19:10 Dave Cottlehuber (dch)  Author: Sébastien Santoro

security/vault-medusa: New Port: Medusa: export secrets from Vault or OpenBao

PR:		281865

    5c5745b

14:58 Gleb Popov (arrowd) 

security/radamsa: Ressurect the port and update to 0.7

    c4c689f

00:24 Jesús Daniel Colmenares Oviedo (dtxdf) 

security/opkssh: New port: Tool which enables SSH to be used with OpenID Connect

opkssh is a tool which enables ssh to be used with OpenID Connect
allowing SSH access to be managed via identities like alice@example.com
instead of long-lived SSH keys. It does not replace SSH, but instead
generates SSH public keys containing PK Tokens and configures sshd
to verify them. These PK Tokens contain standard OpenID Connect ID
Tokens. This protocol builds on the OpenPubkey which adds user
public keys to OpenID Connect without breaking compatibility with
existing OpenID Provider.

    db1d18b

16:39 Matthias Fechner (mfechner) 

security/gitlab-analyzers-secrets: added gitlab secret detection scanner

    61889173

20:42 Po-Chuan Hsieh (sunpoet) 

security/py-pyopenssl: Move security/py-openssl to security/py-pyopenssl

- Update WWW
- Convert to USE_PYTHON=pep517
- Clean up Makefile
- Bump PORTREVISION for package change
- Bump PORTREVISION of dependent ports for dependency change

    aafe9a2

11:11 Rene Ladan (rene) 

security/rhonabwy: Remove expired port

2025-10-31 security/rhonabwy: Upstream repository has been archived on Nov 11,
2024

    a99ac36

03:17 Hiroki Tagato (tagattie)  Author: Tomohiro Hosaka

security/p5-Crypt-URandom-Token: New port: Generate secure strings for
passwords, secrets and similar

This module provides a secure way to generate a random token
for passwords and similar using Crypt::URandom
as the source of random bits.

WWW: https://metacpan.org/dist/Crypt-URandom-Token

PR:		290569
Reported by:	Tomohiro Hosaka <bokutin@bokut.in> (new maintainer)

    ea8f2a1

07:17 Matthias Fechner (mfechner) 

www/gitlab: fix regression from 5028178941fc081cd43354ea03ceda365a12f73d

this fixes a depedency conflict with rubygem-logger which was added into
package security/rubygem-omniauth which conflicts with rubygem-logger-gitlab

    5c25978

07:36 Hiroki Tagato (tagattie) 

security/py-google-cloud-kms: Add port: Python client for Google Cloud Key
Management Service

Google Cloud Key Management Service: a cloud-hosted key management
service that lets you manage cryptographic keys for your cloud
services the same way you do on-premises. You can generate, use,
rotate, and destroy AES256, RSA 2048, RSA 3072, RSA 4096, EC P256, and
EC P384 cryptographic keys. Cloud KMS is integrated with Cloud IAM and
Cloud Audit Logging so that you can manage permissions on individual
keys and monitor how these are used. Use Cloud KMS to protect secrets
and other sensitive data that you need to store in Google Cloud
Platform.

WWW: https://pypi.org/project/google-cloud-kms/

    5fc04210

18:59 Rene Ladan (rene) 

security/iddawc: Remove expired port

2025-10-13 security/iddawc: Upstream repo archived on Nov 11, 2024

    353c809

08:19 Yuri Victorovich (yuri) 

security/py-cart: New port: CaRT Neutering format

    bc5a904

08:25 Yuri Victorovich (yuri) 

security/py-guardpost: New port: Framework to handle authentication and
authorization

    e30addd

09:27 Yuri Victorovich (yuri) 

security/py-certipy: New port: Utility to create and sign CAs and certificates

    afc80b1

12:03 Matthias Andree (mandree) 

security/openssl32: Remove expired port

2025-09-30 security/openssl32: Please use security/openssl35 (LTS)

There are no users of this port any more.

    b520c46

12:01 Matthias Andree (mandree) 

security/openssl32: Revert "Remove expired port"

This reverts commit 38010f8c963447fe75bb7965f62e61e8f0e37c87.

I am removing the patch because it contains unapproved changes to Mk/
while the approval for the following is pending:
PR:		289938

    f261c43

11:54 Matthias Andree (mandree) 

security/botan2: Remove expired port

2025-03-31 security/botan2: End of life 2024-12-31 upstream, consider migrating
to security/botan3

With keepass286 moved to botan3 and softhsm2 using OpenSSL by default,
we can strip softhsm2's botan2 non-default option and remove botan2 from
the tree.

    d697305

09:58 Matthias Andree (mandree) 

security/openssl32: Remove expired port

2025-09-30 security/openssl32: Please use security/openssl35 (LTS)

At the same time, update Mk/ infrastructure to remove traces of
openssl31 (forgotten at the time when we removed it) and openssl32,
and fill in openssl34 openssl35 openssl36 instead.

    38010f8

09:11 Robert Clausecker (fuz) 

security/p5-openxpki-clca: hook into the build

I keep forgetting to do that with 3rd party patches.

Reported by:	antoine
Event:		EuroBSDcon 2025

    bc7a576

07:57 Bernhard Froehlich (decke)  Author: Yusuf Yaman

security/py-python-nmap: Add new port

PR:		289288
Event:		EuroBSDCon 2025

    bb7385d

10:32 Danilo Egea Gondolfo (danilo) 

security/interactsh: New port, interactsh 1.2.4

Interactsh is a tool designed to detect vulnerabilities that cause external
interactions.

https://github.com/projectdiscovery/interactsh

    e394840

23:03 Po-Chuan Hsieh (sunpoet) 

security/py-signxml: Add py-signxml 4.2.0

SignXML is an implementation of the W3C XML Signature standard in Python. This
standard (also known as "XMLDSig") is used to provide payload security in SAML
2.0, XAdES, EBICS, and WS-Security, among other uses. The standard is defined in
the W3C Recommendation XML Signature Syntax and Processing Version 1.1. SignXML
implements all of the required components of the Version 1.1 standard, and most
recommended ones. Its features are:
- Use of a libxml2-based XML parser configured to defend against common XML
  attacks when verifying signatures
- Extensions to allow signing with and verifying X.509 certificate chains,
  including hostname/CN validation
- Extensions to sign and verify XAdES signatures
- Support for exclusive XML canonicalization with inclusive prefixes
  (InclusiveNamespaces PrefixList, required to verify signatures generated by
  some SAML implementations)
- Modern Python compatibility (3.9-3.13+ and PyPy)
- Well-supported, portable, reliable dependencies: lxml and cryptography
- Comprehensive testing (including the XMLDSig interoperability suite) and
  continuous integration
- Simple interface with useful, ergonomic, and secure defaults (no network
  calls, XSLT or XPath transforms)
- Compactness, readability, and extensibility

    8dd2e56

17:14 Rene Ladan (rene) 

Revert: "security/yubioath-desktop: Remove expired port"

This reverts commit c33d916020276f1442482674cb93575201975256.

security/py-yubikey-manager no longer depends on security/libu2f-host
since commit 0708111995957ebffe65a018c997be9b7d3d681c

    95a0392

17:14 Rene Ladan (rene) 

Revert: "security/yubikey-manager-qt: Remove expired port"

This reverts commit 5aaae75d74b38beb1391200f9b29d00904b240df.

security/py-yubikey-manager no longer depends on security/libu2f-host
since commit 0708111995957ebffe65a018c997be9b7d3d681c

Reported by:	Jan Henrik Sylvester <me@janh.de>

    34df2ab

19:28 Bernard Spil (brnrd) 

security/openssl36: Add new OpenSSL 3.6 ALPHA

* Not for production use

    7f24a4a

20:05 Rene Ladan (rene) 

security/libu2f-host: Remove expired port

2025-05-31 security/libu2f-host: This project is deprecated and is no longer
being maintained. libfido2 is a new project with support for U2F and FIDO2. Use
security/libfido2 instead

    bfd293b

20:04 Rene Ladan (rene) 

security/p5-Data-Entropy: Remove expired port

2025-05-31 security/p5-Data-Entropy: The maintainer of this distribution has
indicated that it is deprecated and no longer suitable for use

    64d859a

20:02 Rene Ladan (rene) 

security/p5-Dancer2-Plugin-Passphrase: Remove expired port

2025-09-01 security/p5-Dancer2-Plugin-Passphrase: Depends on expired
security/p5-Data-Entropy

    7e9af6c

20:00 Rene Ladan (rene) 

security/p5-Dancer-Plugin-Passphrase: Remove expired port

2025-09-01 security/p5-Dancer-Plugin-Passphrase: Depends on expired
security/p5-Data-Entropy

    6cc33a2

19:42 Rene Ladan (rene) 

security/yubioath-desktop: Remove expired port

2025-09-01 security/yubioath-desktop: Depends on expired security/libu2f-host
via security/py-yubikey-manager

    c33d916

19:39 Rene Ladan (rene) 

security/yubikey-manager-qt: Remove expired port

2025-09-01 security/yubikey-manager-qt: Depends on expired security/libu2f-host
via security/py-yubikey-manager

    5aaae75

19:38 Rene Ladan (rene) 

security/py-onlykey: Remove expired port

2025-09-01 security/py-onlykey: Depends on expired security/libu2f-host

    9d82fb6

19:38 Rene Ladan (rene) 

security/p5-Dancer-Plugin-Auth-Extensible-Provider-Usergroup: Remove expired
port

2025-09-01 security/p5-Dancer-Plugin-Auth-Extensible-Provider-Usergroup: Depends
on expired security/p5-Data-Entropy via security/p5-Dancer-Plugin-Passphrase

    77eed15

19:36 Rene Ladan (rene) 

security/p5-Dancer2-Plugin-Auth-Extensible-Provider-Usergroup: Remove expired
port

2025-09-01 security/p5-Dancer2-Plugin-Auth-Extensible-Provider-Usergroup:
Depends on expired security/p5-Data-Entropy via
security/p5-Dancer2-Plugin-Passphrase

    a71b1a6

19:13 Vladimir Druzenko (vvd)  Author: Thibault Payet

security/py-nitrokey: New port: Python SDK for Nitrokey devices

The Nitrokey Python SDK can be used to use and configure Nitrokey devices.

The SDK supports these devices and features:
 * Nitrokey 3
   - device and bootloader management (nitrokey.nk3)
   - admin app (nitrokey.trussed.admin_app)
   - provisioner app (nitrokey.trussed.provisioner_app)
   - secrets app (nitrokey.nk3.secrets_app)
 * Nitrokey Passkey
   - device and bootloader management (nitrokey.nkpk)
   - admin app (nitrokey.trussed.admin_app)
   - provisioner app (nitrokey.trussed.provisioner_app)

https://github.com/Nitrokey/nitrokey-sdk-py/
https://pypi.org/project/nitrokey/

PR:	288823

    65de4bf

07:32 Cy Schubert (cy) 

security/krb5-122: Add new port

MIT KRB5 1.22 was just released. Import it into ports. It now becomes
the default KRB5.

    a7490b1

12:05 Rene Ladan (rene) 

security/openssl31: Remove expired port

2025-03-14 security/openssl31

    ae35d18

12:02 Rene Ladan (rene) 

security/openssl31-quictls: Remove expired port

2025-03-14 security/openssl31-quictls: End-of-Life, please switch to
security/quictls or OpenSSL 3.5

    7bc0e01

15:51 Daniel Engberg (diizzy) 

security/openiked-portable: Sunset port

Moved to security/openiked

PR:		287724

    9678923

03:12 Santhosh Raju (fox) 

security/pdfrip: New port: Multi-threaded PDF password cracking utility in Rust

A multi-threaded PDF password cracking utility equipped with
commonly encountered password format builders and dictionary
attacks.

WWW: https://github.com/mufeedvh/pdfrip

    9f33965

20:33 Cy Schubert (cy) 

security/keepassxc276: Repocopy from security/keepassxc

Keepassxc > 2.7.6 removed support for Yubikey and other dongles.
Repocopy security/keepassxc to keepassxc276 in order to facilitate
updating keepassxc while allowing users to continue to use keepassxc 2.7.6
with Yubikey, using the opportunity to look for alternatives.

Suggested by:	madpilot
PR:		279879
Approved by:	lwhsu (MAINTAINER)

    56c07fb

14:53 Muhammad Moinur Rahman (bofh)  Author: Tuukka Pasanen

security/py-distro2sbom: New port

The DISTRO2SBOM generates a SBOM (Software Bill of Materials) for either an
installed application or a complete system installation in a number of
formats including SPDX and CycloneDX.

WWW: https://github.com/anthonyharrison/distro2sbom
PR:		286645
Sponsored by:	The FreeBSD Foundation

    7842c7b

14:53 Muhammad Moinur Rahman (bofh)  Author: Tuukka Pasanen

security/py-lib4sbom: New port

Lib4SBOM is a library to parse and generate Software Bill of Materials
(SBOMs).  It supports SBOMs created in both SPDX and CycloneDX formats.

WWW: https://github.com/anthonyharrison/lib4sbom
PR:		286644
Sponsored by:	The FreeBSD Foundation

    b5444da

06:38 Jimmy Olgeni (olgeni) 

security/pwdsafety: New port

Command-line tool that checks password strength through entropy calculation
and provides safety scoring without storing any password information.

    52e263c

09:58 Jimmy Olgeni (olgeni) 

security/ssl-checker: Add new port

ssl-checker is a fast and beautiful command-line tool designed to check SSL
certificates for HTTPS endpoints.

    67d7cfe

20:11 Bernard Spil (brnrd) 

security/openssl33-quictls: New port

Upstream archived their openssl repo and switched to
a quictls repo.

    2d1ee56

16:29 Muhammad Moinur Rahman (bofh) 

*/*php85*: Sunrise

Please DO NOT use this version in production, it is an early test
version.

For upgrade notes please visit:
https://github.com/php/php-src/blob/php-8.5.0alpha1/UPGRADING

Changelog: https://github.com/php/php-src/blob/php-8.5.0alpha1/NEWS

    c0b9892

11:21 Rene Ladan (rene) 

security/libsectok: Remove expired port

2025-06-30 security/libsectok: Last upstream release in 2003 and no longer
maintained

    b00a410

11:21 Rene Ladan (rene) 

security/sectok: Remove expired port

2025-06-30 security/sectok: Last upstream release in 2003 and no longer
maintained

    de1ffc2

11:03 Rene Ladan (rene) 

security/libcryptui: Remove expired port

2025-06-30 security/libcryptui: abandoned project

    d1ad7be

11:45 Po-Chuan Hsieh (sunpoet) 

security/py-pyhanko-cli: Add py-pyhanko-cli 0.1.2

The lack of open-source CLI tooling to handle digitally signing and stamping PDF
files was bothering me, so I went ahead and rolled my own.

    d88d4f5

16:59 Lexi Winter (ivy) 

net-mgmt, security: add missing SUBDIRs

net-mgmt/prometheus-bird-exporter and security/lfacme were missing
SUBDIR entries in their categories.

Reported by: Antoine Brodin <antoine@freebsd.org>
Reviewed by:	arrowd, kevans
Approved by:	arrowd (ports), kevans (mentor)
Differential Revision:	https://reviews.freebsd.org/D50976

    8da1245

13:09 Jason E. Hale (jhale) 

security/gpgme: Update to 2.0.0

Upstream has split most of the bindings out into separate projects with
this release, so the child ports that were previously providing various
bindings are now autonomous and have new origins. The python bindings
should have been called py-gpg for many years now, since 'gpg' is the
actual module name, so this also corrects that issue.

security/gpgme-cpp -> security/gpgmepp
security/gpgme-qt -> security/qgpgme
security/py-gpgme -> security/py-gpg

gpgmepp and qgpgme have been converted to CMake. py-gpg is now a "fun"
autotools and FreeBSD ports system hybrid. Gpgme, itself, still uses
autotools, but with much less parenting (patching) to do for its
emancipated children.

Adjust several ports to fix API incompatibility with upstream patches
and with some of my own. Adjust all consumers to use the new port
origins of the former child ports.

https://dev.gnupg.org/T7673

    217815b

19:33 Chris Rees (crees) 

security/certmonger: New port

Certmonger is primarily concerned with getting you or your system
enrolled with a certificate authority (CA) and keeping you enrolled.

To do this, the certmonger daemon runs in the background, taking guidance from
client tools (via a D-Bus API, a command-line tool is provided which uses it).

The daemon:

    can generate key pairs if you don't already have one
    can use a key pair to generate a certificate signing request
    can submit the signing request to a CA
    can wait for the CA to decide whether or not to issue the certificate
    can store an issued certificate in a specified location
    can monitor the certificate to see if it's about to expire
    can warn you or simply log that a certificate is about to expire
    can attempt to get a new certificate when a certificate is about to expire

The goal is to have certmonger do what you need it to do based on what you've
told it you need.  If you already have a certificate, it will be happy to just
check on it periodically and warn you when it's about to expire. If you tell it
where the private key is, and where the CA is, it can go ahead and try to
re-enroll if you like.

Keys and certificates can be stored and read in any of these formats:

    PEM-formatted files
    NSS database (dbm or sql)

    9dedd05

12:40 Philippe Audeoud (jadawin) 

security/py-nvdlib: Add new port

A simple NIST NVD API wrapper library

Sponsored by:	OVHCloud

    dd25524

15:24 Charlie Li (vishwin) 

security/sequoia-chameleon-gnupg: hook to build

Reported by: antoine

    68f345f

20:16 Jesús Daniel Colmenares Oviedo (dtxdf) 

security/tscli: New port: CLI tool to interact with the Tailscale API

tscli is a fast, single-binary CLI for the Tailscale HTTP API. From
your terminal you can manage devices, users, auth keys, webhooks,
posture integrations, tailnet-wide settings, and even hit raw
endpoints when the SDK hasn’t caught up yet.

PR:		286845
Approved by:	acm (mentor)

    2767edb

18:58 Rene Ladan (rene) 

security/py-oauth2client: Remove expired port

2025-03-31 security/py-oauth2client: Deprecated by upstream. Use
security/py-google-auth or security/py-oauthlib instead. See
https://google-auth.readthedocs.io/en/latest/oauth2client-deprecation.html for
details

    0c8fb0a

18:32 Cy Schubert (cy) 

security/racoon2: Remove expired port

2025-05-31 security/racoon2: Requested removal by PR/286981

PR:	286981

    e30c04f

18:21 Rene Ladan (rene) 

security/mbedtls2: Remove expired port

2024-12-31 security/mbedtls2: Upstream support ends at the end of 2024

    6175f8d

12:38 Muhammad Moinur Rahman (bofh) 

security/kanidm: New port

Kanidm is a simple and secure identity provider and client for UNIX systems

WWW:	https://kanidm.com

    2e06d59

14:30 Nuno Teixeira (eduardo)  Author: Einar Bjarni Halldórsson

security/govulncheck: New port: Database client and tools for the Go
vulnerability database

Govulncheck reports known vulnerabilities that affect Go code.
It uses static analysis of source code or a binary's symbol table
to narrow down reports to only those that could affect the
application.

- Submitter becomes maintainer

WWW:		https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
PR:		285627

    2a9f119

07:40 Gleb Popov (arrowd)  Author: Andrea Cocito

security/tpm2-openssl: TPM2 provider for OpenSSL3+

Makes the TPM 2.0 accessible via the standard OpenSSL API and
command-line tools, so one can add TPM support to (almost) any
OpenSSL 3.x based application.

PR		286218
Pull Request:	https://github.com/freebsd/freebsd-ports/pull/393
Co-authored-by: Gleb Popov <arrowd@FreeBSD.org>

    a8a6f68

15:52 Juraj Lutter (otis) 

security/openvpn-auth-oauth2: Add new port

openvpn-auth-oauth2 handles the single sign-on (SSO) authentication
for OpenVPN servers. Authentication can be performed against
various identity providers, among others also Microsoft Entra ID,
GitHub, Okta, Google, Keycloak and other OIDC-compliant providers.

Docs are at https://github.com/jkroepke/openvpn-auth-oauth2

    aa25ca5

13:35 Matthias Fechner (mfechner) 

security/rubygem-devise-two-factor41-rails70: renamed to
security/rubygem-devise-two-factor-rails-gitlab

    3eabb60

13:35 Matthias Fechner (mfechner) 

www/gitlab: new ports required for 18.0.0

    2ee2123

10:22 Kurt Jaeger (pi)  Author: Hakan Sarıman

security/netbird: New Port: wireguard based VPN client

NetBird is an open-source WireGuard-based overlay network combined with
Zero Trust Network Access, providing secure and reliable connectivity
to internal resources.

Key features:
- Zero-config VPN: Easily create secure connections between devices without
  manual network setup.
- Built on WireGuard: Leverages WireGuard's high-performance encryption for
  fast and secure communication.
- Self-hosted or Cloud-managed: Users can deploy their own NetBird management
  server or use NetBird Cloud for centralized control.
- Access Control & Routing: Fine-grained access control policies and automatic
  network routing simplify connectivity.
- This FreeBSD port provides the NetBird client daemon and CLI tools,
  allowing FreeBSD systems to join a NetBird mesh network and securely
  communicate with other peers.

For more details, visit: https://netbird.io

PR:		284877

    e3ce763

06:34 Mathieu Arnold (mat) 

security/p5-Crypt-SysRandom: add, Perl interface to system randomness

    0705238

07:33 Dima Panov (fluffy) 

security/linux-rl9-libxcrypt: integrate into linux_base-rl9

PR:	283925

    5907666

18:44 Muhammad Moinur Rahman (bofh) 

security/rekor: New port

Software Supply Chain Transparency Log

Rekor's goals are to provide an immutable tamper resistant ledger of
metadata generated within a software projects supply chain. Rekor will
enable software maintainers and build systems to record signed metadata
to an immutable record.  Other parties can then query said metadata to
enable them to make informed decisions on trust and non-repudiation of
an object's lifecycle.

The Rekor project provides a restful API based server for validation and
a transparency log for storage. A CLI application is available to make
and verify entries, query the transparency log for inclusion proof,
integrity verification of the transparency log or retrieval of entries
by either public key or artifact.

Rekor fulfils the signature transparency role of sigstore's software
signing infrastructure. However, Rekor can be run on its own and is
designed to be extensible to working with different manifest schemas and
PKI tooling.

WWW: https://www.sigstore.dev/

    fd18edc

18:44 Muhammad Moinur Rahman (bofh) 

security/timestamp-authority: New port

Service for issuing RFC 3161 timestamps

Trusted timestamping is a process that has been around for some time. It
provides a timestamp record of when a document was created or modified.

A timestamp authority creates signed timestamps using public key
infrastructure. The operator of the timestamp authority must secure the
signing key material to prevent unauthorized timestamp signing.

A timestamp authority should also verify its own clock. We provide a
configuration to periodically check the current time against well-known
NTP sources.

WWW: https://sigstore.dev/

    0194e90

18:44 Muhammad Moinur Rahman (bofh) 

security/certificate_maker: New port

Certificate creation utility for Fulcio

WWW: https://www.sigstore.dev/

    a00c27a

18:44 Muhammad Moinur Rahman (bofh) 

security/trillian: New port

General transparency

Trillian is an implementation of the concepts described in the
Verifiable Data Structures white paper, which in turn is an extension
and generalisation of the ideas which underpin Certificate Transparency.

Trillian implements a Merkle tree whose contents are served from a data
storage layer, to allow scalability to extremely large trees. On top of
this Merkle tree, Trillian provides the following:

- An append-only Log mode, analogous to the original Certificate
  Transparency logs. In this mode, the Merkle tree is effectively filled
  up from the left, giving a dense Merkle tree.

Note that Trillian requires particular applications to provide their own
personalities on top of the core transparent data store functionality.

WWW: https://github.com/google/trillian

    dc13e88

18:44 Muhammad Moinur Rahman (bofh) 

security/go-tuf: New port

Framework for Securing Software

The Update Framework (TUF) is a framework for secure content delivery
and updates. It protects against various types of supply chain attacks
and provides resilience to compromise.

The Update Framework (TUF) design helps developers maintain the security
of a software update system, even against attackers that compromise the
repository or signing keys. TUF provides a flexible specification
defining functionality that developers can use in any software update
system or re-implement to fit their needs.

WWW: https://theupdateframework.io

    1786296

18:44 Muhammad Moinur Rahman (bofh) 

security/cosign: New port

Signing OCI containers and other artifacts using Sigstore

Cosign aims to make signatures invisible infrastructure.

Cosign supports:
- "Keyless signing" with the Sigstore public good Fulcio certificate
   authority and Rekor transparency log (default)
- Hardware and KMS signing
- Signing with a cosign generated encrypted private/public keypair
- Container Signing, Verification and Storage in an OCI registry.
- Bring-your-own PKI

WWW: https://github.com/sigstore/cosign

    e4a9ef0

11:39 Rene Ladan (rene) 

security/libuecc: Remove expired port

2025-04-30 security/libuecc: Deprecated, only user was some never properly
ported FreiFunk control plane software

    8a6d713

11:38 Rene Ladan (rene) 

security/i2p: Remove expired port

2025-04-30 security/i2p: Outdated and unsupported upstream

    dc0edf8

22:27 Serhii (Sergey) Kozlov (skozlov) 

security/sshesame: add to category Makefile

Forgot to add in the previous commit

    bfdf7360

18:53 Rene Ladan (rene) 

security/weggli: Remove expired port

2025-04-27 security/weggli: Upstream inactive as last release was in 2022

    4c3fbf2

23:57 Yuri Victorovich (yuri) 

security/solana: Move to security/agave; Update 2.2.10 → 2.2.10

Solana repository was archived, Agave is a maintained fork.

PR:		285935

    189ac1b

05:36 Po-Chuan Hsieh (sunpoet) 

*/Makefile: Sort SUBDIRs

    beec893

05:13 Gabriel M. Dutra (dutra) 

security/naabu: Add new port

Port scanner written in go with a focus on reliability and simplicity

    0aa3c45

12:29 Mikael Urankar (mikael) 

security/node-sqlcipher: Add new port

A fast N-API-based Node.js addon wrapping sqlcipher and Signal-specific FTS5
segmenting APIs.

    7d77bc3

17:41 Po-Chuan Hsieh (sunpoet) 

security/py-python-jose: Add py-python-jose 3.4.0

python-jose provides a JOSE implementation in Python.

The JavaScript Object Signing and Encryption (JOSE) technologies - JSON Web
Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web
Algorithms (JWA) - collectively can be used to encrypt and/or sign content using
a variety of algorithms. While the full set of permutations is extremely large,
and might be daunting to some, it is expected that most applications will only
use a small set of algorithms to meet their needs.

    53a685a

17:41 Po-Chuan Hsieh (sunpoet) 

security/py-cryptojwt: Add py-cryptojwt 1.9.4

cryptojwt provides an implementation of the JSON cryptographic specs JWS, JWE,
JWK, and JWA [RFC 7515-7518] and JSON Web Token (JWT) [RFC 7519].

    d852875

00:20 Koichiro Iwao (meta) 

security/sudo-rs: hook build

PR:		285861

    7b7dcc2

19:19 Rene Ladan (rene) 

security/rubygem-pundit61: Remove expired port

2025-04-03 security/rubygem-pundit61: Uses EOL version 6.1.X of Rails

    e789158

15:59 Rene Ladan (rene) 

security/heimdal-devel: Remove expired port

2025-03-31 security/heimdal-devel: Upstream commits are incompatible

    2a1ea69

14:41 Rene Ladan (rene) 

security/py-python-jose: Remove expired port

2025-03-31 security/py-python-jose: Depends on expired devel/py-pytest-runner

    656b934

14:40 Rene Ladan (rene) 

security/caldera4: Remove expired port

2025-03-31 security/caldera4: Upgrade to a newer caldera version. 4.2.0 is
vulnerable to remote code execution

    3b634f8

19:12 Bernard Spil (brnrd) 

security/openssl35: Add new OpenSSL version with PQC

* This is ALPHA level software, for testing only
* Adds Post-Quantum Crypto algorithms

    a6e928d

08:07 Baptiste Daroussin (bapt) 

gnome: remove some unused gnomesharp components

    24fa864

07:47 Koichiro Iwao (meta)  Author: Yusuf Yaman

security/gauth: New port: Google Authenticator in your terminal

gauth is a command-line utility that replaces Google Authenticator, providing a
convenient way to generate two-factor authentication codes from your terminal.
It stores secrets locally, supports encryption, and offers features like
displaying progress bars, adding/removing keys, and compatibility with
various services like AWS, Github, and more. This tool is ideal for
users who prefer managing their 2FA on their computers rather than
relying solely on their smartphones.

WWW:	https://github.com/pcarrier/gauth \
	https://pkg.go.dev/github.com/pcarrier/gauth

PR:	284929

    c53a7a6

06:26 Matthias Fechner (mfechner) 

www/gitlab: new ports required for 17.9

    7a518af

09:37 Antoine Brodin (antoine) 

security/libfcrypto: new port

Library for encryption formats

    c5423e4

03:37 Eugene Grosbein (eugen) 

security/ipsec-tools: re-add the port

I use the software and will maintain the port.

Our port has no known security issues, it has patches obtained
from NetBSD CVS Repository. Change WWW to point to that repo.
Still, download same distfile from the SourceForge.
Add TIMESTAMP to distinfo.

    63e90eb

21:44 Rene Ladan (rene) 

security/ipsec-tools: Remove expired port

2025-01-31 security/ipsec-tools: Deprecated by upstream in 2014, contains
security issues

    e5996ba

17:02 Gleb Popov (arrowd)  Author: Tobias C. Berner

KDE: It goes to 6!

This megacommit merges all the work from
https://github.com/freebsd/freebsd-ports-kde/tree/kde-it_goes_to_6
Specifically:
- KDE Plasma 6 ports updated to 6.2.5
- KDE Applications ports updated to 24.12.0
- Development ports of KDE Applications removed
- A lot of various ports switched to Qt 6 by default
- Some KDE Frameworks 5 and Plasma 5 ports are adapted to be coinstallable
  with their 6 counterparts

PR:		284351
Exp-run by:	antoine
Pull Request:	https://github.com/freebsd/freebsd-ports/pull/341

Co-authored-by:	Max Brazhnikov <makc@FreeBSD.org>
Co-authored-by:	Kenneth Raplee <kenrap@kennethraplee.com>
Co-authored-by:	Jason E. Hale <jhale@FreeBSD.org>
Co-authored-by:	Gleb Popov <arrowd@FreeBSD.org>

    b44569f

05:14 Jose Alonso Cardenas Marquez (acm) 

security/py-zaproxy: New port: ZAP api client

The Python implementation to access the ZAP API. For more information about ZAP
consult the (main) ZAP project.

    bf12715

13:21 Ruslan Makhmatkhanov (rm) 

zope: Remove leaf zope ports that have no sense in absence of zope itself

    c46f669

16:31 Tijl Coosemans (tijl) 

security/mbedtls: Move to security/mbedtls2

The port has expired but isn't removed yet because there are still too
many consumers.  Rename it because the name "security/mbedtls" makes it
look like it's the default version.

PR:		283792

    5e762dc