Security: Fixes CVE-2021-43798 directory traversal vulnerability.
Features and enhancements 8.3
Alerting: Prevent folders from being deleted when they contain alerts.
Alerting: Show full preview value in tooltip.
BarGauge: Limit title width when name is really long.
CloudMonitoring: Avoid to escape regexps in filters.
CloudWatch: Add support for AWS Metric Insights.
TooltipPlugin: Remove other panels' shared tooltip in edit panel.
Visualizations: Limit y label width to 40% of visualization width.
Features and enhancements 8.2
AWS: Updated AWS authentication documentation.
Alerting: Added support Alertmanager data source for upstream Prometheus AM implementation.
Alerting: Allows more characters in label names so notifications are sent.
Alerting: Get alert rules for a dashboard or a panel using /api/v1/rules endpoints.
Annotations: Improved rendering performance of event markers.
CloudWatch Logs: Skip caching for log queries.
Explore: Added an opt-in configuration for Node Graph in Jaeger, Zipkin, and Tempo.
Packaging: Add stricter systemd unit options.
Prometheus: Metrics browser can now handle label values with special characters.
Wire is a code generation tool that automates connecting components using
dependency injection. Dependencies between components are represented in
Wire as function parameters, encouraging explicit initialization instead of
global variables. Because Wire operates without runtime state or reflection,
code written to be used with Wire is useful even for hand-written
initialization.
packaged because it is a build dependency for www/grafana starting from 8.2
---------------------------------------------------------------------------
2.0.18:
---------------------------------------------------------------------------
General:
* The SDL wiki documentation and development headers are automatically
kept in sync
* Each function has information about in which version of SDL it
was introduced
* Added the hint SDL_HINT_APP_NAME to let SDL know the name of your
application for various places it might show up in system information
* Added SDL_RenderGeometry() and SDL_RenderGeometryRaw() to allow
rendering of arbitrary shapes using the SDL 2D render API
* Added SDL_SetTextureUserData() and SDL_GetTextureUserData() to
associate application data with an SDL texture
* Added SDL_RenderWindowToLogical() and SDL_RenderLogicalToWindow()
to convert between window coordinates and logical render coordinates
* Added SDL_RenderSetVSync() to change whether a renderer present
is synchronized with vblank at runtime
* Added SDL_PremultiplyAlpha() to premultiply alpha on a block of
SDL_PIXELFORMAT_ARGB8888 pixels
* Added a window event SDL_WINDOWEVENT_DISPLAY_CHANGED which is
sent when a window changes what display it's centered on
* Added SDL_GetWindowICCProfile() to query a window's ICC profile,
and a window event SDL_WINDOWEVENT_ICCPROF_CHANGED that is sent
when it changes
* Added the hint SDL_HINT_VIDEO_EGL_ALLOW_TRANSPARENCY to allow
EGL windows to be transparent instead of opaque
* SDL_WaitEvent() has been redesigned to use less CPU in most cases
* Added SDL_SetWindowMouseRect() and SDL_GetWindowMouseRect() to
confine the mouse cursor to an area of a window
* You can now read precise mouse wheel motion using 'preciseX' and
'preciseY' event fields
* Added SDL_GameControllerHasRumble() and
SDL_GameControllerHasRumbleTriggers() to query whether a game
controller supports rumble
* Added SDL_JoystickHasRumble() and SDL_JoystickHasRumbleTriggers()
to query whether a joystick supports rumble
* SDL's hidapi implementation is now available as a public API in
SDL_hidapi.h
Linux:
* Added the hint SDL_HINT_SCREENSAVER_INHIBIT_ACTIVITY_NAME to set
the activity that's displayed by the system when the screensaver
is disabled
* Added the hint SDL_HINT_LINUX_JOYSTICK_CLASSIC to control whether
/dev/input/js* or /dev/input/event* are used as joystick devices
* Added the hint SDL_HINT_JOYSTICK_DEVICE to allow the user to
specify devices that will be opened in addition to the normal
joystick detection
* Added SDL_LinuxSetThreadPriorityAndPolicy() for more control over
a thread priority on Linux
## [1.1.0]
### Added
* CLI: The `--path <PATH>` flag has been added, allowing users to limit
dependency discovery to one or more paths (specified separately)
when `pip-audit` is invoked in environment mode
([#148](https://github.com/trailofbits/pip-audit/pull/148))
* CLI: The `pip-audit` CLI can now be accessed through `python -m pip_audit`.
All functionality is identical to the functionality provided by the
`pip-audit` entrypoint
([#173](https://github.com/trailofbits/pip-audit/pull/173))
* CLI: The `--verbose` flag has been added, allowing users to receive more
more verbose output from `pip-audit`. Supplying the `--verbose` flag
overrides the `PIP_AUDIT_LOGLEVEL` environment variable and is equivalent to
setting it to `debug`
([#185](https://github.com/trailofbits/pip-audit/pull/185))
### Changed
* CLI: `pip-audit` now clears its spinner bar from the terminal upon
completion, preventing visual confusion
([#174](https://github.com/trailofbits/pip-audit/pull/174))
### Fixed
* Dependency sources: a crash caused by `platform.python_version` returning
an version string that couldn't be parsed as a PEP-440 version was fixed
([#175](https://github.com/trailofbits/pip-audit/pull/175))
* Dependency sources: a crash caused by incorrect assumptions about
the structure of source distributions was fixed
([#166](https://github.com/trailofbits/pip-audit/pull/166))
* Vulnerability sources: a performance issue on Windows caused by cache failures
was fixed ([#178](https://github.com/trailofbits/pip-audit/pull/178))
## [1.0.1] - 2021-12-02
### Fixed
* CLI: The `--desc` flag no longer requires a following argument. If passed
as a bare option, `--desc` is equivalent to `--desc on`
([#153](https://github.com/trailofbits/pip-audit/pull/153))
* Dependency resolution: The PyPI-based dependency resolver no longer throws
an uncaught exception on package resolution errors; instead, the package
is marked as skipped and an appropriate warning or fatal error (in
`--strict` mode) is produced
([#162](https://github.com/trailofbits/pip-audit/pull/162))
* CLI: When providing the `--cache-dir` flag, the command to read the pip cache
directory is no longer executed. Previously this was always executed and
could result into failure when the command fails. In CI environments, the
default `~/.cache` directory is typically not writable by the build user and
this meant that the `python -m pip cache dir` would fail before this fix,
even if the `--cache-dir` flag was provided.
([#161](https://github.com/trailofbits/pip-audit/pull/161))
## [1.0.0] - 2021-12-01
### Added
* This is the first stable release of `pip-audit`! The CLI is considered
stable from this point on, and all changes will comply with
[Semantic Versioning](https://semver.org/)
## [0.0.9] - 2021-12-01
### Added
* CLI: Skipped dependencies are now listed in the output of `pip-audit`,
for supporting output formats
([#145](https://github.com/trailofbits/pip-audit/pull/145))
* CLI: `pip-audit` now supports a "strict" mode (enabled with `-S` or
`--strict`) that fails if the audit if any individual dependency cannot be
resolved or audited. The default behavior is still to skip any individual
dependency errors ([#146](https://github.com/trailofbits/pip-audit/pull/146))
0.0.26
----------------------------------------------
- Pass PIP_DISABLE_PIP_VERSION_CHECK to all invocations (#114)
0.0.25
----------------------------------------------
- Support the --path parameter when calling pip list (#112)
0.0.24
----------------------------------------------
- Add support for parsing URL requirements (#109)
- Test against pip 21.3.1
2.3.2 (November 16, 2021)
-------------------------
Fix the generation of man pages, so that installation-dependent paths are
correctly inserted.
Improve error reporting when enchant-lsmod cannot open a dictionary for a
given language, in particular with the Aspell backend.
Fix compilation on MingW.
Some minor code cleanup.
open-vm-tools 11.3.5
For issues resolved in this release, see Resolved Issues section.
Added a configurable logging capability to the network script.
The network script has been updated to:
use vmware-toolbox-cmd to query any network logging configuration from the tools.conf file.
use vmtoolsd --cmd "log ..." to log a message to the vmx logfile when the logging handler is configured to "vmx" or when the logfile is full or is not writeable.
The hgfsmounter (mount.vmhgfs) command has been removed from open-vm-tools.
The hgfsmounter (mount.vmhgfs) command is no longer used in Linux open-vm-tools. It has been replaced by hgfs-fuse. Therefore, removing all references to the hgfsmounter in Linux builds.
Open-vm-tools 11.3.0
A small command line tool, vmwgfxctrl, has been added to open-vm-tools for Linux that can be used to control various aspects of the vmwgfx Linux kernel module. Currently it can both display and set the current topology of the vmwgfx kernel driver. It is useful when trying to configure custom resolutions on recent Linux distributions, including multi-monitor setups.
A command line tool, vmware-alias-import, has been added to open-vm-tools that can be used to import vgauth config data and apply it to the running vgauth service.
0.34 (2021/11/30)
* add commands "albumart", "readpicture"
* don't print status after error
* custom status format
* support grouping "list" results
* meson: auto-build libmpdclient if not available
* require libmpdclient 2.16 or newer
* require MPD 0.21 or newer
dpkg (1.21.1) unstable; urgency=medium
[ Guillem Jover ]
* dpkg-buildpackage: Remove duplicate command print for dpkg-genchanges.
* dpkg-buildpackage: Fix build description due to improper multiline match.
* dpkg-realpath: Remove spurious heading space from --help output.
* update-alternatives: When initializing admindir from DPKG_ADMINDIR append
"/alternatives".
* Code internals:
- Remove <ar.h> inclusions.
* Packaging:
- Install deb-md5sums(5) into dpkg-dev package.
dpkg (1.21.0) unstable; urgency=medium
[ Guillem Jover ]
* dpkg-genchanges: Include orig tarball on source package renames.
* scripts: Consider SHA-1 and RIPEMD-160 weak algorithms in OpenPGP
signatures.
* dpkg: During unpack print a removal message due to Conflicts.
* scripts: Add zsh completions for dpkg-parsechangelog.
* dpkg-buildpackage: When printing build type match the extension exactly.
* dpkg-maintscript-helper: Use xargs -I argument instead of deprecated -i.
* dpkg-maintscript-helper: Quote variable inside ${} to avoid pattern match.
* libdpkg: Fix dpkg_fsys_get_path() to always strip leading / and ./.
* libdpkg: Set the default database directory relative to the system root.
* dpkg-divert, dpkg-statoverride: Set admindir after instdir.
* update-alternatives: Fix admindir setting.
Prompted by Johannes Schauer Marin Rodrigues <josch@debian.org>.
* dselect: Honor DPKG_ADMINDIR environment variable.
* dpkg-query, dpkg-trigger, dselect: Add support for setting the root
directory.
* dpkg-fsys-usrunmess: Move forced reconfiguration to the last step.
* dpkg-fsys-usrunmess: Install a local policy-rc.d to ignore service
restarts.
* dpkg-fsys-usrunmess: Do not fail when removing lingering directories.
* dpkg-fsys-usrunmess: Generate a regression prevention package.
* dpkg-fsys-usrunmess: Fix typo in debug message.
* dpkg: Distinguish deconfiguration message for installation and multi-arch
syncs.
* dpkg-buildpackage: Add new --changes-file option.
Prompted by Niels Thykier <niels@thykier.net>.
* dpkg-buildpackage: Add new --buildinfo-file option.
* dpkg: Rework --assert-<feature> logic to be more robust.
Prompted by Helmut Grohne <helmut@subdivi.de>.
Prompted by David Kalnischkies <donkult@debian.org>.
* dpkg: Improve --assert-<feature> descriptions.
* dpkg: Add a new --assert-help option.
* scripts/mk: Pass DEB_BUILD_PATH to dpkg-buildflags.
* dpkg-db-backup: New program factored out from Debian-specific daily cron.
* dpkg-db-backup: Accept an option to override the number of rotation cycles.
* dpkg-db-backup: Honor the admindir set at configure time.
* update-alternatives: Fix --auto and --set-selections output progress.
* update-alternatives: Print defaults for configuration and database
pathnames.
* scripts: Replace shebang in dpkg-error shell library with shellcheck
directive.
* dpkg-buildpackage: Add support for terse DEB_BUILD_OPTIONS.
* dpkg-mergechangelogs: Add new --merge-unreleased option.
* dpkg: Restore fallback to "new-prerm failed-upgrade" for downgrades.
* dselect: Use safe temporary file creation in methods setup.
* dselect: Remove bashism from update script in multicd method.
* dpkg: Fix --verify to handle missing or inaccessible pathnames.
* dpkg: Add partial --verify support for mode checks.
* Use «digest» instead of «hash» in output messages.
Reported by Sven Joachim <svenjoac@gmx.de>.
* dselect: use `grep -E` instead of `egrep`.
* libdpkg: Fix memory leak on End Of Tape condition in tar parser.
* dpkg: Fix short lived memory leak with --recursive.
* dpkg: Fix conffile removal-on-upgrade handling.
* dpkg-deb: Fix conffile name length tracking on remove-on-upgrade parsing.
Reported by uau on IRC.
* Architecture support:
- Clarify that the regex columns need to be ordered to match first.
- Add support for ARCv2 CPU.
Based on a patch by Alexey Brodkin <Alexey.Brodkin@synopsys.com>.
* Portability:
- start-stop-daemon: Define SOCK_NONBLOCK to 0 if not defined.
- libdpkg: Add support for AIX to dpkg_get_progname().
* Perl modules:
- Dpkg::Source::Quilt: Add hint to check missing files on patch apply
failures.
Reported by Joseph Nahmias <jello@debian.org>.
- Dpkg::Changelog::Parse: Require format plugins to inherit from
Dpkg::Changelog.
- Dpkg::OpenPGP: Refactor openpgp implementation execution into a new
function.
- Dpkg::Vendor::Debian: Refactor compiler flag names into an array.
- Dpkg::Vendor::Debian: Add new lto feature in new optimize area.
- Test::Dpkg: Print actual error messages in test_neutralize_checksums().
- Dpkg::Deps: Use current_sub feature for __SUB__.
- Dpkg::BuildFlags: Add support for ASFLAGS.
See https://salsa.debian.org/debian/debhelper/-/merge_requests/50.
- Dpkg::Compression: Use gzip --rsyncable unconditionally.
- Dpkg::Changelog::Entry::Debian: Fix full month misuse warning.
- Dpkg::Shlibs::Symbol: Emit a warning on fully qualified symver patterns.
- Dpkg::Control::HashCore: Add new keep_duplicate option.
- Dpkg::Control::FieldsCore: Add new field_parse_binary_source().
- Dpkg::Control::FieldsCore: Fix types allowed for
field_parse_binary_source().
- Dpkg::Shlibs::Objdump: Fix apply_relocations to work with versioned
symbols.
- Dpkg::Vendor::Ubuntu: Update Maintainer field logic to include
“canonical”.
- Dpkg::Source::Package::V2: Add hint about version matching source tree.
* Documentation:
- man: Itemize dpkg-gensymbols -c levels.
- man: Add man page for deb-md5sums(5).
Reported by Maxim Cournoyer (on IRC).
- man: Switch the Architecture field in deb-control(5) to required.
Reported by Maxim Cournoyer (on IRC).
- man: Make clear that dpkg-query arguments accept multiple values.
- man: Document dpkg-query --search and --listfiles output formats.
- doc: Fix incorrect use of ‘an’ article.
- doc: Update coding style to document POD instead of troff.
- doc: Update THANKS file.
- doc: Annotate current maintainer start year.
- doc: Sort maintenance information chronologically.
- man: Add versions since features where introduced.
- man: Further clarify when re-inclusions of excluded pathnames happen.
- doc: Update Doxygen configuration from version 1.9.1.
- doc: Improve description of dpkg suite.
Prompted by Fabrice Bauzac-Stehly <noon@mykolab.com>.
- man: Add a reference to where the Installed-Size algorithm is described.
- man: Improve dpkg --verify-format rpm format documentation.
- man: Document in deb-substvars(5) what ${} is good for.
Prompted by Paul Wise <pabs@debian.org>.
- man: Document in dpkg-architecture(1) target being useful for emulators
too. Prompted by Helmut Grohne <helmut@subdivi.de>.
- man: Document in dpkg-query(1) full --search and --listfiles output
format. Prompted by Johannes Schauer Marin Rodrigues <josch@debian.org>.
* Code internals:
- Remove irrelevant or obsolete FIXME markers.
- Turn FIXME markers denoting pending actions into TODO markers.
- Turn FIXME markers giving historic information into simple Notes.
- update-alternatives: Turn FIXME for explicit behavior choice into an XXX.
- Use localtime_r() instead of localtime().
- libdpkg: Remove MDEBUG support from m_malloc() implementation.
- libdpkg: Mark dpkg_arch_unmark() arch_remove argument as const.
- libdpkg: Mark treewalk_open() func argument as const.
- dpkg: Mark ignore_depends() pkg argument as const.
- dpkg: Mark deb_parse_conffiles() pkg argument as const.
- libcompat: Remove local setexecfilecon() and require libselinux 2.3.
- libdpkg: Add missing DPKG_{BEGIN,END}_DECLS in header files.
- dpkg: Move SE Linux function declarations into its own header file.
- dpkg: Move the command action enum to its own header file.
- dpkg: Switch from including "main.h" to "force.h".
- dselect: Rename dme() to display_menu_entry().
- dpkg: Split function handling deconfiguration due to install and removal.
- libdpkg: Add new ACTION_MUX macro for continued options.
- dpkg: Refactor --assert-<feature> handling to be data driven.
- dpkg-fsys-usrunmess: Do not use interpolated strings for literals.
- dpkg-db-backup: Add a license header comment.
* Build system:
- Fallback to $^X and 'perl' if $Config{perlpath} is unset or empty.
- Bump minimal Perl version to 5.28.1.
- Remove redundant localedir and pkgconfdir initializations.
- Check for libsocket.
- Do not set have_libmd on the found branch in AC_SEARCH_LIBS.
- Switch DPKG_FUNC_C99_SNPRINTF from AC_LANG_SOURCE to AC_LANG_PROGRAM.
- Check whether fsync(3) works on directories.
- Remove obsolete AC_HEADER_STDC.
- Detect appropriate sed program at configure time.
- Rename DPKG_DEB_PROG_TAR to DPKG_PROG_TAR.
- Parametrize the backups directory with a configure option.
- Add a check for symlinks in the git repository.
- Rename shell scripts to .sh.
- Switch from hardcoded /run to parametrized runstatedir.
- Use new Dpkg::Control keep_duplicate option in gen-changelog.
- Use title-case for field in gen-changelog.
- Execute run-script via CONFIG_SHELL.
Reported by Larkin Nickle <me@larbob.org>.
- Quote variables containing pathnames in m4 macros.
- Add support for commit message fix up machinery in gen-changelog.
* Packaging:
- Use absolute pathnames in .install debhelper fragments.
- Remove unused dh_installcron call for arch-indep targets.
- Add support for a native systemd timer.
- Create auotpkgtest installation directory.
- Bump Standards-Version to 4.6.0 (no changes needed).
* Test suite:
- Pass --ignore-builtin-builddeps to dpkg-buildpackage.
- Use can_run() instead of find_command().
- Add descriptions to makefile test runners.
- Add unit tests for architecture bijective mapping property.
- Suppress cppcheck constParameter check.
- Suppress bogus cppcheck for nullPointerRedundantCheck.
- Mark external sourced shell files for checking.
- Ignore new shellcheck checks.
- Remove shipped dpkg database.
- Add re-inclusion of symlink case to t-filtering.
- Generate symlink during test build time.
- Remove superfluous long filename.
- Refactor parse_ctrl() from parse_dsc().
- Update codespell stopwords.
2021-12-04:
Update version number.
2021-10-04:
Consistently use semicolons after DOUBLE_CONVERSION_ASSERT.
2021-07-16:
Fix spelling.
2021-05-19:
Loongarch is a RISC-style command system architecture.
Add support for loongarch architecture.
This CycloneDX module for Python can generate valid CycloneDX
bill-of-material document containing an aggregate of all project
dependencies.
This module is not designed for standalone use.
This project provides a runnable Python-based application for
generating CycloneDX bill-of-material documents from either:
* Your current Python Environment
* Your project's manifest (e.g. Pipfile.lock, poetry.lock or
requirements.txt)
* Conda as a Package Manager
The BOM will contain an aggregate of all your current project's
dependencies, or those defined by the manifest you supply.
CycloneDX is a lightweight BOM specification that is easily created,
human-readable, and simple to parse.
This is a PEP 561 type stub package for the toml package. It can
be used by type-checking tools like mypy, PyCharm, pytype etc. to
check code that uses toml.
This is a PEP 561 type stub package for the setuptools package. It
can be used by type-checking tools like mypy, PyCharm, pytype etc.
to check code that uses setuptools.
This release contains bug fixes plus a number of additional features. A
summary is below. See git for the full changelog.
Thanks to everyone who contributed to this release.
Bugs fixed in version 0.81
- info complete - return 0 if the script is missing an end quote
- sqlite3 - return integers as 64 bit values, not 32 bit
Features and improvements added in version 0.81
- New redis client extension
- expr - TIP 582 - support comments in expressions
- Many commands now accept “safe” integer expressions rather than simple
integers: loop, range, incr, string repeat, lrepeat, pack, unpack, rand
- string and list indexes now accept “safe” integer expressions
- loop can now omit the start value
- New xtrace command for execution trace support
- Add history keep
- Add support for lsearch -index and lsearch -stride, the latter per TIP 351
- lsort -index now supports multiple indices
- Add support for lsort -stride
- open now supports POSIX-style access arguments
- sdl extension now supports SDL2, and basic text support is added as well
as polling support
- ABI version checking is now available to allow dynamic modules to verify
they are loaded into a compatible interpreter
Possible incompatibilities in version 0.81
- If the --compat configure option is not set, expr now only allows a single
argument (per TIP 526)
2.3.17.1:
- dsync: Add back accidentically removed parameters.
- lib-ssl-iostream: Fix assert-crash when OpenSSL returned syscall error
without errno.
- master: Dovecot failed to start if ssl_ca was too large.
2.66.2 (stable):
Glib, Gio:
* Replace all g_quark_from_static_string() by g_quark_from_string()
Gio:
* FileEnumerator: Remove refreturn to avoid memory leak
* ListModel::get_object(): Make it work for interface classes
Build:
* MSVC build: Remove extraneous GLIBMM_API in Glib::ustring
