py-ksef2: update to 0.8.1
ECDSA / EC key support for XAdES authentication
Qualified certificates issued by MCU (Ministerstwo Cyfryzacji) use EC keys (secp256r1).
Previously the SDK would raise TypeError: Expected RSA private key, got EllipticCurvePrivateKey
when loading such certificates. This release adds full EC key support alongside the existing RSA path.
Changes:
load_private_key_from_pem now accepts both RSA and EC private keys
load_certificate_and_key_from_p12 now accepts both RSA and EC private keys
sign_xades automatically selects ECDSA-SHA256 for EC keys and RSA-SHA256 for RSA keys — no extra configuration needed
No breaking changes — existing RSA-based code continues to work without modification.
security/zeek: Do not remove state.db on pkg remove
Klemens Nanni reported that "pkg upgrade zeek" was breaking zeekctl
in a cluster installation. Testing showed this was also true for
standalone.
The pkg-message already advises the user that they may need to
manually remove state.db.
Reported by: Klemens Nanni
security/zeek: Do not remove state.db on pkg remove
Klemens Nanni reported that "pkg upgrade zeek" was breaking zeekctl
in a cluster installation. Testing showed this was also true for
standalone.
The pkg-message already advises the user that they may need to
manually remove state.db.
Reported by: Klemens Nanni
InstCombine: Fold absorbing fmul of compared 0 into select (#172381)
This is similar to the select-bin-op identity case, except
in this case we are looking for the absorbing value for the
binary operator.
If the compared value is a floating-point 0, and the fmul is
implied to return a +0, put the 0 directly into the select
operand. This pattern appears in scale-if-denormal sequences
after optimizations assume denormals are treated as 0.
Fold:
```
%fabs.x = call float @llvm.fabs.f32(float %x)
%mul.fabs.x = fmul float %fabs.x, known_positive
%x.is.zero = fcmp oeq float %x, 0.0
%select = select i1 %x.is.zero, float %mul.fabs.x, float %fabs.x
[12 lines not shown]
[ProfCheck] Exclude bitcode tests
These tests fail due to inserted function entry count annotations. Just
exclude them for now given they aren't actually running any passes.
Merge tag 'cocci-7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux
Pull coccinelle updates from Julia Lawall:
"This simplifies and clarifies the handling of output generated by
Coccinelle that is sent to standard error.
By default, this goes to /dev/null. Remind the user of that and
encourage them to provide another file name (Benjamin Philip)"
* tag 'cocci-7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux:
Documentation: Coccinelle: document debug log handling
scripts: coccicheck: warn on unset debug file
scripts: coccicheck: simplify debug file handling
Merge tag 'ntb-7.0' of https://github.com/jonmason/ntb
Pull NTB (PCIe non-transparent bridge) updates from Jon Mason:
"NTB updates include debugfs improvements, correctness fixes, cleanups,
and new hardware support:
ntb_transport QP stats are converted to seq_file, a tx_memcpy_offload
module parameter is introduced with associated ordering fixes, and a
debugfs queue name truncation bug is corrected.
Additional fixes address format specifier mismatches in ntb_tool and
boundary conditions in the Switchtec driver, while unused MSI helpers
are removed and the codebase migrates to dma_map_phys().
Intel Gen6 (Diamond Rapids) NTB support is also added"
* tag 'ntb-7.0' of https://github.com/jonmason/ntb:
NTB: ntb_transport: Use seq_file for QP stats debugfs
NTB: ntb_transport: Fix too small buffer for debugfs_name
[10 lines not shown]
update luanti to 5.15.1
Stop installing devtest now that tests no longer require it.
This matches upstream behaviour by prompting users to install a game
instead of launching into the devtest world.
From MAINTAINER
Merge tag 'io_uring-20260221' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux
Pull io_uring fixes from Jens Axboe:
- A fix for a missing URING_CMD128 opcode check, fixing an issue with
the SQE mixed mode support introduced in 6.19. Merged late due to
having multiple dependencies
- Add sqe->cmd size checking for big SQEs, similar to what we have for
normal sized SQEs
- Fix a race condition in zcrx, that leads to a double free
* tag 'io_uring-20260221' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux:
io_uring: Add size check for sqe->cmd
io_uring: add IORING_OP_URING_CMD128 to opcode checks
io_uring/zcrx: fix user_ref race between scrub and refill paths
[clang-tidy] Teach `performance-faster-string-find` about `starts_with`, `ends_with`, and `contains` (#182633)
These aren't "find" functions per se, so they don't totally match the
check name, but the same optimization is applicable to them (for
example, see
https://en.cppreference.com/w/cpp/string/basic_string_view/starts_with.html).
This optimization could be expanded to `operator+=` as well, but that's
a bit more involved, so I'm not doing it in this PR.
Merge tag 'fixes-2026-02-21' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock
Pull memblock fix from Mike Rapoport:
"Fix detection of NUMA node for CXL windows
phys_to_target_node() may assign a CXL Fixed Memory Window to the
wrong NUMA node when a CXL node resides in the gap of discontinuous
System RAM node.
Fix this by checking both numa_meminfo and numa_reserved_meminfo,
preferring the reserved NID when the address appears in both"
* tag 'fixes-2026-02-21' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock:
mm: numa_memblks: Identify the accurate NUMA ID of CFMW
py-ksef2: update to 8.0.0
Invoice rendering — HTML and PDF export
Export KSeF invoice XML to HTML and PDF using the built-in XSLT stylesheet:
InvoiceXSLTRenderer — renders invoice XML to HTML via the bundled styl.xsl
InvoicePDFExporter — renders invoice XML to PDF (HTML intermediate via XSLT + WeasyPrint)
Both renderers support exporting from file paths, XML strings, or directly to files.
Other additions
Add FA(3) schema models generated from schemat.xml
Add KSeFExportTimeoutError and KSeFInvoiceQueryTimeoutError exception types for polling timeouts
Bundle styl.xsl inside the package (ksef2.services.renderers)
Experimental
scripts/cli/export_invoices.py — CLI tool for downloading invoices and exporting to PDF. Supports token, PEM cert/key, and PKCS#12 authentication. Run python scripts/cli/export_invoices.py --help for usage.
InstCombine: Fold absorbing fmul of compared 0 into select
This is similar to the select-bin-op identity case, except
in this case we are looking for the absorbing value for the
binary operator.
If the compared value is a floating-point 0, and the fmul is
implied to return a +0, put the 0 directly into the select
operand. This pattern appears in scale-if-denormal sequences
after optimizations assume denormals are treated as 0.
Fold:
%fabs.x = call float @llvm.fabs.f32(float %x)
%mul.fabs.x = fmul float %fabs.x, known_positive
%x.is.zero = fcmp oeq float %x, 0.0
%select = select i1 %x.is.zero, float %mul.fabs.x, float %fabs.x
To:
%fabs.x = call float @llvm.fabs.f32(float %x)
[5 lines not shown]
[Scalarizer] Fix out-of-bounds crash (#180359)
When processing an extractelement instruction with an index that exceeds
the vector size (e.g., extracting index 2147483647 from a 4-element
vector), the scalarizer would calculate an out-of-bounds Fragment index
and crash with an assertion failure in `SmallVector::operator[]`.
This PR adds a bounds check in
`ScalarizerVisitor::visitExtractElementInst` to prevent a crash when the
extractelement index is out of bounds.
Fixes #179880
Merge tag 'sched_ext-for-7.0-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext
Pull sched_ext fixes from Tejun Heo:
- Various bug fixes for the example schedulers and selftests
* tag 'sched_ext-for-7.0-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext:
tools/sched_ext: fix getopt not re-parsed on restart
tools/sched_ext: scx_userland: fix data races on shared counters
tools/sched_ext: scx_pair: fix stride == 0 crash on single-CPU systems
tools/sched_ext: scx_central: fix CPU_SET and skeleton leak on early exit
tools/sched_ext: scx_userland: fix stale data on restart
tools/sched_ext: scx_flatcg: fix potential stack overflow from VLA in fcg_read_stats
selftests/sched_ext: Fix rt_stall flaky failure
tools/sched_ext: scx_userland: fix restart and stats thread lifecycle bugs
tools/sched_ext: scx_central: fix sched_setaffinity() call with the set size
tools/sched_ext: scx_flatcg: zero-initialize stats counter array
Remove whitespace on blank lines (#182574)
I removed some whitespace on a workflow job, which only had spaces.
I did not remove the newline completelty, only the whitespace junk,
which I found by git diffing the head.
[InstCombine] Update test
This was breaking buildbots due to a mid-air collision where some change
caused test differences between when the test was put up/passed CI and
when it landed.
Merge tag 'v7.0-rc-part2-ksmbd-server-fixes' of git://git.samba.org/ksmbd
Pull smb server fixes from Steve French:
"Two small fixes:
- fix potential deadlock
- minor cleanup"
* tag 'v7.0-rc-part2-ksmbd-server-fixes' of git://git.samba.org/ksmbd:
ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths
smb: server: Remove duplicate include of misc.h
