BSD Commit Log Search

graphics/qgis: Update to 3.44.9

3.44.9 is also the new LTR version and was actually intended to replace
3.40.15 (graphics/qgis-ltr) as the LTR version starting with 3.44.8.
Since the 4.0.x versions are “early adopters” and, for example, still
have major issues with most plugins, 3.44.x will continue to be used
for graphics/qgis for a transitional period, and graphics/qgis-ltr will
remain at 3.40.15.

Changelog:      https://github.com/qgis/QGIS/compare/final-3_44_7%5E...final-3_44_8
                https://github.com/qgis/QGIS/compare/final-3_45_8%5E...final-3_44_9

MFH:            2026Q2

[mlir][vector] Constrain broadcast->shape_cast folding (#190230)

Fixes https://github.com/llvm/llvm-project/issues/190614.

Do not fold broadcast->shape_cast when that would result in switching
between the two distinct semantic modes of `vector.broadcast`, as
explained in https://github.com/llvm/llvm-project/issues/190614.

This fixes incorrect-result bugs in IREE:
https://github.com/iree-org/iree/issues/23952

---------

Signed-off-by: Benoit Jacob <benoit.jacob at amd.com>

NAS-140595 / 26.0.0-BETA.2 / fix flaky container network API test (by yocalebo) (#18675)

## Summary

Fix flaky `test_network` container test.

## Changes

- Increased retry budget from 10s to 30s. The container's network stack
(systemd boot → systemd-networkd → DHCP) can take longer than 10s,
especially on busy CI.
- Removed hardcoded subnet assertions (`10.47.214.x`,
`fd42:3656:7be9:e46c:x`) that are specific to one lab environment.
- Replaced with a generic IPv6 check on `eth0` — the two ping assertions
(host + internet) already validate IPv4 connectivity, and this confirms
the container gets an IPv6 address.

Original PR: https://github.com/truenas/middleware/pull/18674

Co-authored-by: caleb <yocalebo at gmail.com>

NAS-140595 / 27.0.0-BETA.1 / fix flaky container network API test (#18674)

## Summary

Fix flaky `test_network` container test.

## Changes

- Increased retry budget from 10s to 30s. The container's network stack
(systemd boot → systemd-networkd → DHCP) can take longer than 10s,
especially on busy CI.
- Removed hardcoded subnet assertions (`10.47.214.x`,
`fd42:3656:7be9:e46c:x`) that are specific to one lab environment.
- Replaced with a generic IPv6 check on `eth0` — the two ping assertions
(host + internet) already validate IPv4 connectivity, and this confirms
the container gets an IPv6 address.

[ssaf][UnsafeBufferUsage] Add JSON serialization for UnsafeBufferUsage (#187156)

Implemented and registered a JSONFormat::FormatInfo for
UnsafeBufferUsage analysis

rdar://171920065

---------

Co-authored-by: Balázs Benics <benicsbalazs at gmail.com>

fix tests

Address review comments

Created using spr 1.3.6-beta.1

[𝘀𝗽𝗿] changes introduced through rebase

Created using spr 1.3.6-beta.1

[skip ci]

security/openssl: Security update to 3.0.20

Security:       c7a52cee-32ab-11f1-9839-8447094a420f
MFH:            2026Q3

security/openssl35: Security update to 3.5.6

Security:       c7a52cee-32ab-11f1-9839-8447094a420f
MFH:            2026Q3

simplify tests

security/vuxml: Document OpenSSL vulnerabilities

[DAG] Use known-bits when creating umulh/smulh. (#160916)

This extends the creation of umulh/smulh instructions to handle cases
where one operand is a zext/sext and the other has enough known-zero or
sign bits to create a mulh. This can be useful when one of the operands
is hoisted out of a loop.

Revert "[Inliner] Put inline history into IR as !inline_history metadata" (#190824)

Reverts llvm/llvm-project#190700

Causes timeouts:
https://github.com/llvm/llvm-project/pull/190700#issuecomment-4198496978

[lldb][NFC] Stop using ConstStrings with BroadcastEventSpec (#190660)

BroadcastEventSpec owns the broadcaster class its configured to listen
for. Broadcasters usually advertise their broadcast class name with
StringRefs so there's no need to put them in the string pool.

The only exception here is SBListener. There are 2 methods that take
`const char *` values. However, that's handled when converting them to
StringRefs.

[CIR] Implement 'zero attr' creation of method (#190819)

This appears quite a bit in some benchmarks, and is seemingly something
we missed at one point. This patch just implements a 'zero-init' of a
pmf.

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

[lldb] Fix ARM STR T1 encoding using subtract instead of add, add test (#188614)

The STR Thumb T1 encoding had add=false instead of add=true, causing the
emulator to compute the store address as Rn - imm rather than Rn + imm.
This contradicts the ARM spec comment directly above.

Add a unit test that verifies the STR T1 encoding stores to the correct
address (base + offset).

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main

Merge branch 'freebsd/main' into hardenedbsd/main

[TestingTools] Add new llvm-testing-tools package (#188888)

This allows for packaging split-file and FileCheck for distribution on
PyPI which will support libc++ wanting to use FileCheck/split-file for
more thorough testing.

[mlir][OpenMP] Rename omp.taskloop to omp.taskloop.wrapper (#188071)

Rename the loop wrapper operation to better distinguish it from the
context op (omp.taskloop.context), which handles outlining and runtime
calls. The new name makes the role of each operation clearer at a
glance.

RFC:
https://discourse.llvm.org/t/rfc-openmp-alloca-placement-for-openmp-loop-wrappers/89512/7

Patch 3/3

Assisted-by: Copilot, Claude Sonnet 4.6

sysutils/zellij: Update to 0.44.1

sysutils/zellij: Update to 0.44.1

[lldb][test] Fix dsym-auto-load-modules-multiple.test (#190826)

We were compiling without debug-info causing the test to fail on macOS.
This was a silly oversight because I was mainly working on Linux when
working on the last iterations of the patch that added this test.

draid: allow seq resilver reads from degraded vdevs

When sequentially resilvering allow a dRAID child to be read
as long as the DTLs indicate it should have a good copy of the
data and the leaf isn't being rebuilt.  The previous check was
slightly too broad and would skip dRAID spare and replacing
vdevs if one of their children was being replaced.  As long
as there exists enough additional redundancy this is fine, but
when there isn't this vdev must be read in order to correctly
reconstruct the missing data.

A new test case has been added which exhausts the available
redundancy, faults another device causing it to be degraded,
and then performs a sequential resilver for the degraded device.
In such a situation enough redundancy exists to perform the
replacement and a scrub should detect no checksum errors.

Reviewed-by: Alexander Motin <alexander.motin at TrueNAS.com>
Reviewed-by: Andriy Tkachuk <andriy.tkachuk at seagate.com>

    [2 lines not shown]

www/forgejo-lts: Fix PAM authentication

Add an upstream patch which addresses an issue with PAM authentication.

MFH:            2026Q2
(cherry picked from commit 03e64fdb33630ac048b1140c1538226e75c2a670)

www/forgejo: Fix PAM authentication

Add an upstream patch which addresses an issue with PAM authentication.

MFH:            2026Q2
(cherry picked from commit 2b64940408072efce43c002eaa5120e874fa56d9)

[mlir][OpenMP] Don't allow loop bounds/step from inside the task

The omp.taskloop.context region represents what goes inside the outlined
task function. The loop bounds must be passed to the OpenMP runtime call
for taskloop and so this cannot be supported in general.

In a follow up patch I will re-allow pure operations because sinking
constants inside of the tasklooop context will be useful for something
else I am prototyping.

Assisted-by: codex