x11/hyprshutdown: Unbreak build on -CURRENT
clang with debug assertions enabled (on -CURRENT) crashes when it
tries to compile this port. As a workaround use clang from ports when
system clang has debug assertions enabled.
Reported by: pkg-fallout
[clang][bytecode] Fix a mishap in HasPtrField calculation (#184557)
The Record constructor has a parameter and a class member of the same
name. Also include composite array element types in the calculation in
Program.cpp.
[VPlan] Add const to VPPredicator methods. nfc (#184359)
Add const to VPBasicBlock pointer parameters and cache key types where
the blocks are not modified.
[DA] Remove consistent flag from Dependence class (#181608)
The `Dependence` class has a flag `Consistent`, but it's not clear what
it represents. This flag doesn't seem to be updated correctly during
analysis. There are no users of it, so I think this flag would be
unnecessary.
In addition, because of this flag, even minor code changes can alter
test results unintentionally (specifically, the presence/absence of a
string "consistent" in the test output). Such test changes can be
confusing and gradually add to the maintenance burden.
Given these points, it's better to remove the `Consistent` flag from the
`Dependence` class entirely.
[AMDGPU] Add half vector support for table-driven libcall optimization (#178638)
When replacing certain AMDGPU library calls with constant data vectors,
the existing implementation only handled single and double-precision
floats. This change extends the functionality to also support
half-precision floats.
Additionally, it refactors the function responsible for generating
constant float data vectors to improve readability and reduces code
duplication. In tandem with this refactoring, the patch relaxes the
check for constant data vectors to include any constant of vector type.
This allows other constant vectors to be processed, such as those
created from constant aggregate zeros (e.g. `<2 x float>
zeroinitializer`).
---------
Signed-off-by: Steffen Holst Larsen <sholstla at amd.com>
[mlir][linalg] Data layout propagation test schedule (#184151)
Replaces data layout propagation test pass with equivalent transform
schedule.
The two required patterns are wrapped in new linalg transform ops
improving reusability.
nodejs: updated to 25.8.0
25.8.0
Notable Changes
- build, doc: use new api doc tooling (flakey5)
- (SEMVER-MINOR) sqlite: add limits property to DatabaseSync (Mert Can Altin)
- (SEMVER-MINOR) src: add C++ support for diagnostics channels (RafaelGSS)
- (SEMVER-MINOR) src,permission: add --permission-audit (RafaelGSS)
- (SEMVER-MINOR) test_runner: expose worker ID for concurrent test execution (Ali Hassan)
python310 py310-html-docs: updated to 3.10.20
Python 3.10.20
Security
gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650).
gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs.
gh-143925: Reject control characters in data: URL media types.
gh-143919: Reject control characters in http.cookies.Morsel fields and values.
gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters.
gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing. In order to do this without breaking existing users, we also add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead.
gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser.
gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran.
gh-136065: Fix quadratic complexity in os.path.expandvars().
gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
[10 lines not shown]
python311 py311-html-docs: updated to 3.11.15
Python 3.11.15
Security
gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650).
gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs.
gh-143925: Reject control characters in data: URL media types.
gh-143919: Reject control characters in http.cookies.Morsel fields and values.
gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters.
gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing. In order to do this without breaking existing users, we also add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead.
gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser.
gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran.
gh-136065: Fix quadratic complexity in os.path.expandvars().
gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
[10 lines not shown]
python312 py312-html-docs: updated to 3.12.13
Python 3.12.13
Security
gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650).
gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs.
gh-143925: Reject control characters in data: URL media types.
gh-143919: Reject control characters in http.cookies.Morsel fields and values.
gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters.
gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing. In order to do this without breaking existing users, we also add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead.
gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser.
gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran.
gh-136065: Fix quadratic complexity in os.path.expandvars().
gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes.
[5 lines not shown]
