Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create SECURITY.md #131

Closed
wants to merge 1 commit into from
Closed

Create SECURITY.md #131

wants to merge 1 commit into from

Conversation

kachuyjmve
Copy link

No description provided.

@jperkin jperkin closed this Mar 19, 2024
netbsd-srcmastr pushed a commit that referenced this pull request Apr 29, 2024
Changes in 2.2.5

    #117: Document that empty for Concurrently waits forever
    #120: Add ConcurrentlyE.
    #123: Fix failing concurrentlyE tests in older GHCs.
    #124: Allow hashable 1.4
    #126: Semigroup and Monoid instances for ConcurrentlyE
    #120: Add ConcurrentlyE
    #138: expose internals as Control.Concurrent.Async.Internal
    #131: Fix typos in docs
    #132: waitAny(Catch): clarify non-empty input list requirement
    #142: Add cancelMany
    #135, #145, #150: Support for GHC 9.4, 9.6, 9.8
    Document that empty for Concurrently waits forever.
netbsd-srcmastr pushed a commit that referenced this pull request Apr 30, 2024
v20.4.0
=======

Features
--------

- Replace deprecated ssl.wrap_socket with SSLContext.wrap_socket and update examples in connection.py docs. (#216)


v20.3.1
=======

No significant changes.


v20.3.0
=======

Features
--------

- Added support for SASL login. (#195)


Bugfixes
--------

- Better handling of escape sequences in message tags. (#205)


v20.2.0
=======

Features
--------

- Require Python 3.8 or later.


v20.1.1
=======

* #213: Pinned against jaraco.text 3.10 due to change in interface.

v20.1.0
=======

* #196: In irc.bot, avoid hanging idle when the first connection
  attempt fails.

v20.0.0
=======

* ``SingleServerIRCBot`` no longer accepts ``reconnection_interval``
  as a parameter.

* Added server support for NOTICE commands.

* Require Python 3.7 or later.

v19.0.1
=======

* #176: Fix issues with version number reporting. Restored version
  version number reporting in bot and client.

v19.0.0
=======

* ``irc.client`` no longer exposes a ``VERSION`` or ``VERSION_STRING``.
  To get the version, call ``importlib.metadata.version('irc')`` directly.

v18.0.0
=======

* Require Python 3.6 or later.

17.1
====

* Rely on
  `importlib_metadata <https://pypi.org/project/importlib_metadata/>`_
  for loading version from metadata. Removes implicit dependency on
  setuptools and pkg_resources.

* #158: The AsyncIO server now accepts a connection factory to
  enable features like SSL and IPv6 support.

* #155: ``SimpleIRCClient`` now has a ``dcc`` method for initiating
  and associating a DCCConnection object with the client.
  ``DCCConnection.listen`` now accepts a ``address`` parameter.
  Deprecated ``SimpleIRCClient.dcc_listen`` and
  ``SimpleIRCClient.dcc_connect`` in favor of the better separation
  of concerns. Clients should replace::

    client.dcc_connect(addr, port, type)
    client.dcc_listen(type)

  with::

    client.dcc(type).connect(addr, port)
    client.dcc(type).listen()


17.0
====

* Removed ``irc.buffer`` module, deprecated in 14.2.
* #153: Drop support for Python 3.3 and 2.7.

16.4
====

* Long Term Service release for Python 2.7.
* #149: ``AioConnection.connect`` moved to coroutine, added
  disconnect handling for AsyncIO.

16.3
====

* #140: Methods now use 'connection' and 'event' for parameter names.

* #135 via #144: Added AsyncIO implementation.

16.2.1
======

* Package refresh and cleanup.

16.2
====

* #133: In ``irc.server``, add support for ISON.

16.1
====

* #131: Add ``Connection.encode`` and ``Connection.transmit_encoding``
  to enable encodings other than UTF-8 to be used when transmitting
  text.

16.0
====

* Removed deprecated ``execute_*`` methods on ``Connection``
  and ``Reactor`` as introduced in 15.0.

* Fixed link in README.

15.1.1
======

* New ``send_items`` method takes star args for simplicity
  in the syntax and usage.

15.1
====

* Introduce ``ServerConnection.send_items``, consolidating
  common behavior across many methods previously calling
  ``send_raw``.

15.0.6
======

* Now publish `documentation <https://python-irc.readthedocs.io/>`_
  to Read The Docs.

15.0.5
======

* #119: Handle broken pipe exception in IRCClient _send() (server.py).

15.0.4
======

* #116: Correct invocation of execute_every.

15.0.3
======

* #115: Fix AttributeError in ``execute_at`` in scheduling
  support.

15.0.2
======

* #113: Use preferred scheduler in the bot implementation.

15.0.1
======

* Deprecated calls to Connection.execute_*
  and Reactor.execute_*. Instead, call the
  equivalently-named methods on the reactor's
  scheduler.

15.0
====

* The event scheduling functionality has been decoupled
  from the client.Reactor object. Now the reactor will
  construct a Scheduler from the scheduler_class property,
  which must be an instance of irc.schedule.IScheduler.

  The ``_on_schedule`` parameter is no longer accepted
  to the Reactor class. Implementations requiring a
  signal during scheduling should hook into the ``add``
  method of the relevant scheduler class.

* Moved the underlying scheduler implementation to
  `tempora <https://pypi.org/project/tempora>`_, allowing
  it to be re-used for other purposes.

14.2.2
======

* Issue #98: Add an ugly hack to force ``build_sphinx``
  command to have the requisite libraries to build
  module documentation.

14.2.1
======

* Issue #97: Restore ``irc.buffer`` module for
  compatibility.
* Issue #95: Update docs to remove missing or
  deprecated modules.
* Issue #96: Declare Gitter support as a badge in the
  docs.

14.2
====

* Moved buffer module to `jaraco.stream
  <https://pypi.python.org/pypi/jaraco.stream>`_ for
  use in other packages.

14.1
====

* ``SingleServerIRCBot`` now accepts a ``recon``
  parameter implementing a ReconnectStrategy. The new
  default strategy is ExponentialBackoff, implementing an
  exponential backoff with jitter.
  The ``reconnection_interval`` parameter is now deprecated
  but retained for compatibility. To customize the minimum
  time before reconnect, create a custom ExponentialBackoff
  instance or create another ReconnectStrategy object and
  pass that as the ``recon`` parameter. The
  ``reconnection_interval`` parameter will be removed in
  future versions.
* Issue #82: The ``ExponentialBackoff`` implementation
  now protects from multiple scheduled reconnects, avoiding
  the issue where reconnect attempts accumulate
  exponentially when the bot is immediately disconnected
  by the server.

14.0
====

* Dropped deprecated constructor
  ``connection.Factory.from_legacy_params``. Use the
  natural constructor instead.
* Issue #83: ``connection.Factory`` no longer attempts
  to bind before connect unless a bind address is specified.

13.3.1
======

* Now remove mode for owners, halfops, and admins when the user
  is removed from a channel.
* Refactored the Channel class implementation for cleaner, less
  repetitive code.
* Expanded tests coverage for Channel class.

13.3
====

* Issue #75: In ``irc.bot``, add support for tracking admin
  status (mode 'a') in channels. Use ``channel.is_admin``
  or ``channel.admins`` to identify admin users for a channel.

* Removed deprecated irc.logging module.

13.2
====

* Moved hosting to github.

13.1.1
======

* Issue #67: Fix infinite recursion for ``irc.strings.IRCFoldedCase``
  and ``irc.strings.lower``.

13.1
====

* Issue #64: ISUPPORT PREFIX now retains the order of
  permissions for each prefix.

13.0
====

* Updated ``schedule`` module to properly support timezone aware
  times and use them by default. Clients that rely on the timezone
  naïve datetimes may restore the old behavior by overriding the
  ``schedule.now`` and ``schedule.from_timestamp`` functions
  like so:

    schedule.from_timestamp = datetime.datetime.fromtimestamp
    schedule.now = datetime.datetime.now

  Clients that were previously patching
  ``schedule.DelayedCommand.now`` will need to instead patch
  the aforementioned module-global methods. The
  classmethod technique was a poor interface for effectively
  controlling timezone awareness, so was likely unused. Please
  file a ticket with the project for support with your client
  as needed.

12.4.2
======

* Bump to jaraco.functools 1.5 to throttler failures in Python 2.

12.4
====

* Moved ``Throttler`` class to `jaraco.functools
  <https://bitbucket.org/jaraco/jaraco.functools>`_ 1.4.

12.3
====

* Pull Request #33: Fix apparent escaping issue with IRCv3 tags.

12.2
====

* Pull Request #32: Add numeric for WHOX reply.
* Issue #62 and Pull Request #34: Add support for tags in message
  processing and ``Event`` class.

12.1.2
======

* Issue #59: Fixed broken references to irc.client members.
* Issue #60: Fix broken initialization of ``irc.server.IRCClient`` on
  Python 2.

12.1.1
======

* Issue #57: Better handling of Python 3 in testbot.py script.

12.1
====

* Remove changelog from package metadata.

12.0
====

* Remove dependency on jaraco.util. Instead depend on surgical packages.
* Deprecated ``irc.logging`` in favor of ``jaraco.logging``.
* Dropped support for Python 3.2.
netbsd-srcmastr pushed a commit that referenced this pull request May 1, 2024
0.4.3.5

    #131 Add At and Ixed instance for HashSet.
netbsd-srcmastr pushed a commit that referenced this pull request May 6, 2024
2024-05-05 -- 0.9.8

>>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  * Fixed: [CVE-2024-34402]
      Protect against integer overflow in ComposeQueryEngine
      (GitHub #183, GitHub #185)
  * Fixed: [CVE-2024-34403]
      Protect against integer overflow in ComposeQueryMallocExMm
      (GitHub #183, GitHub #186)
>>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  * Changed: Require CMake >=3.5.0 (GitHub #172)
  * Added: CMake option URIPARSER_SHARED_LIBS=(ON|OFF) to control,
      whether to produce a shared or static library for uriparser
      and that alone, falls back to standard BUILD_SHARED_LIBS
      if available, else defaults to "ON" (GitHub #169, GitHub #170)
  * Improved: Document that scheme-based normalization a la
      section 6.2.3 of RFC 3986 is a responsibility of the application
      using uriparser (GitHub #173, GitHub #174)
  * Improved: Document supported code points for functions uriEscape(Ex)W
      (GitHub #171, GitHub #175)
  * Infrastructure: Update Clang from 15 to 18 (GitHub #161, GitHub #187)
  * Infrastructure: Adapt to breaking changes in Clang packaging (GitHub #160)
  * Infrastructure: Get sanitizer CFLAGS and LDFLAGS back in sync (GitHub #161)
  * Infrastructure: Pin GitHub Actions to specific commits for security
      (GitHub #165)
  * Soname: 1:31:0 — see https://verbump.de/ for what these numbers do

2022-10-05 -- 0.9.7

  * Fixed: Multiple issues with IPv6 and IPvFuture literal parsing
      (GitHub #146, GitHub #150)
      Thanks to Scallop Ye for the report and the pull request!
  * Fixed: Fix symbol visibility for -DBUILD_SHARED_LIBS=OFF (GitHub #139,
      GitHub #141); thanks to Mariusz Zaborski for the report!
  * Fixed: For MinGW, use size_t for inet_ntop declaration and fix macro
      checks for both MinGW and mingw-w64 (GitHub #131)
  * Fixed: Compiler warnings (GitHub #132, GitHub #152)
  * Improved: Use name UriConfig.h rather than generic config.h for the
      config header file to avoid name clashes and also include it through
      "UriConfig.h" with quotes rather than <UriConfig.h> so that it is found
      in quote path locations (GitHub #149)
      Thanks to Gaspard Petit for bringing this up!
  * Improved: Document need for UriConfig.h in UriMemory.c (GitHub #136)
  * Infrastructure: Add (support for) Visual Studio 17/2022 (GitHub #152)
  * Infrastructure: Drop (support for) Visual Studio <=14/2015 (GitHub #152)
  * Infrastructure: Update Clang from 13 to 15 (GitHub #143, GitHub #151)
  * Infrastructure: Make MinGW with 32bit Wine on Ubuntu 20.04 possible
      (GitHub #142, GitHub #144, GitHub #145)
  * Soname: 1:30:0 — see https://verbump.de/ for what these numbers do
netbsd-srcmastr pushed a commit that referenced this pull request May 9, 2024
This package hasn't been updated in a long time. The following list of
changes was therefore curated to focus on features or recent bugfixes.

Changes in 1.7.2:

* Bug #899 Guided Remediation: Parse paths in npmrc auth fields correctly.
* Bug #908 Fix rust call analysis by explicitly disabling stripping of debug info.
* Bug #914 Fix regression for go call analysis introduced in 1.7.0.

Changes in 1.7.0:

* Feature #352 Guided Remediation
  Introducing our new experimental guided remediation feature on osv-scanner fix subcommand.
* Feature #805 Include CVSS MaxSevirity in JSON output.

Changes in 1.6.2:

* Feature #694 OSV-Scanner now has subcommands!
  The base command has been moved to scan (currently the only commands is scan). By default if you do not pass in a command, scan will be used, so CLI remains backwards compatible.
* Feature #776 Add pdm lockfile support.

Changes in 1.6.0 and 1.6.1:

* Feature #694 Add support for NuGet lock files version 2.
* Feature #655 Scan and report dependency groups (e.g. "dev dependencies") for vulnerabilities.
* Feature #702 Created an option to skip/disable upload to code scanning.
* Feature #732 Add option to not fail on vulnerability being found for GitHub Actions.
* Feature #729 Verify the spdx licenses passed in to the license allowlist.

Changes in 1.5.0:

* Feature #501 Add experimental license scanning support!
* Feature #642 Support scanning renv files for the R language ecosystem.
* Feature #513 Stabilize call analysis for Go
* Feature #676 Simplify return codes:
  Return 0 if there are no findings or errors.
  Return 1 if there are any findings (license violations or vulnerabilities).
  Return 128 if no packages are found.
* Feature #651 CVSS v4.0 support.
* Feature #60 Pre-commit hook support.

Changes in 1.4.3:

* Feature #621 Add support for scanning vendored C/C++ files.
* Feature #581 Scan submodules commit hashes.

Changes in 1.4.1:

* Feature #534 New SARIF format that separates out individual vulnerabilities
* Experimental Feature #57 Experimental Github Action

Changes in 1.4.0:

* Feature #183 Add (experimental) offline mode
* Feature #452 Add (experimental) rust call analysis, detect whether vulnerable functions are actually called in your Rust project
* Feature #505 OSV-Scanner support custom lockfile formats

Changes in 1.3.5:

* Feature #409 Adds an additional column to the table output which shows the severity if available.

Changes in 1.3.0:

* Feature #198 GoVulnCheck integration! Try it out when scanning go code by adding the --experimental-call-analysis flag.
* Feature #260 Support -r flag in requirements.txt files.
* Feature #300 Make IgnoredVulns also ignore aliases.
* Feature #304 OSV-Scanner now runs faster when there's multiple vulnerabilities.

Changes in 1.2.0:

* Feature #168 Support for scanning debian package status file, usually located in /var/lib/dpkg/status. Thanks @cmaritan
* Feature #94 Specify what parser should be used in --lockfile.
* Feature #158 Specify output format to use with the --format flag.
* Feature #165 Respect .gitignore files by default when scanning.
* Feature #156 Support markdown table output format. Thanks @deftdawg
* Feature #59 Support conan.lock lockfiles and ecosystem Thanks @SSE4
* Updated documentation! Check it out here: https://google.github.io/osv-scanner/

Changes in 1.1.0:

* Feature #98: Support for NuGet ecosystem.
* Feature #71: Now supports Pipfile.lock scanning.
* Bug #85: Even better support for narrow terminals by shortening osv.dev URLs.
* Bug #105: Fix rare cases of too many open file handles.
* Bug #131: Fix table highlighting overflow.
* Bug #101: Now supports 32 bit systems.

Tested on NetBSD/amd64.
netbsd-srcmastr pushed a commit that referenced this pull request Jun 28, 2024
Changelog:
### GMime 3.2.15

* Fixed the g_mime_object_get_header API definition to note that it can return null
* Fixed a memory leak in address_parse() (issue #159)
* Added custom header folding logic for the Newsgroups: header (issue #162)
* Fixed a configure issue regarding ac_cv_sys_file_offset_bits (issue #158)
* Fixed an infinite loop in the Content-Type and Content-Disposition parameter
  serialization logic (issue #165)

### GMime 3.2.14

* Avoid clearing the header list of a GMimeMessage when adding addresses to an address header. (issue #129)
* Added the internet_address_list_append_parse() prototype definition to internet-address.h. (issue #128)
* Use gtk-doc ulink syntax in doc comments instead of `<a href=...>`. (issue #131)
* Fixed rfc2047 token decoding logic for base64 encodings. (issue #133)
* Properly handle GDateTime UTC offsets with non-zero seconds. (issue #134)
* Improved introspection data for bindings such as Vala.
* Improved address name quoting.
* Added a GNotifyDestroy to the GMimeParserOptions callback.
* Fixed the URL linkifier logic to properly handle links without a '/' before the query string.
* Fixed the URL linkifier logic to handle domains that start with numbers. (issue #152)
* Reverted base64 decoder optimizations from 3.2.10 and 3.2.11 to support chunked base64. (issue #150)

### GMime 3.2.13

* Optimized parsing of messages with lots of address headers. (issue #126)

### GMime 3.2.12

* Fixed a memory leak in g_mime_gpgme_get_decrypt_result().

* Updated vapigen.m4, introspection.m4, and gpgme.m4 to improve cross-platform builds.

* Add and use ax_lib_socket_nsl.m4 so that systems that do not require linkage with libnsl
  are not forced to link with it unnecessesarily.

* Changed the build system to no longer use dolt (which is obsolete).

### GMime 3.2.11

* Fixed a bug in the base64 decoder. D'oh!

### GMime 3.2.10

* Improved performance of base64 encoder by ~5%.

* Improved performance of base64 decoder by ~25%.

* Unref the autocrypt header after adding it to the list. (issue #118)

* Work around a bug in g_time_zone_new_offset() by using identifiers instead. (issue #120)

### GMime 3.2.9

* g_mime_multipart_signed_verify() now allows type/subtype and type/x-subtype signature parts. (issue #115)

* Fixed header folding logic to avoid folding the first line of a header value. (issue #112 and issue #113)

* Fixed bugs discovered by static analysis. (issue #110)

* Fixed GMimeStreamPipe to set errno to ESPIPE for seek/tell/length methods.

* Fixed GMimeCertificates to prefer gpgme_user_id_t's address field over the email field. (issue #102)

### GMime 3.2.8

* Various fixes to Vala (and other?) language bindings. (issue #96 and issue #101)

* Enabled build for PPC64LE architecture (issue #100)

* Added g_mime_object_write_content_to_stream() (issue #97)

* Fixed parameter list parsing logic to not report a warning when everything is valid.

* Fixed the parser to handle MIME parts without headers -or- content of any kind.
netbsd-srcmastr pushed a commit that referenced this pull request Jul 30, 2024
Upstream changes:
## 2024 05 11

    - The option --valign-signed-numbers, or -vsn is now the default. It
      was introduced in the previous release has been found to significantly
      improve the overall appearance of columns of signed and unsigned
      numbers.  See the previous Change Log entry for an example.
      This will change the formatting in scripts with columns
      of vertically aligned signed and unsigned numbers.
      Use -nvsn to turn this option off and avoid this change.

    - Previously, a line break was made before a short concatenated terminal
      quoted string, such as "\n", if the previous line had a greater
      starting indentation. The break is now placed after the short quote.
      This keeps code a little more compact. For example:

    # old rule: break before "\n" here because '$name' has more indentation:
    my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var",
        $name, "remove", "UNCHECKED" )
      . "\n";

    # new rule: break after a short terminal quote like "\n" for compactness;
    my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var",
        $name, "remove", "UNCHECKED" ) . "\n";

    - The option --delete-repeated-commas is now the default.

      It makes the following checks and changes:
      - Repeated commas like ',,' are removed with a warning
      - Repeated fat commas like '=> =>' are removed with a warning
      - The combination '=>,' produces a warning but is not changed
      These warnings are only output if --warning-output, or -w, is set.

      Use --nodelete-repeated-commas, or -ndrc, to retain repeated commas.

    - The operator ``**=`` now has spaces on both sides by default. Previously,
      there was no space on the left.  This change makes its spacing the same
      as all other assignment operators. The previous behavior can be obtained
      with the parameter setting -nwls='**='.

    - The option --file-size-order, or -fso is now the default. When
      perltidy is given a list of multiple filenames to process, they
      are sorted by size and processed in order of increasing size.
      This can significantly reduce memory usage by Perl.  This
      option has always been used in testing, where typically several
      jobs each operating on thousands of filenames are running at the
      same time and competing for system resources.  If this option
      is not wanted for some reason, it can be deactivated with -nfso.

    - In the option --dump-block-summary, the number of sub arguments indicated
      for each sub now includes any leading object variable passed with
      an arrow-operator call.  Previously the count would have been decreased
      by one in this case. This change is needed for compatibility with future
      updates.

    - Fix issue git #138 involving -xlp (--extended-line-up-parentheses).
      When multiple-line quotes and regexes have long secondary lines, these
      line lengths could influencing some spacing and indentation, but they
      should not have since perltidy has no control over their indentation.
      This has been fixed. This will mainly influence code which uses -xlp
      and has long multi-line quotes.

    - Add option --minimize-continuation-indentation, -mci (see git #137).
      This flag allows perltidy to remove continuation indentation in some
      special cases where it is not really unnecessary. For a simple example,
      the default formatting for the following snippet is:

        # perltidy -nmci
        $self->blurt( "Error: No INPUT definition for type '$type', typekind '"
              . $type->xstype
              . "' found" );

      The second and third lines are one level deep in a container, and
      are also statement continuations, so they get indented by the sum
      of the -i value and the -ci value.  If this flag is set, the
      indentation is reduced by -ci spaces, giving

        # perltidy -mci
        $self->blurt( "Error: No INPUT definition for type '$type', typekind '"
            . $type->xstype
            . "' found" );

      This situation is relatively rare except in code which has long
      quoted strings and the -nolq flag is also set.  This flag is currently
      off by default, but it could become the default in a future version.

    - Add options --dump-mismatched-args (or -dma) and
      --warn-mismatched-arg (or -wma).  These options look
      for and report instances where the number of args expected by a
      sub appear to differ from the number passed to the sub.  The -dump
      version writes the results for a single file to standard output
      and exits:

         perltidy -dma somefile.pl >results.txt

      The -warn version formats as normal but reports any issues as warnings in
      the error file:

         perltidy -wma somefile.pl

      The -warn version may be customized with the following additional parameters
      if necessary to avoid needless warnings:

      --warn-mismatched-arg-types=s (or -wmat=s),
      --warn-mismatched-arg-exclusion-list=s (or -wmaxl=s), and
      --warn-mismatched-arg-undercount-cutoff=n (or -wmauc=n).
      --warn-mismatched-arg-overcount-cutoff=n (or -wmaoc=n).

      These are explained in the manual.

    - Add option --valign-wide-equals, or -vwe, for issue git #135.
      Setting this parameter causes the following assignment operators

         = **= += *= &= <<= &&= -= /= |= >>= ||= //= .= %= ^= x=

      to be aligned vertically with the ending = all aligned. For example,
      here is the default formatting of a snippet of code:

            $str .= SPACE x $total_pad_count;
            $str_len += $total_pad_count;
            $total_pad_count = 0;
            $str .= $rfields->[$j];
            $str_len += $rfield_lengths->[$j];

      And here is the same code formatted with -vwe:

            # perltidy -vwe
            $str             .= SPACE x $total_pad_count;
            $str_len         += $total_pad_count;
            $total_pad_count  = 0;
            $str             .= $rfields->[$j];
            $str_len         += $rfield_lengths->[$j];

      This option currently is off by default to avoid changing existing
      formatting.

    - Added control --delete-interbracket-arrows, or -dia, to delete optional
      hash ref and array ref arrows between brackets as in the following
      expression (see git #131)

        return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'};

        # perltidy -dia gives:
        return $self->{'commandline'}{'arg_list'}[0][0]{'hostgroups'};

      Added the opposite control --aia-interbracket-arrows, or -aia, to
      add arrows. So applied to the previous line the arrows are restored:

        # perltidy -aia
        return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'};

     The manual describes additional controls for adding and deleting
     just selected interbracket arrows.
netbsd-srcmastr pushed a commit that referenced this pull request Oct 21, 2024
1.8.2 (2024-09-24)

What's Changed

* Drop commented-out line by @olleolleolle in #108
* Add Ruby 3.1 & 3.2 to CI matrix by @tricknotes in #109
* Fix/redos by @ooooooo-q in #114
* Raise HTTPStatus::BadRequest for requests with invalid/duplicate
  content-length headers by @jeremyevans in #120
* Bump actions/checkout from 3 to 4 by @dependabot in #121
* Improve CI by @hsbt in #123
* Fix WEBrick::TestFileHandler#test_short_filename test not working on mswin
  by @KJTsanaktsidis in #128
* Fix bug chunk extension detection by @jeremyevans in #125
* Fix CI. by @ioquatix in #131
* Merge multiple cookie headers, preserving semantic correctness. by
  @ioquatix in #130
* Test on macos-latest by @byroot in #132
* Require CRLF line endings in request line and headers by @jeremyevans in
  #138
* Prefer squigly heredocs. by @ioquatix in #143
* Only strip space and horizontal tab in headers by @jeremyevans in #141
* Treat missing CRLF separator after headers as an EOFError by @jeremyevans
  in #142
* Return 400 response for chunked requests with unexpected data after chunk
  by @jeremyevans in #136
* Fix reference to URI::REGEXP::PATTERN::HOST by @casperisfine in #144
* Prevent request smuggling by @jeremyevans in #146

New Contributors

* @tricknotes made their first contribution in #109
* @ooooooo-q made their first contribution in #114
* @KJTsanaktsidis made their first contribution in #128
* @byroot made their first contribution in #132
* @casperisfine made their first contribution in #144
netbsd-srcmastr pushed a commit that referenced this pull request Nov 11, 2024
2.2 (2024-08-27)

* WebUI: More correct filtering reports by disposition value
* WebUI: add actual fail count to the report list (#96)
* WebUI: implemented use of abbreviated form for numbers in the list of
  reports
* WebUI: added a toolbar and column management to the report list. The
  default column set was changed
* Implemented destroying user sessions if user_management is set to false
* Added ignoring unknown tags in XML report files
* Fixed undefined property usage in utils/reports_cleaner.php (#131)
* Fixed an error occuring when adding a user without the level parameter via
  utils/users_admin.php
* Improved error message when passing invalid time to Report dialog
* Updated the "Utilities" section in README.md
* Other minor changes and updates
* Some code optimization and refactoring

2.2.1 (2024-08-28)

* Fixed an error "Undefined array key" occurring when processing an
  incorrect report file (#132)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants