NetBSD/src ZPoG3bFexternal/gpl3/gdb/dist/gdb aarch64-netbsd-tdep.c, external/gpl3/gdb/lib/libgdb/arch/aarch64 init.c

   PR/60362 (gdb can not insert breakpoints on aarch64)

   Update aarch64-netbsd-tdep.c to use modern gdb initialisation method and
   re-gen libgdb/arch/aarch64/init.c
VersionDeltaFile
1.5+1-2external/gpl3/gdb/dist/gdb/aarch64-netbsd-tdep.c
1.11+2-0external/gpl3/gdb/lib/libgdb/arch/aarch64/init.c
+3-22 files

NetBSD/src c7pPOGPdoc CHANGES

   doc: Changes for first week of July.
VersionDeltaFile
1.3279+21-1doc/CHANGES
+21-11 files

NetBSD/pkgsrc-wip 6d62eb6libvips distinfo PLIST

Bump libvips to 8.18.4
DeltaFile
+3-3libvips/distinfo
+2-2libvips/PLIST
+1-1libvips/Makefile
+6-63 files

NetBSD/pkgsrc MpcHUQDdoc CHANGES-2026

   Updated devel/py-build, devel/py-cffi
VersionDeltaFile
1.4379+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc COo2aJNdevel/py-cffi PLIST distinfo, devel/py-cffi/patches patch-setup.py

   py-cffi: updated to 2.1.0

   2.1.0

   Added the cffi-gen-src command-line tool (also invocable as python -m cffi.gen_src), which generates CFFI C extension source code, so that a build backend such as meson-python can build the extension. See Generating C Sources for CFFI Extensions for details. Integrated from the cffi-buildtool project by Rose Davidson.
   Added support for arm64 iOS wheels.
   Dropped support for Python 3.9.
   Added support for Python 3.15 and support for C extensions generated by CFFI to target the new abi3t free-threaded ABI.
   Avoid crashes inside of __delitem__.
   Avoid “string too big” error under MSVC.
   Fix mingw builds.
VersionDeltaFile
1.14+9-3devel/py-cffi/PLIST
1.53+5-5devel/py-cffi/distinfo
1.2+4-4devel/py-cffi/patches/patch-setup.py
1.63+4-2devel/py-cffi/Makefile
1.1+1-0devel/py-cffi/ALTERNATIVES
+23-145 files

NetBSD/pkgsrc aH7xAz3devel/py-build distinfo Makefile

   py-build: updated to 1.5.1

   1.5.1 (2026-07-09)

   Features

   - Add ``--report=PATH`` to write a machine-readable JSON report of built artifacts; ``--metadata`` now also accepts
     ``.whl`` files - by :user:`gaborbernat` (:issue:`198`)
   - The ``srcdir`` argument now accepts ``.tar.gz`` source distributions, extracting and building from them - by
     :user:`gaborbernat` (:issue:`311`)
   - The "Unmet dependencies" error from ``--no-isolation`` builds now shows the wanted version, found version, and
     interpreter - by :user:`gaborbernat` (:issue:`504`)
   - Add ``--sdist-extract-dir`` to extract the intermediate sdist into a persistent directory, enabling compiler cache reuse
     across rebuilds - by :user:`gaborbernat` (:issue:`614`)
   - Add ``--env-dir`` to place the isolated build environment at a fixed path, enabling compiler cache reuse across builds -
     by :user:`gaborbernat` (:issue:`655`)
   - Print a summary of resolved dependency versions (``name==version``) after installing them in isolated builds - by
     :user:`gaborbernat` (:issue:`959`)
   - On build failure, print a tip pointing to ``--env-dir`` and ``--sdist-extract-dir`` for debugging and link to the "Debug

    [26 lines not shown]
VersionDeltaFile
1.17+4-4devel/py-build/distinfo
1.28+2-2devel/py-build/Makefile
+6-62 files

NetBSD/pkgsrc oOFNWDDdoc CHANGES-2026

   Updated net/rclone, net/helm, devel/memcached
VersionDeltaFile
1.4378+4-1doc/CHANGES-2026
+4-11 files

NetBSD/pkgsrc jZ2j672devel/memcached distinfo Makefile

   memcached: updated to 1.6.45

   1.6.45

   Fixes

   proxy: extra warning for user config error
   proto: convert more strto calls
   proto: meta preparse F flag fix
   proxy: fix res:line() returning wrong response
   proxy: fix overread of spaces for large gets
   ascii: safely convert flag args to numerics
   ascii: fix unlocked refcount-- on error path
   proxy: key filter null byte written to wrong place
   proxy: fix detail len clamp in request logging
   proxy: enforce minimum rate limit
   ascii: fix refcount leak on ms parse error
   proxy: reserve enough log space for proxy BE_EVENT
   network: fix segfault on OOM during net read

    [16 lines not shown]
VersionDeltaFile
1.65+4-4devel/memcached/distinfo
1.98+2-2devel/memcached/Makefile
+6-62 files

NetBSD/pkgsrc aHm1mU4net/helm distinfo go-modules.mk

   helm: updated to 4.2.3

   Helm v4.2.3 is a patch release. Users are encouraged to upgrade for the best experience.
VersionDeltaFile
1.6+52-52net/helm/distinfo
1.5+16-16net/helm/go-modules.mk
1.18+2-3net/helm/Makefile
+70-713 files

NetBSD/pkgsrc 8EfqPNmnet/rclone distinfo go-modules.mk

   rclone: updated to 1.74.4

   1.74.4

   Bug Fixes
   accounting
   Fix goroutine leak in ResetCounters (Nick Craig-Wood)
   Fix goroutine leak in NewStatsGroup for zero-transfer rc jobs (Sanjays2402)
   archive extract: Fix path traversal letting archives escape the destination CVE-2026-59732 (Nick Craig-Wood)
   build
   Fix multiple CVEs by upgrading to go1.26.5 (Nick Craig-Wood)
   CVE-2026-39822: os: Root escape via symlink plus trailing slash
   CVE-2026-42505: crypto/tls: Encrypted Client Hello privacy leak
   Update golang.org/x/image to v0.43.0 to fix image decoding vulnerabilities (Nick Craig-Wood)
   CVE-2026-46604: panic decoding a TIFF image with an out-of-bounds strip offset
   CVE-2026-46602: unbounded memory use from lack of a limit on TIFF tile sizes
   CVE-2026-46601: panic on a WEBP VP8 alpha channel size mismatch
   CVE-2026-33813: panic decoding a large WEBP image on 32-bit platforms
   cmd/mount2

    [43 lines not shown]
VersionDeltaFile
1.42+46-46net/rclone/distinfo
1.29+14-14net/rclone/go-modules.mk
1.106+2-3net/rclone/Makefile
+62-633 files

NetBSD/pkgsrc-wip 739d163teamtype Makefile

teamtype: remove commented lines
DeltaFile
+0-2teamtype/Makefile
+0-21 files

NetBSD/pkgsrc-wip 546e87dethersync distinfo cargo-depends.mk, teamtype distinfo cargo-depends.mk

ethersync: rename to teamtype (https://github.com/teamtype/teamtype/pull/436), update to 0.9.2
DeltaFile
+1,706-0teamtype/distinfo
+0-1,664ethersync/distinfo
+569-0teamtype/cargo-depends.mk
+0-555ethersync/cargo-depends.mk
+27-0teamtype/Makefile
+0-24ethersync/Makefile
+2,302-2,2437 files not shown
+2,319-2,26013 files

NetBSD/pkgsrc ImEkalkdoc CHANGES-2026

   Updated net/py-stone, www/py-django[5]
VersionDeltaFile
1.4377+5-1doc/CHANGES-2026
+5-11 files

NetBSD/pkgsrc q7sxhJGwww/py-django5 distinfo Makefile

   py-django5: updated to 5.2.16

   Django 5.2.16 fixes three security issues with severity “low” in 5.2.15.

   CVE-2026-48588: Potential exposure of private data via cached Set-Cookie response
   CVE-2026-53877: Heap buffer over-read in GDALRaster
   CVE-2026-53878: Header injection possibility since DomainNameValidator accepted newlines in input
VersionDeltaFile
1.4+4-4www/py-django5/distinfo
1.4+2-2www/py-django5/Makefile
+6-62 files

NetBSD/pkgsrc sdjm26Uwww/py-django distinfo Makefile

   py-django: updated to 6.0.7

   6.0.7

   Django 6.0.7 fixes three security issues with severity “low” and one bug in 6.0.6.

   CVE-2026-48588: Potential exposure of private data via cached Set-Cookie response
   CVE-2026-53877: Heap buffer over-read in GDALRaster
   CVE-2026-53878: Header injection possibility since DomainNameValidator accepted newlines in input

   Bugfixes

   Fixed a regression in Django 6.0 where the PBKDF2 and MD5 password hashers
   raised UnicodeDecodeError for bytes passwords that were not valid UTF-8.
   Passwords supplied as str or as UTF-8 bytes are unaffected
VersionDeltaFile
1.129+4-4www/py-django/distinfo
1.157+2-2www/py-django/Makefile
+6-62 files

NetBSD/pkgsrc 178q7AZnet/py-dropbox Makefile

   py-dropbox: mark as only for Python 3.11+
VersionDeltaFile
1.20+3-4net/py-dropbox/Makefile
+3-41 files

NetBSD/pkgsrc 4TqORznnet/py-stone Makefile distinfo, net/py-stone/patches patch-setup.py patch-test_requirements.txt

   py-stone: updated to 3.4.0

   3.4.0

   Breaking changes

   Requires Python 3.11 or later. Python 2.7 and 3.5–3.10 are no longer supported
   The six dependency has been removed; Stone is now pure Python 3

   Highlights

   Python 3 modernization — dropped six, removed Python 2 compatibility shims, fixed datetime.utcnow() deprecations, and set python_requires>=3.11 with CI coverage through Python 3.14
   Output manifest mode — generate and validate a manifest of generated output paths, with outputs kept under the output root.
   Recursive spec directories — spec directory arguments can now be expanded recursively.
   Reproducible Obj-C output — Obj-C backend output is now stabilized/deterministic

   Fixes

   Fixed invalid except [list] syntax in HashRedactor that raised TypeError on redaction
VersionDeltaFile
1.16+6-8net/py-stone/Makefile
1.12+4-6net/py-stone/distinfo
1.5+4-1net/py-stone/PLIST
1.5+1-1net/py-stone/patches/patch-setup.py
1.2+1-1net/py-stone/patches/patch-test_requirements.txt
+16-175 files

NetBSD/pkgsrc-wip 91c6512foliate Makefile

foliate: add CONFLICTS.
DeltaFile
+2-1foliate/Makefile
+2-11 files

NetBSD/pkgsrc-wip 8959a5ehtop-git Makefile

htop-git: sync with upstream changes.
DeltaFile
+1-1htop-git/Makefile
+1-11 files

NetBSD/pkgsrc-wip 9778010btop-git distinfo Makefile, btop-git/patches patch-Makefile patch-src_btop.cpp

btop-git: sync with upstream changes.
DeltaFile
+10-10btop-git/patches/patch-Makefile
+5-15btop-git/patches/patch-src_btop.cpp
+4-4btop-git/patches/patch-src_netbsd_btop__collect.cpp
+3-3btop-git/distinfo
+3-1btop-git/Makefile
+25-335 files

NetBSD/src RypS9PAusr.bin/xinstall xinstall.c

   PR bin/58577  - install(1) -d issues

   Fix issues where "install -d" (with no directory) simply
   exit(0)s.   That one is kind of marginal, installing nothing
   when nothing is needed could be treated as OK, but the man
   page does indicate in the SYNOPSIS that with -d, at least
   one directory is needed (it says nothing at all about that
   in the text).

   Second, after creating a directory, if a later operation
   (chown, chmod) fails, that is not success, a warning was
   issued (good), a bad metalog was being created (bad).
   That is clearly a bug (though probably doesn't happen
   very often).

   And third, when install -d fails, and issues an error,
   (warn()) the exit status from install(1) should not be zero.
   This only applies after the (rare, I'd assume) errors
   from the 2nd fix (which were not previously regarded as

    [22 lines not shown]
VersionDeltaFile
1.131+25-12usr.bin/xinstall/xinstall.c
+25-121 files

NetBSD/pkgsrc rXXAnvNdatabases/py-peewee distinfo Makefile

   py-peewee: updated to 4.1.2

   4.1.2

   * Ensure quotes escaped in SQLite introspection methods, thanks @greymoth-jp
     for reporting and the initial patch.
   * Allow TimestampField to accept an iso-formatted str.
   * Add key-existence predicates (`has_key`, `has_keys`, `has_any_keys`) to the
     core `JSONField` on SQLite, implemented with `json_type()`.
   * Add containment predicates (`contains`, `contained_by`) to the core
     `JSONField` on SQLite via a registered `_pw_json_contains` UDF that emulates
     Postgres' `@>` semantics (structural, level-aligned). The core `JSONField`
     now has full predicate parity across SQLite, Postgres, and MySQL/MariaDB.
VersionDeltaFile
1.101+4-4databases/py-peewee/distinfo
1.136+2-2databases/py-peewee/Makefile
+6-62 files

NetBSD/pkgsrc dqU6Hf4www/jira-cli Makefile

   www/jira-cli: Remove go default version.

   Build was tested with go 1.25 and go 1.26 and it worked.
VersionDeltaFile
1.62+1-2www/jira-cli/Makefile
+1-21 files

NetBSD/pkgsrc ONua1aadoc CHANGES-2026

   Updated devel/netcdf, devel/py-ruff
VersionDeltaFile
1.4376+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc 4xsEuKJdevel/py-ruff distinfo cargo-depends.mk

   py-ruff: updated to 0.15.21

   0.15.21

   Preview features

   Add --add-ignore for adding ruff:ignore comments
   [flake8-comprehensions] Drop C409 tuple comprehension preview behavior
   Avoid whitespace normalization when formatting comments
   [pyupgrade] Lint and fix use of deprecated abc decorators (UP051)

   Bug fixes

   Refine non-empty f-string detection
   Detect syntax errors in individual notebook cells
   [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments

   Rule changes


    [25 lines not shown]
VersionDeltaFile
1.112+127-91devel/py-ruff/distinfo
1.106+41-29devel/py-ruff/cargo-depends.mk
1.115+2-2devel/py-ruff/Makefile
+170-1223 files

NetBSD/pkgsrc A21SuRadevel/netcdf distinfo Makefile

   netcdf: updated to 4.10.1

   4.10.1 - July 6, 2026

   * Fixed outstanding CVE issues.
   * Added new functions `nc_set_meta_block_size()` and `nc_get_meta_block_size()`, to allow for runtime modification of downstream `libhdf5` block size.
   * Use TARGETS to install plugins
   * Have hdf4 tests include MFHDF_H_INCLUDE_DIR
   * Testing a fix for libhdf4 + jpeg + cmake
   * add big-endian CI run and fix endian issues in test and hdf5var.c
   * documentation fixes
   * Fix tst_h_files4.c compatibility with HDF5 API version defaulting
   * Updated nc-config.cmake.in to extend functionality of --libs-ac-syntax
   * Updated the man pages
   * CI fix
   * fix cmode bug
   * CI: Switch from miniconda to micromamba
   * fix docs in libhdf4, libhdf5, and libsrcp
   * documentation fixes for liblib and examples

    [35 lines not shown]
VersionDeltaFile
1.27+4-4devel/netcdf/distinfo
1.83+2-3devel/netcdf/Makefile
+6-72 files

NetBSD/src A1RMYUllib/libc/locale runetable.c iswctype_mb.c

   PR lib/59067 (wctrans got error member)

   Patches from the OP (ru_j217) and from RVP - see the PR

   This looks to be just correcting what appear to be simple
   errors in the code.

   XXX pullup -11
VersionDeltaFile
1.30+4-4lib/libc/locale/runetable.c
1.15+3-3lib/libc/locale/iswctype_mb.c
+7-72 files

NetBSD/src dtPCGBglib/libc/gen Makefile.inc

   Properly fix the libc build

   I had this change in early testing, but convinced myself it couldn't
   possibly be required, so deleted it - and all worked.   But that's
   because I do update builds, and this extra dependency required after
   the first build.

   It shouldn't be required ever, it is insane, but there will shortly
   be a PR about that!   For now, this does no harm.
VersionDeltaFile
1.229+3-1lib/libc/gen/Makefile.inc
+3-11 files

NetBSD/src yMdn57yexternal/mit/xorg/lib driver.mk driver.old.mk

   PR xsrc/59858 (locale fixes for xsrc)

   From RVP - see the PR

   Oversimplifying: this causes Mesa to use LC_NUMERIC=C when using
   strtod() to parse stuff (ie: the radix char (decimal point) is '.',
   regardless of the user's locale).

   XXX pullup -11
VersionDeltaFile
1.10+2-1external/mit/xorg/lib/driver.mk
1.3+2-1external/mit/xorg/lib/driver.old.mk
+4-22 files

NetBSD/xsrc yMdn57yexternal/mit/MesaLib.old/dist/src/util strtod.c, external/mit/MesaLib/dist/src/util strtod.c

   PR xsrc/59858 (locale fixes for xsrc)

   From RVP - see the PR

   Oversimplifying: this causes Mesa to use LC_NUMERIC=C when using
   strtod() to parse stuff (ie: the radix char (decimal point) is '.',
   regardless of the user's locale).

   XXX pullup -11
VersionDeltaFile
1.2+1-1external/mit/MesaLib.old/dist/src/util/strtod.c
1.2+1-1external/mit/MesaLib/dist/src/util/strtod.c
+2-22 files