py-typeguard: updated to 4.5.1
**4.5.1** (2026-02-19)
- Fixed iterable unpacking incorrectly calculating the cut-off offset of the item list
when assigning remaining values to the star variable
adguardhome: updated to 0.107.72
0.107.72
Security
Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in 1.25.7.
Added
AdGuard Home now tracks the TLS certificate and key files for updates and reloads them after any updates are detected.
New query parameter recent in GET /control/stats/ defines statistics lookback period in millieseconds. See openapi/openapi.yaml for details.
New field "ignored_enabled" in GetStatsConfigResponse or GetQueryLogConfigResponse. See openapi/openapi.yaml for details.
Changed
In addition to modifying the contents of a hosts file, deleting or renaming the file now also updates runtime clients and DNS filtering results.
[6 lines not shown]
shells/oh-my-posh: update to 29.6.1
v29.6.1
Bug Fixes
pwsh: never output BOM for init scripts (4a2d995)
v29.6.0
Bug Fixes
pwsh: set status before executing stream (0cb58c3), closes #7331
Features
os: add zorin os icon (fefd73a)
devel/cargo-nextest: update to 0.1.129
Changed
--show-progress=only now behaves like the default auto in non-interactive mode, showing successful tests with a counter. This change was made because only is primarily intended for interactive scenarios. (#3087)
The MSRV for building nextest has been updated to Rust 1.91.
Fixed
Setup scripts that write NEXTEST-prefixed environment variables to $NEXTEST_ENV now properly report failure. Previously, the setup script would be reported as successful despite invalid variables, and tests would still run. (#3094)
Internal improvements
Replay output is now only loaded from the archive when needed. This makes replays around 10-15% faster. (#3090)
Switched from the zip crate to eazip to address repeated semver breakage in the zip crate. (#3093)
yt-dlp: update to 2026.2.21.
Security: [CVE-2026-26331] Arbitrary command injection with the --netrc-cmd option
The argument passed to the command in --netrc-cmd is now limited to a safe subset of characters
Changelog
Core changes
cookies: Ignore cookies with control characters (#15862) by bashonly, syphyr
jsinterp
Fix bitwise operations (#15985) by bashonly
Stringify bracket notation keys in object access (#15989) by bashonly
Support string concatenation with + and += (#15990) by bashonly
Extractor changes
Add browser impersonation support to more extractors (#16029) by bashonly
Limit netrc_machine parameter to shell-safe characters by Grub4K
[42 lines not shown]
Update devel/objfw to 1.5
Legend:
* Changes of existing features or bug fixes
+ New features
ObjFW 1.4.4 -> ObjFW 1.5, 2026-02-22
+ Adds OFColorSpace and adds support for color spaces to OFColor. Supports
sRGB, linear sRGB, BT.709, Display-P3, linear Display-P3, BT.2020, linear
BT.2020, Adobe RGB and linear Adobe RGB.
+ Adds OFImage to store an image in various pixel formats and color spaces.
+ Adds OFCanvas to create (draw) images, including bilinear image scaling and
alpha blending in linear color space and pixel format and color space
transformations when source and destination use a different pixel format
and/or color space.
+ Adds OFImageFormatHandler as a generic interface to handle image formats
including a registry for image formats so that it can be extended by 3rd
parties.
+ Adds an OFImageFormatHandler for BMP and QOI images.
[66 lines not shown]
libgcrypt: updated to 1.12.1
Noteworthy changes in version 1.12.1 (2026-02-20)
* Bug fixes:
- Fix for aSmartOS (Solaris) build problem due to AVX2 changes.
- Fix a regression in gcry_mpi_ec_curve_point.
- Make sure to have MPI limbs pre-allocated in ECC and fix
Weierstrass curve use with PUBKEY_FLAG_PARAM.
* Other:
- Add MPI configuration for NetBSD m68k.
doc/pkg-vulnerabilities: add rails eol and clean up
* Tweak package names for older Ruby on Rails pacakges.
* Add eol for Ruby on Rails packages 7.0 and 7.1.
* Add php81* with eol.
