BSD Commit Log Search

[GlobalISel]Allow mixing fixed and scalable vectors for G_INSERT_SUBVECTOR and G_EXTRACT_SUBVECTOR (#198012)

Allow `G_INSERT_SUBVECTOR` and `G_EXTRACT_SUBVECTOR` to
be used with a scalable and a fix length vector types, similar to the
OP's SelectionDAG version.

strip op and pass names

databases/postgresql??-*: Upgrade to latest version

The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 18.4, 17.10, 16.14, 15.18,
and 14.23. This release fixes 11 security vulnerabilities and over 60
bugs reported over the last several months.

Release notes:  https://www.postgresql.org/docs/release/

PostgreSQL 14 EOL Notice

PostgreSQL 14 will stop receiving fixes on November 12, 2026. If you are
running PostgreSQL 14 in a production environment, we suggest that you
make plans to upgrade to a newer, supported version of PostgreSQL.
Please see our versioning policy for more information.

Security:       7185ecc9-4fb7-11f1-bc50-6cc21735f730
                CVE-2026-6472, CVE-2026-6473, CVE-2026-6474,
                CVE-2026-6475, CVE-2026-6476, CVE-2026-6477,

    [3 lines not shown]

[clang][SYCL] Enable possibility for device-only calling convention (#198479)

After 94ca49099ef77751a33e4babe41b2ae03ff228e1 DPC++ downstream
experienced failures. This happened because it has a calling convention
attribute that applies calling convention valid only for device targets
which given SYCL model is quite unusual and was not expected by
94ca49099ef77751a33e4babe41b2ae03ff228e1 . Even though there is no
device-only calling conventions, we should not prevent a possibility for
it. So this patch preserves the semantics of the device over those of
the host while also preserving device side diagnostics if they are less
severe than the host.

strip op and pass names

   Added misc/py-tibs; Updated devel/py-hypothesis, devel/py-bitstring

   py-bitstring: updated to 4.4.0

   4.4.0

   This version adds a new optional Rust-based backend. This is turned off by default so
   shouldn't affect users. The new backend uses the `tibs` library, which is
   by the same author as `bitstring` and should allow some nice optimisations as
   the whole stack can work together.

   py-tibs: added version 0.7.0

   tibs is a simple but powerful Python library for creating, interpreting and
   manipulating binary data. It is 100% written in Rust to give it excellent
   performance, and is from the same author as the bitstring library.

   py-hypothesis: updated to 6.152.9

   6.152.9
   This release substantially improves our internal distribution for
   generating integers. This release has the most visible effect on
   "integers()", but may incidentally improve other strategies which draw
   integers internally.

   Our integers distribution had two problems. First, it had jagged
   discontinuities at certain values where we switched sampling
   approaches. Second, it used a different distribution for bounded and
   unbounded ranges, which resulted in "st.integers()" and
   "st.integers(-264, 264)" producing very different distributions
   despite being semantically similar.

   We now use a smooth distribution for both "st.integers()" and
   "st.integers(a, b)", which fixes both of these issues. This should
   substantially improve our testing power in certain cases.


    [4 lines not shown]

news/inn{-current}: Run nnrpd rc.d as news user

nnrpd supports priv drop internal, but it also supports innbind
escalation.  Since the docs show 'su news', prefer the innbind path when
we need a privileged port number.

[cmake][runtimes] Pass variable type for passthrough CMake options (#198505)

Passing the types affects the handling of `PATH` cache variables.
The motivating case is setting `COMPILER_RT_INSTALL_LIBRARY_DIR` without `CMAKE_BINARY_DIR` getting prepended to it.

x11/kitty: Update to 0.47.0

ChangeLog:      https://sw.kovidgoyal.net/kitty/changelog/#detailed-list-of-changes
Reported by:    Kovid Goyal <notifications at github.com>

   properly support WSATTR_HILIT

news/inn{-current}: Add a dedicated nnrpd rc.d

While inn typically registers port 119 and handles spawning nnrpd for
reader connections, it is customary to run TLS-only nnrpd on port 563:
https://www.eyrie.org/~eagle/software/inn/docs/nnrpd.html#S4

Provide an nnrpd rc.d script for this purpose.  This requires innd for
start but is otherwise decoupled.  The admin should be aware that i.e.
stopping innd will disrupt posting.

Implement saturating fp to int

Implement floating-point comparisons

Implement integer comparisons and `G_SELECT`

Implement `COPY`

interfaces: a few "foreach ($config" iterations switched to config_read_array()

Captive Portal: remove redirection on HTTPS, ditch non-functional pass statement as well

In theory, clients only use HTTP to detect the presence of a portal.
If they were to use HTTPS, the 302 redirect would in most cases
not be accessible, as the certificate presented is most likely not
valid, cutting off the communication before any redirect to a login
page can happen.

The portal itself can and should remain accessible on HTTPS, as this
is the URL the redirect is pointing to. This may be attached to a
valid certificate as well, but the key point is that access to
this URL doesn't strictly need redirection for everything on port
443.

This should prevent clients opening bogus connections to the
captive portal, which consumes a lot of TLS traffic on the network
stack, bogging down lighttpd in bigger setups and creating
a lot of established states in pf.


    [2 lines not shown]

ipsec: move swanctl.conf download button to the tab

This aligns with the aliases actions tab.

devel/gumbo: Switch to meson and add TEST option

The autotools support from upstream is deprecated.

PR:             295323
Sponsored by:   UNIS Labs

   Add missing build dependency on x11/qt6/pyside6/shiboken_generator

   OK jtt@, spotted by aja and tb

Reporting: Traffic - add Max on Y axis for traffic graphs, closes https://github.com/opnsense/core/pull/10277

(cherry picked from commit 6d94603bb92dc6fb25ed9038230b53bacad153b8)

bootgrid: replace 'append' with 'replace' for ajax: false grids

Noticed while documenting.

replaceData() is a lot more performant through Tabulator, and since
there are only 3 callers and all of them expect a clear before
updating any data, use a replace instead.

In time these pages should use the default search endpoint anyway,
but this requires an API change.

make sure to keep the append() function for compatibility

(cherry picked from commit d8b07eb02eba635fc253a948b7800cfa40a2be60)

bootgrid: clean up converter compatibility code

Only other consumer is Nginx in plugins, but worst case scenario
these timestamps will render as... timestamps, which in that form
are sortable anyway. It's likely this was throwing an error anyway

The "sorters" weren't actually accounted for in the compat
translation, so this wasn't overridable. Fix this here.

(cherry picked from commit a7ec18550d8cbb4b2a750a5860c3da52bd1d81d7)

ui: clean up useRequestHandlerOnGet usage

This has no use anymore with the current bootgrid code. If a
handler should be overridden, simply defining the function is enough

(cherry picked from commit 4a67e91f0b32f78a2a4de2a792ffba0da4a4e2d2)

Services: Kea DHCPv6: Clean up allocator and pd-allocator terminology (#10330)

(cherry picked from commit 0bd232447b7dfafcd696ec083207188f4848d523)

Services: Kea DHCP: Kea DHCPv4 - add subnet allocator field (#10327)

(cherry picked from commit 6188aa8902429ea7ff690744799df8c32562ac9c)
(cherry picked from commit 153818d94babffcfb9a2c01933673cc109723939)

Services: Kea DHCPv4/6: Add decline_probation_period and set lower default to mitigate faulty client implementations to consume the whole pool (#10294)

* Services: Kea DHCPv4/6: Add decline_probation_period and set lower default to mitigate faulty client implementations to consume the whole pool.

* Use isSet() since 0 is allowed

(cherry picked from commit b80995f2135476b7fbeb2f650d74eebca55ad5b3)