www/caddy: Update to 2.11.4 (security)
Changes:
Security-related patches:
- caddyhttp: Normalize Windows backslashes in path matcher (thanks
@Vincent550102)
- rewrite: Prevent placeholder re-expansion in injected query
(thanks @WhiskerEnt)
- templates: Improved stripHTML action to more reliably remove
malformed HTML (thanks to @jmrcsnchz)
- caddyhttp: Ignore header fields with underscores to prevent
collisions (thanks @Vincent550102 for the report and @dunglas for
the patch)
NB: These security patches may be breaking if your application
relies on the buggy behaviors.
What's Changed:
- reverseproxy: further prevent body closes from dial errors by
[37 lines not shown]
www/caddy: Update to 2.11.4 (security)
Changes:
Security-related patches:
- caddyhttp: Normalize Windows backslashes in path matcher (thanks
@Vincent550102)
- rewrite: Prevent placeholder re-expansion in injected query
(thanks @WhiskerEnt)
- templates: Improved stripHTML action to more reliably remove
malformed HTML (thanks to @jmrcsnchz)
- caddyhttp: Ignore header fields with underscores to prevent
collisions (thanks @Vincent550102 for the report and @dunglas for
the patch)
NB: These security patches may be breaking if your application
relies on the buggy behaviors.
What's Changed:
- reverseproxy: further prevent body closes from dial errors by
[35 lines not shown]
audio/praat: update to 6.4.67, latest upstream
Release notes as always at
https://www.fon.hum.uva.nl/praat/manual/What_s_new_.html
The build system has been revamped (in unfortunate ways), I ought to
engage with upstream to get it to build well with meson on FreeBSD,
so we can abandon all the Makefile hacks.
audio/musescore: update to 4.7.3, latest upstream
The 4.7 series announcements are at
https://musescore.org/en/4.7
Submitted by Keith White, additional patches for build and bump to .3 by me.
net/sendme: fix build on non-x86
The netdev crate has the value of ioctl SIOCGIFXMEDIA hardcoded for x86.
Add definitions for other architectures to fix the build.
See also: https://github.com/shellrow/netdev/issues/170
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
(cherry picked from commit d4de8e372e2e8f829afe06d2ea4aa8528d2d96d2)
graphics/s10sh: fix endianess code
Instead of hard-coding a list of architectures, defer to <endian.h>.
This fixes the build on all platforms tested.
MFH: 2026Q2
(cherry picked from commit c653d172b2678fed4bdd92782c593b995d41c5e5)
lang/micropython: enable on armv7, fix on i386
Builds fine.
One unit test fails on armv7: basics/int_64_basics.py
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
(cherry picked from commit 0f415d2616260b4c90af2a44434a5dbde8900a42)
math/tlfloat: builds fine on armv7
Tested on FreeBSD 14.3 and 15.0.
Test suite passes, too.
MFH: 2026Q2
(cherry picked from commit 42f2073184d330fabefb21264a9fe20280f65f1d)
devel/go-tools: update to 0.46.0
Selected upstream changes:
- cmd/goyacc: use math.MinInt16 as sentinel value for large grammars
- cmd/callgraph: add -{cpu,mem}profile flags for maintainers
- all: fix typos in comments and docs
- go.mod: update golang.org/x dependencies
Changelog: https://github.com/golang/tools/compare/v0.45.0...v0.46.0
net/sendme: fix build on non-x86
The netdev crate has the value of ioctl SIOCGIFXMEDIA hardcoded for x86.
Add definitions for other architectures to fix the build.
See also: https://github.com/shellrow/netdev/issues/170
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
graphics/s10sh: fix endianess code
Instead of hard-coding a list of architectures, defer to <endian.h>.
This fixes the build on all platforms tested.
MFH: 2026Q2
lang/micropython: enable on armv7, fix on i386
Builds fine.
One unit test fails on armv7: basics/int_64_basics.py
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
