py-ruff: update to 0.15.8.
Preview features
[ruff] New rule unnecessary-if (RUF050) (#24114)
[ruff] New rule useless-finally (RUF072) (#24165)
[ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#24162)
[pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#24100)
Bug fixes
[flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#24166)
[flake8-bandit] Check tuple arguments for partial paths in S607 (#24080)
[pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#24088)
E501/W505/formatter: Exclude nested pragma comments from line width calculation (#24071)
Fix %foo? parsing in IPython assignment expressions (#24152)
analyze graph: resolve string imports that reference attributes, not just modules (#24058)
Rule changes
[23 lines not shown]
neovim: Update to 0.11.7
Changes:
0.11.7
======
FIXES
-----
- lsp.enable() don't work correctly inside FileType event
- api: nvim_set_hl crashes when url= key is passed
- channel: crash on failed sockconnect()
- channel: possible hang after connecting with TCP times out
- highlight: setting 'winhl' doesn't work with global ns
- mpack: boundary values for negative integer encoding
- lsp: call `on_list` before reading `loclist`
- process: avoid buffering unnecessary UI event with PTY CWD
- terminal: heap UAF if buffer deleted during TermRequest
- terminal: reset `w_leftcol` after resizing terminal
- treesitter: escape hyphen in lua pattern
- treesitter: normalize language aliases
[20 lines not shown]
net/lagrange: update to 1.20.3
v1.20.3
- Fixed crash when hovering on an empty bookmark folder in the Bookmarks menu.
- Improved CJK IME support in text fields. (Courtesy of Sidney Cammeresi.)
- Upload dialog's text editor uses the modifier-key-only Return key behavior when that is the active one. This should help with composing CJK text.
- Added option to easily toggle SOCKS5 without losing the configuration.
- Fixed localhost addresses not being ignored by the SOCKS5 proxy.
- Updated stb library (bugfixes for image, image_resize2, truetype, vorbis).
v1.20.2
- Fixed a crash during event handling when no gamepad is connected.
- Fixed a crash when there are cached feed entries belonging to a subscription whose bookmark has been deleted.
- Fixed build issue with glibc 2.43+.
v1.20.1
[37 lines not shown]
emulators/jgenesis: update to 0.11.4
0.11.4
New Features
* Added support for SG-1000 emulation
* (**Sega CD**) Added support for CD-ROM images that store audio tracks in WAV files, if the WAV contains 44100 Hz 16-bit stereo samples (same as CD-DA)
* (**Sega CD**) Added support for CD-ROM images that store the data track in MODE1/2048 format (e.g. most CUE/ISO/WAV images)
Improvements
* (**NES**) Slightly increased saturation in the default color palette and the palette generator (the previous behavior was due to a bug in NTSC-to-YUV conversion)
* Sinc audio interpolation now uses much higher precision for the step between input samples during interpolation, which may slightly improve audio quality for the systems with higher internal sample rates (mainly GB/GBC and NES)
Fixes
* (**Sega CD**) The CD-ROM image reading code no longer validates CD-ROM EDC sector checksums; this fixes some game hacks not working (e.g. the _Vay_ random encounter reduction hack) (#614)
* (**GB**) Fixed the MBC1 mapper code not correctly handling ROM banks where the lowest 5 bits are zero but the highest bits are non-zero (#615)
* (**GB**) Fixed the MBC2 mapper code not correctly ignoring the highest 4 bits on reads/writes in all cases (#616)
0.11.3
[5 lines not shown]
py-blessed: updated to 1.38.0
1.38
* introduced: :meth:`~.Terminal.does_osc52_clipboard`, :meth:`~.Terminal.clipboard_copy`, and
:meth:`~.Terminal.clipboard_paste` to detect, copy, and read from clipboard.
* introduced: :meth:`~.Terminal.get_color_scheme`.
* introduced: :meth:`~.Terminal.does_kitty_query` for Kitty's XTGETTCAP query extensions.
* introduced: :meth:`~.Terminal.does_decrqss` for DECRQSS (Request Status String).
* introduced: :meth:`~.Terminal.does_styled_underlines` and
:meth:`~.Terminal.does_colored_underlines` -- detect extended underline styles (``Smulx``) and
colored underlines (``Setulc``) via XTGETTCAP.
* introduced: :meth:`~.Terminal.set_window_title` and :meth:`~.Terminal.window_title` -- set the
terminal window and/or icon title via xterm OSC sequences, with a context manager that pushes
and pops the title stack (XTWINOPS).
* introduced: :attr:`DecModeResponse.recognized` and :attr:`DecModeResponse.supported`
properties -- distinguish modes the terminal acknowledges from those it can actually use.
* improved: ``Smulx`` and ``Setulc`` added to XTGETTCAP capability list.
* bugfix: ``EOF`` when stdin is connected to a Pipe (eg. pytest capture) caused infinite loop
[5 lines not shown]
www/chromium: update to 146.0.7680.177
* 146.0.7680.177
This update includes 21 security fixes. Please see the
Chrome Security Page for more information.
[TBD][493952652] High CVE-2026-5273: Use after free in CSS.
Reported by Anonymous on 2026-03-18
[TBD][491732188] High CVE-2026-5272: Heap buffer overflow in GPU.
Reported by inspector-ambitious on 2026-03-11
[TBD][488596746] High CVE-2026-5274: Integer overflow in Codecs.
Reported by heapracer (@heapracer) on 2026-03-01
[TBD][489494022] High CVE-2026-5275: Heap buffer overflow in ANGLE.
Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-04
[TBD][489711638] High CVE-2026-5276: Insufficient policy enforcement
in WebUSB. Reported by Ariel Simon on 2026-03-04
[TBD][489791424] High CVE-2026-5277: Integer overflow in ANGLE.
Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-05
[TBD][490254128] High CVE-2026-5278: Use after free in Web MIDI.
Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-06
[30 lines not shown]
py-charset-normalizer: updated to 3.4.7
3.4.7
Changed
- Pre-built optimized version using mypy[c] v1.20.
- Relax `setuptools` constraint to `setuptools>=68,<82.1`.
Fixed
- Correctly remove SIG remnant in utf-7 decoded string.
www/esbuild: update to 0.27.5
* 0.27.5
- Fix for an async generator edge case (#4401, #4417)
- Fix a regression when metafile is enabled (#4420, #4418)
- Use define semantics for TypeScript parameter properties (#4421)
- Allow es2025 as a target in tsconfig.json (#4432)
* 0.27.4
- Fix a regression with CSS media queries (#4395, #4405, #4406)
- Fix an edge case with the inject feature (#4407)
- Attempt to improve API handling of huge metafiles (#4329, #4415)
textproc/television: update to 0.15.4
⛰️ Features
795cbe9 (cable) Add podman channels by @delafthi in #954
d6918d8 (cable) Introduce tailscale-exit-node channel by @lucemans in #950
f2b68c4 (shell) Add a proper standard shell autocomplete generation subcommand by @alexpasmantier in #930
🐛 Bug Fixes
c25376d (config) Bat cannot print file paths that starts with '-' on windows by @LeeSF03 in #946
6ba67b1 (deps) Resolve dependabot security vulnerabilities by @alexpasmantier
4a56d12 (docs) Escape curly braces in changelog for MDX compatibility by @alexpasmantier
0ee2d39 (frecency) Persist external-action selections before execute by @lalvarezt in #923
e525063 (previewer) Prevent panic when scroll exceeds content lines length by @CodeMarco05 in #949
8f7444a (results) Fix visual jitter when results first appear by @alexpasmantier in #952
630e537 (shell) Support interactive mode for PowerShell on Windows by @alexpasmantier in #932
6fbfc23 (tests) Use timeout-based assertions for flaky selection tests by @alexpasmantier in #953
ebac256 (uncategorized) Select-1 with prefilled input by @lalvarezt in #942
[19 lines not shown]
