doas: add pkgsrc-specific paths to GLOBAL_PATH and SAFE_PATH
Issue noted by Takashi Shimizu on pkgsrc-users@.
This follows how these paths are defined ordering-wise based on doas.h.
The existing SunOS override approach in Makefile varies here, as added
that way upstream. The SunOS setting was left as-is, to keep with the
POLA. (Someone may be surprised by the change on other OSes,
regardless; so it goes.)
Update to version 9.2.449.
Changes:
- patch 9.2.0449: Make proto fails in non GTK builds
- patch 9.2.0448: Vim9: dangling cmdline pointer after skip_expr_cctx()
- patch 9.2.0447: cindent does not ignore comments
- patch 9.2.0446: runtime(netrw): off-by-one bug in s:NetrwUnMarkFile()
- patch 9.2.0445: win_fix_scroll() called before win_comp_pos() in command_height()
- patch 9.2.0444: Cannot set 'path' option via modeline
- patch 9.2.0443: GUI: cancelling save dialog overwrites or discards unnamed buffer
- patch 9.2.0442: completion: i_CTRL-X_CTRL-V doesn't use dict from customlist
- runtime(autopkgtest): update syntax script
- Fix wrong comment in getchar.c
- patch 9.2.0441: statusline: click handler not called on multi-line statusline
- patch 9.2.0440: MS-Windows: cursor flicker during update_screen()
- patch 9.2.0439: completion: info popup not removed in cmdline mode
- patch 9.2.0438: tests: test_plugin_termdebug is flaky
- runtime(doc): Tweak documentation style
- Fix a few more typos
[68 lines not shown]
www/ruby-aws-partitions: update to 1.1245.0
1.1245.0 (2026-05-05)
* Feature - Updated the partitions source data that determines the AWS
service regions and endpoints.
finance/ruby-braintree: update to 4.36.0
4.36.0 (2026-05-05)
* Add Local Payment Context support with LocalPaymentContextGateway.create
and LocalPaymentContextGateway.find methods
* Add support for MBWAY and CRYPTO payment types
* Add acquirerReferenceNumber to transaction search object
* Add international_phone to Customer in Transaction
* Deprecate merchant create functionality
* Add apiRequestKey (idempotency) for sale, credit, refund, void and
settlement operations.
* Add support for Ruby version 3.4.0, 4.0 and updated rubocop to 1.85.1 for
Ruby versions 2.7 and later
* Add surcharge_amount to transaction object
* Add support for apple pay card verifications
py-pymysql: updated to 1.1.3
v1.1.3
Security
* Fix `Cursor.callproc()` didn't escape procedure name.
There was a possibility of SQL injection when calling a procedure with a string received from an untrusted source as the procedure name.
NOTICE: This change may cause backward compatibility issues. If you specified a procedure name like `"dbname.funcname"`, the previous version called `CALL dbname.funcname`, but from this version, it will call ``CALL `dbname.funcname` `` so you cannot specify procedure name with database name anymore.
py-authlib: updated to 1.7.2
1.7.2
Fix the readme links
Allow non-recommended algorithms in ClientSecretJWT and PrivateKey
Validate BCP47 language tags with a regex
Fix RFC7523 signing with non RSA keys
memcached: updated to 1.6.41
1.6.41
Overview
Important bugfix release over regressions starting from 1.6.34 and 1.6.40. The glitches are not likely critical but we want to raise awareness of them.
In 1.6.34 we introduced new memory mover code. In very rare cases a bug can lead to the memory mover becoming unable to make progress and pages will no longer be moved for either a period of time or forever.
This also introduced a rare crash when slabs_mover=2 start option is in use. However it is highly recommended that nobody use this option as it will give poor hit rates for most workloads.
In 1.6.40 we introduced a rewritten protocol parser. The lru tuning command was made inaccessible and is now fixed in this release.
Finally, this repairs a bug in extstore where frequently accessed items can be lost during data compaction. This has existed since extstore was written and is not a recent regression. It is more likely to happen on highly loaded systems with low memory available to keep active items in RAM vs disk.
Several ASAN triggering but otherwise harmless bugs were also fixed.
Fixes
[15 lines not shown]
py-fsspec: updated to 2026.4.0
2026.4.0
Fixes
- proper install in ci to grab versions
- encode URLs in HTTP pipe_file
- implement delete and write_test for dirFS
- allow multiple local protocols
- context closing for tar and zip
- fix cat_file and cat_ranges for WholeFileCache
Other
- usage warning to HTTP FS
- update adl: message following retirement
x11/xterm: update to 410
Patch #410 - 2026/05/01
- amend one of the fixes for Debian #738794 in patch #407, which caused combining characters to be outlined (report by "Martin").
- clarify in ctlseqs.ms which modes listed for DECSET are readonly (prompted by discussion with Thomas Wolff).
