palemoon: Update to 34.2.1
Many security issues were addressed, including potential crash
scenarios and code correctness issues. As a summary: 50 potential
vulnerabilities were found applicable and fixed, 20 issues had DiD
code changes applied, and 4 were already mitigated by us before being
reported. Of the reported vulnerabilities, 270 were not applicable to
our code (with the vast majority pertaining to e10s/multi-process
browser architecture) and 6 low-impact ones were marked for further
investigation at a later time.
textproc/treemd: update to 0.5.11
[0.5.11] - 2026-04-28
Fixed
Toggle details no-op after section navigation - In interactive mode, pressing Enter on certain <details> blocks reported "✓ Toggled details" but produced no visible change. InteractiveState::element_states is keyed only by ElementId { block_idx, sub_idx }, so a previous section's Table state at a given block_idx silently blocked a fresh Details from initializing at the same key (the indexer used HashMap::entry().or_insert(), a no-op when present). toggle_details then matched no Details variant and silently failed. Indexer now overwrites stale wrong-variant entries while preserving same-section toggle state. Regression test added.
--filter and --level ignored in --tree mode - CLI now honors both flags when rendering the tree output (c3c3fcd)
--at-line not wired up; -s mismatched formatted headings - --at-line resolves to the enclosing heading; section selection (-s) now matches headings that contain inline formatting (36c4e60)
Changed
Upgraded all dependencies to latest - Refreshed clap_complete 4.6.2 → 4.6.3, mermaid-rs-renderer 0.2.1 → 0.2.2, turbovault-parser 1.4.0 → 1.4.1, turbovault-core 1.4.0 → 1.4.1, open 5.3.3 → 5.3.4, plus transitive refreshes (plist, wasm-bindgen, tokio, libc, js-sys, cc, etc.)
Tests
Added end-to-end CLI integration suite covering --tree, --list, --filter, --level, --at-line, and -s (471d9d5)
Added coverage for JSON output builder and config loading (ef250da)
Added coverage for document tree/search and palette command matching (f185c4b)
[3 lines not shown]
opendmarc: Default to mariadb instead of mysql.
The pkgsrc default is mariadb so it makes sense to avoid conflicts. While
here fix pkglint. Bump PKGREVISION.
devel/mise: update to 2026.4.24
2026.4.24 - 2026-04-27
🚀 Features
(ls-remote) add prereleases setting and --prerelease flag by @jdx in #9415
🐛 Bug Fixes
(http) retry transient HTTP failures with backoff and warn on rescue by @jdx in #9414
(release) purge mise.en.dev CDN zone after each S3 publish by @jdx in #9416
📚 Documentation
prefix GitHub star count with ★ glyph by @jdx in #9417
update intro messaging by @jdx in #9418
py-checkdmarc: updated to 5.15.2
5.15.2
Cap the per-query UDP timeout at min(1.0, timeout) for single-nameserver
configurations as well as multi-nameserver ones. Previously, when only one
nameserver was configured (or the system default list had a single entry),
resolver.timeout and resolver.lifetime were both set to the full
timeout budget, which collapses dnspython's UDP retry loop to a single
attempt — a single dropped UDP datagram then consumed the whole lifetime
and raised LifetimeTimeout, while dig (which defaults to +tries=3)
would mask the same blip by retrying. dnspython now retries UDP within
the lifetime window (~2 attempts at the default 2s budget), matching
dig's behavior in spirit and eliminating spurious single-NS timeouts
on paths with occasional packet loss.
dos2unix: updated to 7.5.5
2026-04-06: Version 7.5.5
* New option --error-binary: Return an error if a
binary file is skipped.
* Fix: dos2unix error on empty input. The problem was introduced
in version 7.5.4.
2026-01-30: Version 7.5.4
* Don't return an error code if a binary file is skipped.
Reverting change in 7.5.3.
* Refactored code.
gam: update to 7.42.00
Changes since 7.40.00:
7.42.00
In versions prior to 7.42.00, when redirect csv <FileName> was used, GAM did not open and write <FileName> until all processing was complete; if <FileName> was not accessible, an error was generated and no results were saved. Now, <FileName> is opened initially to verify accessiblity and then written when processing is complete.
In the unlikely event that this causes issues, you can do redirect csv <FileName> delayopen to get the previous behavior.
7.41.03
Fixed bug in the following: Added the following to <RowValueFilter> used in CSV input/output row filtering; these are synonyms for count and countrange.
[(any|all):]number<Operator><Number>|
[(any|all):]numberrange!=<Number>/<Number>|
[(any|all):]numberrange=<Number>/<Number>|
7.41.02
[41 lines not shown]
