x11/gnome-terminal: upgrade to 3.54.4 Upgrade to latest version to fix the build of the nautilus extension with latest nautilus. While here remove the SEARCHPROVIDER option, the option is only to install a simple ini file, and add run time dependency, which are actually not useful, the same way we now always completion files regardless weather or not a shell is installed, gnome-shell users will be happy to see the search provider is always configured for gnome-terminal.

x11/plasma6-plasma-desktop: Remove xf86-input-synaptics dependency from RUN_DEPENDS too Reported by: Lars Engels <lars.engels@0x20.net> Fixes: 1c82c9f99ce3b1a46f034af88387eca24927233e

science/csvtk: Update to 0.33.0 A few new features and enhancements Changes: science/csvtk: Update to 0.33.0 Reported by: portscout

graphics/nvidia-drm-66-kmod: Bump PORTREVISION Fixes: f7f46d1b58 ("graphics/drm-66-kmod: Update to drm_v6.6.25_2")

www/librewolf: Update 136.0-2 136.0.1-1 Changelog: https://www.mozilla.org/en-US/firefox/136.0.1/releasenotes/ PR: 285360 MFH: 2025Q1

net/krakend-ce: update 2.9.1 → 2.9.3 Changelogs: https://github.com/krakend/krakend-ce/releases/tag/v2.9.2 https://github.com/krakend/krakend-ce/releases/tag/v2.9.3 PR: 285188

www/groupoffice: Update to 25.0.7 Take maintainership Add missing DEPENDS

textproc/tkdiff: Update to 5.7

lang/rust-nightly: update 1.87.0.20250304 → 1.87.0.20250311 Approved by: rust (implicit)

ftp/ftpproxy: Bump PORTREVISION Because of commit 629de3e1aa28bc9a6dc19a5659c7c635304c4d39.

ftp/ftpproxy: Minor cosmetic changes Add rc.d script and option to use PID file. Switch to DISTVERSION. Add license information. PR: 269722 Approved by: maintainer timeout (3+ weeks)

graphics/plutovg: Update to 0.0.13 Changelog: https://github.com/sammycage/plutovg/releases PR: 285186 Approved by: submitter is maintainer

devel/gradle: Update to 8.13 Submitter takes maintainership. PR: 285238

sysutils/limine: Update 9.0.0 → 9.1.3 Chengelogs: https://github.com/limine-bootloader/limine/blob/v9.1.3/ChangeLog PR: 285358

devel/py-watchdog: Update to 6.0.0 - Update list of test dependencies - Pet portclippy Release changes: https://github.com/gorakhargosh/watchdog/releases/tag/v6.0.0 Reported by: portscout!

graphics/drm-66-kmod: Update to drm_v6.6.25_2 This exports all symbols from the modules. See https://github.com/freebsd/drm-kmod/commit/81f4ddf1c1a5041769f1376e027fa1751df6c292 for the explaination. Sponsored by: Beckhoff Automation GmbH & Co. KG

graphics/drm-61-kmod: Update to drm_v6.1.128_1 This exports all symbols from the modules. See https://github.com/freebsd/drm-kmod/commit/6ed51c38a8ffb2499685336422c74f55676e3c3b for the explaination. Sponsored by: Beckhoff Automation GmbH & Co. KG

graphics/drm-515-kmod: Update to drm_v5.15.160_2 This exports all symbols from the modules. See https://github.com/freebsd/drm-kmod/commit/676098fb2f54827d8a2dc7375ceecf62c96d0d66 for the explaination. Sponsored by: Beckhoff Automation GmbH & Co. KG

www/py-youtube-transcript-api: Update to 1.0.1 Release changes: https://github.com/jdepoix/youtube-transcript-api/releases/tag/v1.0.1 Reported by: Jonas Depoix <notifications@github.com>

www/py-google-api-python-client: Update to 2.164.0 Release changes: https://github.com/googleapis/google-api-python-client/releases/tag/v2.164.0 Reported by: "release-please[bot]" <notifications@github.com>

games/veloren-weekly: update to s20250313 Changes: https://gitlab.com/veloren/veloren/-/compare/1a99dd269...e3f18f4ec

databases/pgroonga: Update version 3.1.8=>3.1.9 Changelog: https://pgroonga.github.io/news/#version-3-1-9

textproc/groonga: Update version 14.0.0=>14.0.1 Changelog: https://groonga.org/docs/news/14.html#release-14-0-1

sysutils/consul: Update version 1.20.4=>1.20.5 Changelog: https://github.com/hashicorp/consul/releases/tag/v1.20.5

net-mgmt/ndoutils: Update version 2.1.4=>2.1.5 Changelog: https://github.com/NagiosEnterprises/ndoutils/blob/ndoutils-2.1.5/Changelog

net/libdaq: Update version 3.0.18=>3.0.19 Changelog: https://github.com/snort3/libdaq/releases/tag/v3.0.19

sysutils/httm: Update version 0.46.5=>0.46.6 Changelog: https://github.com/kimono-koans/httm/releases/tag/0.46.6

devel/py-babi_grammars: Update version 0.0.58=>0.0.59 Changelog: https://github.com/asottile/babi-grammars/releases/tag/v0.0.59

databases/freetds-devel: Update version 1.4.395=>1.4.397

x11/rio: update 0.2.9 → 0.2.10 Reported by: portscout

biology/seqkit: update 2.9.0 → 2.10.0 Reported by: portscout

games/gogui: update 1.5.4a → 1.6.0 Reported by: portscout

audio/libremidi: update 4.5.0 → 5.0.0 Reported by: portscout

devel/camp: update 2024.07.0 → 2025.03.0 Reported by: portscout

cad/symbiyosys: update 0.50 → 0.51 Reported by: portscout

cad/yosys: update 0.50 → 0.51 Reported by: portscout

biology/taxonkit: update 0.18.0 → 0.19.0 Reported by: portscout

x11-fonts/iansui: Update to 1.011

*/*: Rework manpages handling in Samba-related ports * Remove outdated, incorrect, precompiled manpages from ${FILESDIR}/files/man. * Properly disable manpages generation since XSLTPROC was set to true(1) WAF always assumed xsltproc(1) to work and if any automatic dependency pulled in textproc/docbook-xsl, manpages were generated even if explicitly disabled. Approved by: jrm (mentor) Differential Revision: https://reviews.freebsd.org/D49327

print/ghostscript10: Update port to 10.05.0 Approved by: jrm (mentor), otis (mentor), ... Differential Revision: https://reviews.freebsd.org/D49338

lang/rust: do not build the documentation on armv7 A bug [1] prevents documentation from being compiled on this platform, disable it until it's fixed in a release branch. [1] https://github.com/rust-lang/rust/pull/137632 Reported by: mmel

www/gitlab: security and bugfix update to 17.9.2 Changes: https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/ Security: a435609c-ffd5-11ef-b4e4-2cf05da270f3

japanese/fcitx5-anthy: Flavorize for anthy-unicode PR: 283177

security/vuxml: document gitlab vulnerabilities

science/packmol: Update to 20.16.0

textproc/fcitx5-qt: Set qt6 as default flavor PR: 283406 Approved by: khng (implicitly) Sponsored by: The FreeBSD Foundation

textproc/fcitx5-configtool: Add qt6 flavor PR: 283406 Approved by: khng (implicitly) Sponsored by: The FreeBSD Foundation

security/vuxml: Fix 9cf03c96-ffa5-11ef-bb15-002590af0794 entry vuxml build: ``` Application exception: bad CVE name for vid 9cf03c96-ffa5-11ef-bb15-002590af0794: GHSA-693p-m996-3rmf @ho:215 ``` Fixes: 90289c6eaa01 vuxml: Document vim vulnerability Sponsored by: The FreeBSD Foundation

sysutils/podman-compose: Fix build Add missing build dependency: devel/py-setuptools PR: 285349

devel/jenkins: Update to 2.501 Sponsored by: The FreeBSD Foundation

science/py-phonopy: Fix build by adding missing dependency Reported by: fallout

science/cantera: Fix build by adding missing dependency Reported by: fallout

science/R-cran-fastICA: Update to 1.2.7

mail/spampd: Update to 2.62

www/elgg: Update to 6.1.4

mail/p5-Email-Sender: Update to 2.601 PR: 283940 Reported by: linimon@ Approved by: maintainer(timeout, > 60 days)

textproc/py-elementpath: Update to 4.8.0

multimedia/plexmediaserver: Update 1.41.4.9463 → 1.41.5.9522 Changelog: https://forums.plex.tv/t/plex-media-server/30447/667 PR: 285353

vuxml: Document vim vulnerability

editors/vim: Update to 9.1.1198 (security) potential data loss with zip.vim and special crafted zip files Date: 12.03.2025 Severity: Medium CVE: CVE-2025-29768 CWE: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88) Summary potential data loss with zip.vim and special crafted zip files Description Vim is distributed with the zip.vim plugin, that allows easy editing and viewing of zip archives. To view and extract zip files, vim uses the unzip(1) command, usually provided by Info-ZIP, latest version on Debian is 6.0 from April 2009. If an attacker creates an archive which contains a file -d/tmp, and a Vim user views such a file and tries to extract such filename from the archive, Vim will essentially run the following unzip command: unzip -o <archive.zip> member-filename However, since the member-filename is called -d/tmp, this is seen by the unzip command as an additional argument and it therefore happily extracts the whole archive into the mentioned directory, overwriting existing files because of the -o. Unfortunately, the latest released unzip version does not support -- as and end-of-argument marker, so we cannot use this to mark the beginning of the member-files for unzip. Well, apparently there exists some 6.10 beta release, that hasn't made it to an official release yet which supports the use of the -- marker since 2010 (but this isn't widely known). Therefore, Vim will try to work-around it by using the [-] glob when a filename starts with a - to protect unzip from parsing the filename as an argument, which is just an ugly work-around. Impact Impact is moderate because a user must be made to view such an archive with Vim and then press 'x' to extract such a strange filename. The Vim project would like to thank @Ry0taK (GMO Flatt Security Inc) and @takumi-san-ai for reporting this issue. MFH: 2025Q1 Security: GHSA-693p-m996-3rmf

games/veloren-weekly: update to s20250312 Changes: https://gitlab.com/veloren/veloren/-/compare/9f5385556...1a99dd269

graphics/mesa-devel: update to 25.0.b.2010 Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/54912281a02...cff40b1512a

emulators/rpcs3: update to 0.0.35.17644 Changes: https://github.com/RPCS3/rpcs3/compare/583ec5d819...a108ce8015

audio/faudio: add SDL3 flavor (default since 25.03)

games/veloren-weekly: update to s20250312 Changes: https://gitlab.com/veloren/veloren/-/compare/ce0b7f06b...9f5385556

x11-fonts/fcft: update to 3.3.0 Changes: https://codeberg.org/dnkl/fcft/releases/tag/3.3.0 Reported by: upstream (via mail)

multimedia/svt-av1: update to 3.0.1 Changes: https://gitlab.com/AOMediaCodec/SVT-AV1/-/releases/v3.0.1 Reported by: GitLab (notify releases)

graphics/spirv-tools: update to 2025.1.r1 Changes: https://github.com/KhronosGroup/SPIRV-Tools/compare/v2024.4.rc2...v2025.1.rc1 Reported by: Repology

x11/way-displays: update to 1.12.2 Changes: https://github.com/alex-courtis/way-displays/releases/tag/1.12.2 Reported by: GitHub (watch releases)

sysutils/kubectl: Update to 1.32.3

devel/py-time-machine: Update to 2.13.0 Reported by: portscout!

devel/py-terminaltexteffects: Update to 0.12.0 Release changes: https://github.com/ChrisBuilds/terminaltexteffects/releases/tag/release-0.12.0 Reported by: portscout!

devel/py-stevedore: Update to 5.4.1 Release changes: https://docs.openstack.org/stevedore/latest/user/history.html Reported by: portscout!

net-im/py-punjab: mark BROKEN and set to expire This port fails at runtime. If I run it with rc-script: """ File "/usr/local/lib/python3.11/site-packages/punjab/httpb.py", line 17, in <module> import error builtins.ModuleNotFoundError: No module named 'error' Failed to load application: No module named 'error' /usr/local/etc/rc.d/punjab: WARNING: failed to start punjab """ and if I run it directly with `twistd punjab`: """ builtins.TypeError: Class advice impossible in Python3. Use the @implementer class decorator instead. """ There is no maintainer and last activity in project repo dated 6 years ago. Prevent building of this package at cluster and set to expire in one month.

net-im/py-nbxmpp: update to 6.0.2 Changes: https://dev.gajim.org/gajim/python-nbxmpp/-/commit/5cdc260c

devel/py-scripttest: Update to 2.0 - Remove files/patch-tests_test__string.py Reported by: portscout!

databases/py-aiosql: Update to 13.3 Release changes: https://github.com/nackjicholson/aiosql/releases/tag/13.3 Reported by: portscout!

archivers/arqiver: Update 1.0.0 → 1.0.1 Changelog: https://github.com/tsujan/Arqiver/releases/tag/V1.0.1 Remove options with incorrect dependencies. This version support libarchive (bsdtar), gzip and 7z. PR: 285347

graphics/libepoxy: add run dependency on libegl libexpoxy does not technically link to libegl, but has a dependency on it via its pkgconf file, in the future we will stop tracking LIB_DEPENDS as RUN_DEPENDS, anticipate this change and enforce egl.pc as a RUN_DEPENDS

KDE: Update Plasma 6 to 6.3.3 Announcement: https://kde.org/announcements/plasma/6/6.3.3/

multimedia/kamoso: add missing runtime dependency and update WWW while here

textproc/asciidoc: add forgotten build dependency on libxslt

ports-mgmt/packagekit: Use @sample on transaction.db file to avoid checksum warnings PR: 285178

systils/data-prepper: Opensearch Data Prepper Data Prepper is a server-side data collector capable of filtering, enriching, transforming, normalizing, and aggregating data for downstream analysis and visualization. Sponsored by: Klara, Inc. Approved by: 0mp (mentor) Approved by: kevans Approved by: opensearch (Sven Ruediger <admin@hackacad.net>) Co-authored-by: kiwi Differential Revision: https://reviews.freebsd.org/D48883

www/piwigo: Update to 15.5.0.

net-mgmt/telegraf: Update to 1.34.0 Release notes: https://github.com/influxdata/telegraf/releases/tag/v1.34.0

devel/libada: update to 3.2.1 release (+) Release Notes: https://github.com/ada-url/ada/releases/tag/v3.2.0 \ https://github.com/ada-url/ada/releases/tag/v3.2.1 Approved by: osa

lang/gcc13: Fix libisl.so linking Fix linking with libisl.so depending on GRAPHITE option, which is now implemented through options helpers. Co-authored-by: Gerald Pfeifer <gerald@FreeBSD.org> PR: 276070 Reported by: Ivan Rozhuk <rozhuk.im@gmail.com>

lang/gcc13: Fix segfaults for static binaries Fix segmentation faults caused by -static flag into compiled binaries. Email thread: https://lists.freebsd.org/archives/freebsd-hackers/2025-January/004236.html Upstream bug report: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118685 PR: 284441 Reported by: kargl

print/miktex: Update to 25.2 This release builds fine with ICU 76.1, remove BROKEN flag. Set WRKSRC. Update distinfo (some source lzma changed, their names don't).

net/openmpi: Fix pkg-plist when non-default option SLURM is used PR: 285345 Reported by: leres (via email) Fixes: d164009dd097 (Update 5.0.6 → 5.0.7)

graphics/phototonic: Update to 2.98 ChangeLog: https://github.com/luebking/phototonic/releases/tag/v.2.98

math/R-cran-units: Update to 0.8-7 ChangeLog: https://cran.r-project.org/web/packages/units/news/news.html

devel/R-cran-collapse: Update to 2.1.0 - Switch WWW to canonical form ChangeLog: https://cran.r-project.org/web/packages/collapse/news/news.html

sysutils/gomplate: Update to 4.3.1 ChangeLog: https://github.com/hairyhenderson/gomplate/releases/tag/v4.3.1

deskutils/nextcloudclient: Update to 3.16.0

textproc/asciidoc: explicit the dependencies on libxml2 and libxslt With newer pkg we plan to dissociate the semantic of LIB_DEPENDS and RUN_DEPENDS, asciidoc does not actually depend on the library part of both libxml2 and libxslt but on the binaries xmllint and xsltproc. USE_GNOME= libxml2 libxslt will result with the runtime dependencies expressed a LIB_DEPENDS which make the packages broken with some upcoming changes in the ports tree and newer pkg.