BSD Commit Log Search

x11/xlsclients: update: 1.1.5 -> 1.1.6

PR:             295592
Approved by:    x11 (arrowd, maintainer)
Co-authored-by: osa
Sponsored by:   tipi.work

misc/dlpack: update 1.0 → 1.3

math/bitwuzla: update 0.9.0 → 0.9.1

science/cantera: update 3.1.0 → 3.2.0

graphics/diplib: update 3.5.1 → 3.6.0

archivers/ouch: update 0.7.1 → 0.8.0

security/zlint: update 3.7.0 → 3.7.1

editors/notepadnext-devel: Deprecate and expire

editors/notepadnext now contains fixes the -devel port contains. -devel
is now redundant.

security/pc-acme-tiny: Update 5.0.2 => 5.0.3

Changelog:
https://github.com/diafygi/acme-tiny/releases/tag/5.0.3
Commit log:
https://github.com/diafygi/acme-tiny/compare/5.0.2...5.0.3

PR:             295392
Reported by:    Atanu Biswas <atanubiswas484 at gmail.com> (maintainer)
Approved by:    osa, vvd (Mentors, implicit)

www/nginx-module-lua: Add new port

Add a new port for the OpenResty lua-nginx-module dynamic
module for nginx.

WWW: https://github.com/openresty/lua-nginx-module

Sponsored by:   Netzkommune GmbH

textproc/source-highlight: Add --with-boost

Otherwise, it fails to find Boost.Regex when LOCALBASE is not
/usr/local.

PR:     288761
Reviewed by:    arrowd
Approved by:    arrowd (ports), maintainer (timeout, 9 months)
Differential Revision:  https://reviews.freebsd.org/D57125

(cherry picked from commit 20ee6d87ee7a74a8a843e393ed03146736506839)

textproc/source-highlight: Add --with-boost

Otherwise, it fails to find Boost.Regex when LOCALBASE is not
/usr/local.

PR:     288761
Reviewed by:    arrowd
Approved by:    arrowd (ports), maintainer (timeout, 9 months)
Differential Revision:  https://reviews.freebsd.org/D57125

sysutils/ping_exporter: Update to 1.2.1

Release notes:
https://github.com/czerwonk/ping_exporter/releases/tag/v1.2.1

While here, add a pkg-message for a breaking change in 1.2.0.

Reviewed by:    arrowd
Approved by:    arrowd (ports)
Differential Revision:  https://reviews.freebsd.org/D57126

net-mgmt/prometheus-bird-exporter: Update to 1.5.0

Release notes:
https://github.com/czerwonk/bird_exporter/releases/tag/v1.4.5
https://github.com/czerwonk/bird_exporter/releases/tag/v1.5.0

Reviewed by:    arrowd
Approved by:    arrowd (ports)
Differential Revision:  https://reviews.freebsd.org/D57127

net/hostapd-devel: Update to the latest GH commit

Update to the latest w1.fi commit, proxied through my GH account

security/wpa_supplicant-devel: Update to latest GH commit

Update to the latest w1.fi commit, proxied through my GH account.

security/vuxml: Add www/grafana vulnerabilities

- XSS in Grafana Explore stack trace (CVE-2025-41117)
- Public Dashboards time range restriction on annotations can be bypassed (CVE-2026-21722)
- RCE on Grafana via sqlExpressions (CVE-2026-27876)
- Public dashboards discloses all direct mode datasources (CVE-2026-27877)
- Query resampling can cause unbounded memory allocations (CVE-2026-27879)
- OpenFeature evaluation API reads input data with no bounds (CVE-2026-27880)
- Grafana Testdata datasource can issue unbounded memory allocations (CVE-2026-28375)
- Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS (CVE-2026-33375)

PR:             294105
Reported by:    Boris Korzun <drtr0jan at yandex.ru>

misc/crush: Update to 0.72.0

While here, convert to use GO_LDFLAGS.

Changelog: https://github.com/charmbracelet/crush/releases/tag/v0.72.0

Reported by:    GitHub (watch releases)

audio/gonic: Update to 0.21.0

Changelog: https://github.com/sentriz/gonic/blob/v0.21.0/CHANGELOG.md

Reported by:    GitHub (watch releases)

x11/cde-devel: Update to the latest cdesktopenv-code commit

Update to the latest cdedesktop-code commit proxied through my GH accoun

mail/spamassassin-devel: update to latest github commit

sysutils/cfengine-devel: Update to latest GH commit

x11-toolkits/thentenaar-motif-devel: Update to the latest github commit

security/krb5-devel: update to the latest MIT/KRB5 github commit

sysutils/cfengine-masterfiles-devel: Update to latest GH commit

shells/ksh-devel: update to the latest ksh93/ksh github commit

audio/ocp: Update to 3.3.1

www/lua-resty-core: Take Maintainership

Approved by:    zi (via private Mail)

security/vuxml: Add PORTEPOCH validation

This adds a check if portepoch has been forgotten
in affected version range specifications, which leads
to pkg audit not reporting a vulnerability.

Usage:

    make check-portepoch

This is also invoked when running `make validate`.

Approved by:    fernape (ports-secteam)
Differential Revision:  https://reviews.freebsd.org/D57193

Mk/Uses/tcl.mk: fix test depends

PR:             295582
Reported by:    Christos Chatzaras <chris at cretaforce.gr>