textproc/treemd: update to 0.5.10
[0.5.10] - 2026-04-16
Added
Toggle hidden files and directories in file picker - Press h in the file picker to toggle visibility of dot-prefixed files and directories (e.g. .obsidian/, .notes.md); rebindable via the keybindings config (#52) — thanks to @ktaka-ccmp for the original directory-toggle implementation, extended in follow-up to cover hidden files as well
Fixed
Content height u16 truncation - Changed content_height from u16 to usize to prevent silent overflow on documents with >65535 rendered lines; scroll clamped at ratatui's u16 boundary
Terminal restoration when stdin is piped - disable_raw_mode now fully restores the original termios saved during enable_raw_mode, instead of only re-setting ICANON/ECHO/ISIG (which left IEXTEN, ICRNL, OPOST, etc. cleared by cfmakeraw)
Table cell edit index using unreliable string search - calculate_current_table_index now uses the heading's byte offset from the document structure instead of content.find(), which could match the wrong occurrence in documents with repeated section text
Panic on stdin read during terminal warning - Replaced stdin().read().unwrap() with non-panicking variant
Silent config parse failure - Malformed config.toml now prints a warning instead of silently falling back to defaults
Changed
Upgraded all dependencies to latest - Major: resvg 0.44 → 0.47. Minor: clap/clap_complete 4.5 → 4.6, indextree 4.7 → 4.8, indexmap 2.13 → 2.14, tempfile 3.26 → 3.27, toml 1.0 → 1.1, notify 8.0 → 8.2. Plus refreshed transitive deps (image, uuid, wayland-*, wasm-bindgen, zerocopy, etc.)
Extracted current_section_content() helper - Deduplicated 9 instances of the section-content-extraction pattern across app.rs (-70 lines)
[3 lines not shown]
devel/cargo-modules: update to 0.26.0
[0.26.0] - 2026-04-19
Changed
Updated dependencies:
anyhow from 1.0.100 to 1.0.102
clap from 4.5.49 to 4.6.1
indoc from 2.0.6 to 2.0.7
libc from 0.2.177 to 0.2.185
pulldown-cmark from 0.13.0 to 0.13.3
rust-analyzer from 0.0.289 to 0.0.328
sugar_path from 1.2.0 to 2.0.0
thin-vec from 0.2.14 to 0.2.16
tracing from 0.1.41 to 0.1.44
tracing-subscriber from 0.3.20 to 0.3.23
url from 2.5.7 to 2.5.8
Bumped MSRV from 1.86.0 to 1.91.0
ifp-line: update to 0.4.1.
From YAMASHIRO, jun in PR 60199.
2026-04-19 Yamashiro, Jun <yamajun _at_ ofug.net>
* Release ifp-line-0.4.1
* nonroot.sh: Fix for modern FreeBSD
2026-04-17 Yamashiro, Jun <yamajun _at_ ofug.net>
* Release ifp-line-0.4
* ChangeLog: Add ChangeLog.
2026-03-29 Yamashiro, Jun <yamajun _at_ ofug.net>
* Fix build process
2026-01-05 Yamashiro, Jun <yamajun _at_ ofug.net>
[10 lines not shown]
libifp: update to 1.0.1.0.
From YAMASHIRO, jun in PR 60200.
--- Tagged 1.0.1.0 ---
2026-04-05 YAMASHIRO Jun <yamajun at users.sourceforge.net>
* Change version check code for Linux kernel module mode
Linux 2.6.0 - 2.6.30
2026-03-28 YAMASHIRO Jun <yamajun at users.sourceforge.net>
* Fix build process for modern OSes
2026-01-12 YAMASHIRO Jun <yamajun at users.sourceforge.net>
* Apply Adam Sampson's patch for GCC14/15 and llvm/clang
* Fix compile with FreeBSD 8.0<=
2005-08-22 Geoff Oakham <goakham at users.sourceforge.net>
* the userspace library build was disabled by default in the last
release. Fixed so its enabled if libusb is found.
[5 lines not shown]
py-ruff: update to 0.15.11.
Preview features
[ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
[airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
[flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)
Bug fixes
[flake8-async] Omit overridden methods for ASYNC109 (#24648)
Documentation
[flake8-async] Add override mention to ASYNC109 docs (#24666)
Update Neovim config examples to use vim.lsp.config (#24577)
py-mako: update to 1.3.11.
Fixed issue in TemplateLookup where a URI with a double-slash prefix
(e.g. //../../) could bypass the directory traversal check in
Template, allowing reads of arbitrary files outside of the template
directory. The issue was caused by an inconsistency in how leading
slashes were stripped between TemplateLookup.get_template() and
Template initialization.
py-lxml: update to 6.1.0.
6.1.0 (2026-04-17)
==================
This release fixes a possible external entity injection (XXE) vulnerability in
``iterparse()`` and the ``ETCompatXMLParser``.
Features added
--------------
* GH#486: The HTML ARIA accessibility attributes were added to the set of safe attributes
in ``lxml.html.defs``. This allows ``lxml_html_clean`` to pass them through.
Patch by oomsveta.
* The default chunk size for reading from file-likes in ``iterparse()`` is now configurable
with a new ``chunk_size`` argument.
Bugs fixed
[8 lines not shown]
meson: update to 1.11.0.
# New features
## BuildTarget(install_dir) length > 1 replaced with keywords
## Cargo workspace object
## Cython no longer requires explicitly enabling C or C++
## Deduplication of OpenMP linker arguments
## `meson dist` now accepts `-j`/`--num-processes`
## Deprecate `should_fail` and rename it to `expected_fail`, also introduce `expected_exitcode`
## The external_project module uses the cygpath command to convert paths
## install_man and install_headers: add support for install_tag kwarg
## Added `link_early_args` to targets performing linking
## Machine files now expand `~` as the user's home directory
## `meson format` file sorting is now disabled by default and uses natural sorting
## `-Db_lto` and `-Db_pgo` now supported for MSVC
## Last major version supporting Python 3.7, 3.8, and 3.9
## Python extension modules default to C ABI for Rust
## Meson now defines `QT_DEBUG` or `QT_NO_DEBUG` depending on build type
## `compiler_target()` method in the Rust module
[4 lines not shown]
ui: SimpleFileUploadDlg - add support for binary file uploads ( `SimpleFileUploadDlg({binary: true,...`), when set, files will be offered base64 encoded.
ui: SimpleFileUploadDlg - add support for binary file uploads ( `SimpleFileUploadDlg({binary: true,...`), when set, files will be offered base64 encoded.
[CIR] Emit inbounds nuw flags on GetMemberOp GEP lowering (#186738)
Struct member accesses via GetMemberOp are always inbounds and cannot
unsigned-wrap, matching LLVM's IRBuilder::CreateStructGEP behavior.
