aboutsummaryrefslogtreecommitdiff
path: root/lang
Commit message (Collapse)AuthorAgeFilesLines
* [NEW PORT] lang/nickel Universal configuration languageDerek Anderson11 hours5-0/+1872
| | | | | Co-authored-by: Michael Osipov <michaelo@FreeBSD.org> PR: 294549
* lang/python314: Fix incomplete mitigation of webbrowser.open()Matthias Andree19 hours2-1/+67
| | | | | | | | | | | Cherry-pick fix to resolve Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open() Obtained from: GitHub repo https://github.com/python/cpython/pull/148516 Security: CVE-2026-4786 cf75f572-378a-11f1-a119-e36228bfe7d4
* lang/python314: Security update + other fixesMatthias Andree19 hours3-32/+104
| | | | | | | | | | | | | | | | | | | | | | | | | | Fix critical use-after-free bug in LZMA/BZ2/ZLib decompressor routines when reusing decompressor instances after a MemoryError was raised from one. While here: - fix DEBUG build/package (several %%ABI%% were in the wrong place in pkg-plist that caused failed installs) - switch to using system textproc/expat2 library - issue warnings in pre-test that IPV6, PYMALLOC are required and DEBUG also breaks one self-test - bump PORTREVISION - drop LTOFULL again and make LTO use =full References: https://mail.python.org/archives/list/security-announce@python.org/thread/HTWB2Z6KT5QQX4RYEZAFININDHNOSIF3 https://www.cve.org/CVERecord?id=CVE-2026-6100 https://github.com/python/cpython/pull/148396 Obtained from: GitHub repo https://github.com/python/cpython/commit/c8d8173c4b06d06902c99ec010ad785a30952880 Security: CVE-2026-6100 b8e9f33c-375d-11f1-a119-e36228bfe7d4
* KDE: Update KDE Gear to 26.04.0Max Brazhnikov22 hours1-3/+3
| | | | | | | | | | | | | | | | | | | | | | Announcement: https://kde.org/announcements/gear/26.04.0/ Ports changes: audio/libkcompactdisc: - Remove port, no longer shipped with KDE Gear deskutils/kdeconnect-kde: - Add dependency on libei misc/minuet: - Add missing dependencies - Add patch to restore parity with Linux net/krdc: - Update dependencies x11/yakuake: - Add missing dependencies
* lang/rust-nightly: update 1.96.0.20260326 → 1.97.0.20260413Dmitry Marakasov2 days3-23/+22
| | | | | | | | The patch-src_tools_cargo_src_cargo_sources_git_source.rs was updated for newer cargo and needs additional review [1]. PR: 256581 [1] Approved by: rust (implicit)
* lang/luajit: update to the recent snaphostSergey A. Osokin2 days2-6/+6
| | | | Sponsored by: tipi.work
* lang/pomsky: update 0.10 → 0.12.0Yuri Victorovich2 days2-464/+958
|
* lang/asmc: update to 2.37.94Robert Clausecker3 days2-4/+4
| | | | Changelog: https://github.com/nidud/asmc/commits/639f195c7a155e7436cae1ea94097e5baaf40ec5
* lang/kefir: update to 0.5.1Robert Clausecker3 days4-21/+50
| | | | Changelog: https://git.sr.ht/~jprotopopov/kefir/refs/v0.5.1
* lang/gcc16-devel: Update to 16.0.1.s20260412Lorenzo Salvadore3 days2-4/+4
|
* lang/gcc15-devel: Update to 15.2.1.s20260411Lorenzo Salvadore3 days2-4/+4
|
* lang/gcc14-devel: Update to 14.3.1.s20260410Lorenzo Salvadore3 days2-4/+4
|
* lang/gcc13-devel: Update to 13.4.1.s20260409Lorenzo Salvadore3 days2-4/+4
|
* lang/picolisp: update to 26.3Pietro Cerutti3 days3-6/+4
| | | | See https://software-lab.de/doc/ChangeLog
* lang/quickjs: update to the recent snapshotSergey A. Osokin4 days2-5/+5
| | | | | | | PR: 294445 Approved by: yuri (maintainer) Sponsored by: tipi.work
* lang/lfortran: upgrade to v0.62.0Thierry Thomas5 days2-4/+4
| | | | Release notes at https://github.com/lfortran/lfortran/releases/tag/v0.62.0
* lang/python314: Security update to 3.14.4Matthias Andree5 days6-15/+224
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a -flto=full option, which can speed up the port build in terms of wallclock time at the expense of overall more CPU time. Issue a warning that test_ssl will fail from pre-test if DEBUG is enabled. Changelog: https://docs.python.org/release/3.14.4/whatsnew/changelog.html PR: 294324 Which contains these security fixes: pyexpat.c: Unbounded C recursion in conv_content_model causes crash Security: https://github.com/python/cpython/issues/145986 / CVE-2026-4224 Reject control characters in more places in http.cookies.Morsel Security: https://github.com/python/cpython/issues/145599 / CVE-2026-3644 SourcelessFileLoader does not use io.open_code() Security: https://github.com/python/cpython/issues/145506 / CVE-2026-2297 Disallow usage of control characters in status, headers and values for security in Lib/wsgiref/handlers.py Security: https://github.com/python/cpython/issues/144370 Reject leading dashes in webbrowser.open() Security: https://github.com/python/cpython/issues/143930 / 9fdad262-2e0f-11f1-88c7-00a098b42aeb / CVE-2026-4519 Excess Base64 data ignored after padding by default Security: https://github.com/python/cpython/issues/145264 / CVE-2026-3446 Additional security related PRs from upstream HTTP proxy via "CONNECT" tunneling doesn't sanitize CR/LF Obtained from: https://github.com/python/cpython/pull/148342 Security https://github.com/python/cpython/issues/146212 / CVE-2026-1502 configparser.RawConfigParser.{OPTCRE,OPTCRE_NV} regexes vulnerable to quadratic backtracking Obtained from: https://github.com/python/cpython/pull/148287 Security: https://github.com/python/cpython/issues/146333
* lang/quickjs-ng: update: 0.13.0 -> 0.14.0Sergey A. Osokin5 days2-4/+4
| | | | | | ChangeLog: https://github.com/quickjs-ng/quickjs/compare/v0.13.0...v0.14.0 Sponsored by: tipi.work
* lang/mujs: update 1.3.8 → 1.3.9Yuri Victorovich5 days2-12/+9
|
* lang/py-gherkin-official: update 36.1.0 → 39.0.0Yuri Victorovich6 days3-7/+7
|
* lang/rustpython: update 0.4.0 → 0.5.0Yuri Victorovich6 days2-898/+1300
|
* Emacs Lisp ports framework: OverhaulJoseph Mingrone6 days12-78/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This overhaul introduces four key changes to the elisp ports framework: 1. Remove support for packaged byte-compiled elisp. The primary motivation is to remove a large number of flavor-specific packages and to simplify the ports tree. As an example, supporting byte-compiled elisp for devel/tablist required six packages, one for each flavor of editors/emacs and editors/emacs-devel. With over 100 elisp ports and requests for new Emacs flavors, this was unmanageable. 2. Install configuration to integrate with Emacs's native compilation machinery, allowing elisp from ports to be compiled into the standard cache under the user's home directory. This matches the behavior of GNU ELPA packages and generally results in a faster experience. Speedups vary depending on the characteristics of the elisp code, but are often reported to be 2.5 to 5 times faster than byte-compiled code. 3. Perform byte compilation on the target host, but only when native compilation is unavailable. Compilation is initiated when Emacs starts, and the resulting .elc files are cached under the user's home directory. 4. Load all autoload files installed by FreeBSD elisp ports. This mirrors what package.el does for ELPA packages, ensuring that autoloaded functions are available without requiring users to explicitly load each package. Users with elisp packages (*-emacs_*) installed should consult the 2026-04-11 UPDATING entry for instructions on handling the transition. Reviewed by: ashish, Benjamin Jacobs <freebsd@dev.thsi.be>, dinoex, mandree, mce, nobutaka, Pat Maddox <pat@patmaddox.com>, rhurlin Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D56001
* lang/php85: Update version 8.5.4=>8.5.5Muhammad Moinur Rahman6 days2-7/+9
| | | | | | | | | | - Optionize JIT. JIT for opcache has been disabled by default. Make it and option to conditionally depend on capstone [1] Changelog: https://www.php.net/ChangeLog-8.php#8.5.5 PR: 294233 Reported by: chris@chrullrich.net
* lang/php84: Update version 8.4.19=>8.4.20Muhammad Moinur Rahman6 days2-4/+4
| | | | | | | | | - Remove xsltCleanupGlobals call in ext/xsl MSHUTDOWN [1] Changelog: https://www.php.net/ChangeLog-8.php#8.4.20 PR: 277888 Reported by: wolfgang@lyxys.ka.sub.org
* lang/gptscript: Update to 0.9.9Nicola Vitale6 days2-7/+7
| | | | | ChangeLog: https://github.com/gptscript-ai/gptscript/releases/tag/v0.9.9 Reported by: Nick Hale <notifications@github.com>
* lang/ghc94: Deprecate together with consumersGleb Popov6 days1-1/+4
|
* lang/py-textX: update 3.1.1 → 4.3.0Yuri Victorovich6 days2-11/+37
|
* various: Bump go ports for go-1.25.9 / 1.26.2Dag-Erling Smørgrav7 days3-2/+3
|
* lang/go126: Update to 1.26.2Dag-Erling Smørgrav7 days2-15/+15
| | | | | | | | | | | | | Changes: go1.26.2 (released 2026-04-07) includes security fixes to the go command, the compiler, and the archive/tar, crypto/tls, crypto/x509, html/template, and os packages, as well as bug fixes to the go command, the go fix command, the compiler, the linker, the runtime, and the net, net/http, and net/url packages. See the Go 1.26.2 milestone on our issue tracker for details. PR: 294339 MFH: 2026Q2
* lang/go125: Update to 1.25.9Dag-Erling Smørgrav7 days2-4/+4
| | | | | | | | | | | Changes: go1.25.9 (released 2026-04-07) includes security fixes to the go command, the compiler, and the archive/tar, crypto/tls, crypto/x509, html/template, and os packages, as well as bug fixes to the go command, the compiler, and the runtime. See the Go 1.25.9 milestone on our issue tracker for details. MFH: 2026Q2
* lang/gcc16-devel: Update to 16.0.1.s20260405Lorenzo Salvadore7 days2-4/+4
|
* lang/gcc15-devel: Update to 15.2.1.s20260404Lorenzo Salvadore7 days2-4/+4
|
* lang/gcc14-devel: Update to 14.3.1.s20260403Lorenzo Salvadore7 days2-4/+4
|
* lang/gcc13-devel: Update to 13.4.1.s20260402Lorenzo Salvadore7 days2-4/+4
|
* lang/cairo: update 2.16.1 → 2.17.0Yuri Victorovich7 days2-14/+7
|
* lang/neocmakelsp: update 0.10.1 → 0.10.2Yuri Victorovich7 days2-112/+112
|
* lang/inko: update 0.18.1 → 0.19.1Yuri Victorovich7 days4-370/+311
|
* lang/rhino: fix build with jdk11+Ronald Klop8 days2-2/+14
| | | | | | | unpin openjdk8 PR: 294332 Approved-by: maintainer (Nicola Vitale)
* lang/vala: update to 0.56.19Olivier Duchateau8 days1-3/+3
| | | | PR: 294205
* lang/python313: update to 3.13.13Charlie Li8 days5-21/+18
| | | | Changelog: https://docs.python.org/3.13/whatsnew/changelog.html#python-3-13-13-final
* lang/bsh: unpin openjdk8Ronald Klop9 days2-2/+45
| | | | | | | | Builds fine with modern JDK. The port is used in other ports that require openjdk8 so let it generate openjdk8 compatible class files. Approved-by: no maintainer
* */*: bump portrevision for openjdk dependency changeRonald Klop9 days1-1/+1
| | | | | | Other USES=java ports use JAVA_DEFAULT or are pinned to a specific version. PR: 293756
* lang/nll: Update 20260110a => 20260317aSAKAI Hiroaki10 days2-4/+4
| | | | | | | | | | | | Changelog: - Changed the delimiter for line number from space to comma. - Modified the bug to read the floating number having many number of digits. https://kozos.jp/nlux/download.html PR: 294297 Reported by: SAKAI Hiroaki <kozos@kozos.jp> (maintainer) Approved by: osa (mentor), vvd (co-mentor) MFH: 2026Q2
* lang/intercal: update to 0.34Robert Clausecker10 days2-4/+4
| | | | | | Changelog: http://www.catb.org/~esr/intercal/NEWS.html MFH: 2026Q2
* lang/python310: pull in upstream commits addressing webbrowser.open() issueCharlie Li12 days2-2/+8
| | | | | Security: 9fdad262-2e0f-11f1-88c7-00a098b42aeb PR: 294246
* lang/python311: pull in upstream commits addressing webbrowser.open() issueCharlie Li12 days2-2/+8
| | | | | Security: 9fdad262-2e0f-11f1-88c7-00a098b42aeb PR: 294246
* lang/python313: pull in upstream commits addressing webbrowser.open() issueCharlie Li12 days2-2/+10
| | | | | Security: 9fdad262-2e0f-11f1-88c7-00a098b42aeb PR: 294246
* lang/python313: fix pkg-config link logic for suffixedCharlie Li12 days3-15/+17
|
* lang/python312: pull in upstream commits addressing webbrowser.open() issueCharlie Li12 days2-2/+8
| | | | Security: 9fdad262-2e0f-11f1-88c7-00a098b42aeb
* lang/ruby40: Update to 4.0.1Po-Chuan Hsieh12 days2-4/+9
| | | | | | Changes: https://github.com/ruby/ruby/releases https://github.com/ruby/ruby/blob/master/NEWS.md https://www.ruby-lang.org/en/news/2026/03/16/ruby-4-0-2-released/
generated by cgit v1.3 (git 2.53.0) at 2026-04-17 16:22:03 +0000