*/*: update NGINX JavaScript: 0.8.7 -> 0.8.8 (+)

Bump PORTREVISION for the www/unit.

<ChangeLog>

nginx modules:

*) Feature: implemented shared dictionary for QuickJS engine.

*) Improvement: js_preload_object is refactored.

*) Bugfix: fixed limit rated output.

*) Bugfix: optimized use of SSL contexts for

www/nginx-devel: update NGINX OTel module (no-cmake branch)

Bump PORTREVISION.

www/nginx-devel: update from 1.27.2 to 1.27.3

<ChangeLog>

*) Feature: the "server" directive in the "upstream" block supports the
   "resolve" parameter.

*) Feature: the "resolver" and "resolver_timeout" directives in the
   "upstream" block.

*) Feature: SmarterMail specific mode support for IMAP LOGIN with
   untagged CAPABILITY response in the mail proxy module.

*) Change: now TLSv1 and TLSv1.1 protocols are disabled by default.

www/nginx-devel: update NGINX OTel module to the recent snapshot

Bump PORTREVISION.

devel/grpc: Update to 1.68.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

Bump PORTREVISIONs after grpc shlib change in 2715f16944541b6b

PR:		282624
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D47513

devel/protobuf: Update to 28.3

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

*/*: update NGINX JavaScript: 0.8.5 -> 0.8.7 (+)

<ChangeLog>

Changes with njs 0.8.7                                       22 Oct 2024

nginx modules:

*) Bugfix: eliminated unnecessary VM creation.
   Previously, njs consumed memory proportionally to the number of
   nginx locations. The issue was introduced in 9b674412 (0.8.6).

*) Improvement: added strict syntax validation for js_body_filter.

*) Improvement: improved error messages for module loading

devel/grpc: Update to 1.67.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: update from 1.27.1 to 1.27.2

<ChangeLog>

*) Feature: SSL certificates, secret keys, and CRLs are now cached on
   start or during reconfiguration.

*) Feature: client certificate validation with OCSP in the stream
   module.

*) Feature: OCSP stapling support in the stream module.

*) Feature: the "proxy_pass_trailers" directive in the
   ngx_http_proxy_module.

*) Feature: the "ssl_client_certificate" directive now supports
   certificates with auxiliary information.

*) Change: now the "ssl_client_certificate" directive is not required
   for client SSL certificates verification.

</ChangeLog>

devel/protobuf: Update to 28.2

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/protobuf: Update to 28.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/protobuf: Update to 28.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/grpc: Update to 1.66.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: update third-party passenger module to 6.0.23

Bump PORTREVISION.

www/nginx-devel: security update 1.27.0 -> 1.27.1

<ChangeLog>

*) Security: processing of a specially crafted mp4 file by the
   ngx_http_mp4_module might cause a worker process crash
   (CVE-2024-7347).
   Thanks to Nils Bars.

*) Change: now the stream module handler is not mandatory.

*) Bugfix: new HTTP/2 connections might ignore graceful shutdown of old
   worker processes.
   Thanks to Kasei Wang.

*) Bugfixes in HTTP/3.

</ChangeLog>

www/(nginx|nginx-devel|lua-resty-core): Document lua module
dependencies/alternate maintainers

PR:		280882, 277145

devel/protobuf: Update to 27.3

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

devel/grpc: Update to 1.65.4

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: update OTEL module to the recent snapshot

Bump PORTREVISION.

www/nginx-devel: fix typo with libressl dependency

Bump PORTREVISION.

PR:	280311

www/nginx-devel: add QuickJS engine to NGINX JavaScript module

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.8.4 -> 0.8.5 (+)

<ChangeLog>

*) Change: r.variables.var, r.requestText, r.responseText,
   s.variables.var, and the "data" argument of the s.on() callback
   with "upload" or "download" event types will now convert bytes
   invalid in UTF-8 encoding into the replacement character.  When
   working with binary data, use r.rawVariables.var, r.requestBuffer,
   r.responseBuffer, s.rawVariables.var, and the "upstream" or
   "downstream" event type for s.on() instead.

*) Feature: added timeout argument for shared dictionary methods
   add(), set() and incr().

www/nginx-devel: fix third-party passenger module warning

Also, release third-party passenger module from the pcre1 users
list, it builds fine with pcre2.

Bump PORTREVISION.

www/nginx-devel: add third-party stream-lua module

Bump PORTREVISION.

PR:	278951

www/nginx-devel: add third-party zstd module

PR:		279002

www/nginx-devel: security update from 1.26.0 to 1.27.0

Update third-party passenger module to 6.0.22.

<ChangeLog>

    *) Security: when using HTTP/3, processing of a specially crafted QUIC
       session might cause a worker process crash, worker process memory
       disclosure on systems with MTU larger than 4096 bytes, or might have
       potential other impact (CVE-2024-32760, CVE-2024-31079,
       CVE-2024-35200, CVE-2024-34161).
       Thanks to Nils Bars of CISPA.

    *) Feature: variables support in the "proxy_limit_rate",
       "fastcgi_limit_rate", "scgi_limit_rate", and "uwsgi_limit_rate"

www/nginx-devel: fix loading NJS dynamic module for stream

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.8.3 -> 0.8.4 (+)

<ChangeLog>

nginx modules:

*) Feature: allowing to set Server header for outgoing headers.

*) Improvement: validating URI and args arguments in r.subrequest().

*) Improvement: checking for duplicate js_set variables.

*) Bugfix: fixed clear() method of a shared dictionary without
   timeout introduced in 0.8.3.

*) Bugfix: fixed r.send() with Buffer argument.

Core:

*) Feature: added QuickJS engine support in CLI.

*) Bugfix: fixed atob() with non-padded base64 strings.

</ChangeLog>

www/nginx-devel: update PORTSCOUT to the relevant values

www/nginx-devel: update from 1.25.5 to 1.26.0 (+)

<ChangeLog>

*) 1.26.x stable branch.

</ChangeLog>

www/nginx-devel: update 1.25.4 -> 1.25.5 (+)

Fix building third-party naxsi module.

<Changelog>

*) Feature: virtual servers in the stream module.

*) Feature: the ngx_stream_pass_module.

*) Feature: the "deferred", "accept_filter", and "setfib" parameters of
   the "listen" directive in the stream module.

*) Feature: cache line size detection for some architectures.
   Thanks to Piotr Sikora.

www/nginx-devel: update third-party passenger module to 6.0.20

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.8.2 -> 0.8.3 (+)

<ChangeLog>

    nginx modules:

    *) Bugfix: fixed Headers.set().

    *) Bugfix: fixed js_set with Buffer values.

    *) Bugfix: fixed clear() method of a shared dictionary when
       a timeout is not specified.

    *) Bugfix: fixed stub_status statistics when js_periodic is
       enabled.

devel/grpc: Update to 1.62.0

- Bump PORTREVISION of dependent ports for shlib change
  Broken ports are skipped:
  - science/py-tensorflow
  - sysutils/apache-mesos

Changes:	https://github.com/grpc/grpc/releases

www/nginx-devel: remove orphaned patch (+)

Fixes:	b2ad75a2b920e1659afd54e5313e46f1f35bcd28

www/nginx-devel: remove third-party opentracing module (+)

Similar functionality is available with OTEL module, also
devel/libopentracing port is EOLed today.

Bump PORTREVISION.

www/nginx-devel: third-party modules management (+)

Change GH location for the third-party video-thumbextractor module.
The size of the new distro is much bigger just because it contains
many tests.

PR:	277155

devel/grpc: Update to 1.61.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

devel/opentelemetry-*: update to their recent versions (+)

o) opentelemetry-cpp: 1.13.0 -> 1.14.0
o) opentelemetry-proto: 1.0.0 -> 1.1.0

Bump PORTREVISION for www/nginx-devel.

www/nginx-devel: Update to 1.25.4

Approved by:	portmgr (bapt)
Security:	CVE-2024-24989, CVE-2024-24990

MAN?PREFIX: eleminate its usage  and move man to share/man

www/nginx-devel: third-party modules management (+)

o) update third-party brotli module to the latest snapshot.

Bump PORTREVISION.

www/nginx-devel: third-party modules management (+)

o) update third-party lua module to 0.10.26;
o) update third-party headers-more module to latest snapshot;
o) remove third-party http_mp4_h264 module, legacy and undownloadable.

Bump PORTREVISION.

www/nginx-devel: third-party modules management (+)

o) remove third-party cookie_flag module, the functionality supported
   natively by the proxy_cookie_flags directive;
o) update third-party ndk module to 0.3.3;
o) update third-party lua module to 0.10.26.rc2.

Updated version of the lua module can be built with pcre2.

Bump PORTREVISION.

*/*: Sunset 12.4-RELEASE/12-STABLE from ports tree

- Remove all references to defunct ARCH arm
- Remove all references to defunct ARCH sparc64
- Remove x11-drivers/xf86-video-sunffb which requires defunct sparc64
  ARCH
- Remove sysutils/afbinit requires defunct sparc64 ARCH
- Remove all references to bktr driver
- Remove all references to defunct FreeBSD_12
- Remove all references to OSVERSION/OSREL corresponding to 12
- Remove conditionals in Mk/Uses/cabal.mk
- Remove sparc reference from Mk/Uses/qt-dist.mk
- Remove BROKEN_sparc64/NOT_FOR_ARCH=sparc64
- Remove BROKEN_FreeBSD_12* from:
- Remove OpenSSL patches from:
- Remove conditional flags for OSVERSION >= 1300000 to fixed flags.
  Also move conditional flags for non sparc64/arm ARCH to fixed flags.

Reviewed by:	brooks, jbeich, rene, salvadore
Differential Revision: https://reviews.freebsd.org/D42068

www/nginx-devel: update OTEL module to its recent snapshot

Bump PORTREVISION.

www/nginx-devel: update to the recent snapshot

This fix build with OTEL module after devel/protobuf update to 24.4.

devel/grpc: Update to 1.60.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/grpc/grpc/releases

devel/protobuf: Update to 24.4

- Use USES=pathfix to fix .pc installation
- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases

www/nginx-devel: update third-party headers_more module...

to its recent snapshot.

Bump PORTREVISION.

www/nginx-devel: update third-party modules

o) lua 0.10.25 -> 0.10.26rc1
o) passenger 6.0.18 -> 6.0.19

Bump PORTREVISION.

www/nginx-devel: fix build with a third-party passenger module

Bump PORTREVISION.

PR:	275161

www/nginx-devel: update third-party naxsi module to v1.6

Bump PORTREVISION.

www/nginx-devel: update 1.25.2 -> 1.25.3 (+)

<Changelog>

*) Change: improved detection of misbehaving clients when using HTTP/2.

*) Feature: startup speedup when using a large number of locations.
   Thanks to Yusuke Nojima.

*) Bugfix: a segmentation fault might occur in a worker process when
   using HTTP/2 without SSL; the bug had appeared in 1.25.1.

*) Bugfix: the "Status" backend response header line with an empty
   reason phrase was handled incorrectly.

*) Bugfix: memory leak during reconfiguration when using the PCRE2
   library.
   Thanks to ZhenZhong Wu.

*) Bugfixes and improvements in HTTP/3.

</Changelog>

*/*: update NGINX JavaScript: 0.8.1 -> 0.8.2 (+)

<ChangeLog>

nginx modules:

*) Feature: introduced console object. The following methods
   were introduced: error(), info(), log(), time(), timeEnd(),
   warn().

*) Bugfix: fixed HEAD response handling with large Content-Length
   in fetch API.

*) Bugfix: fixed items() method for a shared dictionary.

www/nginx-devel: update third-party brotli module (+)

Bump PORTREVISION.

www/nginx-devel: update third-party naxsi module to 1.5 (+)

Change the distribution point to GH/wargio due to inactivity
in GH/nbs-system.
Update patches.

Bump PORTREVISION.

www/nginx-devel: bump PORTREVISION (+)

... after devel/opentelemetry-cpp update.

www/nginx-devel: update OTel module to the recent commit

Bump PORTREVISION.

www/nginx-devel: fix OTel module build (+)

Special thanks to:	pluknet

Bump PORTREVISION.

www/nginx-devel: add NGINX Open Telemetry module (+)

Bump PORTREVISON.

*/*: update NGINX JavaScript: 0.8.0 -> 0.8.1 (+)

<ChangeLog>

nginx modules:

*) Feature: introduced js_periodic directive.
    The directive specifies a JS handler to run at regular intervals.

*) Feature: implemented items() method for a shared dictionary.
   The method returns all the non-expired key-value pairs.

*) Bugfix: fixed size() and keys() methods of a shared dictionary.

*) Bugfix: fixed erroneous exception in r.internalRedirect()
   introduced in 0.8.0.

Core:

*) Bugfix: fixed incorrect order of keys in
   Object.getOwnPropertyNames().

</ChangeLog>

www/nginx-devel: update 1.25.1 -> 1.25.2 (+)

Remove or update legacy post-patch targets.

<Changelog>

*) Feature: path MTU discovery when using HTTP/3.

*) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
   HTTP/3.

*) Change: now nginx uses appname "nginx" when loading OpenSSL
   configuration.

*) Change: now nginx does not try to load OpenSSL configuration if the
   --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
   environment variable is not set.

*) Bugfix: in the $body_bytes_sent variable when using HTTP/3.

*) Bugfix: in HTTP/3.

</Changelog>

www/nginx-devel: update third-party cache_purge module to fix crashes

Bump PORTREVISION.
PR:	272546

www/*: update Passenger 6.0.17 -> 6.0.18

Bump PORTREVISION for www/nginx-devel.

<ChangeLog>
 * Adds support for arm (aarch64) rpm packages.
 * Adds Ubuntu 23.04 "Lunar" packages, removes Ubuntu 22.10
   "Kinetic" packages.
 * Removes packages for Debian 9 "Stretch" (EOL June 2022).
 * [RPM] Changes to building Nginx module packages for the latest
   supported Nginx module stream instead of the default.
 * [Ruby] Makes Passenger more resilient to invalid byte sequences
   when loading the Ruby native extension. Contributed by Drew Wells.
 * [Ruby] Add an `unhandled_exception_before_exit` event callback.
   Contributed by James Tomson.

www/nginx-devel: add missing configure option for http_xslt module (+)

Bump PORTREVISION.

*/*: update NGINX JavaScript: 0.7.12 -> 0.8.0 (+)

<ChangeLog>

nginx modules:

*) Change: removed special treatment of forbidden headers in Fetch API
   introduced in 0.7.10.

*) Change: removed deprecated since 0.5.0 r.requestBody and
   r.responseBody in HTTP module.

*) Change: throwing an exception in r.internalRedirect() while
   filtering in HTTP module.

www/nginx-devel: third-party lua module update to v0.10.25

Bump PORTREVISION.

www/nginx-devel: update 1.25.0 -> 1.25.1

<Changelog>

*) Feature: the "http2" directive, which enables HTTP/2 on a per-server
   basis; the "http2" parameter of the "listen" directive is now
   deprecated.

*) Change: HTTP/2 server push support has been removed.

*) Change: the deprecated "ssl" directive is not supported anymore.

*) Bugfix: in HTTP/3 when using OpenSSL.

</Changelog>

www/nginx-devel: update from 1.24.0 to 1.25.0

Enable HTTPv3 protocol by default.
Remove third-party clojure module due to a build issue.

The OpenSSL compatibility layer, which emulates BoringSSL
QUIC API for OpenSSL, is enabled by default, and 0-RTT is
not supported in this mode.

Alternativly, it's possible to build nginx with a third-party
library from ports tree, that provides QUIC support:
o) BoringSSL
o) LibreSSL
o) QuicTLS

<Changelog>

*) Feature: experimental HTTP/3 support.

</Changelog>

www/nginx-devel: update HTTPv3/QUIC patch

Bump PORTREVISION.

www/nginx-devel: update third-party devel_kit module to 0.3.2

Bump PORTREVISION.

www/nginx-devel: update third-party video-thumbextractor module

Bump PORTREVISION.

www/nginx-devel: third-party modules update (+)

o) clojure to 0.6.0;
o) vts to its recent commit on GH.

Bump PORTREVISION.

www/nginx-devel: update third-party http_auth_krb5 (spnego) module (+)

Resurrect GSSAPI radio button for http_auth_krb5 module, last one
builds just fine with both implementations now.

While I'm here:
o) sort pkg-plist;
o) update portscout.

Bump PORTREVISION.

www/nginx-devel: fix build

Fix build for `ct' and `ldap' third-party modules.

Bump PORTREVISION.

www/nginx-devel: update 1.23.4 -> 1.24.0

Remove the following broken third-party modules:
o) dynamic_hc
o) small_light

*/*: update NGINX JavaScript 0.7.11 -> 0.7.12

<ChangeLog>

nginx modules:
*) Bugfix: fixed Headers() constructor in Fetch API.

Core:
*) Feature: added Hash.copy() method in "crypto" module.
*) Feature: added "zlib" module.
*) Improvement: added support for export {name as default}
   statement.
*) Bugfix: fixed Number constructor according to the spec.

</ChangeLog>

www/nginx-devel: update third-party lua module: 0.10.23 -> 0.10.24

Bump PORTREVISION.

www/nginx-devel: is able to build with OpenSSL compatibility layer now

Here's the quote from README file.

A library that provides QUIC support is recommended to build nginx,
there are several of those available on the market:
 o) BoringSSL
 o) LibreSSL
 o) QuicTLS

Alternatively, nginx can be configured with OpenSSL compatibility
layer, which emulates BoringSSL QUIC API for OpenSSL.  This mode is
enabled by default if native QUIC support is not detected.
0-RTT is not supported in OpenSSL compatibility mode.

Bump PORTREVISION.

www/nginx-devel: update HTTPv3/QUIC patch

Bump PORTREVISION.

PR:	270523

www/nginx-devel: update from 1.23.3 to 1.23.4

<Changelog>

*) Change: now TLSv1.3 protocol is enabled by default.

*) Change: now nginx issues a warning if protocol parameters of a
   listening socket are redefined.

*) Change: now nginx closes connections with lingering if pipelining was
   used by the client.

*) Feature: byte ranges support in the ngx_http_gzip_static_module.

*) Bugfix: port ranges in the "listen" directive did not work; the bug

www/nginx-devel: update third-party modules to their recent commits

o) headers_more
o) shibboleth

Bump PORTREVISION.

*/*: update NGINX JavaScript 0.7.10 -> 0.7.11

While I'm here drop pcre flavor support for lang/njs.

Bump PORTREVISION for www/nginx-devel.

<ChangeLog>
nginx modules:

*) Bugfix: added missed linking with libxml2 for the dynamic module.
   The bug was introduced in 0.7.10.

Core:

*) Feature: added XMLNode API to modify XML documents.

www/nginx-devel: add fips-check third-party module

Bump PORTREVISION.

www/*: update passenger: 6.0.16 -> 6.0.17

Bump PORTREVISION for www/nginx-devel.

www/nginx-devel: update third-party modules

Update third-party modules to their recent versions:
o) http_auth_pam: 1.5.1 -> 1.5.3
o) nchan (aka http_push): 1.3.1 -> 1.3.6
o) vod: 1.30 -> 1.31

Bump PORTREVISION.

www/nginx-devel: switch to pcre2

The pcre library 8.45 has been released Jun 22nd, 2021 and is not
officially supported anymore.

The pcre2 support in nginx was introduced in 1.21.5, it's been
released Dec 28th, 2021.  There're few modules are still require
devel/pcre, but since devel/pcre and devel/pcre2 can be coexist
and those few modules are happy with that, let's switch to pcre2
by default.

Also, while I'm here update third-party lua module to its
recent version - 0.10.23.

Bump PORTREVISION.

*/*: update NGINX JavaScript 0.7.9 -> 0.7.10

Bump PORTREVISION for www/nginx-devel.

<ChangeLog>
nginx modules:

*) Feature: added Request, Response and Headers ctors in Fetch API.

*) Bugfix: fixed nginx logger callback for calls in master process.

Core:

*) Feature: added signal support in CLI.

www/nginx-devel: update HTTPv3/QUIC patch to the recent commit

Bump PORTREVISION.

www/nginx-devel: update third-party lua module 0.10.22 -> 0.10.23rc1

Remove the upstreamed patch.

Bump PORTREVISION.

www/*: update passenger: 6.0.15 -> 6.0.16

Update third-party passenger module for www/nginx-devel. (*)

Bump PORTREVISION. (*)

www/nginx-devel: unbreak build after 18c6e1827669 (+)

Changes in framework need adjustment for declared options.

*_USE=ruby now became as *_USES=ruby

Approved by:	portmgr blanket

www/nginx-devel: update from 1.23.2 to 1.23.3

Update HTTPv3/QUIC patch.

<Changelog>

*) Bugfix: an error might occur when reading PROXY protocol version 2
   header with large number of TLVs.

*) Bugfix: a segmentation fault might occur in a worker process if SSI
   was used to process subrequests created by other modules.
   Thanks to Ciel Zhao.

*) Workaround: when a hostname used in the "listen" directive resolves
   to multiple addresses, nginx now ignores duplicates within these
   addresses.

*) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
   connections to backends were used.

</Changelog>

www/nginx-devel: update third-party modules to their recent commits

o) ip2location
o) ip2proxy

Bump PORTREVISION.

*/*: update NGINX JavaScript 0.7.8 -> 0.7.9

Bump PORTREVISION for www/nginx-devel.

<ChangeLog>

*) Bugfix: fixed Fetch Response prototype reinitialization.
   When at least one js_import directive was declared in both HTTP
   and Stream, ngx.fetch() returned inapproriate response in Stream.
   The bug was introduced in 0.7.7.

Core:

*) Bugfix: fixed String.prototype.replace(re) if re.exec() returns
   non-flat array.

*/*: update NGINX JavaScript 0.7.7 -> 0.7.8

Bump PORTREVISION for www/nginx-devel.

<ChangeLog>

nginx modules:

*) Feature: added js_preload_object directive.

*) Feature: added ngx.conf_prefix property.

*) Feature: added s.sendUpstream() and s.sendDownstream()
   in stream module.

www/nginx-devel: fix option desc typo

Approved by:	portmgr blanket

www/nginx-devel: update HTTPv3/QUIC patch

It's possible now to build NGINX HTTPv3/QUIC implementation with
another the LibreSSL 3.6.0.

Bump PORTREVISION.