geography/py-rtcm: Update to 1.2.0
### RELEASE 1.2.0
ENHANCEMENTS:
1. Add `msgfilter` argument to RTCMReader to allow user to filter output by one or more message identities. If set, only filtered raw messages will be parsed (e.g. `(1005,1077)`); the remainder will be `None`. Default is "" (no filter). If you're only interested in specific messages, this can significantly improve parsing speed for a given datastream.
1. Enhance `parsed` argument to RTCMReader - permissible values:
- `PARSE_NONE` (0) - No message parsing, raw output only. Parsed data is `None`.
- `PARSE_FULL` (1) - Full parsing of all message attributes (the default). Parsed data is a `RTCMMessage` object.
- `PARSE_META` (2) - Parse only basic metadata from messages (protocol, identity and length). Parsed data is a formatted `str` object. Significantly faster than full parsing, but individual data attributes will no longer be available.
www/php-nextcloud31: Remove package
The pkgsrc plan for nextcloud is to have one version, that is
up-to-date, but not a .0 or similar. Because nextcloud does not
support upgrading from N to N+2, and only does upgrades across one
major version, we generally do not update nextcloud twice between
stable branches. If that happens, we add the intermediate version so
that stable branch users can upgrade twice, using binary packages.
nextcloud31 was added to facilitate upgrades to 32. Because nextcloud
32 was in pkgsrc for many quarters, there is no need for users of the
upcoming 2026Q3 or later to install 31 as a steppingstone. The
just-commited 33 will upgrade normally from 32. Thus, this package is
no longer needed.
www/php-nextcloud: Update to 33.0.6
Tested on netbsd-10 amd64 with php83.
Major update ok ryoon@.
Upstream NEWS content
selected items from from https://help.nextcloud.com/t/updated-summary-of-what-s-new-in-nextcloud-version-33-human-readable/243455
(Based on the February 18, 2026 changelog for Nextcloud 33.0.0.)
Nextcloud 33 introduces a broad set of improvements across file
management, sharing, collaboration, administration, developer APIs,
performance, and security. The release also continues the platform’s
architectural modernization with major frontend migrations, backend
cleanup, and expanded support for new infrastructure and task
processing capabilities. File Management Enhancements
Nextcloud 33 improves file management with faster and more efficient
[37 lines not shown]
ed: Update to 1.22.5
2026-02-06 Antonio Diaz Diaz <antonio at gnu.org>
* Version 1.22.5 released.
* global.c (set_active_node): Use 'sizeof active_list[0]' instead of
'sizeof (line_node **)'. (Reported by Mikel Olasagasti Uranga).
* main.c: (may_access_filename): s/Is a directory/Invalid filename/.
(Reported by Douglas McIlroy).
2026-01-03 Antonio Diaz Diaz <antonio at gnu.org>
* Version 1.22.4 released.
* check.sh: Skip check of ISO-8859-1 names on UTF-8-only systems.
(Reported by Michael Daniels and Alexander Jones).
2025-11-27 Antonio Diaz Diaz <antonio at gnu.org>
* Version 1.22.3 released.
[117 lines not shown]
p5-Mojolicious: update to 9.48.
9.48 2026-07-14
- Fixed a security issue where CSRF tokens were vulnerable to BREACH attacks. Tokens are now masked with a fresh
random value on every request, instead of being reused for the whole lifetime of a session.
9.47 2026-07-05
- Added support for the QUERY HTTP request method from RFC 10008.
- Added query and query_p methods to Mojo::UserAgent.
- Added query method to Mojolicious::Routes::Route.
- Added query method to Mojolicious::Lite.
- Added query_ok method to Test::Mojo.
- Fixed a security issue where the pure-Perl implementation of Mojo::JSON could exhaust all available memory when
decoding deeply nested data. Decoding is now limited to 512 levels of nesting, to match the default of
Cpanel::JSON::XS.
- Fixed a memory leak in Morbo. (heikojansen)
- Fixed Mojo::File::list_tree to no longer follow symbolic links to directories.
9.46 2026-06-04
[16 lines not shown]
p5-DBI: update to 1.651.
1.651 - 2026-07-14, H.Merijn Brand & Robert Rothenberg
* Fix inverted comparisons for strings in DBI::SQL::Nano (CVE-2026-15043)
* Document that IS NULL matches empty strings in DBI::SQL::Nano
* Fix DBD::File to ensure that the table is not a symlink outside of f_dir (CVE-2026-15392)
* Fix an out-of-bounds error when a statement handle has no fields but the source row is not empty (CVE-2026-60082)
* Add an overridable upper bound $MAX_PATH_DEPTH for DBI::ProfileData (CVE-2026-60081)
* *** WARNING: Next release will require perl-5.12 ***
toxic: update to 0.16.3
## Features
- Added a run option (`-N`) that allows the use of custom DHT
bootstrap lists
- The Python API now supports groupchat commands
## Bug Fixes
- The Python API /run command no longer segfaults and can now only be
invoked on .py files
- Fixed out of bounds pointer arithmetic in Python API
- Python API registered scripts no longer segfault
- Fixed some memory/file descriptor leaks in Python API
## Maintenance
- Python API now builds with newer versions of Python3
- Various improvements to Python API docs
kew: update to 4.2.2
- Clickable songs/folders.
- Current not supported in pkgsrc
- Scrollbar on lists.
- Faster seek on long files.
- Switched mp4 lib from minimp4 to libmp4 because Fedora doesn't accept the minimp4 license.
- .Mp4 file support.
- Always logs errors to ~/.local/state/kew/logs/error.log.
- Fixed two bugs on windows, small images and resize crash.
- Non-square covers are now correctly displayed.
- Fixed regression bug that affected gapless playback introduced in 4.1.8.
- Starts playing directories faster for people with big folders with unsorted files.
py-urwid: updated to 4.0.4
Urwid 4.0.4
New features
* urwid.Colmns: re-calculate column_widths only if pack widgets changed
Bug fixes
* Fix IndexError in decompose_tagmarkup when a nested sublist is empty
Documentation
* Typing: partially annotate examples and fix annotations
* urwid.WidgetContainerMixin: return use protocol base class
py-svglib: updated to 2.0.2
2.0.2 (2026-06-18)
Supply-chain hygiene release — no code changes.
The 2.0.1 PyPI attestation was generated by a manual `workflow_dispatch` run
from `refs/heads/main` that raced ahead of the release event. As a result the
Sigstore certificate embedded in the PEP 740 attestation identified
`refs/heads/main` as the source rather than `refs/tags/v2.0.1`, making it
impossible to verify the package against the tagged commit. This release is
published exclusively via the `release: [published]` trigger so the attestation
identity is `refs/tags/v2.0.2`.
2.0.1 (2026-06-17)
Supply-chain hygiene release — no code changes.
This release replaces 2.0.0, which was published directly with `uv publish`
[26 lines not shown]
rumdl: update to 0.2.33.
0.2.33
Fixed
md044: stop flagging proper names inside bare URLs (5e9b51a)
md040: recognize file-extension fence labels as known languages (686ba20)
cli: replace unhelpful panic message with an actionable one (#717) (37ac880)
reflow: re-search cached inline-math after a dollar sign (a30a4f9)
reflow: support multiple backticks and optimize code span parsing (81944c5)
md013: stop reflow from starting lines with block markers (eebd18b)
Performance
reflow: implement cached match lookups to prevent quadratic suffix scanning (1cc8d2b)
0.2.32
[11 lines not shown]