules using the old-style optional functions will continue to work as core supplies its own versions of those. The following has been added so far: - ap_ssl_conn_is_ssl() to query if a connection is using SSL. - ap_ssl_var_lookup() to query SSL related variables for a server/connection/request. - Hooks for 'ssl_conn_is_ssl' and 'ssl_var_lookup' where modules providing SSL can install their own value supplying functions. - ap_ssl_add_cert_files() to enable other modules like mod_md to provide certificate and keys for an SSL module like mod_ssl. - ap_ssl_add_fallback_cert_files() to enable other modules like mod_md to provide a fallback certificate in case no 'proper' certificate is available for an SSL module like mod_ssl. - ap_ssl_answer_challenge() to enable other modules like mod_md to provide a certificate as used in the RFC 8555 'tls-alpn-01' challenge for the ACME protocol for an SSL module like mod_ssl. The function and its hook provide PEM encoded data instead of file names. - Hooks for 'ssl_add_cert_files', 'ssl_add_fallback_cert_files' and 'ssl_answer_challenge' where modules like mod_md can provide providers to the above mentioned functions. - These functions reside in the new 'http_ssl.h' header file. [Stefan Eissing] *) core/mod_ssl/mod_md: adding OCSP response provisioning as core feature. This allows modules to access and provide OCSP response data without being tied of each other. The data is exchanged in standard, portable formats (PEM encoded certificates and DER encoded responses), so that the actual SSL/crypto implementations used by the modules are independant of each other. Registration and retrieval happen in the context of a server (server_rec) which modules may use to decide if they are configured for this or not. The area of changes: 1. core: defines 2 functions in include/http_ssl.h, so that modules may register a certificate, together with its issuer certificate for OCSP response provisioning and ask for current response data (DER bytes) later. Also, 2 hooks are defined that allow modules to implement this OCSP provisioning. 2. mod_ssl uses the new functions, in addition to what it did already, to register its certificates this way. If no one is interested in providing OCSP, it falls back to its own (if configured) stapling implementation. 3. mod_md registers itself at the core hooks for OCSP provisioning. Depending on configuration, it will accept registrations of its own certificates only, all certificates or none. [Stefan Eissing] *) mod_md: v2.4.0 with improvements and bugfixes - MDPrivateKeys allows the specification of several types. Beside "RSA" plus optional key lengths elliptic curves can be configured. This means you can have multiple certificates for a Managed Domain with different key types. With ```MDPrivateKeys secp384r1 rsa2048``` you get one ECDSA and one RSA certificate and all modern client will use the shorter ECDSA, while older client will get the RSA certificate. Many thanks to @tlhackque who pushed and helped on this. - Support added for MDomains consisting of a wildcard. Configuring ```MDomain *.host.net``` will match all virtual hosts matching that pattern and obtain one certificate for it (assuming you have 'dns-01' challenge support configured). Addresses #239. - Removed support for ACMEv1 servers. The only known installation used to be Let's Encrypt which has disabled that version more than a year ago for new accounts. - Andreas Ulm (<https://github.com/root360-AndreasUlm>) implemented the ```renewing``` call to ```MDMessageCmd``` that can deny a certificate renewal attempt. This is useful in clustered installations, as discussed in #233). - New event ```challenge-setup:<type>:<domain>```, triggered when the challenge data for a domain has been created. This is invoked before the ACME server is told to check for it. The type is one of the ACME challenge types. This is invoked for every DNS name in a MDomain. - The max delay for retries has been raised to daily (this is like all retries jittered somewhat to avoid repeats at fixed time of day). - Certain error codes reported by the ACME server that indicate a problem with the configured data now immediately switch to daily retries. For example: if the ACME server rejects a contact email or a domain name, frequent retries will most likely not solve the problem. But daily retries still make sense as there might be an error at the server and un-supervised certificate renewal is the goal. Refs #222. - Test case and work around for domain names > 64 octets. Fixes #227. When the first DNS name of an MD is longer than 63 octets, the certificate request will not contain a CN field, but leave it up to the CA to choose one. Currently, Lets Encrypt looks for a shorter name in the SAN list given and fails the request if none is found. But it is really up to the CA (and what browsers/libs accept here) and may change over the years. That is why the decision is best made at the CA. - Retry delays now have a random +/-[0-50]% modification applied to let retries from several servers spread out more, should they have been restarted at the same time of day. - Fixed several places where the 'badNonce' return code from an ACME server was not handled correctly. The test server 'pebble' simulates this behaviour by default and helps nicely in verifying this behaviour. Thanks, pebble! - Set the default `MDActivationDelay` to 0. This was confusing to users that new certificates were deemed not usably before a day of delay. When clocks are correct, using a new certificate right away should not pose a problem. - When handling ACME authorization resources, the module no longer requires the server to return a "Location" header, as was necessary in ACMEv1. Fixes #216. - Fixed a theoretical uninitialized read when testing for JSON error responses from the ACME CA. Reported at <https://bz.apache.org/bugzilla/show_bug.cgi?id=64297>. - ACME problem reports from CAs that include parameters in the Content-Type header are handled correctly. (Previously, the problem text would not be reported and retries could exceed CA limits.) - Account Update transactions to V2 CAs now use the correct POST-AS-GET method. Previously, an empty JSON object was sent - which apparently LE accepted, but others reject. [Stefan Eissing, @tlhackque, Andreas Ulm] Changes with Apache 2.4.47 *) mod_dav_fs: Improve logging output when failing to open files for writing. PR 64413. [Bingyu Shen <ahshenbingyu gmail.com>] *) mod_http2: Fixed a race condition that could lead to streams being aborted (RST to the client), although a response had been produced. [Stefan Eissing] *) mod_lua: Add support to Lua 5.4 [Joe Orton, Giovanni Bechis, Ruediger Pluem] *) MPM event/worker: Fix possible crash in child process on early signal delivery. PR 64533. [Ruediger Pluem] *) mod_http2: sync with github standalone version 1.15.17 - Log requests and sent the configured error response in case of early detected errors like too many or too long headers. [Ruediger Pluem] - new option 'H2OutputBuffering on/off' which controls the buffering of stream output. The default is on, which is the behaviour of older mod-h2 versions. When off, all bytes are made available immediately to the main connection for sending them out to the client. This fixes interop issues with certain flavours of gRPC, see also <icing/mod_h2#207>. [Stefan Eissing] *) mod_unique_id: Fix potential duplicated ID generation under heavy load. PR 65159 [Jonas Müntener <jonas.muentener ergon.ch>, Christophe Jaillet] *) "[mod_dav_fs etag handling] should really honor the FileETag setting". - It now does. - Add "Digest" to FileETag directive, allowing a strong ETag to be generated using a file digest. - Add ap_make_etag_ex() and ap_set_etag_fd() to allow full control over ETag generation. - Add concept of "binary notes" to request_rec, allowing packed bit flags to be added to a request. - First binary note - AP_REQUEST_STRONG_ETAG - allows modules to force the ETag to a strong ETag to comply with RFC requirements, such as those mandated by various WebDAV extensions. [Graham Leggett] *) mod_proxy_http: Fix a possibly crash when the origin connection gets interrupted before completion. PR 64234. [Barnim Dzwillo <dzwillo strato.de>, Ruediger Pluem] *) mod_ssl: Do not keep connections to OCSP responders alive when doing OCSP requests. PR 64135. [Ruediger Pluem] *) mod_ssl: Improve the coalescing filter to buffer into larger TLS records, and avoid revealing the HTTP header size via TLS record boundaries (for common response generators). [Joe Orton, Ruediger Pluem] *) mod_proxy_hcheck: Don't pile up health checks if the previous one did not finish before hcinterval. PR 63010. [Yann Ylavic] *) mod_session: Improve session parsing. [Yann Yalvic] *) mod_authnz_ldap: Prevent authentications with empty passwords for the initial bind to fail with status 500. [Ruediger Pluem] *) mod_auth_digest: Fast validation of the nonce's base64 to fail early if the format can't match anyway. [Yann Ylavic] *) mod_proxy_fcgi: Honor "SetEnv proxy-sendcl" to forward a chunked Transfer-Encoding from the client, spooling the request body when needed to provide a Content-Length to the backend. PR 57087. [Yann Ylavic] *) mod_proxy: Put mod_proxy_{connect,wstunnel} tunneling code in common in proxy_util. [Yann Ylavic] *) mod_proxy: Improve tunneling loop to support half closed connections and pending data draining (for protocols like rsync). PR 61616. [Yann Ylavic] *) mod_proxy_http: handle Upgrade request, 101 (Switching Protocol) response and switched protocol forwarding. [Yann Ylavic] *) mod_proxy_wstunnel: Leave Upgrade requests handling to mod_proxy_http, allowing for (non-)Upgrade negotiation with the origin server. [Yann Ylavic] *) mod_proxy: Allow ProxyErrorOverride to be restricted to specific status codes. PR63628. [Martin Drößler <mail martindroessler.de>] *) core: Add ReadBufferSize, FlushMaxThreshold and FlushMaxPipelined directives. [Yann Ylavic] *) core: Ensure that aborted connections are logged as such. PR 62823 [Arnaud Grandville <contact@grandville.net>] *) http: Allow unknown response status' lines returned in the form of "HTTP/x.x xxx Status xxx". [Yann Ylavic] *) mod_proxy_http: Fix 100-continue deadlock for spooled request bodies, leading to Request Timeout (408). PR 63855. [Yann Ylavic] *) core: Remove headers on 304 Not Modified as specified by RFC7234, as opposed to passing an explicit subset of headers. PR 61820. [Giovanni Bechis] *) mpm_event: Don't reset connections after lingering close, restoring prior to 2.4.28 behaviour. [Yann Ylavic] *) mpm_event: Kill connections in keepalive state only when there is no more workers available, not when the maximum number of connections is reached, restoring prior to 2.4.30 behaviour. [Yann Ylavic] *) mod_unique_id: Use base64url encoding for UNIQUE_ID variable, avoiding the use of '@'. PR 57044. [Michael Kaufmann <apache-bugzilla michael-kaufmann.ch>] *) mod_rewrite: Extend the [CO] (cookie) flag of RewriteRule to accept a SameSite attribute. [Eric Covener] *) mod_proxy: Add proxy check_trans hook. This allows proxy modules to decline request handling at early stage. *) mod_proxy_wstunnel: Decline requests without an Upgrade header so ws/wss can be enabled overlapping with later http/https. *) mod_http2: Log requests and sent the configured error response in case of early detected errors like too many or too long headers. [Ruediger Pluem, Stefan Eissing] *) mod_md: Lowered the required minimal libcurl version from 7.50 to 7.29 as proposed by <alexander.gerasimov codeit.pro>. [Stefan Eissing] *) mod_ssl: Fix request body buffering with PHA in TLSv1.3. [Joe Orton] *) mod_proxy_uwsgi: Fix a crash when sending environment variables with no value. PR 64598 [Ruediger Pluem] *) mod_proxy: Recognize parameters from ProxyPassMatch workers with dollar substitution, such that they apply to the backend connection. Note that connection reuse is disabled by default to avoid compatibility issues. [Takashi Sato, Jan Kaluza, Eric Covener, Yann Ylavic, Jean-Frederic Clere]

httpuv 1.6.1 ============ * The `timegm()` function is a non-standard GNU extension, so it has been replaced with an internal `timegm2()` function. (#300) httpuv 1.6.0 ============ * Remove BH dependency. httpuv now requires a compiler which supports C++11. (#297) httpuv 1.5.5 ============ * Fix SHA1 calculation, and thus WebSocket server handshakes, on big-endian systems. (#284) * Fixed #195: Responses required `headers` to be a named list. Now it can also be `NULL`, an empty unnamed list, or it can be unset. (#289) * Allow responses to omit `body` (or set it as `NULL`) to avoid sending a body or setting the `Content-Length` header. This is intended for use with HTTP 204/304 responses. (#288) httpuv 1.5.4 ============ * Fixed #275: Large HTTP request headers could get truncated if they spanned more than one TCP message. (#277) * Fixed build for Solaris. (#271) * Fixed a test that had incorrect logic. (#272) httpuv 1.5.3.1 ============== * Updated libuv to version 1.37.0. (#266) * Fixed #204: On UBSAN builds of R, there were warnings about unaligned memory access. (#246) * Avoid creating a new Rook error stream object for each request. This should improve performance. (#245) * Resolved #247: httpuv no longer returns a HTTP 400 code for static files when the "Content-Length" header is 0. This Content-Length header is inserted by some proxies even for messages without payloads. (#248) * Resolved #253: Setting the FRAMEWORK environment variable would break compilation. This change removes any dependency on that variable. (#254) httpuv 1.5.2 ============ * In the static file-serving code path, httpuv previously looked for a `Connection: upgrade` header; if it found this header, it would not try to serve a static file, and it would instead forward the HTTP request to the R code path. However, some proxies are configured to always set this header, even when the connection is not actually meant to be upgraded. Now, instead of looking for a `Connection: upgrade` header, httpuv looks for the presence of an `Upgrade` header (with any value), and should be more robust to incorrectly-configured proxies. (#215) * Fixed handling of messages without payloads: (#219) * Fixed #224: Static file serving on Windows did not work correctly if it was from a path that contained non-ASCII characters. (#227) * Resolved #194, #233: Added a `quiet` option to `startServer`, which suppresses startup error messages that are normally printed to console (and can't be intercepted with `capture.output()`). (#234) * Added a new function `randomPort()`, which returns a random available port for listening on. (#234) * Added a new (unexported) function `logLevel()`, for controlling debugging information that will be printed to the console. Previously, httpuv occasionally printed messages like `ERROR: [uv_write] broken pipe` and `ERROR: [uv_write] bad file descriptor` by default. This happened when the server tried to write to a pipe that was already closed, but the situation was not harmful, and was already being handled correctly. Now these messages are printed only if the log level is set to `INFO` or `DEBUG`. (#223) * If an application's `$call()` method is missing, it will now give a 404 response instead of a 500 response. (#237) * Disallowed backslash in static path, to prevent path traversal attacks. (#235) * Static file serving on Windows could fail if multiple requests accessed the same file simultaneously. (#239)

@bart1

# version 0.7-1 * allow longer units grouping; #270 addressing #269 @bart1 * fix regression in `set_units` method for `mixed_units` to ensure that ordering is preserved; #272 addressing #271 # version 0.7-0 * add `load_units_xml` to enable database reloading as well as loading user-provided unit systems; #254 addressing #243, #244 * add `install_unit` and `remove_unit` for adding/removing custom user-defined symbols or names, with optional mapping to existing units; `install_symbolic_unit`, `remove_symbolic_unit`, `install_conversion_constant`, `install_conversion_offset` are deprecated; #261 addressing #89 * add `keep_units`, a helper to apply functions that do not preserve units; #255 addressing #252 * fix `as_units("")`, which is now equivalent to `unitless`; #199 * fix plot axes for `plot.formula` and `plot.data.frame`; #213 * fix arithmetic for powers above 1 and below -1; #264 * improve arithmetic of logarithms; #249 * export `ud_are_convertible`; #263 addressing #258 @cregouby * remove deprecations: `as.units`, `as_cf`, `make_unit`, `parse_unit`; #259 * remove deprecated pre-computed `ud_units` database; #259 # version 0.6-7 * port `isFALSE` to fix regression in old R versions; #230 addressing #229 * fix replacement operation for `units` objects; #233 addressing #232 * fix compatibility with dplyr 1.0; #247 addressing #239 # version 0.6-6 * prettier `str` print for units and mixed units; #228 addressing #227 * add compatibility with upcoming tibble v3.0.0; #225

@statsmaths

# pillar 1.6.1 - Bump required versions of ellipsis and vctrs to avoid warning during package load. - `obj_sum()` no longer includes shape twice (#315). # pillar 1.6.0 ## Features - New `num()` and `char()` offer a flexible way to customize the display of numeric and character columns (#191, #84). - New `"pillar.max_dec_width"` option (#308). - New `format_type_sum.AsIs()` avoids the need to implement your own `format_type_sum()` method (#286). - `align()` gains `space` argument to control the character used for filling (#285). - Numbers in scientific and decimal notation are formatted with the same rules regarding significant or decimal digits (#297). ## Bug fixes - Load the debugme package only if the `DEBUGME` environment variable is set. - More accurate detection if the decimal dot is necessary, and how many digits to show after the decimal dot (#298). - Use display width instead of number of characters when truncating character columns. ## Documentation - New `vignette("numbers")` and `vignette("digits")` (#308). ## Internal - Compatibility with vctrs 0.3.7 (#291). - `format.pillar_shaft_simple()` requires `"na"` attribute and no longer defaults to `pillar_na()` (#273). # pillar 1.5.1 ## Features - New `format_glimpse()` (#177). ## Bug fixes - Color and formatting can now be reliably turned off by setting the `"cli.num_colors"` option to 1 (#269). ## Documentation - Add examples for new functions (#264). - Fix lifecycle badges everywhere. # pillar 1.5.0 ## Breaking changes - `obj_sum()` now always returns a string. `pillar_shaft.list()` iterates over its elements and calls `obj_sum()` for each (#137). - Breaking: `print.pillar()` and `print.pillar_ornament()` now show `<pillar>` `<pillar_ornament>` in the first line (#227, #228). - pillar has been re-licensed as MIT (#215). ## Extensibility - New `size_sum()` generic (#239). - New `ctl_new_pillar()` and `ctl_new_compound_pillar()` used via `print.tbl()`, `format.tbl()` and `tbl_format_setup.tbl()` (#230). - New `new_pillar()` low-level constructor (#230). - New `new_pillar_component()` and `pillar_component()` (#230). - New articles `vignette("extending")` and `vignette("printing")` (#251). ## Formatting - All printing code has been moved from tibble to pillar (#179), including `glimpse()` (#234). This concentrates the printing code in one package and allows for better extensibility. - Improve formatting for `"Surv"` and `"Surv2"` classes from the survival package (#199). - Vectors of the `vctrs_unspecified()` class are formatted better (#256). - Arrays are now formatted by showing only their first slice (#142). - Avoid wrapping extra column names with spaces (#254). ## Internal - Now using debugme to simplify understand the complex control flow, see `vignette("debugme")` (#248). - New `format.pillar_ornament()` (#228). - Using testthat 3e (#218). - Avoid pillar.bold option in most tests (#216). - Change internal storage format for `colonnade()` and `extra_cols()` (#204). # pillar 1.4.7 - Adapt to changed environment on CRAN's Solaris machine. # pillar 1.4.6 - Restore compatibility with R 3.2. # pillar 1.4.5 ## Features - New `pillar.min_chars` option allows controlling the minimum number of characters shown for a character column (#178, @statsmaths). - `bit64::integer64()` columns are now formatted the same way as numeric columns (#175). - New `align()` to support easy alignment of strings within a character vector (existing function exported by @davidchall, #185). ## Technical - `pillar_shaft()`, `format_type_sum()` and `extra_cols()` issue a warning if dots are unused. - `new_pillar_title()` and `new_pillar_type()` warn if `...` is not empty. ## Internal - Use lifecycle package. - Remove compatibility code for R < 3.3. # pillar 1.4.4 - `obj_sum()` uses `vctrs::vec_size()` internally. - `is_vector_s3.default()` is soft-deprecated and no longer used. Please ensure that `vctrs::vec_is()` is `TRUE` for your class. - Rely on vctrs for type abbreviations. # pillar 1.4.3 - `new_pillar_shaft_simple()` gains `na` argument to control appearance of `NA` values. - String columns are quoted if at least one value needs quotes (#171). - Apply subtle style to `list_of` columns (#172). - Fix formatting if mantissa is very close to 1 (#174). - Use `as.character()` instead of `as_character()`. - Remove compatibility with testthat < 2.0.0.

* Catch ``urllib.error.URLError`` to prevent crashes. (#239) Updating during the freeze for the bugfix.

@tlhackque

Changes with Apache 2.4.48 *) mod_proxy_wstunnel: Add ProxyWebsocketFallbackToProxyHttp to opt-out the fallback to mod_proxy_http for WebSocket upgrade and tunneling. [Yann Ylavic] *) mod_proxy: Fix flushing of THRESHOLD_MIN_WRITE data while tunneling. BZ 65294. [Yann Ylavic] *) core: Fix a regression that stripped the ETag header from 304 responses. PR 61820 [Ruediger Pluem, Roy T. Fielding] *) core: Adding SSL related inquiry functions to the server API. These function are always available, even when no module providing SSL is loaded. They provide their own "shadowing" implementation for the optional functions of similar name that mod_ssl and impersonators of mod_ssl provide. This enables loading of several SSL providing modules when all but one of them registers itself into the new hooks. Two old-style SSL modules will not work, as they replace the others optional functions with their own. Modules using the old-style optional functions will continue to work as core supplies its own versions of those. The following has been added so far: - ap_ssl_conn_is_ssl() to query if a connection is using SSL. - ap_ssl_var_lookup() to query SSL related variables for a server/connection/request. - Hooks for 'ssl_conn_is_ssl' and 'ssl_var_lookup' where modules providing SSL can install their own value supplying functions. - ap_ssl_add_cert_files() to enable other modules like mod_md to provide certificate and keys for an SSL module like mod_ssl. - ap_ssl_add_fallback_cert_files() to enable other modules like mod_md to provide a fallback certificate in case no 'proper' certificate is available for an SSL module like mod_ssl. - ap_ssl_answer_challenge() to enable other modules like mod_md to provide a certificate as used in the RFC 8555 'tls-alpn-01' challenge for the ACME protocol for an SSL module like mod_ssl. The function and its hook provide PEM encoded data instead of file names. - Hooks for 'ssl_add_cert_files', 'ssl_add_fallback_cert_files' and 'ssl_answer_challenge' where modules like mod_md can provide providers to the above mentioned functions. - These functions reside in the new 'http_ssl.h' header file. [Stefan Eissing] *) core/mod_ssl/mod_md: adding OCSP response provisioning as core feature. This allows modules to access and provide OCSP response data without being tied of each other. The data is exchanged in standard, portable formats (PEM encoded certificates and DER encoded responses), so that the actual SSL/crypto implementations used by the modules are independant of each other. Registration and retrieval happen in the context of a server (server_rec) which modules may use to decide if they are configured for this or not. The area of changes: 1. core: defines 2 functions in include/http_ssl.h, so that modules may register a certificate, together with its issuer certificate for OCSP response provisioning and ask for current response data (DER bytes) later. Also, 2 hooks are defined that allow modules to implement this OCSP provisioning. 2. mod_ssl uses the new functions, in addition to what it did already, to register its certificates this way. If no one is interested in providing OCSP, it falls back to its own (if configured) stapling implementation. 3. mod_md registers itself at the core hooks for OCSP provisioning. Depending on configuration, it will accept registrations of its own certificates only, all certificates or none. [Stefan Eissing] *) mod_md: v2.4.0 with improvements and bugfixes - MDPrivateKeys allows the specification of several types. Beside "RSA" plus optional key lengths elliptic curves can be configured. This means you can have multiple certificates for a Managed Domain with different key types. With ```MDPrivateKeys secp384r1 rsa2048``` you get one ECDSA and one RSA certificate and all modern client will use the shorter ECDSA, while older client will get the RSA certificate. Many thanks to @tlhackque who pushed and helped on this. - Support added for MDomains consisting of a wildcard. Configuring ```MDomain *.host.net``` will match all virtual hosts matching that pattern and obtain one certificate for it (assuming you have 'dns-01' challenge support configured). Addresses #239. - Removed support for ACMEv1 servers. The only known installation used to be Let's Encrypt which has disabled that version more than a year ago for new accounts. - Andreas Ulm (<https://github.com/root360-AndreasUlm>) implemented the ```renewing``` call to ```MDMessageCmd``` that can deny a certificate renewal attempt. This is useful in clustered installations, as discussed in #233). - New event ```challenge-setup:<type>:<domain>```, triggered when the challenge data for a domain has been created. This is invoked before the ACME server is told to check for it. The type is one of the ACME challenge types. This is invoked for every DNS name in a MDomain. - The max delay for retries has been raised to daily (this is like all retries jittered somewhat to avoid repeats at fixed time of day). - Certain error codes reported by the ACME server that indicate a problem with the configured data now immediately switch to daily retries. For example: if the ACME server rejects a contact email or a domain name, frequent retries will most likely not solve the problem. But daily retries still make sense as there might be an error at the server and un-supervised certificate renewal is the goal. Refs #222. - Test case and work around for domain names > 64 octets. Fixes #227. When the first DNS name of an MD is longer than 63 octets, the certificate request will not contain a CN field, but leave it up to the CA to choose one. Currently, Lets Encrypt looks for a shorter name in the SAN list given and fails the request if none is found. But it is really up to the CA (and what browsers/libs accept here) and may change over the years. That is why the decision is best made at the CA. - Retry delays now have a random +/-[0-50]% modification applied to let retries from several servers spread out more, should they have been restarted at the same time of day. - Fixed several places where the 'badNonce' return code from an ACME server was not handled correctly. The test server 'pebble' simulates this behaviour by default and helps nicely in verifying this behaviour. Thanks, pebble! - Set the default `MDActivationDelay` to 0. This was confusing to users that new certificates were deemed not usably before a day of delay. When clocks are correct, using a new certificate right away should not pose a problem. - When handling ACME authorization resources, the module no longer requires the server to return a "Location" header, as was necessary in ACMEv1. Fixes #216. - Fixed a theoretical uninitialized read when testing for JSON error responses from the ACME CA. Reported at <https://bz.apache.org/bugzilla/show_bug.cgi?id=64297>. - ACME problem reports from CAs that include parameters in the Content-Type header are handled correctly. (Previously, the problem text would not be reported and retries could exceed CA limits.) - Account Update transactions to V2 CAs now use the correct POST-AS-GET method. Previously, an empty JSON object was sent - which apparently LE accepted, but others reject. [Stefan Eissing, @tlhackque, Andreas Ulm] Changes with Apache 2.4.47 *) mod_dav_fs: Improve logging output when failing to open files for writing. PR 64413. [Bingyu Shen <ahshenbingyu gmail.com>] *) mod_http2: Fixed a race condition that could lead to streams being aborted (RST to the client), although a response had been produced. [Stefan Eissing] *) mod_lua: Add support to Lua 5.4 [Joe Orton, Giovanni Bechis, Ruediger Pluem] *) MPM event/worker: Fix possible crash in child process on early signal delivery. PR 64533. [Ruediger Pluem] *) mod_http2: sync with github standalone version 1.15.17 - Log requests and sent the configured error response in case of early detected errors like too many or too long headers. [Ruediger Pluem] - new option 'H2OutputBuffering on/off' which controls the buffering of stream output. The default is on, which is the behaviour of older mod-h2 versions. When off, all bytes are made available immediately to the main connection for sending them out to the client. This fixes interop issues with certain flavours of gRPC, see also <icing/mod_h2#207>. [Stefan Eissing] *) mod_unique_id: Fix potential duplicated ID generation under heavy load. PR 65159 [Jonas Müntener <jonas.muentener ergon.ch>, Christophe Jaillet] *) "[mod_dav_fs etag handling] should really honor the FileETag setting". - It now does. - Add "Digest" to FileETag directive, allowing a strong ETag to be generated using a file digest. - Add ap_make_etag_ex() and ap_set_etag_fd() to allow full control over ETag generation. - Add concept of "binary notes" to request_rec, allowing packed bit flags to be added to a request. - First binary note - AP_REQUEST_STRONG_ETAG - allows modules to force the ETag to a strong ETag to comply with RFC requirements, such as those mandated by various WebDAV extensions. [Graham Leggett] *) mod_proxy_http: Fix a possibly crash when the origin connection gets interrupted before completion. PR 64234. [Barnim Dzwillo <dzwillo strato.de>, Ruediger Pluem] *) mod_ssl: Do not keep connections to OCSP responders alive when doing OCSP requests. PR 64135. [Ruediger Pluem] *) mod_ssl: Improve the coalescing filter to buffer into larger TLS records, and avoid revealing the HTTP header size via TLS record boundaries (for common response generators). [Joe Orton, Ruediger Pluem] *) mod_proxy_hcheck: Don't pile up health checks if the previous one did not finish before hcinterval. PR 63010. [Yann Ylavic] *) mod_session: Improve session parsing. [Yann Yalvic] *) mod_authnz_ldap: Prevent authentications with empty passwords for the initial bind to fail with status 500. [Ruediger Pluem] *) mod_auth_digest: Fast validation of the nonce's base64 to fail early if the format can't match anyway. [Yann Ylavic] *) mod_proxy_fcgi: Honor "SetEnv proxy-sendcl" to forward a chunked Transfer-Encoding from the client, spooling the request body when needed to provide a Content-Length to the backend. PR 57087. [Yann Ylavic] *) mod_proxy: Put mod_proxy_{connect,wstunnel} tunneling code in common in proxy_util. [Yann Ylavic] *) mod_proxy: Improve tunneling loop to support half closed connections and pending data draining (for protocols like rsync). PR 61616. [Yann Ylavic] *) mod_proxy_http: handle Upgrade request, 101 (Switching Protocol) response and switched protocol forwarding. [Yann Ylavic] *) mod_proxy_wstunnel: Leave Upgrade requests handling to mod_proxy_http, allowing for (non-)Upgrade negotiation with the origin server. [Yann Ylavic] *) mod_proxy: Allow ProxyErrorOverride to be restricted to specific status codes. PR63628. [Martin Drößler <mail martindroessler.de>] *) core: Add ReadBufferSize, FlushMaxThreshold and FlushMaxPipelined directives. [Yann Ylavic] *) core: Ensure that aborted connections are logged as such. PR 62823 [Arnaud Grandville <contact@grandville.net>] *) http: Allow unknown response status' lines returned in the form of "HTTP/x.x xxx Status xxx". [Yann Ylavic] *) mod_proxy_http: Fix 100-continue deadlock for spooled request bodies, leading to Request Timeout (408). PR 63855. [Yann Ylavic] *) core: Remove headers on 304 Not Modified as specified by RFC7234, as opposed to passing an explicit subset of headers. PR 61820. [Giovanni Bechis] *) mpm_event: Don't reset connections after lingering close, restoring prior to 2.4.28 behaviour. [Yann Ylavic] *) mpm_event: Kill connections in keepalive state only when there is no more workers available, not when the maximum number of connections is reached, restoring prior to 2.4.30 behaviour. [Yann Ylavic] *) mod_unique_id: Use base64url encoding for UNIQUE_ID variable, avoiding the use of '@'. PR 57044. [Michael Kaufmann <apache-bugzilla michael-kaufmann.ch>] *) mod_rewrite: Extend the [CO] (cookie) flag of RewriteRule to accept a SameSite attribute. [Eric Covener] *) mod_proxy: Add proxy check_trans hook. This allows proxy modules to decline request handling at early stage. *) mod_proxy_wstunnel: Decline requests without an Upgrade header so ws/wss can be enabled overlapping with later http/https. *) mod_http2: Log requests and sent the configured error response in case of early detected errors like too many or too long headers. [Ruediger Pluem, Stefan Eissing] *) mod_md: Lowered the required minimal libcurl version from 7.50 to 7.29 as proposed by <alexander.gerasimov codeit.pro>. [Stefan Eissing] *) mod_ssl: Fix request body buffering with PHA in TLSv1.3. [Joe Orton] *) mod_proxy_uwsgi: Fix a crash when sending environment variables with no value. PR 64598 [Ruediger Pluem] *) mod_proxy: Recognize parameters from ProxyPassMatch workers with dollar substitution, such that they apply to the backend connection. Note that connection reuse is disabled by default to avoid compatibility issues. [Takashi Sato, Jan Kaluza, Eric Covener, Yann Ylavic, Jean-Frederic Clere]

Change log: 4.16.2 ====== - keyboard: Mark system defaults switch as active (Fixes #310) - keyboard: Correctly initialize setting (Fixes #310) - keyboard: Fix icon name in settings dialog - keyboard: Make buttons translatable (Fixes #306) - xfsettingsd: Fix setting float array properties - Translation Updates: Arabic, Basque, Bulgarian, Estonian, Hebrew, Norwegian Bokmål, Slovenian, Spanish, Swedish, Thai, Ukrainian 4.16.1 ====== - display: Fix scale by rounding (Fixes #258) - Drop preferences-desktop-default-applications icon name - Also allocate terminating element - Translation Updates: Albanian, Arabic, Armenian (Armenia), Asturian, Basque, Belarusian, Belarusian (Tarask), Bengali, Bulgarian, Catalan, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, Eastern Armenian, English (Australia), English (Canada), English (United Kingdom), Estonian, Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese, Kabyle, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500), Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian 4.16.0 ====== - Drop subtitles from settings dialogs (Fixes #239) - display: Fix icon name in settings dialog - settings-manager: Fix visibility of filterbar - settings-manager: Correctly show/hide the filterbar - settings-manager: Switch to GtkSearchEntry - settings-manager: Put filter in separate bar (Fixes #226) - appearance: Add 'Add' button to install themes (Fixes #193) - color: Tweak colors of icon - mime: Accept Thunar's old id name (Fixes #247) - settings-editor: Enable tooltips and ellipsizing for `Value` column - settings-editor: Fix scrollbar for channels - settings-editor: Point to correct docs URL (#245) - bump glib (and gio, gthread, etc) minimum to 2.50.0 - Remove GSourceFunc casts - Indentation fixes - Translation Updates: Basque, Bulgarian, Estonian, French, German, Hebrew, Indonesian, Italian, Japanese, Norwegian Bokmål, Norwegian Nynorsk, Portuguese, Portuguese (Brazil), Russian, Serbian, Slovenian, Swedish, Turkish, Ukrainian 4.15.3 ====== - Disable UPower support by default - Add 24px and 32px icons - xfsettingsd: avoid default double fork - mime: Add 'Open with...' button - mime: Add new generic launcher icons - color: Adjust padding of dialog - color: Add labels to toolbar - keyboard: Make 'system defaults' a GtkSwitch - keyboard: Adjust width of shortcut column (Fixes #223) - keyboard: Update dialog UI - keyboard: Make all table columns sortable - keyboard: Improve inline toolbar alignment - display: Center minimal dialog on monitor where cursor is - settings-editor: Add labels to toolbar items - Update README file - Translation Updates: Albanian, Arabic, Armenian (Armenia), Basque, Belarusian, Belarusian (Tarask), Bengali, Bulgarian, Catalan, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, Eastern Armenian, English (Australia), English (Canada), English (United Kingdom), Estonian, Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500), Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Ukrainian, Uyghur 4.15.2 ====== - appearance: Fix width of DPI spinbutton (Bug #16125) - appearence: Sync theme, icon, font names to gsettings - appearance: Fix list refresh on DnD (Fixes #213) - appearance: Drop toolbar style setting (Bug #16665) - display: Initial fractional scaling support (Fixes #162) - display: Custom scale changes are display changes - display: Improve layout in settings dialog - display: Resize display widget according to scale - display: Move scaling presets to glade - display: Set minimum scale to 0.1 - display: Improve state machine for scaling option - xfsettingsd: Correctly get current xrandr scale - mime-settings: Rename dialog and icon to 'Default Applications' - mime-settings: Fix window icon name - mime-settings: Fix double free - mime-helpers: Fix Nautilus icon name - mime-helpers: Rename Thunar to thunar - Rename Thunar to thunar in make and potfiles - Expand desktop entry field codes - keyboard-settings: Support libxfce4ui XfceTitledDialog new API - keyboard: Show shortcuts with keycap class - settings-manager: Ensure searchbox has initial focus (Bug #16890) - settings-manager: Simplify redrawing of search results (Fixes #141) - settings-manager: Hide filter entry in plugged dialogs - Convert xfce4-compose-mail to Python - Add dependency to Python3 - Use just binary name (instead of full path) as argument - Don't crash when upowerd isnt present (bug #60) - Always install shiny new icons - Drop libxfce4ui 4.15.1 ifdefs - Fix xfconf-related memory leaks - Update .gitignore - Fix typo - Translation Updates: Bulgarian, Catalan, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Croatian, Danish, Dutch, English (Canada), Estonian, Finnish, French, German, Hebrew, Hungarian, Indonesian, Italian, Japanese, Kazakh, Korean, Lithuanian, Norwegian Bokmål, Serbian, Swedish, Turkish 4.15.1 ====== This release transitions several exo components to xfce-settings. Please use with exo 4.15.1 or later for best results. - exo-compose-email -> xfce4-compose-email - exo-helper -> xfce4-mime-helper - mime-settings now includes preferred applications Other Updates: - Switch to new app icons and rDNS icon names - Increase mouse cursor upper bound for HiDPI (Bug #16042) - Fix a memory leak - Fix typo - Add basic GitLab pipeline - Make "Profiles matching" sentence translatable (Bug #16679) - settings-manager: Use symbolic find/clear icons - Move from exo-csource to xdt-csource (Bug #16717) - Handle failure to get Xkl engine for display (Bug #16017) - settings-manager: Make sure content determines size - Fix cast warnings - Fix GTimeVal deprecation (Bug #16645) - Fix keywords and mark them as translateable - Use proper fallback configuration on "apply" and "toggle off" (Bug #16476) - keyboard-settings: Fix log flood (Bug #16521) - keyboard: Fix crash when editing shortcut (Bug #15958) - Add keywords to .desktop files (Bug #10694) - settings-manager: Improve search by including keywords (Bug #10694) - xfsettingsd: Add --disable-wm-check flag (Bug #16128) - Fix typecasting - Set "gtk-titlebar-middle-click" to "lower" by default - display: Allow resizing of minimal dialog (Bug #15450) - settings-manager: Show min and max buttons - dialogs: Ensure dialogs have min and max buttons - Translation Updates: Albanian, Arabic, Armenian (Armenia), Basque, Belarusian, Belarusian (Tarask), Bulgarian, Catalan, Chinese (China), Chinese (Hong Kong), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, English (Australia), English (Canada), English (United Kingdom), Estonian, Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Icelandic, Indonesian, Interlingue, Italian, Japanese, Kazakh, Korean, Lithuanian, Malay, Norwegian Bokmål, Norwegian Nynorsk, Occitan (post 1500), Polish, Portuguese, Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish, Uighur, Ukrainian 4.15.0 ====== - xsettings: Use CSD for GtkDialogs by default - settings-manager: Fix XfceTitledDialog layout with CSD - settings-manager: Drop setting the old header style - display: Show ratio next to display resolution - display: Mark preferred mode with an asterisk - display: Add init function for aspect ratios - display: Right-align the display ratio - display: Fixed warning and removed ratio - display: Improve look of ratio - display: Fix icon name for primary indicator - display: Initialize crtc->scalex/y (Bug #15971) - settings-editor: Add consistent inline-toolbar - appearance: Only show themes that support Gtk3 (Bug #15849) - color: Fix crash in add-profiles dialog (Bug #15876) - color: Conditionally hide info button in add-profile dialog - color: Add tooltip to profile info buttons - display: Fix profile matching in xfsettingsd - display: Assure correct gchar** (Bug #15816) - keyboard: Improve layout of add-command dialog - keyboard: Add mnemonics to add-command dialog (Bug #10495) - Switch to symbolic window-close icon - Bump libxfce4ui dependency to 4.15.1 - Improve string for session managers - Ensure the newly labeled 'Xfce Settings Daemon' is translated - Do not show translation info on --help output - Translation Updates: Albanian, Arabic, Basque, Belarusian, Bulgarian, Catalan, Chinese (China), Chinese (Taiwan), Croatian, Czech, Danish, Dutch, English (United Kingdom), Finnish, French, Galician, German, Greek, Hebrew, Hungarian, Indonesian, Interlingue, Italian, Japanese, Korean, Lithuanian, Malay, Norwegian Bokmål, Polish, Portuguese, Portuguese (Brazil), Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Thai, Turkish

@kevinushey

# magrittr 2.0.3 * Fixed a C level protection issue in `%>%` (#256). # magrittr 2.0.2 * New eager pipe `%!>%` for sequential evaluation (#247). Consider using `force()` in your functions instead to make them strict, if sequentiality is required. See the examples in `?"pipe-eager"`. * Fixed an issue that could cause pipe invocations to fail in versions of R built with `--enable-strict-barrier`. (#239, @kevinushey)

3.2.1 (2022-11-17) * Fix encoding issue with non-ASCII characters * Fix Net::NTLM::EncodeUtil.encode_utf16le * Add tracing messages for the custom NDR types * Decrypt fragments after the first part too * Land #239, Fix DCERPC Encrypted Fragments * Land #238, Fix encoding issue

@MichaelChirico

# lintr 3.0.2 * Fix test to avoid leaving behind cache files in the global cache directory. # lintr 3.0.1 * Skip multi-byte tests in non UTF-8 locales (#1504) * `modify_defaults()` no longer uses the mistaken `"lintr_function"` S3 class, instead applying the `"linter"` class also common to `Linter()`. `Linter()` also includes `"function"` in the S3 class of its output to facilitate S3 dispatch to `function` methods where appropriate (#1392, @MichaelChirico). ## Changes to defaults * `brace_linter()` allows opening curly braces on a new line when there is a comment ending the preceding line (#1433 and #1434, @IndrajeetPatil). * `seq_linter()` produces lint for `seq(...)`, since it also cannot properly handle empty edge cases (#1468, @IndrajeetPatil). * `seq_linter()` additionally lints on `1:n()` (from {dplyr}) and `1:.N` (from {data.table}) (#1396, @IndrajeetPatil). * `literal_coercion_linter()` lints {rlang}'s atomic vector constructors (i.e., `int()`, `chr()`, `lgl()`, and `dbl()`) if the argument is a scalar (#1437, @IndrajeetPatil). * `redundant_ifelse_linter()`'s lint message correctly suggests negation when the `yes` condition is `0` (#1432, @IndrajeetPatil). * `seq_linter()` provides more specific replacement code in lint message (#1475, @IndrajeetPatil). ## New and improved features * `unreachable_code_linter()` ignores trailing comments if they match a closing nolint block (#1347, @AshesITR). * New `function_argument_linter()` to enforce that arguments with defaults appear last in function declarations, see the [Tidyverse design guide](https://design.tidyverse.org/args-data-details.html) (#450, @AshesITR). * New `allow_trailing` argument added to `assignment_linter()` to check when assignment operators are at the end of a line, and the value is on the following line (#1491, @ashbaldry) ## New features * `commented_code_linter()` now lints commented argument code, containing a trailing comma, as well (#386, @AshesITR). For example a comment containing `# na.rm = TRUE,` now triggers a lint. ## Bug fixes * `object_length_linter()` does not fail in case there are dependencies with no exports (e.g. data-only packages) (#1509, @IndrajeetPatil). * `get_source_expressions()` no longer fails on R files that match a knitr pattern (#743, #879, #1406, @AshesITR). * Parse error lints now appear with the linter name `"error"` instead of `NA` (#1405, @AshesITR). Also, linting no longer runs if the `source_expressions` contain invalid string data that would cause error messages in other linters. * Prevent `lint()` from hanging on Rmd files with some syntax errors (#1443, @MichaelChirico). * `get_source_expressions()` no longer omits trailing non-code lines from knitr files (#1400, #1415, @AshesITR). This fixes the location information for `trailing_blank_lines_linter()` in RMarkdown documents without terminal newlines. * The `vignette("lintr")` incorrectly cited `exclude` as the key for setting file exclusions in `.lintr` when it is actually `exclusions`. (#1401, @AshesITR) * Fixed file exclusion detection in `lint_dir()` so it no longer errors if there are multiple exclusions or no global exclusions configured for a single file (#1413, #1442, @AshesITR). ## Other changes * The minimum needed version for soft dependency `{withr}` has been bumped to `2.5.0` (#1404, @IndrajeetPatil). * Changed the deprecation warning for `with_defaults()` to also mention `modify_defaults()` (#1438, @AshesITR). # lintr 3.0.0 ## Breaking changes * All linters are now function factories (i.e., functions that return functions) for consistency. Previously, only linters with customizable parameters were factories (#245, @fangly, @AshesITR, and @MichaelChirico). This means that usage such as `lint("file.R", seq_linter)` should be updated to `lint("file.R", seq_linter())`, and the following update for custom linters: ```r my_custom_linter <- function(source_expression) { ... } # becomes my_custom_linter <- function() Linter(function(source_expression) { ... }) ``` * Exclusions specified in the `.lintr` file are now relative to the location of that file and support excluding entire directories (#158, #438, @AshesITR). * Removed long-deprecated linters (they've been marked as deprecated since v1.0.1 in 2017): + `absolute_paths_linter()` + `camel_case_linter()` + `multiple_dots_linter()` + `snake_case_linter()` + `trailing_semicolons_linter()` * Removed `return()` from `all_undesirable_functions` because early returns (which often improve readability and reduce code complexity) require explicit use of `return()`. Follow #1100 for an upcoming `return_linter()` to lint unnecessary `return()` statements (#1146, @AshesITR). Note that you can replicate old behavior by supplying `return` as a custom undesirable function: `undesirable_function_linter(c(all_undesirable_functions, list(return = NA)))` ## Deprecations * Lints are now marked with the name of the `linter` that caused them instead of the name of their implementation function. Deprecated the obsolete `linter` argument of `Lint()` (#664, #673, #746, @AshesITR). Downstream custom linters should follow suit. * Renamed `semicolon_terminator_linter()` to `semicolon_linter()` for better consistency. `semicolon_terminator_linter()` survives but is marked for deprecation. The new linter also has a new signature, taking arguments `allow_compound` and `allow_trailing` to replace the old single argument `semicolon`, again for signature consistency with other linters. * The following linters were subsumed into `brace_linter()` and are now deprecated; see the item on `brace_linter()` below: + `closed_curly_linter()` + `open_curly_linter()` + `paren_brace_linter()` * The `...` argument for `lint()`, `lint_dir()`, and `lint_package()` has been promoted to an earlier position to better match the [Tidyverse design principle](https://design.tidyverse.org/args-data-details.html) of data->descriptor->details. This change enables passing objects to `...` without needing to specify non-required arguments, e.g. `lint_dir("/path/to/dir", linter())` now works without the need to specify `relative_path`. This affects some code that uses positional arguments (#935, @MichaelChirico). + For `lint()`, `...` is now the 3rd argument, where earlier this was `cache`. + For `lint_dir()` and `lint_package()`, `...` is now the 2nd argument, where earlier this was `relative_path`. * Deprecated argument `source_file` to exported functions `with_id()` and `ids_with_token()`. It has been renamed to `source_expression` to better reflect that this argument is typically the output of `get_source_expressions()`. For now, the old argument `source_file` can still be used (with warning). The now-private functional versions of many linters also underwent the same renaming (`source_file` -> `source_expression`). This has no direct effect on packages importing lintr, but is mentioned in case custom linters imitating `lintr` style had also adopted the `source_file` naming and want to adapt to keep in sync. * Deprecated `with_defaults()` in favor of `linters_with_defaults()`, and add `modify_defaults()` which is intended to be used more generally to modify (i.e., extend, trim, and/or update) a list of defaults. Note that the argument corresponding to `with_defaults()`'s `default=` is called `defaults=` (i.e., pluralized) in both of these, and that usage like `with_defaults(default = NULL, ...)` should be converted to `linters_with_defaults(defaults = list(), ...)` (#1029, #1336, #1361, @AshesITR and @MichaelChirico). * Deprecated the `find_line()` and `find_column()` helpers from the item-level `expressions` returned with `get_source_expressions()`. These helpers were typically associated with regex-based logic for building linters, which is rarely needed and prone to false positives; now that lintr almost exclusively uses XPath-based logic for linters, these are no longer necessary (#1373, @MichaelChirico). ## Other changes to defaults ### Updates to `default_linters` * New `brace_linter()` which combines several curly brace related linters, deprecating the following predecessors (#1041, @AshesITR): + `closed_curly_linter()`; both now also allow `}]` in addition to `})` and `},` as exceptions, i.e., `}` doesn't need to be on its own line if paired with a closing square bracket, a closing parenthesis, or a comma. Also improved lint metadata so that source markers land at the closing brace instead of the closing parenthesis to improve the experience of fixing the lint (#583, @AshesITR). + `open_curly_linter()`; both also no longer lint unnecessary trailing whitespace (use `trailing_whitespace_linter()` for this) and also allow `(`, `,`, and `%>%` on preceding lines as exceptions, i.e., `{` can be alone on a line if the previous line is terminated with an opening parenthesis, a comma, or a pipe (`%>%`) (#487, #1028, @AshesITR). + `paren_brace_linter()`; `brace_linter()` also lints `if`/`else` and `repeat` with missing whitespace. + `brace_linter()` also newly enforces the following rules surrounding curly braces (originally Google linters, see below): - Require `else` to come on the same line as the preceding `}`, if present (#884, @MichaelChirico). - Require functions spanning multiple lines to use curly braces (#987, @MichaelChirico). - Require balanced usage of `{}` in `if`/`else` conditions, i.e., if the `if` branch uses braces, then so must the `else` branch, and _vice versa_ (#983, @MichaelChirico). * New `paren_body_linter()` checks that there is a space between a right parenthesis and a body expression (#809, @kpagacz). * Added `semicolon_linter()` as a default because it enforces a tidyverse style guide rule (#683, @AshesITR). * `assignment_linter()` (#915, @MichaelChirico): + Right assignments are now linted by default (`->` and `->>`). + New argument `allow_cascading_assign` (`TRUE` by default) toggles whether to lint `<<-` and `->>`. + New argument `allow_right_assign` (`FALSE` by default) toggles whether to lint `->` and `->>`. * `commented_code_linter()`: use the parse tree to find comments, eliminating some false positives (#451, @AshesITR). * `equals_na_linter()` (#545, @MichaelChirico): + Extended to lint `x != NA` (before, only `==` was caught) and `NA == x` (before, only `NA` on RHS was caught). + Extended to skip usages in comments like `is.na(x) # use is.na(x), not x == NA`. * `function_left_parentheses_linter()`: improved location information (#1266, #1267, @AshesITR). * `infix_spaces_linter()`: + Added argument `allow_multiple_spaces` (`TRUE` by default) which toggles whether to generate a lint for operators used with multiple spaces, e.g. `x + 2`. The default setting allows extra spacing to be used to increase line-to-line alignment (#940, @f-ritter and @MichaelChirico). + Extended so that usages like `a~b` and `function(a=1) { ... }` are linted (#930, #michaelchirico). + Added argument `exclude_operators` to disable lints on selected infix operators. By default, all "low-precedence" operators throw lints; see `?infix_spaces_linter` for an enumeration of these. (#914, @MichaelChirico). + Add an exception for `/` usage in `box::use()` declarations (#1087, @klmr). * `line_length_linter()`: place the source marker at the margin of the affected line to improve user experience during de-linting -- just press <kbd>Return</kbd> (#735, @AshesITR).* * `no_tab_linter()`: use more reliable matching (e.g., excluding matches found in comments; #441, @russHyde). * `object_length_linter()`: correctly detect generics and only count the implementation class towards the length. This prevents false positive lints in the case of long generic names, e.g. `very_very_very_long_generic_name.short_class` no longer produces a lint (#871, @AshesITR). * `object_name_linter()`: + Improved generic detection -- in user-defined method `my_method.upstream.class`, `upstream.class` no longer throws a lint because the generic (`my_method`) properly uses `snake_case` (#737, @AshesITR). + Exclude special R namespace hook functions such as `.onLoad()` (#500, #614, @AshesITR and @MichaelChirico). + Correctly detect imported functions when linting packages (#642, @AshesITR). + Correctly detect assignment generics like `names<-.class_name` (#843, @jonkeane). + Added new styles `"symbols"` and `"SNAKE_CASE"` (#494, #495, #615, #670, @MichaelChirico and @AshesITR). - `"symbols"` is a new default style which won't lint all-symbol object names. In particular, that means operator names like `%+%` are allowed. + No longer lints names used in `$` extractions (#582, @AshesITR). * `object_usage_linter()`: + Detect global variables if there are top-level dollar-assignments (#666, @AshesITR). + Report usage warnings spanning multiple lines (#507, @AshesITR). + Detect usages inside `glue::glue()` constructs (#942, @AshesITR). + Extended to include functions assigned with `=` instead of `<-` (#1081, @MichaelChirico). + Detect functions exported by packages that are explicitly attached using `library()` or `require()` calls (#1127, @AshesITR). + Improved location information in some cases where the previous regex-based approach didn't work, e.g. unicode characters in variable names (#1285, @AshesITR). + Correctly detect functions declared within `assign()` and `setMethod()` (#1322, @AshesITR). * `spaces_inside_linter()`: ignore spaces preceding trailing comments (#636, @MichaelChirico). * `T_and_F_symbol_linter()`: + Added as a default because it enforces a tidyverse style guide rule (#517, @AshesITR). + No longer lint occurrences of `T` and `F` when used for subsetting, and give a better message when used as variable names (#657, @AshesITR). * `trailing_blank_lines_linter()`: + Extended to lint files without a terminal newline (#675, @AshesITR). + Also, running `lint()` on a file without a terminal newline no longer throws a `warning()`. * `trailing_whitespace_linter()`: + Extended to also lint completely blank lines by default (#1044, @AshesITR). + Added argument `allow_empty_lines` (`FALSE` by default) to toggle this behavior. + Improved so that trailing whitespace inside string literals does not trigger a lint (#1045, @AshesITR). + Added argument `allow_in_strings` (`TRUE` by default) to toggle this behavior. * `undesirable_function_linter()`: + Added new functions to `default_undesirable_functions` related to debugging (#876, @MichaelChirico): - `browser()` - `debug()` - `debugcall()` - `debugonce()` - `trace()` - `untrace()` + No longer lints `library()` and `require()` calls attaching a package with an undesired name, e.g. `library(foo)` (#814, @kpagacz and @MichaelChirico). + No longer lints undesirable symbols if they are used as names in `$` extractions (#1050, @AshesITR). + Added more explanation why certain functions might be undesirable and what alternatives to use; ditto for `undesirable_operator_linter()` (#1133, #1146, #1159, @AshesITR). ### Other noteworthy changes * `cyclocomp_linter()`: set the default `complexity_limit` to 15. This brings the default into sync with what is enforced via `default_linters` (#693, @AshesITR). * `lint_package()` now lints files in the `demo` directory by default (#703, @dmurdoch). * Moved the default lintr cache directory from `~/.R/lintr_cache` (which was a violation of CRAN policy) to `R_user_dir("lintr", "cache")`. Note that 3.0.0 is a major version update and invalidates the old cache anyway, so it can be safely deleted (#1062, @AshesITR). ## New and improved features ### New linters * `backport_linter()` for detecting mismatched R version dependencies (#506, #1316, #1318, #1319, @MichaelChirico and @AshesITR). * `duplicate_argument_linter()` similarly checks that there are no duplicate arguments supplied to function calls (#850, @renkun-ken). * `missing_argument_linter()` to check for empty (missing) arguments in function calls (#563, #1152, @renkun-ken and @AshesITR). * `missing_package_linter()` to check if packages in calls to `library()` and friends are missing (#536, #1037, @renkun-ken and @MichaelChirico). * `namespace_linter()` to check for common mistakes in `pkg::symbol` usages (#548, @renkun-ken). * `package_hooks_linter()` to run a series of checks also done by `R CMD check` on the `.onLoad()`, `.onAttach()`, `.Last.lib()` and `.onDetach()` hooks (#882, @MichaelChirico). * `pipe_call_linter()` to enforce that all steps of `magrittr` pipelines use explicit calls instead of symbols, e.g. `x %>% mean()` instead of `x %>% mean` (#801, @MichaelChirico). * `sprintf_linter()` to check for common mistakes in `sprintf()` usage (#544, #624, @renkun-ken and @AshesITR). * `unused_import_linter()` to detect unnecessary `library()` calls in R scripts (#239, @jimhester, @AshesITR). #### Google linters Google is a heavy user of lintr internally, and has developed a large set of linters improving code consistency and correcting common R usage mistakes. This release includes many of these linters that are of general interest to the broader R community. More will be included in future releases. See, e.g. #884, #979, #998, #1011, #1016, #1036, #1051, #1066, and #1067; special thanks to @MichaelChirico and @michaelquinn32. * `any_duplicated_linter()` Require usage of `anyDuplicated(x) > 0L` over `any(duplicated(x))` and similar. * `any_is_na_linter()` Require usage of `anyNA(x)` over `any(is.na(x))`. * `class_equals_linter()` Prevent comparing `class(x)` with `==`, `!=`, or `%in%`, where `inherits()` is typically preferred. * `condition_message_linter()` Prevent condition messages from being constructed like `stop(paste(...))` (where just `stop(...)` is preferable). * `conjunct_test_linter()` Require usage of `expect_true(x); expect_true(y)` over `expect_true(x && y)` and similar. * `consecutive_stopifnot_linter()` Require consecutive calls to `stopifnot()` to be unified into one. * `expect_comparison_linter()` Require usage of `expect_gt(x, y)` over `expect_true(x > y)` and similar. * `expect_identical_linter()` Require usage of `expect_identical()` by default, and `expect_equal()` only by exception. * `expect_length_linter()` Require usage of `expect_length(x, n)` over `expect_equal(length(x), n)` and similar. * `expect_named_linter()` Require usage of `expect_named(x, n)` over `expect_equal(names(x), n)` and similar. * `expect_not_linter()` Require usage of `expect_false(x)` over `expect_true(!x)`, and _vice versa_. * `expect_null_linter()` Require usage of `expect_null(x)` over `expect_equal(x, NULL)` and similar. * `expect_s3_class_linter()` Require usage of `expect_s3_class(x, k)` over `expect_equal(class(x), k)` and similar. * `expect_s4_class_linter()` Require usage of `expect_s4_class(x, k)` over `expect_true(methods::is(x, k))`. * `expect_true_false_linter()` Require usage of `expect_true(x)` over `expect_equal(x, TRUE)` and similar. * `expect_type_linter()` Require usage of `expect_type(x, t)` over `expect_equal(typeof(x), t)` and similar. * `fixed_regex_linter()` Require `fixed = TRUE` or `stringr::fixed()` for regular expressions that can be expressed statically, e.g. `strsplit(x, "[.]")` can be `strsplit(x, ".", fixed = TRUE)`. + Added parameter `allow_grepl` (default `FALSE`) to toggle whether `grepl()` usages should be linted. These might be treated separately because `grepl("^x", NA)` is `FALSE`; the `startsWith()` equivalent to get `FALSE` for missing input is clunkier, but more explicit: `!is.na(x) & startsWith(x, string)` (#1376, @MichaelChirico). * `ifelse_censor_linter()` Require usage of `pmax()` / `pmin()` where appropriate, e.g. `ifelse(x > y, x, y)` is `pmax(x, y)`. * `inner_combine_linter()` Require inputs to known-vectorized functions to be combined first rather than later, e.g. `as.Date(c(x, y))` over `c(as.Date(x), as.Date(y))`. * `literal_coercion_linter()` Require using correctly-typed literals instead of direct coercion, e.g. `1L` instead of `as.numeric(1)`. * `nested_ifelse_linter()` Prevent nested calls to `ifelse()` like `ifelse(A, x, ifelse(B, y, z))`, and similar. * `numeric_leading_zero_linter()` Require a leading `0` in fractional numeric constants, e.g. `0.1` instead of `.1`. * `outer_negation_linter()` Require usage of `!any(x)` over `all(!x)` and `!all(x)` over `any(!x)`. * `paste_linter()` lint for common mis-use of `paste()` and `paste0()`: + `paste0()` encouraged instead of `paste(sep = "")`. + `toString()` or `glue::glue_collapse()` encouraged instead of `paste(x, collapse = ", ")`. + Lint `sep=` passed to `paste0()` -- typically a mistake. * `redundant_ifelse_linter()` Prevent usage like `ifelse(A & B, TRUE, FALSE)` or `ifelse(C, 0, 1)` (the latter is `as.numeric(!C)`). * `regex_subset_linter()` Require usage of `grep(ptn, x, value = TRUE)` over `x[grep(ptn, x)]` and similar. * `string_boundary_linter()` Require usage of `startsWith(x, ptn)` over `grepl("^ptn", x)` or `substr(x, 1, 3) == ptn` and similar. * `strings_as_factors_linter()` Check for code designed to work before and after the `stringsAsFactors = FALSE` default change in R 4.0 by examining code for `data.frame()` usages susceptible to assumptions about the default value of `stringsAsFactors=`. * `system_file_linter()` Prevent usage like `file.path(system.file("A", package = "pkg"), "B")` where simply `system.file("A", "B", package = "pkg")` is more concise and readable. * `unreachable_code_linter()` Prevent code after `return()` and `stop()` statements that will never be reached (extended for #1051 thanks to early user testing, thanks @bersbersbers!). * `vector_logic_linter()` Require use of scalar logical operators (`&&` and `||`) inside `if()` conditions and similar. * `yoda_test_linter()` Require usage of `expect_identical(x, 1L)` over `expect_equal(1L, x)` and similar. ### Other features and improvements * **Documentation**: Reorganize linter documentation into new tag-based Rd pages (#888, #1015, @AshesITR). + Each linter has its own help page. + `?linters` also links to tag help pages, collecting linters with a similar goal. + Each linter can have multiple tags. + `available_linters()`: new function to list available linters and their tags. This feature is extensible by package authors providing add-on linters for {lintr}. + `available_tags()`: new function to list available tags. + `linters_with_tags()`: new function to help build a list of linters using tags. * **Encodings**: lintr now supports non-system character Encodings. The correct the correct encoding is auto-detected from .Rproj or DESCRIPTION files in your project. Override the default in the `encoding` setting of lintr (#752, #782, @AshesITR). * **Jenkins CI**: Support for writing comments to GitHub repo when running in Jenkins CI (#488, @fdlk). * **Performance**: Optimized performance-critical functions in lintr, such as `get_source_expressions()` resulting in about 2x speedup in our test suite and even more for complex files (#1169, #1197, #1200, #1201, #1214, @MichaelChirico and @AshesITR). Average `lint_package()` execution time is down about 30% and the median package sees about 40% improvement. * **Raw strings**: Several linters tightened internal logic to allow for raw strings like `R"( a\string )"` (#1034, #1285, @MichaelChirico and @AshesITR). * **Selective exclusion syntax**: New syntax to exclude only selected linters from certain lines or passages. Use `# nolint: linter_name, linter2_name.` or `# nolint start: linter_name, linter2_name.` in source files or named lists of line numbers in `.lintr`. Note the terminal `.` is required. Also allows for partial matching as long as the supplied prefix is unique, e.g. `# nolint: infix_spaces.` works to exclude `infix_spaces_linter` (#605, #872, @AshesITR). + Added the linter name to lintrs output to facilitate discovery of the correct name (#1357, @AshesITR). * Improved S3 generic detection for non-standard S3 generics where `UseMethod()` is called after several preceding expressions (#846, @jonkeane). * New `sarif_output()` function to output lints to SARIF output (#1424, @shaopeng-gh) * `extraction_operator_linter()`: no longer lint `x[NULL]` (#1273, @AshesITR). * `is_lint_level()`: new exported helper for readably explaining which type of expression is required for a custom linter. Some linters are written to require the full file's parse tree (for example, `single_quotes_linter()`). Others only need single expressions, which is more cache-friendly (most linters are written this way to leverage caching) (#921, @MichaelChirico). * `lint_dir()` excludes the `renv` and `packrat` directories by default (#697, @AshesITR). * `lint()`: new optional argument `text` for supplying a line or lines directly, e.g. if the file is already in memory or linting is being done _ad hoc_ (#503, @renkun-ken). * `seq_linter()`: improve lint message to be clearer about the reason for linting (#522, @MichaelChirico). * `unneeded_concatenation_linter()`: + Correctly considers arguments in pipelines (`%>%` or `|>`; #573, #1270, @michaelquinn32 and @AshesITR). + New argument `allow_single_expression`, default `TRUE`, toggling whether `c(x)` should be linted, i.e., a call to `c()` with only one entry which is not a constant. In some such cases, `c()` can simply be dropped, e.g. `c(a:b)`; in others, the parentheses are still needed, e.g. `-c(a:b)` should be `-(a:b)`; and in still others, `c()` is used for the side-effect of stripping attributes, e.g. `c(factor(letters))` or `c(matrix(1:10, 5, 2))`. In this last case, `c()` can (and should) in most cases be replaced by `as.vector()` or `as.integer()` for readability. In fact, we suspect it is _always_ preferable to do so, and may change the default to `allow_single_expression = FALSE` in the future. Please report your use case if `as.vector()` does not suit your needs (#1344, @MichaelChirico). * `use_lintr()`: new exported helper for creating a minimal `.lintr` configuration (#902, @AshesITR). * `xml_nodes_to_lints()`: new exported helper for converting `xml_node` objects obtained using linter logic expressed in XPath into `Lint` objects (#1124, #1216, #1234, @MichaelChirico and @AshesITR). ## Bug fixes * **RStudio**: Source markers are cleared when there are no lints (#520, @AshesITR). * Error message for mismatched starts and ends of exclusion ranges is now more helpful. (#571, #860, @AshesITR and @danielinteractive). * Improved location information for R parse errors (#894, #892, @renkun-ken and @AshesITR). * `get_source_expressions()`: + Fix possible error on invalid XML produced by `xmlparsedata::xml_parse_data()` (#559, @renkun-ken). + Fix handling zero-length variable name error (#566, @renkun-ken). + Malformed Rmd files now cause a lint instead of an error (#571, @AshesITR). + No longer fails if `getParseData()` returns a truncated (invalid) Unicode character as parsed text (#815, @leogama). + Fixes the `text` value for `STR_CONST` nodes involving 1- or 2-width octal escapes (e.g. `"\1"`) to account for an R parser bug (https://bugs.r-project.org/show_bug.cgi?id=18323; #1056, @MichaelChirico). + Handle Rmd inputs containing unevaluated code blocks with named format specifiers (#472, @russHyde). * `line_length_linter()`: fix a bug causing duplicate lints for lines containing multiple expressions (#681, @AshesITR). * `lint_package()`: + Warns and returns `NULL` if no package is found (instead of giving a peculiar error message; #776, @MichaelChirico). + Stricter about what is considered to be a package -- folders named `DESCRIPTION` are ignored (#702, @MichaelChirico). * `linters_with_defaults()` (formerly `with_defaults()`): + No longer duplicates the `lintr_function` class when it is already present (#511, @AshesITR). + Warns if a named argument is `NULL` but its name is not in `defaults` (#1049, @AshesITR). * `linters_with_defaults()` handles automatic naming of very long arguments correctly (#774, @MichaelChirico). * `save_cache()` will now recursively create the cache directory; this avoids errors that could arise if any parent directories do not exist (#60, @dankessler). * `spaces_left_parentheses_linter()`: fix a bug causing warnings like "In `parent == parent[before_operator_idx]` longer object length is not a multiple of shorter object length" in nested expressions (#654, @AshesITR). ## Internals * Added a new, more restrictive test workflow - `test-package` - that fails on warnings emitted by tests (#1263, #1272, @AshesITR). * Added a secondary, more restrictive lint workflow - `lint-changed-files` - for newly written / modified code (#641, @dragosmg). * Several optional `Imported` packages have become `Suggested` dependencies: `httr`, `testthat`, and `rstudioapi`. This should allow snappier CI builds for usages not relying on some more "peripheral" features of the package. * Special thanks to @bersbersbers for early testing on the 3.0.0 changes. * Switched CI from Travis to GitHub Actions, using the full tidyverse recommended `R CMD check`. Code coverage and linting are implemented using separate GitHub Actions workflows (#572, @dragosmg). * Updated R CMD GitHub Actions workflow to check for R 3.6 on Ubuntu, instead of R 3.3, and for R 4.0 on Windows, instead of R 3.6 (#803, @ dragosmg). * `lintr` now uses the 3rd edition of `testthat` (@MichaelChirico, @AshesITR, #910, #967).

pkgsrc change: avoid use empty in options.mk. What's new in Sudo 1.9.13 (2023-02-14) * Fixed a bug running relative commands via sudo when "log_subcmds" is enabled. GitHub issue #194. * Fixed a signal handling bug when running sudo commands in a shell script. Signals were not being forwarded to the command when the sudo process was not run in its own process group. * Fixed a bug in cvtsudoers' LDIF parsing when the file ends without a newline and a backslash is the last character of the file. * Fixed a potential use-after-free bug with cvtsudoers filtering. GitHub issue #198. * Added a reminder to the default lecture that the password will not echo. This line is only displayed when the pwfeedback option is disabled. GitHub issue #195. * Fixed potential memory leaks in error paths. GitHub issues #199, #202. * Fixed potential NULL dereferences on memory allocation failure. GitHub issues #204, #211. * Sudo now uses C23-style attributes in function prototypes instead of gcc-style attributes if supported. * Added a new "list" pseudo-command in sudoers to allow a user to list another user's privileges. Previously, only root or a user with the ability to run any command as either root or the target user on the current host could use the -U option. This also includes a fix to the log entry when a user lacks permission to run "sudo -U otheruser -l command". Previously, the logs would indicate that the user tried to run the actual command, now the log entry includes the list operation. * JSON logging now escapes control characters if they happen to appear in the command or environment. * New Albanian translation from translationproject.org. * Regular expressions in sudoers or logsrvd.conf may no longer contain consecutive repetition operators. This is implementation- specific behavior according to POSIX, but some implementations will allocate excessive amounts of memory. This mainly affects the fuzzers. * Sudo now builds AIX-style shared libraries and dynamic shared objects by default instead of svr4-style. This means that the default sudo plugins are now .a (archive) files that contain a .so shared object file instead of bare .so files. This was done to improve compatibility with the AIX Freeware ecosystem, specifically, the AIX Freeware build of OpenSSL. Sudo will still load svr4-style .so plugins and if a .so file is requested, either via sudo.conf or the sudoers file, and only the .a file is present, sudo will convert the path from plugin.so to plugin.a(plugin.so) when loading it. This ensures compatibility with existing configurations. To restore the old, pre-1.9.13 behavior, run configure using the --with-aix-soname=svr4 option. * Sudo no longer checks the ownership and mode of the plugins that it loads. Plugins are configured via either the sudo.conf or sudoers file which are trusted configuration files. These checks suffered from time-of-check vs. time-of-use race conditions and complicate loading plugins that are not simple paths. Ownership and mode checks are still performed when loading the sudo.conf and sudoers files, which do not suffer from race conditions. The sudo.conf "developer_mode" setting is no longer used. * Control characters in sudo log messages and "sudoreplay -l" output are now escaped in octal format. Space characters in the command path are also escaped. Command line arguments that contain spaces are surrounded by single quotes and any literal single quote or backslash characters are escaped with a backslash. This makes it possible to distinguish multiple command line arguments from a single argument that contains spaces. * Improved support for DragonFly BSD which uses a different struct procinfo than either FreeBSD or 4.4BSD. * Fixed a compilation error on Linux arm systems running older kernels that may not define EM_ARM in linux/elf-em.h. GitHub issue #232. * Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined. Sudo will now link using -Wl,--no-undefined by default if possible. GitHub issue #234. * Fixed a bug executing a command with a very long argument vector when "log_subcmds" or "intercept" is enabled on a system where "intercept_type" is set to "trace". GitHub issue #194. * When sudo is configured to run a command in a pseudo-terminal but the standard input is not connected to a terminal, the command will now be run as a background process. This works around a problem running sudo commands in the background from a shell script where changing the terminal to raw mode could interfere with the interactive shell that ran the script. GitHub issue #237. * A missing include file in sudoers is no longer a fatal error unless the error_recovery plugin argument has been set to false. What's new in Sudo 1.9.13p1 (2023-02-17) * Fixed a typo in the configure script that resulted in a line like "]: command not found" in the output. GitHub issue #238. * Corrected the order of the C23 [[noreturn]] attribute in function prototypes. This fixes a build error with GCC 13. GitHub issue #239. * The "check" make target misbehaved when there was more than one version of the UTF-8 C locale in the output of "locale -a". GitHub issue #241. * Removed a dependency on the AC_SYS_YEAR2038 macro in configure.ac. This was added in autoconf 2.72 but sudo's configure.ac only required autoconf 2.70. * Relaxed the autoconf version requirement to version 2.69.

@anjos

### [2.3.1] - 2022-11-29 #### Changed * The printout of the inferred `intersphinx_mapping` item for inventories retrieved by URL (`--url`) in the 'suggest' CLI mode is now relocated to fall immediately below the inventory-search output. It also now is displayed even if no objects in the `objects.inv` satisfy the score threshold. ([#262](bskinn/sphobjinv#262)) * The 'suggest' CLI mode output now includes dividers for improved readability. #### Tests * The plaintext `tests/resource/objects_attrs.txt` was converted to POSIX EOLs and declared as binary to git, in order to provide a consistent state for sdist packaging, regardless of platform (POSIX vs Windows). * As a result, it was necessary to modify the `scratch_path` fixture to "`unix2dos`" this file on Windows systems, in order to provide a consistent test state. * Similarly, the `decomp_cmp_test` fixture was modified to "`unix2dos`" the `objects_attrs.txt` resource before comparisons, again in order to provide a consistent reference artifact. Implementing required direct manipulation of the bytes contents of the file, instead of the `filecmp.cmp` method that had been used previously. * The README doctests and shell tests have been removed from the default pytest suite. They must be explicitly opted-in with the `--readme` and `--doctest-glob="README.rst"` flags to pytest. * A new job, `readme`, has been added to the `aux_tests` stage of the Azure Pipelines CI to run these tests for PRs and release branches. * The constraint for `pytest-check` was bumped to `>=1.1.2` and all uses of the `check` fixture were revised from `with check.check(...):` to `with check(...):`. ([#265](bskinn/sphobjinv#265)) * Azure Pipelines now has Python 3.11 available for all of Ubuntu, Windows and MacOS, so it was added to the core text matrix for all platforms. * A new CI job was created on Azure Pipelines that creates an sdist from the current project, extracts it into a sandboxed environment, installs the dev dependencies, and runs the pytest suite (`azure-sdisttest.yml`). * All uses of `pytest-check` were updated to use the [v1.1.2 syntax](https://github.com/okken/pytest-check/blob/main/changelog.md#110---2022-nov-21) (`check` fixture, or `from pytest_check import check`). #### Internal * The `sys.exit()` in the case of no objects falling above the 'suggest' search threshold was refactored into the main `do_suggest()` body, to minimize the surprise of an `exit()` call coming in a subfunction. ([#263](bskinn/sphobjinv#263)) #### Packaging * `MANIFEST.in` was revised in order to provide a testable (`pytest --nonloc`) sdist, in order to streamline packaging of `sphobjinv` for conda-forge. (Thanks very much to [@anjos](https://github.com/anjos) for getting the recipes for `sphobjinv` and its dependencies in place! See [#264](bskinn/sphobjinv#264).) #### Administrative * `sphobjinv` is now available via conda-forge! A note was added to the docs to indicate this. * The version bump on `pytest-check` no longer permits the use of Python 3.6 in CI. As Python 3.6 is nearly a year beyond EOL, this seems a reasonable time to officially drop support for it. `python_requires` will still be at `>=3.6` for now; it *should* still work for 3.6...but, no guarantees. * The hook versions for `pre-commit-hooks`, `black`, and `pyproject-fmt` were updated to v4.3, v22.10, and v0.3.5, respectively. * `CONTENT_LICENSE.txt` was created, to specifically house the full content/documentation license information. * `LICENSE.txt` was revised to only hold the MIT License for the code, primarily so that Github's automatic systems will recognize the project as MIT licensed. * Caching of pip downloads was added to all of the Azure Pipelines jobs. * The version constraint for `pytest-check` was raised to `>=1.1.2`. * A temporary upper bound was placed on the `flake8` version (now `>=5,<6`, instead of `>=5`) to avoid pip resolver failures likely due to conflicts with constraints declared by plugins. * The older versions of `jsonschema` tested in the `tox` matrix were streamlined down to 3.0 (`==3.0`), 3.x (`<4`), 4.0 (`<4.1`) and 4.8 (`<4.9`). * The pin of `sphinx-issues==0.4.0` in the `tox` matrix was removed, to match the unpinned package in the `requirements-xxx.txt` files. ### [2.3] - 2022-11-08 #### Added * The CLI now prints the project name and version for the `objects.inv` as part of the 'suggest' mode output. * The CLI now prints an inferred `intersphinx_mapping` entry for a remote docset as part of the 'suggest' mode output, where such inference is possible. The output from this mapping inference was added to the relevant tests, and a couple of unit tests on some basic pieces of functionality were written. ([#149](bskinn/sphobjinv#149)) * The CLI now provides considerably more information about what is happening with the URLs it checks when trying to retrieve a remote inventory. ([#99](bskinn/sphobjinv#99), plus more) * CLI 'suggest' results output now displays more information about the total number of objects in the inventory, the search score threshold, and the number of results falling at/above that threshold. ([#232](bskinn/sphobjinv#232)) * A new CLI option, `-p`/`--paginate`, enables paging of the results from the `suggest` feature. ([#70](bskinn/sphobjinv#70)) #### Fixed * The regex for parsing object lines from decompressed inventories now correctly processes `{role}` values that contain internal colons. * CLI corner case where options are passed but no subparser is specified now results in a clean error-exit, instead of an exception. ([#239](bskinn/sphobjinv#239)) #### Documentation * Updated doctests to reflect the new v22.1 attrs `objects.inv` used for demonstration purposes. * Updated `syntax.rst` to indicate that the `{role}` in an inventory object MAY contain a colon. * Added new 'CLI implementation' pages for the new modules, downstream of the refactoring of the CLI 'convert' and 'suggest' code. * Revised the intro paragraph of the 'CLI usage' page to more clearly emphasize the two CLI subcommands and the links to their respective docs pages. * Fixed a mistake in the CLI help info for the `--url` argument to `convert`. #### Tests * Various tests were updated to reflect the contents of the new v22.1 attrs `objects.inv` introduced to replace the previous v17.2 inventory. * A modern Sphinx `objects.inv` (v6.0.0b) was added to `tests/resource` as `objects_sphinx.inv`, and the previous v1.6.6 was renamed to `objects_sphinx_1_6_6.inv`. * The 'valid objects' test cases were updated to reflect the possibility for a colon within `{role}`: * The colon-within-`{role}` test case was moved from 'invalid' to 'valid'. * The colon-within-`{domain}` test case was also moved from 'invalid' to 'valid', but with an annotation added to indicate that it's not actually viable---it will actually be interpreted incorrectly, with the first portion of the colon-containing `{domain}` imported as `{domain}`, and the remainder imported as part of `{role}`. #### Internal * Refactor CLI code to place the 'convert' and 'suggest' implementations in their own modules. * Refactor CLI 'suggest' code to the main `do_suggest()` function and a handful of sub-functions. * Rename the `log_print()` CLI helper function to the more-descriptive `print_stderr()`. * Bump development Sphinx version to v5.3. * Bump flake8 version to >=5, due to the absorption of flake8-colors colorization functionality. The flake8/tox config was updated accordingly. * Bump pre-commit black hook to v22.3.0. * Remove PyPy and Python 3.6 from Azure Pipelines test matrix. * Revise `__version__` retrieval in `setup.py` to use an intermediate dictionary with `exec()`. * Update `setup.cfg` to use `license_files`, instead of the deprecated `license_file`. #### Administrative * Apply CC BY 4.0 to documentation and docstrings and update project files to reflect. ### [2.2.2] - 2022-03-22 #### Fixed * UnicodeDecodeErrors are ignored within the vendored `fuzzywuzzy` package during `suggest` operations, using the `errors=replace` mode within bytes.decode(). * This misbehavior emerged after vendoring `fuzzywuzzy`, suggesting that it was a bug fixed later on in that project's development, after the point from which it was vendored. * This change may alter `suggest` behavior for those inventory objects with pathological characters. But, given their rarity, user experience is not expected to be noticeably affected. #### Internal * The `pyproject-fmt` formatted was added as a pre-commit hook. * The `flake8-raise` plugin was added to the linting suite. #### Testing * A smoke test for error-free `suggest` execution was added for all of the inventory files in `tests/resource`. ### [2.2.1] - 2022-02-05 #### Internal * The `benchmarks.py` file within the vendored version of `fuzzywuzzy` was removed. This *should* have no effect on `sphobjinv` functionality. * Per [#223](bskinn/sphobjinv#223), the Python 2 code within `benchmarks.py` breaks a full-source compilation done as part of an RPM packaging workflow. ### [2.2] - 2022-01-30 #### Administrative * The project documentation has been updated to reflect the deprecation of the `python-Levenshtein` speedup. * `pre-commit` has been added to the project, primarily to automate `black` code formatting on every commit. * The default trailing-whitespace, end-of-file, YAML syntax, and large-file-prevention hooks have also been added. #### Internal * `sphinx-removed-in` was added as a dev and RTD dependency, to provide the `versionremoved` Sphinx directive. ### [2.2b1] - 2021-12-23 #### Removed * Acceleration of the `suggest` functionality via use of `python-Levenshtein` is no longer possible due to the vendoring of an early, MIT-licensed version of `fuzzywuzzy`, as noted below. The `speedup` install extra is now obsolete, and has been removed. #### Internal * The `fuzzywuzzy` string matcher was vendored into the project from a point in its development history before the `python-Levenshtein` dependency, and its corresponding GPL encumbrance, was introduced. #### Administrative * Project default branch migrated to `main` from `master`. * Standard development Python version bumped to 3.10. * Standard development Sphinx version bumped to 4.3.1. * Active support for Python 3.11 added. ### [2.1] - 2021-04-14 #### Added * Python 3.10 support was officially added. #### Changed * The User-Agent header sent by `Inventory` when making an HTTP(S) request now identifies `sphobjinv` and its version (anticipate no API or behavior change). * An extraneous newline was removed before tables printed in the 'suggest' CLI mode (cosmetic change). #### Fixed * Previously, `sphobjinv.Inventory` would ignore entries in `objects.inv` that contained spaces within `name` (see [#181](bskinn/sphobjinv#181)); this is now fixed. #### Removed * Python 3.5 is no longer supported. * The relaxation of the integer constraint on the `priority` field introduced in v2.1b1 has been *reverted*, as `objects.inv` data lines with such non-integer `priority` values are skipped by Sphinx. #### Internal * Where possible, string interpolation has been refactored to use f-strings. * A 'speedup' `extras_require` entry has been added to allow simple installation of `python-Levenshtein` for Linux and MacOS platforms, as `pip install sphobjinv[speedup]`. This extra does nothing on Windows, since compilation machinery is anticipated not to be available for most users. * `objects_mkdoc_zlib0.inv`, which was compressed at `zlib` level 0, has been added to the test resources directory. * This file had to be flagged as binary in `.gitattributes` in order to avoid git EOL auto-conversion on Windows. * The CLI functionality was refactored from the single `sphobjinv.cmdline` module into a dedicated set of `sphobjinv.cli.*` submodules. * Some internal `type(...) is ...` checks were replaced with `isinstance(...)` #### Testing * Added *significant* body of new tests to confirm inventory compatibility with both `sphobjinv` and Sphinx itself. * Consistency checks added both for data within `sphobjinv.Inventory` instances **AND** as emitted from `sphinx.ext.inventory.InventoryFile.load()`. * The tests in `tests/test_valid_objects.py` strive to bracket as precisely as possible what content is allowed on an `objects.inv` data line, in addition to providing guidance on what is allowable, but discouraged. `docs/source/syntax.rst` was also edited to reflect this guidance. * Additional tests have been added to probe corner cases involving Windows EOLs. * A test was added to ensure that the schema in `sphobjinv.schema` is in fact a valid JSON schema. * Multiple asserts/checks per test method have been converted to use `pytest-check` instead of `pytest-subtests`, due to some inconsistent behavior with the latter. * `tox` environments and dependencies were updated, and some flake8 configuration was adjusted. #### Administrative * Standard development Python version bumped to 3.9. * Standard development Sphinx version bumped to 3.5.0. * Added `[skip ci]` flag in commit text for skipping Github Actions CI. * RtD upgraded to use Python 3.8. * Added 'radio Sphinx' logo to RtD docs. * Drafted `CONTRIBUTING.md` and added PR & issue templates. * Tranferred most project metadata from `setup.py` to `setup.cfg`. ### [2.1b1] - 2020-11-13 #### Fixed * Equality tests on Inventory and DataObjStr/DataObjBytes instances now work correctly. * Non-integer and non-numeric values for `priority` are now accepted during `Inventory` instantiation, consistent with what is allowed by `DataObjStr` and `DataObjBytes` instantiation. ### [2.1a2] - 2020-10-27 #### Added * When an inventory is retrieved via CLI from a remote URL with `-u`, the resolved location of the inventory is included in generated JSON at `json_dict.metadata.url`. #### Changed * CLI logging messages are now emitted to stderr instead of stdout. ### [2.1a1] - 2020-10-26 #### Added * A hyphen can now be passed as the CLI input and/or output file name to instruct sphobjinv to use stdin and/or stdout, respectively. * The `fileops` and `inventory` APIs are now tested to work with both strings and `pathlib.Path` objects, where they interact with the filesystem. #### Refactored * Patterns in regular expressions are now defined with raw strings to improve readability.

@dermotbradley

Changelog (taken from https://github.com/eudev-project/eudev/releases/tag/v3.2.12): Release 3.2.12 What's Changed rules/50-udev-default.rules: add PTP entry for Hyper-V/Azure by @dermotbradley in #218 Add the BUILD instructions for Gentoo by @lu-zero in #224 Fix warnings by @bbonev in #222 udev: add udev_dir as synonym of udevdir by @oreo639 in #225 build: Remove dead g-i-r configuration by @akiernan in #231 Hwdb.7 by @bbonev in #221 Precompiled hwdb by @bbonev in #223 Merge suitable rules changes from systemd by @bbonev in #220 Merge hwdb from systemd by @bbonev in #219 Fix problems detected by fortified builds by @bbonev in #232 Avoid warning on 32bit by @bbonev in #233 Systemd PR 24353 by @bbonev in #239 Do not free a static string by @bbonev in #238 man: udev.7, mention /usr/lib with split-usr by @omnivagant in #246 Missing tools by @bbonev in #240 Fix compile-time issue on very old kernels by @cockroach in #247

pkgsrc change: avoid use empty in options.mk. What's new in Sudo 1.9.13 (2023-02-14) * Fixed a bug running relative commands via sudo when "log_subcmds" is enabled. GitHub issue #194. * Fixed a signal handling bug when running sudo commands in a shell script. Signals were not being forwarded to the command when the sudo process was not run in its own process group. * Fixed a bug in cvtsudoers' LDIF parsing when the file ends without a newline and a backslash is the last character of the file. * Fixed a potential use-after-free bug with cvtsudoers filtering. GitHub issue #198. * Added a reminder to the default lecture that the password will not echo. This line is only displayed when the pwfeedback option is disabled. GitHub issue #195. * Fixed potential memory leaks in error paths. GitHub issues #199, #202. * Fixed potential NULL dereferences on memory allocation failure. GitHub issues #204, #211. * Sudo now uses C23-style attributes in function prototypes instead of gcc-style attributes if supported. * Added a new "list" pseudo-command in sudoers to allow a user to list another user's privileges. Previously, only root or a user with the ability to run any command as either root or the target user on the current host could use the -U option. This also includes a fix to the log entry when a user lacks permission to run "sudo -U otheruser -l command". Previously, the logs would indicate that the user tried to run the actual command, now the log entry includes the list operation. * JSON logging now escapes control characters if they happen to appear in the command or environment. * New Albanian translation from translationproject.org. * Regular expressions in sudoers or logsrvd.conf may no longer contain consecutive repetition operators. This is implementation- specific behavior according to POSIX, but some implementations will allocate excessive amounts of memory. This mainly affects the fuzzers. * Sudo now builds AIX-style shared libraries and dynamic shared objects by default instead of svr4-style. This means that the default sudo plugins are now .a (archive) files that contain a .so shared object file instead of bare .so files. This was done to improve compatibility with the AIX Freeware ecosystem, specifically, the AIX Freeware build of OpenSSL. Sudo will still load svr4-style .so plugins and if a .so file is requested, either via sudo.conf or the sudoers file, and only the .a file is present, sudo will convert the path from plugin.so to plugin.a(plugin.so) when loading it. This ensures compatibility with existing configurations. To restore the old, pre-1.9.13 behavior, run configure using the --with-aix-soname=svr4 option. * Sudo no longer checks the ownership and mode of the plugins that it loads. Plugins are configured via either the sudo.conf or sudoers file which are trusted configuration files. These checks suffered from time-of-check vs. time-of-use race conditions and complicate loading plugins that are not simple paths. Ownership and mode checks are still performed when loading the sudo.conf and sudoers files, which do not suffer from race conditions. The sudo.conf "developer_mode" setting is no longer used. * Control characters in sudo log messages and "sudoreplay -l" output are now escaped in octal format. Space characters in the command path are also escaped. Command line arguments that contain spaces are surrounded by single quotes and any literal single quote or backslash characters are escaped with a backslash. This makes it possible to distinguish multiple command line arguments from a single argument that contains spaces. * Improved support for DragonFly BSD which uses a different struct procinfo than either FreeBSD or 4.4BSD. * Fixed a compilation error on Linux arm systems running older kernels that may not define EM_ARM in linux/elf-em.h. GitHub issue #232. * Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined. Sudo will now link using -Wl,--no-undefined by default if possible. GitHub issue #234. * Fixed a bug executing a command with a very long argument vector when "log_subcmds" or "intercept" is enabled on a system where "intercept_type" is set to "trace". GitHub issue #194. * When sudo is configured to run a command in a pseudo-terminal but the standard input is not connected to a terminal, the command will now be run as a background process. This works around a problem running sudo commands in the background from a shell script where changing the terminal to raw mode could interfere with the interactive shell that ran the script. GitHub issue #237. * A missing include file in sudoers is no longer a fatal error unless the error_recovery plugin argument has been set to false. What's new in Sudo 1.9.13p1 (2023-02-17) * Fixed a typo in the configure script that resulted in a line like "]: command not found" in the output. GitHub issue #238. * Corrected the order of the C23 [[noreturn]] attribute in function prototypes. This fixes a build error with GCC 13. GitHub issue #239. * The "check" make target misbehaved when there was more than one version of the UTF-8 C locale in the output of "locale -a". GitHub issue #241. * Removed a dependency on the AC_SYS_YEAR2038 macro in configure.ac. This was added in autoconf 2.72 but sudo's configure.ac only required autoconf 2.70. * Relaxed the autoconf version requirement to version 2.69.

@amigadave

Link with libsocket where needed (#234) by @amigadave in #235 Remove libsoup from doc and CI by @janbrummer in #238 Fix coverity findings by @janbrummer in #241 Add a comment that docs option needs introspection by @janbrummer in #242 Set pac data after download only by @janbrummer in #244 Fix race condition in px_manager_get_proxies_sync by @janbrummer in #245 Update gobject dependency in pkgconfig file by @floppym in #239 Reread env variables in each get_config call by @janbrummer in #246 Bump version to 0.5.2 by @janbrummer in #247

Changelog: This release adds a script for bash autocompletion for nsd-control. Also nsd-control can be configured to use unencrypted operation also when compiled without openssl. There is also a systemd service unit example file contributed. The dnstap log service can be contacted over TCP, with the dnstap-ip: ip option. It is also possible to use TLS, with dnstap-tls, it is enabled by default, and can be configured with the dnstap-server-name, dnstap-cert-bundle, dnstap-client-key-file and dnstap-client-cert-file options. The configure option --enable-root-server is obsolete, it is no longer used and defaults to on. In addition, the build file should support multicore build with flex and bison more easily. FEATURES: Merge #263: Add bash autocompletion script for nsd-control. Fix #267: Allow unencrypted local operation of nsd-control. Merge #269 from Fale: Add systemd service unit. Fix #271: DNSTAP over TCP, with dnstap-ip: "127.0.0.1@3333". dnstap over TLS, default enabled. Configured with the options dnstap-tls, dnstap-tls-server-name, dnstap-tls-cert-bundle, dnstap-tls-client-key-file and dnstap-tls-client-cert-file. BUG FIXES: Fix #239: -Wincompatible-pointer-types warning in remote.c. Fix configure for -Wstrict-prototypes. Fix #262: Zone(s) not synchronizing properly via TLS. Fix for #262: More error logging for SSL read failures for zone transfers. Merge #265: Fix C99 compatibility issue. Fix #266: Fix build with --without-ssl. Fix for #267: neater variable definitions. Fix #270: reserved identifier violation. Fix to clean more memory on exit of dnstap collector. Fix dnstap to not check socket path when using IP address. Fix to compile without ssl with dnstap-tls code. Dnstap tls code fixes. Fix include brackets for ssl.h include statements, instead of quotes. Fix static analyzer warning about nsd_event_method initialization. Fix #273: Large TXT record breaks AXFR. Fix ixfr create from adding too many record types. Fix cirrus script for submit to coverity scan to libtoolize the configure script components config.guess and config.sub. Fix readme status badge links. make depend. Fix for build to run flex and bison before compiling code that needs the headers. Fix to remove unused whitespace from acx_nlnetlabs.m4 and config.h. For #279: Note that autoreconf -fi creates the configure script and also the needed auxiliary files, for autoconf 2.69 and 2.71. Fix unused variable warning in unit test, from clang compile. Fix #240: Prefix messages originating from verifier. Fix #275: Drop unnecessary root server checks.

@karthiknadig

Enhancements Update LSP spec to latest by @karthiknadig in #230 Add --output-dir switch to code generator by @karthiknadig in #239 Dotnet Dotnet: Code generation for LSP methods by @karthiknadig in #222 Generate request, notification and options classes by @karthiknadig in #224 dotnet: Add test case generation by @karthiknadig in #226 Add devcontainer support to repo by @timheuer in #234 Add dotnet test and format check to GHA by @karthiknadig in #240 Add response types and improve test suite by @karthiknadig in #243 Generate dotnet project package. by @karthiknadig in #252 Format Generated Code by @karthiknadig in #257 Use record instead of class for LSP types. by @karthiknadig in #258 Use ImmutableArray and ImmutableDictionary by @karthiknadig in #256 Bug Fixes Fix bug with structuring LSPObject type by @karthiknadig in #229 dotnet: Fix issues with OrType serialization by @karthiknadig in #232 Improve documentation tags in generated code by @karthiknadig in #250 Fix warning with generated converter code by @karthiknadig in #251 Fix for missing notebook selector hook by @karthiknadig in #260

From the changelog: - updated astyle lib to version 3.4.9 - added support for Elm (#237) - added support for Factor (#239) - added support for Cpp2 - updated c.lang to include module keywords - fixed Lua nested string deprecation error (#238)

@andersk

site_cache_dir: Use /var/cache again instead of /var/tmp on UNIX by @andersk in #239

@AmmarAbouZor

What's Changed - Added: Horizontal Scrollbar to Editor by @AmmarAbouZor in #217 - Changed: Upgrade Crates Ratatui & Tui-Textarea with breaking changes by @AmmarAbouZor in #224 - Added: Visual Mode to Built-in Editor by @AmmarAbouZor in #239

11.0.0 - 2022-05-18 Changed * Updated cucumber-gherkin and cucumber-messages 11.1.0 (2022-12-22) Changed * Update gherkin and messages dependencies Fixed * Restore support for matching a scenario by tag and step line numbers. (#237, #238, #239) 12.0.0 (2023-09-06) Changed * Update gherkin and messages minimum dependencies * Added in new rubocop sub-gems for testing, pinning versions where appropriate * Removed all redundant / incorrect rubocop config overrides (Placed in TODO file) * Began to refactor the repo by initially fixing up a bunch of rubocop auto-fix offenses (See PRs for details) (#257 #258) Removed * Remove support for ruby 2.4 and below. 2.5 or higher is required now 13.0.0 (2023-12-05) Changed * Now using a 2-tiered changelog to avoid any bugs when using polyglot-release * More refactoring of the repo by fixing up a bunch of manual rubocop offenses (See PR's for details) (#259 #262 #268 #274) * In all Summary and Result classes, changed the strict argument into a keyword argument See upgrading notes for 13.0.0.md (#261) * Permit usage of gherkin v27 Fixed * Restore support for matching a scenario by its Feature, Background, and Rule line numbers (#247) Removed * Remove legacy unindent gem (Now no longer required since Ruby 2.3 and Squiggly heredocs) (#278)

@patrickt

v0.20.1 What's Changed Switch to GitHub Actions CI. by @patrickt in #166 Add the same PR template as for tree-sitter-javascript by @mjambon in #169 Fixed CRLF behavior for tests by @ahelwer in #188 Fix CRLF behavior mismatch during error recovery by @ahelwer in #189 Endless methods by @aibaars in #190 Add forwarded parameters/arguments by @aibaars in #191 Disable C++ exceptions when compile for wasm32-wasi by @glebpom in #192 Pattern matching by @aibaars in #193 Improve grammar after the introduction of case-in pattern matching by @aibaars in #197 Add parenthesized_pattern by @aibaars in #198 Ruby 3.1 features by @aibaars in #201 Update to Node 16 by @mattmassicotte in #206 C bindings by @mattmassicotte in #199 Parser improvements by @aibaars in #207 CI: use windows-2019 for now by @aibaars in #209 Add named rules for the various call operators by @aibaars in #211 Update Makefile by @mattmassicotte in #213 Allow newer tree-sitter upstream library. by @patrickt in #215 Bump tree-sitter version to 0.20 by @hendrikvanantwerpen in #214 Fix parse error in 'foo! if condition' by @aibaars in #216 Parser improvements: != operator and key: [line_break] by @aibaars in #220 Some improvements to the parser by @aibaars in #222 Wrap class, module, method, and block bodies in a named node by @npezza93 in #224 Parser improvments: quoted heredocs and short-hand interpolations by @aibaars in #225 Add body field for end-less methods by @aibaars in #226 Swift bindings by @mattmassicotte in #227 fix: rename reserved word “arguments” by @drwpow in #229 Bump versions in #208 Anonymous (hash) splat arguments by @aibaars in #233 One-line pattern matching by @aibaars in #194 Scanner: do not skip LINE_BREAKs before .. and ... by @aibaars in #238 Fix non-termination in parser by @aibaars in #239 Fix scanning of division vs regex before line ending by @aibaars in #246 Fix 'case' with newlines before expression by @aibaars in #247

jperkin self-assigned this Mar 30, 2020

jfqd closed this as completed Apr 5, 2020

jperkin pushed a commit that referenced this issue Jun 25, 2021

Update to 6.0.7. From the changelog:

4d51179

* Catch ``urllib.error.URLError`` to prevent crashes. (#239) Updating during the freeze for the bugfix.

jperkin pushed a commit that referenced this issue Nov 14, 2023

py-platformdirs: update to 4.0.0.

3f75bdf

site_cache_dir: Use /var/cache again instead of /var/tmp on UNIX by @andersk in #239

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Please update Powerdns to fix CVE-2019-10163 and CVE-2019-10162 #239

Please update Powerdns to fix CVE-2019-10163 and CVE-2019-10162 #239

jfqd commented Feb 9, 2020

jfqd commented Mar 30, 2020

jperkin commented Mar 30, 2020

jfqd commented Mar 30, 2020

jperkin commented Mar 30, 2020

jfqd commented Apr 5, 2020

Please update Powerdns to fix CVE-2019-10163 and CVE-2019-10162 #239

Please update Powerdns to fix CVE-2019-10163 and CVE-2019-10162 #239

Comments

jfqd commented Feb 9, 2020

jfqd commented Mar 30, 2020

jperkin commented Mar 30, 2020

jfqd commented Mar 30, 2020

jperkin commented Mar 30, 2020

jfqd commented Apr 5, 2020