foot: update to 1.27.0
1.27.0
* url.style=none|single|double|curly|dotted|dashed option added,
allowing you to configure how URL underlines are drawn. The default
is dotted.
* URL underlines are now dotted by default, instead of plain
underlines. This can be changed with the new url.style option.
* If the cursor foreground and background colors are identical, use
the current cell's foreground and background colors (inverted),
instead of the default foreground and background colors.
Fixed:
* Other output (key presses, query replies etc) being mixed with paste
data, both interactive pastes and OSC-52.
* Scrollback search not working correctly when the terminal
application has enabled the kitty keyboard protocol with release
event reporting.
[4 lines not shown]
libepoll-shim: add builtin.mk to skip on Linux
libepoll-shim is required for systems that have kqueue but not epoll.
Linux does have epoll, so it is (a) unnecessary and (b) doesn't build.
The detection logic is currently hardcoded to Linux only; I suppose it
could be improved further.
lcov: update to 2.5.
Changes from previous release:
add support for --unreachable-script callback - to filter unreachable branch and MC/DC expressions
update llvm2lcov to support llvm/22
generate man and HTML format documentation from RST.
various bug fixes and test coverage improvements
replace cp->name with channel in couple via_sata_chip_map_new() errors messages.
channel name is never set in via_vt6421_chansetup(), so it's always null.
devel/aceunit: Drop skipping vendor bash
macOS has bash 3 builtin, and the tools platform used to accept that.
Recently, tools bash was redefined to be >=4, and no longer uses macOS
bash.
The hack to avoid vendor bash was almost certainly about macOS, as I
know of no other system with bash3, and I know of no other packge
failures from bash 4. On macOS, nothing will change; just a different
reason not to use system baas. On SmartOS, the package might use
builtin bash 4, vs pkgsrc bash 5, but there's no reason to think
that's a problem.
py-responses: updated to 0.26.2
0.26.2
* Default headers (such as ``Content-Type``, ``Date`` and ``Server``) are now stripped
from recorded files regardless of header name case. Previously, responses recorded from
servers that send lowercase header names (for example over HTTP/2) kept these redundant
headers in the generated file.
* Fixed `query_param_matcher` mutating the caller's params dict when numeric
values are provided.
py-readme_renderer: updated to 45.0
45.0
* Replace ``cmarkgfm`` with ``comrak``
* Support footnotes in Markdown
* Support inline link anchors
* Allow ``class`` attribute on ``<pre>`` tags
* Advertise support for Python 3.13
* Remove support for Python 3.9, pypy 3.9, 3.10
* Remove `python3` alias from Pygments
* Fix test suite for Pygments update
* Fix mypy annotations
* Fix test failure with docutils 0.22
* Fix package metadata
* Fix ignored allowlists on ``clean()``
* Don't abort reStructuredText rendering when a ``:scale:`` image can't be sized
* Disable active input controls in rendered output
[11 lines not shown]
py-nh3: updated to 0.3.6
0.3.6
Validate clean_content_tags conflict with tags
Document tag_attribute_values as alternate to attributes
Add nh3.escape alias for clean_text
Bump pyo3 from 0.28.3 to 0.29.0
Expose ammonia's url_relative policy via url_relative kwarg
fssconfig(8): Fix punctuation-o noticed milliseconds after commit.
Prompted by the persistent confusion on my part that led to:
PR bin/60383: fssconfig(8): distinguish between taking and loading a
snapshot
fssconfig(8) Rework man page and give more practical examples.
Prompted by the persistent confusion on my part that led to:
PR bin/60383: fssconfig(8): distinguish between taking and loading a
snapshot
p5-Imager: update to 1.032.
Imager 1.032 - 1 July 2026
============
- JPEG: fix a memory leak from reading a JPEG image with more than
one IPTC/APP13 block
CVE-2026-13708
- SGI: fix a buffer read over flow when reading a crafted RLE SGI
file.
CVE-2026-13705
- getscanline() with type float in list context would leak the
returned SVs. Introduced in 1.013.
- TIFF: sizeproc could potentiallly ignore a seek error when finding
the current position (but then should fail later trying to restore
it.) Revealed by a signed comparison warning.
[3 lines not shown]
openssh: update to 10.4p1.
Changes since OpenSSH 10.3
==========================
This release contains a number of security fixes as well as general
bugfixes and a couple of new features.
Security
========
* sftp(1): when downloading files on the command-line using
"sftp host:/path .", a malicious server could cause the file to
be downloaded to an unexpected location. This issue was identified
by the Swival Security Scanner.
* scp(1): when copying files between two remote destinations, do
not allow a malicious server to write files to the parent
directory of the intended target directory. This issue was
[180 lines not shown]