Log message:
puppet: Fix up SMF install on SunOS.

There's no way that this package is working correctly anywhere though, there
are many broken paths.  It needs quite a bit of love, and an update.

Log message:
sysutils/puppet: update to 7.13.1

Puppet 7.13.1 (2021-12-09)

Enhancements

ENC enforced environment bypass

Changed the priority of the --environment option by skipping the
classification whenever the flag is specified.  This allows the user to
bypass the ENC enforced environment with the CLI option.  PUP-7479

Resolved issues

Puppet::FileSystem.chmod does not validate its arguments
Puppet::FileSystem.chmod now validates its arguments like other
methods.  PUP-11345
Warning: #<Puppet::Transaction::Persistence after upgrading to Puppet agent
6.25.0

Fixes a regression introduced in 6.25.0 and 7.10.0 that caused a
Puppet::Transaction::Persistence warning during each agent run. PUP-11321

User resource tries to create rather than modify users created by a utility

This release moves the ssh_authorized_key resource's creation to the end of
the user type flow, after all user properties and parameters were resolved,
to avoid order dependency errors.  PUP-11320

Puppet code merger using incorrect command

Reduces memory usage when parsing manifests. PUP-11318

Failure when using the names "apply" and "plan" within an \ 
apply() block in a
plan

The names "apply" and "plan" can now be used as resource \ 
parameter names in
all cases.  Previously, using them within an apply() block in a plan would
fail.  PUP-11315

Puppet attempts to execute directories from /etc/init.d/

Prevents Puppet from considering directories from /etc/init.d/ as
services.  PUP-11313

Puppet creates excessive Pathname instances

Reduces the number of Pathname allocations when parsing Puppet manifests.
PUP-11312

Pathname.absolute? uses excessive memory

Backported Ruby patch to Pathname.absolute? to reduce memory usage.
PUP-11311

High memory consumption from lib/puppet/pops/parser/lexer2.rb

Reduced lexer2 memory usage.  PUP-11236

versioncmp() treats 11.0 as greater than 11

versioncmp() now strips redundant numbers.  PUP-11235

puppet lookup --facts {filename} fails if filename does not contain a dot

Before this release, puppet lookup --facts {filename} failed early when the
filename given did not contain a dot.  This fix removes the early extensions
check and adds a fallback instead: tries both formats (JSON then YAML) to
read the given facts file when its path doesn't end with any of the expected
extensions (yaml/yml/json).  Otherwise, it follows previous implementation
and respects the given extension.  PUP-11204

Facts provided in a file cannot be used for classification

Fixed a bug where facts provided in a file were not being merged with the
facts used for classification.  This is because Puppet collected and merged
the said facts after the classification happened.  To fix this, we ensured
that Puppet resolves the facts being used for classification before the node
request.  PUP-10435

Inconsistent handling of trusted facts in the lookup CLI

When using puppet lookup with --facts, if the facts file overrides any of
hostname, domain, fqdn, clientcert, then it must override all of them.
Also, if a value for certname is provided in a fact file for the lookup
application, use it when creating the trusted information object.  This
makes it possible to override trusted.certname for classification.  PUP-8220

Lookup ignores environment from the classifier when using a rule with
trusted facts

Fixed an issue where trusted facts could not be used as rules for
classification.  This was fixed by gathering the trusted facts from the
PuppetDB query result, and overriding the trusted facts context.  PUP-8094

Misleading results when using --node flag in puppet lookup

Fixed an issue where puppet lookup would result in misleading results when
using the --node flag.  This happened because there can be cases where the
target node does not have any facts cached.  To avoid this, the fix
implemented checks for the node facts/facts given in a fact file, and if it
doesn't find any it raises an error.  PUP-7362

Files starting with "~" in recursive directories are evaluated as usernames

Puppet can now manage files whose names start with tilde "~" characters.
PUP-5800

Failed to generate additional resources using 'eval_generate': Cannot manage
files of type socket

This release allows Puppet to retrieve attributes for fifo and socket files
and manage them when the given manifest has a file resource which is
recursing over a given path.  PUP-4045

Log message:
sysutils/puppet: update to 7.12.1

Fixes a few security problems.

* CVE-2021-27025 - Silent Configuration Failure
* CVE-2021-27023 - Unsafe HTTP Redirect.

Other changes are too many to write here, please refer
<https://puppet.com/docs/puppet/7/release_notes_puppet.html>.

Log message:
sysutils: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Log message:
sysutils: Remove SHA1 hashes for distfiles

Log message:
sysutils/puppet: update to 7.7.0

This release remove restriction to Ruby < 3.

Puppet 7.7.0

Released June 2021.

We would like to thank the following Puppet community members for their
contributions to this release: tobias-urdin and nmaludy.

Enhancements

* Puppet loads internal files using the require_relative method

  When loading internal files, Puppet now uses the require_relative method,
  eliminating thousands of file system calls.  This accounts for between 5
  to 15% of the total number of file system calls for different
  platforms.  PUP-11055

* Case sensitive parameter for the fqdn_rand() function

  The fqdn_rand() function now accepts an optional parameter to downcase the
  FQDN fact, so that the function's result is not case sensitive.  You must
  pass the parameter after the seed string, for example, fqdn_rand(100,
  'expensive job 1', true).  By default, the function remains
  case-sensitive.  PUP-10922

* File limit with the max_files parameter

  By default, the file and tidy resource types generate a warning on the
  Puppet Enterprise (PE) console and report when Puppet tries to manage more
  than 1000 files with the recurse parameter set to true.  The file and tidy
  resource types now support a new parameter — max_files — that enforces a
  hard limit.  If the number of recursive files is greater than the limit,
  the agent run fails.  You can set the max_files parameter to -1 to disable
  the warning.  PUP-10946

* Improved Ruby performance

  This release improves the performance of Ruby, resulting in the follow
  changes:
    - Puppet now loads and runs faster -- particularly on Windows.  PA-3732
    - New Ruby performance patches -- reducing 50-90% of file IO when
      loading Puppet and Facter.  PA-3732

* Support for macOS 11 and Red Hat 8 Power

  This release adds support for macOS 11 Big Sur (64-bit packages only) and
  Red Hat 8 on IBM Power.  PA-3529, PA-3612.

Resolved issues

* Ruby 3 freezes CHILD_STATUS and cannot be stubbed

  This release eliminates the usage of the $CHILD_STATUS global variable in
  the built-in service and package providers.  PUP-11048

* Ruby 3 removed URI.escape/unescape

  This release eliminates calls to URI.escape/unescape, which was deprecated
  in Ruby 2.x and removed in Ruby 3.  PUP-11046

* Agent failures with server_list

  Previously, when Puppet processed server_list and tried to find a
  functional server, it threw an error if it could not connect, causing the
  agent to fail.  This is now fixed.  PUP-10844

* Puppet does not specify SELinux filetype when getting the default context

  Previously, Puppet created files with the wrong default SELinux context,
  which was only corrected after a subsequent Puppet run.  This is now
  fixed.  Contributed by Puppet community member tobias-urdin. PUP-7559

* Unable to mask a static systemd service

  This release fixes an issue where the systemd provider did not mask static
  systemd services.  Contributed by Puppet community member nmaludy.
  PUP-11034

* Unable to update UserRightAssignment

  Previously, validating the logonaccount and logonpassword parameters for
  the service resource on Windows failed too early.  This release moves the
  parameters further down the catalog compilation order list to avoid early
  errors.  PUP-10999

* PUPPET_SERVER MSI install property does not work

  Previously, using PUPPET_SERVER as an MSI property did not set the server
  setting.  This is now fixed.  PA-3667

Log message:
sysutils/puppet: update to 7.6.1

Puppet 7.6.1
Released April 2021.

We would like to thank the following Puppet community members for their
contributions to this release: gcampbell12 and ananace.

Enhancements

Puppet module type scripts directory

This release adds a new subdirectory to the scripts/ module class.  It
automatically generates the functions in the class and retrieves the
available scripts.  This helps to standardize specific file loading from
either the files directory or scripts directory.  PUP-10996

Backport logic to detect migrated CA directory location

After migrating the CA directory, Puppet now reports the correct cadir
setting value. PUP-11004

Resolved issues

Race condition with agent_disabled_lockfile

This release fixes a race condition that caused the agent to become disabled
and no longer enforce desired state.  Contributed by Puppet community member
gcampbell12.  PUP-11000

User resource with forcelocal and groups attributes set fails if /etc/group \ 
contains empty lines

This release fixes an issue where Puppet failed when applying user resources
with forcelocal if there were empty lines in /etc/group.  PUP-10997

Unable to install gems with the puppet_gem provider on Windows

Previously, if you used Puppet as a library, environment.bat was not sourced
and led to an unset PUPPET_DIR.  As puppet_gem relied on this to build the
gem.bat path, it used a non-existing path, making this provider unsuitable.
This release updates the puppet_gem provider to use Gem.default_bindir,
which determines the location of the executables.  To avoid accidental usage
of the puppet_gem provider with system Ruby, we have also added a confine to
the aio_agent_version fact.  PUP-10964

Changing a Puppet setting in a catalog invalidates the environment cache in \ 
multithreaded mode

You can now change the value of Puppet's rich_data setting at runtime,
without it invalidating the environment cache.  PUP-10952

Puppet cannot parse systemd instances when list-unit-files output has an \ 
additional column

This release fixes an issue affecting the parsing of systemd service
instances caused by a change in the systemctl list-unit-files command
output.  PUP-10949

Cannot ensure dnfmodule with no default profile

Previously, using the dnfmodule provider to install a module with no default
profile -- without passing the enable_only parameter -- failed with newer
versions of DNF.  PUP-11024

Log message:
sysutils/puppet: update to 7.5.0

Puppet 7.5.0				Released 16 March 2021.

New features

* The puppet ssl show command

  The puppet ssl show command prints the full-text version of a host's
  certificate, including extensions. PUP-10888

* The ciphers setting

  The ciphers setting configures which TLS ciphersuites the agent
  supports. The default set of ciphersuites is the same, but you can now
  make the list of ciphersuites more restricted, for example, to only accept
  TLS v1.2 or greater ciphersuites. PUP-10889

* The GlobalSignRoot CA R3

  This release adds the GlobalSignRoot CA R3 certificate for
  rubygems.org. PA-3525

Resolved issues

* The splat operator in a virtual query is not supported

  This release fixes a regression in Puppet 7.x that prevented the splat
  operator from being used to override resource attributes in a resource
  collector. PUP-10951

* Windows package provider continues to read DisplayVersion key after it is \ 
embedded NULL

  Previously, Puppet would not stop reading the registry at the correct
  WCHAR_NULL because it was encoded to UTF-16LE, causing Puppet to read bad
  data and fail. This is now fixed. PUP-10943

* Listing environments during code deploys prevents environment cache invalidation

  Previously, catalog compilations for a newly created environment directory
  could fail if the environment was listed while the directory was being
  created. This issue only occurred when using an environment_timeout value
  greater than 0 and less than unlimited. This is now fixed. PUP-10942

* Syntax error in previously valid Puppet code due to removal of keywords

  The application, consumes, produces and site application orchestration
  keywords were previously removed from the reserved keywords list, causing
  syntax errors in Puppet code. This is now fixed. PUP-10929

* Retrieve SID for users under APPLICATION PACKAGE AUTHORITY

  A known issue with LookupAccountNameW caused Puppet to fail when managing
  Windows users under APPLICATION PACKAGE AUTHORITY with fully qualified
  names. This is now fixed and an account name sanitization step has been
  added to prevent faulty queries. PUP-10899

* Retrieving the current user with the fully-qualified username fails on
  Windows

  Previously, retrieving the current username SID on Windows caused Puppet
  to fail in certain scenarios, for example, when the user was a secondary
  domain controller. This release adds a fallback mechanism that uses the
  fully qualified domain name for lookup. PUP-10898

Log message:
sysutils/puppet: update to 7.4.1

Puppet 7.4.1
Released 16 February 2021.

* Resolved issues

* Puppet users with forcelocal are no longer idempotent

  This release fixes a regression where setting the gid parameter on a user
  resource with forcelocal was not idempotent. PUP-10896

Log message:
sysutils/puppet: update to 7.4.0

pkgsrc change: mark this package incompatible.

Puppet 7.4.0					Released 9 February 2021.

New features

--timing option in puppet facts show

  This release adds a --timing option in the puppet facts show
  command. This flag shows you how much time it takes to resolve each
  fact. PUP-10858

Resolved issues

User resource with forcelocal uses getent for groups

  The useradd provider now checks the forcelocal parameter and gets local
  information on the groups (from /etc/groups) and gid (from etc/passwd)
  of the user when requested. PUP-10857

Slow Puppet agent run after upgrade to version 6

  This release improves the performance of the apt package provider when
  removing packages by reducing the calls to apt-mark
  showmanual. PUP-10856

The apt provider does not work with local packages

  The apt package provider now allows you to install packages from a local
  file using source parameter. PUP-10854

The puppet facts show --value-only command displays a quoted value

  Previously, the puppet facts show --value-only <fact> command emitted
  the value as a JSON string, which included quotes around the value, such
  as {{"RedHat"}}. It now only emits the value. PUP-10861