OPNSense/core cd97719src/opnsense/mvc/app/controllers/OPNsense/IDS/forms generalSettings.xml, src/opnsense/mvc/app/models/OPNsense/IDS IDS.xml IDS.php

by Ad Schellevis on ⎇
Services: Intrusion Detection - refactor pcap/netmap selection to "Capture mode" and add new "divert" option.

With divert we can integrate suricata in firewall rules, which makes it easier to bypass large flows.
This change requires the new SO_REUSEPORT_LB option in the kernel in order to distribute traffic over multiple workers.
DeltaFile
+46-0src/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_1_2.php
+16-4src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
+15-2src/opnsense/service/templates/OPNsense/IDS/rc.conf.d
+13-4src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml
+3-3src/opnsense/mvc/app/models/OPNsense/IDS/IDS.php
+2-2src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
+95-153 files not shown
+100-159 files

FreeBSD/ports 9cf4622sysutils/rundeck distinfo Makefile

by Xavier Humbert via Vladimir Druzenko (vvd) on ⎇
sysutils/rundeck: Update 5.17.0 => 5.18.0

Release Notes:
https://docs.rundeck.com/docs/history/5_x/version-5.18.0.html

PR:             291890
Security:       CVE-2025-8916
Security:       CVE-2025-53864
Security:       CVE-2025-59250
Security:       CVE-2025-64756
MFH:            2025Q4
(cherry picked from commit 8d393b611a7f613740f0b3cab7cae0fd0c8cd500)
DeltaFile
+3-3sysutils/rundeck/distinfo
+2-2sysutils/rundeck/Makefile
+5-52 files

FreeBSD/ports 268ca67sysutils/rundeck distinfo Makefile

by Xavier Humbert via Vladimir Druzenko (vvd) on ⎇
sysutils/rundeck: Update to 5.17.0

ReleaseNotes:   https://docs.rundeck.com/docs/history/5_x/version-5.17.0.html
(cherry picked from commit 7bfb0ac9a554d17c6128443bef0abfffc2344b07)
DeltaFile
+3-3sysutils/rundeck/distinfo
+2-2sysutils/rundeck/Makefile
+5-52 files

FreeBSD/ports fa4b9f1devel/oci-cli distinfo Makefile

by Alessandro Sagratini via Vladimir Druzenko (vvd) on ⎇
devel/oci-cli: Update 3.71.2 => 3.71.4

Changelog:
https://github.com/oracle/oci-cli/releases/tag/v3.71.4

PR:     291893
DeltaFile
+3-3devel/oci-cli/distinfo
+1-1devel/oci-cli/Makefile
+4-42 files

FreeBSD/ports 8d393b6sysutils/rundeck distinfo Makefile

by Xavier Humbert via Vladimir Druzenko (vvd) on ⎇
sysutils/rundeck: Update 5.17.0 => 5.18.0

Release Notes:
https://docs.rundeck.com/docs/history/5_x/version-5.18.0.html

PR:             291890
Security:       CVE-2025-8916
Security:       CVE-2025-53864
Security:       CVE-2025-59250
Security:       CVE-2025-64756
MFH:            2025Q4
DeltaFile
+3-3sysutils/rundeck/distinfo
+2-2sysutils/rundeck/Makefile
+5-52 files

FreeBSD/ports 062278aaudio/pt2-clone distinfo Makefile

by Emanuel Haupt (ehaupt) on ⎇
audio/pt2-clone: Update to 1.80.1
DeltaFile
+3-3audio/pt2-clone/distinfo
+1-1audio/pt2-clone/Makefile
+4-42 files

NetBSD/pkgsrc-wip c728848. Makefile, go126 PLIST Makefile

by Benny Siegert on ⎇
go126: add go1.26rc1

This is the first Go 1.26 release candidate.
DeltaFile
+14,973-14,498go126/PLIST
+3-7go126/Makefile
+3-6go126/distinfo
+2-2go126/ALTERNATIVES
+1-0Makefile
+14,982-14,5135 files

HardenedBSD/ports 96dec38net/ngrep Makefile

by Shawn Webb on ⎇
HBSD: Resolve merge conflict

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+0-4net/ngrep/Makefile
+0-41 files

HardenedBSD/ports 580d4c1misc/codex distinfo, net/ngrep Makefile

by Shawn Webb on ⎇
Merge remote-tracking branch 'origin/freebsd/main' into hardenedbsd/main

Conflicts:
        net/ngrep/Makefile (unresolved)
DeltaFile
+46-40net/ngrep/files/patch-ngrep.c
+28-34net/ngrep/Makefile
+59-0net/ngrep/files/patch-configure.ac
+0-45net/ngrep/files/patch-Configure.in
+0-39net/ngrep/files/patch-fix-ipv6
+19-9misc/codex/distinfo
+152-16733 files not shown
+295-28239 files

HardenedBSD/ports 7931502graphics/nsxiv Makefile

by Shawn Webb on ⎇
HBSD: Disable PIE for graphics/nsxiv

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+2-0graphics/nsxiv/Makefile
+2-01 files

LLVM/project 7f8f4b4llvm/include/llvm/Support KnownFPClass.h, llvm/lib/Analysis ValueTracking.cpp

by Matt Arsenault on ⎇
Make KnownFPClass::canonicalize not side-effecting
DeltaFile
+16-14llvm/lib/Support/KnownFPClass.cpp
+3-2llvm/include/llvm/Support/KnownFPClass.h
+3-2llvm/lib/Analysis/ValueTracking.cpp
+1-3llvm/lib/Transforms/InstCombine/InstCombineSimplifyDemanded.cpp
+23-214 files

OpenBSD/src gPxDQmysys/arch/luna88k/luna88k machdep.c, sys/arch/m88k/m88k mem.c pmap.c

by miod on ⎇
   last_addr no longer needs to be a global variable.
VersionDeltaFile
1.11+2-2sys/arch/m88k/m88k/mem.c
1.148+2-2sys/arch/luna88k/luna88k/machdep.c
1.95+1-2sys/arch/m88k/m88k/pmap.c
+5-63 files

FreeBSD/src 5819f8busr.sbin/bhyve bhyve.8

by Michael Osipov (michaelo) on ⎇
bhyve.8: Fix consistency and terms in manpage

Correct inconsistent spelling of terms and duplication.

Reviewed by:    ziaee
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D54332
DeltaFile
+34-33usr.sbin/bhyve/bhyve.8
+34-331 files

OpenZFS/src 3c41933cmd/zed/zed.d history_event-zfs-list-cacher.sh.in, contrib/dracut/90zfs mount-zfs.sh.in

by Ivan Shapovalov via Tony Hutter on ⎇
zed.d, contrib: fix shellcheck errors in scripts

Not sure why this was not caught by CI; perhaps my shellcheck is new
enough to catch more things.

Signed-off-by: Ivan Shapovalov <intelfx at intelfx.name>
DeltaFile
+1-1contrib/dracut/90zfs/mount-zfs.sh.in
+1-0cmd/zed/zed.d/history_event-zfs-list-cacher.sh.in
+2-12 files

OpenZFS/src 1e7280ccmd/zfs zfs_main.c

by Ivan Shapovalov via Tony Hutter on ⎇
zfs_main: cosmetic: add missing flag to the comment for create

Signed-off-by: Ivan Shapovalov <intelfx at intelfx.name>
DeltaFile
+1-1cmd/zfs/zfs_main.c
+1-11 files

OpenZFS/src e28d980man/man8 zfs-create.8 zfs-rename.8

by Ivan Shapovalov via Tony Hutter on ⎇
man: cosmetic: fix typos; use consistent spelling for "non-existing"

Signed-off-by: Ivan Shapovalov <intelfx at intelfx.name>
DeltaFile
+1-1man/man8/zfs-create.8
+1-1man/man8/zfs-rename.8
+2-22 files

OpenZFS/src 9880ac3module/zcommon zfs_prop.c

by Ivan Shapovalov via Tony Hutter on ⎇
zvol: cosmetic: fix up `volthreading` property short name

Signed-off-by: Ivan Shapovalov <intelfx at intelfx.name>
DeltaFile
+2-2module/zcommon/zfs_prop.c
+2-21 files

LLVM/project f04b7a5mlir/cmake/modules AddMLIRPython.cmake

by makslevental on ⎇
set VISIBILITY_INLINES_HIDDEN for libMLIRPYthonSupport
DeltaFile
+5-0mlir/cmake/modules/AddMLIRPython.cmake
+5-01 files

FreeBSD/ports b57d881multimedia/ffnvcodec-headers distinfo Makefile

by Alex S via Vladimir Druzenko (vvd) on ⎇
multimedia/ffnvcodec-headers: Update 12.0.16.1 => 13.0.19.0

Commit log:
https://github.com/FFmpeg/nv-codec-headers/compare/n12.0.16.1...n13.0.19.0

PR:     291888
DeltaFile
+3-3multimedia/ffnvcodec-headers/distinfo
+1-1multimedia/ffnvcodec-headers/Makefile
+4-42 files

LLVM/project 72db6ebllvm/include/llvm/Transforms/Utils LoopPeel.h UnrollLoop.h, llvm/lib/Transforms/Scalar LoopUnrollPass.cpp

by Guy David on ⎇
[LoopPeel] Peel last iteration to enable natural-sized load widening

In loop that contain multiple consecutive small loads (e.g., 3 bytes
loading i8s), peeling the last iteration makes it safe to read beyond
the accessed region, enabling a wider load (e.g., i32) for all other
N-1 iterations.

This optimization targets patterns like:
```
  %a = load i8, ptr %p
  %b = load i8, ptr %p+1
  %c = load i8, ptr %p+2
  ...
  %p.next = getelementptr i8, ptr %p, 3
```

Which can be transformed to:
```
  %wide = load i32, ptr %p  ; Read 4 bytes

    [9 lines not shown]
DeltaFile
+617-0llvm/test/Transforms/LoopUnroll/peel-last-iteration-load-widening.ll
+235-1llvm/lib/Transforms/Utils/LoopPeel.cpp
+104-0llvm/test/Transforms/LoopUnroll/peel-last-iteration-load-widening-be.ll
+15-3llvm/lib/Transforms/Scalar/LoopUnrollPass.cpp
+11-1llvm/include/llvm/Transforms/Utils/LoopPeel.h
+2-1llvm/include/llvm/Transforms/Utils/UnrollLoop.h
+984-66 files

HardenedBSD/src 26cc9fclibexec/atrun atrun.man

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/14-stable/main' into hardened/14-stable/master
DeltaFile
+1-1libexec/atrun/atrun.man
+1-11 files

LLVM/project 853b3a7llvm/lib/CodeGen/SelectionDAG DAGCombiner.cpp, llvm/test/CodeGen/AArch64 fp-to-int-to-fp.ll

by Guy David on ⎇
[DAGCombiner] Relax nsz constraint with fp->int->fp optimizations
DeltaFile
+18-124llvm/test/CodeGen/X86/setoeq.ll
+68-0llvm/test/CodeGen/AArch64/fp-to-int-to-fp.ll
+3-2llvm/lib/CodeGen/SelectionDAG/DAGCombiner.cpp
+89-1263 files

LLVM/project 33c51a7llvm/include/llvm/Support KnownFPClass.h, llvm/lib/Analysis ValueTracking.cpp

by Matt Arsenault on ⎇
InstCombine: Handle canonicalize in SimplifyDemandedFPClass

Doesn't try to handle PositiveZero flushing mode, but I
don't believe it is incorrect with it.
DeltaFile
+24-49llvm/test/Transforms/InstCombine/simplify-demanded-fpclass-canonicalize.ll
+73-0llvm/lib/Transforms/InstCombine/InstCombineSimplifyDemanded.cpp
+6-49llvm/lib/Analysis/ValueTracking.cpp
+48-0llvm/lib/Support/KnownFPClass.cpp
+5-0llvm/include/llvm/Support/KnownFPClass.h
+156-985 files

NetBSD/src zOTr1Mrdoc CHANGES-11.0

by snj on ⎇
   add missing PR to ticket 45
VersionDeltaFile
1.1.2.61+2-2doc/CHANGES-11.0
+2-21 files

LLVM/project 4e44e87llvm/test/CodeGen/X86 combine-fma-concat.ll

by Simon Pilgrim via GitHub on ⎇
[X86] Add tests showing failure to concat fma chain which share concatenated operands (#173403)

We often have fma chains that reuse operands down the chain (e.g mathlib
taylor series expansion) - FMA(FMA(X,Y,Z),X,W) etc.

For these cases combineConcatVectorOps fails to account that the same
operands will be concatenated down the recursion chain.
DeltaFile
+69-0llvm/test/CodeGen/X86/combine-fma-concat.ll
+69-01 files

LLVM/project bdc5e66llvm/lib/Target/AMDGPU SIRegisterInfo.td, llvm/test/CodeGen/AMDGPU fmamk_fmaak-t16.mir

by Stanislav Mekhanoshin on ⎇
[AMDGPU] Make VGPR_16_Lo128 allocatable

Allows allocation of V_FMAMK_F16/V_FMAAK_F16 registers in
real true16 mode.
DeltaFile
+12-7llvm/test/CodeGen/AMDGPU/fmamk_fmaak-t16.mir
+1-1llvm/lib/Target/AMDGPU/SIRegisterInfo.td
+13-82 files

LLVM/project 4e057d3llvm/test/CodeGen/AMDGPU fmamk_fmaak-t16.mir

by Stanislav Mekhanoshin on ⎇
[AMDGPU] Add test for v_fmamk_f16/v_fmaak_f16 in real-true16. NFC

This is to display a bug in real true16 mode that we do not have
an allocatable 16-bit VGPR class and these instructions do not
have VOP3 forms for allocatable VGPR_16 to be used. To use these
instructions 'VGPR_16_Lo128' must be allocable.
DeltaFile
+31-0llvm/test/CodeGen/AMDGPU/fmamk_fmaak-t16.mir
+31-01 files

LLVM/project 67f2a22llvm/test/Transforms/InstCombine simplify-demanded-fpclass-canonicalize.ll

by Matt Arsenault via GitHub on ⎇
InstCombine: Add baseline test for canonicalize SimplifyDemandedFPClass (#173188)
DeltaFile
+607-0llvm/test/Transforms/InstCombine/simplify-demanded-fpclass-canonicalize.ll
+607-01 files

LLVM/project 91a9f65libc/src/__support alloc-checker.h

by Kyungtak Woo via GitHub on ⎇
[libc] add missing header to alloc-checker (#173400)

Adding `#include "src/__support/CPP/new.h"` due to align_val_t usage
within alloc-checker.h
DeltaFile
+1-0libc/src/__support/alloc-checker.h
+1-01 files

NetBSD/pkgsrc-wip 469295cgo126 PLIST Makefile, go126/patches patch-src_cmd_dist_build.go patch-src_crypto_x509_root__solaris.go

by Benny Siegert on ⎇
Copy over lang/go125 as wip/go126
DeltaFile
+14,500-0go126/PLIST
+136-0go126/Makefile
+22-0go126/patches/patch-src_cmd_dist_build.go
+21-0go126/patches/patch-src_crypto_x509_root__solaris.go
+18-0go126/patches/patch-src_crypto_x509_root__bsd.go
+17-0go126/patches/patch-src_syscall_syscall__solaris.go
+14,714-06 files not shown
+14,782-012 files