Changes from 5.3.x to 5.4.0:
* Use Mike Haertel's MinRX regular expression matcher by default.
The old regex and dfa engines are still available.
* New @nsinclude directive: like @include but doesn't reset
the namespace to "awk".
* lshift()/rshift() return 0 when shifting more bits than in uintmax_t.
* Persistent memory: store meta-info in backing file; warn on
version mismatch; allow dynamic extensions with persistent memory.
* ordchr extension now supports multibyte / wide characters.
* length(array) is no longer an extension (POSIX 2024); --posix
no longer rejects it and --lint no longer warns.
* --traditional rationalised to match BWK awk behaviour.
* Assertions are now enabled in the C code.
* Hexadecimal floating-point values may now be used in source,
strtonum() and -n/--non-decimal-data option.
* UDP networking support is now deprecated, will be removed in 6.0.
* Reading regular disk input files is somewhat faster (no timeout check).
* Various bug fixes.
Link: https://git.savannah.gnu.org/cgit/gawk.git/plain/NEWS?h=gawk-5.4.0
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2026-04-06: Version 7.5.5
* New option --error-binary: Return an error if a
binary file is skipped.
* Fix: dos2unix error on empty input. The problem was introduced
in version 7.5.4.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
0.11.2 (CVE-2026-41163):
* In setuid mode, don't run the low-privileged parts of the setup
as dumpable, as that allows it to be ptraced which can lead to problems.
* New build option -Dsupport_setuid, which if set to false (the default)
disables the support for setuid.
0.11.1:
* Reset disposition of SIGCHLD, restoring normal subprocess management
if bwrap was run from a process that was ignoring that signal.
* Don't ignore --userns 0, --userns2 0 or --pidns 0 if used.
* Fix grammar in an error message and a broken link in the documentation.
Link: https://github.com/containers/bubblewrap/blob/v0.11.2/NEWS.md
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update from 1.27.0 to 1.28.0, tracking the MicroPython 1.28.0 release.
Add version check to test.sh using importlib.metadata to verify the
installed package version matches the expected version string.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Update from 6.10.1 to 6.19.0. Notable changes:
- 6.19.0: fix log sunit automatic configuration in mkfs; fix data
corruption bug in libxfs_file_write; fix various memory leaks; improve
realtime subvolume info in xfs_io statfs
- 6.18.0: adjust nr_zones for zoned filesystems on conventional devices
in mkfs; fix xfs_logprint pointer bugs; fix mdrestore superblock length
check; add 2025 LTS config
- 6.16.0: atomic write enhancements for maximum atomic write limits at
mount time; refactor log recovery infrastructure; remove experimental
warnings from xfs_scrub
- 6.13.0: comprehensive metadata directory support in xfs_repair, xfs_db,
and mkfs; realtime group support with new RT group structures; quota
inodes use metadata directory infrastructure; realtime space quotas
- 6.12.0: realtime device support in xfs_db; file range commit ioctls
with atomic write statx fields; modernize perag lookup to xarray;
require -std=gnu11 for compilation
Add test.sh to verify xfs-mkfs and xfs-fsck report the correct version
and xfs-admin/xfs-growfs produce expected help output.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
MinOZW does not implement any --version flag, so skip the generic
version check. Just verify the binary is present and executable.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
boost::asio::post() without an explicit executor fails to compile with
Boost >= 1.82 due to changes in the executor model: bare lambdas no
longer have an implicit system executor that satisfies the
blocking.never requirement.
Pass io_context_ explicitly as the first argument so the handler is
dispatched on the correct io_context thread, which is the original
intent of the call (making stop() safe to call from any thread).
Add test.sh
domoticz is a daemon requiring a database and network port; it does not
implement a --version flag. Verify the binary is present and executable.
Disable LTO to fix link failure on i386 with musl fortify
Suggested via https://github.com/openwrt/packages/pull/29239
Also tested.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
update to version v4.10, disable building gnulib-tests to avoid
compilation errors.
Add --disable-xattr to CONFIGURE_ARGS to avoid linking an unneeded
dependency.
Changes in sed since v4.9, from NEWS:
** Bug fixes
sed 's/a/b/g' (and other global substitutions) now works on input
lines longer than 2GB. Previously, matches beyond the 2^31 byte offset
would evoke a "panic" (exit 4).
[bug present since the beginning]
'sed --follow-symlinks -i' no longer has a TOCTOU race that could let
an attacker swap a symlink between resolution and open, causing sed to
read attacker-chosen content and write it to the original target.
[bug introduced in sed 4.1e]
sed no longer falsely matches when back-references are combined with
optional groups (.?) and the $ anchor. For example, this no longer
falsely matches the empty string at beginning of line:
$ echo ab | sed -E 's/^(.?)(.?).?\2\1$/X/'
Xab
[bug present since "the beginning"]
In --posix mode, sed no longer mishandles backslash escapes (\n,
\t, \a, etc.) after a named character class like [[:alpha:]].
For example, 's/^A\n[[:alpha:]]\n*/XXX/' would fail to match the
trailing newline, treating \n as a literal backslash and an 'n'
rather than a newline. This happened when an earlier backslash
escape in the same regex had already been converted, shifting the
in-place normalization buffer.
[bug introduced in sed 4.9]
sed --debug no longer crashes when a label (":") command is compiled
before the --debug option is processed, e.g., sed -f<(...) --debug.
[bug introduced in sed 4.7 with --debug]
sed no longer rejects the documented GNU extension 'a**' (equivalent
to 'a*') in Basic Regular Expression (BRE) mode. Previously, this
worked only with -E (ERE mode), even though grep has always accepted
it in BRE mode.
[bug present since "the beginning"]
sed no longer rejects "\c[" in regular expressions
[bug present since the beginning]
'sed --follow-symlinks -i' no longer mishandles an operand that is a
short symbolic link to a long symbolic link to a file.
[bug introduced in sed 4.9]
Fix some some longstanding but unlikely integer overflows.
Internally, 'sed' now more often prefers signed integer arithmetic,
which can be checked automatically via 'gcc -fsanitize=undefined'.
** Changes in behavior
In the default C locale, diagnostics now quote 'like this' (with
apostrophes) instead of `like this' (with a grave accent and an
apostrophe). This tracks the GNU coding standards.
'sed --posix' now warns about uses of backslashes in the 's' command
that are handled by GNU sed but are not portable to other
implementations.
** Build-related
builds no longer fail on platforms without the <getopt.h> header or
getopt_long function.
[bug introduced in sed 4.9]
Signed-off-by: Russell Senior <russell@personaltelco.net>
zstdgrep and zstdless are shell script wrappers that do not output a
version string, so the generic CI version check fails for them. Add a
test.sh case that verifies they are present and executable instead.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
dbus-utils utilities do not implement --version so the generic CI
version check fails for them. Add a test.sh case that verifies the
binaries are present and executable instead.
dbus-utils: dbus-monitor, dbus-send, dbus-test-tool
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Several bluez utilities do not implement --version so the generic CI
version check fails for them. Add test.sh cases that verify the
binaries are present and executable instead.
bluez-daemon: obexd
bluez-utils: bdaddr, ciptool, hciattach, hciconfig, l2ping, l2test, rctest
bluez-utils-extra: gatttool
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes in 3.10:
- general bug fixes from libsepol (bounds statements in optional
blocks, type attribute handling in role-types rule, NULL dereference
and use-after-free fixes)
- treewide: add .clang-format configuration file
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes in 3.10:
- python/sepolicy: add support for DNF5
- sandbox/seunshare: replace system() with execv() to prevent shell
injection vulnerability
- seunshare: always use translations when printing
- setfiles: add -A option to disable SELINUX_RESTORECON_ADD_ASSOC
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
The generic CI test fails for /usr/bin/attr because that binary does
not implement --version. getfattr and setfattr do, so test those for
the version string and only verify attr is present and executable.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Add --no-build-isolation to PYTHON_SETUP_ARGS. Without it, pip creates
an isolated build environment which fails during cross-compilation
because _sysconfigdata is missing for the target arch.
Add test.sh verifying python3-sepolgen module loads correctly and
selinux-audit2allow binary is functional.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Seems a lot of packages are just getting abandoned by people.
Will pick these up and see them through.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
The link flag makes the main program depend on liblua in official
package feeds, even if collectd-mod-lua is not installed.
The plugin is already linked against liblua.so, so this can be removed.
Signed-off-by: Qingfang Deng <dqfext@gmail.com>
[added PKG_RELEASE bump]
Watchcat was failing to restart layer-3 interfaces when in mode
'restart_iface'. The previously attempted fix made the situation
worse in that it resulted in layer 2 interfaces also failing to
start.
This was because we are passed the interface name (e.g. eth0,
l2p0, or br-lan), but ifup needs the logical network (e.g. 'lan'
which corresponds to the network device).
Update to use find_config from /lib/network/config.sh to find the
logical network from the interface name, and use ifup on the
logical network to restart the underlying interface(s) associated
with the logical network.
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
Current description is getting
cut off and is formatted incorrectly
in LuCI when viewing packages.
Rewrote description to shorten,
correct and provide a more
concise description that will
work in LuCI.
Signed-off-by: Joshua Criss <owlsy@outlook.com.au>
As we're seeing in various test.sh scrip runs, importing 'email' fails
with not finding 'urllib' and vice-versa.
Then via a7e96ec91 ("python3-email: add python3-urllib as dependency")
I created a circular dependency.
So, might as well merge the two packages into one (named python3-urllib)
and updates all dependencies to pull python3-urllib.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Fix dependency with python3-pkg-resources (it got removed).
And add test.sh
- Bump from 4.5.1 to 4.6.0
- Drop python3-pkg-resources dependency: setools uses
'from importlib import resources as pkg_resources' which is stdlib,
not the external pkg_resources package
- Update 010-no-gui.patch: pyproject.toml now manages script-files and
package-data (was setup.py in 4.5.1); rewrite patch to target it
- Update 030-remove-host-paths.patch: lib_dirs now uses list[str] type
hint; fix hunk header line numbers to match new upstream layout
- Add test.sh: verify core query classes (SELinuxPolicy, BoolQuery,
TypeQuery, RoleQuery, UserQuery) are accessible
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
cpe:/a:beep_project:beep is the correct CPE ID for beep:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:beep_project:beep
Indeed, spkr-beep is a fork of https://github.com/johnath/beep as
clearly stated in README.md: "This version of beep has been forked from
Johnathan Nightingales' original beep when johnath/beep#11 required
fixes in 2018, while Johnathan Nightingales' github.com/johnath/beep/
and johnath.com/beep/ was only maintained from around 2000 until around
2013.
So, it is still appropriate to use beep_project:beep CPE ID since the
code base remains the same and no new CPE has been assigned to the fork
(as there have been no new CVEs since 2018).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
The fwupd Config.in menu depends on PACKAGE_fwupd-libs, making
FWUPD_PLUGIN_FLASHROM implicitly depend on PACKAGE_fwupd-libs.
But fwupd-libs has a conditional dependency on libflashrom gated
by FWUPD_PLUGIN_FLASHROM, creating a circular dependency.
Fix by removing the depends on PACKAGE_fwupd-libs guard from the
Config.in menu and moving DEPENDS from Package/fwupd/Default into
Package/fwupd-libs directly. The menu options are always visible
in menuconfig but only take effect when fwupd-libs is selected.
Co-developed-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Joshua Klinesmith <joshuaklinesmith@gmail.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Jan Pavlinec <jan.pavlinec1@gmail.com> is no longer maintaining
these packages. Remove him from the PKG_MAINTAINER field across
all affected packages.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
LDLAGS -> LDFLAGS, fixes linker flags not being passed correctly.
Fixes: 94e7fbdda ("tar: import from oldpackages and upgrade to 1.28")
Signed-off-by: Qin Guang <topeqin@gmail.com>
Sync with MicroPython 1.27.0 release.
Drop patch: we have Python 3.14, importlib_metadata will be installed
for Python 3.7 or smaller.
New dep: platformdirs added.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Daniel Golle