Next | Query returned 25 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2024-07-11 21:59:08 by Taylor R Campbell | Files touched by this commit (4)
Log message:
devel/jq: Fix ctype(3) abuse.

https://github.com/jqlang/jq/issues/3151
https://github.com/jqlang/jq/pull/3152
   2023-12-14 09:08:03 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
jq: updated to 1.7.1

1.7.1

Security

CVE-2023-50246: Fix heap buffer overflow in jvp_literal_number_literal
CVE-2023-50268: fix stack-buffer-overflow if comparing nan with payload

CLI changes

Make the default background color more suitable for bright backgrounds.
Allow passing the inline jq script after --.
Restrict systems operations on OpenBSD and remove unused mkstemp.
Fix possible uninitialised value dereference if jq_init() fails.

Language changes

Simplify paths/0 and paths/1.
Reject U+001F in string literals.
Remove unused nref accumulator in block_bind_library.
Remove a bunch of unused variables, and useless assignments.
main.c: Remove unused EXIT_STATUS_EXACT option.
Actually use the number correctly casted from double to int as index.
src/builtin.c: remove unnecessary jv_copy-s in type_error/type_error2.
Remove undefined behavior caught by LLVM 10 UBSAN.
Convert decnum to binary64 (double) instead of decimal64. This makes jq behave \ 
like the JSON specification suggests and more similar to other languages.
Fix memory leaks on invalid input for ltrimstr/1 and rtrimstr/1.
Fix memory leak on failed get for setpath/2.
Fix nan from json parsing also for nans with payload that start with 'n'.
Allow carriage return characters in comments.

Documentation changes

Generate links in the man page.
Standardize arch types to AMD64 & ARM64 from index page download dropdown.
   2023-09-09 21:52:53 by Thomas Klausner | Files touched by this commit (10) | Package removed
Log message:
jq: update to 1.7.

# 1.7

Since the last stable release many things have happened:

- jq now lives at <https://github.com/jqlang>

Full commit log can be found at \ 
<https://github.com/jqlang/jq/compare/jq-1.6...jq-1.7> but here are some \ 
highlights:

## CLI changes

- Make object key color configurable using `JQ_COLORS` environment variable. \ 
@itchyny @haguenau @ericpruitt #2703

  ```sh
  # this would make "field" bold yellow (`1;33`, the last value)
  $ JQ_COLORS="0;90:0;37:0;37:0;37:0;32:1;37:1;37:1;33" ./jq -n \ 
'{field: 123}'
  {
    "field": 123
  }
  ```

- Change the default color of null to Bright Black. @itchyny #2824
- Respect `NO_COLOR` environment variable to disable color output. See \ 
<https://no-color.org> for details. @itchyny #2728
- Improved `--help` output. Now mentions all options and nicer order. @itchyny \ 
@wader #2747 #2766 #2799
- Fix multiple issues of exit code using `--exit-code`/`-e` option. @ryo1kato #1697

  ```sh
  # true-ish last output value exits with zero
  $ jq -ne true ; echo $?
  true
  0
  # false-ish last output value (false and null) exits with 1
  $ jq -ne false ; echo $?
  false
  1
  # no output value exists with 4
  $ jq -ne empty ; echo $?
  4
  ```

- Add `--binary`/`-b` on Windows for binary output. To get `\n` instead of \ 
`\r\n` line endings. @nicowilliams 0dab2b1
- Add `--raw-output0` for NUL (zero byte) separated output. @asottile @pabs3 \ 
@itchyny #1990 #2235 #2684

  ```sh
  # will output a zero byte after each output
  $ jq -n --raw-output0 '1,2,3' | xxd
  00000000: 3100 3200 3300                           1.2.3.
  # can be used with xargs -0
  $ jq -n --raw-output0 '"a","b","c"' | xargs -0 -n1
  a
  b
  c
  $ jq -n --raw-output0 '"a b c", "d\ne\nf"' | xargs -0 \ 
printf '[%s]\n'
  [a b c]
  [d
  e
  f]
  # can be used with read -d ''
  $ while IFS= read -r -d '' json; do
  >   jq '.name' <<< "$json"
  > done < <(jq -n --raw-output0 '{name:"a b \ 
c"},{name:"d\ne\nf"}')
  "a b c"
  "d\ne\nf"
  # also it's an error to output a string containing a NUL when using NUL separator
  $ jq -n --raw-output0 '"\u0000"'
  jq: error (at <unknown>): Cannot dump a string containing NUL with \ 
--raw-output0 option
  ```

- Fix assert crash and validate JSON for `--jsonarg`. @wader #2658
- Remove deprecated `--argfile` option. @itchyny #2768
- Enable stack protection. @nicowilliams #2801

## Language changes

- Use decimal number literals to preserve precision. Comparison operations \ 
respects precision but arithmetic operations might truncate. @leonid-s-usov \ 
#1752

  ```sh
  # precision is preserved
  $ echo '100000000000000000' | jq .
  100000000000000000
  # comparison respects precision (this is false in JavaScript)
  $ jq -n '100000000000000000 < 100000000000000001'
  true
  # sort/0 works
  $ jq -n -c '[100000000000000001, 100000000000000003, 100000000000000004, \ 
100000000000000002] | sort'
  [100000000000000001,100000000000000002,100000000000000003,100000000000000004]
  # arithmetic operations might truncate (same as JavaScript)
  $ jq -n '100000000000000000 + 10'
  100000000000000020
  ```

- Adds new builtin `pick(stream)` to emit a projection of the input object or \ 
array. @pkoppstein #2656 #2779

  ```sh
  $ jq -n '{"a": 1, "b": {"c": 2, "d": \ 
3}, "e": 4} | pick(.a, .b.c, .x)'
  {
    "a": 1,
    "b": {
      "c": 2
    },
    "x": null
  }
  ```

- Adds new builtin `debug(msgs)` that works like `debug` but applies a filter on \ 
the input before writing to stderr. @pkoppstein #2710

  ```sh
  $ jq -n '1 as $x | 2 | debug("Entering function foo with $x == \ 
\($x)", .) | (.+1)'
  ["DEBUG:","Entering function foo with $x == 1"]
  ["DEBUG:",2]
  3
  $ jq -n '{a: 1, b: 2, c: 3} | debug({a, b, sum: (.a+.b)})'
  ["DEBUG:",{"a":1,"b":2,"sum":3}]
  {
    "a": 1,
    "b": 2,
    "c": 3
  }
  ```

- Adds new builtin `scan($re; $flags)`. Was documented but not implemented. \ 
@itchyny #1961

  ```sh
  # look for pattern "ab" in "abAB" ignoring casing
  $ jq -n '"abAB" | scan("ab"; "i")'
  "ab"
  "AB"
  ```

- Adds new builtin `abs` to get absolute value. This potentially allows the \ 
literal value of numbers to be preserved as `length` and `fabs` convert to \ 
float. @pkoppstein #2767
- Allow `if` without `else`-branch. When skipped the `else`-branch will be `.` \ 
(identity). @chancez @wader #1825 #2481

  ```sh
  # convert 1 to "one" otherwise keep as is
  $ jq -n '1,2 | if . == 1 then "one" end'
  "one"
  2
  # behaves the same as
  $ jq -n '1,2 | if . == 1 then "one" else . end'
  "one"
  2
  # also works with elif
  $ jq -n '1,2,3 | if . == 1 then "one" elif . == 2 then \ 
"two" end
  "one"
  "two"
  3
  ```

- Allow use of `$binding` as key in object literals. @nicowilliams 8ea4a55

  ```sh
  $ jq -n '"a" as $key | {$key: 123}'
  {
    "a": 123
  }
  # previously parentheses were needed
  $ jq -n '"a" as $key | {($key): 123}'
  {
    "a": 123
  }
  ```

- Allow dot between chained indexes when using `.["index"]` \ 
@nicowilliams #1168

  ```sh
  $ jq -n '{"a": {"b": 123}} | .a["b"]'
  123
  # now this also works
  $ jq -n '{"a": {"b": 123}} | .a.["b"]'
  123
  ```

- Allow dot for chained value iterator `.[]`, `.[]?` @wader #2650

  ```sh
  $ jq -n '{"a": [123]} | .a[]'
  123
  # now this also works
  $ jq -n '{"a": [123]} | .a.[]'
  123
  ```

- Fix try/catch catches more than it should. @nicowilliams #2750
- Speed up and refactor some builtins, also remove `scalars_or_empty/0`. \ 
@muhmuhten #1845
- Now `halt` and `halt_error` exit immediately instead of continuing to the next \ 
input. @emanuele6 #2667
- Fix issue converting string to number after previous convert error. @thalman #2400
- Fix issue representing large numbers on some platforms causing invalid JSON \ 
output. @itchyny #2661
- Fix deletion using assigning empty against arrays. @itchyny #2133

  ```sh
  # now this works as expected, filter out all values over 2 by assigning empty
  $ jq -c '(.[] | select(. >= 2)) |= empty' <<< '[1,5,3,0,7]'
  [1,0]
  ```

- Allow keywords to be used as binding name in more places. @emanuele6 #2681
- Allow using `nan` as NaN in JSON. @emanuele6 #2712
- Expose a module's function names in `modulemeta`. @mrwilson #2837
- Fix `contains/1` to handle strings with NUL. @nicowilliams 61cd6db
- Fix `stderr/0` to output raw text without any decoration. @itchyny #2751
- Fix `nth/2` to emit empty on index out of range. @itchyny #2674
- Fix `implode` to not assert and instead replace invalid unicode codepoints. \ 
@wader #2646
- Fix `indices/1` and `rindex/1` in case of overlapping matches in strings. \ 
@emanuele6 #2718
- Fix `sub/3` to resolve issues involving global search-and-replace (gsub) \ 
operations. @pkoppstein #2641
- Fix `significand/0`, `gamma/0` and `drem/2` to be available on macOS. @itchyny \ 
#2756 #2775
- Fix empty regular expression matches. @itchyny #2677
- Fix overflow exception of the modulo operator. @itchyny #2629
- Fix string multiplication by 0 (and less than 1) to emit empty string. \ 
@itchyny #2142
- Fix segfault when using libjq and threads. @thalman #2546
- Fix constant folding of division and reminder with zero divisor. @itchyny #2797
- Fix `error/0`, `error/1` to throw null error. @emanuele6 #2823
- Simpler and faster `transpose`. @pkoppstein #2758
- Simple and efficient implementation of `walk/1`. @pkoppstein #2795
- Remove deprecated filters `leaf_paths`, `recurse_down`. @itchyny #2666
   2022-04-23 23:05:18 by Tobias Nygren | Files touched by this commit (2)
Log message:
jq: distfile changed on master site (autoconf files added)

but keep autoconf as a dependency since we have patch-configure.ac
   2021-10-26 12:20:11 by Nia Alarie | Files touched by this commit (3016)
Log message:
archivers: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Could not be committed due to merge conflict:
devel/py-traitlets/distinfo

The following distfiles were unfetchable (note: some may be only fetched
conditionally):

./devel/pvs/distinfo pvs-3.2-solaris.tgz
./devel/eclipse/distinfo eclipse-sourceBuild-srcIncluded-3.0.1.zip
   2021-10-07 15:44:44 by Nia Alarie | Files touched by this commit (3017)
Log message:
devel: Remove SHA1 hashes for distfiles
   2018-11-03 13:51:54 by Leonardo Taccari | Files touched by this commit (2)
Log message:
jq: Clarify a bit the comment of patch-Makefile.am
   2018-11-03 13:47:16 by Leonardo Taccari | Files touched by this commit (11)
Log message:
jq: Update devel/jq to 1.6

pkgsrc changes:
 - Use GITHUB_RELEASE instead of GITHUB_TAG because the former does not need
   auto* tools (despite we need auto* tools for patches/, hopefully one day they
   will be applied!)
 - Remove no longer needed SUBST_*, `git describe' is no longer used
 - Remove patch-src_jv__parse.c and patch-src_jv__print.c, they are
   present in 1.6
 - Rename and readjust patch-Makefile.in to patch-Makefile.am
   (pre-configure target rewrote it due `autoreconf')

Changes:
1.6
---
New in this release since 1.5:
- Destructuring Alternation
- New Builtins:
   * builtins/0
   * stderr/0
   * halt/0, halt_error/1
   * isempty/1
   * walk/1
   * utf8bytelength/1
   * localtime/0, strflocaltime/1
   * SQL-style builtins
   * and more!
- Add support for ASAN and UBSAN
- Make it easier to use jq with shebangs (8f6f28c)
- Add $ENV builtin variable to access environment
- Add JQ_COLORS env var for configuring the output colors

Bug fixes:
- Calling jq without a program argument now always assumes . for the program,
  regardless of stdin/stdout. (5fe0536)
- Make sorting stable regardless of qsort. (7835a72)
- Adds a local oniguruma submodule and the
  `./configure --with-oniguruma=builtin' option to make it easier to build
  with oniguruma support on systems where you can't install system-level
  libraries. (c6374b6 and 02bad4b)
- And much more!
   2018-08-19 20:08:06 by Leonardo Taccari | Files touched by this commit (7)
Log message:
jq: Avoid SIGSEGVs when using date builtins

Apply patch written by <soda> and shared with upstream as part of
<https://github.com/stedolan/jq/pull/1458> in order to fix crashes of jq when
using date builtin functions.

Also add a SUBST class intended to avoid invoking git as part of pre-configure
phase when invoking autoreconf.

While here take the MAINTAINERship and reformat a bit the Makefile
(NFCI).

Thanks a lot to <soda>, Takehiko NOZAKI and <nonaka> for investigating
the issue, writing the patches, sharing them with upstream and as
part of PR pkg/52460!

Bump PKGREVISION
   2018-05-30 18:03:48 by Brian Ginsbach | Files touched by this commit (3)
Log message:
CVE-2016-4074 denial-of-service (via upstream)

Fix present in jq-1.6rc1 (https://github.com/stedolan/jq/commit/83e2cf6).
The fix prevents 'infinite' recursion preventing stack exhaustion.

Next | Query returned 25 messages, browsing 1 to 10 | Previous