openbsd requires mapping the stack with MAP_STACK. binaries not doing this
will not run. patch taken from openbsd ports, via sjmulder.
I modified it to use GOOS_openbsd, because other OSes are not provided
an implementation of sysMarkStack.
Bump PKGREVISION.
* vulnerabilities of rubygems are already fixed in 2.4.5nb1.
Ruby 2.4.6 Released 1 Apr 2019
Ruby 2.4.6 has been released.
This release includes about 20 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.
* Multiple vulnerabilities in RubyGems
See the commit log for details.
After this release, we will end the normal maintenance phase of Ruby 2.4, and
start the security maintenance phase of it. This means that after the release
of 2.4.6 we will never backport any bug fixes to 2.4 except security fixes.
The term of the security maintenance phase is scheduled for 1 year. By the
end of this term, official support of Ruby 2.4 will be over. Therefore, we
recommend that you start planning to upgrade to Ruby 2.6 or 2.5.
As discussed on pkgsrc-users, rust does not work on any NetBSD before
8, for any architecture. Omit NetBSD 1 from the broken list, so that
this doesn't match NetBSD 10.
As discussed on pkgsrc-users, mark rust as BROKEN_ON for NetBSD 7
i386. The bootstrap is built for 8, apparently because it doens't
build on 7. This is BROKEN_ON not NOT_FOR because it does make sense
to want rust on 7 -- it just won't build.
(Probably this should be expanded to all arches and all versions < 8.)
Match the logic used by setup.py: it looks for two headers in the default
include path. This helps newer glibc linux.
Omit PLIST.dll on python3* because it doesn't appear in the PLIST.
Make PLIST.dll true on all non-IRIX.
tested: NetBSD-current, FreeBSD 11.2, Ubuntu 18.10, CentOS 6.9, Source Mage
From Dr. Thomas Orgis, myself, and with pointers to a change from leot.
PR pkg/53673
Changes:
3.7.3
=====
Documentation
-------------
- bpo-36083: Fix formatting of --check-hash-based-pycs options in the
manpage Synopsis.
- bpo-34764: Improve example of iter() with 2nd sentinel argument.
- bpo-21314: A new entry was added to the Core Language Section of the
Programming FAQ, which explaines the usage of slash(/) in the signature of
a function. Patch by Lysandros Nikolaou
- bpo-22062: Update documentation and docstrings for pathlib. Original patch
by Mike Short.
3.2.6:
Bug Fixes
* Python 3.x bytecode confusing "try/else" with "try" in a loop,
* Python 3 bug in not detecting end bounds of an "if" ... "elif",
* Comma placement in 3.6 and 3.7 **kwargs,
* Fix "if" return boundary in 3.6+,
* 2.7 can have two JUMP_BACKs at the end of a while loop
Pull Requests
* Better "assert" statement detemination in Python 2.7
* Python 3.7 testing
* Run more f-string tests on Python 3.7
* support utf-8 chars in Python 3 sourcecode
Python 3.7.3:
Security
bpo-36216: Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed.
bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco.
bpo-35121: Don’t send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with http.cookiejar.DefaultCookiePolicy policy. Patch by Karthikeyan Singaravelan.
Core and Builtins
bpo-35942: The error message emitted when returning invalid types from __fspath__ in interfaces that allow passing PathLike objects has been improved and now it does explain the origin of the error.
bpo-35992: Fix __class_getitem__() not being called on a class with a custom non-subscriptable metaclass.
bpo-35991: Fix a potential double free in Modules/_randommodule.c.
bpo-35961: Fix a crash in slice_richcompare(): use strong references rather than stolen references for the two temporary internal tuples.
bpo-31506: Clarify the errors reported when object.__new__ and object.__init__ receive more than one argument. Contributed by Sanyam Khurana.
bpo-35720: Fixed a minor memory leak in pymain_parse_cmdline_impl function in Modules/main.c
bpo-35623: Fix a crash when sorting very long lists. Patch by Stephan Hohe.
bpo-35214: clang Memory Sanitizer build instrumentation was added to work around false positives from posix, socket, time, test_io, and test_faulthandler.
bpo-35560: Fix an assertion error in format() in debug build for floating point formatting with “n” format, zero padding and small width. Release build is not impacted. Patch by Karthikeyan Singaravelan.
bpo-35552: Format characters %s and %V in PyUnicode_FromFormat() and %s in PyBytes_FromFormat() no longer read memory past the limit if precision is specified.
bpo-35504: Fix segfaults and SystemErrors when deleting certain attributes. Patch by Zackery Spytz.
bpo-33989: Fix a possible crash in list.sort() when sorting objects with ob_type->tp_richcompare == NULL. Patch by Zackery Spytz.
Library
bpo-35931: The pdb debug command now gracefully handles all exceptions.
bpo-36251: Fix format strings used for stderrprinter and re.Match reprs. Patch by Stephan Hohe.
bpo-35807: Update ensurepip to install pip 19.0.3 and setuptools 40.8.0.
bpo-36179: Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in out-of-memory cases.
bpo-35178: Ensure custom warnings.formatwarning() function can receive line as positional argument. Based on patch by Tashrif Billah.
bpo-36106: Resolve potential name clash with libm’s sinpi(). Patch by Dmitrii Pasechnik.
bpo-35512: unittest.mock.patch.dict() used as a decorator with string target resolves the target during function call instead of during decorator construction. Patch by Karthikeyan Singaravelan.
bpo-36091: Clean up reference to async generator in Lib/types. Patch by Henry Chen.
bpo-35899: Enum has been fixed to correctly handle empty strings and strings with non-Latin characters (ie. ‘α’, ‘א’) without crashing. Original patch contributed by Maxwell. Assisted by Stéphane Wirtel.
bpo-35918: Removed broken has_key method from multiprocessing.managers.SyncManager.dict. Contributed by Rémi Lapeyre.
bpo-35960: Fix dataclasses.field() throwing away empty mapping objects passed as metadata.
bpo-35847: RISC-V needed the CTYPES_PASS_BY_REF_HACK. Fixes ctypes Structure test_pass_by_value.
bpo-35780: Fix lru_cache() errors arising in recursive, reentrant, or multi-threaded code. These errors could result in orphan links and in the cache being trapped in a state with fewer than the specified maximum number of links. Fix handling of negative maxsize which should have been treated as zero. Fix errors in toggling the “full” status flag. Fix misordering of links when errors are encountered. Sync-up the C code and pure Python code for the space saving path in functions with a single positional argument. In this common case, the space overhead of an lru cache entry is reduced by almost half. Fix counting of cache misses. In error cases, the miss count was out of sync with the actual number of times the underlying user function was called.
bpo-23846: asyncio.ProactorEventLoop now catches and logs send errors when the self-pipe is full.
bpo-34323: asyncio: Enhance IocpProactor.close() log: wait 1 second before the first log, then log every second. Log also the number of seconds since close() was called.
bpo-34294: re module, fix wrong capturing groups in rare cases. re.search(), re.findall(), re.sub() and other functions that scan through string looking for a match, should reset capturing groups between two match attempts. Patch by Ma Lin.
bpo-35717: Fix KeyError exception raised when using enums and compile. Patch contributed by Rémi Lapeyre.
bpo-35699: Fixed detection of Visual Studio Build Tools 2017 in distutils
bpo-32710: Fix memory leaks in asyncio ProactorEventLoop on overlapped operation failure.
bpo-32710: Fix a memory leak in asyncio in the ProactorEventLoop when ReadFile() or WSASend() overlapped operation fail immediately: release the internal buffer.
bpo-35682: Fix asyncio.ProactorEventLoop.sendfile(): don’t attempt to set the result of an internal future if it’s already done.
bpo-35283: Add a pending deprecated warning for the threading.Thread.isAlive() method. Patch by Dong-hee Na.
bpo-35643: Fixed a SyntaxWarning: invalid escape sequence in Modules/_sha3/cleanup.py. Patch by Mickaël Schoentgen.
bpo-35615: weakref: Fix a RuntimeError when copying a WeakKeyDictionary or a WeakValueDictionary, due to some keys or values disappearing while iterating.
bpo-28503: The crypt module now internally uses the crypt_r() library function instead of crypt() when available.
bpo-35121: Don’t set cookie for a request when the request path is a prefix match of the cookie’s path attribute but doesn’t end with “/”. Patch by Karthikeyan Singaravelan.
bpo-35585: Speed-up building enums by value, e.g. http.HTTPStatus(200).
bpo-21478: Calls to a child function created with unittest.mock.create_autospec() should propagate to the parent. Patch by Karthikeyan Singaravelan.
bpo-35513: TextTestRunner of unittest.runner now uses time.perf_counter() rather than time.time() to measure the execution time of a test: time.time() can go backwards, whereas time.perf_counter() is monotonic.
bpo-35502: Fixed reference leaks in xml.etree.ElementTree.TreeBuilder in case of unfinished building of the tree (in particular when an error was raised during parsing XML).
bpo-31446: Copy command line that was passed to CreateProcessW since this function can change the content of the input buffer.
bpo-20239: Allow repeated assignment deletion of unittest.mock.Mock attributes. Patch by Pablo Galindo.
bpo-17185: Set __signature__ on mock for inspect to get signature. Patch by Karthikeyan Singaravelan.
bpo-10496: check_environ() of distutils.utils now catches KeyError on calling pwd.getpwuid(): don’t create the HOME environment variable in this case.
bpo-35066: Previously, calling the strftime() method on a datetime object with a trailing ‘%’ in the format string would result in an exception. However, this only occured when the datetime C module was being used; the python implementation did not match this behavior. Datetime is now PEP-399 compliant, and will not throw an exception on a trailing ‘%’.
bpo-24746: Avoid stripping trailing whitespace in doctest fancy diff. Orignial patch by R. David Murray & Jairo Trad. Enhanced by Sanyam Khurana.
bpo-35198: Fix C++ extension compilation on AIX
bpo-28441: On Cygwin and MinGW, ensure that sys.executable always includes the full filename in the path, including the .exe suffix (unless it is a symbolic link).
bpo-34572: Fix C implementation of pickle.loads to use importlib’s locking mechanisms, and thereby avoid using partially-loaded modules. Patch by Tim Burgess.
bpo-33687: Fix the call to os.chmod() for uu.decode() if a mode is given or decoded. Patch by Timo Furrer.
bpo-32146: Document the interaction between frozen executables and the spawn and forkserver start methods in multiprocessing.
Vala 0.44.1
===========
* Various improvements and bug fixes:
- ccodegen:
+ Use unsigned default value for flags-enum
+ Use guint to represent flags-enum in custom GMarshalFunc
- Move disconnect error from signal-module to semantic-analyzer pass
- Mark defined constructors of abstract classes as protected
- parser: Implicit creation method of abstract classes must be protected
- vala: Allow assignment of 0U to enum types
- libvaladoc: Don't try to create a Content.ListItem when there is none
* Bindings:
- gio-2.0: SocketAddress.from_native() is a factory method not a constructor
- glib-2.0: Add string.validate_len() since 2.60
- gstreamer: Update from 1.15.2+ git master
- gtk4: Update to 3.94.0+f14d998c
- libgvc: Some additions and ownership/return-type fixes
- vte-2.90: Mark as deprecated, it was replaced by vte-2.91
- vapi: Update GIR-based bindings
Vala 0.44.0
===========
* Various improvements and bug fixes:
- parser: Adjust various source references
- vala: More regular invocations of check() on inferred Expression.value_type
* Bindings:
- gstreamer: Update from 1.15.2+ git master
- gtk4: Update to 3.94.0+eacbeb9e
- vapi: Update GIR-based bindings
Vala 0.43.92
============
* Various improvements and bug fixes:
- codegen:
+ Allow to associate CCodeFile to actual SourceFile
+ Only emit declaration of *_register_type if needed
+ Add get_variable_array_length_cname() and use as possible
+ Respect array_length_cname attribute for global fields
+ Replace gvaluecollector_h_needed with dedidated add_include() calls
+ Respect finish[_vfunc]_name attributes defined in vala sources
+ Include "glib-object.h" for typeof expression
- vala:
+ Correctly perform compatibility check of array length-type [#607]
+ Don't ignore qualified parent when inferring type of enum member [#666035]
- girwriter:
+ Support transfer-ownership="container" for arrays
+ Always use get_gir_name() for TypeSymbols
- testrunner: Add support for Genie source files (.gs)
- tests: Add some Genie tests to increase coverage
- genie: Allow main function "init" to return integer as exit status [#402]
* Bindings:
- gobject-2.0: Add SignalHandler.disconnect_by_data()
- poppler-glib: Update to 0.74
- gtk4: Update to 3.94.0+b4ae491b
- vapi: Update GIR-based bindings
Vala 0.43.91
============
* Various improvements and bug fixes:
- Revert "valadoc: Drop duplicated code to add source files and use
CodeContext API" and "valadoc: Update API tests" (#748)
- valadoc: Report warning if resources for doclet could not be copied
- libvaladoc: Properly support the output of async constructors (#753)
- girparser: Correctly set array_length_type for delegates returning an array
- Revert "vala: Don't replace assignments for local variables with non-null
simple-types" (#755)
* Bindings:
- Follow GTK upstream rename to gtk4 and gtk4-unix-print
- gtk4,gtk4-unix-printer: Update to 3.94.0+02e856f6
- gtk+-unix-print-*.0: Fix PrintJob.get_page_ranges(),
Printer.get_hard_margins()
- atk-1.0: Adjust for upstream revert of Implementor using G_DEFINE_INTERFACE
- clutter-1.0: Drop deprecated from Actor.pick() (#625)
- glib-2.0: Add "delegate_target = false" to Log.writer_journald/
_standard_streams/_default
- gio-unix-2.0: Add DesktopAppInfo.get_string_list() since 2.60
- gstreamer: Update from 1.15.1+ git master
- webkit2gtk-4.0: Update to 2.23.91
- vapi: Update GIR-based bindings
Vala 0.43.90
============
* Various improvements and bug fixes:
- codegen: Replace some unfortunate asserts with internal error reports
- codegen: Properly handle and catch inner-error of finally-block (#742)
- codegen: Pass lambda expression of variable initializer to signal connect
- vala: Check inferred variable_type of LocalVariables
- vala: Parser doesn't ensure "protected" to be applied on TypeSymbol members
- libvaladoc: Don't change the size of an array in-parameter
- g-i: Fix return value on error in start_discriminator()
* Bindings:
- Add goocanvas-2.0 bindings (#739)
- gdk-3.0: Update to 3.24.4+a0129f55
- glib-2.0: Bind g_log_writer_journald/_standard_streams/_default as
LogWriterFunc (#559)
- goocanvas: Update from 1.0.0+af07af5d
- gstreamer: Update from 1.15.1+
- gtk+-4.0: Update to 3.94.0+a7fa1cf6
- vapi: Update GIR-based bindings
Vala 0.43.6
===========
* Various improvements and bug fixes:
- codegen: Don't apply address-of operator on literals when casting to array
- vala: Don't tweak closure on static lambdas [#740]
- Revert "codegen: Use copies of error_variable of catch-clauses for nested
usage" and add asynchronous "catch-error-scope" regression test [#741]
- libvaladoc: Build backing Vala.SourceFile for GIRs processed by importer
- libvaladoc/girimporter: Skip "source-position" elements
- genie: Support "protected" accessibility and allow explicit "public" [#346]
* Bindings:
- gst-editing-services-1.0: Fix some construtors and (un)hide symbols
- javascriptcoregtk-4.0: Fix GLib.Callback parameters which can't hold target
Vala 0.43.5
===========
* Various improvements and bug fixes:
- vala:
+ Use dedicated error message for assignments to literals
+ Async methods don't allow out-parameters before in-parameters [#636]
+ Allow direct access to the integer constants of an error-domain [#732]
+ Multiple lamdba arguments in method call should all use same scope [#59]
- codegen:
+ Use a parameter-map for creation of delegate declaration [#728]
+ Add "error_pos" CCode attribute and use it as needed [#728]
+ Emit struct declaration typedef before resolving its fields [#318]
+ Add "destroy_notify_cname" CCode attribute
+ Use get_ccode_*name/get_parameter_cexpression() for Parameters
+ Set owner for ValaDestroyNotify (POSIX) [#730]
+ Include "stddef.h" in CCodeBaseModule.destroy_value() (POSIX) [#730]
- girparser: Recognize error parameter before delegate target parameter [#265]
- compiler: Report deprecated command-line option "--thread"
- valadoc: Specify that the "--driver" option is deprecated [#736]
* Bindings:
- atk: Don't use a custom SignalEmissionHook while it is part of gobject-2.0
- gdk-pixbuf-2.0: Make PixbufSaveFunc usable [#728]
- gio-2.0: Make DBusInterface[GS]etPropertyFunc usable [#728]
- gio-2.0: Add CancellableSource ctor and update PollableSource ctors
- glib-2.0: Add Queue.clear_full() since 2.60
- gstreamer: Update from 1.15+ git master
- gdk-3.0,gtk+-3.0: Update to 3.24.3+9c8f1478
- gtk+-4.0: Update to 3.94.0+9b15c690
- libsoup-2.4: Fix Message.add_*_handler() [#731]
- vapi: Update GIR-based bindings
Vala 0.43.4
===========
* Various improvements and bug fixes:
- vala:
+ Array with fixed length don't require explicit instantiation (#720)
+ Add GenericType.get_actual_type()
+ Allow get_actual_type() to be used for expected failures
+ Add Method.compatible_no_error()
+ Don't just guess and check for a matching base_interface_method (#548)
+ Search in all interfaces for an implementation match (#548)
+ Allow explicit interface methods to be virtual (#548)
+ Report invalid instance member access to property (#605)
- codegen:
+ Use properly checked implicit interface implementations (#548)
+ Use temp-var for MethodCall with out/ref arguments (#722)
+ Use temp-vars for ellipsis out-arguments to fix memory management (#722)
+ Add default_value for CType to initialize variables if needed (#724)
+ Cast instance parameter for property access in object-initializer
+ Don't check boolean values for (in)equality in GTask API (#726)
+ Add missing data parameter to GTypeInfo callbacks
+ Properly set annotations field of GDBus*Info struct to NULL
+ Cast instance and result of g_async_initable_new_finish() call
- valadoc: Drop duplicated code to add source files and use CodeContext API
- libvaladoc: Skip empty Version.replacement attribute to avoid critical
- build: Don't leak libvalaccode symbols to libvaladoc
- Add a basic CONTRIBUTING.md file that links to the relevant Wiki page
- tests:
+ Fix try_parse() tests to not compare to already free'd memory
+ Warnings and criticals should be fatal on compile time too
* Bindings:
- glib-2.0: Use correct array-length-type for returned arrays (#171)
- glib-2.0: Add RecMutexLocker since 2.60
- gio-2.0: Fix File.replace_contents_bytes_async() (!37)
- gobject-2.0: Use correct array-length-type for returned arrays
- poppler-glib: Update to 0.71
- gstreamer: Update from 1.15+ git master
- gtk+-3.0: Update to 3.24.2+a8e07254
- gtk+-4.0: Update to 3.94.0+4404afc9
- sqlite3: Correct return C type of Statement.column_text & Value.to_text
- webkitgtk-4.0: Update to 2.23.1
- vapi: Update GIR-based bindings
Vala 0.43.2
===========
* Various improvements and bug fixes:
- codegen:
+ GType classes and interfaces require including "glib-object.h"
+ Handle non-default AsyncResult parameter position [#709]
and regenerate GIR-based bindings to fix non-standard async methods
+ Always emit constants with initializer-list [#81]
+ Emit delegate/enum typedefs to type-declaration section [#318]
- Break possible endless loop in SymbolResolver.get_type_for_struct() [#444]
* Bindings:
- gobject-introspection-1.0: Pick up version attribute fixes
Vala 0.43.1
===========
* Highlights:
- Emit G_DEFINE_AUTOPTR_CLEANUP_FUNC() for classes (requires glib 2.44) [#670]
- Enforce "return yield ..." syntax to be expected [#675]
- Drop deprecated syntax support of += and -= for signals [#676]
- Drop deprecated syntax support of # modifier and operator [#677]
- Allow disabling the build of valadoc [#596]
- Add support for SingleInstance attribute for GObject classes [#647]
- Don't allow to declare array parameters with "type array[]" [#163]
- Collect error_types on demand to allow transformations
- Check for matching ownership of type-arguments [#696]
- Add profile specific delegate target/destroy types
- Don't explicitly add glib headers, the use of symbols will do that [#623]
- Add --enable-debug configure option
- Move setting of default defines for VALA_0_XX and GLIB_2_XX to CodeContext
- Add support for delegate parameters in signals [#205]
- Admit that structs are emtpy even with a static property [#446]
* Various improvements and bug fixes:
- codegen:
+ Fix method pointer cast if instance isn't at first position
+ Transfer ownership of compact class to DestroysInstance method [#645]
+ Add destroy function for GLib.Array [#572]
+ Fix canonical string for quark of error domains
+ Make sure to include declarations for delegate typed parameters
+ Don't emit type_id for enum in non GOBJECT profile
+ Don't emit unused temp variable for element access assignments
+ Actually create method cast for base interface method as needed
+ Mark needle parameter of internal array-contains methods as const [#504]
+ Emit initializer for enum-value into wanted declaration space [#167]
+ Add void to delegate typedef declarations without parameters
+ Deprecate "finish_function" and "ctype" ccode-attribute
+ Fix get_ccode_name() for properties
+ Add ccode getters for GType functions of Classes and Interfaces
+ Don't allow more than one consecutive empty lines in generated code
- vala:
+ Copy instance_pos argument from virtual/abstract base methods [#540483]
+ Compact classes don't allow private/class fields and to lock fields
+ Use comment which was already retrieved in parse_declaration()
+ Add missing re-check guards for Do/For/WhileStatement and SwitchLabel
+ Type check for errors require an error expression [#362]
+ Make check_arguments() more verbose and don't bail on first error [#438]
+ Don't emit member access of assignments on static properties [#573]
+ Use clearer error message for automatic properties in interfaces [#656]
+ Admit that structs are emtpy even with a static property [#684]
+ Let UsingDirective hold reference to UnresolvedSymbol instances only
+ Add ArrayType.length_type and ArrayCreationExpression.length_type [#607]
+ Remove hardcoded "int" length type and use ArrayType.length_type [#607]
+ Use is_weak() for type-arguments in DataType.to_qualified_string()
- girwriter: Write glib-type attributes for Enums/Structs with type_id
- girparser: Skip "source-position" elements and docs in transparent union
- valadoc:
+ Match property signature with vala's codewriter
+ Sort symbols and members where possible
+ Actually assign type_id of Api.Structs
+ Add type_id to Api.Enum/Interface
+ Skip package dependency if target directory already exists
+ Fix a few errors and warnings in stylesheet
+ Adjust stylesheet to unbreak Epiphany [#644]
+ Several API clean ups
+ Add --fatal-warnings command line option
- docs: Use Markdown for README and include build instructions
- testrunner: Compile and run tests separately and pass buildsystem's CC
through to valac, add various -Werror=* build cflags
* Bindings:
- gio-2.0: Add missing File.new_build_filename()
- glib-2.0: Add missing Array.set_clear_func() binding
- glib-2.0: Avoid double-free in GLib.Array if clear_func is set
- glib-2.0: Drop g_object_unref which is part of gobject-2.0
- gobject-2.0: Attribute all symbols with cheader_filename = "glib-object.h"
- gdk-x11-3.0,gtk+-3.0: Update to 3.24.1+356f1f59
- gtk+-3.0: Treat Gtk.IconInfo as GLib.Object which it is since 3.8 [#663]
- gtk+-4.0: Update to 3.94.0+8de1ba2c
- gstreamer: Update from 1.15+ git master
- posix: Add CommandPipe as a sub-type of FILE [#645]
Also apply similar ifdefs for NetBSD as FreeBSD and OpenBSD.
Now nodejs binary won't fail during lang/npm and www/firefox builds
on NetBSD/i386 8.0.
Bump PKGREVISION.
No particular comments on pkgsrc-bug@:
http://mail-index.netbsd.org/pkgsrc-bugs/2019/03/19/msg066102.html
Should close PR pkg/53497, PR pkg/53758, PR pkg/53792, and PR pkg/53794.
Python 3.4.10 final
Security
bpo-36216: Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed.
bpo-35121: Don’t send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with http.cookiejar.DefaultCookiePolicy policy.
Library
bpo-35121: Don’t set cookie for a request when the request path is a prefix match of the cookie’s path attribute but doesn’t end with “/”.
Python 3.4.10 release candidate 1
Security
bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758).
bpo-34791: The xml.sax and xml.dom.domreg no longer use environment variables to override parser implementations when sys.flags.ignore_environment is set by -E or -I arguments.
bpo-34623: CVE-2018-14647: The C accelerated _elementtree module now initializes hash randomization salt from _Py_HashSecret instead of libexpat’s default CSPRNG.
Library
bpo-33329: Fix multiprocessing regression on newer glibcs
Python 3.5.7 final
Security
bpo-36216: Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed.
bpo-35121: Don’t send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with http.cookiejar.DefaultCookiePolicy policy.
Library
bpo-35121: Don’t set cookie for a request when the request path is a prefix match of the cookie’s path attribute but doesn’t end with “/”.
Python 3.5.7 release candidate 1
Security
bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758).
bpo-34791: The xml.sax and xml.dom.domreg no longer use environment variables to override parser implementations when sys.flags.ignore_environment is set by -E or -I arguments.
bpo-34623: CVE-2018-14647: The C accelerated _elementtree module now initializes hash randomization salt from _Py_HashSecret instead of libexpat’s default CSPRNG.
Library
bpo-33329: Fix multiprocessing regression on newer glibcs
bpo-33127: The ssl module now compiles with LibreSSL 2.7.1.
Changes since previous version (2.2.0):
pkgsrc: use the included Makefile.cmdline to build duktape, rather
than custom command in pkgsrc Makefile. Don't assume ${CC} is gcc
while doing so
XXX - it looks like the ABI has changed (silently) from 2.2.0 without
a corresponding libtool version bump from upstream. caveat buildor
2.3.0 (2018-08-04)
+ When C++ exception support is enabled use a separate
duk_fatal_exception (inherits from std::runtime_error) to propagate
fatal errors (uncaught errors, assertions) out of Duktape when using
the default fatal error handler (GH-1915)
+ Update UnicodeData.txt and SpecialCasing.txt used for building
internal Unicode control data to Unicode version 10.0.0 (GH-1851)
+ Add support for Symbol.hasInstance (@@hasInstance) check for
'instanceof' operator and duk_instanceof() API call; also add
Symbol.hasInstance and Function.prototype[@@hasInstance] (GH-1821)
+ Add support for Symbol.toStringTag (@@toStringTag) in
Object.prototype.toString() (GH-1822)
+ Add support for Symbol.isConcatSpreadable (@@isConcatSpreadable) in
Array.prototype.concat() (GH-1823)
+ Add support for Symbol.toPrimitive (@@toPrimitive) in ToPrimitive()
internal algorithm and duk_to_primitive() API call (GH-1825)
+ Invoke Proxy 'has' trap in Array.prototype.concat() when inspecting
the elements of the Proxy target (GH-1823)
+ Remove DUK_USE_NONSTD_ARRAY_CONCAT_TRAILER because the underlying
ES5.1 specification "bug" was fixed in ES2015 (GH-1823)
+ Remove DUK_USE_NONSTD_ARRAY_MAP_TRAILER because ES5.0/ES5.1 behavior
actually did match the "non-standard" behavior provided by the option
(GH-1823)
+ Add duk_random() to allow C code access to the same random number
source as ECMAScript code (GH-1815)
+ Add duk_push_new_target() to allow C code to access new.target; at
present this is for completeness because without actual class support
it's only useful to detect constructor calls which can already be done
using duk_is_constructor_call() (GH-1745)
+ Add experimental API call variants for plain C literals, for example
duk_push_literal(ctx, "key") and duk_get_prop_literal(ctx,
"propname"), which allow e.g. better performance; calls added:
duk_push_literal(), duk_get_prop_literal(), duk_put_prop_literal(),
duk_has_prop_literal(), duk_del_prop_literal(),
duk_get_global_literal(), duk_put_global_literal() (GH-1805)
+ Add duk_get_global_heapptr() and duk_put_global_heapptr() for
completeness (GH-1805)
+ Automatically pin strings accessed using the C literal API call
variants such as duk_get_prop_literal(ctx, "propname") between
mark-and-sweep rounds to facilitate literal caching and to reduce
string table traffic; this behavior can be disabled by disabling
DUK_USE_LITCACHE_SIZE in configure.py (GH-1813)
+ Add a lookup cache for C literals to speed up string table lookups
when using API call variants such as duk_get_prop_literal(ctx,
"propname"); the cache relies on literals being pinned between
mark-and-sweep rounds, and can be disabled by disabling
DUK_USE_LITCACHE_SIZE in configure.py (GH-1813)
+ ES2015 Number constructor properties: EPSILON, MIN_SAFE_INTEGER,
MAX_SAFE_INTEGER, isFinite(), isInteger(), isNaN(), isSafeInteger(),
parseInt(), parseFloat() (GH-1756, GH-1761)
+ Assume only natural alignment (DUK_USE_ALIGN_BY=8) on all platforms
to minimize compiler assumptions regarding unaligned accesses (which
can be an issue even on x86); applications working with a low memory
target may want to force DUK_USE_ALIGN_BY in configuration (GH-1783,
GH-1784)
+ Base64 decoder is now more lenient for padding: accepts missing
padding ('Zm'), partial padding ('Zm='), standard padding ('Zm=='),
and extra padding ('Zm===' etc), also for concatenated documents
('Zm===Zm' decodes to 'ff' for example) (GH-1789)
+ Base64 encoder and decoder performance improvements for both fast
path and slow path variants (GH-1789)
+ Make base64 support optional and drop it from lowmem base
configuration; define DUK_USE_BASE64_SUPPORT to enable it (GH-1789)
+ Make hex support optional and drop it from lowmem base
configuration; define DUK_USE_BASE64_SUPPORT to enable it (GH-1789)
+ Add C++ name mangling wrappers (extern "C") for extras (GH-1780,
GH-1782)
+ Add a duk_uint64_t to duk_hbuffer_fixed forced alignment union trick
just in case double and uint64_t alignment requirements differ
(GH-1799)
+ Add a CBOR encoder/decoder as an extra (GH-1781, GH-1800, GH-1801)
+ Add a minimal ES2015 Promise polyfill into the distribution
(GH-1865)
+ Include <exception> only when compiling as C++ with C++ exception
support enabled (GH-1838, GH-1839)
+ Allow undefined timeout in eventloop example setTimeout() and
setInterval() bindings, minor cleanups and improvements (GH-1866,
GH-1879, GH-1884)
+ Revise Number.prototype.toFixed() 'this' binding and fractionDigits
argument validation order to match ES2015 where the 'this' binding is
validated first (GH-1887)
+ Add Makefile.jsoncbor to the distributable (GH-1885)
+ Makefile.sharedlibrary portability improvements (GH-1922, GH-1923)
+ Change spelling from ECMAScript to ECMAScript throughout the
internal source code; as far as external behavior is concerned this
only affects a few debug prints (GH-1894)
+ Fix NULL pointer dereference in error augmentation when
DUK_USE_TRACEBACKS was disabled (GH-1909)
+ Fix potential dangling pointer use in Duktape thread termination
handling; the dangling pointer could cause unsafe memory behavior
(GH-1845, GH-1868)
+ Fix performance.now() property attributes to 'wec' (earlier 'wc')
(GH-1821)
+ Fix debugger StepOver behavior when a tailcall happens in a nested
function (not the function where stepping started from) (GH-1786,
GH-1787)
+ Fix trailing single line comment handling for Function constructor;
new Function('return "foo" //') previously failed with SyntaxError
(GH-1757)
+ Fix some lexer bugs related to parsing in RegExp mode (interpret
leading '/' as part of a RegExp) or not (interpret '/' as division)
(GH-1779)
+ Fix DUK_BOOL_{MIN,MAX} defines for unsigned duk_bool_t (GH-1769)
+ Fix 'defined but not used' warning for Windows (GH-1775)
+ Fix potential uninitialized data use when Windows Date provider
FileTimeToSystemTime() or FileTimeToLocalFileTime() failed (GH-1953)
+ Fix some Clang warnings by avoiding undefined behavior by default,
define DUK_USE_ALLOW_UNDEFINED_BEHAVIOR to reduce the explicit
undefined behavior checks for better footprint/performance (GH-1777,
GH-1795, GH-1796, GH-1797, GH-1798)
+ Fix some compilation warnings triggered when DUK_NORETURN is not
defined; the internal DUK_WO_NORETURN() is used to include unreachable
dummy statements when the noreturn attribute is not available, e.g.
DUK_WO_NORETURN(return 0;); (GH-1790)
+ Fix a few casts in duk_trans_socket_windows.c to avoid errors in a
C++ build (GH-1773)
+ Fix harmless -Wcast-align warnings on armhf (GH-1793)
+ Various compiler warning fixes (GH-1788, GH-1932, GH-1924, GH-1950,
GH-1951, etc)
+ Add automatic workaround for union aliasing issues with FreeBSD +
-m32 + Clang prior to 5.0; the aliasing issues cause packed duk_tval
to work incorrectly (see
https://github.com/svaarala/duktape/blob/master/misc/clang_aliasing.c),
and the workaround is to use unpacked duk_tval prior to Clang 5.0
(GH-1764)
2.2.1 (2018-04-26)
+ Fix trailing single line comment handling for Function constructor;
new Function('return "foo" //') previously failed with SyntaxError
(GH-1757)
+ Fix DUK_BOOL_{MIN,MAX} defines for unsigned duk_bool_t (GH-1769)
+ Fix debugger StepOver behavior when a tailcall happens in a nested
function (not the function where stepping started from) (GH-1786,
GH-1787)
+ Fix potential dangling pointer use in Duktape thread termination
handling; the dangling pointer could cause unsafe memory behavior
(GH-1845, GH-1868)
Update ruby26{,-base} to 2.6.2.
Quote from release announce.
Ruby 2.6.2 (2019-03-13)
This release includes bug fixes and a security update of the bundled
RubyGems.
See details in Multiple vulnerabilities in RubyGems and the commit logs.
Update ruby25{,-base} to 2.5.5.
Quote from release announce:
Ruby 2.5.4 (2019-03-13)
This release includes bug fixes and a security update of the bundled
RubyGems. See details in Multiple vulnerabilities in RubyGems and the commit
logs.
Ruby 2.5.5 (2019-03-15)
This release includes a bug fix for the deadlock in the
multi-thread+multi-process (using Process.fork) applications (ex: puma).
go1.12.1 (released 2019/03/14) includes fixes to cgo, the compiler, the go
command, and the fmt, net/smtp, os, path/filepath, sync, and text/template
packages. See the Go 1.12.1 milestone on our issue tracker for details.
go1.11.6 (released 2019/03/14) includes fixes to cgo, the compiler, linker,
runtime, go command, and the crypto/x509, encoding/json, net, and net/url
packages. See the Go 1.11.6 milestone on our issue tracker for details.
- extract using gtar (hopefully more lenient than bsdtar)
- remove the files in question in post-extract
While here, re-add a PLIST.route conditional that was accidentally removed,
breaking the build on Linux (PR pkg/54054).
Add security patch for rubygems, fixing these problem.
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handlin
g
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
Since original patch included in official announce dose not cleanly applied to
Ruby 2.4.5, use a local version which drop patch to none existing test.
Bump PKGREVISION.
Add security patch for rubygems, fixing these problem.
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handlin
g
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
Since original patch included in official announce dose not cleanly applied to
Ruby 2.5.3, use a local version which drop patch to none existing test.
Bump PKGREVISION.
Add security patch for rubygems, fixing these problem.
* CVE-2019-8320: Delete directory using symlink when decompressing tar
* CVE-2019-8321: Escape sequence injection vulnerability in verbose
* CVE-2019-8322: Escape sequence injection vulnerability in gem owner
* CVE-2019-8323: Escape sequence injection vulnerability in API response handling
* CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
* CVE-2019-8325: Escape sequence injection vulnerability in errors
Bump PKGREVISION.
Some of the highlights include opt-in support for TLS 1.3, improved modules
support (in preparation for being the default in Go 1.13), support for
windows/arm, and improved macOS & iOS forwards compatibility.
See https://blog.golang.org/go1.12.
In pkgsrc, this is _not_ the default version for Go package builds just yet.
6.9.0:
FEATURES
* Time traveling installs using the --before flag.
* Add support for package aliases. This allows packages to be installed under a
different directory than the package name listed in package.json, and adds a
new dependency type to allow this to be done for registry dependencies.
* Always save package-lock.json when using --package-lock-only.
* Make empty-string run-scripts run successfully as a no-op.
* Match git semver ranges when flattening the tree.
* Re-enable updating local packages.
BUGFIXES
* Set modified to undefined in npm view when time is not available. This
fixes a bug where npm view would crash on certain third-party registries.
* Print out tar version in install.sh only when the flag is supported not all
the tar implementations support --version flag. This allows the install script
to work in OpenBSD, for example.
* Fix typo in error message for npm stars.
* Strip version info from pkg on E404. This improves the error messaging format.
DOCS
* Add npm add as alias to npm install in docs.
* Fix link to RFC 10 in the changelog.
* Describe exit codes in npm-audit docs.
Changes:
2.7.16
======
Documentation
-------------
- bpo-35035: Rename documentation for :mod:`email.utils` to
``email.utils.rst``.
- bpo-34967: Use app.add_object_type() instead of the deprecated Sphinx
function app.description_unit()
- bpo-13407: Add a note to :mod:`bz2` and :mod:`tarfile` stating that
handling of multi-stream bzip2 files is not supported.
- bpo-33503: Fix broken pypi link
PkgSrc changes:
* Make find_library() consitant for all Python versions:
- Fallback to clang, when gcc is not installed.
- Find libraries in PkgSrc prefix.
* Do not use -stack_size; it ends up in 'pythonNN-config --ldflags', and some
modules fail to build.
pkgsrc changes:
- Remove clx option. Bundled clx is no longer provided by ecl
Changes:
16.1.3
------
** Announcement
Dear Community,
After almost a year of development we are proud to present a new release of
ECL tagged with version =16.1.3=. All changes are backward compatible
fixing bugs and other issues, implementing new interfaces and cleaning up
the code base.
ECL manual has been updated in a few places. Work on a new documentation is
still pending. It is still incomplete, but you may check see it here:
https://common-lisp.net/project/ecl/static/ecldoc/.
Before this release we have performed extensive tests on various platforms
(Linux, FreeBSD, OpenBSD, NetBSD, OSX, Windows MSVC, Windows MinGW, Windows
Cygwin, Android and Haiku). For details please consult
https://gitlab.com/embeddable-common-lisp/ecl/issues/307. Extra attention
has been paid to Windows testing to improve that platform support.
Best regards,
ECL Development Team
** API changes
- Added better interface for package-locks.
Introduced functions:
=ext:package-locked-p package=
=ext:lock-package package=
=ext:unlock-package package=
=ext:without-package-locks=
=ext:with-unlocked-package=
To use these functions user has to require the module
#+BEGIN_SRC lisp
(require '#:package-locks)
#+END_SRC
=defpackage= accepts new option =lock= to allow locking package on
creation:
#+BEGIN_SRC lisp
(defpackage foo (:lock t))
#+END_SRC
- =mp:holding-lock-p=: introduce new function for multiprocessing. Function
verifies if lock is hold by the thread which calls the function. Usage:
=(mp:holding-lock-p my-lock)=.
- =make-random-state=: fix problem with simple-vectors. The correct
initialization types for =make-random-state= are: =(OR RANDOM-STATE
FIXNUM (MEMBER T NIL))=.
Initializing a random state with an appropriate array (element type and
arity dependent on platform) is also possible.
- =ext:random-state-array=: new extension for random-states. Usage:
=(ext:random-state-array random-state)=.
- =ext:terminate-process=: new extension for external processes. Usage:
=(ext:terminate-process process)= with a second, optional boolean
argument whenever termination should be forced or not.
** Enhancements
- Implemented =CDR-7=.
https://common-lisp.net/project/cdr/document/7/index.html
- implemented CDRs: =CDR-1=, =CDR-5=, =CDR-14=. Both =CDR-1= and =CDR-5=
were already implemented, CDR-14 made us to list them in =*features*=
(https://common-lisp.net/project/cdr/document/14/index.html).
- if ECL is build with =--with-cxx= option, =:CXX-CORE= is present in
=*features*=.
- deprecated configure option =--with-local-gmp= has been removed - use
=--enable-gmp= (defaults to auto).
- configure options has been revised.
- ASDF has been upgraded to version 3.1.7.26 (with a few patches scheduled
for 3.2.0).
- bundled CLX has been purged. Lately I've fixed ECL support on portable
CLX maintained by sharplispers on https://github.com/sharplispers/clx
(available via QuickLisp).
- initial port for the Haiku platform. The port is done by Kacper Kasper's
work, one of Haiku developers. Threads are not supported yet.
- refactored ECL internal tests framework. Tests in =src/tests= are now
asdf-loadable (with =load-source-op=) and divided into test suites. =make
check= target runs all regression and feature tests which aren't supposed
to fail.
- removed 15000 lines of obsolete code. Files not included in the
buildsystem but lingering in the codebase or options failing to
build. All info is added in the new documentation in the section "Removed
interfaces".
- improved man page and help output. Man page now contains up-to-date list
of flags, as well as explanation of flag's behavior.
- deprecated long flags with one dash, added two-dash version. Flags that
aren't one-character, but start with one dash (e.g. =-eval=) are now
deprecated; long version =--eval= was added instead.
- indented C/C++ code to follow emacs's gnu C style. This is a first step
towards coding standards in the documentation. Additionally all in the
src/c/ directory are listed in the appropraite documentation section
(new-doc).
- refactored =list_current_directory in unixfsys.d=. Function was
obfuscated with ifdefs with non-even pairs of =#\{= and =#\}=.
** Issues fixed
- ECL signals floating point exceptions in top-level console.
- =mp:rwlock= is treated as built-in class (previously process crashed if
=class-of= was called on such object).
- ECL builds now succesfully with =--with-ieee-fp=no= option.
- =ext:file-stream-fd=: doesn't cause an internal-error if called with
something not being a =file-stream= (signals a =SIMPLE-TYPE-ERROR=
condtition).
- =stable-sort=: bugfix and improvement in speed. Adapted from SBCL by
Diogo Franco.
- typep: accept =*= type specifier as abbreviation of =T= as described in
=2.4.3 Type Specifiers= of the specification.
- MOP: fix problemes when redefining non-standard and anonymous
classes. Bugs identified and fixed by Pascal Costanza.
- =getcwd=: fix issue with too long pathname. This fixes the regression,
which crashed ECL at start when pathname exceeded 128 characters limit.
- =make-random-state=: fix a problem with simple-vectors. Until now =#$=
reader macro accepted simple vectors as an argument, what lead to bugs if
vector didn't match specific requirements like the element type or the
arity. Now we sanitize this.
- =make-load-form=: provide implementation for random-state objects.
- thread fix on msvc: on windows importing thread was closing the thread
handler so the thread wakeup wasn't working because the handler is not
more valid.
- import thread wasn't set upping a proper environment: on some case the
thread was mistakenly thinking that the thread was already registered.
- =ECL_HANDLER_CASE= and =ECL_RESTART_CASE= didn't work as expected. Bug
identified and fixed by Vadim Penzin.
Version 10.15.2 'Dubnium' (LTS):
This is a security release. All Node.js users should consult the security release summary at:
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
A fix for the following CVE is included in this release:
Node.js: Slowloris HTTP Denial of Service with keep-alive (CVE-2019-5737)
Notable Changes
http: Further prevention of "Slowloris" attacks on HTTP and HTTPS connections by consistently applying the receive timeout set by server.headersTimeout to connections in keep-alive mode.
Allows us to drop all the local patches that were merged upstream.
lld is not a dependency, zig by default bundles lld and doesn't use
an external one. comment it.
Andrew Kelley (62):
Merge pull request #1975 from BenoitJGirard/master
Merge pull request #1963 from matthew-mcallister/dedup-compile-log-warning
Merge pull request #1972 from coypoop/netbsd
README: add NetBSD to support table
pull request fixups
Merge branch 'emekoi-fix-1711'
export _mh_execute_header with weak linkage
docs: note top level declarations are order-independent
docs: shadowing
zig fmt: fix infix operator before multiline string literal
add test for 74bdc1d1f898705
Merge branch 'kristate-zig-backport-issue1944'
remove --no-rosegment workaround now that valgrind bug is fixed
valgrind client requests for undefined values
Merge branch 'slice-deref-failure' of https://github.com/matthew-mcallister/zig into matthew-mcallister-slice-deref-failure
pull request fixups
Merge branch 'matthew-mcallister-slice-deref-failure'
deduplicate compile errors for undeclared identifiers
packed structs support comptime bitcasting
extern structs support comptime bitcasting
`@sliceToBytes` works at comptime
better handling of arrays in packed structs
better field access of types which have one possible value
fix `@bitCast` when src/dest types have mismatched handle_is_ptr
docs for packed structs
add regression test for bitcast to array
implement vector negation
better libc detection (#1996)
introduce std.debug.captureStackTrace
fix `zig fmt` arg0 handled incorrectly
add `zig cc` command to act like a C compiler
zig cc: remove "polly" which was an undefined symbol on macos
zig cc: work around clang calling GetCommandLine on Windows
Merge pull request #2003 from ziglang/zig-cc
first class support for compiling C code
building DLLs on Windows works better
`@cImport` works with `--cache on`
Merge pull request #2005 from ziglang/c-source
zig build: 2 improvements
fix infinite recursion in type_has_one_possible_value
delete incorrect TODO comment
add docs for zero bit types and pointers to zero bit types
fix not finding libgcc_s when looking for native libc
add a compile error note when C import fails and not linking libc
better error message when forgetting to link against libc
add a regression test for #704
fix incorrectly trying to memset at comptime
fix the libc compile error tests to only run on linux
use -nobuiltininc when compiling c code
use -nostdinc++ when compiling C code
use -nostdinc and sometimes -nolibc when compiling C code
breaking changes to the way targets work in zig
fix regressions on Windows
introduce sys_include_dir for when sys/* files are not with stdlib.h
add builder.addFmt API and use it to test stage1 zig fmt
fix .gitignore file and add commit missing std lib file
add test coverage for binary OR on error sets
add test coverage for type used as switch case
fix handling when there are multiple externs and
fix stage1 zig fmt on macos
improve docs for unions and switching on tagged unions
windows returns EINVAL for fopen when there is an asterisk in the name
Benoit Jauvin-Girard (1):
Fix std.math.powi so powi(x, +-0) = 1 for any x.
BenoitJGirard (2):
Merge pull request #1 from ziglang/master
Merge pull request #2 from ziglang/master
Jimmi HC (1):
Fixed std.testing.expectEqual
John Schmidt (2):
Some function doc tweaks (#1961)
Add priority queue
LemonBoy (4):
Silence gcc8 class-memaccess warnings
Add align attribute for params pointers
Translate parameterless C functions (#1978)
Prevent crash in tagged enums rendering (#1986)
Matthew McAllister (3):
Fix lvalue dereference type checking
Deduplicate compile log statement warnings
Check for duped error messages in compile tests
Maya Rashish (3):
Add NetBSD support
Undo local, unneeded patch
Don't provide a bogus definition of EVFILT_USER
Quetzal Bradley (1):
fix openWriteNoClobber and add test
emekoi (1):
make @enumToInt work on union(enum)
kristopher tate (1):
src/analyze.cpp: default to using `param_node` upon callconv error;
pkgsrc changes:
- Rename swi-prolog to swipl to follow upstream nomenclature
- Add all main packages (except X11) to swi-prolog-lite.
After CMake migration in order to generate the documentation and being able
to use it (e.g. via help/2) it is needed to add basic, archive, ssl and term
packages.
All X11 packages are provided by swi-prolog-packages.
- Adjust pkgsrc Makefile-s logic to upstream CMake migration:
o Uncoditionally disable not wanted packages in Makefile.common (to avoid
possible PLIST mismatches; please note that this will probably disable
tipc package on Linux!).
All other installed packages are enabled/disabled via
swi-prolog-{lite,packages,jpl} Makefile.
o Add libarchive, ossp-uuid and openssl build dependency to
swi-prolog-packages. Despite these are provided by swi-prolog-lite
they are needed as part of the build of swi-prolog-packages too.
o Remove no more needed logic to check and eventually start X server to
build documentation. Should address PR pkg/42047.
- Remove an unconditional CHECK_WRKREF_SKIP, this was needed on FreeBSD
but unfortunately it is not clear why. If this is still needed please let
me know in order to try to investigate further and address that.
- Bump API requirements to 8.0.1 in buildlink3.mk to be on the safe side
now that shared libraries are provided on all platforms.
Changes:
8.0.1
-----
Indexing on multiple arguments together, indexing inside compounds,
Mode-directed tabling, saved states using ZIP files, many deployment
enhancements. Moved build environment to CMake and removed most of
the build tool dependencies. Builds documentation along with the
binary.
Please note that this is just a short summary. Unfortunately the
complete changelog is very long, full changelog can be found at:
<http://www.swi-prolog.org/ChangeLog?branch=stable&from=7.6.4&to=8.0.1>
Changes:
---------------------------------------------------------------------
--- erts-10.2.4 -----------------------------------------------------
---------------------------------------------------------------------
--- Fixed Bugs and Malfunctions ---
OTP-14728 Application(s): erts
Related Id(s): ERIERL-303
When using the {linger,{true,T}} option;
gen_tcp:listen/2 used the full linger time before
returning for example eaddrinuse. This bug has now been
corrected.
---------------------------------------------------------------------
--- stdlib-3.7.1 ----------------------------------------------------
---------------------------------------------------------------------
--- Fixed Bugs and Malfunctions ---
OTP-15573 Application(s): stdlib
Related Id(s): ERIERL-306
Optimize pretty printing of terms. The slower behaviour
was introduced in Erlang/OTP 20.
0.3.4:
- Fix an f-string tokenizer error
0.3.3:
- Fix async errors in the diff parser
- A fix in iter_errors
- This is a very small bugfix release
0.3.2:
- 20+ bugfixes in the diff parser and 3 in the tokenizer
- A fuzzer for the diff parser, to give confidence that the diff parser is in a
good shape.
- Some bugfixes for f-string
New in 2018.12:
+ Fixes:
+ Fixed infiniloops with some set operators [99d94db4][9f5cc8d1]
+ Fixed regression in handling of `"1"..9` [d92b155c]
+ Fixed use of `Proxy` in a class attribute using
the `Attribute`.`get_value`/`set_value` interface [a5411e45]
+ Fixed semantics of `minpairs`/`maxpairs` (ignore undefined values) [7bf7a2c6]
+ Fixed error on `@a > 2` if `@a` is a native array
+ Fixed error reporting on initializing shaped array with
improperly shaped data [fd216fec]
+ Negative indexes on native arrays are now checked properly [dd2af90c]
+ Fixed use of uninitialized value in `IO::Notification` [83d0056b]
+ Enums can now have private methods mixed in [3c2cfb22]
+ Fixed resource content lookup for `Distribution::Path` [370310b3]
+ Fixed precompilation when cwd gets changed at run time [e2e5cc53]
+ Shared library versions are now ignored on OpenBSD [5603128e]
+ Many improvements to the JS backend [1865db0d][fdd249a3][194c84b9]
[1dd59f10][52c2af5d][8b13655c][2869a48b][cf5432ae][758caa89]
[e0b943d0][a759f9d7]
+ Various improvements to produced messages [869b9e58][abfb9a40]
[79824db5][55d08c8f][24c8e172]
+ Additions:
+ Added `Endian` enum and implemented new methods in `blob8`/`buf8`
for reading/writing native values [46d4c9fe][011c6f11][f66861dc]
[f0279313][b781f8cc][543219c9][77182713][06156a7c]
+ Added `Kernel.endian` [2a761ca7][af43b159]
+ Implemented `Blob.readint` / `Buf.writeint` [4f14d713][fecfb22d]
[5cc0e02d][79dd1c8e][ceaf7218][631940c7][38afa2d6][e7b61aff]
+ Added `.native-descriptor` for async sockets [a4db9139][2fd90b1e]
+ Added `.Real` method to native arrays [dd3f91a2]
+ Implemented `last` and `LAST` in `whenever` blocks [890d628a]
+ Efficiency:
+ Made `<$rx>` interpolation 1.05x as fast [62243cd9]
+ Made simple regex matches 1.05x as fast [01c56b48]
+ Other minor optimizations [93ea7ed1][a0cb89a7][adb85609][6c2f3c83]
+ Internal:
+ Introduced a more generally usable `X::ArrayShapeMismatch` error [dd030145]
+ Internal micro-optimizations [38bc682b][f18432ea]
Zig is an open-source programming language designed for robustness,
optimality, and clarity.
* Robust - behavior is correct even for edge cases such as out
of memory.
* Optimal - write programs the best way they can
behave and perform.
* Clear - precisely communicate your intent
to the compiler and other programmers. The language imposes a
low overhead to reading code.
+ add Debian compile/link flags to test-package.
+ cleanup spurious warnings from latest gcc.
+ changes for Original-Mawk #48:
+ add checks for stack overflow and underflow
+ increase stack limit to 1024
+ updated configure macros
+ update config.guess and config.sub
20161120
+ add runtime check for assignments to OFMT and CONVFMT to ensure
they use a single parameter (Original-Mawk #47).
+ repair build for --with-valgrind, broken in 20160930 const-fixes.
20161107
+ correct sign-extension from 20160615 change to rand() (report by
Christian Neukirchen).
20160930
+ optimize closes on regular expressions to filter out redundant
wildcards, fixing a special case leftover by changes in 20100224
(Original-Mawk #34).
+ add regular-expressions to the -Wdump option when using mawk's
built-in regular expressions.
+ fix a sign-extension in character-class parser (Original-Mawk #46).
+ minor optimizations.
+ improve use of const in tables.
20160927
+ allow single-quote as a flag in printf, to complete the change
for LC_NUMERIC in 20121129 (report by Graham Monteith).
+ revert one of the fixes made for a Coverity warning about loss of
precision in 20121209, which unnecessarily exposed a different
problem (Original-Mawk #45).
20160918
+ simplify "system()" function by calling C "system()" function, and
use POSIX macros for wait-status to provide a less-ambiguous return
value (suggested by Aharon Robbins).
+ add a null-pointer check in bi_mktime (patch by Ismael Luceno).
20160905
+ escape '/' in range for test/reg4.awk to allow test-comparison with
gawk and BWK.
+ updated configure macros, e.g., for compiler warnings and static
analysis:
+ CF_CC_ENV_FLAGS
+ CF_GNU_SOURCE
+ CF_PROG_LINT
+ CF_RAND
+ CF_XOPEN_SOURCE
+ minor build-fix for HPUX 11.11 "make", which is confused by the
recursive use of "make" in clean/distclean rules.
+ amend fix for Gentoo #424137 to eliminate a memory leak when opening
files (Original-Mawk #44).
+ update config.guess and config.sub
20160615
+ correct range when using system rand() function, which was 0..2
rather than 0..1 on BSD systems (report/patch by Masaki Waga).
20160313
+ correct order of checks for machine state in REtest which caused an
out-of-bounds reference (Original-Mawk #36).
20160226
+ update COPYING from
https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
(Original-Mawk #38).
+ minor updates to configure script macros
+ update config.guess and config.sub
Mypy 0.670:
New Feature: Variable Redefinition
Stubgen Improvements
Other Improvements
- Expand getting started docs to discuss type hints in more detail
- Always infer in operator as returning bool
- Allow star args in ctypes.Array constructor
- Fix plugin invocation for __call__ methods
- Implement the XDG directory spec for config files: $XDG_CONFIG_HOME/mypy/config is now included in the search path for config files
- When using the --junit-xml flag, the Python version and platform in the junit.xml file are now formatted as mypy-py3_6-windows — previously this was mypy-py3.6-windows but the dot was misinterpreted by some tools
- Update the typed_ast dependency to version 1.3.1; this means we now officially support Python 3.7
- Temporarily delete pyproject.toml from the repo in order to work around a pip bu g
- Include mypy_bootstrap.ini in PyPI packages
v6.8.0:
This release includes an implementation of [RFC 10], documenting an optional field that can be used to specify
the directory path for a package within a monorepo.
NEW FEATURES
* Update package.json docs to include repository.directory details.
BUGFIXES
* Add @types to ignore list to fix git clean -fd.
* Fix common.npm callback arguments.
* Show installed but unmet peer deps.
* Use figgy-config to make sure extra opts are there.
* Fix ls-collaborators access error for non-scoped case.
* Fix issue with sub-folder local references.
DEPENDENCY BUMPS
* npm-registry-couchapp@2.7.1
* npm-registry-fetch@3.9.0:
* Make sure publishing with legacy username:password _auth works again.
* pacote@9.4.1
* normalize-package-data@2.5.0
* npm-packlist@1.3.0
* read-package-tree@5.2.2
MISC
* Use const in lib/fetch-package-metadata.md.
* Replace ronn with marked-man in .npmignore.
* Reduce work to test if executable ends with a 'g'.
Changes:
---------------------------------------------------------------------
--- inets-7.0.5 -----------------------------------------------------
---------------------------------------------------------------------
The inets-7.0.5 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15554 Application(s): inets
Related Id(s): ERIERL-289
Fixed bug that causes a crash in http client when using
hostnames (e.g. localhost) with the the option
ipv6_host_with_brackets set to true.
This change also fixes a regression: httpc:request
fails with connection error (nxdomain) if option
ipv6_host_with_brackets set to true and host component
of the URI is an IPv6 address.
Full runtime dependencies of inets-7.0.5: erts-6.0, kernel-3.0,
mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
* Add commented-out settings for cross-building to aarch64--netbsd
* Add clang wrappers (ultimately I could not complete the target build for
aarch64/8.0 using clang, due to the build wanting libgcc_s, and its
non-presence there, and I could not decipher the build logic)
* I built i386--netbsd version 1.31.1, point to my version, since
it's not available from ryoon@ and appears to be required to build 1.32.0
* Bump powerpc--netbsd version to 1.32.0
* Add pointer to cross-built aarch64--netbsd version 1.32.0,
targeting 8.99.34, using gcc as the target compiler. Untested so far.
Fix broken package with previous commit.
* Make Archive_Tar to 1.4.5 which I have the distfile.
* Upload Archive_Tar-1.4.5.tgz to MASTER_SITE_LOCAL.
* Add patch to update Archive/Tar.php to 1.4.6 from GitHub.
No PKGREVISION bump since it was broken.
Changes:
---------------------------------------------------------------------
--- erts-10.2.3 -----------------------------------------------------
---------------------------------------------------------------------
Note! The erts-10.2.3 application can *not* be applied independently
of other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependencies have to be satisfied:
-- kernel-6.1 (first satisfied in OTP 21.1)
-- sasl-3.3 (first satisfied in OTP 21.2)
--- Fixed Bugs and Malfunctions ---
OTP-15536 Application(s): erts
Related Id(s): ERL-827
Fix bug where doing a gen_tcp:send on a socket with
delay_send set to true could cause a segfault if the
other side closes the connection.
Bug was introduced in erts-10.2 (OTP-21.2).
OTP-15537 Application(s): erts
Fix a race condition when a port program closes that
could result in the next started port to hang during
startup.
When this fault happens the following error is normally
(but not always) logged:
=ERROR REPORT==== 14-Jan-2019::10:45:52.868246 ===
Bad input fd in erts_poll()! fd=11, port=#Port<0.505>,
driver=spawn, name=/bin/sh -s unix:cmd
Bug was introduced in erts-10.0 (OTP-21.0).
OTP-15538 Application(s): erts
Related Id(s): ERIERL-229
Fix a bug where polling for external events could be
delayed for a very long time if all active schedulers
were 100% loaded.
Bug was introduced in erts-10.2 (OTP-21.2).
Full runtime dependencies of erts-10.2.3: kernel-6.1, sasl-3.3,
stdlib-3.5
---------------------------------------------------------------------
--- inets-7.0.4 -----------------------------------------------------
---------------------------------------------------------------------
The inets-7.0.4 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15544 Application(s): inets
Related Id(s): ERIERL-289
Make sure ipv6 addresses with brackets in URIs are
converted correctly before passing to lower level
functions like gen_tcp and ssl functions. Could cause
connection to fail.
Full runtime dependencies of inets-7.0.4: erts-6.0, kernel-3.0,
mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
This release addresses a recently supported security issue. This DoS
vulnerability in the crypto/elliptic implementations of the P-521 and P-384
elliptic curves may let an attacker craft inputs that consume excessive
amounts of CPU.
These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
key is reused more than once, the attack can also lead to key recovery.
The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
See the Go issue for more details.
This release addresses a recently supported security issue. This DoS
vulnerability in the crypto/elliptic implementations of the P-521 and P-384
elliptic curves may let an attacker craft inputs that consume excessive
amounts of CPU.
These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
key is reused more than once, the attack can also lead to key recovery.
The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
See the Go issue for more details.
v6.7.0:
Hey y'all! This is a quick hotfix release that includes some important fixes to npm@6.6.0 related to the large rewrite/refactor. We're tagging it as a feature release because the changes involve some minor new features, and semver is semver, but there's nothing major here.
NEW FEATURES
Improve usage errors to npm org commands and add optional filtering to npm org ls subcommand.
BUGFIXES
Fix default usage printout for npm org so you actually see how it's supposed to be used.
fix default usage message for npm hook
DOCS
Add manpage for npm org command.
DEPENDENCY BUMPS
Fall back to "fullfat" packuments on ETARGET errors. This will make it so that, when a package is published but the corgi follower hasn't caught up, users can still install a freshly-published package.
Fixes auth error for username/password legacy authentication.
Fixes issue with "cannot run in wd" errors for run-scripts.
Fixes issues with leaking signal-exit instances and file descriptors.
v6.6.0
REFACTORING OUT npm-REGISTRY-CLIENT
Today is an auspicious day! This release marks the end of a massive internal refactor to npm that means we finally got rid of the legacy npm-registry-client in favor of the shiny, new, window.fetch-like npm-registry-fetch.
Now, the installer had already done most of this work with the release of npm@5, but it turns out every other command still used the legacy client. This release updates all of those commands to use the new client, and while we're at it, adds a few extra goodies:
All OTP-requiring commands will now prompt. --otp is no longer required for dist-tag, access, et al.
We're starting to integrate a new config system which will eventually get extracted into a standalone package.
We now use libnpm for the API functionality of a lot of our commands! That means you can install a library if you want to write your own tooling around them.
There's now an npm org command for managing users in your org.
pacote now consumes npm-style configurations, instead of its own naming for various config vars. This will make it easier to load npm configs using libnpm.config and hand them directly to pacote.
NEW FEATURES
Make npm dist-tags the same as npm dist-tag ls.
Add support for IBM i.
Update profile to support new npm-profile API.
BUGFIXES
Fix support for passing git binary path config with --git.
Check for npm.config's existence in error-handler.js to prevent weird errors when failures happen before config object is loaded.
Fix checking for optional dependencies.
Remove tink experiments.
Handle git branch references correctly.
Report any errors above 400 as potentially not supporting audit.
Set default homepage to an empty string.
Fix npm-prefix description.
DOCS
Fix typo in npm-token documentation.
Correct docs for fake-registry interface.
Linux/i386 and SunOS/amd64 are not tested.
Changelog:
By default, the JDK on Linux or Solaris uses GTK+ 2 if available;
if not, it uses GTK+ 3.
Security fixes:
CVE-2019-2540
CVE-2018-11212
CVE-2019-2426
CVE-2019-2449
CVE-2019-2422
---------------------------------------------------------------------
--- compiler-7.3.1 --------------------------------------------------
---------------------------------------------------------------------
The compiler-7.3.1 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15501 Application(s): compiler
Related Id(s): ERL-514, ERL-807, OTP-14808
An optimization that avoided allocation of a stack
frame for some case expressions was introduced in OTP
21. (ERL-504/OTP-14808) It turns out that in rare
circumstances, this optimization is not safe.
Therefore, this optimization has been disabled.
A similar optimization will be included in OTP 22 in a
safe way.
Full runtime dependencies of compiler-7.3.1: crypto-3.6, erts-9.0,
hipe-3.12, kernel-4.0, stdlib-2.5
---------------------------------------------------------------------
--- erts-10.2.2 -----------------------------------------------------
---------------------------------------------------------------------
Note! The erts-10.2.2 application can *not* be applied independently
of other applications on an arbitrary OTP 21 installation.
On a full OTP 21 installation, also the following runtime
dependencies have to be satisfied:
-- kernel-6.1 (first satisfied in OTP 21.1)
-- sasl-3.3 (first satisfied in OTP 21.2)
--- Fixed Bugs and Malfunctions ---
OTP-15495 Application(s): erts
Related Id(s): ERL-821
Fixed a crash when dangling files were closed after
init:restart/0.
OTP-15509 Application(s): erts
Related Id(s): PR-2027, PR-2093
A bug that could cause dirty schedulers to become
unresponsive has been fixed.
Full runtime dependencies of erts-10.2.2: kernel-6.1, sasl-3.3,
stdlib-3.5
---------------------------------------------------------------------
--- ssl-9.1.2 -------------------------------------------------------
---------------------------------------------------------------------
The ssl-9.1.2 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15477 Application(s): ssl
Related Id(s): ERL-790
Fix encoding of the SRP extension length field in ssl.
The old encoding of the SRP extension length could
cause interoperability problems with third party SSL
implementations when SRP was used.
OTP-15504 Application(s): ssl
Related Id(s): ERL-371
Guarantee active once data delivery, handling TCP
stream properly.
OTP-15505 Application(s): ssl
Correct gen_statem returns for some error cases
Full runtime dependencies of ssl-9.1.2: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.5, stdlib-3.5
---------------------------------------------------------------------
--- xmerl-1.3.19 ----------------------------------------------------
---------------------------------------------------------------------
The xmerl-1.3.19 application can be applied independently of other
applications on a full OTP 21 installation.
--- Fixed Bugs and Malfunctions ---
OTP-15492 Application(s): xmerl
Related Id(s): ERIERL-283
The charset detection parsing crash in some cases when
the XML directive is not syntactic correct.
Full runtime dependencies of xmerl-1.3.19: erts-6.0, kernel-3.0,
stdlib-2.5
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
0.660:
- Literal Types
- Quick Mode Removed
- Plugin Improvements
* Add documentation for plugin system
* Make name lookup available to all plugin hooks
* Add more information to FunctionContext and MethodContext
- Other Improvements and Notable Bugs Fixed
* Introduce an optional sqlite backed incremental cache, enabled with --sqlite-cache
* Fix a daemon crash when there is a decode error
* Allow setting python_executable from config file
* Short-circuit if expression for always true/always false variables and MYPY/TYPE_CHECKING
* Don't map actual kwargs to formal *args
* Disable cache when producing reports
* Fix issues with pointer arrays in the ctypes plugin
* Support kw_only=True in the attrs plugin
* Fix some daemon crash bugs
* Better error messages when __eq__ has unexpected signature
* Collect additional timing stats and allow reporting them from the daemon
* Fix dmypy run when bad options passed to mypy
* Improve error messages from multiple inheritance compatibility checks
* Fix an incremental mode crash that can occur in situations with import cycles and star imports
6.0.15 - 2018-10-31
Added
* (Go) Executables are uploaded to GitHub releases.
Fixed
* Fix bug where leading tabs prevented parser from identifying keywords (#512
[VjacheslavVytjagov])
* [JavaScript] Fix JavaScript build (#499 noisygerman)
6.0.13 - 2018-09-25
This major release aligns Gherkin with Example Mapping, a collaborative
technique for designing scenarios and discovering details about rules and
behaviour.
A new Rule keyword has been introduced, and acts as a grouping of one or more
Examples - a new synonym for Scenario. The Scenario Outline keyword can now
be interchanged with the Scenario keyword, which makes Gherkin a little less
confusing, especially to beginners. These are the first major change to the
Gherkin grammar in 8 years or so, and we're pretty excited about them. We
hope they will guide people towards thinking of scenarios as examples of
business rules rather than a series of form submissions and link clicking.
This rule-focused style engages product owners, and can act as amazing living
documentation of your product. It opens up for the true benefits of BDD - a
business-friendly format for describing and agreeing on software behaviour,
and a guide to development. Developers will code against this spec, and
produce better (simpler) software faster. The software will do what it says
on the tin.
The new Gherkin grammar is backwards compatible, meaning that existing Gherkin
documents are still valid.
The library API however is not backwards compatible. It is now a stream-like
API which produces a stream of messages (source, AST and pickle messages).
Internally, each library shells out to a go executable (embedded in the
library for all major OSes and processor architectures), and communicates via
STDIN/STDOUT using protocol buffers. The rationale behind this architectural
change is to reduce the maintenance burden (a single parser rather than a
dozen), but also to make it quicker and easier to implement a Gherkin library
in a new language. Just generate some protobuf classes/structs and write a
small program that shells out and communicates using those messages.
Our preliminary benchmarks suggest that performance is comparable to the
native implementations, or better. There is a small hit in startup cost, but
this is offset against a higher throughput of the parser.
At the time of this writing Gherkin 6 is nearly integrated in Cucumber-JVM and
Cucumber-Ruby. Integration with Cucumber.js has not started and we would
really welcome some help with that.
The message protocol will continue to evolve to represent runtime information
such as results, parameter types, cucumber expressions and other metadata.
This will make it easier for the community to build plugins for Cucumber. One
HTML Gherkin formatter to rule them all. Statistic plugins and more.
Added
* (TypeScript) - Added TypeScript definitions (.d.ts) for Gherkin.
* Added Rule keyword (#250 aslakhellesoy)
* Added Example as synonym for Scenario in English and many other
languages. This is to align Gherkin with BDD and Example Mapping
terminology. (aslakhellesoy)
* Added Ukoliko as an additional synonym for Given, in Croatian. (#480 banovotz)
Changed
* (JavaScript,Java,Ruby) The native parsers are removed. Parsing is done by
gherkin-go executables which are bundled with the published
libraries. (aslakhellesoy, [jaysonesmith])
* (JavaScript,Java,Ruby,Go) Scenario keyword (or Example keyword) can be used
to create Scenario Outline. (#353 aslakhellesoy)
Removed
* (Java) OSGi support has been removed. (#412 aslakhellesoy)
Fixed
* (JavaScript) Fix ability to pass language to parser. (#401 charlierudolph)
As per the comment in the file, this needs to have a PKGREVISION one
greater than the corresponding gcc48 package for preferential selection
by packaging tools.
PowerPC (at least, the variants used on hardware typically supported by
pkgsrc) does not offer the gamut of hardware-backed atomic instructions
that relatively recent versions of SpiderMonkey demand. Fall back to
using GCC's libatomic, so this builds and runs on that architecture.
v6.5.0:
NEW FEATURES
Backronym npm ci to npm clean-install.
Adds 'Homepage' to outdated --long output.
BUGFIXES
Fix sign-git-commit options. They were previously totally wrong.
Set lowercase headers for npm audit requests.
Fix npm edit handling of scoped packages.
Make summary output for npm ci go to stdout, not stderr.
Close the file descriptor during publish if exiting upload via an error. This will prevent strange error messages when the upload fails and make sure
cleanup happens correctly.
