OPNSense/core 6e4cbcesrc/opnsense/www/js opnsense_bootgrid.js

bootgrid: limit maintaining scroll position to inplace=true, continuation of 75e60e8

This shouldn't be the default behavior, as a "refresh" would also
maintain scrolling position.

(cherry picked from commit e67ea610853257814b6f9f543a7ed70e26d47654)
DeltaFile
+3-3src/opnsense/www/js/opnsense_bootgrid.js
+3-31 files

OPNSense/core e67ea61src/opnsense/www/js opnsense_bootgrid.js

bootgrid: limit maintaining scroll position to inplace=true, continuation of 75e60e8

This shouldn't be the default behavior, as a "refresh" would also
maintain scrolling position.
DeltaFile
+3-3src/opnsense/www/js/opnsense_bootgrid.js
+3-31 files

OPNSense/core 7c8bda9src/opnsense/scripts/wireguard wg-service-control.php

wireguard: sprint clean related to #10094
DeltaFile
+19-18src/opnsense/scripts/wireguard/wg-service-control.php
+19-181 files

LLVM/project b12d54dllvm/lib/Transforms/Scalar LoopIdiomRecognize.cpp, llvm/test/Transforms/LoopIdiom non-integral-pointers.ll

[CHERI] Refine LoopIdiomRecognize handling of stable representation non-integral pointers. (#189402)

This makes two changes:
- memset can be formed from stores of null pointers, even if they are
non-integral. Null pointers are already assumed to be equivalent to the
all-zeros bit pattern, and it's not the goal of non-integral pointer
support to change that assumption.
- memcpy can be formed from copies of non-integral pointers. We assume
if the environment provides a memcpy implementation for a non-integral
pointer address space, then that memcpy is non-integral pointer aware.

These changes are not applied to pointers with unstable representation.
DeltaFile
+104-8llvm/test/Transforms/LoopIdiom/non-integral-pointers.ll
+15-5llvm/lib/Transforms/Scalar/LoopIdiomRecognize.cpp
+119-132 files

LLVM/project d4a20e7libc/src/__support/OSUtil/linux/syscall_wrappers connect.h CMakeLists.txt, libc/src/sys/socket connect.h

[libc] Implement connect(2) on linux (#189668)

I'm using the new syscall wrapper framework, and enabling the entry
point for x86_64, aarch64 and riscv. The associated test currently only
checks for the error code. Once we have listen&accept (which I'm
probably going to tackle next), we can test that the two can talk to
each other.
DeltaFile
+68-0libc/test/src/sys/socket/linux/connect_test.cpp
+48-0libc/src/__support/OSUtil/linux/syscall_wrappers/connect.h
+31-0libc/src/sys/socket/linux/connect.cpp
+23-0libc/src/sys/socket/connect.h
+20-0libc/test/src/sys/socket/linux/CMakeLists.txt
+15-0libc/src/__support/OSUtil/linux/syscall_wrappers/CMakeLists.txt
+205-05 files not shown
+229-011 files

LLVM/project 5c6ad65flang/lib/Optimizer/Transforms StackArrays.cpp, flang/test/Transforms stack-arrays-block-cfg-scope.fir stack-arrays-nested-scope.fir

[flang] Fix stack-arrays pass moving alloca across stackrestore scope (#184727)

When a operand is shared between two fir.allocmem ops in different
stacksave/stackrestore scopes, findAllocaInsertionPoint() placed both
allocas at the operand definition site inside the first scope. The first
stackrestore then reclaimed both, leaving the second call with a
dangling pointer.

Add a check for intervening stackrestore ops between the last operand
and the allocmem. If one is found, fall back to the allocmem's own
location, matching the existing bail-out for cross-block operands.

Fixes: https://github.com/llvm/llvm-project/issues/178812
DeltaFile
+42-0flang/test/Transforms/stack-arrays-block-cfg-scope.fir
+41-0flang/test/Transforms/stack-arrays-nested-scope.fir
+37-1flang/lib/Optimizer/Transforms/StackArrays.cpp
+33-0flang/test/Transforms/stack-arrays-scope.f90
+153-14 files

FreeBSD/ports bcdb07dnet-p2p/bazarr pkg-plist distinfo

net-p2p/bazarr: Update 1.5.4 => 1.5.6

Changelog:
https://github.com/morpheus65535/bazarr/releases/tag/v1.5.5
https://github.com/morpheus65535/bazarr/releases/tag/v1.5.6

PR:             294291
Security:       CVE-2024-40348
Sponsored by:   UNIS Labs
MFH:            2026Q2

(cherry picked from commit 24aae72732b36e6de66728afea00dc27ffc46000)
DeltaFile
+9-12net-p2p/bazarr/pkg-plist
+3-3net-p2p/bazarr/distinfo
+1-1net-p2p/bazarr/Makefile
+13-163 files

OpenBSD/src gj6emcqsys/arch/riscv64/dev smtcomphy.c

   Add PCIe PHY support.

   ok mlarkin@, deraadt@
VersionDeltaFile
1.2+107-4sys/arch/riscv64/dev/smtcomphy.c
+107-41 files

OpenBSD/src 01b5MNlsys/arch/riscv64/dev smtclock.c

   Add a few more PCIe related clocks and resets.

   ok mlarkin@, deraadt@
VersionDeltaFile
1.3+25-1sys/arch/riscv64/dev/smtclock.c
+25-11 files

NetBSD/pkgsrc-wip 7a3b417emacs-git PLIST

emacs-git: update PLIST
DeltaFile
+2-0emacs-git/PLIST
+2-01 files

FreeBSD/ports 24aae72net-p2p/bazarr pkg-plist distinfo

net-p2p/bazarr: Update 1.5.4 => 1.5.6

Changelog:
https://github.com/morpheus65535/bazarr/releases/tag/v1.5.5
https://github.com/morpheus65535/bazarr/releases/tag/v1.5.6

PR:             294291
Security:       CVE-2024-40348
Sponsored by:   UNIS Labs
MFH:            2026Q2
DeltaFile
+9-12net-p2p/bazarr/pkg-plist
+3-3net-p2p/bazarr/distinfo
+1-2net-p2p/bazarr/Makefile
+13-173 files

OPNSense/core 78c691fsrc/opnsense/www/js opnsense_bootgrid.js

bootgrid: maintain scrolling position for both datatree and command actions. Closes https://github.com/opnsense/core/issues/9151

The usage of scrollToRow has been considered, but this contains
too much magic causing all kinds of jumps in scroll position,
causing a user to lose track of the changes they made. The only
downside to this is that when a datatree is expanded at the bottom
of a grid, the associated rows aren't immediately visible until
manually scrolled to.

(cherry picked from commit 75e60e85194e7f2bf7e20e3891743ce801e05820)
DeltaFile
+14-2src/opnsense/www/js/opnsense_bootgrid.js
+14-21 files

OPNSense/core d6f9433src/opnsense/www/js/widgets Disk.js Memory.js

dashboard:gauge improvements (#10063)

Closes: #8356

*Makes the disk widget become table/bars from grid 2 size onwards
*Adds disk free/used size on the gauge
*Removes parentheses from the memory widget

---------

Co-authored-by: Fabian Rodriguez <317514+MagicFab at users.noreply.github.com>
(cherry picked from commit 7f3bcf5b787145b7cf185854758c3cddefdf1971)
DeltaFile
+13-1src/opnsense/www/js/widgets/Disk.js
+1-1src/opnsense/www/js/widgets/Memory.js
+14-22 files

OPNSense/core 0e999ccsrc/opnsense/mvc/app/views/layout_partials base_apply_button.volt, src/opnsense/www/js opnsense_bootgrid.js

bootgrid: automatic grid height calculation (#10011)

(cherry picked from commit 40a6243a3183dbba563aa551b45f9e237f95efd1)
(cherry picked from commit 2edab3dbff3ee07a1439429b6963a71bf708687e)
(cherry picked from commit 92fa22970b40789fa7479222213cf9cfcfd744f1)
DeltaFile
+71-50src/opnsense/www/js/opnsense_bootgrid.js
+0-4src/opnsense/www/themes/opnsense-dark/build/css/main.css
+0-4src/opnsense/www/themes/opnsense/build/css/main.css
+1-1src/opnsense/mvc/app/views/layout_partials/base_apply_button.volt
+72-594 files

OpenBSD/src wzezwn9sys/dev/pci pcireg.h

   Add ASPM bits for PCIe link capabilities register.

   ok mlarkin@, deraadt@
VersionDeltaFile
1.64+3-1sys/dev/pci/pcireg.h
+3-11 files

LLVM/project 0e150b6clang/docs ReleaseNotes.rst

Add a missing release note for the fix #188246 (#190746)
DeltaFile
+1-0clang/docs/ReleaseNotes.rst
+1-01 files

LLVM/project c6187d5offload/cmake/Modules LibomptargetGetDependencies.cmake, offload/plugins-nextgen/level_zero CMakeLists.txt

[OFFLOAD][L0] Remove dependence from level zero headers for dlopen build (#189120)

Adds the subset of the Level Zero headers necessary to compile the
plugin when built with dlopen support.

Disclaimer: The headers were mostly generated by Claude.
DeltaFile
+807-0offload/plugins-nextgen/level_zero/dynamic_l0/level_zero/ze_api.h
+0-170offload/plugins-nextgen/level_zero/src/L0DynWrapper.cpp
+170-0offload/plugins-nextgen/level_zero/dynamic_l0/L0DynWrapper.cpp
+72-0offload/plugins-nextgen/level_zero/dynamic_l0/level_zero/zes_api.h
+16-4offload/plugins-nextgen/level_zero/CMakeLists.txt
+0-9offload/cmake/Modules/LibomptargetGetDependencies.cmake
+1,065-1831 files not shown
+1,065-1877 files

OPNSense/core e6f10adsrc/opnsense/www/js tabulator.min.js tabulator.min.js.map

bootgrid: upgrade Tabulator to version 6.4.0

(cherry picked from commit 5c71f09cc5947903439bd7fc3839fd8f75045ab4)
DeltaFile
+2-2src/opnsense/www/js/tabulator.min.js
+1-1src/opnsense/www/js/tabulator.min.js.map
+3-32 files

OPNSense/core 1799985src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.xml KeaDhcpv6.xml

Services: Kea: DHCPv4/v6: Use SetConstraint for match_data to allow 0 as valid value (#10035)

(cherry picked from commit 7933d1bc3f0d8b8d9944160e8e24529ceb111291)
(cherry picked from commit d21ce0604318db4c876453e3ac9116ee23922ccf)
DeltaFile
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+6-62 files

OPNSense/core 44a7a32Scripts dashboard-acl.sh

Scripts: widgets without endpoint access exist now

(Likely the right fix: just print as informational message)

(cherry picked from commit 4d3601d5ca9bf56ac852ad6cd9e120ee6f52fbd3)
DeltaFile
+1-1Scripts/dashboard-acl.sh
+1-11 files

OPNSense/core 0ea77c6src/opnsense/mvc/app/views/layout_partials base_bootgrid_table.volt

bootgrid: set visibility hidden for base_bootgrid_table

Since the structure is used to initialize the bootgrid, we shouldn't render
the original structure possibly causing a flash of content.

(cherry picked from commit 9861da22a25bed9dedb5d577bc38d9bc7ed381a4)
DeltaFile
+1-1src/opnsense/mvc/app/views/layout_partials/base_bootgrid_table.volt
+1-11 files

OPNSense/core 3def88dsrc/opnsense/site-python duckdb_helper.py

unbound: limit duckdb to a single thread in write mode to reduce logger memory usage

After some testing, it seems the duckdb python API has a tendency to
leak (up to a cap), which seems to be mitigated when we limit to a single thread.
Further testing shows that the single logger.py process doesn't
use parallelization when appending dataframes to the db instance
and as such multiple threads are useless to begin with. The heavier
actions are the read actions, which are separate short-lived processes
and do not suffer from the same issue and likely do require duckdb
parallelism to perform properly, so apply the single thread only to
writers.

(cherry picked from commit 5e781d8321e7b10b0b627bd1e2917cd23a343830)
DeltaFile
+2-0src/opnsense/site-python/duckdb_helper.py
+2-01 files

OPNSense/core 883b1e2src/opnsense/scripts/shell firmware.sh

Fix typo in firmware: fetching changelog message (#10079)

(cherry picked from commit eb8e1ff97d1e95f52a30f094d6fb1682671948e2)
DeltaFile
+1-1src/opnsense/scripts/shell/firmware.sh
+1-11 files

OPNSense/core 40eab23src/opnsense/scripts/firmware check.sh

firmware: repeat the update after pkg reinstall

It appears that the package manager lost a number of tricks
over the years so now we add more manual labor to do what
we expect of it.

(cherry picked from commit c0d5331e1fe7d974a8a153b9d67239b4c3d251a0)
DeltaFile
+2-1src/opnsense/scripts/firmware/check.sh
+2-11 files

OPNSense/core 8e630bfsrc/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt nat_rule.volt

Firewall: Rules [new] - change category sorting using names instead of counted rules to align with interface sorting now, for https://github.com/opnsense/core/issues/9719

(cherry picked from commit 41f808613ac91125df259a2af4b1fb23f34103b5)
DeltaFile
+0-9src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+0-8src/opnsense/mvc/app/views/OPNsense/Firewall/nat_rule.volt
+0-172 files

OPNSense/core 7f681cbsrc/opnsense/mvc/app/views/OPNsense/Diagnostics log.volt

system: compress height of the log viewer grid

(cherry picked from commit 2475c5389fc6838f4e5d4d2b9518b74d9836c471)
(cherry picked from commit daefb179cbab05bd80b845a54f78bced0547a30e)
DeltaFile
+9-17src/opnsense/mvc/app/views/OPNsense/Diagnostics/log.volt
+9-171 files

OPNSense/core d8e9ce7src/opnsense/mvc/app/library/OPNsense/System/Status CaptivePortalStatus.php, src/opnsense/mvc/app/views/OPNsense/CaptivePortal clients.volt

Captive portal: IPv6 support (#9745)

Co-authored-by: Alex Goodkind <alex at goodkind.io>

(cherry picked from commit 369630dbd35c0acacc7384aa997f553fdc6ca91a)
(cherry picked from commit 5b07e0917484b90d0e9411c5e2c4f8ed5a07b8c7)
(cherry picked from commit 2ac18ce7e872dcc3db86412708ec4250e47beeeb)
(cherry picked from commit cff0e8d70a9269d8815a0b3b03a4e4e74bac5408)
(cherry picked from commit 6f00e1e3250e2896b726d0cf5046fd77b71438e4)
(cherry picked from commit da2c0bdab340d7bdc536028398299b4051b1eaa9)
(cherry picked from commit e5effd403d42cdab2839eefba75ab7f8bd788a45)
DeltaFile
+385-142src/opnsense/scripts/captiveportal/lib/db.py
+55-56src/opnsense/scripts/captiveportal/lib/arp.py
+41-31src/opnsense/scripts/captiveportal/cp-background-process.py
+56-0src/opnsense/mvc/app/library/OPNsense/System/Status/CaptivePortalStatus.php
+42-8src/opnsense/mvc/app/views/OPNsense/CaptivePortal/clients.volt
+25-12src/opnsense/service/templates/OPNsense/Captiveportal/lighttpd-zone.conf
+604-24914 files not shown
+733-28220 files

OPNSense/core afb11ecsrc/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseField.php BaseListField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes NetworkFieldTest.php TextFieldTest.php

mvc: BaseField: add setValues() for generic use

A small follow-up to make setValues() work like getValues()
including stripping empty values.  Works from everywhere now
and adds a few tests in order to make sure it will keep working.

(cherry picked from commit aefe80cdd8168f26401ab85456c6632c6a259830)
(cherry picked from commit 0f092c3d7d558fdae0925bc36fea616473277369)
DeltaFile
+12-1src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/NetworkFieldTest.php
+9-2src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/TextFieldTest.php
+10-0src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseField.php
+10-0src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseListField.php
+6-1src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/AuthGroupFieldTest.php
+6-1src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+53-56 files

OPNSense/core ae94a0fsrc/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes IPsecProposalField.php

ipsec: Adding 4 Insecure proposals (#10062)

Signed-off-by: Bjoern Jakobsen <Bjoern.Jakobsen at lrz.de>
(cherry picked from commit 56ea14fd0bdbc44f5f00f1b0b014761ad962f731)
DeltaFile
+4-0src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php
+4-01 files

OPNSense/core 4298f0e. plist, src/opnsense/mvc/app/models/OPNsense/Base/Constraints SetConstraint.php DependConstraint.php

mvc: add SetConstraint for #10029

(cherry picked from commit 292a7889b6b0a9856eda7c37638fe290304f6a2c)
(cherry picked from commit ae57fade09abae7767466638a3a04a9c5c609efa)
DeltaFile
+63-0src/opnsense/mvc/app/models/OPNsense/Base/Constraints/SetConstraint.php
+28-29src/opnsense/mvc/app/models/OPNsense/Base/Constraints/DependConstraint.php
+38-0src/opnsense/mvc/tests/app/models/OPNsense/Base/BaseModelTest.php
+20-0src/opnsense/mvc/tests/app/models/OPNsense/Base/BaseModel/TestModel.xml
+5-2src/opnsense/mvc/app/models/OPNsense/Base/Constraints/SetIfConstraint.php
+1-0plist
+155-316 files