BSD Commit Log Search

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

lang/fpc-source: pet stage-qa (+)

No need to put .git* files in package, as it already done for lang/fpc-devel-source

Reported by:    bulk -t
Approved by:    portmgr blanket

security/lxqt-sudo: handle orphans in plist (+)

Reported by:    bulk -t
Approved by:    portmgr blanket

x11-wm/lxqt-wayland-session: pet stage-qa, lxqt-qdbus is a bash script (+)

====> Running Q/A tests (stage-qa)
Error: '/bin/bash' is an invalid shebang you need USES=shebangfix for 'bin/lxqt-qdbus'

Reported by:    bulk -t
Approved by:    portmgr blanket

net/libmateweather: handle orphans in plist (+)

Reported by:    bulk -t
Approved by:    portmgr blanket

security/opkssh: New port: Tool which enables SSH to be used with OpenID Connect

opkssh is a tool which enables ssh to be used with OpenID Connect
allowing SSH access to be managed via identities like alice at example.com
instead of long-lived SSH keys. It does not replace SSH, but instead
generates SSH public keys containing PK Tokens and configures sshd
to verify them. These PK Tokens contain standard OpenID Connect ID
Tokens. This protocol builds on the OpenPubkey which adds user
public keys to OpenID Connect without breaking compatibility with
existing OpenID Provider.

x11-wm/phoc: update to 0.51.0

Changes:        https://gitlab.gnome.org/World/Phosh/phoc/-/releases/v0.51.0
Reported by:    GitLab (notify releases)

textproc/scdoc: update to 1.11.4

Changes:        https://git.sr.ht/%7Esircmpwn/scdoc/refs/1.11.4
Reported by:    Repology

devel/jenkins-lts: Update to 2.528.2

Sponsored by:   The FreeBSD Foundation

devel/forgejo-runner: Add supervisor mode for daemon(8)

If the server is not available when act_runner starts, act_runner
terminates.

Notes:
1. This is a breaking change - previously set act_runner_flags specified
   in rc.conf are applied to daemon(8), not act_runner. To pass
   parameters to act_runner, act_runner_args is used.
2. The system must be updated due to FreeBSD-EN-25:06.daemon.

While here fix build with non-default user/group and split long line.

PR:     288957

net-im/tg_owt: update to the recent snapshot

net-im/telegram-desktop: update from 6.2.4 to 6.3.0

Patch obtained from:    https://cvsweb.openbsd.org/ports/net/tdesktop/patches/patch-Telegram_SourceFiles_platform_linux_specific_linux_cpp

Sponsored by:   tipi.work

audio/lilv: Update to 0.26.0

ChangeLog: https://drobilla.net/2025/11/12/lilv-0-26-0.html

devel/R-cran-testthat: Update to 3.3.0

- Put tests as safe
  A custom do-test and UTF-8 env needed to be set so tests succeed

ChangeLog: https://cloud.r-project.org/web/packages/testthat/news/news.html

math/intx: Update to 0.14.0

ChangeLog: https://github.com/chfast/intx/releases/tag/v0.14.0

vmimage.subr: Enable FreeBSD-base repo if pkgbase

When creating a VM image using pkgbase, create a configuration file in
/usr/local/etc/pkg/repos/FreeBSD.conf which enables the FreeBSD-base
repository.  (This repository is defined in /etc/pkg/FreeBSD.conf as
being disabled by default.)

Reported by:    Mark Millard
MFC after:      immediately (needed for 15.0-RC1)

bsdinstall: Enable FreeBSD-base repo when pkgbase

When performing a pkgbase install, create a configuration file in
/usr/local/etc/pkg/repos/FreeBSD.conf which enables the FreeBSD-base
repository.  (This repository is defined in /etc/pkg/FreeBSD.conf as
being disabled by default.)

Reported by:    Mark Millard
Reviewed by:    markj
MFC after:      immediately (needed for 15.0-RC1)
Differential Revision:  https://reviews.freebsd.org/D53777

vmimage.subr: Log pkg/local.sqlite if pkgbase

We were doing this in vm_extra_install_packages but VM images without
any extra packages installed would not get this installed.  This
results in a pkgbase system which thinks it doesn't have any packages
installed (even though all the files are right there).

Add a "metalog_add_data ./var/db/pkg/local.sqlite" call to the pkgbase
install code path, and make the call from vm_extra_install_packages
conditional on !PKGBASE.

Reported by:    Michael Dexter
MFC after:      immediately (needed for 15.0-RC1)

pf: handle divert packets

In a divert setup pf_test_state() may return PF_PASS, but not set the state
pointer. We didn't handle that, and as a result crashed immediately afterwards
trying to dereference that NULL state pointer.

Add a test case to provoke the problem.

PR:             260867
MFC after:      2 weeks
Submitted by:   Phil Budne <phil.budne at gmail.com>
Sponsored by:   Rubicon Communications, LLC ("Netgate")

HBSD: Resolve merge conflicts

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>

www/osticket: Remove defunct IGNORE_WITH_PHP

php80 has retired a couple of years ago and this line is defunct.

Approved by:    portmgr (blanket)

Merge remote-tracking branch 'internal/freebsd/current/main' into hardened/current/master

Conflicts:
        share/keys/Makefile (unresolved)
        usr.sbin/bsdinstall/Makefile (unresolved)
        usr.sbin/bsdinstall/scripts/pkgbase.in (unresolved)

devel/py-perceval-weblate: Return to pool

Used in cluster and releasing so that others can update as necessary
without my intervention.

Changelog: https://github.com/chaoss/grimoirelab-perceval-weblate/releases/tag/${NEW_VERSION}

databases/clickhouse: Update version 24.5.1.1763=>25.10.2.65

Changelog: https://github.com/ClickHouse/ClickHouse/releases/tag/v25.10.2.65-stable

Sponsored by:   Nepustil

security/sslproxy: Update version 0.9.9=>0.9.10

Changelog: https://github.com/sonertari/SSLproxy/releases/tag/v0.9.10

lang/php85: Update version 8.5.0RC4=>8.5.0RC5

Please DO NOT use this version in production, it is an early test
version.

Changelog: https://github.com/php/php-src/blob/php-8.5.0RC5/NEWS

emulators/qemu-devel: Update version 10.1.20250930=>10.1.20251031

databases/freetds-devel: Update version 1.5.147=>1.5.151

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main