if a port needs 2.x then set MODPY_VERSION=${MODPY_DEFAULT_VERSION_2}.
This commit doesn't change any versions currently used; it may be that
some ports have MODPY_DEFAULT_VERSION_2 but don't require it, those
should be cleaned up in the course of updating ports where possible.
Python module ports providing py3-* packages should still use
FLAVOR=python3 so that we don't have a mixture of dependencies some
using ${MODPY_FLAVOR} and others not.
lang/python port module. I've not yet come up with a port that
would not need this and one can always set MODPY_TESTDEP to "no"
to prevent the module from touching TEST_DEPENDS.
Idea from afresh1 who pointed out the cpan module already does this.
aja "I support this move."
OK sthen@
This update introduces numerous fixes, and addresses CVE-2018-8768
(bypass sanitization), CVE-2019–9644 (cross-site inclusion
vulnerability) and CVE-2019-10255 (Open Redirect vulnerability). It also
includes a newer Bootstrap, which addresses CVE-2018-14041 (XSS
vulnerability).
Changelog can be found at
https://github.com/jupyter/notebook/blob/5.7.8/docs/source/changelog.rst
While here change HOMEPAGE to https.
OK shadchin@
