p5-YAML-Syck: update to 1.45.
1.45 Apr 23 2026
[Bug Fixes]
- Fix: use syck_base64_free() to fix Windows "Free to wrong pool" crash
in base64 encode/decode buffers; also plugs a memory leak (PR #189)
- Fix: clear type tag on blessed scalar alias early-return so the stale
tag no longer leaks onto the next emitted item (GH #193, PR #194)
- Fix: negative float#base60 values produce wrong results; strip sign
before accumulating and avoid negative zero for portable
stringification (PR #191)
- Fix: prevent memory leaks when Load/LoadJSON croak on parse errors
(PR #192)
[Maintenance]
- Test: add coverage for SortKeys and JSON MaxDepth (PR #188)
- Test: add error handling coverage for LoadFile/DumpFile (PR #190)
- Update README
[149 lines not shown]
p5-libwww: update to 6.83.
6.83 2026-05-12 11:41:48Z
- LWP::UserAgent now strips Authorization and Proxy-Authorization headers
on cross-origin redirects (a different scheme, host, or port) to prevent
credential leakage to the redirect target. Same-origin redirects retain
credentials. Opt out with allow_credentialed_redirects => 1.
CVE-2026-8368 reported by Kai Zen; PoC and initial patch by Stig
Palmquist.
- LWP::UserAgent now refuses https to http redirects by default to prevent
leaking remaining request headers and bodies over plaintext. Opt in with
allow_downgrade => 1. Related hardening alongside CVE-2026-8368; PoC by
Stig Palmquist.
graphics/lcms2: Update to 2.19.1
This is a bugfix release.
Note that one can use cmake, but upstream has not yet declared that to
be the official build system, so decline to switch. (As usual, the
autoconf build works fine.)
kicad-*: Update to 10.0.1
KiCad 10.0.1 (2026-04-15)
The 10.0.1 stable version contains critical bug fixes and other minor
improvements since the previous release.
A list of all of the fixed issues since the 10.0.1 release can be
found on the KiCad 10.0.1 milestone page.
KiCad 10.0.0 (2026-03-20)
Most, if not all, of the new features as well as usability
improvements in KiCad 10 are described in a running thread on the
KiCad user forum. Wayne Stambaugh also presented them in his FOSDEM
2026 talk which is available to watch on the FOSDEM website. This post
highlights some of the most exciting changes, but make sure to check
out the forum post for a full list. There were also hundreds of bug
fixes, performance improvements, and other smaller changes since KiCad
9. A full list of issues addressed in KiCad 10 can be found on the
[8 lines not shown]
libspnav: Add libspnav-1.2
Libspnav is a C library for receiving input from 6 degrees-of-freedom
(6dof) input devices, also known as spacemice, spaceballs, etc. 6dof
input is very useful for fluidly manipulating objects or viewpoints in
3D space, and fundamendally comprises of relative movement
(translation) across 3 axes (TX/TY/TZ), and rotation about 3 axes
(RX/RY/RZ).
Libspnav is a counterpart to the free spacenav driver (spacenavd),
which runs as a system daemon, and handles all the low level
interfacing with the actual devices. However, it can also communicate
with the proprietary 3Dconnexion driver (3dxsrv), with reduced
functionality.
aarch64: fix mod/ref emulation in the MI pmap support code
Correct the initial PTE settings as per the table below
ref | mod | AF | AP | OS_MODEMUL
emul | emul | | |
-----+------+-----+---------+------------
no | no | set | RO/RW | not set
yes | no | clr | RO/RW | not set
no | yes | set | RO | set
yes | yes | clr | RO | set
[*] a write fault should be fixed up, and allowed.
and detect the modified emulation using OS_MODEMUL in pmap_fault fixup.
TODO:
- MI PMAP pmap_clear_reference needs to look more like pmap_clear_modify
and actually change PTE entries.
- MI PMAP needs support for HW updated modified and referenced bits.
aarch64: the MI pmap doesn't support HW modified / referenced bits.
Disable ARMV81_HAFDBS because the MI pmap doesn't handle HW supported
modified and referenced bits yet.
py-mypy: updated to 2.1.0
2.1
librt.vecs: Fast Growable Array Type for Mypyc
librt.random: Fast Pseudo-Random Number Generation
Mypyc Improvements
Fixes to Crashes
Changes to Messages
Other Notable Fixes and Improvements
- Rely on typeshed stubs for `slice` typing
- Improve negative narrowing for membership checks on tuples
- Narrow match captures based on previous cases
- Fix nondeterminism in overload resolution
- Respect file config comments for stale modules
- Fix JSON output mode for syntax errors in parallel mode
- Fix type variable with values as a supertype
- Add support for configuring `--num-workers` with an environment variable
- Respect JSON output mode for syntax errors
- Analyze `TypedDict` decorators
py-ast-serialize: added version 0.3.0
This is a fast Python extension for parsing Python files and serializing the
AST using the native binary format used by mypy. This will eventually replace
the current mypy parser, which uses the Python stdlib ast module for parsing.
