x11/contour: Unbreak build on -CURRENT clang with debug assertions enabled (on -CURRENT) crashes when it tries to compile this port. As a workaround use clang from ports when system clang has debug assertions enabled.

misc/codex: Update to 0.89.0 Changelog: - https://github.com/openai/codex/releases/tag/rust-v0.88.0 - https://github.com/openai/codex/releases/tag/rust-v0.89.0 Reported by: GitHub (watch releases)

audio/openal-soft: Update to 1.25.1 https://github.com/kcat/openal-soft/releases/tag/1.25.1

net/liveMedia: Update to 2026.01.12

audio/mac: Update to 12.04 Changes: https://www.monkeysaudio.com/versionhistory.html

databases/pg_textsearch: Update to 0.4.1

audio/wavpack: Update to 5.9.0 Add source URL to WWW, since this is what devs really want. Remove cmake:testing; test target has been failing for a while. This needs more investigation. Remove unused WAVPACK_BUILD_DOCS from CMAKE_ARGS. Project transitioned to WAVPACK_INSTALL_DOCS, but disabling this would disable installation of the manpages, which is not the desired effect. https://github.com/dbry/WavPack/releases/tag/5.9.0

audio/strawberry: Update to 1.12.17 Require USE_QT=imageformat:run, as this version supports the webp image format. https://github.com/strawberrymusicplayer/strawberry/releases/tag/1.2.17

math/qalculate-qt: Update to 5.9.0 Set c++ dialect to c++17 (previously undefined). https://github.com/Qalculate/qalculate-qt/releases/tag/v5.9.0

math/qalculate-gtk: Update to 5.9.0 Set c++ dialect to c++17 (previously undefined), libtool:build is not needed as project supplies its own libtool, intltool is no longer used. https://github.com/Qalculate/qalculate-gtk/releases/tag/v5.9.0

math/libqalculate: Update to 5.9.0 Improve COMMENT, set c++ dialect to c++17 (previously undefined), intltool is no longer used. https://github.com/Qalculate/libqalculate/releases/tag/v5.9.0

net-im/flare: Update 0.18.0 => 0.18.1 Changelog: https://gitlab.com/schmiddi-on-mobile/flare/-/releases/0.18.1 PR: 292644 Reported by: Yusuf Yaman <nxjoseph@protonmail.com> (maintainer)

devel/arduino: pin to openjdk8 Dependency comms/rxtx is tied to openjdk8 and installs jars in PREFIX/openjdk8/jre/lib/ext. This directory is gone in jdk9+, but arduino expects it. So pin arduino to openjdk8 also. If anybody wants this to be supported by jdk9+, patches are welcome. PR: 292651

graphics/darktable: Add `llvm:build` after `compiler:*` in USES= The move of `USES+=compiler:*` later in the file to be able to check `${ARCH}` apparently triggered the following warning: make: .../Mk/Uses/compiler.mk:86: warning: Command "/usr/local/llvm19/bin/clang --version" exited with status 127 make: .../Mk/Uses/compiler.mk:134: warning: Command "/usr/local/llvm19/bin/clang++ -### /dev/null 2>&1" exited with status 127 It looks like the order of `compiler:*` and `llvm:*` is important. Moving the addition of `llvm:compiler` after `compiler:*` was added conditionally fixes that warning. PR: 292128 Reported by: Trond Endrestøl <Trond.Endrestol@ximalas.info> Tested by: Trond Endrestøl <Trond.Endrestol@ximalas.info>, Herbert J. Skuhra <herbert@gojira.at>

net/wireguard-tools: Add possibility to configure keys in rc script Add possibility to ingest WireGuard keys from files using the rc script. It basically adds two more options: "wireguard_<iface>_key" and "wireguard_<iface>_psk". Both are optional. PR: 291997

net/netatalk4: Update to 4.4.1 See https://github.com/Netatalk/netatalk/releases/tag/netatalk-4-4-1 for a list of changes in this release.

sysutils/logwatch: Update 7.13 => 7.14 Commit log: https://sourceforge.net/p/logwatch/git/ci/93cb38bb54f0ca12f4e792d9167993c9213e2c66/log/ - Remove no longer needed files/pkg-message.in and files/patch-scripts_services_postfix. - Optimize post-install-DOCS-on. PR: 292655

www/angie-console-light: Update 1.8.1 => 1.8.2 Changelog: - Fixed the Angie ADC documentation link. https://github.com/webserver-llc/angie-console-light/releases/tag/1.8.2 While here remove unnecessary MKDIR - COPYTREE_SHARE does it itself. PR: 292650

www/angie-module-njs: Update 0.9.4 => 0.9.5 Changelog: https://github.com/nginx/njs/releases/tag/0.9.5 Commit log: https://github.com/nginx/njs/compare/0.9.4...0.9.5 PR: 292649

www/angie: Update 1.11.1 => 1.11.2 This release mainly fixes 3 linux-specifig bugs (docker and BPF-related). Changelog: https://git.angie.software/web-server/angie/releases/tag/Angie-1.11.2 Commit log: https://git.angie.software/web-server/angie/compare/Angie-1.11.1..Angie-1.11.2 PR: 292648

sysutils/stackit: update to 0.52.0 PR: 292642

net/rsync: Reinstate rrsync by flavorizing The previous update removed the rrsync script from binary packages built with the default options. This replaces the PYTHON option with a python flavor so there is a package available that contains rrsync. PR: 286073 Reported by: Dan Langille <dvl@freebsd.org>

science/afni: Update to 26.0.05

devel/onetbb: Fix more tests Fix/improve the following tests (see patches for details): 29 - test_resumable_tasks (SEGFAULT) 63 - test_hw_concurrency (ILLEGAL) 66 - test_global_control (Subprocess aborted) 67 - test_task (SEGFAULT) 74 - test_tbb_header (Failed) 105 - conformance_resumable_tasks (SEGFAULT) 131 - test_malloc_compliance (Subprocess aborted) This leads to a single test still failing: 63 - test_hw_concurrency (Subprocess aborted) because get_cpuset_indices() is not working on FreeBSD. PR: 292088 Reported by: diizzy

java/jfreechart: allow building with jdk21 PR: 292647 Approved-by: olgeni@ (maintainer)

math/libsemigroups: upgrade to 3.4.0 Release notes at https://github.com/libsemigroups/libsemigroups/releases/tag/v3.4.0

devel/R-cran-rJava: upgrade to 1.0-14 Release notes at https://cran.r-project.org/web/packages/rJava/NEWS

astro/py-skyfield: upgrade to 1.54

x11/contour: Replace patch for crispy::fnv with upstreamed one

devel/py-wheel: Update to 0.46.3 ChangeLog: https://github.com/pypa/wheel/releases/tag/0.46.3 Reported by: "github-actions[bot]" <notifications@github.com>

devel/libunicode-contour: Fix build on aarch64

editors/lapce: Update to 0.4.6 ChangeLog: https://github.com/lapce/lapce/releases/tag/v0.4.6

textproc/R-cran-rbibutils: Update to 2.4.1 ChangeLog: https://cran.r-project.org/web/packages/rbibutils/news/news.html

devel/R-cran-cpp11: Update to 0.5.3 - Switch WWW to canonical form ChangeLog: https://cran.r-project.org/web/packages/cpp11/news/news.html

sysutils/gomplate: Update to 5.0.0 ChangeLog: https://github.com/hairyhenderson/gomplate/releases/tag/v5.0.0

converters/convmv: Update 2.05 => 2.06, take maintaiership Changelog: - allow IMAPUTF7 encoding if the Perl Encode pakage is installed, too. Refresh patch. PR: 292643

devel/py-wheel: Update to 0.46.2 (security release) ChangeLog: https://github.com/pypa/wheel/releases/tag/0.46.2 Reported by: "github-actions[bot]" <notifications@github.com> Security: CVE-2026-24049

security/vuxml: Add devel/py-wheel < 0.46.2

www/iridium: update to 2026.01.144.1

net-im/py-zapzap: Update to 6.2.8 ChangeLog: https://github.com/rafatosta/zapzap/releases/tag/6.2.8 Reported by: Rafael Tosta <notifications@github.com>

net-mgmt/packit: Update to 2.0

sysutils/fluent-bit: fix problem with tail module On FreeBSD, userland inotify functions do not accept IN_IGNORED and IN_Q_OVERFLOW flags (they are only returned from system calls by kernel), and if specified, invokes an error. PR: 292629 Submitted by: Hiroo Ono

games/NBlood: updato to 14331

games/filters: Update to 2.56

www/{chromium,ungoogled-chromium}: update to 144.0.7559.96 Security: https://vuxml.freebsd.org/freebsd/f8560c1b-f772-11f0-85c5-a8a1599412c6.html

security/vuxml: add www/*chromium < 144.0.7559.96 Obtained from: https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_20.html

devel/py-tdworkflow: Update to 0.10.1

dns/dnsdist: Update to 2.0.2 Release Announcement: https://blog.powerdns.com/2025/12/02/powerdns-dnsdist-2.0.2-released Changelog: https://www.dnsdist.org/changelog.html#change-2.0.2 PR: 291365 Reported by: Jordan Ostreff <jordan@ostreff.info>, Ralf van der Enden <tremere@cainites.net> (maintainer)

lang/sbcl: add powerpc64le support PR: 276877 Approved by: krion (maintainer timeout)

security/py-fido2: update to 2.1.1

games/jaggedalliance2: Update to 0.22.1 While here: - bump required dependency versions - apply portclippy and portfmt - enrich pkg-message - remove BROKEN_FreeBSD_15 as it works fine now Changelog: - https://ja2-stracciatella.github.io/2025/09/28/release-0.22.0.html - https://ja2-stracciatella.github.io/2025/10/06/release-0.22.1.html PR: 292247 Reported by: Pavel Timofeev <timp87@gmail.com> (maintainer)

editors/openoffice-devel: Update to a new snapshot Update to a new snapshot. * The recent python and icu patches have been upstreamed. * The devel/apr1 and www/serf depenencies are no longer needed.

audio/cava: Update to 0.10.6 Changelog: https://github.com/karlstav/cava/releases/tag/0.10.6 PR: 292068 Reported by: Raphael O. <raphael.ob@protonmail.com> Approved by: Adam Jimerson <vendion@gmail.com> (maintainer, timeout 3 weeks)

net/s3m: Update to 0.14.5 Changelog: https://github.com/s3m/s3m/blob/0.14.5/CHANGELOG.md PR: 292460 Reported by: Nicolas Embriz <nbari@tequila.io> (maintainer)

net-im/flare: Update 0.17.5 => 0.18.0 Changelog: https://gitlab.com/schmiddi-on-mobile/flare/-/releases/0.18.0 PR: 292481 Reported by: Yusuf Yaman <nxjoseph@protonmail.com> (maintainer)

misc/gitlogue: Update to 0.7.0 Add noto-emoji font as runtime dependency. Changelog: https://github.com/unhappychoice/gitlogue/releases/tag/v0.7.0 PR: 292506 Approved by: submitter is maintainer

chinese/librime: update to 1.16.1. PR: 292637

net/krill: Update to 0.15.1 Version 0.15.1 'Contains Adult Language' Bug fixes * Fixed a bug introduced in 0.15.0 where CAs do to not clear fulfilled certification requests causing them to re-request a certificate every time they contact their parent. ([#1345]) Other changes * Updated dependencies. Release Announcement: https://nlnetlabs.nl/news/2026/Jan/19/krill-0.15.1-released/ Changelog: https://github.com/NLnetLabs/krill/releases/tag/v0.15.1 PR: 292605 Reported by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

games/veloren-weekly: update to s20260121 Changes: https://gitlab.com/veloren/veloren/-/compare/5378d5cf29...547fc9f725

graphics/mesa-devel: update to 26.0.b.44 Changes: https://gitlab.freedesktop.org/mesa/mesa/-/compare/6f076cdfda3...481df222095

emulators/rpcs3: update to 0.0.39.18708 Changes: https://github.com/RPCS3/rpcs3/compare/d7b723cd7c...3e49c32c9c

x11/wvkbd: update to 0.19 Changes: https://git.sr.ht/~proycon/wvkbd/log/v0.19 Reported by: GitHub (watch releases)

net-im/ejabberd: Update to 26.01

*/*: Bump port revision after electron39 update (af09aa198c34)

devel/electron39: Update to 39.3.0 Changelog: https://github.com/electron/electron/releases/tag/v39.3.0 Reported by: GitHub (watch releases)

security/himitsu: create new port Himitsu is a secure secret storage system for Unix-like systems. It provides an arbitrary key/value store (where values may be secret) and a query language for manipulating the key store. WWW: https://himitsustore.org PR: 292475

multimedia/ccextractor-gui: remove port The ccextractor GUI has been rewritten in flutter, which requires Dart. We do not support Dart, so that means no GUI for us for now.

multimedia/ccextractor: update to 0.96.5 - rust now mandatory - GUI rewritten in flutter, which we do not support unfortunately - hard subtitle extraction works now Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.5 Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.4 Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.3 Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.2 Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.1 Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96

multimedia/gpac: enable pic everywhere This fixes the build on arm64 for example. Approved by: portmgr (build fix blanket)

archivers/zip: apply Debian patches These patches fix some security and other issues: - ( 7) zipnote.c: Close in_file instead of undefined file x - ( 8) Use format specifier %s to print strings, not the string itself - (14) Fix buffer overflow when filename contains unicode characters - (15) Fix buffer overflow when using '-T -TT' - (16) Fix symlink update detection Obtained from: https://salsa.debian.org/sanvila/zip Reported by: diizzy Reviewed by: diizzy Security: CVE-2018-13410 MFH: 2026Q1

net-im/gurk-rs: fix build on armv7 Same fix as for shells/nushell. Approved by: portmgr (build fix blanket) MFH: 2026Q1

shells/nushell: fix build on armv7 PR: 286368 MFH: 2026Q1 Tested by: fuz Approved by: yuri (maintainer timeout)

net-mgmt/nagios-pf-plugin: broken on FreeBSD 15, deprecate This port requires the obsolete ioctl(DIOCGETSTATUS), which is no longer supported on FreeBSD 15. Upstream is dead, so deprecate. It also has some questionable warnings. See also: D41651 MFH: 2026Q1

security/snortsam: broken on FreeBSD 15, deprecate This port requires the obsolete ioctl(DIOCGETSTATUS), which is no longer supported on FreeBSD 15. Upstream is dead, so deprecate. It also has some questionable warnings. See also: D41651 MFH: 2026Q1

cad/abc: not for armv7 either Approved by: portmgr (build fix blanket) MFH: 2026Q1

editors/wordgrinder: broken on 15 too, deprecate This port can likely be saved as upstream is still alive and a newer version (0.8) exists. See also: https://cowlark.com/wordgrinder/ MFH: 2026Q1

graphics/sdl2_gpu: rename DOCS option to DOXYGEN This avoids having to OPTIONS_EXCLUDE the DOCS option. Suggested by: makc MFH: 2026Q1

science/afni: Update to 26.0.04

devel/py-pytest-html: update to 4.2.0 Changes: https://github.com/pytest-dev/pytest-html/releases/tag/4.2.0 Reported by: portscout, repology

sysutils/wmtop: Update 0.84 => 0.85 Changelog: https://repo.or.cz/dockapps.git/blob/refs/tags/wmtop-0.85:/wmtop/ChangeLog Upstream moved to https://www.dockapps.net/wmtop. PR: 292626 Co-authored-by: Vladimir Druzenko <vvd@FreeBSD.org>

mail/nextcloud-mail: Update to 5.6.8

www/nextcloud-contacts: Update to 8.3.0

www/nextcloud-groupfolders: Update to 20.1.8

biology/vsearch: Update to 2.30.4 Fix incorrect scores reported for some non-chimeric sequences during chimera detection. Changes: https://github.com/torognes/vsearch/releases Reported by: portscout

graphics/drm-515-kmod: re-add check for __FreeBSD_version < 1400081 Build breakages on FreeBSD 13 started to show up without any other changes to the sources. Turns out when the port was disabled for FreeBSD 16 and newer, the check for FreeBSD pre-1400081 was removed. Re-add that check to avoid constant build failure reports. Fixes: eef56dc01bd7 Reviewed by: manu, jrm Differential Revision: https://reviews.freebsd.org/D54813

multimedia/kodi: Update 21.3 => 22.0a2 for unbreak with ffmpeg 8 Changelogs: https://github.com/xbmc/xbmc/releases/tag/22.0a1-Piers https://github.com/xbmc/xbmc/releases/tag/22.0a2-Piers PR: 292609 MFH: 2026Q1

www/gitlab: security and patch update to 18.8.2 Changes: https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/ Security: 61dc7f67-f6e5-11f0-b051-2cf05da270f3

net-im/iamb: Update to 0.0.11

security/vuxml: document gitlab vulnerabilities

devel/glab: update to 1.81.0 Changes: https://gitlab.com/gitlab-org/cli/-/releases

sysutils/hcloud: Update to 1.60.0 Changelogs: https://github.com/hetznercloud/cli/releases/tag/v1.59.0 https://github.com/hetznercloud/cli/releases/tag/v1.60.0

dns/bind9-devel: update to 9.21.17 Changes: https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17 Security: CVE-2025-13878

dns/bind920: update to 9.20.18 Changes: https://downloads.isc.org/isc/bind9/9.20.18/doc/arm/html/notes.html#notes-for-bind-9-20-18 Security: CVE-2025-13878

dns/bind918: update to 9.18.44 Changes: https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44 Security: CVE-2025-13878