BSD Commit Log Search

sysutils/logstash93: New port version 9.3.1

Server-side data ingestion and transformation tool (9.3.x version).

Release Notes:
https://www.elastic.co/docs/release-notes/logstash#logstash-9.3.1-release-notes

PR:             293760
Approved by:    elastic (maintainer, implicit - inactive for more than 6 months)
Co-authored-by: Vladimir Druzenko <vvd at FreeBSD.org>

sysutils/logstash93: Repo copy from sysutils/logstash92

PR:             293760
Approved by:    elastic (maintainer, implicit - inactive for more than 6 months)

sysutils/logstash92: Update 9.2.3 => 9.2.6

Release Notes:
https://www.elastic.co/docs/release-notes/logstash#logstash-9.2.6-release-notes

Improve port:
- Replace PORTVERSION with DISTVERSION.
- Add LOCAL/vvd/elastic to MASTER_SITES for those who can't download due
  to the HTTP error "Forbidden 403".
- Sort USES.
- Adjust JAVA_VERSION to supported LTS 25, 21 and 17.
- Parametrize "logstash" with "${PORTNAME}".
- Adjust CONFLICTS.
- Fix warnings from portclippy.
- Add possibility to use custom user/group.
- Replace RM of bundled JDK and *.bat files with
  EXTRACT_AFTER_ARGS=--exclude.
- Merge CHMODs.
- Replace %%PREFIX%% with %%LOCALBASE%% in rc.d script - bash installed

    [5 lines not shown]

sysutils/logstash91: Update 9.1.9 => 9.1.10

Release Notes:
https://www.elastic.co/docs/release-notes/logstash#logstash-9.1.10-release-notes

Improve port:
- Replace PORTVERSION with DISTVERSION.
- Add LOCAL/vvd/elastic to MASTER_SITES for those who can't download due
  to the HTTP error "Forbidden 403".
- Sort USES.
- Adjust JAVA_VERSION to supported LTS 25, 21 and 17.
- Parametrize "logstash" with "${PORTNAME}".
- Adjust CONFLICTS.
- Fix warnings from portclippy.
- Add possibility to use custom user/group.
- Replace RM of bundled JDK and *.bat files with
  EXTRACT_AFTER_ARGS=--exclude.
- Merge CHMODs.
- Replace %%PREFIX%% with %%LOCALBASE%% in rc.d script - bash installed

    [5 lines not shown]

x11/libX11: update: 1.8.12 -> 1.8.13

<ChangeLog>

 * Ignore XkbMapNotify events that don't belong to the core keyboard (!293)
 * xkb: Fix invalid level names count for key types without level names (!292)
 * xkb: Fix default key types (!292)
 * Drop vestiges of OS/2 support (!291)
 * xkb: fix include of config.h and drop unused DEBUG check (!290)
 * xcb_io: fix build with configure --disable-xthreads (#232, !289)
 * Improve man page formatting (!286)
 * imDefIc: Clear fabricated state on unfocus. (!283)
 * Avoid memory leak in XKeysymToString (!282)

</ChangeLog>

PR:             293045
Exp-run by:     antoine
Approved by:    x11 (maintainer, timeout >2 weeks)

    [2 lines not shown]

databases/cego: update 2.54.9 -> 2.54.16

- rework tableset verification procedure
- removed logback.xml to avoid logging side effects
- Added admin command "verify locks" to perform a test aquire
  of all lock manager locks read and write
- Fix CegoQueryHelper::maxFieldSize.
  The returned size must be at least MAX_NULL_LEN
- CegoTableManager::checkBTreeIntegrity support for allowDuplicateNull
  feature ( multiple null values in unique btree )
- CegoLockHandler, check for unlock methods to check for lockId == 0
- Completed verify locks command with missing pool, querycache, tablecache,
  db and xml locks
- CegoClient: query abort via interrupt character fixed

audio/subtui: Update to 2.11.1

Changelog: https://github.com/MattiaPun/SubTUI/releases/tag/v2.11.1

devel/heimdall: fix flashing on some samung tablet

Heimdall sends at some empty OUT transfers (as for the ODIN protocol)
with a 100ms timeou. The device is busy writing on the flash at that
point and NACKs OUT tokens for more than 100ms. The result is the empty
transfers times out. and since this is a required ODIN protocol marker,
the transfers fails.

Make sure those empty out transfers get a longer timeout.

security/kanidm: Update to 1.9.2

ChangeLog: https://github.com/kanidm/kanidm/releases/tag/v1.9.2

Approved by:    bofh@ (implicit)

security/openssl35: Security update for CVE-2026-2673

Security:       ee1e6a24-1eeb-11f1-81da-8447094a420f

devel/nextpnr-devel: Update to 2026-03-12

www/freenginx-acme: fix a group name used for freenginx

While I'm here, make portlint(1) happy.

PR:             293781
Sponsored by:   tipi.work

sysutils/logstash8: Update 8.19.9 => 8.19.12

Release Notes:
https://www.elastic.co/guide/en/logstash/8.19/logstash-8-19-10.html
https://www.elastic.co/guide/en/logstash/8.19/logstash-8-19-11.html
https://www.elastic.co/guide/en/logstash/8.19/logstash-8-19-12.html

Improve port:
- Replace PORTVERSION with DISTVERSION.
- Add LOCAL/vvd/elastic to MASTER_SITES for those who can't download due
  to the HTTP error "Forbidden 403".
- Sort USES.
- Adjust JAVA_VERSION to supported LTS 25, 21 and 17.
- Parametrize "logstash" with "${PORTNAME}".
- Adjust CONFLICTS.
- Fix warnings from portclippy.
- Add possibility to use custom user/group.
- Replace RM of bundled JDK and *.bat files with
  EXTRACT_AFTER_ARGS=--exclude.

    [5 lines not shown]

devel/nextpnr: Update to 0.10

Changelog: https://github.com/YosysHQ/nextpnr/releases/tag/nextpnr-0.10

While here, also enable the himbaechel architecture as well as adding
support for the GateMate micro-architecture via prjpeppercorn.

textproc/py-regex: Upgrade to 2026.2.28

PR:             293785
Approved by:    fax at nohik.ee (maintainer)
Changelog:      https://github.com/mrabarnett/mrab-regex/blob/2026.2.28/changelog.txt

textproc/elasticsearch7: Fix runtime with non-default USERS/GROUPS

Also:
- Respect ETCDIR substitution in rc.d script.
- Replace RM of bundled JDK, jna.jar and modules/x-pack/x-pack-ml files
  with EXTRACT_AFTER_ARGS=--exclude.
- Replace ${JAVASHAREDIR} with ${LOCALBASE}/share/java -
  JAVASHAREDIR=PREFIX/share/java, but devel/jna installed in LOCALBASE.

Approved by:    blanket (fix runtime)
MFH:            2026Q1

(cherry picked from commit fa14dfb0869642be99a46161a09455a20aeddf00)

sysutils/logstash7: Fix runtime with non-default USERS/GROUPS

Also:
- Respect LOGSTASH_HOME and ETCDIR substitutions in rc.d script.
- Replace RM of bundled JDK and *.bat files with
  EXTRACT_AFTER_ARGS=--exclude.

Approved by:    blanket (fix runtime)
MFH:            2026Q1

(cherry picked from commit f5c624428d6d4ab4738395d0cbabd6bbb246c526)

textproc/elasticsearch7: Fix runtime with non-default USERS/GROUPS

Also:
- Respect ETCDIR substitution in rc.d script.
- Replace RM of bundled JDK, jna.jar and modules/x-pack/x-pack-ml files
  with EXTRACT_AFTER_ARGS=--exclude.
- Replace ${JAVASHAREDIR} with ${LOCALBASE}/share/java -
  JAVASHAREDIR=PREFIX/share/java, but devel/jna installed in LOCALBASE.

Approved by:    blanket (fix runtime)
MFH:            2026Q1

sysutils/logstash7: Fix runtime with non-default USERS/GROUPS

Also:
- Respect LOGSTASH_HOME and ETCDIR substitutions in rc.d script.
- Replace RM of bundled JDK and *.bat files with
  EXTRACT_AFTER_ARGS=--exclude.

Approved by:    blanket (fix runtime)
MFH:            2026Q1

devel/shards: update to 0.20.0

- https://github.com/crystal-lang/shards/blob/v0.20.0/CHANGELOG.md

Sponsored by:   SkunkWerks, GmbH

net/lavinmq: update to 2.6.9

- drop `--error-on-warnings` until LavinMQ next release fully supports
  Crystal 1.19.1 without 9 deprecation warnings

- https://github.com/cloudamqp/lavinmq/blob/v2.6.9/CHANGELOG.md

Sponsored by:   SkunkWerks, GmbH

lang/crystal: update to 1.19.1

- https://github.com/crystal-lang/crystal/blob/release/1.19/CHANGELOG.md

Sponsored by:   SkunkWerks, GmbH

sysutils/podman: Allow setting ownership on auto-created socket

The podman_service daemon auto-creates a socket on startup, along with
parent directory, and is always run as root. It is often useful to have
another proxy like haproxy or nginx provide more sophisticed security,
and these daemons do not need root privileges.

Approved by:    dfr
Reported by:    pat at patmaddox.com
Tested by:      arrowd
Differential Revision:  https://reviews.freebsd.org/D55455

net/amqpcat: update to 1.1.0

- https://github.com/cloudamqp/amqpcat/releases/tag/v1.1.0

Sponsored by:   SkunkWerks, GmbH

filesystems/versitygw: update to 1.3.1

- https://github.com/versity/versitygw/releases/tag/v1.3.1
- https://github.com/versity/versitygw/releases/tag/v1.3.0

devel/R-cran-cyclocomp: Update to 1.1.2

Changelog: https://cran.r-project.org/web/packages/cyclocomp/news/news.html

security/vuxml: Document OpenSSL 3.5/3.6 vulnerability

graphics/py-colour: remove deprecated d2to1

d2to1 has been deprecated and archived for years, and its functionality
has been subsumed into plain setuptools.

While here, switch to USE_PYTHON=pep517

PR: 293782
Approved by: Martin Neubauer (maintainer)

www/gitlab: security and patch update to 18.9.2

Changes:        https://about.gitlab.com/releases/2026/03/11/patch-release-gitlab-18-9-2-released/
Security:       0236eab0-1d62-11f1-88f8-2cf05da270f3
(cherry picked from commit be0fcc223124379be8b268089db49c45f38bd408)

security/trivy: update to 0.69.3

Changes:        https://github.com/aquasecurity/trivy/releases/tag/v0.69.3
(cherry picked from commit 963373df70d351b0aa0ee2e23e3685330a10fe55)