Commit Graph

2396 Commits

Author SHA1 Message Date
Deepesh Varatharajan e93799db0e nushell: upgrade 0.111.0 -> 0.114.1
Update nushell from 0.111.0 to 0.114.1.

Highlights across v0.112.0 - v0.114.1:

New features:
- Sharper type system with pipeline-aware type inference
- Runtime type checking (enforce-runtime-annotations) now on
  by default
- POSIX '--' end-of-options support for all command types
- 'run' command to use scripts as pipeline stages
- Semantic Versioning support (into semver, semver bump, etc.)
- KDL format support (to kdl, from kdl)
- Set operation commands (union, intersect, difference,
  combinations, permutations)
- 'idx' command family for fast in-memory filesystem indexing
- 'peek' command to inspect stream metadata
- Fish-style abbreviation expansion
- 'random pass' password generator
- 'commandline complete' for programmatic completions access
- Polars upgraded to 0.54 with map-batches and bitwise commands
- New experimental globbing engine (dc-glob)

Breaking changes:
- Submodules no longer implicitly imported
- enforce-runtime-annotations enabled by default
- Reedline vi mode overhaul with visual mode
- from xlsx/from ods reworked (removed --header-row, added
  --noheaders and --first-row)
- Error 'details' field replaces 'json' field in catch blocks
- parse no longer implicitly splits byte streams into lines
- Deprecated str upcase/str downcase replaced by
  str uppercase/str lowercase

Notable bug fixes:
- Fix uninitialized value in let_cxx_string! on panic
- Fix nested update with closure for table columns
- Fix flatten conflicting column renaming
- Fix float ranges (0.1..0.3 now produces [0.1, 0.2, 0.3])
- Fix aliases breaking when shadowed variables
- Fix math abs panic on i64::MIN
- Prevent SIGABRT on terminal close
- Fix try blocks executing code twice
- Fix closure input type incorrectly inheriting from scope
- Better assignment error messages for type mismatches
- Fix for loop variable type inference with union iterables

v0.114.1 is a patch release fixing issues with the new
enforce-runtime-annotations default behavior.

Assisted-by: Kiro CLI 2.12.0 (AI assistant)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-07-14 10:25:16 -07:00
Khem Raj 00e7a91180 sysdig: Use LuaJIT headers to match the linked LuaJIT library
csysdig fails to link when stock Lua is also present in the sysroot:

  ld.lld: error: undefined symbol: luaL_openselectedlibs
  >>> referenced by chisel.cpp:1190
  ld.lld: error: undefined symbol: lua_pcallk
  ld.lld: error: undefined symbol: lua_setglobal

sysdig's chisel code does #include "lua.h" and links against LuaJIT
(lua${JIT}), but the recipe-sysroot also carries stock Lua headers
(openembedded-core lua installs lua.h into ${includedir}). Those headers
win the include search over ${includedir}/luajit-2.1, so the chisel
objects are compiled against stock Lua while the binary links
libluajit-5.1.so. In Lua >= 5.4.4 luaL_openlibs is a macro for
luaL_openselectedlibs and lua_setglobal/lua_pcallk are real symbols,
none of which LuaJIT (a Lua 5.1 ABI) provides, hence the undefined
references. -DLUA_INCLUDE_DIR does not help: sysdig's luajit.cmake only
consults it in its stock-Lua fallback, not when it finds LuaJIT.

Prepend ${STAGING_INCDIR}/luajit-2.1 to CFLAGS/CXXFLAGS. These land in
CMAKE_CXX_FLAGS, which precede CMake's generated -I includes, so LuaJIT's
lua.h is found first and matches the linked library.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-07-12 17:39:43 -07:00
Khem Raj ebde9459c8 sysdig: Fix intermittent missing libsinsp/libscap headers on rebuild
do_compile could fail with many:

  fatal error: 'libsinsp/sinsp.h' file not found
  fatal error: 'sinsp.h' file not found
  fatal error: 'libscap/strl.h' file not found

across all userspace/sysdig objects, even though the headers exist in
the fetched falcosecurity-libs source.

The add_library de-duplication patch guarded the libscap/libsinsp
modules with a HAVE_LIBSCAP/HAVE_LIBSINSP flag set as CACHE INTERNAL.
Because that value persists in CMakeCache, ninja's build-time
regeneration rule (cmake --regenerate-during-build, which fires whenever
a CMake input's timestamp changes between do_configure and do_compile)
re-runs cmake with the flag already true. The libscap/libsinsp
add_subdirectory() is then skipped, dropping the scap/sinsp targets and
their PUBLIC include directories, so target_link_libraries(sysdig sinsp)
degrades to a bare -lsinsp with no header propagation.

Guard on target existence (if(NOT TARGET scap|sinsp)) instead. Target
existence is global within a single cmake run -- so it still prevents
the duplicate add_library -- but is not persisted across runs, so the
modules are correctly re-processed on every regeneration.

Verified: a build-time cmake regeneration now keeps the libsinsp/libscap
object rules and falcosecurity-libs include paths in build.ninja, and a
full clean build plus a post-touch recompile both succeed.

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-07-12 17:39:43 -07:00
Peter Kjellerstedt 6c10e92dcc pegtl: Correct the license to BSL-1.0
The license was changed from MIT to BSL-1.0 in release 4.0.0.

Also set SUMMARY instead of DESCRIPTION, and fix some whitespace.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-07-11 17:51:59 -07:00
Wang Mingyu 9a28381414 ostree: upgrade 2026.1 -> 2026.2
0001-trivial-httpd-Fix-const-correctness-of-slash-pointer.patch
removed since it's included in 2026.2

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-07-08 11:05:03 -07:00
Michael Fitzmayer ae8eecd7c8 canopenterm: update to version 2.03
License-Update: copyright year span has been updated.

- Added new script to interface CiA 305: Layer setting services (LSS)
- New API function to set baud rate: can_set_baudrate()
- Remove usage of white text-color

Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-07-07 00:29:00 -07:00
Qliangw cd75edf25d libuio: fix FILE descriptor leak
The function uio_line_from_file() fails to close the FILE pointer
when fgets() returns NULL, causing a file descriptor leak.

This can be triggered when reading from /sys files that return
empty content, leading to resource exhaustion over time.

Fix this by using goto-based error handling to ensure fclose()
is called on all exit paths.

Signed-off-by: Qliangw <qili00001@gmail.com>
2026-06-30 23:37:18 -07:00
Tim Orling f1e12abbd3 valkey: upgrade 9.0.4 -> 9.1.0
* Refresh lua-update-Makefile-to-use-environment-build-setting.patch
* Use ${@oe.utils.trim_version(d.getVar('PV'), 2)} to dynamically
  determine branch= in SRC_URI

Valkey 9.1.0 GA - Released Tue May 19 2026
---------------------

Upgrade urgency LOW: This is the first stable release of Valkey 9.1.

* Security fixes
  - (CVE-2026-23479) Use-After-Free in unblock client flow
  - (CVE-2026-25243) Invalid Memory Access in RESTORE command
  - (CVE-2026-23631) Use-after-free when full sync occurs during a
    yielding Lua/function execution

* New Features and enhanced behavior
  - Add cluster bus network traffic usage metric in bytes by @hpatro
    (#3396)
  - Reduce latency spikes during rehashing via incremental page release
    by @chzhoo (#3481)

* Bug Fixes
  - Fix(syncio): Set errno on EOF in syncRead and propagate to
    conn->last by @abmathur-ie (#3580)
  - Fix GEOSEARCH BYPOLYGON leak on invalid COUNT by @bandalgomsu (#3568)
  - Handle NULL pointer in streamTrim listpack delta calculation by
    @smkher (#3591)
  - Fixes server crash when RDMA benchmark clients disconnect by
    @quanyeyang (#3448)
  - Fix the memory leak in valkey-benchmark by @nmvk (#3643)

Release announcment:
https://valkey.io/blog/valkey-9-1-delivers-improvements-in-security-performance-and-more/

For full comparison of changes, see:
https://github.com/valkey-io/valkey/compare/9.0.4...9.1.0

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-30 23:35:39 -07:00
Wang Mingyu 9e769d22e6 haveged: upgrade 1.9.24 -> 1.9.26
Changelog:
===========
- Fix initramfs switch-root failure
- Add haveged-initramfs.service for use inside the initramfs (without --no-command, without PrivateNetwork=true)
- Update dracut module to install the initramfs-specific service file
- Fix 100% CPU spin when --no-command is used

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-30 14:31:19 -07:00
Wang Mingyu 3e1be0f9c4 fluentbit: upgrade 5.0.7 -> 5.0.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-30 14:31:19 -07:00
Wang Mingyu 865e1b8159 7zip: upgrade 26.01 -> 26.02
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-30 14:31:18 -07:00
Khem Raj 089472974c redis-plus-plus: relax -Werror=maybe-uninitialized for GCC 16
GCC 16 emits a spurious -Wmaybe-uninitialized for the exception helper
constructors in reply.h, and the project builds with -Werror:

  src/sw/redis++/reply.h:54:60: error: '<unknown>' may be used uninitialized
  [-Werror=maybe-uninitialized]
  cc1plus: all warnings being treated as errors

Add -Wno-error=maybe-uninitialized for the gcc toolchain.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-06-28 00:59:28 -07:00
Khem Raj 456502c8a3 pam-radius: skip pre-configure make clean via CLEANBROKEN
The shipped Makefile errors out

'You must run ./configure before make'

when Make.inc/src/config.h are missing, so the 'make clean' run by
autotools_preconfigure fails before configure has run.

Set CLEANBROKEN to skip that clean.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-06-28 00:59:26 -07:00
Khem Raj caf16b5558 minifi-cpp: fix fmt branch and retarget gcc-16 patch
fmt renamed its default branch master -> main, so the SRCREV was
unreachable.

Also retarget 0001-Fix-build-with-gcc-16 to
minifi-api/include/minifi-cpp/core/RepositoryMetricsSource.h after
the source-tree restructure in 0.99.2.

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:26 -07:00
Khem Raj 262cbdfbcb icewm: upgrade 3.8.2 -> 4.0.0
Refresh the cross-compile configure.ac patch for 4.0.0. Its configure.ac
now requires the xcursor pkg-config module in the core PKG_CHECK_MODULES,
which the recipe never depended on, so do_configure fails:

  checking for fontconfig xrender xcomposite xcursor xdamage xfixes xext x11... no
  configure: error: Package requirements (...) were not met:
  Package 'xcursor' not found

Add libxcursor to DEPENDS.

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-06-28 00:59:16 -07:00
Khem Raj 3082919674 cfengine: upgrade 3.26.0 -> 3.27.1
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:16 -07:00
Khem Raj 810ee6ec54 parallel: upgrade 20260422 -> 20260522
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:15 -07:00
Khem Raj ece26cc768 rsyslog: upgrade 8.2512.0 -> 8.2604.0
Disable the new default-on impstats-push feature, which needs protoc-c,
libprotobuf-c and snappy that are not wired up in this recipe.

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:15 -07:00
Khem Raj 217f25db3b cfengine-masterfiles: upgrade 3.26.0 -> 3.27.1
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:15 -07:00
Khem Raj 6085c7dff3 logwatch: upgrade 7.13 -> 7.14
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:15 -07:00
Khem Raj ae0fdb6cf3 redis: upgrade 8.0.6 -> 8.8.0
Regenerate 0001-hiredis-use-default-CC and
0004-src-Do-not-reset-FINAL_LIBS so they apply without fuzz (patch-fuzz
is a fatal QA error).

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:15 -07:00
Khem Raj 721e2984aa hplip: upgrade 3.25.8 -> 3.26.4
Regenerate configure.patch, which hardcoded version 3.25.8 and had stale
context, so it applies without fuzz.

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:14 -07:00
Khem Raj 742cc56e31 libqb: upgrade 2.0.8 -> 2.0.10
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:14 -07:00
Khem Raj 0dc98e8411 tmux: upgrade 3.6a -> 3.6b
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:14 -07:00
Khem Raj 8796ade5fb tiptop: upgrade 2.3.1 -> 2.3.2
Drop the no-longer-needed 0001-Fix-parallel-build-problems.patch,
0002-fix-reproducibility.patch and
0001-Fix-a-lot-of-Werror-format-security.patch.

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:14 -07:00
Khem Raj c2d288f20c gnuplot: upgrade 6.0.3 -> 6.0.4
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-28 00:59:13 -07:00
Markus Volk d7accea337 flatpak: update 1.17.6 -> 1.18.0
Changes in 1.18.0
~~~~~~~~~~~~~~~~~
Released: 2026-06-08

Enhancements:

* Improve error handling and printed output of `flatpak-coredumpctl` (#6649,
  #6680)

* Support the AMD vendor specific compute interface (`/dev/kfd`) via the DRI
  device permission (#6648)

* Improve the output of `flatpak update` with failure causes (#6657)

* Improve startup time for fish shell integration (#6635)

* Translation updates: zh_CN (#6671)

Bug fixes:

* Fix building when HAVE_LIBSYSTEMD but not USE_SYSTEM_HELPER is defined (#6652)

* Ignore system bus failures in parental controls check (#6663)

* Fix some return values and replace deprecated `GTimeVal` with
  `g_get_real_time()` (#6646)

* Suppress an unused-result warning in the tests (#6655)

Changes in 1.17.7
~~~~~~~~~~~~~~~~~~
Released: 2026-05-06

Enhancements:

* Add the new permission conditionals `has-usb-device` and `has-usb-portal` to
  allow apps to drop --device=all and --device=usb permissions (#6560)

* Always send the `Flatpak-Upgrade-From` header when updating instead of
  freshly installing, to improve the quality of statistics (#6626)

* Improve how the absence of the system repo is handled (#6621)

* Changes to repos are now more atomic which helps to avoid them being in an
  invalid state. This could be observed when importing the GPG key failed,
  because the system clock was wrong. (#6547)

* A function to report the age of the configuration was added to libflatpak,
  which will help GNOME Software to prevent unnecessary work (#6532)

* Improvements to the build system (#6614, #6610)

* Improve various tests (#6604, #6606, #6619, #6617, #6605, #6625)

* Translation updates: tr (#6629), zh_CN (#6630)

Bug fixes:

* Fix a regression in handling of the fallback-x11 permission, which was
  affecting overrides from Flatseal (#6632)

* Fix a memory leak in the Flatpak portal (#6613)

* Install SELinux configuration files to the right directory (#6622)

* Silence wrong `lseek()` errors when creating sub-sandboxes (#6609)

Signed-off-by: Markus Volk <f_l_k@t-online.de>
2026-06-26 19:59:33 -07:00
Wang Mingyu 872ba7a5b0 haveged: upgrade 1.9.22 -> 1.9.24
Changelog:
===========
- Add --no-command / -C flag to disable command mode at runtime
- Disable command mode in haveged.service and haveged-once.service
- Enable PrivateNetwork=true and remove ReadWritePaths=/dev/shm in service files
- Add PractRand example to man page
- Use O_EXCL with sem_open to prevent semaphore pre-planting attacks [pyllyukko]
- Recover stale semaphores after SIGKILL by unlinking and retrying
- Add sem_close before sem_unlink for proper cleanup ordering
- Fix compilation when NO_COMMAND_MODE is defined
- Fix out-of-bounds memory access in safein()/safeout() on socket errors
- Reject command socket connections from different user namespaces
- Use O_NOFOLLOW for PID file to prevent symlink attacks
- Open random device with O_CLOEXEC to prevent fd leak across execv
- Restrict semaphore permissions from 0644 to 0600

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-25 08:45:10 -07:00
Khem Raj 69c6455702 hwloc: upgrade 2.12.2 -> 2.14.0
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-21 23:17:18 -07:00
Alexander Kanavin 3f6993c661 jansson: move to oe-core
Added in oe-core commit:
https://git.openembedded.org/openembedded-core/commit/?id=2b6e7d092b4a21930186682ebf085848b2e49de5

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-21 21:46:51 -07:00
Li Zhou be3418b96c minifi-cpp: upgrade libsodium 1.0.19 -> 1.0.20
Upgrade libsodium from 1.0.19 to 1.0.20 for minifi-cpp third party
dependency.

Updated below patch for upgrading:
0003-Fix-libsodium-build.patch

Removed below patch because it is in the new version:
0007-libsodium-aarch64-set-compiler-attributes-after-including-arm_.patcha

Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-20 23:41:41 -07:00
Li Zhou b33ae23843 minifi-cpp: revert all the paths' changes in do_install
Removed all the paths' changes in do_install because of the old test
by using "/usr/bin/minifi &" instead of "minifi.sh run &", which
doesn't define MINIFI_HOME as an environment var.
This causes minifi-cpp thinks MINIFI_PACKAGING_TYPE is RPM, and tries to
find files in different paths from TGZ, while yotco uses
MINIFI_PACKAGING_TYPE TGZ by default.
Correct test case and those changes aren't needed any more.

Fixes c0e52930a9 ("minifi-cpp: upgrade 0.99.1 -> 0.99.2")

Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-20 23:41:41 -07:00
Jörg Sommer 549ad825ea fuzzytail: New "tail replacement written in Rust" v0.2.3
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-20 23:41:38 -07:00
Jörg Sommer 83af2305fd lsd: New "ls replacement with colours and icons in Rust" v1.2.0
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-20 23:41:38 -07:00
Jörg Sommer 96f50f5fdd multitail: New "tail for multiple files in parallel" v7.1.5
The build fails with

../sources/multitail-7.1.5/mt.c: In function 'do_color_print':
../sources/multitail-7.1.5/mt.c:712:25: warning: implicit declaration of function 'waddnwstr'; did you mean 'waddnstr'? [-Wimplicit-function-declarat
  712 |                         waddnwstr(win -> win, &wcur, 1);
      |                         ^~~~~~~~~
      |                         waddnstr

I suspect it's due to gcc-16, because in a build environment with gcc-15 it
compiles. Upstream has already set a todo at this code line.

Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-20 23:41:38 -07:00
Markus Volk 898c7ee3d7 hwlock: update LIC_FILES_CHECKSUM
- SPDX license header has been added
- hwloc/base64.c is distributed under the ISC license

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-20 23:41:35 -07:00
Hemanth Kumar M D b748087b7e bit7z: workaround array-bounds warnings with GCC 16
GCC 16 reports -Warray-bounds warnings which are treated as errors.

Reported upstream: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=125743

Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-20 23:41:35 -07:00
Wang Mingyu 1393ce3d7f hiredis: upgrade 1.3.0 -> 1.4.0
Improvements
================
- Increase required cmake version to 3.15
- Use ffc (pure-C99) as the RESP3 double parser instead of strtod
- FetchContent should not include cpack
- Add C++ compatibility to sds.h
- Apply FD_CLOEXEC on sockets

Bug Fixes
=============
- fix: add NULL check for c->funcs in redisReconnect
- Fix buffer overflow in tests.

Maintenance
===============
- Fix CI for macOS and docker based runs.
- Fix CI on MacOS runners.
- Define ssize_t as intptr_t in Windows

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-09 07:26:34 -07:00
Wang Mingyu 0b59fc4f0b fluentbit: upgrade 5.0.6 -> 5.0.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-09 07:26:34 -07:00
Mingli Yu 57109f8d05 minifi-cpp: Fix build with gcc 16
Fixes:
  extensions/systemd/libwrapper/LibWrapper.h:38:31: error: 'uint64_t' has not been declared
  38 | virtual int getRealtimeUsec(uint64_t* usec_out) noexcept = 0;
  | ^~~~~~~~

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-09 07:26:33 -07:00
Li Zhou c0e52930a9 minifi-cpp: upgrade 0.99.1 -> 0.99.2
Below changes are done for upgrading minifi-cpp from 0.99.1 to 0.99.2.
Updated below patches:
 0001-Do-not-use-bundled-packages.patch
 0003-Fix-libsodium-build.patch
Removed below patch for it is available in new version:
 0008-MINIFICPP-2553-CMP0065-OLD-removed-in-cmake-4.0-remo.patch
Updated third-party components' versions to be aligned with new
version's release note:
 expected-lite	0.6.3->0.9.0
 asio	1.29.0->1.34.2
 fmt	11.1.4->11.2.0
Added new third-party component: jsoncons 1.3.2.
Added DEPENDS on pugixml 1.15 (use the version provided by system).
Added new configs to disable unnecessary third-party components.
Aligned file names and installation paths with new version 0.99.2.
Correct LICENSE.

ChangeLog:
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=65145325

License-Update: Added BSL-1.0 (jsoncons) and fixed typo in
                concurrentqueue description. [1]
                Removed TinyXml2 (Zlib license) from LICENSE and Zlib
                license is needed by other bundled components. [2]
                No new license type. Changed protobuf from
                "within gRPC" to standalone bundling. [3]
                Added MIT license (llama.cpp). [4]
                Added benchmark (ALv2) to LICENSE/NOTICE. No new
                license since Apache-2.0 already present. [5]

[1] https://github.com/apache/nifi-minifi-cpp/commit/e25a247a4
[2] https://github.com/apache/nifi-minifi-cpp/commit/f28961cfb
[3] https://github.com/apache/nifi-minifi-cpp/commit/97087b22e
[4] https://github.com/apache/nifi-minifi-cpp/commit/8602b76d2
[5] https://github.com/apache/nifi-minifi-cpp/commit/54a643c72

Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-09 07:26:32 -07:00
Khem Raj 95720367b2 pegtl: Upgrade to 4.0.0
Fixes build with gcc 16 as well.

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-08 23:16:33 -07:00
Markus Klotzbuecher 43f2dc81c5 libpwquality: make python bindings optional via PACKAGECONFIG
The python bindings are built unconditionally, so using libpwquality
drags libpython3 and python3-core onto the image even when only the C
library or pam_pwquality is needed.

Add a "python3" PACKAGECONFIG for the bindings, enabled by default to
keep the current behaviour. The setuptools3-base inherit is deferred
and conditional on it. With python3 disabled, the package depends only
on cracklib and libc.

Signed-off-by: Markus Klotzbuecher <mk@mkio.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:51 -07:00
Riku Voipio e63ecd6b7c edit: add recipe for 2.0.0 version
Add recipe for edit 2.0.0, Microsoft's small terminal editor
written in rust.

Edit uses ICU for search/replace, which requires a non-standard
way to discover the ICU soname buildtime.

Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:56 -07:00
Wang Mingyu c814e5e56d haveged: upgrade 1.9.20 -> 1.9.22
Changelog:
===========
* Add ReadWritePaths=/dev/shm to systemd service for semaphore creation
  under ProtectSystem=full sandboxing
* Fix privilege escalation via command socket (CVE-2026-41054)
* Check peer credentials before reading command (CVE-2026-41054)
* Handle failing opening of semaphore
* Fix /dev/shm permissions to use sticky bit
* Use chmod after mkdir to ensure correct /dev/shm permissions
* Update libtool: add lib64 search paths, remove dead code

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:47 -07:00
Wang Mingyu 1d4421b20b fluentbit: upgrade 5.0.5 -> 5.0.6
Changelog:
===========
- release: update to 5.0.6
- env: add bash-style default value operator
- lib: cfl: upgrade to v0.7.1
- out_kafka: partition OTLP logs by resource
- sds: general fixes for sds_cat() usage
- in_forward: handle unpacker allocation failure
- tests: prevent port binding failures in concurrent OTEL tests
- engine: ignore duplicate STOP to prevent shutdown spin
- out_azure_logs_ingestion: Plug SEGV on termination
- packaging: add support for Ubuntu 26.04
- config: storage: Add total limit size of DLQ
- http_server: harden listener and architecture
- tests: runtime: wait for tail truncate output
- in_tail: fix file append cleanup on failure
- in_tail: reconcile files after missed inotify events
- github: workflows: Restore ok-package-test trigger behavior
- security: update policy for 5.0 and EOL 4.1
- sds: fix handling of cfl_sds return buffers after cfl upgrade
- tls: omit SNI for IP literal hosts
- http_server: spawn internal server in threaded mode

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:47 -07:00
Wang Mingyu 84d4d96d9f bit7z: upgrade 4.0.11 -> 4.0.12
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:32 -07:00
Hongxu Jia 38c953d97c 7zip: do not provide p7zip
We have replaced p7zip more than 2 years, do not make 7zip provide
p7zip any more, then CVE scan on p7zip would be skipped

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-14 23:15:56 -07:00
Wang Mingyu c6e778b387 magic-enum: upgrade 0.9.7 -> 0.9.8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-14 23:15:55 -07:00
Wang Mingyu d47ea6487b valkey: upgrade 9.0.3 -> 9.0.4
Changelog:
============
(CVE-2026-23479) Use-After-Free in unblock client flow
(CVE-2026-25243) Invalid Memory Access in RESTORE command
(CVE-2026-23631) Use-after-free when full sync occurs during a yielding Lua/function execution

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-13 20:46:48 -07:00