- By default, if now propagates its child exit code when it exits.
- backtick now propagates failure by default; its options have slightly
different semantics (-i becomes default, new -x introduced).
pkgsrc changes:
- Add manual pages by flexibeast.
Version 10.23.3 'Dubnium' (LTS)
Notable changes
The update to npm 6.14.11 has been relanded so that npm correctly reports its version.
Version 10.23.2 'Dubnium'
Notable changes
Release keys have been synchronized with the main branch.
deps:
upgrade npm to 6.14.11
v1.3
Compatibility:
Tested with Python 3.9.0
Additions:
To help avoid compiler warning about uninitialized members, extra members are added to the PyModuleDef structure for Python 2: m_slots, m_traverse, m_clear and m_free. Under Python 2, they must be set to NULL (usually by continuing to leave them out).
This a meta package including Ruby 3.0 full release.
It includes ruby30-base, ruby30-gdbm, ruby30-fiddle and ruby30-readline
package.
No package should depend on this package directly.
Ruby is the interpreted scripting language for quick and easy Object
Oriented Programming. It has many features to process text files and to do
system management tasks (as in Perl). It is simple, straight-forward, and
extensible.
Features of Ruby are shown below.
+ Simple Syntax
+ *Normal* Object-Oriented features (ex. class, method calls)
+ *Advanced* Object-Oriented features (ex. Mix-in, Singleton-method)
+ Operator Overloading
+ Exception Handling
+ Iterators and Closures
+ Garbage Collection
+ Dynamic Loading of Object files (on some architecture)
+ Highly Portable (works on many UNIX machines, and on DOS, Windows,
Mac, etc.)
Ruby 3.0 introduces a number of new features and performance
improvements, most notably:
* Performance
- MJIT
* Concurrency
- Ractor
- Fiber Scheduler
* Typing (Static Analysis)
- RBS
- TypeProf
This package is Ruby 3.0 release minimum base package.
While here point out that the aarch64 equivalent patch was sent upstream.
Bump PKGREVISION. fix gcc*-libs PKGREVISION accordingly.
Fixes PR pkg/55992: math/blas fails on NetBSD/sparc64
Fixes report by Connor McLaughlan on pkgsrc-users
Version 14.15.5 'Fermium' (LTS)
Notable Changes
deps:
upgrade npm to 6.14.11
V8: backport dfcf1e86fac0
Note: Node.js is not believed to be vulnerable to CVE-2021-21148.
stream,zlib: do not use _stream_* anymore
databases/ruby-activerecord60:
## Rails 6.0.3.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
www/ruby-actionpack60
## Rails 6.0.3.5 (February 10, 2021) ##
* Prevent open redirect when allowed host starts with a dot
[CVE-2021-22881]
Thanks to @tktech (https://hackerone.com/tktech) for reporting this
issue and the patch!
*Aaron Patterson*
## Rails 5.2.4.5 (February 10, 2021) ##
* Fix possible DoS vector in PostgreSQL money type
Carefully crafted input can cause a DoS via the regular expressions used
for validating the money format in the PostgreSQL adapter. This patch
fixes the regexp.
Thanks to @dee-see from Hackerone for this patch!
[CVE-2021-22880]
*Aaron Patterson*
Fixes build with current ocaml.
Note: this update includes the import semantics fixes from 8.11 that
break a lot of developments.
pkgsrc change: docs build now works.
Summary of changes in 8.12:
Coq version 8.12 integrates many usability improvements, in particular
with respect to notations, scopes and implicit arguments, along with
many bug fixes and major improvements to the reference manual. The
main changes include:
New binder notation for non-maximal implicit arguments using [ ]
allowing to set and see the implicit status of arguments
immediately.
New notation Inductive I A | x : s := ... to distinguish the
uniform from the non-uniform parameters in inductive definitions.
More robust and expressive treatment of implicit inductive
parameters in inductive declarations.
Improvements in the treatment of implicit arguments and partially
applied constants in notations, parsing of hexadecimal number
notation and better handling of scopes and coercions for printing.
A correct and efficient coercion coherence checking algorithm,
avoiding spurious or duplicate warnings.
An improved Search command which accepts complex queries. Note
that this takes precedence over the now deprecated ssreflect
search.
Many additions and improvements of the standard library.
Improvements to the reference manual include a more logical
organization of chapters along with updated syntax descriptions
that match Coq's grammar in most but not all chapters.
Additionally, the omega tactic is deprecated in this version of Coq,
and we recommend users to switch to lia in new proof scripts (see also
the warning message in the corresponding chapter).
Summary of changes in 8.11:
The main changes brought by Coq version 8.11 are:
Ltac2, a new tactic language for writing more robust larger scale
tactics, with built-in support for datatypes and the multi-goal
tactic monad.
Primitive floats are integrated in terms and follow the binary64
format of the IEEE 754 standard, as specified in the
Coq.Float.Floats library.
Cleanups of the section mechanism, delayed proofs and further
restrictions of template polymorphism to fix soundness issues
related to universes.
New unsafe flags to disable locally guard, positivity and universe
checking. Reliance on these flags is always printed by Print
Assumptions.
Fixed bugs of Export and Import that can have a significant impact
on user developments (common source of incompatibility!).
New interactive development method based on vos interface files,
allowing to work on a file without recompiling the proof parts of
their dependencies.
New Arguments annotation for bidirectional type inference
configuration for reference (e.g. constants, inductive)
applications.
New refine attribute for Instance can be used instead of the
removed Refine Instance Mode.
Generalization of the under and over tactics of SSReflect to
arbitrary relations.
Revision of the Coq.Reals library, its axiomatisation and
instances of the constructive and classical real numbers.
Additionally, while the omega tactic is not yet deprecated in this
version of Coq, it should soon be the case and we already recommend
users to switch to lia in new proof scripts (see also the warning
message in the corresponding chapter).
The full (huge) changelog is here:
https://coq.inria.fr/distrib/V8.12.2/refman/changes.html
GHC: The Glasgow Haskell Compiler.
The Glasgow Haskell Compiler is a robust, fully-featured, optimising
compiler for the functional programming language Haskell 98
(http://www.haskell.org). GHC compiles Haskell to either native code
or C. It implements numerous experimental language extensions to
Haskell, including concurrency, a foreign language interface, several
type-system extensions, exceptions, and so on. GHC comes with a
generational garbage collector, a space and time profiler, and a
comprehensive set of libraries.
This package provides the 9.0.x release series.
GHC: The Glasgow Haskell Compiler.
The Glasgow Haskell Compiler is a robust, fully-featured, optimising
compiler for the functional programming language Haskell 98
(http://www.haskell.org). GHC compiles Haskell to either native code
or C. It implements numerous experimental language extensions to
Haskell, including concurrency, a foreign language interface, several
type-system extensions, exceptions, and so on. GHC comes with a
generational garbage collector, a space and time profiler, and a
comprehensive set of libraries.
This package provides the 8.10.x release series.
pkgsrc changes:
---------------
* Fix PLIST when the hive option is enabled.
upstream changes:
-----------------
Patch Package: OTP 23.2.4
Git Tag: OTP-23.2.4
Date: 2021-02-04
Trouble Report Id: OTP-16239, OTP-17139, OTP-17161, OTP-17174
Seq num: ERIERL-597, ERL-1458
System: OTP
Release: 23
Application: snmp-5.7.3, ssl-10.2.2
Predecessor: OTP 23.2.3
Check out the git tag OTP-23.2.4, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- snmp-5.7.3 ------------------------------------------------------
---------------------------------------------------------------------
The snmp-5.7.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17161 Application(s): snmp
[manager] In a function handling snmp errors, an unused
result (_Error) could result in matching issues and
therefor case clause runtime errors (crash). Note that
this would only happen in *very* unusual error cases.
Full runtime dependencies of snmp-5.7.3: crypto-3.3, erts-6.0,
kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-2.5
---------------------------------------------------------------------
--- ssl-10.2.2 ------------------------------------------------------
---------------------------------------------------------------------
The ssl-10.2.2 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17139 Application(s): ssl
Related Id(s): ERL-1458, OTP-16239
Avoid that upgrade (from TCP to TLS) servers starts
multiple session cache handlers for the same server.
This applies to Erlang distribution over TLS servers.
OTP-17174 Application(s): ssl
Related Id(s): ERIERL-597
Legacy cipher suites defined before TLS-1.2 (but still
supported) should be possible to use in TLS-1.2. They
where accidentally excluded for available cipher suites
for TLS-1.2 in OTP-23.2.2.
--- Improvements and New Features ---
OTP-16239 Application(s): ssl
Related Id(s): ERL-1458, OTP-17139
Enable Erlang distribution over TLS to run TLS-1.3,
although TLS-1.2 will still be default.
Full runtime dependencies of ssl-10.2.2: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.8, stdlib-3.12
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Patch Package: OTP 23.2.3
Git Tag: OTP-23.2.3
Date: 2021-01-20
Trouble Report Id: OTP-17097, OTP-17107, OTP-17108, OTP-17110
Seq num: ERIERL-586, ERL-1442
System: OTP
Release: 23
Application: crypto-4.8.3, erts-11.1.7, snmp-5.7.2,
ssh-4.10.7
Predecessor: OTP 23.2.2
Check out the git tag OTP-23.2.3, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- crypto-4.8.3 ----------------------------------------------------
---------------------------------------------------------------------
The crypto-4.8.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17107 Application(s): crypto
Adding missing flag in BN-calls in SRP.
Full runtime dependencies of crypto-4.8.3: erts-9.0, kernel-5.3,
stdlib-3.4
---------------------------------------------------------------------
--- erts-11.1.7 -----------------------------------------------------
---------------------------------------------------------------------
The erts-11.1.7 application can be applied independently of other
applications on a full OTP 23 installation.
--- Improvements and New Features ---
OTP-17097 Application(s): erts
Make windows installer remove write access rights for
non admin users when installing to a non default
directory. Reduces the risk for DLL sideloading, but
the user should always be aware of the access rights
for the installation.
Full runtime dependencies of erts-11.1.7: kernel-7.0, sasl-3.3,
stdlib-3.13
---------------------------------------------------------------------
--- snmp-5.7.2 ------------------------------------------------------
---------------------------------------------------------------------
The snmp-5.7.2 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17110 Application(s): snmp
Related Id(s): ERIERL-586
[manager] Misspelled priv protocol (atom) made it
impossible to update usm user 'priv_key' configuration
for usmAesCfb128Protocol via function calls.
Full runtime dependencies of snmp-5.7.2: crypto-3.3, erts-6.0,
kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-2.5
---------------------------------------------------------------------
--- ssh-4.10.7 ------------------------------------------------------
---------------------------------------------------------------------
The ssh-4.10.7 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17108 Application(s): ssh
Related Id(s): ERL-1442
The SSH daemon erroneously replaced LF with CRLF also
when there was no pty requested from the server.
Full runtime dependencies of ssh-4.10.7: crypto-4.6.4, erts-9.0,
kernel-5.3, public_key-1.6.1, stdlib-3.4.1
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
## 1.14.2 - 2021-01-23
- Allow `JANET_PROFILE` env variable to load a profile before loading the repl.
- Update `tracev` macro to allow `def` and `var` inside to work as expected.
- Use `(dyn :peg-grammar)` for passing a default grammar to `peg/compile` instead of loading
`default-peg-grammar` directly from the root environment.
- Add `ev/thread` for combining threading with the event loop.
- Add `ev/do-thread` to make `ev/thread` easier to use.
- Automatically set supervisor channel in `net/accept-loop` and `net/server` correctly.
Remove workaround for RHEL 7. This workaround resulted in gcc/configure
failing to find dlfcn.h. The build doesn't appear to need it.
Fixes install on both Fedora 33 and CentOS 7 (the docker image, at least).
Jim Tcl version 0.80:
---------------------
Bugs fixed in version 0.80
return -level 0 -code xxx now returns the correct result
regexp - fix an issue with failed optional group
oo - fix an issue when no class variables are given
oo - fix super invocation with multiple inheritance levels
tailcall - fix to avoid growing the C stack frame
regsub -all with \A now works correctly
scan - fix an issue with chars vs bytes in utf-8 mode
aio - fix eventloop and eof for ssl connections
lsearch -regexp - fix the case where the pattern begins with a dash
lsearch -command - handle the case with too few args
Disallow renaming a local proc with upcall to avoid inconsistent behaviour
Features and improvements added in version 0.80
Dictionaries now preserve insertion order
string map and string compare now support embedded nulls
string match and other glob matches now support embedded nulls
Variable and proc names now support embedded nulls
Interactive mode now prints results containing embedded nulls
Generate a build warning if system is non-Y2038 compliant
package names added as an alias for package list
file rootname, file dirname are now more consistent with Tcl
aio - add Server Name Indication (SNI) ssl support
aio - add socket pty support
The 0d radix prefix is now supported for decimal (base 10)
String comparison operators lt, gt, le and ge are now supported
dict getwithdefault (and the alias dict getdef) are now supported
Build has coverage support, and test coverage is now over 90%
Performance improvements in a number of areas
Jim Tcl version 0.79:
---------------------
Bugs fixed in version 0.79
aio - Fix closing stdin in bootstrap jimsh
clock scan - Unspecified fields use the current date/time
Fix linenoise assertion failure on Windows
file - Improved support for trailing slashes in pathnames
regexp, regsub - Various fixes in UTF-8 mode
$(...) syntax now properly returns non-error codes
Features added in version 0.78
file - Add mtimeus for microsecond resolution
file - Add missing split subcommand
lreplace - Implement TIP #505
aio - Add dgram unix socket support
aio - Add support for lock -wait
aio copyto - Significantly improve performance
aio tty - Allow setting echo
signal - Add block for blocking signals with SIG_IGN
Add built-in JSON support with the json extension
Improve performance when indexing UTF-8 strings
Other changes
Documentation updates to improve consistency, remove obsolete commands, add some missing commands
exec no longer forces SIGPIPE disposition to SIG_DFL
Update autosetup to v0.6.9 with optimised insert/delete
Jim Tcl version 0.78:
---------------------
Bugs fixed in version 0.78
local - Fix crash when local command is deleted
history - When creating ~/.jim_history, set permissions to 0600 for security
exec - Fix windows exec with empty or unset env
exec - Fix check for | and |&
jim.c - Fix Object leak in zlib support
signal - Restore default signal handling on interp exit
dict - Fix [dict values] with duplicate values
Fix ‘/’ command, divide by zero
expr - Replace expression engine to fix a number of problems
zlib - Various fixes
lsort -unique - Fix case with no duplicates
aio tempname - Fix a crash when the template is invalid
Tcl compatibility - Error on extra characters after close brace
eventloop - Return from callback is not an error
oo - Fix methods for superclasses
Various refcount and edge case fixes found by fuzz testing
Features added in version 0.78
Add support for utf-8 wide characters
aio - Add tty for termios settings
aio - Add sockopt for broadcast, tcp_nodelay, etc.
utf-8 - Update UnicodeData.txt to 9.0.0
jimsh - Add support for jimsh -
jimsh - Scriptable command-line completion support via tcl::autocomplete
history - Add autocompletion support history completion <cmd>
Add support for -commands to many commands
Add pkg-config support - jimtcl.pc
clock - Add -gmt option to format and scan
tree - Allow nodes to be deleted
defer, $jim::defer - Allow scripts to run on proc exit
eventloop - Support sub-millisecond timer resolution
Support lambda even if references are disabled
Performance - Improve a number of common cases through caching
signal, exec, wait, pid, pipe - Many improvements
build - Support --silent-rules, and enable by default
regexp - Implement class shorthand escapes in brackets
linenoise (jimsh) - Add ^Z (SUSP) support
linenoise (jismh) - Update to support multiline mode
Other changes
signal - Remove the signal command from child interpreters
os.wait is now wait
aio ssl now upgrades the current channel rather than creating a new channel
Update autosetup to v0.6.8
This is a copy of the previous lang/erlang of that release, with a few bits
tidied up, and configured to live alongside the newer lang/erlang package by
using a versioned library directory.
This version is required for at least databases/couchdb, and may be required
for other software that is incompatible with OTP 23.
