BSD Commit Log Search

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

sysutils/rubygem-bundler-audit: Add new port

bundler-audit provides patch-level verification for Bundled Ruby
applications by auditing Gemfile.lock against a database of known
vulnerabilities.

Also add rubygem-bundle-audit as a wrapper gem that depends on
rubygem-bundler-audit, for developers who reference "bundle-audit"
instead of "bundler-audit".

devel/rubygem-uniform_notifier: Add version 1.18.0

uniform_notifier provides a unified notification interface supporting
Rails logger, JavaScript alert/console, XMPP, Slack, and more.

net/samba423: update to version 2.23.6

Sponsored by:   Klara, Inc.
Reported by:    portscout

devel/rubygem-bullet: Add rubygem-bullet 8.1.0

Bullet is a development tool that helps increase application performance
by reducing the number of queries it makes. It detects N+1 queries,
unused eager loading, and suggests counter cache usage.

Also add rubygem-bullet-rails72 slave port for Rails 7.2 compatibility.

security/rubygem-doorkeeper-i18n{,-rails72}: Add new port.

Internationalization files for Doorkeeper OAuth2 provider

While I'm there, also add a variant of rubygem-doorkeeper for use
with rails72.

tzcode: Update to 2026a

Many thanks to Paul Eggert for adopting most of our adaptations as
optional features upstream in the previous release (2025c).

MFC after:      1 week
Reviewed by:    philip
Differential Revision:  https://reviews.freebsd.org/D55741

yes: Add tests

MFC after:      1 week
Sponsored by:   Klara, Inc.
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D55802

math/octave-forge-biosig: Update to 3.9.4.

devel/patch: update GNU patch to the latest version 2.8

- GC previous Debian patches, backport new upstream fixes:
  add missing filename quoting, enable merge, skip read-only
  check when output file specified, reject empty filenames
- On i386, apply the same fix as Debian for Hurd/i386
- The port now seemingly builds fine with BSD make(1)
- Install some standard documentation files

PR:     285796

graphics/egl-x11: Update to version 1.0.5

Changes:
https://github.com/NVIDIA/egl-x11/releases/tag/v1.0.5

While here, drop a patch that is now included in upstream,
and add warning about minimum supported version of NVIDIA
drivers (560) in pkg-descr.

PR:             293718
Reviewed by:    ashafer (versioning)
Differential Revision:  https://reviews.freebsd.org/D55797

graphics/egl-wayland2: New port

Introduce graphics/egl-wayland2, Wayland EGL External Platform library
Version 2 that works with NVIDIA drivers 560 and later.

This is a new implementation of the EGL External Platform Library
for Wayland (EGL_KHR_platform_wayland), using the NVIDIA driver's
new platform surface interface (Dma-buf-based), which simplifies
a lot of the library and improves window resizing.

This library can be installed alongside the previous egl-wayland
implementation (graphics/egl-wayland).

The new library has a higher selection priority by default,
so if both are present, then a 560 or later driver will select
the new library, and an older driver will fall back to the old
library.

PR:             293719

    [2 lines not shown]

net-p2p/bazarr: Fix build with python version other than 3.11

PR:             293708
Approved by:    Michiel van Baak Jansen <michiel at vanbaak.eu> (maintainer)
MFH:            2026Q1

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

build: Stop testing LINKER_FEATURES for ifunc and build-id

These features are available in all supported linkers, and we can expect
that they'll be supported by any GNU-compatible linker that we'd use to
link FreeBSD.

Reviewed by:    imp, kib
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55676

security/netbird: Update 0.66.1 => 0.66.3

Changelogs:
https://github.com/netbirdio/netbird/releases/tag/v0.66.2
https://github.com/netbirdio/netbird/releases/tag/v0.66.3

Commit log:
https://github.com/netbirdio/netbird/compare/v0.66.1...v0.66.3

PR:     293710

security/chkrootkit: Update 0.58b => 0.59

Changelog:
 - New checks: Process executed from memory
 - New commands: nologin
 - XZ Backdoor Bottkitty (UEFI Bootkit)
 - Bug fixes
https://www.chkrootkit.org/#new

Remove local patches with support FreeBSD 9.

PR:             293520
Approved by:    Lacey Powers <lacey.leanne at gmail.com> (maintainer)
MFH:            2026Q1

biology/salmon: Unbreak: Relax libgff version requirement

Also drop unnecessary libboost dep

Reported by:    pkg-fallout

textproc/elasticsearch7: Correct product name

Rename ElasticSearch to Elasticsearch in the file pkg-message.

PR:             261591
Approved by:    elastic (maintainer, timeout 4+ years)

devel/py-p4python: Update to 2025.2.2863679

PR:             293725
Approved by:    antonfb at hesiod.org (maintainer)

libpmc: Explicitly whitelist json fields

Adds all missing Intel fields and turns jevents.c into an explicit white
list mechanism so that we no longer ignore important fields that often
invalidate the counter.  The json event parser must now parse every
field on each architecture that we support.  This has been tested by
running tinderbox and manually running jevent against our current json
repository.  As a bonus I fixed spelling errors in the AMD JSON
definitions.

Sponsored by: Netflix

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2055

net/dpdk: update to latest LTS release, 25.11.0, adopt (+)

Tested on:      aarch64, amd64
Release notes:  http://doc.dpdk.org/guides/rel_notes/release_25_11.html
Approved by:    Bruce Richardson (former maintainer)

tests/kern/ssl_sendfile: fix 'random' and 'basic' flakyness

The read of c.sbytes needs to be synchronized with mutex.  The problem was
fixed for 'truncate' and 'grow' with 8a9508563542, but these two suffer
from the same problem.  Provide require_sbytes(), a locked wrapper around
ATF_REQUIRE() to reduce copy and paste.

Submitted by:           olivier
Differential Revision:  https://reviews.freebsd.org/D55781

tests/kern/ssl_sendfile: reduce copy & paste

Provide sendme_locked_wait() for a common pattern.  Not functional change.

mail/mailpit: Update to 1.29.3

Improved ONLY_FOR_ARCHS_REASON message to better explain the supported
architectures.

audio/subtui: Update to 2.10.0

Changelog: https://github.com/MattiaPun/SubTUI/releases/tag/v2.10.0

ena: Update driver version to v2.8.2

Bug Fixes:
* Verify that an ENA ring is in netmap only in native mode

Minor Changes:
* Move parenthesis to correct place in switch
* Add comment
* Reorder define

MFC after: 2 weeks
Sponsored by: Amazon, Inc.
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D55698