security/libdecaf: Update to v1.0.3
Changes since v1.0.2:
No upstream release notes; changes derived from commit log.
* Allow long scalars to be null, mostly so that you can
deserialize a zero-length null scalar without causing UB.
* Signature context can be null.
* Fix runtime errors.
* Fix C++ test build with recent compilers.
* CMake improvements and add enable sanitizer option.
* Add SER_BYTES to gf_serialize prototype.
* Adjust comments in ristretto.sage.
* Indicate that x86 word_is_zero affects the carry flag.
* Test for subgroup membership in ed448 (sage).
* Document how to run tests.
audio/fasttracker2: Update to 2.18
Changes since 2.17:
v2.18 - 28.04.2026
* The windowed-sinc interpolation kernels are now calculated with
unity gain
* The scopes now use windowed-sinc interpolation again (previously
buggy)
editors/msedit: Update to 2.0.0
Changes since 1.2.1:
⚠️ If you're a package maintainer, please read the last section
at the end.
Syntax Highlighting
Edit v2 adds the Lightweight Syntax Highlighter. It has a ~40kB
footprint for a dozen languages plus runtime, barely grows with each
language added, and runs at >100MB/s.
The highlighter is based on a simple programming language that combines
regular expressions with explicit control flow. It's designed such that
the runtime can be easily ported to other languages, including
JavaScript.
The list of languages will surely grow over time, and contributions for
[147 lines not shown]
devel/difftastic: update to 0.69.0
Parsing
- Added support for Assembly.
- Substantially improved parsing for Perl.
- Improved parsing for Clojure, Common Lisp, CSS, Dart, Erlang, F#, OCaml, Python, Rust, Scala, TypeScript and VHDL.
- Removed support for Hack, as the upstream parser is no longer maintained. .php files starting with <?hh are now treated as text.
File Detection
- Difftastic now considers .gitattributes when deciding if a file is binary, recognising both the -text and binary attributes.
Build
- Difftastic now requires Rust 1.85 or later to build.
gobject-introspection: bump PKGREVISION for glib2 2.88.0 update
gobject-introspection installs GLib/GObject/GModule/Gio/GioUnix
introspection data generated against the GLib version available at
build time.
After updating devel/glib2 to 2.88.0, the old gobject-introspection
package still contains typelibs generated against the previous GLib.
This can break runtime users of PyGObject like inputmethod/ibus-anthy.
net/unison: Update to 2.54.0
Packaging changes:
Upstream NEWS:
## Changes in 2.54.0
Released 2026-05-01
* Drop old wire protocol. Unison will no longer interoperate with
versions before 2.52.0 and will no longer read pre-2.52.0 archive
files.
* Document that LLM output is unwelcome in the Unison project (code,
issues, mailinglists, etc.).
* Add desktop file.
Deprecation warning: support for external rsync will be removed;
[13 lines not shown]
geography/py-ubx2: Update to 1.3.0
Upstream NEWS, less minor improvements and bugfixes:
### RELEASE 1.3.0
1. Add support for UBX MGA advanced calibration support commands and polls (MGA-SF-INI, MGA-SF-INI2, MGA-INI-ATT, MGA-SF) - thanks to @ariansharifi for contribution.
### RELEASE 1.2.60
1. Add UBXReader `encoding` argument for chunked encoded socket streams.
1. Add a third value '2' to UBXReader and UBXMessage `parsebitfield` argument (*previously a simple boolean*); 0 = parse bitfield as bytes, 1 = parse bitfield as individual bits, 2 = parse bitfield as *both* bytes *and* bits (1)
firefox140: update to 140.10.1
Mozilla Foundation Security Advisory 2026-36
Security Vulnerabilities fixed in Firefox ESR 140.10.1
Announced
April 28, 2026
Impact
high
Products
Firefox ESR
Fixed in
Firefox ESR 140.10.1
#CVE-2026-7320: Information disclosure due to incorrect boundary conditions in the Audio/Video component
Reporter
Xuehao Guo
[45 lines not shown]
dasel: update to 3.8.1.
install man pages and shell completion
## [v3.8.1] - 2026-04-30
- `dasel man` now generates a reproducible manpage based on [SOURCE_DATE_EPOCH](https://reproducible-builds.org/specs/source-date-epoch).