BSD Commit Log Search

www/caddy-custom: Remove ntml-transport plugin (#502)

math/R-cran-pls: Update to 2.9-0

Reported by:    portscout

www/caddy-custom: Remove ntml-transport plugin

postgresql-pgvector: Add reference to CVE-2026-3172

opensips: Add reference to CVE-2026-25554

[LV] Fix miscompile with conditional scalar assignment + tail folding (#182492)

Previously, we could miscompile when vectorizing conditional scalar
assignments with forced tail folding, as the backedge select could be
based on the header mask, not the assignment conditional.

This resulted in a number of failures in the LLVM test suite when
building with `-O3 -march=armv8-a+sve -mllvm
-prefer-predicate-over-epilogue=predicate-dont-vectorize`.

The patch reworks `handleFindLastReductions()` to correctly handle tail
folding.

www/caddy: Remove NTML support and cleanup service control (#5258)

* www/caddy: Remove NTML plugin as it causes issues with service control that can not worked around with anymore.

The NTML plugin and caddy core diverged too much and its considered unmaintained. While there clean up all service control workarounds that were implemented.
Since removing the service control (caddy_control.py) script would make it hard to somehow funnel caddyfile validation in, this has been removed too.
Our input is heavily validated so the Caddyfile will be valid in almost all cases, and in cases its not the log will show the error.

dnsmask: use "Dnsmasq" consequently

(cherry picked from commit eb02f720dfb47f7a137de705422fab0aa8a90098)

dnsmask: use "Dnsmasq" consequently

Merge pull request #5259 from fraenki/plugins_5123

security/acme-client: fix buttons not working

interfaces: protect device reads against forcing empty "arrays" into $config

(cherry picked from commit 39dc18d580f71df1caf5b30394c171d49271e4bb)

shell: initial port configuration DHCP setting using new config access functions

system: adapt web GUI certificate renew using new config access function

[libc] Use response files for hdrgen entry points (#183267)

This avoids the build failure when the command line ends up being too
long which can be especially problematic on Windows.

Fixes #182374

shell: adapt DHCP address setup for new config access functions

[X86] Handle VPMADD52L for smaller min-legal-vector-width (#183250)

There is crash as below https://godbolt.org/z/qdE1EE4Y9, After
https://github.com/llvm/llvm-project/pull/171760 .
```
ReplaceNodeResults: t32: v8i64 = X86ISD::VPMADD52L t10, t22, t2
Do not know how to custom type legalize this operation!
```
For ```"min-legal-vector-width"="512"```, it works fine, but for smaller
value it is crash.

www/py-django-photologue: Fix stage QA

* This was overlooked in 21900d66eda3 and was then noticed
  retrospectively during a bulk run after stage QA was extended in
  f35f902eb8f1:

[...]
====> Running Q/A tests (stage-qa)
Error: Python package installs top-level 'scripts/' directory in site-packages
Error:   Location: lib/python3.11/site-packages/scripts
[...]

* Bump PORTREVISION due changed package contents.

Approved by:    portmgr (build fix blanket)
Fixes:  21900d66eda3 www/py-django-photologue: Update to 3.18

devel/py-yamlloader: New port

This module provides loaders and dumpers for PyYAML.

Currently, an OrderedDict loader/dumper is implemented, allowing to keep
items order when loading respective dumping a file from/to an
OrderedDict.

(Python 3.8+: Also regular dicts are supported and are the default items
to be loaded to.  As of Python 3.7 preservation of insertion order is a
language feature of regular dicts.)

This project was originally mirrored from "yamlordereddict" and contains
several improvements including automated testing and the much faster
C-versions of the Loaders/Dumpers.

   pkg-vulnerabilities: re-add last week CVEs

   Redo commit 1.737 properly without deleting comments.

   + KeePass,
     SOGo (no upstream and/or further details, assume not fixed),
     admesh (not fixed),
     apache-tomcat, caddy, calibre, chromium,
     clamav (no upstream information, assume not fixed),
     coturn, curl, dropbear, erlang, ffmpeg, gimp, grafana,
     gsoap (no upstream information, assume not fixed),
     hdf5, janet, jenkins,
     libde265 (fixed upstream, latest stable release 1.0.16 affected),
     libjxl,
     libsixel (fixed upstream, latest stable release 1.8.7 affected),
     libsoup,
     libvips (fixed upstream, latest stable release 8.18.0 affected),
     metabase,
     minisat (not fixed),

    [13 lines not shown]

   pkg-vulnerabilities: revert to 1.736

   1.737 accidentally added most comments.

   Thanks to <wiz>!

firewall: clean up for the cleanup in 0c3a937cc

Ideally "inet46" should be removed to no negative effect.  At the
moment it creates two rules for its users but in practice that's
only for two auto-generated rules that are very likely fine either
way.

Address comments 1

Removed:
Flags.setNoSignedZeros(true);

Because technically the produced result can be a signed zero, it just
does not matter.

*/*: bump portrevision after java_default=21 update

PR:     272855

   py-peewee: remove patch that was removed from distinfo during update

Mk/bsd.default-versions.mk: bump java default to 21

After an extensive time of testing OpenJDK 21 LTS is now the default
java version on FreeBSD.
Some major ports already used Java 21 and some olders ports are now
pinned to OpenJDK 8 or other versions.

For armv6/armv7 OpenJDK 11 is the latest version with support
for these platforms on FreeBSD.

Thanks to everybody involved in making Java a vivid environment on
FreeBSD.

PR:     272855
Relnotes:       yes

   Improve the discussion about "tmppath"
   feedback from various people based upon my first attempts.

[ARM] Add sli / sri codegen tests. NFC

These ones are taken from the AArch64 equivalent tests.

   pledge "tmppath" goes away because it sucks.  The history is kind of
   sad:  unveil(2) was invented by Bob Beck and myself because a couple
   of us struggled and couldn't expand the "tmppath" mechanism to general use.
   unveil(2) ended up being kind of "upside down" different, and so we never
   deleted "tmppath" because the refactorings seemed complicated.
   However over the last two weeks, we're removed all the "tmppath" in base
   pretty easily, and the 18 ports using it have also been fixed.
   The majority of situations now use unveil "/tmp" "rwc", unveil "/" "r" or
   similar, and then pledge "rpath wpath cpath", and this is generally needed
   to satisfy the mkstemp(3) family of functions in libc.
   Use of "tmppath" will now cause pledge(2) to return EINVAL.  There is
   no backwards compatible way of mimic the behaviour correctly using
   kernel-internal unveil hackery.
   Prompted by a report from David Leadbeater; and extensive conversations
   with beck and semarie.

lib/libnetbsd: bring in `__type_m{ax,in}*` macro family

These macros are used by some of the NetBSD tests which calculate the
size of types, e.g., `__type_max(time_t)`.

This wraps up the set of macros needed in order to update to the a
netbsd-tests snapshot from this past month.

Obtained from:  https://github.com/netbsd/src (55b4b44)
MFC after:      1 week

[TargetLowering][RISCV] Disable the special illegal type expansion of ISD::AVGFLOORU on RV32 (#181073)

RISC-V doesn't have a carry flag which makes the UADDO expansion
expensive to emulate.

I've disabled the code by checking if UADDO is not supported for the
type that will be legalized too. Unfortunatley, we have custom lowering
of UADDO on RV64 so this doesn't disable this code there.