www/nginx-devel: update third-party passenger module to 6.0.26

Bump PORTREVISION.

*/*: Chase devel/abseil update

devel/grpc: Update to 1.70.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: security update from 1.27.3 to 1.27.4

<ChangeLog>

*) Security: insufficient check in virtual servers handling with TLSv1.3
   SNI allowed to reuse SSL sessions in a different virtual server, to
   bypass client SSL certificates verification (CVE-2025-23419).

*) Feature: the "ssl_object_cache_inheritable", "ssl_certificate_cache",
   "proxy_ssl_certificate_cache", "grpc_ssl_certificate_cache", and
   "uwsgi_ssl_certificate_cache" directives.

*) Feature: the "keepalive_min_timeout" directive.

*) Workaround: "gzip filter failed to use preallocated memory" alerts

www/nginx-devel: third-party modules management (+)

o) update sticky-module-ng to it's recent snapshot by
   changing provider;
o) add http-auth-jwt module.

Bump PORTREVISION.

www/nginx-devel: update third-party modules...

to their recent snapshots or versions:
o) push-stream
o) http_substitutions_filter
o) upload
o) upload-progress
o) upstream_check
o) mod_zip
o) naxsi
o) rds-csv
o) rds-json
o) redis2
o) rtmp
o) set-misc
o) sflow
o) srcache
o) vts
o) xss

Bump PORTREVISION.

www/nginx-devel: update third-party ip2location-ip2proxy module...

after net/ip2proxy recent update.

Bump PORTREVISION.

Also, fix my previous commit for the third-party stream-lua module.

Fixes:	4e51506ec92c7ee330509ade93bb618c6f8101f3

www/nginx-devel: update third-party modules...

to their recent snapshots or versions:
o) array-var
o) aws_auth
o) ct
o) echo
o) dynamic_upstream
o) encrypted-session
o) headers_more
o) http-auth-digest
o) auth-ldap
o) auth_pam
o) eval
o) fancyindex
o) geoip2
o) ip2location
o) http_json_status
o) passenger

Bump PORTREVISION.

www/nginx-devel: update third-party modules (+)

o) stream-lua to 0.0.16;
o) memc to 0.20.

Bump PORTREVISION.

www/nginx-devel: update third-party lua module 0.10.26 -> 0.10.28

Bump PORTREVISION.

www/nginx-devel: update third-party modsecurity3 module...

to the recent snapshot.
Update the project name to `owasp-security'.

Bump PORTREVISION.

devel/protobuf: Update to 29.3

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/grpc: Update to 1.69.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

*/*: update NGINX JavaScript: 0.8.8 -> 0.8.9 (+)

<ChangeLog>

nginx modules:

*) Bugfix: removed extra VM creation per server.
   Previously, when js_import was declared in http or stream blocks,
   an extra copy of the VM instance was created for each server
   block. This was not needed and consumed a lot of memory for
   configurations with many server blocks.

  This issue was introduced in 9b674412 (0.8.6) and was partially
  fixed for location blocks only in 685b64f0 (0.8.7).

Core:

*) Feature: added fs module for QuickJS engine.

</ChangeLog>

www/nginx-devel: update third-party modsecurity module

to the recent snapshot.

Bump PORTREVISION.

www/nginx-devel: update third-party modules

... to their recent snapshots:
- shibboleth
- vod
- vts

Bump PORTREVISION.

www/nginx-devel: update third-party http_push (aka nchan) module...

to its recent version - 1.3.7.

Bump PORTREVISION.

www/nginx-devel: fix third-party modsecurity module build

www/nginx-devel: optimize NJS infrastructure (+)

- remove NJS_QJS and NJS_XML knobs, always build such components
- add arguments to NJS' configure
- remove needless patches
- the port depends on devel/pcre2, so move `--with-ld-opt' to the
  main configure level

Bump PORTREVISION.

www/nginx-devel: update OTel module to the recent snapshot

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.8.7 -> 0.8.8 (+)

Bump PORTREVISION for the www/unit.

<ChangeLog>

nginx modules:

*) Feature: implemented shared dictionary for QuickJS engine.

*) Improvement: js_preload_object is refactored.

*) Bugfix: fixed limit rated output.

*) Bugfix: optimized use of SSL contexts for

www/nginx-devel: update NGINX OTel module (no-cmake branch)

Bump PORTREVISION.

www/nginx-devel: update from 1.27.2 to 1.27.3

<ChangeLog>

*) Feature: the "server" directive in the "upstream" block supports the
   "resolve" parameter.

*) Feature: the "resolver" and "resolver_timeout" directives in the
   "upstream" block.

*) Feature: SmarterMail specific mode support for IMAP LOGIN with
   untagged CAPABILITY response in the mail proxy module.

*) Change: now TLSv1 and TLSv1.1 protocols are disabled by default.

www/nginx-devel: update NGINX OTel module to the recent snapshot

Bump PORTREVISION.

devel/grpc: Update to 1.68.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

Bump PORTREVISIONs after grpc shlib change in 2715f16944541b6b

PR:		282624
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D47513

devel/protobuf: Update to 28.3

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

*/*: update NGINX JavaScript: 0.8.5 -> 0.8.7 (+)

<ChangeLog>

Changes with njs 0.8.7                                       22 Oct 2024

nginx modules:

*) Bugfix: eliminated unnecessary VM creation.
   Previously, njs consumed memory proportionally to the number of
   nginx locations. The issue was introduced in 9b674412 (0.8.6).

*) Improvement: added strict syntax validation for js_body_filter.

*) Improvement: improved error messages for module loading

devel/grpc: Update to 1.67.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: update from 1.27.1 to 1.27.2

<ChangeLog>

*) Feature: SSL certificates, secret keys, and CRLs are now cached on
   start or during reconfiguration.

*) Feature: client certificate validation with OCSP in the stream
   module.

*) Feature: OCSP stapling support in the stream module.

*) Feature: the "proxy_pass_trailers" directive in the
   ngx_http_proxy_module.

*) Feature: the "ssl_client_certificate" directive now supports
   certificates with auxiliary information.

*) Change: now the "ssl_client_certificate" directive is not required
   for client SSL certificates verification.

</ChangeLog>

devel/protobuf: Update to 28.2

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/protobuf: Update to 28.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/protobuf: Update to 28.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/grpc: Update to 1.66.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: update third-party passenger module to 6.0.23

Bump PORTREVISION.

www/nginx-devel: security update 1.27.0 -> 1.27.1

<ChangeLog>

*) Security: processing of a specially crafted mp4 file by the
   ngx_http_mp4_module might cause a worker process crash
   (CVE-2024-7347).
   Thanks to Nils Bars.

*) Change: now the stream module handler is not mandatory.

*) Bugfix: new HTTP/2 connections might ignore graceful shutdown of old
   worker processes.
   Thanks to Kasei Wang.

*) Bugfixes in HTTP/3.

</ChangeLog>

www/(nginx|nginx-devel|lua-resty-core): Document lua module
dependencies/alternate maintainers

PR:		280882, 277145

devel/protobuf: Update to 27.3

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/grpc: Update to 1.65.4

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: update OTEL module to the recent snapshot

Bump PORTREVISION.

www/nginx-devel: fix typo with libressl dependency

Bump PORTREVISION.

PR:	280311

www/nginx-devel: add QuickJS engine to NGINX JavaScript module

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.8.4 -> 0.8.5 (+)

<ChangeLog>

*) Change: r.variables.var, r.requestText, r.responseText,
   s.variables.var, and the "data" argument of the s.on() callback
   with "upload" or "download" event types will now convert bytes
   invalid in UTF-8 encoding into the replacement character.  When
   working with binary data, use r.rawVariables.var, r.requestBuffer,
   r.responseBuffer, s.rawVariables.var, and the "upstream" or
   "downstream" event type for s.on() instead.

*) Feature: added timeout argument for shared dictionary methods
   add(), set() and incr().

www/nginx-devel: fix third-party passenger module warning

Also, release third-party passenger module from the pcre1 users
list, it builds fine with pcre2.

Bump PORTREVISION.

www/nginx-devel: add third-party stream-lua module

Bump PORTREVISION.

PR:	278951

www/nginx-devel: add third-party zstd module

PR:		279002

www/nginx-devel: security update from 1.26.0 to 1.27.0

Update third-party passenger module to 6.0.22.

<ChangeLog>

    *) Security: when using HTTP/3, processing of a specially crafted QUIC
       session might cause a worker process crash, worker process memory
       disclosure on systems with MTU larger than 4096 bytes, or might have
       potential other impact (CVE-2024-32760, CVE-2024-31079,
       CVE-2024-35200, CVE-2024-34161).
       Thanks to Nils Bars of CISPA.

    *) Feature: variables support in the "proxy_limit_rate",
       "fastcgi_limit_rate", "scgi_limit_rate", and "uwsgi_limit_rate"

www/nginx-devel: fix loading NJS dynamic module for stream

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.8.3 -> 0.8.4 (+)

<ChangeLog>

nginx modules:

*) Feature: allowing to set Server header for outgoing headers.

*) Improvement: validating URI and args arguments in r.subrequest().

*) Improvement: checking for duplicate js_set variables.

*) Bugfix: fixed clear() method of a shared dictionary without
   timeout introduced in 0.8.3.

*) Bugfix: fixed r.send() with Buffer argument.

Core:

*) Feature: added QuickJS engine support in CLI.

*) Bugfix: fixed atob() with non-padded base64 strings.

</ChangeLog>

www/nginx-devel: update PORTSCOUT to the relevant values

www/nginx-devel: update from 1.25.5 to 1.26.0 (+)

<ChangeLog>

*) 1.26.x stable branch.

</ChangeLog>

www/nginx-devel: update 1.25.4 -> 1.25.5 (+)

Fix building third-party naxsi module.

<Changelog>

*) Feature: virtual servers in the stream module.

*) Feature: the ngx_stream_pass_module.

*) Feature: the "deferred", "accept_filter", and "setfib" parameters of
   the "listen" directive in the stream module.

*) Feature: cache line size detection for some architectures.
   Thanks to Piotr Sikora.

www/nginx-devel: update third-party passenger module to 6.0.20

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.8.2 -> 0.8.3 (+)

<ChangeLog>

    nginx modules:

    *) Bugfix: fixed Headers.set().

    *) Bugfix: fixed js_set with Buffer values.

    *) Bugfix: fixed clear() method of a shared dictionary when
       a timeout is not specified.

    *) Bugfix: fixed stub_status statistics when js_periodic is
       enabled.

devel/grpc: Update to 1.62.0

- Bump PORTREVISION of dependent ports for shlib change
  Broken ports are skipped:
  - science/py-tensorflow
  - sysutils/apache-mesos

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: remove orphaned patch (+)

Fixes:	b2ad75a2b920e1659afd54e5313e46f1f35bcd28

www/nginx-devel: remove third-party opentracing module (+)

Similar functionality is available with OTEL module, also
devel/libopentracing port is EOLed today.

Bump PORTREVISION.

www/nginx-devel: third-party modules management (+)

Change GH location for the third-party video-thumbextractor module.
The size of the new distro is much bigger just because it contains
many tests.

PR:	277155

devel/grpc: Update to 1.61.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

devel/opentelemetry-*: update to their recent versions (+)

o) opentelemetry-cpp: 1.13.0 -> 1.14.0
o) opentelemetry-proto: 1.0.0 -> 1.1.0

Bump PORTREVISION for www/nginx-devel.

www/nginx-devel: Update to 1.25.4

Approved by:	portmgr (bapt)
Security:	CVE-2024-24989, CVE-2024-24990

MAN?PREFIX: eleminate its usage  and move man to share/man

www/nginx-devel: third-party modules management (+)

o) update third-party brotli module to the latest snapshot.

Bump PORTREVISION.

www/nginx-devel: third-party modules management (+)

o) update third-party lua module to 0.10.26;
o) update third-party headers-more module to latest snapshot;
o) remove third-party http_mp4_h264 module, legacy and undownloadable.

Bump PORTREVISION.

www/nginx-devel: third-party modules management (+)

o) remove third-party cookie_flag module, the functionality supported
   natively by the proxy_cookie_flags directive;
o) update third-party ndk module to 0.3.3;
o) update third-party lua module to 0.10.26.rc2.

Updated version of the lua module can be built with pcre2.

Bump PORTREVISION.

*/*: Sunset 12.4-RELEASE/12-STABLE from ports tree

- Remove all references to defunct ARCH arm
- Remove all references to defunct ARCH sparc64
- Remove x11-drivers/xf86-video-sunffb which requires defunct sparc64
  ARCH
- Remove sysutils/afbinit requires defunct sparc64 ARCH
- Remove all references to bktr driver
- Remove all references to defunct FreeBSD_12
- Remove all references to OSVERSION/OSREL corresponding to 12
- Remove conditionals in Mk/Uses/cabal.mk
- Remove sparc reference from Mk/Uses/qt-dist.mk
- Remove BROKEN_sparc64/NOT_FOR_ARCH=sparc64
- Remove BROKEN_FreeBSD_12* from:
- Remove OpenSSL patches from:
- Remove conditional flags for OSVERSION >= 1300000 to fixed flags.
  Also move conditional flags for non sparc64/arm ARCH to fixed flags.

Reviewed by:	brooks, jbeich, rene, salvadore
Differential Revision: https://reviews.freebsd.org/D42068

www/nginx-devel: update OTEL module to its recent snapshot

Bump PORTREVISION.

www/nginx-devel: update to the recent snapshot

This fix build with OTEL module after devel/protobuf update to 24.4.

devel/grpc: Update to 1.60.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

devel/protobuf: Update to 24.4

- Use USES=pathfix to fix .pc installation
- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

www/nginx-devel: update third-party headers_more module...

to its recent snapshot.

Bump PORTREVISION.

www/nginx-devel: update third-party modules

o) lua 0.10.25 -> 0.10.26rc1
o) passenger 6.0.18 -> 6.0.19

Bump PORTREVISION.

www/nginx-devel: fix build with a third-party passenger module

Bump PORTREVISION.

PR:	275161

www/nginx-devel: update third-party naxsi module to v1.6

Bump PORTREVISION.

www/nginx-devel: update 1.25.2 -> 1.25.3 (+)

<Changelog>

*) Change: improved detection of misbehaving clients when using HTTP/2.

*) Feature: startup speedup when using a large number of locations.
   Thanks to Yusuke Nojima.

*) Bugfix: a segmentation fault might occur in a worker process when
   using HTTP/2 without SSL; the bug had appeared in 1.25.1.

*) Bugfix: the "Status" backend response header line with an empty
   reason phrase was handled incorrectly.

*) Bugfix: memory leak during reconfiguration when using the PCRE2
   library.
   Thanks to ZhenZhong Wu.

*) Bugfixes and improvements in HTTP/3.

</Changelog>

*/*: update NGINX JavaScript: 0.8.1 -> 0.8.2 (+)

<ChangeLog>

nginx modules:

*) Feature: introduced console object. The following methods
   were introduced: error(), info(), log(), time(), timeEnd(),
   warn().

*) Bugfix: fixed HEAD response handling with large Content-Length
   in fetch API.

*) Bugfix: fixed items() method for a shared dictionary.

www/nginx-devel: update third-party brotli module (+)

Bump PORTREVISION.

www/nginx-devel: update third-party naxsi module to 1.5 (+)

Change the distribution point to GH/wargio due to inactivity
in GH/nbs-system.
Update patches.

Bump PORTREVISION.

www/nginx-devel: bump PORTREVISION (+)

... after devel/opentelemetry-cpp update.

www/nginx-devel: update OTel module to the recent commit

Bump PORTREVISION.

www/nginx-devel: fix OTel module build (+)

Special thanks to:	pluknet

Bump PORTREVISION.

www/nginx-devel: add NGINX Open Telemetry module (+)

Bump PORTREVISON.

*/*: update NGINX JavaScript: 0.8.0 -> 0.8.1 (+)

<ChangeLog>

nginx modules:

*) Feature: introduced js_periodic directive.
    The directive specifies a JS handler to run at regular intervals.

*) Feature: implemented items() method for a shared dictionary.
   The method returns all the non-expired key-value pairs.

*) Bugfix: fixed size() and keys() methods of a shared dictionary.

*) Bugfix: fixed erroneous exception in r.internalRedirect()
   introduced in 0.8.0.

Core:

*) Bugfix: fixed incorrect order of keys in
   Object.getOwnPropertyNames().

</ChangeLog>

www/nginx-devel: update 1.25.1 -> 1.25.2 (+)

Remove or update legacy post-patch targets.

<Changelog>

*) Feature: path MTU discovery when using HTTP/3.

*) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
   HTTP/3.

*) Change: now nginx uses appname "nginx" when loading OpenSSL
   configuration.

*) Change: now nginx does not try to load OpenSSL configuration if the
   --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
   environment variable is not set.

*) Bugfix: in the $body_bytes_sent variable when using HTTP/3.

*) Bugfix: in HTTP/3.

</Changelog>

www/nginx-devel: update third-party cache_purge module to fix crashes

Bump PORTREVISION.
PR:	272546

www/*: update Passenger 6.0.17 -> 6.0.18

Bump PORTREVISION for www/nginx-devel.

<ChangeLog>
 * Adds support for arm (aarch64) rpm packages.
 * Adds Ubuntu 23.04 "Lunar" packages, removes Ubuntu 22.10
   "Kinetic" packages.
 * Removes packages for Debian 9 "Stretch" (EOL June 2022).
 * [RPM] Changes to building Nginx module packages for the latest
   supported Nginx module stream instead of the default.
 * [Ruby] Makes Passenger more resilient to invalid byte sequences
   when loading the Ruby native extension. Contributed by Drew Wells.
 * [Ruby] Add an `unhandled_exception_before_exit` event callback.
   Contributed by James Tomson.

www/nginx-devel: add missing configure option for http_xslt module (+)

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.7.12 -> 0.8.0 (+)

<ChangeLog>

nginx modules:

*) Change: removed special treatment of forbidden headers in Fetch API
   introduced in 0.7.10.

*) Change: removed deprecated since 0.5.0 r.requestBody and
   r.responseBody in HTTP module.

*) Change: throwing an exception in r.internalRedirect() while
   filtering in HTTP module.

www/nginx-devel: third-party lua module update to v0.10.25

Bump PORTREVISION.

www/nginx-devel: update 1.25.0 -> 1.25.1

<Changelog>

*) Feature: the "http2" directive, which enables HTTP/2 on a per-server
   basis; the "http2" parameter of the "listen" directive is now
   deprecated.

*) Change: HTTP/2 server push support has been removed.

*) Change: the deprecated "ssl" directive is not supported anymore.

*) Bugfix: in HTTP/3 when using OpenSSL.

</Changelog>

www/nginx-devel: update from 1.24.0 to 1.25.0

Enable HTTPv3 protocol by default.
Remove third-party clojure module due to a build issue.

The OpenSSL compatibility layer, which emulates BoringSSL
QUIC API for OpenSSL, is enabled by default, and 0-RTT is
not supported in this mode.

Alternativly, it's possible to build nginx with a third-party
library from ports tree, that provides QUIC support:
o) BoringSSL
o) LibreSSL
o) QuicTLS

<Changelog>

*) Feature: experimental HTTP/3 support.

</Changelog>

www/nginx-devel: update HTTPv3/QUIC patch

Bump PORTREVISION.

www/nginx-devel: update third-party devel_kit module to 0.3.2

Bump PORTREVISION.

www/nginx-devel: update third-party video-thumbextractor module

Bump PORTREVISION.

www/nginx-devel: third-party modules update (+)

o) clojure to 0.6.0;
o) vts to its recent commit on GH.

Bump PORTREVISION.

www/nginx-devel: update third-party http_auth_krb5 (spnego) module (+)

Resurrect GSSAPI radio button for http_auth_krb5 module, last one
builds just fine with both implementations now.

While I'm here:
o) sort pkg-plist;
o) update portscout.

Bump PORTREVISION.

www/nginx-devel: fix build

Fix build for `ct' and `ldap' third-party modules.

Bump PORTREVISION.

www/nginx-devel: update 1.23.4 -> 1.24.0

Remove the following broken third-party modules:
o) dynamic_hc
o) small_light

*/*: update NGINX JavaScript 0.7.11 -> 0.7.12

<ChangeLog>

nginx modules:
*) Bugfix: fixed Headers() constructor in Fetch API.

Core:
*) Feature: added Hash.copy() method in "crypto" module.
*) Feature: added "zlib" module.
*) Improvement: added support for export {name as default}
   statement.
*) Bugfix: fixed Number constructor according to the spec.

</ChangeLog>

www/nginx-devel: update third-party lua module: 0.10.23 -> 0.10.24

Bump PORTREVISION.