tidyp is a program that can validate your HTML, as well as modify it to
be more clean and standard. tidyp does not validate HTML 5.
libtidyp is the library on which the program is based. It can be used by
any other program that can interface to it.
ok sthen@
* do some plumbing to allow one to build from {mozilla,comm}-central
tarballs (aka alphas/betas)
* specialcase branch=~2.0 & branch=central for do-install: target and
sqlite dependency (the latter will be removed when we enable
UNLOCK_NOTIFY in systemwide sqlite)
* add --enable-profiling & --enable-debug-symbols to debug FLAVOR
* add a comment about why the builtin crashreporter is still disabled
(basically, google breakpad need to be ported to *BSD)
* add MOZILLA_VERSION to SUBST_VARS
MoinMoin "refuri" Cross-Site Scripting Vulnerability
Note that 'rst' is not the default parser, but available if docutils are installed. For more information see http://moinmo.in/SecurityFixes
large amount of data amongst other things).
Add an rc.d(8) script.
Add a _tproxy user/group and make tproxy runs as this user by default.
Remove jakob@ from maintainer per his request.
While here, do some cleanings:
* clean-up indent
* don't overwrite CC, CFLAGS and PREFIX
* fix patch naming
* fix a wording in DESCR
* comment tproxyrun and tproxywatch, they are useless under OpenBSD
related to too low limits, so remove the comment and set VMEM_WARNING instead.
(ports is unlocked, but no new files/directories/imports!, if in doubt, ask!)
(you may still need to raise them if you open many tabs, but this
should be enough to avoid problems in normal use), only warn if
softlimits can't be raised, and adjust messages to mention login.conf
(and login.conf.db if detected).
ok espie@ "feel free to modify it if you don't like it" robert@
time right now.
Tree is still locked!
Reasons for the update:
- good work that can be used now
- only builds on i386/amd64, and they're fast
- multiple security problems in old chrome
- old chrome half working, can't break it more than it was.
This one requires resources (see MESSAGE), but it's ways more stable.
Again, discussed with sthen@, jasper@, naddy@, miod@
http://drupal.org/node/1024972 for details.
"These are security things that need to go in before the lock. So commit with my OK." jasper@, maintainer timeout.
file from www/mozilla-firefox, so remove old instances of that file that
weren't updated with last commits (and were unused anyway)
While here bump all REVISIONs after LIB_DEPENDS change.
ok naddy@
sqlite database. Allows us to build against system sqlite3 again, and
get rid of the infamous symbol size mismatch warning reported several
times on ports@.
See https://bugzilla.mozilla.org/show_bug.cgi?id=445164 for why mozilla
now hard-requires secure_delete, and
https://bugzilla.mozilla.org/show_bug.cgi?id=546162 for the reasons they
don't want to make that an option and forces us to do such hacks.
ok jasper@
Fixes:
CVE-2010-1677: DoS when processing html messages with deep nesting
CVE-2010-4524: Improper escaping of certain HTML sequences (XSS)
Specially crafted <base href> can lead to XSS exploit (bug id #32080)
From Christian Rueger (MAINTAINER)
* undo tab closure
* add socket to drive browser from CLI
* add option to only launch one xxxterm session
* add yank/paste support
* add runtime JS toggle
* add runtime cookie toggle
* add basic command aliasing
* add generic code to display runtime settings
* add new tab navigation button
* add runtime file to save cookie and JS white list items
* add restart browser command
* add ctrl-arrow keys to navigate tabs
* add wrap-around tab support
* make ESC go to command mode when in search or address bar
* fix tabbing through entry fields
* move X on tabs to left and make it a real button
* add option to open new tab after the current one instead of always
appending to end of tab lists
* add session and persistent cookies in a sane matter (damn you libsoup)
* several other minor bug fixes
ok sthen
This module allows users with proper permissions to upload images into
Drupal. Thumbnails and additional sizes are created automatically.
Images could be posted individually to the front page, included in
stories or grouped in galleries.
Image module ships with several add-on modules: Image Gallery, Image
Attach, Image Import and ImageMagick Advanced.
ok landry@
Node.js is an evented I/O framework for the V8 JavaScript engine. It is
intended for writing scalable network programs such as web servers.
As there are still some issues to resolve, this won't be hooked up yet.
ok landry@
which fixes SA42608, PmWiki "from" Cross-Site Scripting Vulnerability
If you're upgrading a previous installation, please take a moment to read
http://www.pmwiki.org/wiki/PmWiki/ReleaseNotes
SOAP::WSDL provides easy access to Web Services with WSDL descriptions.
The WSDL is parsed and stored in memory. Your data is serialized
according to the rules in the WSDL. The only transport mechanisms
currently supported are http and https.
ok sthen@
Yaws is a HTTP high perfomance 1.1 webserver particularly well suited
for dynamic-content web applications. Two separate modes of operations
are supported:
* Standalone mode where Yaws runs as a regular webserver daemon.
This is the default mode.
* Embedded mode where Yaws runs as an embedded webserver in another
Erlang application.
Yaws is entirely written in Erlang, and furthermore it is a
multithreaded webserver where one Erlang lightweight process is used to
handle each client.
ok aja@
Conkeror is a keyboard-oriented, highly-customizable, highly-extensible
web browser based on Mozilla XULRunner, written mainly in JavaScript,
and inspired by exceptional software such as Emacs and vi. Conkeror
features a sophisticated keyboard system, allowing users to run
commands and interact with content in powerful and novel ways. It is
self-documenting, featuring a powerful interactive help system.
Jekyll is a simple, blog aware, static site generator. It takes a
template directory (representing the raw form of a website), runs it
through Textile or Markdown and Liquid converters, and spits out a
complete, static website suitable for serving with Apache or your
favorite web server.
was OK sthen@
additionally update rc script to latest changes (patch and OK from ajacoutot@).
Will be enabled after I find time to test on a clean system.
Plack is a set of tools for using the PSGI stack. It contains middleware
components, a reference server and utilities for Web application
frameworks. Plack is like Ruby's Rack or Python's Paste for WSGI.
See PSGI for the PSGI specification and PSGI::FAQ to know what PSGI and
Plack are and why we need them.
From MAINTAINER Abel Abraham Camarillo Ojeda on ports@
This document specifies a standard interface between web servers and
Perl web applications or frameworks, to promote web application
portability and reduce the duplicated efforts by web application
framework developers.
From Abel Abraham Camarillo Ojeda on ports@
Rainbows! is an HTTP server for sleepy Rack applications. It is based
on Unicorn, but designed to handle applications that expect long
request/response times and/or slow clients.
ok landry
Unicorn is a HTTP server for Rack applications designed to take
advantage of features in Unix/Unix-like kernels and only serve
fast clients on low-latency, high-bandwidth connections.
ok landry
Railties is responsible for gluing the parts of Ruby on Rails together.
Overall, it:
* handles the entire bootstrapping process for a Rails application;
* manages the rails command line interface;
* provides the core Rails generators;
ok landry
Rack::Test is a small, simple testing API for Rack apps. It can be used
on its own or as a reusable starting point for Web frameworks and
testing libraries to build on.
ok landry
Rack::Mount is a stackable dynamic tree based Rack router. Rack::Mount
supports Rack's +X-Cascade+ convention to continue trying routes if the
response returns pass. This allows multiple routes to be nested or
stacked on top of each other. Since the application endpoint can trigger
the router to continue matching, middleware can be used to add arbitrary
conditions to any route. This allows you to route based on other request
attributes, session information, or even data dynamically pulled from a
database.
ok landry
Canto is an Atom/RSS feed reader for the console that is meant to be
quick, concise, and colorful. It provides a minimal, yet information
packed interface with almost infinite customization and extensibility.
OK landry@
This module adds PHP-based password strength checking and validation
routines that mirror the jQuery routines, so that administrators can
restrict passwords to only be, for example, "high" strength. The module
simply modifies existing password confirm fields (where two passwords
are entered, like the user edit form), so no other setup is required
beyond configuring the desired enforcement rules.
ok landry@
is a configuration file, even though it's buried deep in code
directories. Pointed out by Tobias M. Boelz <tmb at usta dot de>.
Thus, use @sample and bump.
OK espie@ stephan@
Previously, we were using ruby->=1.8,<=1.9, instead of
ruby->=1.8,<1.9. While this wouldn't cause an issue, since
our ruby-1.9.2 package isn't included in ruby->=1.8,<=1.9,
it's still wrong and should be fixed. This also fixes the
following minor issues:
Switch from using FLAVOR to MODRUBY_FLAVOR for *_DEPENDS.
Currently we don't have a ruby port that uses FLAVORs that
would differ from MODRUBY_FLAVOR, but it's possible we will
in the future.
Switch from BASE_PKGPATH to BUILD_PKGPATH in a few cases in
REGRESS_DEPENDS. This probably is not strictly necessary, but
BUILD_PKGPATH is used in more cases, so it is good for
consistency.
Switch to new style *_DEPENDS, with the version specification
at the end. The remaining cases where this is not done is
because a specific version is used.
Some FULLPKGNAME added to REGRESS_DEPENDS, to make sure that if
the old version is installed when you run a regress test, it
will install the new version first.
Some conversion of spaces to tabs for consistency.
OK landry@
DESCR:
SOGo is a groupware server built around OpenGroupware.org (OGo) and the
SOPE application server, with a focus on scalability. It provides the
usual groupware functionality as E-Mail, Calendaring, and Contacts
management.
Not yet linking it to the build, fixing last few things in the tree.
OK landry@, sthen@
crash under some circumstances where the linux qt libs fail to load
if one is running a panel which then ends up in a hard crash of opera
(which in turn can hangs the entire display)...
ok jasper@
fixes a session reuse issue even though this release has not been tagged
as 'security relevant'. Details at http://drupal.org/node/967244.
Make sure you upgrade all files while you're logged in (or have access
to settings.php) otherwise you'll lock yourself out pretty easily, in
case you use Captcha for logins. Database upgrade required, too.
- fix PF nat rules for nat-to
- add missing @conflict for jakarta-tomcat-examples (for people
upgrading from really old packages; niklas@ hit this upgrading
a machine from 3.8 :-)
tweaks/ok jasper@
- install drupal modules/themes as root:daemon rather than www:www
(only the files/ directory needs to be writeable by 'www').
- don't install 'settings.php' world-readable since it contains the
DB password. Use 640, owner 'www' instead.
- bump all modules.
tested in production, including upgrade szenarios.
ok sthen@ and landry@, maintainer timeout.
PKG_ARCH = * removed from many ports as it is added automatically
for pure ruby gem ports. Switch ports that previously used
GEM_SKIPDEPENDS to adding dependencies or modifying the underlying
gem metadata with patches.
OK landry@
